// Login-gate: vraagt eerst om familie-wachtwoord voor NamePicker verschijnt. // Slaat hash op in localStorage zodat je niet elke keer opnieuw hoeft in te tikken. function LoginGate({ onUnlock }) { const [password, setPassword] = React.useState(""); const [err, setErr] = React.useState(""); const [loading, setLoading] = React.useState(false); const [locked, setLocked] = React.useState(0); // seconds remaining // Rate-limit countdown React.useEffect(() => { if (locked <= 0) return; const t = setTimeout(() => setLocked(l => l - 1), 1000); return () => clearTimeout(t); }, [locked]); // Fingerprint voor rate-limit const getFingerprint = () => { let fp = localStorage.getItem("kreta-fp"); if (!fp) { fp = Math.random().toString(36).slice(2) + Date.now().toString(36); localStorage.setItem("kreta-fp", fp); } return fp; }; async function sha256(str) { const buf = new TextEncoder().encode(str); const hash = await crypto.subtle.digest("SHA-256", buf); return Array.from(new Uint8Array(hash)).map(b => b.toString(16).padStart(2,"0")).join(""); } // Check bij mount of we al ingelogd zijn (hash match met huidige app_config) React.useEffect(() => { (async () => { const saved = localStorage.getItem("kreta-auth-hash"); if (!saved) return; const expected = await window.kretaBackend?.getFamilyPasswordHash?.(); if (expected && saved === expected) onUnlock(); })(); }, []); async function submit() { if (locked > 0 || loading) return; setLoading(true); setErr(""); try { const hash = await sha256(password.trim().toLowerCase()); const expected = await window.kretaBackend?.getFamilyPasswordHash?.(); const fp = getFingerprint(); // Check recente foute pogingen const recentFails = await window.kretaBackend?.recentFailedAttempts?.(fp); if (recentFails >= 5) { setLocked(30); setErr("Te veel pogingen — wacht even."); setLoading(false); return; } const ok = expected && hash === expected; await window.kretaBackend?.logLoginAttempt?.(ok, fp); if (ok) { localStorage.setItem("kreta-auth-hash", hash); onUnlock(); } else { setErr("Wachtwoord klopt niet."); setPassword(""); } } catch (e) { setErr("Verbinding mislukt. Probeer opnieuw."); } setLoading(false); } return (
🇬🇷

Corvee Kreta

Alleen voor de familie
setPassword(e.target.value)} onKeyDown={e => e.key === "Enter" && submit()} autoFocus disabled={locked > 0 || loading} placeholder="••••••••" style={{ width: "100%", marginTop: 6, padding: "12px 14px", fontSize: 16, borderRadius: 10, border: "1px solid var(--line)", fontFamily: "inherit", background: locked > 0 ? "#f5f5f5" : "white", }} /> {err && (
{err}
)} {locked > 0 && (
Nog {locked}s wachten…
)}
Weet je 't wachtwoord niet? Vraag Marije of Martin.
); } window.LoginGate = LoginGate;