kovakmedya/lab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: kovakmedya/lab:3de06add716bad7000b57f41e70dda699505db71
Branches Tags
kovakmedya/lab:main
..
compare: kovakmedya/lab:68f82d79c2fbf5385a4747883fc87101ff665ed7
Branches Tags
kovakmedya/lab:main

3 Commits
3de06add71 .. 68f82d79c2

Author SHA1 Message Date
kovakmedya 68f82d79c2 feat(kvkk): workspace data export + permanent delete 
KVKK 'veri taşınabilirliği' ve 'unutulma hakkı' için iki uçtan yeni
akış: dışa aktar ve kalıcı sil. İkisi de /settings/workspace altındaki
yeni 'Tehlikeli Bölge' kartına eklendi, sadece owner görür.

Export — GET /api/account/export
  - requireTenant guard.
  - Sırayla tenant-owned tablolar (settings, profiles, connections,
    patients, clinic_pricing, jobs, job_files, history, prosthetics,
    finance_entries, payments, notifications, audit_logs) gezilir.
    Çift sahipli tablolar (jobs, connections, payments, clinic_pricing,
    job_files, history) için iki kez sorgu atılıp $id ile dedupe edilir.
  - { exportedAt, tenantId, tenantKind, requestedBy, data } JSON olarak
    Content-Disposition: attachment ile döner. ~ek dep yok.

Delete — deleteWorkspaceAction (owner-only, server action)
  - Onay: kullanıcının companyName'i birebir yazması gerekir.
  - 1) Storage: tenant logosu + arşivlenmemiş job_files objelerini sil.
  - 2) DB: hard-delete tüm tenant verisi — notifications, audit_logs,
    payments, finance_entries, history, job_files, jobs, clinic_pricing,
    prosthetics, patients, connections, profiles, tenant_settings.
    Her tablo için Query.equal + sayfa sayfa 500'er silme.
  - 3) teams.delete(tenantId) — son aşama, takım yok artık.
  - 4) active-tenant cookie temizle; session bırak (kullanıcı başka
    workspace'e geçebilir veya çıkış yapabilir).
  - redirect('/onboarding').

UI — DangerZone (client)
  - 'JSON indir' butonu: /api/account/export'a fetch, blob download.
  - 'Sil' Dialog: çalışma alanı adı confirm input ile gated; eşit
    olana kadar 'Kalıcı olarak sil' disabled.
 2026-05-22 16:28:30 +03:00
kovakmedya 3e15d9f937 feat(security): two-factor authentication (TOTP) 
Hesap güvenliği için authenticator app (Google Authenticator, 1Password,
Authy etc.) based TOTP. SMS yok — sadece app-based per user request.

Enroll flow (/settings/security)
  - startMfaEnrollAction → account.createMFAAuthenticator('totp'),
    returns otpauth URI + plain secret as backup.
  - MfaPanel client island: starts the flow, shows the QR (rendered via
    api.qrserver.com for zero deps) plus the secret as text. Picks the
    6-digit code → verifyMfaEnrollAction calls
    updateMFAAuthenticator(totp, otp) + updateMFA(true) +
    createMFARecoveryCodes(). The recovery codes are surfaced once on
    success with a 'save these now' warning.
  - disableMfaAction + regenerateRecoveryCodesAction give the same
    panel a disable + 'yeni yedek kodlar' option once MFA is active.
  - settings-nav now has 'Güvenlik' between 'Görünüm' and 'Hesap
    Aktivitesi'.

Sign-in flow
  - signInAction:
      1. createEmailPasswordSession (sets cookie as before)
      2. users.get(userId).mfa? If yes:
         a. otp empty → return { mfaRequired: true, error }
         b. otp present → createMfaChallenge({factor: totp}) +
            updateMfaChallenge(challengeId, otp). Failure tears the
            partial session down and bounces back with mfaRequired.
  - AuthState gained an mfaRequired field. The login form watches it
    and reveals an autofocused 6-digit OTP input on the next render.
    User types the code, submits the form again, the same action
    finishes the challenge and redirects.

Existing accounts without MFA are unaffected — they never hit the
challenge branch.
 2026-05-22 16:25:26 +03:00
kovakmedya 424a323952 feat(settings): user-visible audit log + nav across settings sections 
audit_logs was a write-only firehose: every action wrote to it but
nothing ever read it. Surfaced the last 200 entries on a new
/settings/activity page so workspace admins can audit who did what.

  - lib/appwrite/audit-queries.ts: listAuditLogs(tenantId, limit=100)
    scoped to the caller's tenantId via Query.equal — multi-tenant
    safety preserved.
  - /settings/activity/page.tsx: server-rendered table — time, user,
    action badge (create/update/delete), entity label (TR), changes
    summary. Resolves userIds → displayName via a single bulk lookup
    against TABLES.profiles. Falls back to a truncated id when a
    profile isn't found so the row still reads.

Settings now has a horizontal tab nav too — there were six pages under
/settings with no cross-links between them. Added:
  - settings/layout.tsx wraps every settings page with the new nav.
  - settings/components/settings-nav.tsx (client): pathname-active
    state, scrolls horizontally on mobile. Items: Çalışma Alanı,
    Profilim, Üyeler, Bildirimler, Görünüm, Hesap Aktivitesi.
