kyle/mcias
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add HTMX-based UI templates and handlers for account and audit management

Browse Source 
- Introduced `web/templates/` for HTMX-fragmented pages (`dashboard`, `accounts`, `account_detail`, `error_fragment`, etc.).
- Implemented UI routes for account CRUD, audit log display, and login/logout with CSRF protection.
- Added `internal/ui/` package for handlers, CSRF manager, session validation, and token issuance.
- Updated documentation to include new UI features and templates directory structure.
- Security: Double-submit CSRF cookies, constant-time HMAC validation, login password/Argon2id re-verification at all steps to prevent bypass.
This commit is contained in:
Kyle Isom
2026-03-11 18:02:53 -07:00
parent 0c441f5c4f
commit a80242ae3e
21 changed files with 1425 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
PROJECT.md
View File

@@ -55,10 +55,14 @@ Performance is secondary, and can be tuned later.
critical for this.
+ We will also need to build client libraries in several languages
later on.
+ There should be two command line tools associated with MCIAS:
+ There are four command line tools associated with MCIAS:
+ mciassrv is the authentication server.
+ mciasctl is the tool for admins to create and manage accounts, issue
or revoke tokens, and manage postgres database credentials.
+ mciasdb is the offline database maintenance tool for break-glass
recovery, bootstrap, and direct SQLite operations.
+ mciasgrpcctl is the gRPC admin CLI companion (mirrors mciasctl
over gRPC).
## Notes