mcias

kyle/mcias

Fork 0

Commit Graph

Author	SHA1	Message	Date
Kyle Isom	b2f2f04646	UI: pgcreds create button; show logged-in user * web/templates/pgcreds.html: New Credentials card is now always rendered; Add Credentials toggle button reveals the create form (hidden by default). Shows a message when all system accounts already have credentials. Previously the card was hidden when UncredentialedAccounts was empty. * internal/ui/ui.go: added ActorName string field to PageData; added actorName(r) helper resolving username from JWT claims via DB lookup, returns empty string if unauthenticated. * internal/ui/handlers_.go: all full-page PageData constructors now pass ActorName: u.actorName(r). web/templates/base.html: nav bar renders actor username as a muted label before the Logout button when logged in. * web/static/style.css: added .nav-actor rule (muted grey, 0.85rem).	2026-03-12 11:38:57 -07:00
Kyle Isom	5a8698e199	Fix UI: install real HTMX, add PG creds and roles UI - web/static/htmx.min.js: replace placeholder stub with htmx 2.0.4 (downloaded from unpkg.com). The placeholder only logged a console warning; no HTMX features worked, so form submissions fell back to native POSTs and the account_row fragment was returned as a raw HTML body rather than spliced into the table. This was the root cause of account creation appearing to 'do nothing'. - internal/ui/ui.go: add pgcreds_form.html to shared template list; add PUT /accounts/{id}/pgcreds route; reorder AccountDetailData fields so embedded PageData does not shadow Account. - internal/ui/handlers_accounts.go: add handleSetPGCreds handler — encrypts the submitted password with AES-256-GCM using the server master key before storage, validates system-account-only constraint, re-reads and re-renders the fragment after save. Add PGCred field population to handleAccountDetail. - internal/ui/ui_test.go: add tests for account creation, role management, and PG credential handlers. - web/templates/account_detail.html: add Postgres Credentials card for system accounts. - web/templates/fragments/pgcreds_form.html: new fragment for the PG credentials form; CSRF token is supplied via the body-level hx-headers attribute in base.html. Security: PG password is encrypted with AES-256-GCM (crypto.SealAESGCM) before storage; a fresh nonce is generated per call; the plaintext is never logged or returned in responses.	2026-03-11 22:30:13 -07:00

Author

SHA1

Message

Date

Kyle Isom

b2f2f04646

UI: pgcreds create button; show logged-in user

* web/templates/pgcreds.html: New Credentials card is now always
  rendered; Add Credentials toggle button reveals the create form
  (hidden by default). Shows a message when all system accounts
  already have credentials. Previously the card was hidden when
  UncredentialedAccounts was empty.
* internal/ui/ui.go: added ActorName string field to PageData;
  added actorName(r) helper resolving username from JWT claims
  via DB lookup, returns empty string if unauthenticated.
* internal/ui/handlers_*.go: all full-page PageData constructors
  now pass ActorName: u.actorName(r).
* web/templates/base.html: nav bar renders actor username as a
  muted label before the Logout button when logged in.
* web/static/style.css: added .nav-actor rule (muted grey, 0.85rem).

2026-03-12 11:38:57 -07:00

Kyle Isom

5a8698e199

Fix UI: install real HTMX, add PG creds and roles UI

- web/static/htmx.min.js: replace placeholder stub with
  htmx 2.0.4 (downloaded from unpkg.com). The placeholder
  only logged a console warning; no HTMX features worked,
  so form submissions fell back to native POSTs and the
  account_row fragment was returned as a raw HTML body
  rather than spliced into the table. This was the root
  cause of account creation appearing to 'do nothing'.
- internal/ui/ui.go: add pgcreds_form.html to shared
  template list; add PUT /accounts/{id}/pgcreds route;
  reorder AccountDetailData fields so embedded PageData
  does not shadow Account.
- internal/ui/handlers_accounts.go: add handleSetPGCreds
  handler — encrypts the submitted password with AES-256-GCM
  using the server master key before storage, validates
  system-account-only constraint, re-reads and re-renders
  the fragment after save. Add PGCred field population to
  handleAccountDetail.
- internal/ui/ui_test.go: add tests for account creation,
  role management, and PG credential handlers.
- web/templates/account_detail.html: add Postgres
  Credentials card for system accounts.
- web/templates/fragments/pgcreds_form.html: new fragment
  for the PG credentials form; CSRF token is supplied via
  the body-level hx-headers attribute in base.html.
Security: PG password is encrypted with AES-256-GCM
(crypto.SealAESGCM) before storage; a fresh nonce is
generated per call; the plaintext is never logged or
returned in responses.

2026-03-11 22:30:13 -07:00

2 Commits