From a02d7956cabaa64f584f484f8cd28964ea4c71a1 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Thu, 22 Jan 2026 19:05:26 +0000
Subject: [PATCH 1/8] Initial plan


From c2eac955fe318b87128437563673116fddeb69ee Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Thu, 22 Jan 2026 19:09:54 +0000
Subject: [PATCH 2/8] Implement onboarding flow with database config and admin
 persona creation

Co-authored-by: naielv <109038805+naielv@users.noreply.github.com>
---
 src/page/login.js | 172 ++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 172 insertions(+)

diff --git a/src/page/login.js b/src/page/login.js
index 80bce35..a070335 100644
--- a/src/page/login.js
+++ b/src/page/login.js
@@ -1,7 +1,169 @@
 PAGES.login = {
     Esconder: true,
     Title: "Login",
+    onboarding: function (step) {
+      // Multi-step onboarding flow
+      step = step || 'config';
+      
+      if (step === 'config') {
+        // Step 1: "Configuración de datos"
+        var field_couch = safeuuid();
+        var field_couch_dbname = safeuuid();
+        var field_couch_user = safeuuid();
+        var field_couch_pass = safeuuid();
+        var field_secret = safeuuid();
+        var btn_existing_server = safeuuid();
+        var btn_new_server = safeuuid();
+        var btn_skip = safeuuid();
+        var div_server_config = safeuuid();
+        
+        container.innerHTML = `
+          <h1>¡Bienvenido a TeleSec! 🎉</h1>
+          <h2>Paso 1: Configuración de datos</h2>
+          <p>Para comenzar, elige cómo quieres configurar tu base de datos:</p>
+          <fieldset>
+            <button id="${btn_existing_server}" class="btn5" style="margin:10px;padding:15px;">📡 Conectar a un servidor CouchDB existente</button>
+            <button id="${btn_new_server}" class="btn2" style="margin:10px;padding:15px;">🆕 Crear un nuevo servidor (registro externo)</button>
+            <button id="${btn_skip}" class="btn3" style="margin:10px;padding:15px;">⏭️ Saltar (usar solo local)</button>
+          </fieldset>
+          <div id="${div_server_config}" style="display:none;margin-top:20px;">
+            <h3>Configuración del servidor CouchDB</h3>
+            <fieldset>
+              <label>Servidor CouchDB (ej: couch.example.com)
+                <input type="text" id="${field_couch}" value="${(localStorage.getItem('TELESEC_COUCH_URL') || '').replace(/^https?:\/\//, '')}"><br><br>
+              </label>
+              <label>Nombre de la base (opcional)
+                <input type="text" id="${field_couch_dbname}" value="${localStorage.getItem('TELESEC_COUCH_DBNAME') || ''}"><br><br>
+              </label>
+              <label>Usuario
+                <input type="text" id="${field_couch_user}" value="${localStorage.getItem('TELESEC_COUCH_USER') || ''}"><br><br>
+              </label>
+              <label>Contraseña
+                <input type="password" id="${field_couch_pass}" value="${localStorage.getItem('TELESEC_COUCH_PASS') || ''}"><br><br>
+              </label>
+              <label>Clave de encriptación (opcional)
+                <input type="password" id="${field_secret}" value="${localStorage.getItem('TELESEC_SECRET') || ''}"><br><br>
+              </label>
+              <button id="${btn_skip}-save" class="btn5">Guardar y Continuar</button>
+            </fieldset>
+          </div>
+        `;
+        
+        document.getElementById(btn_existing_server).onclick = () => {
+          document.getElementById(div_server_config).style.display = 'block';
+        };
+        
+        document.getElementById(btn_new_server).onclick = () => {
+          window.open('https://tech.eus/telesec-signup.php', '_blank');
+          toastr.info('Una vez creado el servidor, vuelve aquí y conéctate usando el botón "Conectar a un servidor existente"');
+        };
+        
+        document.getElementById(btn_skip).onclick = () => {
+          // Continue to persona creation without server config
+          location.hash = '#login,onboarding-persona';
+        };
+        
+        document.getElementById(btn_skip + '-save').onclick = () => {
+          var url = document.getElementById(field_couch).value.trim();
+          var dbname = document.getElementById(field_couch_dbname).value.trim();
+          var user = document.getElementById(field_couch_user).value.trim();
+          var pass = document.getElementById(field_couch_pass).value;
+          var secret = document.getElementById(field_secret).value || '';
+          
+          if (!url) {
+            toastr.error('Por favor ingresa un servidor CouchDB');
