Kyle Isom
5a1f4f5837
- Change dashboard route from adminGet to authed middleware
- Show account counts and audit events only for admin users
- Show welcome message for non-admin authenticated users
Security: non-admin users cannot access account lists or audit
events; admin-only data is gated by claims.HasRole("admin") in
the handler, not just at the route level.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
43 lines
1.4 KiB
HTML
43 lines
1.4 KiB
HTML
{{define "dashboard"}}{{template "base" .}}{{end}}
|
|
{{define "title"}}Dashboard — MCIAS{{end}}
|
|
{{define "content"}}
|
|
<div class="page-header">
|
|
<h1>Dashboard</h1>
|
|
</div>
|
|
{{if .IsAdmin}}
|
|
<div style="display:grid;grid-template-columns:repeat(auto-fit,minmax(200px,1fr));gap:1rem;margin-bottom:1.5rem">
|
|
<div class="card" style="text-align:center">
|
|
<div style="font-size:2rem;font-weight:700;color:#2563eb">{{.TotalAccounts}}</div>
|
|
<div class="text-muted text-small">Total Accounts</div>
|
|
</div>
|
|
<div class="card" style="text-align:center">
|
|
<div style="font-size:2rem;font-weight:700;color:#16a34a">{{.ActiveAccounts}}</div>
|
|
<div class="text-muted text-small">Active Accounts</div>
|
|
</div>
|
|
</div>
|
|
{{if .RecentEvents}}
|
|
<div class="card">
|
|
<h2 style="font-size:1rem;font-weight:600;margin-bottom:1rem">Recent Audit Events</h2>
|
|
<div class="table-wrapper">
|
|
<table>
|
|
<thead><tr><th>Time</th><th>Event</th><th>Actor</th></tr></thead>
|
|
<tbody>
|
|
{{range .RecentEvents}}
|
|
<tr>
|
|
<td class="text-small text-muted">{{formatTime .EventTime}}</td>
|
|
<td><code style="font-size:.8rem">{{.EventType}}</code></td>
|
|
<td class="text-small text-muted">{{.ActorUsername}}</td>
|
|
</tr>
|
|
{{end}}
|
|
</tbody>
|
|
</table>
|
|
</div>
|
|
</div>
|
|
{{end}}
|
|
{{else}}
|
|
<div class="card">
|
|
<p>Welcome, <strong>{{.ActorName}}</strong>. Use the navigation above to access your profile and credentials.</p>
|
|
</div>
|
|
{{end}}
|
|
{{end}}
|