feat: add app-level authentication with login, session cookies, and admin panel
Replace Nginx basic auth with proper user accounts: - Session cookies via itsdangerous (30-day expiry, httponly, secure) - Password hashing with bcrypt via passlib - Login page with AC-themed UI - Admin page for user management (CRUD) - AuthMiddleware exempts plugin WS and browser WS endpoints - Issues/comments author auto-populated from session - Sidebar shows logged-in username, admin link, and logout - Seed users: erik (admin), alex, lundberg - SECRET_KEY env var for cookie signing
This commit is contained in:
parent
fac5063878
commit
b09169ade2
9 changed files with 878 additions and 60 deletions
|
|
@ -16,7 +16,9 @@ RUN python -m pip install --upgrade pip && \
|
|||
sqlalchemy \
|
||||
alembic \
|
||||
psycopg2-binary \
|
||||
httpx
|
||||
httpx \
|
||||
passlib[bcrypt] \
|
||||
itsdangerous
|
||||
|
||||
## Copy application source code and migration scripts into container
|
||||
COPY static/ /app/static/
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue