feat: integrate QR code functionality using qrcode library

- Added QRCodeDisplay component for rendering QR codes.
- Updated MFASettings component to use QRCodeDisplay for MFA setup.
- Modified TunnelStatus component to display QR codes using QRCodeDisplay.
- Refactored ChannelsView to utilize QRCodeDisplay for WeChat ILink setup.
- Removed unused QR code properties from API responses and components.
- Updated tests for MFASettings, TunnelStatus, and ChannelsView to accommodate QR code changes.
- Added type definitions for qrcode library.

Author: orca-zhang

server/go.mod

@@ -36,12 +36,10 @@ require (
 	github.com/nlpodyssey/cybertron v0.2.1
 	github.com/orca-zhang/ecache v1.1.3
 	github.com/orca-zhang/ecache2 v0.0.1
-	github.com/pquerna/otp v1.5.0
 	github.com/prometheus/client_golang v1.23.2
 	github.com/robfig/cron/v3 v3.0.1
 	github.com/rs/zerolog v1.34.0
 	github.com/shirou/gopsutil/v3 v3.24.5
-	github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e
 	github.com/sourcegraph/conc v0.3.0
 	github.com/spf13/cobra v1.10.2
 	github.com/stretchr/testify v1.11.1
@@ -69,7 +67,6 @@ require (
 	github.com/BurntSushi/toml v1.6.0 // indirect
 	github.com/apparentlymart/go-cidr v1.1.0 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
-	github.com/boombuler/barcode v1.0.1 // indirect
 	github.com/cespare/xxhash/v2 v2.3.0 // indirect
 	github.com/coredns/caddy v1.1.1 // indirect
 	github.com/coredns/coredns v1.11.3 // indirect

server/go.sum

@@ -14,9 +14,6 @@ github.com/asg017/sqlite-vec-go-bindings v0.1.6 h1:Nx0jAzyS38XpkKznJ9xQjFXz2X9tI
 github.com/asg017/sqlite-vec-go-bindings v0.1.6/go.mod h1:A8+cTt/nKFsYCQF6OgzSNpKZrzNo5gQsXBTfsXHXY0Q=
 github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
 github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
-github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8=
-github.com/boombuler/barcode v1.0.1 h1:NDBbPmhS+EqABEs5Kg3n/5ZNjy73Pz7SIV+KCeqyXcs=
-github.com/boombuler/barcode v1.0.1/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8=
 github.com/bwmarrin/discordgo v0.29.0 h1:FmWeXFaKUwrcL3Cx65c20bTRW+vOb6k8AnaP+EgjDno=
 github.com/bwmarrin/discordgo v0.29.0/go.mod h1:NJZpH+1AfhIcyQsPeuBKsUtYrRnjkyu0kIVMCHkZtRY=
 github.com/cespare/xxhash/v2 v2.1.2/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
@@ -299,8 +296,6 @@ github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRI
 github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55 h1:o4JXh1EVt9k/+g42oCprj/FisM4qX9L3sZB3upGN2ZU=
 github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55/go.mod h1:OmDBASR4679mdNQnz2pUhc2G8CO2JrUAVFDRBDP/hJE=
-github.com/pquerna/otp v1.5.0 h1:NMMR+WrmaqXU4EzdGJEE1aUUI0AMRzsp96fFFWNPwxs=
-github.com/pquerna/otp v1.5.0/go.mod h1:dkJfzwRKNiegxyNb54X/3fLwhCynbMspSyWKnvi1AEg=
 github.com/prometheus/client_golang v1.23.2 h1:Je96obch5RDVy3FDMndoUsjAhG5Edi49h0RJWRi/o0o=
 github.com/prometheus/client_golang v1.23.2/go.mod h1:Tb1a6LWHB3/SPIzCoaDXI4I8UHKeFTEQ1YCr+0Gyqmg=
 github.com/prometheus/client_model v0.6.2 h1:oBsgwpGs7iVziMvrGhE53c/GrLUsZdHnqNwqPLxwZyk=
@@ -326,8 +321,6 @@ github.com/shoenig/go-m1cpu v0.1.6 h1:nxdKQNcEB6vzgA2E2bvzKIYRuNj7XNJ4S/aRSwKzFt
 github.com/shoenig/go-m1cpu v0.1.6/go.mod h1:1JJMcUBvfNwpq05QDQVAnx3gUHr9IYF7GNg9SUEw2VQ=
 github.com/shoenig/test v0.6.4 h1:kVTaSd7WLz5WZ2IaoM0RSzRsUD+m8wRR+5qvntpn4LU=
 github.com/shoenig/test v0.6.4/go.mod h1:byHiCGXqrVaflBLAMq/srcZIHynQPQgeyvkvXnjqq0k=
-github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e h1:MRM5ITcdelLK2j1vwZ3Je0FKVCfqOLp5zO6trqMLYs0=
-github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e/go.mod h1:XV66xRDqSt+GTGFMVlhk3ULuV0y9ZmzeVGR4mloJI3M=
 github.com/smarty/assertions v1.16.0 h1:EvHNkdRA4QHMrn75NZSoUQ/mAUXAYWfatfB01yTCzfY=
 github.com/smarty/assertions v1.16.0/go.mod h1:duaaFdCS0K9dnoM50iyek/eYINOZ64gbh1Xlf6LG7AI=
 github.com/smartystreets/goconvey v1.8.1 h1:qGjIddxOk4grTu9JPOU31tVfq3cNdBlNa5sSznIX1xY=

