implement user authentication, role-based access control, and multi-user instance isolation

2026-04-18 17:00:13 +02:00 · 2026-04-18 17:00:13 +02:00 · bb7053b01e
commit bb7053b01e
parent 844879d301
6 changed files with 354 additions and 19 deletions
--- a/static/app.js
+++ b/static/app.js
@ -113,14 +113,18 @@ document.addEventListener('DOMContentLoaded', () => {

    loginForm.addEventListener('submit', async (e) => {
        e.preventDefault();
+        const username = document.getElementById('login-username').value;
        const password = document.getElementById('login-password').value;
        try {
            const res = await fetch('/api/login', {
                method: 'POST',
                headers: { 'Content-Type': 'application/json' },
-                body: JSON.stringify({ password })
+                body: JSON.stringify({ username, password })
            });
            if (res.ok) {
+                const data = await res.json();
+                currentUser = data.user;
+                setupUIForUser();
                hideLogin();
                loginError.style.display = 'none';
                document.getElementById('login-password').value = '';
@ -134,15 +138,66 @@ document.addEventListener('DOMContentLoaded', () => {
        }
    });

+    const setupUIForUser = () => {
+        if (currentUser.is_admin) {
+            navAdmin.style.display = 'block';
+        } else {
+            navAdmin.style.display = 'none';
+        }
+    };
+
    logoutBtn.addEventListener('click', async () => {
        try {
            await fetch('/api/logout');
+            currentUser = null;
            showLogin();
        } catch (e) {
            console.error('Logout error', e);
        }
    });

+    createUserForm.addEventListener('submit', async (e) => {
+        e.preventDefault();
+        const username = document.getElementById('new-username').value;
+        const password = document.getElementById('new-password').value;
+        const is_admin = document.getElementById('new-is-admin').checked;
+        try {
+            const res = await fetch('/api/users', {
+                method: 'POST',
+                headers: { 'Content-Type': 'application/json' },
+                body: JSON.stringify({ username, password, is_admin })
+            });
+            if (res.ok) {
+                createUserForm.reset();
+                fetchUsers();
+            } else {
+                const data = await res.json();
+                alert(data.detail || 'Failed to create user');
+            }
+        } catch (e) {
+            console.error('Error creating user', e);
+        }
+    });
+
+    changePasswordForm.addEventListener('submit', async (e) => {
+        e.preventDefault();
+        const password = document.getElementById('profile-new-password').value;
+        try {
+            const res = await fetch('/api/users/me/password', {
+                method: 'PUT',
+                headers: { 'Content-Type': 'application/json' },
+                body: JSON.stringify({ password })
+            });
+            if (res.ok) {
+                changePasswordForm.reset();
+                profileSuccess.style.display = 'block';
+                setTimeout(() => profileSuccess.style.display = 'none', 3000);
+            }
+        } catch (e) {
+            console.error('Error changing password', e);
+        }
+    });
+
    refreshBtn.addEventListener('click', fetchInstances);

    window.deleteInstance = async (id) => {