RainerWieland/spawner
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
27 Commits 1 Branch 0 Tags 7.4 MiB
20a0f3d6af
Commit Graph

12 Commits

Author SHA1 Message Date
XPS\Micro
20a0f3d6af feat: Implement passwordless authentication with Magic Links 
Major changes:
- Remove username and password_hash from User model
- Add MagicLinkToken table for one-time-use email authentication
- Implement Magic Link email sending with 15-minute expiration
- Update all auth endpoints (/login, /signup) to use email only
- Create verify-signup and verify-login pages for token verification
- Container URLs now use slug instead of username (e.g., /u-a3f9c2d1)
- Add rate limiting: max 3 Magic Links per email per hour
- Remove password reset functionality (no passwords to reset)

Backend changes:
- api.py: Complete rewrite of auth routes (magic link based)
- models.py: Remove username/password, add slug and MagicLinkToken
- email_service.py: Add Magic Link generation and email sending
- admin_api.py: Remove password reset, update to use email identifiers
- container_manager.py: Use slug instead of username for routing
- config.py: Add MAGIC_LINK_TOKEN_EXPIRY and MAGIC_LINK_RATE_LIMIT

Frontend changes:
- src/lib/api.ts: Update auth functions and User interface
- src/hooks/use-auth.tsx: Implement verifySignup/verifyLogin
- src/app/login/page.tsx: Email-only login form
- src/app/signup/page.tsx: Email-only signup form
- src/app/verify-signup/page.tsx: NEW - Signup token verification
- src/app/verify-login/page.tsx: NEW - Login token verification
- src/app/dashboard/page.tsx: Display slug instead of username

Infrastructure:
- install.sh: Simplified, no migration needed (db.create_all handles it)
- .env.example: Add MAGIC_LINK_TOKEN_EXPIRY and MAGIC_LINK_RATE_LIMIT
- Add IMPLEMENTATION-GUIDE.md with detailed setup instructions

Security improvements:
- No password storage = no password breaches
- One-time-use tokens prevent replay attacks
- 15-minute token expiration limits attack window
- Rate limiting prevents email flooding

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
 2026-01-31 16:19:22 +01:00
XPS\Micro
676fcea493 fix: correct indentation in spawner-api error handling 
- Fixed indentation mismatch in error handling block
- Consistent with other build error blocks
 2026-01-31 12:49:31 +01:00
XPS\Micro
912904802c chore: unified logging in install.sh 
- All build logs now written to spawner-install.log
- Added clear section headers for each build
- Replaced separate temp log files with single log file
- Added log file path hint at end of installation
 2026-01-31 12:30:16 +01:00
XPS\Micro
9e352f7430 Remove --progress=plain flag for older Docker versions (Synology) 2026-01-30 23:03:40 +01:00
XPS\Micro
e27693a1a2 Fix Docker build verification: check exit code and image existence 2026-01-30 22:58:34 +01:00
XPS\Micro
d2a2905369 Fix git safe.directory for NAS/Synology environments 2026-01-30 22:29:25 +01:00
XPS\Micro
68e1320d20 Add --no-cache to all Docker builds 2026-01-30 21:56:15 +01:00
XPS\Micro
c80d3c0d92 Script modified 2026-01-30 21:45:27 +01:00
XPS\Micro
43c26dc8f8 script optimized for Synology NAS 2026-01-30 21:16:23 +01:00
XPS\Micro
31165c9367 add indicator 2026-01-30 21:09:02 +01:00
XPS\Micro
6664be6149 script modified (add Versionchecks) 2026-01-30 18:06:52 +01:00
XPS\Micro
c363351483 Initial project structure with documentation 2026-01-30 18:00:41 +01:00