server/internal/api/remote_access.go

@@ -192,7 +192,7 @@ func (h *RemoteAccessHandler) GetRemoteAccessStatus(c echo.Context) error {
 	})
 }
 
-// GetQRCode returns a QR code for the current tunnel URL.
+// GetQRCode returns the raw QR payload for the current tunnel URL.
 func (h *RemoteAccessHandler) GetQRCode(c echo.Context) error {
 	// Check if tunnel is running
 	if !h.tunnelManager.IsRunning() {
@@ -211,19 +211,10 @@ func (h *RemoteAccessHandler) GetQRCode(c echo.Context) error {
 		})
 	}
 
-	// Generate QR code
-	qrData, err := ngrok.GenerateQRCode(url, 200)
-	if err != nil {
-		return c.JSON(http.StatusInternalServerError, map[string]interface{}{
-			"success": false,
-			"error":   err.Error(),
-		})
-	}
-
 	return c.JSON(http.StatusOK, map[string]interface{}{
 		"success": true,
 		"url":     url,
-		"qrcode":  qrData,
+		"qr_url":  url,
 	})
 }
 

server/internal/api/remote_access_sdk.go

@@ -123,7 +123,7 @@ func (h *SDKRemoteAccessHandler) GetRemoteAccessStatus(c echo.Context) error {
 	})
 }
 
-// GetQRCode generates a QR code for the tunnel URL with embedded auth token.
+// GetQRCode returns the raw QR payload for the tunnel URL with embedded auth token.
 func (h *SDKRemoteAccessHandler) GetQRCode(c echo.Context) error {
 	tunnelURL := h.tunnelManager.GetURL()
 	if tunnelURL == "" {
@@ -133,29 +133,12 @@ func (h *SDKRemoteAccessHandler) GetQRCode(c echo.Context) error {
 		})
 	}
 
-	// Build QR URL: tunnel + /chat + token (if JWT service available)
-	qrURL := tunnelURL + "/chat"
-	if h.jwtService != nil {
-		if userClaims := auth.GetUserFromContext(c); userClaims != nil {
-			token, err := h.jwtService.GenerateAccessToken(userClaims)
-			if err == nil {
-				qrURL += "?access_token=" + token
-			}
-		}
-	}
-
-	qrcode, err := ngrok.GenerateQRCode(qrURL, 200)
-	if err != nil {
-		return c.JSON(http.StatusInternalServerError, map[string]interface{}{
-			"success": false,
-			"error":   err.Error(),
-		})
-	}
+	qrURL := buildTunnelQRURL(tunnelURL, h.jwtService, auth.GetUserFromContext(c))
 
 	return c.JSON(http.StatusOK, map[string]interface{}{
 		"success": true,
 		"url":     tunnelURL,
-		"qrcode":  qrcode,
+		"qr_url":  qrURL,
 	})
 }
 

server/internal/api/tunnel_handler.go

@@ -416,7 +416,7 @@ func (h *TunnelHandler) GetTunnelStatus(c echo.Context) error {
 	})
 }
 