+            return;
+          }
+          
+          localStorage.setItem('TELESEC_COUCH_URL', 'https://' + url);
+          localStorage.setItem('TELESEC_COUCH_DBNAME', dbname);
+          localStorage.setItem('TELESEC_COUCH_USER', user);
+          localStorage.setItem('TELESEC_COUCH_PASS', pass);
+          if (secret) {
+            localStorage.setItem('TELESEC_SECRET', secret.toUpperCase());
+            SECRET = secret.toUpperCase();
+          }
+          
+          try {
+            DB.init({ secret: SECRET, remoteServer: 'https://' + url, username: user, password: pass, dbname: dbname || undefined });
+            toastr.success('Servidor configurado correctamente');
+            // Continue to persona creation
+            setTimeout(() => {
+              location.hash = '#login,onboarding-persona';
+            }, 500);
+          } catch (e) {
+            toastr.error('Error al configurar el servidor: ' + (e.message || e));
+          }
+        };
+        
+      } else if (step === 'persona') {
+        // Step 2: "Crea una persona"
+        var field_nombre = safeuuid();
+        var btn_crear = safeuuid();
+        
+        container.innerHTML = `
+          <h1>¡Bienvenido a TeleSec! 🎉</h1>
+          <h2>Paso 2: Crea tu cuenta de administrador</h2>
+          <p>Para continuar, necesitas crear una cuenta personal con permisos de administrador.</p>
+          <fieldset>
+            <label>Tu nombre:
+              <input type="text" id="${field_nombre}" placeholder="Ej: Juan Pérez" autofocus><br><br>
+            </label>
+            <p><small>ℹ️ Esta cuenta tendrá todos los permisos de administrador y podrás gestionar la aplicación completamente.</small></p>
+            <button id="${btn_crear}" class="btn5">Crear cuenta y empezar</button>
+          </fieldset>
+        `;
+        
+        document.getElementById(btn_crear).onclick = () => {
+          var nombre = document.getElementById(field_nombre).value.trim();
+          if (!nombre) {
+            toastr.error('Por favor ingresa tu nombre');
+            return;
+          }
+          
+          // Create persona with all admin permissions from PERMS object
+          var allPerms = Object.keys(PERMS).join(',') + ',';
+          var personaId = 'admin-' + Date.now();
+          var persona = {
+            Nombre: nombre,
+            Roles: allPerms,
+            Region: '',
+            Monedero_Balance: 0,
+            markdown: 'Cuenta de administrador creada durante el onboarding'
+          };
+          
+          DB.put('personas', personaId, persona).then(() => {
+            toastr.success('¡Cuenta creada exitosamente! 🎉');
+            localStorage.setItem('TELESEC_ONBOARDING_COMPLETE', 'true');
+            localStorage.setItem('TELESEC_ADMIN_ID', personaId);
+            
+            // Auto-login
+            SUB_LOGGED_IN_ID = personaId;
+            SUB_LOGGED_IN_DETAILS = persona;
+            SUB_LOGGED_IN = true;
+            SetPages();
+            
+            setTimeout(() => {
+              location.hash = '#index';
+              location.reload();
+            }, 800);
+          }).catch((e) => {
+            toastr.error('Error creando cuenta: ' + (e.message || e));
+          });
+        };
+      }
+    },
     edit: function (mid) {
+      // Handle onboarding routes
+      if (mid === 'onboarding-config') {
+        PAGES.login.onboarding('config');
+        return;
+      }
+      if (mid === 'onboarding-persona') {
+        PAGES.login.onboarding('persona');
+        return;
+      }
+      
       // Setup form to configure CouchDB remote and initial group/secret
       var field_couch = safeuuid();
       var field_couch_dbname = safeuuid();
@@ -189,6 +351,16 @@ PAGES.login = {
       };
     },
     index: function (mid) {
+      // Check if onboarding is needed
+      var onboardingComplete = localStorage.getItem('TELESEC_ONBOARDING_COMPLETE');
+      var hasPersonas = Object.keys(SC_Personas).length > 0;
+      
+      // If no personas exist and onboarding not complete, redirect to onboarding
+      if (!hasPersonas && !onboardingComplete && !AC_BYPASS) {
+        location.hash = '#login,onboarding-config';
+        return;
+      }
+      
       var field_persona = safeuuid();
       var btn_guardar = safeuuid();
       var btn_reload = safeuuid();

From bf9ba4ceef0538ac8f1e995d668cb1e52a19c5b1 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Thu, 22 Jan 2026 19:12:11 +0000
Subject: [PATCH 3/8] Improve onboarding: use safeuuid() and avoid unnecessary
 reload

