Go to file
Paul Trowbridge 31135cf5be web: add session-cookie login for web UI
- New pipekit/web/auth.py: itsdangerous-signed cookie, 8hr expiry,
  auto-generates signing secret in settings table on first use
- GET/POST /login and POST /logout routes (public, no auth dependency)
- All other web routes protected via router-level require_web_auth dep
- Starlette middleware injects request.state.current_user for templates
- Topbar shows logged-in username + logout button when session active
- Reuses existing api_user/api_pass credentials and api_auth_enabled flag
- Add itsdangerous>=2.1 to requirements.txt
- Enable api_auth_enabled in config.yaml

Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
2026-06-04 13:21:50 -04:00
.archive/pre-rewrite Initial commit: Pipekit rewrite. 2026-04-22 00:38:26 -04:00
bin bin/pipekit auto-detects venv; stop rewriting it in deploy.sh. 2026-04-23 00:34:32 -04:00
pipekit web: add session-cookie login for web UI 2026-06-04 13:21:50 -04:00
systemd Add scheduling, harden deploy, and update docs 2026-06-03 21:18:13 -04:00
.gitignore track pipekit.db in git for backup purposes 2026-05-30 22:48:10 -04:00
CLAUDE.md CLAUDE.md: document local time scheduling and JAVA_HOME deploy behavior 2026-06-03 23:51:12 -04:00
config.yaml web: add session-cookie login for web UI 2026-06-04 13:21:50 -04:00
deploy.sh deploy.sh: detect JAVA_HOME and inject into systemd unit at deploy time 2026-06-03 23:34:27 -04:00
pipekit.db track pipekit.db in git for backup purposes 2026-05-30 22:48:10 -04:00
requirements.txt web: add session-cookie login for web UI 2026-06-04 13:21:50 -04:00
SPEC.md Add scheduling, harden deploy, and update docs 2026-06-03 21:18:13 -04:00