Add multi-user auth, admin panel, and timezone support; rename to Yolkbook
- Rename app from Eggtracker to Yolkbook throughout - Add JWT-based authentication (python-jose, passlib/bcrypt) - Add users table; all data tables gain user_id FK for full data isolation - Super admin credentials sourced from ADMIN_USERNAME/ADMIN_PASSWORD env vars, synced on every startup; orphaned rows auto-assigned to admin post-migration - Login page with self-registration; JWT stored in localStorage (30-day expiry) - Admin panel (/admin): list users, reset passwords, disable/enable, delete, and impersonate (Login As) with Return to Admin banner - Settings modal (gear icon in nav): timezone selector and change password - Timezone stored per-user; stats date windows computed in user's timezone; date input setToday() respects user timezone via Intl API - migrate_v2.sql for existing single-user installs - Auto-migration adds timezone column to users on startup - Updated README with full setup, auth, admin, and migration docs Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
161
nginx/html/login.html
Normal file
161
nginx/html/login.html
Normal file
@@ -0,0 +1,161 @@
|
||||
<!DOCTYPE html>
|
||||
<html lang="en">
|
||||
<head>
|
||||
<meta charset="UTF-8">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||
<title>Login — Yolkbook</title>
|
||||
<link rel="icon" href="/favicon.svg" type="image/svg+xml">
|
||||
<link rel="stylesheet" href="/css/style.css">
|
||||
</head>
|
||||
<body class="login-body">
|
||||
<div class="login-container">
|
||||
<div class="login-brand">🥚 Yolkbook</div>
|
||||
|
||||
<!-- Sign In -->
|
||||
<div class="card login-card" id="login-panel">
|
||||
<h1 class="login-title">Sign In</h1>
|
||||
<div id="login-msg" class="message"></div>
|
||||
<form id="login-form">
|
||||
<div class="form-group" style="margin-bottom:1rem">
|
||||
<label for="username">Username</label>
|
||||
<input type="text" id="username" autocomplete="username" required autofocus>
|
||||
</div>
|
||||
<div class="form-group" style="margin-bottom:1.5rem">
|
||||
<label for="password">Password</label>
|
||||
<input type="password" id="password" autocomplete="current-password" required>
|
||||
</div>
|
||||
<button type="submit" class="btn btn-primary" style="width:100%" id="login-btn">Sign In</button>
|
||||
</form>
|
||||
<p style="text-align:center;margin-top:1rem;font-size:0.9rem;color:var(--muted)">
|
||||
No account? <a href="#" onclick="showRegister()">Create one</a>
|
||||
</p>
|
||||
</div>
|
||||
|
||||
<!-- Register -->
|
||||
<div class="card login-card" id="register-panel" style="display:none">
|
||||
<h1 class="login-title">Create Account</h1>
|
||||
<div id="reg-msg" class="message"></div>
|
||||
<form id="reg-form">
|
||||
<div class="form-group" style="margin-bottom:1rem">
|
||||
<label for="reg-username">Username</label>
|
||||
<input type="text" id="reg-username" autocomplete="username" required minlength="2" maxlength="64">
|
||||
</div>
|
||||
<div class="form-group" style="margin-bottom:1rem">
|
||||
<label for="reg-password">Password</label>
|
||||
<input type="password" id="reg-password" autocomplete="new-password" required minlength="6" placeholder="min 6 characters">
|
||||
</div>
|
||||
<div class="form-group" style="margin-bottom:1.5rem">
|
||||
<label for="reg-confirm">Confirm Password</label>
|
||||
<input type="password" id="reg-confirm" autocomplete="new-password" required>
|
||||
</div>
|
||||
<button type="submit" class="btn btn-primary" style="width:100%" id="reg-btn">Create Account</button>
|
||||
</form>
|
||||
<p style="text-align:center;margin-top:1rem;font-size:0.9rem;color:var(--muted)">
|
||||
Already have an account? <a href="#" onclick="showLogin()">Sign in</a>
|
||||
</p>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<script>
