Add auth module for login/register

gpx-vis-frontend/js/auth.js

@@ -0,0 +1,78 @@
+const Auth = (() => {
+  let currentUser = null;
+
+  function getToken() { return localStorage.getItem('token'); }
+  function setToken(token) { localStorage.setItem('token', token); }
+  function clearToken() { localStorage.removeItem('token'); }
+
+  function getCurrentUser() { return currentUser; }
+  function isLoggedIn() { return !!getToken(); }
+  function isAdmin() { return currentUser?.isAdmin || false; }
+
+  async function init() {
+    if (!getToken()) return false;
+    try {
+      currentUser = await API.me();
+      return true;
+    } catch (e) {
+      clearToken();
+      return false;
+    }
+  }
+
+  function logout() {
+    clearToken();
+    currentUser = null;
+    window.location.reload();
+  }
+
+  function setupForms() {
+    // Tab switching
+    document.querySelectorAll('.auth-tab').forEach(btn => {
+      btn.addEventListener('click', () => {
+        document.querySelectorAll('.auth-tab').forEach(b => b.classList.remove('active'));
+        btn.classList.add('active');
+        const tab = btn.dataset.tab;
+        document.getElementById('login-form').style.display = tab === 'login' ? 'flex' : 'none';
+        document.getElementById('register-form').style.display = tab === 'register' ? 'flex' : 'none';
+        document.getElementById('auth-error').style.display = 'none';
+      });
+    });
+
+    document.getElementById('login-form').addEventListener('submit', async (e) => {
+      e.preventDefault();
+      const login = document.getElementById('login-username').value.trim();
+      const password = document.getElementById('login-password').value;
+      try {
+        const res = await API.login(login, password);
+        setToken(res.token);
+        currentUser = res.user;
+        window.location.reload();
+      } catch (err) {
+        showAuthError(err.message);
+      }
+    });
+
+    document.getElementById('register-form').addEventListener('submit', async (e) => {
+      e.preventDefault();
+      const login = document.getElementById('reg-username').value.trim();
+      const email = document.getElementById('reg-email').value.trim();
+      const password = document.getElementById('reg-password').value;
+      try {
+        await API.register(login, email, password);
+        showAuthError('Registration successful! You can now login (or wait for admin activation).', 'success');
+      } catch (err) {
+        showAuthError(err.message);
+      }
+    });
+  }
+
+  function showAuthError(msg, type = 'error') {
+    const el = document.getElementById('auth-error');
+    el.textContent = msg;
+    el.className = type === 'success' ? 'success-msg' : 'error-msg';
+    el.style.display = 'block';
+  }
+
+  return { init, logout, getCurrentUser, isLoggedIn, isAdmin, setupForms, getToken };
+})();