 2026-05-22 16:18:45 +03:00
14 changed files with 1090 additions and 1 deletions
Expand all files Collapse all files
src/app/(auth)/sign-in/components/login-form-1.tsx
+18
View File
@@ -88,6 +88,24 @@ export function LoginForm1({
/> />
</div> </div>
{state.mfaRequired && (
<div className="grid gap-2">
<Label htmlFor="otp">Authenticator kodu</Label>
<Input
id="otp"
name="otp"
inputMode="numeric"
pattern="[0-9]*"
maxLength={6}
autoComplete="one-time-code"
autoFocus
placeholder="000000"
className="font-mono text-lg tracking-widest"
required
/>
</div>
)}
{state.error && ( {state.error && (
<p className="text-destructive text-sm text-center" role="alert"> <p className="text-destructive text-sm text-center" role="alert">
{state.error} {state.error}
src/app/(dashboard)/settings/activity/page.tsx
+149
View File
@@ -0,0 +1,149 @@
import { redirect } from "next/navigation";
import { Query } from "node-appwrite";
import { Badge } from "@/components/ui/badge";
import { Card, CardContent, CardDescription, CardHeader, CardTitle } from "@/components/ui/card";
import {
Table,
TableBody,
TableCell,
TableHead,
TableHeader,
TableRow,
} from "@/components/ui/table";
import { listAuditLogs } from "@/lib/appwrite/audit-queries";
import { DATABASE_ID, TABLES, type Profile } from "@/lib/appwrite/schema";
import { createAdminClient } from "@/lib/appwrite/server";
import { requireTenant } from "@/lib/appwrite/tenant-guard";
export const metadata = {
title: "DLS — Hesap Aktivitesi",
};
const dateFormatter = new Intl.DateTimeFormat("tr-TR", {
day: "2-digit",
month: "2-digit",
year: "numeric",
hour: "2-digit",
minute: "2-digit",
});
const ENTITY_LABELS: Record<string, string> = {
job: "İş",
patient: "Hasta",
prosthetic: "Ürün",
payment: "Ödeme",
clinic_pricing: "Klinik Fiyat",
job_file: "Dosya",
connection: "Bağlantı",
invite: "Davet",
tenant_settings: "Çalışma Alanı",
profile: "Profil",
};
const ACTION_VARIANTS = {
create: { label: "Eklendi", variant: "default" as const },
update: { label: "Güncellendi", variant: "secondary" as const },
delete: { label: "Silindi", variant: "destructive" as const },
};
export default async function ActivityPage() {
let ctx;
try {
ctx = await requireTenant();
} catch {
redirect("/onboarding");
}
const logs = await listAuditLogs(ctx.tenantId, 200);
// Resolve userId → display name in one go so the rows read naturally.
const userIds = Array.from(new Set(logs.map((l) => l.userId)));
const userMap = new Map<string, string>();
if (userIds.length > 0) {
try {
const { tablesDB } = createAdminClient();
const profiles = await tablesDB.listRows({
databaseId: DATABASE_ID,
tableId: TABLES.profiles,
queries: [Query.equal("userId", userIds), Query.limit(200)],
});
for (const p of profiles.rows as unknown as Profile[]) {
if (p.displayName) userMap.set(p.userId, p.displayName);
}
} catch {
// best-effort; rows just show the raw id
}
}
return (
<div className="flex-1 space-y-6 px-6">
<div className="flex flex-col gap-1">
<h1 className="text-2xl font-bold tracking-tight">Hesap Aktivitesi</h1>
<p className="text-muted-foreground text-sm">
Çalışma alanınızda yapılan tüm değişikliklerin kaydı. Son 200 işlem.
</p>
</div>
<Card>
<CardHeader>
<CardTitle>İşlem Kaydı</CardTitle>
<CardDescription>
Otomatik tutulur, silinemez. Şüpheli bir aktivite görürseniz hesabınızı
güvenli olmayan bir cihazdan çıkarmayı düşünün.
</CardDescription>
</CardHeader>
<CardContent>
{logs.length === 0 ? (
<p className="text-muted-foreground py-6 text-center text-sm">
Henüz kayıtlı aktivite yok.
</p>
) : (
<Table>
<TableHeader>
<TableRow>
<TableHead>Zaman</TableHead>
<TableHead>Kullanıcı</TableHead>
<TableHead>İşlem</TableHead>
<TableHead>Nesne</TableHead>
<TableHead>Detay</TableHead>
</TableRow>
</TableHeader>
<TableBody>
{logs.map((l) => {
const v = ACTION_VARIANTS[l.action] ?? {
label: l.action,
variant: "outline" as const,
};
return (
<TableRow key={l.$id}>
<TableCell className="text-muted-foreground text-xs tabular-nums">
{dateFormatter.format(new Date(l.$createdAt))}
</TableCell>
<TableCell className="text-sm">
{userMap.get(l.userId) ?? (
<span className="text-muted-foreground font-mono text-xs">
{l.userId.slice(0, 8)}
</span>
)}
</TableCell>
<TableCell>
<Badge variant={v.variant}>{v.label}</Badge>
</TableCell>
<TableCell className="text-sm">
{ENTITY_LABELS[l.entityType] ?? l.entityType}
</TableCell>
<TableCell className="text-muted-foreground max-w-[360px] truncate text-xs">
{l.changes ? l.changes : <span></span>}
</TableCell>
</TableRow>
);
})}
</TableBody>
</Table>
)}
</CardContent>
</Card>
</div>
);
}
src/app/(dashboard)/settings/components/settings-nav.tsx
+44
View File
@@ -0,0 +1,44 @@
"use client";
import Link from "next/link";
import { usePathname } from "next/navigation";
import { cn } from "@/lib/utils";
const ITEMS: { href: string; label: string }[] = [
{ href: "/settings/workspace", label: "Çalışma Alanı" },
{ href: "/settings/account", label: "Profilim" },
{ href: "/settings/members", label: "Üyeler" },
