summaryrefslogtreecommitdiff
path: root/internal/auth/handlers.go
AgeCommit message (Collapse)Author
2026-02-05Add passkey (WebAuthn) authentication supportPeter Stone
Enable passwordless login via passkeys as an alternative to password auth. Users register passkeys from Settings; the login page offers both options. WebAuthn is optional — only active when WEBAUTHN_RP_ID and WEBAUTHN_ORIGIN env vars are set. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-01-20Add CSRF protection and auth unit testsPeter Stone
Add CSRF token middleware for state-changing request protection, integrate tokens into templates and HTMX headers, and add unit tests for authentication service and handlers. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-20Add session-based authenticationPeter Stone
Implement secure authentication using scs session manager with SQLite backing store and bcrypt password hashing. - Add users and sessions tables (migration 004) - Create internal/auth package with Service, Middleware, and Handlers - Protect all routes except /login, /logout, /static/* - Add login page template and logout button to dashboard - Default credentials: admin/changeme (configurable via env vars) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
generated by cgit v1.2.3 (git 2.39.1) at 2026-03-28 10:49:09 +0000