Add HTMX-based UI templates and handlers for account and audit management
- Introduced `web/templates/` for HTMX-fragmented pages (`dashboard`, `accounts`, `account_detail`, `error_fragment`, etc.). - Implemented UI routes for account CRUD, audit log display, and login/logout with CSRF protection. - Added `internal/ui/` package for handlers, CSRF manager, session validation, and token issuance. - Updated documentation to include new UI features and templates directory structure. - Security: Double-submit CSRF cookies, constant-time HMAC validation, login password/Argon2id re-verification at all steps to prevent bypass.
This commit is contained in:
21
web/templates/fragments/account_status.html
Normal file
21
web/templates/fragments/account_status.html
Normal file
@@ -0,0 +1,21 @@
|
||||
{{define "account_status"}}
|
||||
<span class="badge {{if eq (string .Account.Status) "active"}}badge-active{{else if eq (string .Account.Status) "inactive"}}badge-inactive{{else}}badge-deleted{{end}}">
|
||||
{{.Account.Status}}
|
||||
</span>
|
||||
{{if ne (string .Account.Status) "deleted"}}
|
||||
{{if eq (string .Account.Status) "active"}}
|
||||
<button class="btn btn-sm btn-secondary" style="margin-left:.5rem"
|
||||
hx-patch="/accounts/{{.Account.UUID}}/status"
|
||||
hx-vals='{"status":"inactive"}'
|
||||
hx-target="#status-cell"
|
||||
hx-swap="innerHTML"
|
||||
hx-confirm="Deactivate this account?">Deactivate</button>
|
||||
{{else}}
|
||||
<button class="btn btn-sm btn-secondary" style="margin-left:.5rem"
|
||||
hx-patch="/accounts/{{.Account.UUID}}/status"
|
||||
hx-vals='{"status":"active"}'
|
||||
hx-target="#status-cell"
|
||||
hx-swap="innerHTML">Activate</button>
|
||||
{{end}}
|
||||
{{end}}
|
||||
{{end}}
|
||||
Reference in New Issue
Block a user