Auth: Nur noch Magic Link, Code-Verifizierung entfernt

- /api/auth/verify-code Endpoint entfernt - generate_magic_code() und VerifyCodeRequest entfernt - VerifyCodeLimiter (Brute-Force-Schutz) entfernt (nicht mehr noetig) - E-Mail-Template: Nur noch Anmelde-Link, kein 6-stelliger Code - Login-Seite: Zeigt nach E-Mail-Eingabe Hinweis statt Code-Feld - Magic Link Token-Verifikation via URL bleibt bestehen
2026-03-25 00:01:19 +01:00
Commit 8f1a45c1a9
--- a/src/static/index.html
+++ b/src/static/index.html
@@ -35,20 +35,20 @@
                <button type="submit" class="btn btn-primary btn-full" id="email-btn">Anmelden</button>
            </form>

-            <!-- Schritt 2: Code eingeben -->
-            <form id="code-form" style="display:none;">
-                <p style="color: var(--text-secondary); margin: 0 0 16px 0; font-size: 14px;">
-                    Ein 6-stelliger Code wurde an <strong id="sent-email"></strong> gesendet.
-                </p>
-                <div class="form-group">
-                    <label for="code">Code eingeben</label>
-                    <input type="text" id="code" name="code" autocomplete="one-time-code" required aria-required="true"
-                           placeholder="000000" maxlength="6" pattern="[0-9]{6}"
-                           style="text-align:center; font-size:24px; letter-spacing:8px; font-family:monospace;">
+            <!-- Schritt 2: Link gesendet -->
+            <div id="link-sent" style="display:none;">
+                <div style="text-align:center; padding: 20px 0;">
+                    <div style="font-size: 40px; margin-bottom: 16px;">&#9993;</div>
+                    <p style="color: var(--text-secondary); margin: 0 0 8px 0; font-size: 14px;">
+                        Ein Anmelde-Link wurde an
+                    </p>
+                    <p style="color: var(--accent); font-weight: 600; font-size: 16px; margin: 0 0 16px 0;" id="sent-email"></p>
+                    <p style="color: var(--text-secondary); margin: 0 0 24px 0; font-size: 14px;">
+                        gesendet. Bitte prüfen Sie Ihr Postfach und klicken Sie auf den Link.
+                    </p>
                </div>
-                <button type="submit" class="btn btn-primary btn-full" id="code-btn">Verifizieren</button>
-                <button type="button" class="btn btn-secondary btn-full" id="back-btn" style="margin-top:8px;">Zurück</button>
-            </form>
+                <button type="button" class="btn btn-secondary btn-full" id="back-btn">Andere E-Mail verwenden</button>
+            </div>

            <div style="text-align:center;margin-top:16px;">
                <button class="btn btn-secondary btn-small theme-toggle-btn" id="theme-toggle" onclick="ThemeManager.toggle()" title="Theme wechseln" aria-label="Theme wechseln">&#9788;</button>
@@ -148,11 +148,10 @@
                    throw new Error(data.detail || 'Anfrage fehlgeschlagen');
                }

-                // Zu Code-Eingabe wechseln
+                // Link-gesendet-Hinweis anzeigen
                document.getElementById('email-form').style.display = 'none';
-                document.getElementById('code-form').style.display = 'block';
+                document.getElementById('link-sent').style.display = 'block';
                document.getElementById('sent-email').textContent = currentEmail;
-                document.getElementById('code').focus();

            } catch (err) {
                errorEl.textContent = err.message;
@@ -163,49 +162,11 @@
            }
        });

-        // Schritt 2: Code verifizieren
-        document.getElementById('code-form').addEventListener('submit', async (e) => {
-            e.preventDefault();
-            const errorEl = document.getElementById('login-error');
-            const btn = document.getElementById('code-btn');
-            errorEl.style.display = 'none';
-            btn.disabled = true;
-            btn.textContent = 'Wird geprüft...';
-
-            try {
-                const response = await fetch('/api/auth/verify-code', {
-                    method: 'POST',
-                    headers: { 'Content-Type': 'application/json' },
-                    body: JSON.stringify({
-                        email: currentEmail,
-                        code: document.getElementById('code').value.trim(),
-                    }),
-                });
-
-                if (!response.ok) {
-                    const data = await response.json();
-                    throw new Error(data.detail || 'Verifizierung fehlgeschlagen');
-                }
-
-                const data = await response.json();
-                localStorage.setItem('osint_token', data.access_token);
-                localStorage.setItem('osint_username', data.username);
-                window.location.href = '/dashboard';
-            } catch (err) {
-                errorEl.textContent = err.message;
-                errorEl.style.display = 'block';
-            } finally {
-                btn.disabled = false;
-                btn.textContent = 'Verifizieren';
-            }
-        });
-
        // Zurück-Button
        document.getElementById('back-btn').addEventListener('click', () => {
-            document.getElementById('code-form').style.display = 'none';
+            document.getElementById('link-sent').style.display = 'none';
            document.getElementById('email-form').style.display = 'block';
            document.getElementById('login-error').style.display = 'none';
-            document.getElementById('code').value = '';
        });
    </script>
 </body>