feat: Fallback to Fabric Connect during Cluster Setup

If cookie auth and basic auth don’t work, fallback to Fabric Connect as a last resort. This will let us support aggressive corporate VPNs that don’t like talking to non-standard ports.

https://harperdb.atlassian.net/browse/STUDIO-583

Author: dawsontoth

src/features/instance/operations/mutations/useInstanceLoginMutation.ts

@@ -1,9 +1,11 @@
-import { forceBasicAuth } from '@/config/constants';
+import { forceBasicAuth, isLocalStudio } from '@/config/constants';
+import { getInstanceClient } from '@/config/getInstanceClient';
 import { InstanceClientIdConfig } from '@/config/instanceClientConfig';
 import { authStore } from '@/features/auth/store/authStore';
 import { getInstanceUserInfo } from '@/features/instance/operations/queries/getInstanceUserInfo';
 import { LocalUser } from '@/lib/api.patch';
 import { useMutation } from '@tanstack/react-query';
+import { AxiosInstance } from 'axios';
 
 interface InstanceLoginCredentials extends InstanceClientIdConfig {
 	username: string;
@@ -13,6 +15,7 @@ interface InstanceLoginCredentials extends InstanceClientIdConfig {
 export interface LoginInfoResponse {
 	message: string;
 	user: LocalUser;
+	instanceClient?: AxiosInstance;
 }
 
 export async function onInstanceLoginSubmit({
@@ -40,17 +43,38 @@ export async function onInstanceLoginSubmit({
 		}
 	}
 
+	try {
+		const user = await getInstanceUserInfo({
+			instanceClient,
+			auth: {
+				username,
+				password,
+			},
+		});
+		authStore.flagForBasicAuth(entityId, { username, password });
+		return {
+			message,
+			user,
+		};
+	} catch (err) {
+		if (isLocalStudio) {
+			throw err;
+		}
+		console.error('Failed to get user with basic auth, trying Fabric Connect', err);
+	}
+
+	const fabricInstanceClient = getInstanceClient({
+		id: entityId,
+		forceFabricConnect: true,
+	});
 	const user = await getInstanceUserInfo({
-		instanceClient,
-		auth: {
-			username,
-			password,
-		},
+		instanceClient: fabricInstanceClient,
 	});
-	authStore.flagForBasicAuth(entityId, { username, password });
+	authStore.flagForFabricConnect(entityId, true);
 	return {
 		message,
 		user,
+		instanceClient,
 	};
 }
 

src/features/instance/operations/mutations/useInstanceResetPasswordMutation.ts

@@ -22,12 +22,13 @@ async function onInstanceResetPassword({
 	desiredUsername,
 	newPassword,
 	tempPassword,
-	instanceClient,
+	instanceClient: initialInstanceClient,
 }: InstanceResetPasswordParams): Promise<LoginInfoResponse> {
 	// Do we have a temporary password?
 	if (!tempPassword) {
 		throw new Error('You may not have permission to set the password on this cluster.');
 	}
+	let instanceClient = initialInstanceClient;
 	try {
 		// Sign in with the temporary password,
 		const loginResponse = await onInstanceLoginSubmit({
@@ -36,25 +37,31 @@ async function onInstanceResetPassword({
 			instanceClient,
 			entityId: clusterId,
 		});
-		// then alter or create a new user
+		if (loginResponse.instanceClient) {
+			instanceClient = loginResponse.instanceClient;
+		}
+		// then we can either alter...
 		if (desiredUsername === defaultClusterUsername) {
 			await onAlterUser({
 				username: desiredUsername,
 				password: newPassword,
 				instanceClient,
 			});
 		} else {
+			// ... or create a new user!
 			await onAddUserSubmit({
 				username: desiredUsername,
 				password: newPassword,
 				role: 'super_user',
 				active: true,
 				instanceClient,
 			});
+			// since we created a new user, we should clean up the old one
 			await onDeleteUser({
 				username: defaultClusterUsername,
 				instanceClient,
 			});
+			/// and login with the new one.
 			await onInstanceLoginSubmit({
 				username: desiredUsername,
 				password: newPassword,