|
||||
// Redirect if already logged in
|
||||
(function () {
|
||||
const token = localStorage.getItem('token');
|
||||
if (token) {
|
||||
try {
|
||||
const payload = JSON.parse(atob(token.split('.')[1]));
|
||||
if (payload.exp > Date.now() / 1000) {
|
||||
window.location.href = '/';
|
||||
return;
|
||||
}
|
||||
} catch (_) {}
|
||||
localStorage.removeItem('token');
|
||||
}
|
||||
})();
|
||||
|
||||
function showLogin() {
|
||||
document.getElementById('register-panel').style.display = 'none';
|
||||
document.getElementById('login-panel').style.display = 'block';
|
||||
document.getElementById('username').focus();
|
||||
}
|
||||
|
||||
function showRegister() {
|
||||
document.getElementById('login-panel').style.display = 'none';
|
||||
document.getElementById('register-panel').style.display = 'block';
|
||||
document.getElementById('reg-username').focus();
|
||||
}
|
||||
|
||||
function showError(elId, text) {
|
||||
const el = document.getElementById(elId);
|
||||
el.textContent = text;
|
||||
el.className = 'message error visible';
|
||||
}
|
||||
|
||||
function showSuccess(elId, text) {
|
||||
const el = document.getElementById(elId);
|
||||
el.textContent = text;
|
||||
el.className = 'message success visible';
|
||||
}
|
||||
|
||||
// ── Login ──
|
||||
document.getElementById('login-form').addEventListener('submit', async (e) => {
|
||||
e.preventDefault();
|
||||
const btn = document.getElementById('login-btn');
|
||||
btn.disabled = true;
|
||||
btn.textContent = 'Signing in…';
|
||||
document.getElementById('login-msg').className = 'message';
|
||||
|
||||
const username = document.getElementById('username').value.trim();
|
||||
const password = document.getElementById('password').value;
|
||||
|
||||
try {
|
||||
const res = await fetch('/api/auth/login', {
|
||||
method: 'POST',
|
||||
headers: { 'Content-Type': 'application/json' },
|
||||
body: JSON.stringify({ username, password }),
|
||||
});
|
||||
const data = await res.json();
|
||||
if (!res.ok) { showError('login-msg', data.detail || 'Login failed'); return; }
|
||||
localStorage.setItem('token', data.access_token);
|
||||
window.location.href = '/';
|
||||
} catch (err) {
|
||||
showError('login-msg', 'Could not reach the server. Please try again.');
|
||||
} finally {
|
||||
btn.disabled = false;
|
||||
btn.textContent = 'Sign In';
|
||||
}
|
||||
});
|
||||
|
||||
// ── Register ──
|
||||
document.getElementById('reg-form').addEventListener('submit', async (e) => {
|
||||
e.preventDefault();
|
||||
const btn = document.getElementById('reg-btn');
|
||||
const username = document.getElementById('reg-username').value.trim();
|
||||
const password = document.getElementById('reg-password').value;
|
||||
const confirm = document.getElementById('reg-confirm').value;
|
||||
|
||||
if (password !== confirm) { showError('reg-msg', 'Passwords do not match'); return; }
|
||||
|
||||
btn.disabled = true;
|
||||
btn.textContent = 'Creating account…';
|
||||
document.getElementById('reg-msg').className = 'message';
|
||||
|
||||
try {
|
||||
const res = await fetch('/api/auth/register', {
|
||||
method: 'POST',
|
||||
headers: { 'Content-Type': 'application/json' },
|
||||
body: JSON.stringify({ username, password }),
|
||||
});
|
||||
const data = await res.json();
|
||||
if (!res.ok) { showError('reg-msg', data.detail || 'Registration failed'); return; }
|
||||
localStorage.setItem('token', data.access_token);
|
||||
window.location.href = '/';
|
||||
} catch (err) {
|
||||
showError('reg-msg', 'Could not reach the server. Please try again.');
|
||||
} finally {
|
||||
btn.disabled = false;
|
||||
btn.textContent = 'Create Account';
|
||||
}
|
||||
});
|
||||
</script>
|
||||
</body>
|
||||
</html>
|
||||
Reference in New Issue
Block a user