Co-authored-by: naielv <109038805+naielv@users.noreply.github.com>
---
 src/page/login.js | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/page/login.js b/src/page/login.js
index a070335..76dd390 100644
--- a/src/page/login.js
+++ b/src/page/login.js
@@ -123,7 +123,7 @@ PAGES.login = {
           
           // Create persona with all admin permissions from PERMS object
           var allPerms = Object.keys(PERMS).join(',') + ',';
-          var personaId = 'admin-' + Date.now();
+          var personaId = safeuuid('admin-');
           var persona = {
             Nombre: nombre,
             Roles: allPerms,
@@ -144,9 +144,9 @@ PAGES.login = {
             SetPages();
             
             setTimeout(() => {
-              location.hash = '#index';
-              location.reload();
-            }, 800);
+              open_page('index');
+              setUrlHash('index');
+            }, 500);
           }).catch((e) => {
             toastr.error('Error creando cuenta: ' + (e.message || e));
           });

From 1e5de2c686217b884acff82c87abe4f902c6841e Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Thu, 22 Jan 2026 19:13:53 +0000
Subject: [PATCH 4/8] Use open_page() consistently for proper navigation
 cleanup

Co-authored-by: naielv <109038805+naielv@users.noreply.github.com>
---
 src/page/login.js | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/src/page/login.js b/src/page/login.js
index 76dd390..545eac1 100644
--- a/src/page/login.js
+++ b/src/page/login.js
@@ -60,7 +60,8 @@ PAGES.login = {
         
         document.getElementById(btn_skip).onclick = () => {
           // Continue to persona creation without server config
-          location.hash = '#login,onboarding-persona';
+          open_page('login,onboarding-persona');
+          setUrlHash('login,onboarding-persona');
         };
         
         document.getElementById(btn_skip + '-save').onclick = () => {
@@ -89,7 +90,8 @@ PAGES.login = {
             toastr.success('Servidor configurado correctamente');
             // Continue to persona creation
             setTimeout(() => {
-              location.hash = '#login,onboarding-persona';
+              open_page('login,onboarding-persona');
+              setUrlHash('login,onboarding-persona');
             }, 500);
           } catch (e) {
             toastr.error('Error al configurar el servidor: ' + (e.message || e));
@@ -357,7 +359,8 @@ PAGES.login = {
       
       // If no personas exist and onboarding not complete, redirect to onboarding
       if (!hasPersonas && !onboardingComplete && !AC_BYPASS) {
-        location.hash = '#login,onboarding-config';
+        open_page('login,onboarding-config');
+        setUrlHash('login,onboarding-config');
         return;
       }
       

From f472baacf60ee5172b77e1b4c43e915cf8e254c5 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Thu, 22 Jan 2026 19:15:34 +0000
Subject: [PATCH 5/8] Fix URL protocol handling to support both HTTP and HTTPS

Co-authored-by: naielv <109038805+naielv@users.noreply.github.com>
---
 src/page/login.js | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/page/login.js b/src/page/login.js
index 545eac1..b0fb40b 100644
--- a/src/page/login.js
+++ b/src/page/login.js
@@ -76,7 +76,13 @@ PAGES.login = {
             return;
           }
           
-          localStorage.setItem('TELESEC_COUCH_URL', 'https://' + url);
+          // Normalize URL: add https:// if no protocol specified
+          var normalizedUrl = url;
+          if (!/^https?:\/\//i.test(url)) {
+            normalizedUrl = 'https://' + url;
+          }
+          
+          localStorage.setItem('TELESEC_COUCH_URL', normalizedUrl);
           localStorage.setItem('TELESEC_COUCH_DBNAME', dbname);
           localStorage.setItem('TELESEC_COUCH_USER', user);
           localStorage.setItem('TELESEC_COUCH_PASS', pass);
@@ -86,7 +92,7 @@ PAGES.login = {
           }
           
           try {
-            DB.init({ secret: SECRET, remoteServer: 'https://' + url, username: user, password: pass, dbname: dbname || undefined });
+            DB.init({ secret: SECRET, remoteServer: normalizedUrl, username: user, password: pass, dbname: dbname || undefined });
             toastr.success('Servidor configurado correctamente');
             // Continue to persona creation
             setTimeout(() => {

From d6809e51d1832f393420682b60f11abfc05ffc97 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Thu, 5 Feb 2026 15:09:00 +0000
Subject: [PATCH 6/8] Fix infinite recursion by allowing onboarding routes
 without login

