steve
f827210a07
Three-tier user model: admin (all accounts, all actions), editor (assigned accounts, read/write), viewer (assigned accounts, read-only). Backend: - express-session with custom SQLite session store (no extra packages) - bcryptjs for password hashing - src/middleware/auth.js: requireAuth, requireAdmin, requireEditor, canAccessAccount helpers - src/routes/auth.js: login, logout, /me, setup-needed, change-password - src/routes/users.js: full CRUD + account assignments (admin only) - All API routes protected; /api/accounts filtered by user access; write routes gated by requireEditor; admin-only routes locked down Frontend: - Login overlay (full-page) with first-run admin-setup flow - Role-based UI: admin-only elements hidden for non-admins; edit/delete and PDF buttons hidden for viewers; account switcher shows only accessible accounts for non-admins - Users modal (admin only): user list with role badges, create/edit/delete users, set account access via checkboxes - Change-password section available to all logged-in users - apiFetch redirects to login on 401
26 lines
539 B
JSON
26 lines
539 B
JSON
{
|
|
"name": "ezcheck",
|
|
"version": "0.1.0",
|
|
"description": "Self-hosted check printing web app",
|
|
"main": "src/app.js",
|
|
"scripts": {
|
|
"start": "node src/app.js",
|
|
"dev": "nodemon src/app.js",
|
|
"migrate": "node migrations/import-mdb.js"
|
|
},
|
|
"dependencies": {
|
|
"bcryptjs": "^3.0.3",
|
|
"better-sqlite3": "^9.4.3",
|
|
"express": "^4.18.3",
|
|
"express-session": "^1.19.0",
|
|
"multer": "^2.1.1",
|
|
"pdfkit": "^0.15.0"
|
|
},
|
|
"devDependencies": {
|
|
"nodemon": "^3.1.0"
|
|
},
|
|
"engines": {
|
|
"node": ">=20"
|
|
}
|
|
}
|