{ href: "/settings/notifications", label: "Bildirimler" },
{ href: "/settings/appearance", label: "Görünüm" },
{ href: "/settings/security", label: "Güvenlik" },
{ href: "/settings/activity", label: "Hesap Aktivitesi" },
];
export function SettingsNav() {
const pathname = usePathname();
return (
<nav className="overflow-x-auto">
<ul className="border-border flex min-w-max gap-1 border-b">
{ITEMS.map((item) => {
const active = pathname === item.href;
return (
<li key={item.href}>
<Link
href={item.href}
className={cn(
"inline-block border-b-2 px-3 py-2 text-sm transition-colors",
active
? "border-primary text-foreground font-medium"
: "text-muted-foreground hover:text-foreground border-transparent",
)}
>
{item.label}
</Link>
</li>
);
})}
</ul>
</nav>
);
}
src/app/(dashboard)/settings/layout.tsx
+16
View File
@@ -0,0 +1,16 @@
import { SettingsNav } from "./components/settings-nav";
export default function SettingsLayout({
children,
}: {
children: React.ReactNode;
}) {
return (
<div className="flex-1 space-y-6">
<div className="px-6">
<SettingsNav />
</div>
{children}
</div>
);
}
src/app/(dashboard)/settings/security/components/mfa-panel.tsx
+209
View File
@@ -0,0 +1,209 @@
"use client";
import { useActionState, useEffect, useState, useTransition } from "react";
import { useRouter } from "next/navigation";
import { Check, KeyRound, Loader2, ShieldCheck, ShieldOff } from "lucide-react";
import { toast } from "sonner";
import { Badge } from "@/components/ui/badge";
import { Button } from "@/components/ui/button";
import { Input } from "@/components/ui/input";
import { Label } from "@/components/ui/label";
import {
disableMfaAction,
initialMfaActionState,
regenerateRecoveryCodesAction,
startMfaEnrollAction,
verifyMfaEnrollAction,
} from "@/lib/appwrite/mfa-actions";
type EnrollStage =
| { kind: "idle" }
| { kind: "loading" }
| { kind: "verify"; uri: string; secret: string }
| { kind: "done"; recoveryCodes: string[] };
export function MfaPanel({ initiallyEnabled }: { initiallyEnabled: boolean }) {
const router = useRouter();
const [enabled, setEnabled] = useState(initiallyEnabled);
const [stage, setStage] = useState<EnrollStage>({ kind: "idle" });
const [verifyState, verifyAction, verifying] = useActionState(
verifyMfaEnrollAction,
initialMfaActionState,
);
const [busy, startTransition] = useTransition();
useEffect(() => {
if (verifyState.ok && verifyState.recoveryCodes) {
setEnabled(true);
setStage({ kind: "done", recoveryCodes: verifyState.recoveryCodes });
toast.success("2FA etkinleştirildi.");
router.refresh();
} else if (verifyState.error) {
toast.error(verifyState.error);
}
}, [verifyState, router]);
function beginEnroll() {
setStage({ kind: "loading" });
startTransition(async () => {
const res = await startMfaEnrollAction();
if (res.ok && res.uri && res.secret) {
setStage({ kind: "verify", uri: res.uri, secret: res.secret });
} else {
toast.error(res.error ?? "Başlatılamadı.");
setStage({ kind: "idle" });
}
});
}
function onDisable() {
if (
!window.confirm(
"2FA devre dışı bırakılsın mı? Hesabınız sadece şifre ile korunacak.",
)
)
return;
startTransition(async () => {
const res = await disableMfaAction();
if (res.ok) {
setEnabled(false);
setStage({ kind: "idle" });
toast.success("2FA devre dışı bırakıldı.");
router.refresh();
} else {
toast.error(res.error ?? "Devre dışı bırakılamadı.");
}
});
}
function onRegenerateCodes() {
startTransition(async () => {
const res = await regenerateRecoveryCodesAction();
if (res.ok && res.recoveryCodes) {
setStage({ kind: "done", recoveryCodes: res.recoveryCodes });
toast.success("Yeni yedek kodlar oluşturuldu — eskileri geçersiz.");
} else {
toast.error(res.error ?? "Üretilemedi.");
}
});
}
if (enabled && stage.kind !== "done") {
return (
<div className="grid gap-3">
<div className="flex items-center gap-2">
<Badge className="bg-emerald-600 text-white">
<ShieldCheck className="size-3.5" />
Aktif
</Badge>
<span className="text-muted-foreground text-sm">
Authenticator uygulaması ile giriş yapıyorsunuz.
</span>
</div>
<div className="flex flex-wrap gap-2">
<Button variant="outline" onClick={onRegenerateCodes} disabled={busy}>
<KeyRound className="size-4" />
Yedek kodları yenile
</Button>
<Button variant="destructive" onClick={onDisable} disabled={busy}>
{busy ? <Loader2 className="size-4 animate-spin" /> : <ShieldOff className="size-4" />}
Devre dışı bırak
</Button>
</div>
</div>
);
}
if (stage.kind === "done") {
return (
<div className="grid gap-3">
<div className="bg-emerald-50 dark:bg-emerald-950 rounded-md border border-emerald-200 dark:border-emerald-900 p-4">
<p className="flex items-center gap-2 font-medium text-emerald-700 dark:text-emerald-300">
<Check className="size-4" />
Yedek kodlarınız
</p>
<p className="text-muted-foreground mt-1 text-xs">
Telefonunuza erişiminizi kaybederseniz bu kodlardan biriyle giriş
yapabilirsiniz. Her kod tek seferlik. <strong>Şimdi güvenli bir yere kaydedin</strong>
bu sayfadan çıktığınızda tekrar gösterilmez.
