mirror/container-census
1
0
Fork 0
mirror of https://github.com/selfhosters-cc/container-census.git synced 2025-12-30 10:29:37 -06:00
Code Issues Packages Projects Releases Wiki Activity
Files
474d78b8014f3bb0ba57b308cd61bfe9eb82d7b1
container-census/cmd/server
History
Self Hosters c91b84bbfc Implement session-based authentication for Next.js frontend 
This commit adds complete authentication support to the Next.js frontend,
matching the existing vanilla JS implementation with session-based auth.

Frontend Changes (Next.js):
- Add AuthContext for global auth state management
- Create login page with gradient UI matching vanilla JS design
- Implement ProtectedRoute wrapper for route protection
- Add logout button to Header component
- Move all app pages to (protected)/ route group
- Update API client with improved 401 handling
- Add auth-related TypeScript types

Backend Changes:
- Update static file serving to support both Next.js and vanilla JS
- Add support for /login route (Next.js) in addition to /login.html
- Allow /_next/* routes for Next.js static assets
- Redirect unauthenticated users to /login instead of /login.html

Authentication Flow:
1. User visits app → AuthContext checks session by calling /api/containers
2. If 401 → Redirect to /login page
3. User submits credentials → POST /api/login
4. Backend creates session cookie → Frontend updates context
5. User can access protected routes with valid session
6. Logout destroys session and redirects to login

Key Features:
- Session-based auth with 7-day HTTP-only cookies
- Backward compatible with vanilla JS frontend
- AUTH_ENABLED=false support (skip login entirely)
- XSS protection via HTTP-only cookies
- CSRF protection via SameSite=Lax
- No passwords stored client-side

Files Added:
- web-next/src/contexts/AuthContext.tsx
- web-next/src/app/login/page.tsx
- web-next/src/components/auth/ProtectedRoute.tsx
- web-next/src/app/(protected)/layout.tsx

Files Modified:
- internal/api/handlers.go (static file routing)
- web-next/src/app/layout.tsx (AuthProvider wrapper)
- web-next/src/components/layout/Header.tsx (logout button)
- web-next/src/lib/api.ts (401 handling)
- web-next/src/types/index.ts (auth types)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2025-12-14 12:24:35 -05:00
..
main.go
Implement session-based authentication for Next.js frontend
2025-12-14 12:24:35 -05:00