Co-authored-by: naielv <109038805+naielv@users.noreply.github.com>
---
 src/app_logic.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/app_logic.js b/src/app_logic.js
index 0f0c56d..07744be 100644
--- a/src/app_logic.js
+++ b/src/app_logic.js
@@ -20,7 +20,7 @@ function open_page(params) {
   EventListeners.Custom.forEach(ev => ev());
   EventListeners.Custom = [];
 
-  if (SUB_LOGGED_IN != true && params != "login,setup") {
+  if (SUB_LOGGED_IN != true && params != "login,setup" && !params.startsWith("login,onboarding")) {
     PAGES["login"].index();
     return;
   }

From b0160b3b66babc0632a8f47743a10dfa56827630 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Thu, 5 Feb 2026 15:20:00 +0000
Subject: [PATCH 7/8] Add button disable, persona detection, and mandatory
 encryption password

Co-authored-by: naielv <109038805+naielv@users.noreply.github.com>
---
 src/page/login.js | 71 ++++++++++++++++++++++++++++++++++++++---------
 1 file changed, 58 insertions(+), 13 deletions(-)

diff --git a/src/page/login.js b/src/page/login.js
index b0fb40b..b229a91 100644
--- a/src/page/login.js
+++ b/src/page/login.js
@@ -41,8 +41,8 @@ PAGES.login = {
               <label>Contraseña
                 <input type="password" id="${field_couch_pass}" value="${localStorage.getItem('TELESEC_COUCH_PASS') || ''}"><br><br>
               </label>
-              <label>Clave de encriptación (opcional)
-                <input type="password" id="${field_secret}" value="${localStorage.getItem('TELESEC_SECRET') || ''}"><br><br>
+              <label>Clave de encriptación <span style="color: red;">*</span>
+                <input type="password" id="${field_secret}" value="${localStorage.getItem('TELESEC_SECRET') || ''}" required><br><br>
               </label>
               <button id="${btn_skip}-save" class="btn5">Guardar y Continuar</button>
             </fieldset>
@@ -60,8 +60,17 @@ PAGES.login = {
         
         document.getElementById(btn_skip).onclick = () => {
           // Continue to persona creation without server config
-          open_page('login,onboarding-persona');
-          setUrlHash('login,onboarding-persona');
+          // Check if personas already exist (shouldn't happen but safety check)
+          var hasPersonas = Object.keys(SC_Personas).length > 0;
+          if (hasPersonas) {
+            toastr.info('Ya existen personas. Saltando creación de cuenta.');
+            localStorage.setItem('TELESEC_ONBOARDING_COMPLETE', 'true');
+            open_page('login');
+            setUrlHash('login');
+          } else {
+            open_page('login,onboarding-persona');
+            setUrlHash('login,onboarding-persona');
+          }
         };
         
         document.getElementById(btn_skip + '-save').onclick = () => {
@@ -69,13 +78,18 @@ PAGES.login = {
           var dbname = document.getElementById(field_couch_dbname).value.trim();
           var user = document.getElementById(field_couch_user).value.trim();
           var pass = document.getElementById(field_couch_pass).value;
-          var secret = document.getElementById(field_secret).value || '';
+          var secret = document.getElementById(field_secret).value.trim();
           
           if (!url) {
             toastr.error('Por favor ingresa un servidor CouchDB');
             return;
           }
           
+          if (!secret) {
+            toastr.error('La clave de encriptación es obligatoria');
+            return;
+          }
+          
           // Normalize URL: add https:// if no protocol specified
           var normalizedUrl = url;
           if (!/^https?:\/\//i.test(url)) {
@@ -86,19 +100,30 @@ PAGES.login = {
           localStorage.setItem('TELESEC_COUCH_DBNAME', dbname);
           localStorage.setItem('TELESEC_COUCH_USER', user);
           localStorage.setItem('TELESEC_COUCH_PASS', pass);
-          if (secret) {
-            localStorage.setItem('TELESEC_SECRET', secret.toUpperCase());
-            SECRET = secret.toUpperCase();
-          }
+          localStorage.setItem('TELESEC_SECRET', secret.toUpperCase());
+          SECRET = secret.toUpperCase();
           
