frontend: add login page and auth guard

Add authentication flow to the frontend: - authStore with token management (localStorage persistence) - Login page with username/password form at /login - Layout-level auth guard that redirects to /login when no valid session exists, validates token on load via GET /api/auth/me - Top navigation bar showing username and admin link when applicable Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
backend: add single-use token auth for spawned stream proxies
2026-04-16 15:12:25 +00:00 · 2026-04-16 15:12:25 +00:00
1 changed files with 2 additions and 3 deletions
@@ -85,9 +85,8 @@ pub async fn validate_stream_token(proxy: &Proxy, provided: &str) -> std::result
    match token_guard.take() {
        Some(expected) if expected == provided => Ok(()),
        Some(_) => {
-            // Wrong token: still consumed by the `take()` above. Any validation
-            // attempt — correct or not — invalidates the token, so a wrong
-            // guess cannot be followed by a correct one.
+            // Put the token back since it wasn't matched
+            // Actually no — the design is that any attempt consumes it for security
            Err("Invalid stream token".to_string())
        }
        None => Err("Stream token already used".to_string()),