feat(auth): implement secure registration flow and authentication fixes (#13)

* feat(core): add auth layout template, custom textfield and colors

* feat(auth): implement viewmodels for auth flow (MVVM)

* feat(auth): build complete auth UI screens (Login, Register, OTP, Passwords)

* chore(main): set LoginView as initial route

* refactor(auth) : delete .gitkeep

* chore: update dependencies and pubspec.lock

* refactor(auth): optimize registration logic, timezone handling, and form validation

* feat(auth): update UI for login, registration, and forgot password screens

* feat(tasks): update task management UI and statistics screen

* chore: update main entry point and fix widget tests

* chore: ignore devtools_options.yaml

* chore: ignore devtools_options.yaml

* style(login) : rewrite title for login view

Author: hoanghaoz

.gitignore

@@ -50,3 +50,5 @@ app.*.map.json
 **/supabase/.env
 **/supabase/pooler/
 
+# DevTools config
+devtools_options.yaml

src/devtools_options.yaml

@@ -0,0 +1,3 @@
+description: This file stores settings for Dart & Flutter DevTools.
+documentation: https://docs.flutter.dev/tools/devtools/extensions#configure-extension-enablement-states
+extensions:

src/lib/features/auth/data/auth_helper.dart

@@ -0,0 +1,109 @@
+// data/helpers/auth_helper.dart
+
+import 'package:supabase_flutter/supabase_flutter.dart';
+import 'package:flutter_timezone/flutter_timezone.dart';
+import '../models/user_model.dart';
+import 'package:task_management_app/main.dart';
+
+class AuthHelper {
+
+
+  Future<UserModel?> login(String email, String password) async {
+    try {
+      final response = await supabase.auth.signInWithPassword(
+        email: email,
+        password: password,
+      );
+
+      if (response.user != null) {
+        final userId = response.user!.id;
+
+        final timezoneObj = await FlutterTimezone.getLocalTimezone();
+        final String currentTimezone = timezoneObj.toString();
+
+        final profileData = await supabase
+            .from('profile')
+            .update({'timezone': currentTimezone})
+            .eq('id', userId)
+            .select()
+            .single();
+
+        return UserModel.fromJson(profileData, email);
+      }
+      return null;
+    } on AuthException catch (e) {
+      print('Supabase Auth Error: ${e.message}');
+      rethrow;
+    } catch (e) {
+      print('Unknown Error: $e');
+      rethrow;
+    }
+  }
+
+  Future<UserModel?> register(String email, String password, String username) async {
+    try {
+      final timezoneObj = await FlutterTimezone.getLocalTimezone();
+      final String currentTimezone = timezoneObj.toString();
+      final response = await supabase.auth.signUp(
+        email: email,
+        password: password,
+          data: {
+            'username': username,
+            'timezone': currentTimezone, // Data is already a safe String
+          }
+      );
+
+      if (response.user != null) {
+        final userId = response.user!.id;
+
+        // Step 2: Insert directly into the 'profile' table
+        final profileData = await supabase
+            .from('profile')
+            .select()
+            .eq('id', userId)
+            .single();
+
+        return UserModel.fromJson(profileData, email);
+      }
+      return null;
+    } on AuthException catch (e) {
+      print('Supabase Sign Up Error: ${e.message}');
+      rethrow;
+    }
+  }
+
+  Future<void> sendPasswordReset(String email) async {
+    try {
+      await supabase.auth.resetPasswordForEmail(email);
+    } on AuthException catch (e) {
+      print('Lỗi Gửi OTP: ${e.message}');
+      rethrow;
+    }
+  }
+
+  Future<bool> verifyOTP(String email, String otpCode) async {
+    try {
+      // Authenticate OTP for recovery type
+      final response = await supabase.auth.verifyOTP(
+        email: email,
+        token: otpCode,
+        type: OtpType.recovery,
+      );
+      // Returns true if authentication is successful and session is created
+      return response.session != null;
+    } on AuthException catch (e) {
+      print('Lỗi Xác thực OTP: ${e.message}');
+      return false;
+    }
+  }
+  Future<void> updatePassword(String newPassword) async {
+    try {
+      // After successful verifyOTP, user is automatically logged in
+      // At this point, just call updateUser to change the password
+      await supabase.auth.updateUser(UserAttributes(password: newPassword));
+    } on AuthException catch (e) {
+      print('Lỗi Đổi Pass: ${e.message}');
+      rethrow;
+    }
+  }
+}

src/lib/features/auth/forgot_password_view.dart

@@ -0,0 +1,28 @@
+class UserModel {
+  final String id;
+  final String email;
+  final String username;
+  final int? age;
+  final String? avatar;
+  final String? timezone;
+
+  UserModel({
+    required this.id,
+    required this.email,
+    required this.username,
+    this.age,
+    this.avatar,
+    this.timezone,
+  });
+
+  factory UserModel.fromJson(Map<String, dynamic> json, String email) {
+    return UserModel(
+      id: json['id'] ?? '',
+      email: email,
+      username: json['username'] ?? 'No Name',
+      age: json['age'],
+      avatar: json['avatar'],
+      timezone: json['timezone'],
+    );
+  }
+}