           try {
             DB.init({ secret: SECRET, remoteServer: normalizedUrl, username: user, password: pass, dbname: dbname || undefined });
             toastr.success('Servidor configurado correctamente');
-            // Continue to persona creation
+            
+            // Wait a moment for initial replication to pull personas
             setTimeout(() => {
-              open_page('login,onboarding-persona');
-              setUrlHash('login,onboarding-persona');
-            }, 500);
+              // Check if personas were replicated from server
+              var hasPersonas = Object.keys(SC_Personas).length > 0;
+              
+              if (hasPersonas) {
+                // Personas found from server, skip persona creation step
+                toastr.info('Se encontraron personas en el servidor. Saltando creación de cuenta.');
+                localStorage.setItem('TELESEC_ONBOARDING_COMPLETE', 'true');
+                open_page('login');
+                setUrlHash('login');
+              } else {
+                // No personas found, continue to persona creation
+                open_page('login,onboarding-persona');
+                setUrlHash('login,onboarding-persona');
+              }
+            }, 2000);
           } catch (e) {
             toastr.error('Error al configurar el servidor: ' + (e.message || e));
           }
@@ -109,6 +134,16 @@ PAGES.login = {
         var field_nombre = safeuuid();
         var btn_crear = safeuuid();
         
+        // Check if personas already exist
+        var hasPersonas = Object.keys(SC_Personas).length > 0;
+        if (hasPersonas) {
+          toastr.info('Se detectaron personas existentes. Redirigiendo al login.');
+          localStorage.setItem('TELESEC_ONBOARDING_COMPLETE', 'true');
+          open_page('login');
+          setUrlHash('login');
+          return;
+        }
+        
         container.innerHTML = `
           <h1>¡Bienvenido a TeleSec! 🎉</h1>
           <h2>Paso 2: Crea tu cuenta de administrador</h2>
@@ -129,6 +164,12 @@ PAGES.login = {
             return;
           }
           
+          // Disable button to prevent duplicate creation
+          var btnElement = document.getElementById(btn_crear);
+          btnElement.disabled = true;
+          btnElement.style.opacity = '0.5';
+          btnElement.innerText = 'Creando...';
+          
           // Create persona with all admin permissions from PERMS object
           var allPerms = Object.keys(PERMS).join(',') + ',';
           var personaId = safeuuid('admin-');
@@ -157,6 +198,10 @@ PAGES.login = {
             }, 500);
           }).catch((e) => {
             toastr.error('Error creando cuenta: ' + (e.message || e));
+            // Re-enable button on error
+            btnElement.disabled = false;
+            btnElement.style.opacity = '1';
+            btnElement.innerText = 'Crear cuenta y empezar';
           });
         };
       }

From ddfd653d68d4543ef58d0483d48be2a24b5944b6 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Thu, 5 Feb 2026 15:22:21 +0000
Subject: [PATCH 8/8] Add server preset selector for EuskadiTech servers

Co-authored-by: naielv <109038805+naielv@users.noreply.github.com>
---
 src/page/login.js | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/src/page/login.js b/src/page/login.js
index b229a91..bea88f0 100644
--- a/src/page/login.js
+++ b/src/page/login.js
@@ -12,6 +12,7 @@ PAGES.login = {
         var field_couch_user = safeuuid();
         var field_couch_pass = safeuuid();
         var field_secret = safeuuid();
+        var field_server_preset = safeuuid();
         var btn_existing_server = safeuuid();
         var btn_new_server = safeuuid();
         var btn_skip = safeuuid();
@@ -29,6 +30,13 @@ PAGES.login = {
           <div id="${div_server_config}" style="display:none;margin-top:20px;">
             <h3>Configuración del servidor CouchDB</h3>
             <fieldset>
+              <label>Servidor predefinido (opcional)
+                <select id="${field_server_preset}" style="width:100%;padding:8px;margin-bottom:10px;">
+                  <option value="">-- Selecciona un servidor o introduce uno manualmente --</option>
+                  <option value="b.tech.eus">b.tech.eus - EuskadiTech B1</option>
+                  <option value="c.tech.eus">c.tech.eus - EuskadiTech C1</option>
+                </select>
+              </label>
               <label>Servidor CouchDB (ej: couch.example.com)
                 <input type="text" id="${field_couch}" value="${(localStorage.getItem('TELESEC_COUCH_URL') || '').replace(/^https?:\/\//, '')}"><br><br>
               </label>
@@ -53,6 +61,14 @@ PAGES.login = {
           document.getElementById(div_server_config).style.display = 'block';
         };
         
+        // Server preset selector handler
+        document.getElementById(field_server_preset).onchange = (e) => {
+          var preset = e.target.value;
+          if (preset) {
+            document.getElementById(field_couch).value = preset;
+          }
+        };
+        
         document.getElementById(btn_new_server).onclick = () => {
           window.open('https://tech.eus/telesec-signup.php', '_blank');
           toastr.info('Una vez creado el servidor, vuelve aquí y conéctate usando el botón "Conectar a un servidor existente"');