-// GetQRCode generates a QR code for the tunnel URL.
+// GetQRCode returns the raw QR payload for the tunnel URL.
 func (h *TunnelHandler) GetQRCode(c echo.Context) error {
 	h.mu.RLock()
 	active := h.active
@@ -437,29 +437,12 @@ func (h *TunnelHandler) GetQRCode(c echo.Context) error {
 		})
 	}
 
-	// Build QR URL: tunnel + /chat + token (if JWT service available)
-	qrURL := url + "/chat"
-	if h.jwtService != nil {
-		if userClaims := auth.GetUserFromContext(c); userClaims != nil {
-			token, err := h.jwtService.GenerateAccessToken(userClaims)
-			if err == nil {
-				qrURL += "?access_token=" + token
-			}
-		}
-	}
-
-	qrcode, err := ngrok.GenerateQRCode(qrURL, 200)
-	if err != nil {
-		return c.JSON(http.StatusInternalServerError, map[string]interface{}{
-			"success": false,
-			"error":   err.Error(),
-		})
-	}
+	qrURL := buildTunnelQRURL(url, h.jwtService, auth.GetUserFromContext(c))
 
 	return c.JSON(http.StatusOK, map[string]interface{}{
 		"success": true,
 		"url":     url,
-		"qrcode":  qrcode,
+		"qr_url":  qrURL,
 	})
 }
 

server/internal/api/tunnel_handler_test.go

@@ -368,6 +368,46 @@ func TestTunnelHandler_GetQRCode_NoActiveTunnel(t *testing.T) {
 	}
 }
 
+func TestTunnelHandler_GetQRCode_ReturnsRawQRURLWithoutImageData(t *testing.T) {
+	h := NewTunnelHandler(nil, 80)
+	manager := &stubTunnelManager{
+		provider: tunnel.ProviderAuto,
+		running:  true,
+		url:      "https://blue.example.com",
+	}
+	h.active = manager
+
+	e := echo.New()
+	h.RegisterRoutes(e)
+
+	req := httptest.NewRequest(http.MethodGet, "/api/v1/tunnel/qrcode", nil)
+	rec := httptest.NewRecorder()
+
+	e.ServeHTTP(rec, req)
+
+	if rec.Code != http.StatusOK {
+		t.Fatalf("Status code = %d, want %d body=%s", rec.Code, http.StatusOK, rec.Body.String())
+	}
+
+	var resp map[string]interface{}
+	if err := json.Unmarshal(rec.Body.Bytes(), &resp); err != nil {
+		t.Fatalf("Failed to unmarshal response: %v", err)
+	}
+
+	if resp["success"] != true {
+		t.Fatal("Expected success to be true")
+	}
+	if got := resp["url"]; got != "https://blue.example.com" {
+		t.Fatalf("url = %v, want %q", got, "https://blue.example.com")
+	}
+	if got := resp["qr_url"]; got != "https://blue.example.com/chat" {
+		t.Fatalf("qr_url = %v, want %q", got, "https://blue.example.com/chat")
+	}
+	if _, ok := resp["qrcode"]; ok {
+		t.Fatal("response should not include backend QR image data")
+	}
+}
+
 func TestTunnelHandler_BackwardsCompatibility(t *testing.T) {
 	_, e := setupTunnelHandler(t)
 

server/internal/api/tunnel_qr.go

@@ -0,0 +1,24 @@
+package api
+
+import (
+	"strings"
+
+	"github.com/IceWhaleTech/ZimaOS-Blue/server/internal/auth"
+)
+
+func buildTunnelQRURL(baseURL string, jwtService *auth.JWTService, userClaims *auth.UserClaims) string {
+	qrURL := strings.TrimSpace(baseURL)
+	if qrURL == "" {
+		return ""
+	}
+
+	qrURL = strings.TrimRight(qrURL, "/") + "/chat"
+	if jwtService != nil && userClaims != nil {
+		token, err := jwtService.GenerateAccessToken(userClaims)
+		if err == nil && strings.TrimSpace(token) != "" {
+			qrURL += "?access_token=" + token
+		}
+	}
+
+	return qrURL
+}

server/internal/mfa/handler.go

@@ -6,10 +6,10 @@ import (
 	"sync"
 	"time"
 