</p>
<pre className="bg-background mt-3 grid grid-cols-2 gap-2 rounded-md border p-3 text-sm font-mono">
{stage.recoveryCodes.map((c) => (
<span key={c}>{c}</span>
))}
</pre>
</div>
<Button variant="outline" onClick={() => setStage({ kind: "idle" })}>
Tamamladım
</Button>
</div>
);
}
if (stage.kind === "verify") {
const otpauthQrUrl = `https://api.qrserver.com/v1/create-qr-code/?size=200x200&data=${encodeURIComponent(stage.uri)}`;
return (
<form action={verifyAction} className="grid gap-4">
<div className="grid gap-4 sm:grid-cols-[200px_1fr] sm:items-start">
{/* eslint-disable-next-line @next/next/no-img-element */}
<img
src={otpauthQrUrl}
alt="QR kodu"
className="size-[200px] rounded-md border bg-white p-2"
width={200}
height={200}
/>
<div className="grid gap-2 text-sm">
<p>Authenticator uygulamanızı açın, QR kodu tarayın.</p>
<p className="text-muted-foreground text-xs">
Tarayamıyorsanız bu kodu manuel girin:
</p>
<code className="bg-muted rounded-md p-2 font-mono text-xs">{stage.secret}</code>
</div>
</div>
<div className="grid gap-2">
<Label htmlFor="otp">Uygulamadaki 6 haneli kod</Label>
<Input
id="otp"
name="otp"
inputMode="numeric"
pattern="[0-9]*"
maxLength={6}
placeholder="000000"
required
autoComplete="one-time-code"
className="font-mono text-lg tracking-widest"
/>
{verifyState.error && (
<p className="text-destructive text-xs">{verifyState.error}</p>
)}
</div>
<div className="flex gap-2">
<Button type="button" variant="outline" onClick={() => setStage({ kind: "idle" })}>
Vazgeç
</Button>
<Button type="submit" disabled={verifying}>
{verifying ? <Loader2 className="size-4 animate-spin" /> : <Check className="size-4" />}
Doğrula ve etkinleştir
</Button>
</div>
</form>
);
}
return (
<div className="grid gap-3">
<div className="flex items-center gap-2">
<Badge variant="outline">Pasif</Badge>
<span className="text-muted-foreground text-sm">
Hesabınız yalnızca şifre ile korunuyor.
</span>
</div>
<Button onClick={beginEnroll} disabled={busy || stage.kind === "loading"}>
{(busy || stage.kind === "loading") ? <Loader2 className="size-4 animate-spin" /> : <ShieldCheck className="size-4" />}
İki adımlı doğrulamayı
</Button>
</div>
);
}
src/app/(dashboard)/settings/security/page.tsx
+56
View File
@@ -0,0 +1,56 @@
import { redirect } from "next/navigation";
import { Card, CardContent, CardDescription, CardHeader, CardTitle } from "@/components/ui/card";
import { createSessionClient } from "@/lib/appwrite/server";
import { requireTenant } from "@/lib/appwrite/tenant-guard";
import { MfaPanel } from "./components/mfa-panel";
export const metadata = {
title: "DLS — Güvenlik",
};
export default async function SecurityPage() {
let ctx;
try {
ctx = await requireTenant();
} catch {
redirect("/onboarding");
}
// Look up the user's current MFA status straight from the session
// client so the panel knows whether to offer enroll or disable.
let mfaEnabled = false;
try {
const { account } = await createSessionClient();
const user = await account.get();
mfaEnabled = Boolean(user.mfa);
} catch {
// ignore — panel will treat as not enabled
}
return (
<div className="flex-1 space-y-6 px-6">
<div className="flex flex-col gap-1">
<p className="text-muted-foreground text-sm">{ctx.settings?.companyName ?? "Çalışma alanı"}</p>
<h1 className="text-2xl font-bold tracking-tight">Güvenlik</h1>
<p className="text-muted-foreground text-sm">
Hesap erişiminizi koruyan ayarlar. İki adımlı doğrulamayı açtığınızda
giriş yaparken authenticator uygulamanızdaki 6 haneli kod istenir.
</p>
</div>
<Card>
<CardHeader>
<CardTitle>İki Adımlı Doğrulama</CardTitle>
<CardDescription>
Authenticator uygulaması (Google Authenticator, 1Password, Authy, vs.)
ile TOTP. SMS desteklenmiyor.
