Add session-based authentication with login/logout
- Users and sessions tables (Argon2 password hashing, SHA-256 session tokens) - Server hooks validate session cookie on every request - (app) routes redirect to /login if not authenticated - Login page with email/password, styled matching budget app - Logout via POST form action (invalidates session) - User display name and sign out button in header - create-user CLI script: npm run create-user <email> <password> [name] - 30-day sessions with auto-refresh after 15 days Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Vendored
+4
-1
@@ -2,7 +2,10 @@
|
||||
|
||||
declare global {
|
||||
namespace App {
|
||||
interface Locals {}
|
||||
interface Locals {
|
||||
user: { id: string; email: string; displayName: string | null } | null;
|
||||
session: { id: string; userId: string; expiresAt: Date; fresh: boolean } | null;
|
||||
}
|
||||
interface PageData {}
|
||||
interface Platform {}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user