feat: add app-level authentication with login, session cookies, and admin panel
Replace Nginx basic auth with proper user accounts: - Session cookies via itsdangerous (30-day expiry, httponly, secure) - Password hashing with bcrypt via passlib - Login page with AC-themed UI - Admin page for user management (CRUD) - AuthMiddleware exempts plugin WS and browser WS endpoints - Issues/comments author auto-populated from session - Sidebar shows logged-in username, admin link, and logout - Seed users: erik (admin), alex, lundberg - SECRET_KEY env var for cookie signing
This commit is contained in:
Erik
parent
fac5063878
commit
b09169ade2
9 changed files with 878 additions and 60 deletions
|
|
@ -113,6 +113,13 @@
|
|||
|
||||
|
||||
<ul id="playerList"></ul>
|
||||
|
||||
<!-- User info section (populated by script.js after /me fetch) -->
|
||||
<div id="userInfo" class="user-info" style="display:none;">
|
||||
<span id="currentUsername" class="user-info-name"></span>
|
||||
<a href="#" id="adminLink" class="user-info-admin" style="display:none;" onclick="window.open('/admin/users','_blank')">Admin</a>
|
||||
<a href="/logout" class="user-info-logout">Logout</a>
|
||||
</div>
|
||||
</aside>
|
||||
|
||||
<!-- Epic rare notifications container -->
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue