Warren
3221b10918
feat: Add user authentication for File Tree with id/password login
Major features:
1. File Tree authentication system:
- User ID + Password login modal
- Each user_id accesses separate database (data/users/<user_id>.sqlite)
- Reuses existing auth system (/api/v2/auth/login)
2. TreeLoginModal UI:
- User ID input field
- Password input with eye icon toggle (👁 ↔ 🙈)
- Enter key submission support
- Error messages display
- Cross-browser compatible
3. Token-based authentication:
- localStorage: tree_token + tree_user
- Bearer Authorization header for all tree API calls
- Token verification before tree access
- Auto-clear invalid tokens
4. Modified functions:
- toggleTree(): Check token validity before opening
- loadTree(): Add Authorization header
- applyIcon(): Add Authorization header
- organizeTree(): Add Authorization header
- New: showTreeLoginModal(), submitTreeLogin(), toggleTreePassword()
5. Security improvements:
- Restored verify_auth() check in get_tree() handler
- All tree API endpoints require authentication
- User-specific database access control
Architecture:
- Independent from admin authentication system
- Uses same backend auth (PostgreSQL sync)
- Separate localStorage keys (tree_token vs admin_token)
User workflow:
1. Click 🗂File Tree → Login modal appears
2. Enter user_id (e.g., demo) + password (e.g., demo123)
3. Login success → Tree loads with user-specific data
4. Each user sees only their own files
Files changed:
- src/server.rs: Restored auth check in get_tree()
- src/page.html: +130 lines (login modal + auth logic)
Test credentials:
- demo / demo123 (50 nodes)
- warren / demo123
- momentry / demo123
Status: File Tree authentication fully functional
2026-05-16 22:30:07 +08:00
..
2026-05-16 15:37:37 +08:00
2026-05-16 15:37:37 +08:00
2026-05-16 22:30:07 +08:00
2026-05-16 20:47:28 +08:00