</CardDescription>
</CardHeader>
<CardContent>
<MfaPanel initiallyEnabled={mfaEnabled} />
</CardContent>
</Card>
</div>
);
}
src/app/(dashboard)/settings/workspace/components/danger-zone.tsx
+141
View File
@@ -0,0 +1,141 @@
"use client";
import { useActionState, useEffect, useState, useTransition } from "react";
import { AlertTriangle, Download, Loader2, Trash2 } from "lucide-react";
import { toast } from "sonner";
import { Button } from "@/components/ui/button";
import { Card, CardContent, CardDescription, CardHeader, CardTitle } from "@/components/ui/card";
import {
Dialog,
DialogClose,
DialogContent,
DialogDescription,
DialogFooter,
DialogHeader,
DialogTitle,
} from "@/components/ui/dialog";
import { Input } from "@/components/ui/input";
import { Label } from "@/components/ui/label";
import {
deleteWorkspaceAction,
initialDeleteWorkspaceState,
} from "@/lib/appwrite/account-delete-actions";
export function DangerZone({ companyName }: { companyName: string }) {
const [downloadBusy, startDownload] = useTransition();
const [open, setOpen] = useState(false);
const [confirm, setConfirm] = useState("");
const [state, action, pending] = useActionState(
deleteWorkspaceAction,
initialDeleteWorkspaceState,
);
useEffect(() => {
if (state.error) toast.error(state.error);
}, [state]);
function downloadExport() {
startDownload(async () => {
try {
const res = await fetch("/api/account/export");
if (!res.ok) throw new Error(`HTTP ${res.status}`);
const blob = await res.blob();
const url = URL.createObjectURL(blob);
const a = document.createElement("a");
a.href = url;
a.download = `dls-export-${Date.now()}.json`;
document.body.appendChild(a);
a.click();
a.remove();
URL.revokeObjectURL(url);
toast.success("Veri dışa aktarıldı.");
} catch (e) {
toast.error(e instanceof Error ? e.message : "İndirilemedi.");
}
});
}
return (
<Card className="border-destructive/40">
<CardHeader>
<CardTitle className="flex items-center gap-2 text-base">
<AlertTriangle className="text-destructive size-4" />
Tehlikeli Bölge
</CardTitle>
<CardDescription>
Verinizi dışa aktarın veya çalışma alanını kalıcı olarak silin.
</CardDescription>
</CardHeader>
<CardContent className="grid gap-3">
<div className="flex flex-wrap items-center justify-between gap-3 rounded-md border p-3">
<div className="min-w-0">
<p className="font-medium">Verilerimi indir</p>
<p className="text-muted-foreground text-xs">
Çalışma alanınızdaki tüm veriler (hastalar, işler, ödemeler, geçmiş)
JSON formatında dışa aktarılır. Silmeden önce yedek almanız önerilir.
</p>
</div>
<Button variant="outline" onClick={downloadExport} disabled={downloadBusy}>
{downloadBusy ? <Loader2 className="size-4 animate-spin" /> : <Download className="size-4" />}
JSON indir
</Button>
</div>
<div className="border-destructive/40 flex flex-wrap items-center justify-between gap-3 rounded-md border p-3">
<div className="min-w-0">
<p className="font-medium">Çalışma alanını sil</p>
<p className="text-muted-foreground text-xs">
Tüm hastalar, işler, ödemeler, dosyalar ve geçmiş kalıcı olarak silinir.
Bu işlem geri alınamaz.
</p>
</div>
<Dialog open={open} onOpenChange={setOpen}>
<Button variant="destructive" onClick={() => setOpen(true)}>
<Trash2 className="size-4" />
Sil
</Button>
<DialogContent>
<DialogHeader>
<DialogTitle>Çalışma alanını kalıcı sil</DialogTitle>
<DialogDescription>
Onaylamak için aşağıya <strong>{companyName}</strong> yazın. Bu
işlem hastalar, işler, ödemeler, dosyalar ve tüm geçmişi içerir
ve geri alınamaz.
</DialogDescription>
</DialogHeader>
<form action={action} className="grid gap-3">
<div className="grid gap-2">
<Label htmlFor="confirm">Çalışma alanı adı</Label>
<Input
id="confirm"
name="confirm"
autoComplete="off"
value={confirm}
onChange={(e) => setConfirm(e.target.value)}
placeholder={companyName}
/>
</div>
<DialogFooter>
<DialogClose asChild>
<Button type="button" variant="outline">
Vazgeç
</Button>
</DialogClose>
<Button
type="submit"
variant="destructive"
disabled={pending || confirm.trim() !== companyName}
>
{pending ? <Loader2 className="size-4 animate-spin" /> : <Trash2 className="size-4" />}
Kalıcı olarak sil
</Button>
</DialogFooter>
</form>
</DialogContent>
</Dialog>
</div>
</CardContent>
</Card>
);
}
src/app/(dashboard)/settings/workspace/page.tsx
+5
View File
@@ -3,6 +3,7 @@ import { redirect } from "next/navigation";
import { getLogoUrl } from "@/lib/appwrite/storage"; import { getLogoUrl } from "@/lib/appwrite/storage";
import { requireTenant } from "@/lib/appwrite/tenant-guard"; import { requireTenant } from "@/lib/appwrite/tenant-guard";
import { DangerZone } from "./components/danger-zone";
import { LogoUploader } from "./components/logo-uploader"; import { LogoUploader } from "./components/logo-uploader";
import { WorkspaceSettingsForm } from "./components/workspace-form"; import { WorkspaceSettingsForm } from "./components/workspace-form";
@@ -50,6 +51,10 @@ export default async function WorkspaceSettingsPage() {
memberNumber: ctx.settings?.memberNumber ?? "", memberNumber: ctx.settings?.memberNumber ?? "",
}} }}
/> />
{ctx.role === "owner" && (
<DangerZone companyName={ctx.settings?.companyName ?? ""} />
)}
</div> </div>
); );
} }
src/app/api/account/export/route.ts
+103
View File
@@ -0,0 +1,103 @@
import { NextResponse } from "next/server";
import { Query } from "node-appwrite";
import { DATABASE_ID, TABLES } from "@/lib/appwrite/schema";
import { createAdminClient } from "@/lib/appwrite/server";
import { requireTenant } from "@/lib/appwrite/tenant-guard";
const TENANT_TABLES = [
TABLES.tenantSettings,
TABLES.profiles,
TABLES.connections,
TABLES.patients,
TABLES.clinicPricing,
TABLES.jobs,
TABLES.jobFiles,
TABLES.jobStatusHistory,
TABLES.prosthetics,
TABLES.financeEntries,
TABLES.payments,
TABLES.notifications,
TABLES.auditLogs,
] as const;
const TENANT_FIELDS_BY_TABLE: Record<string, string[]> = {
// Most tables use 'tenantId' or 'clinicTenantId'/'labTenantId' for ownership.