+	"github.com/IceWhaleTech/ZimaOS-Blue/server/internal/timeutil"
 	"github.com/go-webauthn/webauthn/protocol"
 	"github.com/google/uuid"
 	"github.com/labstack/echo/v4"
-	"github.com/IceWhaleTech/ZimaOS-Blue/server/internal/timeutil"
 )
 
 // Handler handles HTTP requests for MFA operations.
@@ -88,16 +88,10 @@ func (h *Handler) RegisterRoutes(g *echo.Group) {
 	webauthn.DELETE("/credentials/:id", h.WebAuthnDeleteCredential)
 }
 
-// SetupRequest represents a request to start MFA setup.
-type SetupRequest struct {
-	IncludeQRCode bool `json:"include_qr_code"`
-}
-
 // SetupResponseDTO represents the response for MFA setup.
 type SetupResponseDTO struct {
 	Secret string `json:"secret"`
 	URI    string `json:"uri"`
-	QRCode string `json:"qr_code,omitempty"`
 }
 
 // Setup handles MFA setup initiation.
@@ -112,12 +106,7 @@ func (h *Handler) Setup(c echo.Context) error {
 		username = userID.String()
 	}
 
-	var req SetupRequest
-	if err := c.Bind(&req); err != nil {
-		req.IncludeQRCode = true // Default to including QR code
-	}
-
-	setup, err := h.totp.Setup(username, req.IncludeQRCode)
+	setup, err := h.totp.Setup(username)
 	if err != nil {
 		return echo.NewHTTPError(http.StatusInternalServerError, "failed to generate MFA setup")
 	}
@@ -130,7 +119,6 @@ func (h *Handler) Setup(c echo.Context) error {
 	return c.JSON(http.StatusOK, &SetupResponseDTO{
 		Secret: setup.Secret,
 		URI:    setup.URI,
-		QRCode: setup.QRCode,
 	})
 }
 
@@ -212,9 +200,9 @@ func (h *Handler) Disable(c echo.Context) error {
 
 // StatusResponse represents the MFA status response.
 type StatusResponse struct {
-	Enabled        bool `json:"enabled"`
-	RecoveryCount  int  `json:"recovery_codes_remaining"`
-	SetupRequired  bool `json:"setup_required,omitempty"`
+	Enabled       bool `json:"enabled"`
+	RecoveryCount int  `json:"recovery_codes_remaining"`
+	SetupRequired bool `json:"setup_required,omitempty"`
 }
 
 // Status handles getting MFA status.

server/internal/mfa/handler_test.go

@@ -32,9 +32,7 @@ func TestNewHandler(t *testing.T) {
 func TestHandler_Setup(t *testing.T) {
 	handler, e := setupTestHandler()
 
-	reqBody := `{"include_qr_code":true}`
-	req := httptest.NewRequest(http.MethodPost, "/auth/mfa/setup", strings.NewReader(reqBody))
-	req.Header.Set(echo.HeaderContentType, echo.MIMEApplicationJSON)
+	req := httptest.NewRequest(http.MethodPost, "/auth/mfa/setup", nil)
 	rec := httptest.NewRecorder()
 	c := e.NewContext(req, rec)
 	c.Set("user_id", uuid.New())
@@ -60,9 +58,6 @@ func TestHandler_Setup(t *testing.T) {
 	if resp.URI == "" {
 		t.Error("Setup() URI is empty")
 	}
-	if resp.QRCode == "" {
-		t.Error("Setup() QR code is empty when requested")
-	}
 }
 
 func TestHandler_Setup_Unauthorized(t *testing.T) {