mirror of
https://github.com/tmdinosaurcenter/kiosk-guestbook.git
synced 2026-06-03 22:48:20 -06:00
steve
2d4eac6583
Replaces browser-cached Basic Auth credentials with proper server-side session management. Logout now fully invalidates the session. Adds an HTML login form at /admin/login, SECRET_KEY env var support, and updates README with key generation instructions and role table.
35 lines
1.5 KiB
HTML
35 lines
1.5 KiB
HTML
<!doctype html>
|
|
<html lang="en">
|
|
<head>
|
|
<meta charset="utf-8" />
|
|
<meta name="viewport" content="width=device-width, initial-scale=1" />
|
|
<title>Guestbook Admin — Login</title>
|
|
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css" rel="stylesheet" />
|
|
</head>
|
|
<body class="bg-light">
|
|
<div class="container py-5" style="max-width: 400px;">
|
|
<h1 class="h4 mb-4 text-center">Admin Login</h1>
|
|
<div class="card">
|
|
<div class="card-body">
|
|
{% if error %}
|
|
<div class="alert alert-danger py-2">{{ error }}</div>
|
|
{% endif %}
|
|
<form method="POST" action="{{ url_for('admin_login', next=request.args.get('next', '')) }}">
|
|
<div class="mb-3">
|
|
<label for="username" class="form-label">Username</label>
|
|
<input type="text" id="username" name="username" class="form-control"
|
|
autocomplete="username" required autofocus />
|
|
</div>
|
|
<div class="mb-3">
|
|
<label for="password" class="form-label">Password</label>
|
|
<input type="password" id="password" name="password" class="form-control"
|
|
autocomplete="current-password" required />
|
|
</div>
|
|
<button type="submit" class="btn btn-primary w-100">Log In</button>
|
|
</form>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
</body>
|
|
</html>
|