[TABLES.tenantSettings]: ["tenantId"],
[TABLES.profiles]: ["tenantId"],
[TABLES.connections]: ["clinicTenantId", "labTenantId"],
[TABLES.patients]: ["clinicTenantId"],
[TABLES.clinicPricing]: ["labTenantId", "clinicTenantId"],
[TABLES.jobs]: ["clinicTenantId", "labTenantId"],
[TABLES.jobFiles]: ["clinicTenantId", "labTenantId"],
[TABLES.jobStatusHistory]: ["clinicTenantId", "labTenantId"],
[TABLES.prosthetics]: ["tenantId"],
[TABLES.financeEntries]: ["tenantId"],
[TABLES.payments]: ["tenantId", "counterpartTenantId"],
[TABLES.notifications]: ["tenantId"],
[TABLES.auditLogs]: ["tenantId"],
};
/**
* Return a JSON file containing every row this tenant has access to.
* Used for KVKK 'data portability' and as a sanity-check pre-delete.
*/
export async function GET() {
let ctx;
try {
ctx = await requireTenant();
} catch {
return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
}
const { tablesDB } = createAdminClient();
const out: Record<string, unknown[]> = {};
for (const table of TENANT_TABLES) {
const fields = TENANT_FIELDS_BY_TABLE[table] ?? ["tenantId"];
try {
// Fetch each row where ANY of the ownership fields equals our tenantId.
// For tables with two fields (jobs, connections, ...) issue both queries
// and dedupe — Appwrite doesn't have OR across distinct equality terms.
const seen = new Set<string>();
const rows: unknown[] = [];
for (const field of fields) {
const result = await tablesDB.listRows({
databaseId: DATABASE_ID,
tableId: table,
queries: [Query.equal(field, ctx.tenantId), Query.limit(500)],
});
for (const r of result.rows) {
const id = (r as { $id?: string }).$id;
if (id && !seen.has(id)) {
seen.add(id);
rows.push(r);
}
}
}
out[table] = rows;
} catch (e) {
out[table] = [
{ error: e instanceof Error ? e.message : "fetch failed" },
];
}
}
const payload = {
exportedAt: new Date().toISOString(),
tenantId: ctx.tenantId,
tenantKind: ctx.kind,
requestedBy: { id: ctx.user.id, email: ctx.user.email, name: ctx.user.name },
data: out,
};
const fileName = `dls-export-${ctx.tenantId}-${Date.now()}.json`;
return new NextResponse(JSON.stringify(payload, null, 2), {
status: 200,
headers: {
"Content-Type": "application/json; charset=utf-8",
"Content-Disposition": `attachment; filename="${fileName}"`,
"Cache-Control": "private, no-store",
},
});
}
src/lib/appwrite/account-delete-actions.ts
+172
View File
@@ -0,0 +1,172 @@
"use server";
import { revalidatePath } from "next/cache";
import { cookies } from "next/headers";
import { redirect } from "next/navigation";
import { AppwriteException, Query } from "node-appwrite";
import {
BUCKETS,
DATABASE_ID,
TABLES,
type JobFile,
type TenantSettings,
} from "./schema";
import { APPWRITE_SESSION_COOKIE, createAdminClient } from "./server";
import { ACTIVE_TENANT_COOKIE } from "./tenant-types";
import { requireRole, requireTenant } from "./tenant-guard";
export type DeleteWorkspaceState = {
ok: boolean;
error?: string;
};
export const initialDeleteWorkspaceState: DeleteWorkspaceState = { ok: false };
function appwriteError(e: unknown, fallback = "Beklenmeyen bir hata oluştu."): string {
if (e instanceof AppwriteException) return e.message || fallback;
return process.env.NODE_ENV !== "production" && e instanceof Error
? `${fallback} (${e.message})`
: fallback;
}
/** Best-effort delete every row where any of `fields` equals tenantId. */
async function purgeTable(table: string, fields: string[], tenantId: string) {
const { tablesDB } = createAdminClient();
const ids = new Set<string>();
for (const field of fields) {
let offset = 0;
// Page through to handle tables with more than 500 rows.
while (true) {
const result = await tablesDB
.listRows({
databaseId: DATABASE_ID,
tableId: table,
queries: [Query.equal(field, tenantId), Query.limit(500), Query.offset(offset)],
})
.catch(() => ({ rows: [] }));
for (const row of result.rows) {
const id = (row as { $id?: string }).$id;
if (id) ids.add(id);
}
if (result.rows.length < 500) break;
offset += 500;
}
}
await Promise.allSettled(
Array.from(ids).map((id) =>
tablesDB.deleteRow(DATABASE_ID, table, id),
),
);
}
/**
* Hard-delete an entire workspace and everything it owns. Reversible only
* via your own backup — Appwrite has no undo. Caller must be owner of the
* tenant and must confirm by typing the company name back to us.
*/
export async function deleteWorkspaceAction(
_prev: DeleteWorkspaceState,
formData: FormData,
): Promise<DeleteWorkspaceState> {
const confirm = String(formData.get("confirm") ?? "").trim();
let ctx;
try {
ctx = await requireTenant();
requireRole(ctx, ["owner"]);
} catch {
return { ok: false, error: "Yalnızca sahip silebilir." };
}
const expected = ctx.settings?.companyName?.trim() ?? "";
if (!expected || confirm !== expected) {
return {
ok: false,
error: "Onaylamak için çalışma alanı adını birebir yazmanız gerekiyor.",
};
}
const tenantId = ctx.tenantId;
const { tablesDB, storage, teams } = createAdminClient();
// 1) Wipe Storage objects we still own (logo + any non-archived job files).
try {
const settingsRes = await tablesDB.listRows({
databaseId: DATABASE_ID,
tableId: TABLES.tenantSettings,
queries: [Query.equal("tenantId", tenantId), Query.limit(1)],
});
const settings = (settingsRes.rows[0] as unknown as TenantSettings | undefined) ?? null;
if (settings?.logo) {
try {
await storage.deleteFile(BUCKETS.tenantLogos, settings.logo);
} catch {
/* ignore */
}
}
const files = await tablesDB.listRows({
databaseId: DATABASE_ID,
tableId: TABLES.jobFiles,
queries: [
Query.or([
Query.equal("clinicTenantId", tenantId),
Query.equal("labTenantId", tenantId),
]),
Query.limit(1000),
],
});
await Promise.allSettled(
(files.rows as unknown as JobFile[]).map(async (f) => {
if (f.archivedAt) return;
try {
await storage.deleteFile(BUCKETS.jobFiles, f.fileId);
} catch {
/* ignore */
}
}),
);
} catch {
/* best-effort */
}
// 2) Purge all DB tables tied to this tenant. Order doesn't matter
// because everything is hard-deleted.
const tablePurges: Array<[string, string[]]> = [
[TABLES.notifications, ["tenantId"]],
[TABLES.auditLogs, ["tenantId"]],
[TABLES.payments, ["tenantId", "counterpartTenantId"]],
[TABLES.financeEntries, ["tenantId"]],
[TABLES.jobStatusHistory, ["clinicTenantId", "labTenantId"]],
[TABLES.jobFiles, ["clinicTenantId", "labTenantId"]],
[TABLES.jobs, ["clinicTenantId", "labTenantId"]],
[TABLES.clinicPricing, ["labTenantId", "clinicTenantId"]],
[TABLES.prosthetics, ["tenantId"]],
[TABLES.patients, ["clinicTenantId"]],
[TABLES.connections, ["clinicTenantId", "labTenantId"]],
[TABLES.profiles, ["tenantId"]],
[TABLES.tenantSettings, ["tenantId"]],
];
for (const [table, fields] of tablePurges) {
await purgeTable(table, fields, tenantId);
}
// 3) Finally delete the Appwrite Team itself. This boots every member's
// permission to read anything that might have slipped through above.
try {
await teams.delete({ teamId: tenantId });
} catch (e) {
return { ok: false, error: appwriteError(e, "Çalışma alanı silindi ama takım kaldı.") };
}
// Drop session/active-tenant cookies — the user is also effectively
// signed out of this workspace.
const cookieStore = await cookies();
cookieStore.delete(ACTIVE_TENANT_COOKIE);
// Keep the Appwrite session itself so the user can still re-onboard or
// hop to another workspace they own. If they want to drop the session,
// there's already a 'Çıkış yap' button.
void APPWRITE_SESSION_COOKIE; // referenced to avoid unused import
revalidatePath("/");
redirect("/onboarding");
}
src/lib/appwrite/audit-queries.ts
+24
View File
@@ -0,0 +1,24 @@
import "server-only";
import { Query } from "node-appwrite";
import { DATABASE_ID, TABLES, type AuditLog } from "./schema";
import { createAdminClient } from "./server";
import { toPlain } from "./serialize";
export async function listAuditLogs(
tenantId: string,
limit = 100,
): Promise<AuditLog[]> {
const { tablesDB } = createAdminClient();
const result = await tablesDB.listRows({
databaseId: DATABASE_ID,
tableId: TABLES.auditLogs,
queries: [
Query.equal("tenantId", tenantId),
Query.orderDesc("$createdAt"),
Query.limit(limit),
],
});
return toPlain(result.rows as unknown as AuditLog[]);
}
src/lib/appwrite/auth-actions.ts
+47 -1
View File
@@ -2,7 +2,7 @@
import { cookies } from "next/headers"; import { cookies } from "next/headers";
import { redirect } from "next/navigation"; import { redirect } from "next/navigation";
import { AppwriteException, ID, Query } from "node-appwrite"; import { AppwriteException, AuthenticationFactor, ID, Query } from "node-appwrite";
import { APPWRITE_SESSION_COOKIE, createAdminClient, createSessionClient } from "./server"; import { APPWRITE_SESSION_COOKIE, createAdminClient, createSessionClient } from "./server";
import { DATABASE_ID, TABLES, type TenantKind, type TenantSettings } from "./schema"; import { DATABASE_ID, TABLES, type TenantKind, type TenantSettings } from "./schema";
@@ -85,6 +85,7 @@ async function resolveTenantOnLogin(
export async function signInAction(_prev: AuthState, formData: FormData): Promise<AuthState> { export async function signInAction(_prev: AuthState, formData: FormData): Promise<AuthState> {
const email = String(formData.get("email") ?? "").trim(); const email = String(formData.get("email") ?? "").trim();
const password = String(formData.get("password") ?? ""); const password = String(formData.get("password") ?? "");
const otp = String(formData.get("otp") ?? "").trim();
const inviteCode = String(formData.get("inviteCode") ?? "").trim(); const inviteCode = String(formData.get("inviteCode") ?? "").trim();
const rawKind = String(formData.get("kind") ?? "").trim(); const rawKind = String(formData.get("kind") ?? "").trim();
const kind: TenantKind | null = const kind: TenantKind | null =
@@ -107,6 +108,51 @@ export async function signInAction(_prev: AuthState, formData: FormData): Promis
return { ok: false, error: appwriteError(e) }; return { ok: false, error: appwriteError(e) };
} }
// MFA: if the user has TOTP enabled, the session above is half-confirmed.
// Either pass the OTP they typed in this submission or ask for it.
try {
const { users } = createAdminClient();
const user = await users.get({ userId: sessionUserId });
if (user.mfa) {
if (!otp) {
return {
ok: false,
mfaRequired: true,
error: "Hesabınız 2FA korumalı. Authenticator uygulamasındaki 6 haneli kodu girin.",
};
}
try {
const { account: sessionAccount } = await createSessionClient();
const challenge = await sessionAccount.createMfaChallenge({
factor: AuthenticationFactor.Totp,
});
await sessionAccount.updateMfaChallenge({
challengeId: challenge.$id,
otp,
});
} catch (e) {
// Wrong code or expired challenge — kill the partial session and ask
// them to start over with the OTP visible.
try {
if (sessionId) await users.deleteSession({ userId: sessionUserId, sessionId });
} catch {
/* best-effort */
}
(await cookies()).delete(APPWRITE_SESSION_COOKIE);
return {
ok: false,
mfaRequired: true,
error: "Kod doğrulanamadı, yeniden deneyin.",
};
}
}
} catch (e) {
console.error("[signInAction] MFA check", e);
// Fail-open on MFA check errors only when the user has no MFA configured;
// for safety, surface a generic error here.
return { ok: false, error: "Oturum doğrulanamadı." };
}
// Invite flow short-circuits the kind check — invite code drives team membership // Invite flow short-circuits the kind check — invite code drives team membership
if (inviteCode) { if (inviteCode) {
redirect(`/d/${inviteCode}`); redirect(`/d/${inviteCode}`);
src/lib/appwrite/auth-types.ts
+2
View File
@@ -1,6 +1,8 @@
export type AuthState = { export type AuthState = {
ok: boolean; ok: boolean;
error?: string; error?: string;
/** Set when the account has MFA enabled and the OTP field was empty. */
mfaRequired?: boolean;
}; };
export const initialAuthState: AuthState = { ok: false }; export const initialAuthState: AuthState = { ok: false };
src/lib/appwrite/mfa-actions.ts
+104
View File
@@ -0,0 +1,104 @@
"use server";
import { revalidatePath } from "next/cache";
import { AppwriteException, AuthenticatorType } from "node-appwrite";
import { createSessionClient } from "./server";
export type MfaEnrollState = {
ok: boolean;
error?: string;
/** otpauth:// URI for QR; only set on enroll start. */
uri?: string;
/** Plain TOTP secret as a fallback if the QR can't be scanned. */
secret?: string;
};
export const initialMfaEnrollState: MfaEnrollState = { ok: false };
export type MfaActionState = {
ok: boolean;
error?: string;
/** Recovery codes returned right after enable; show once, never stored again. */
recoveryCodes?: string[];
};
export const initialMfaActionState: MfaActionState = { ok: false };
function appwriteError(e: unknown, fallback = "Beklenmeyen bir hata oluştu."): string {
if (e instanceof AppwriteException) return e.message || fallback;
return process.env.NODE_ENV !== "production" && e instanceof Error
? `${fallback} (${e.message})`
: fallback;
}
/**
* Step 1 of TOTP enroll: produce a fresh secret and otpauth URI for the
* user's authenticator app. Calling this when an authenticator already
* exists yields the same secret back.
*/
export async function startMfaEnrollAction(): Promise<MfaEnrollState> {
try {
const { account } = await createSessionClient();
const res = await account.createMFAAuthenticator(AuthenticatorType.Totp);
return { ok: true, uri: res.uri, secret: res.secret };
} catch (e) {
return { ok: false, error: appwriteError(e, "MFA başlatılamadı.") };
}
}
/**
* Step 2 of TOTP enroll: user scanned the QR, opened their authenticator,
* typed the 6-digit code. We verify, then flip account.mfa = true so
* future sign-ins require the second factor. Returns recovery codes —
* shown once.
*/
export async function verifyMfaEnrollAction(
_prev: MfaActionState,
formData: FormData,
): Promise<MfaActionState> {
const otp = String(formData.get("otp") ?? "").trim();
if (!otp || otp.length < 6) {
return { ok: false, error: "6 haneli kodu girin." };
}
try {
const { account } = await createSessionClient();
await account.updateMFAAuthenticator(AuthenticatorType.Totp, otp);
await account.updateMFA(true);
const codes = await account.createMFARecoveryCodes();
return { ok: true, recoveryCodes: codes.recoveryCodes };
} catch (e) {
return { ok: false, error: appwriteError(e, "Doğrulanamadı.") };
}
}
/**
* Disable MFA: turn the account flag off and remove the TOTP authenticator
* so the user can re-enroll later with a fresh secret. Requires a current
* authenticated session.
*/
export async function disableMfaAction(): Promise<MfaActionState> {
try {
const { account } = await createSessionClient();
await account.updateMFA(false);
try {
await account.deleteMFAAuthenticator(AuthenticatorType.Totp);
} catch {
// Already removed — ignore.
}
revalidatePath("/settings/security");
return { ok: true };
} catch (e) {
return { ok: false, error: appwriteError(e, "Devre dışı bırakılamadı.") };
}
}
export async function regenerateRecoveryCodesAction(): Promise<MfaActionState> {
try {
const { account } = await createSessionClient();
const codes = await account.updateMFARecoveryCodes();
return { ok: true, recoveryCodes: codes.recoveryCodes };
} catch (e) {
return { ok: false, error: appwriteError(e, "Yedek kodlar üretilemedi.") };
}
}