fb6c839352
* feat: public landing page with auth-conditional state
Rewrites homepage.html as a full marketing landing page serving both
unauthenticated visitors (Sign In CTA) and authenticated users (Personal
+ Business portal links). Fixes handler to pass UserID so auth-conditional
rendering activates correctly.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* fix(k8s): expose / without auth so homepage is publicly reachable
Adds a second Ingress (api-public) for the exact path / with no
forward-auth middleware. Traefik prefers the Exact match for the root,
while the Prefix ingress (with auth) still protects all other routes.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* fix: homepage renders correctly at / for unauthenticated visitors
Two fixes:
1. Added parseStandalone() helper — parseTmpl() roots on "" but ParseFS()
stores standalone (no {{define}}) files under their base filename, so
Execute() ran the empty root and returned Content-Length: 0.
2. Added router.priority: 100 annotation to api-public ingress so Traefik
picks the Exact / rule over the Prefix / rule (Traefik ranks by rule
string length by default, which made PathPrefix beat Path).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* feat: self-contained auth — email/password + Google OAuth, HMAC session cookies
Embeds a full authentication system into the finance API so it can be
deployed as a standalone container without any external auth dependency.
- Email/password registration and login with bcrypt hashing
- Google OAuth 2.0 (GOOGLE_CLIENT_ID / GOOGLE_CLIENT_SECRET env vars)
- HMAC-SHA256 signed session cookies (SESSION_SECRET env var, 30-day TTL)
- Sessions stored in MongoDB finance_sessions with TTL index auto-expiry
- Users stored in MongoDB finance_users with unique email index
- /auth/login, /auth/register, /auth/logout, /auth/oauth/google routes
- authMW now redirects to /auth/login?next=... instead of auth.homelab.local
- getAuth() resolves session cookie first, falls back to X-Auth-* headers
- Default categories seeded automatically on new account creation
- seed.go checks finance_users before the shared legacy users collection
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* fix: homepage sign-in links point to /auth/login instead of auth.homelab.local
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* fix(k8s): remove forward-auth middleware from finance ingress
The app now handles its own auth at /auth/login — Traefik no longer
needs to forward-auth requests, which was causing redirects to
auth.homelab.local instead of finance.homelab.local.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Gonçalo Rodrigues <guga@Goncalos-MacBook-Pro.local>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
256 lines
7.2 KiB
HTML
256 lines
7.2 KiB
HTML
<!DOCTYPE html>
|
|
<html lang="en">
|
|
<head>
|
|
<meta charset="UTF-8">
|
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
<title>Sign in — Finance Hub</title>
|
|
<style>
|
|
*, *::before, *::after { box-sizing: border-box; margin: 0; padding: 0; }
|
|
html, body { height: 100%; }
|
|
body {
|
|
font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', sans-serif;
|
|
background: #040609;
|
|
color: #eaf2f0;
|
|
display: flex;
|
|
align-items: center;
|
|
justify-content: center;
|
|
min-height: 100vh;
|
|
-webkit-font-smoothing: antialiased;
|
|
}
|
|
|
|
/* canvas bg */
|
|
canvas { position: fixed; inset: 0; z-index: 0; pointer-events: none; }
|
|
|
|
.wrap {
|
|
position: relative;
|
|
z-index: 1;
|
|
width: 100%;
|
|
max-width: 420px;
|
|
padding: 24px 20px;
|
|
}
|
|
|
|
.logo-row {
|
|
display: flex;
|
|
align-items: center;
|
|
justify-content: center;
|
|
gap: 10px;
|
|
margin-bottom: 36px;
|
|
}
|
|
.logo-icon {
|
|
width: 38px; height: 38px;
|
|
border-radius: 11px;
|
|
background: linear-gradient(135deg, #00c9b8, #a855f7);
|
|
display: flex; align-items: center; justify-content: center;
|
|
font-size: 18px; font-weight: 800; color: #030609;
|
|
}
|
|
.logo-name { font-size: 20px; font-weight: 700; letter-spacing: -0.4px; }
|
|
|
|
.card {
|
|
background: rgba(10, 14, 22, 0.85);
|
|
border: 1px solid rgba(255,255,255,0.07);
|
|
border-radius: 20px;
|
|
padding: 32px 28px;
|
|
backdrop-filter: blur(12px);
|
|
}
|
|
|
|
h1 {
|
|
font-size: 22px;
|
|
font-weight: 700;
|
|
letter-spacing: -0.5px;
|
|
margin-bottom: 6px;
|
|
}
|
|
.sub {
|
|
font-size: 13px;
|
|
color: #7aada9;
|
|
margin-bottom: 28px;
|
|
line-height: 1.5;
|
|
}
|
|
.sub a { color: #00c9b8; text-decoration: none; }
|
|
.sub a:hover { text-decoration: underline; }
|
|
|
|
.error-box {
|
|
background: rgba(248,113,113,0.1);
|
|
border: 1px solid rgba(248,113,113,0.25);
|
|
border-radius: 10px;
|
|
padding: 11px 14px;
|
|
font-size: 13px;
|
|
color: #fca5a5;
|
|
margin-bottom: 20px;
|
|
}
|
|
|
|
.field { margin-bottom: 16px; }
|
|
label {
|
|
display: block;
|
|
font-size: 12px;
|
|
font-weight: 600;
|
|
color: #7aada9;
|
|
letter-spacing: 0.04em;
|
|
margin-bottom: 6px;
|
|
}
|
|
input[type="email"],
|
|
input[type="password"],
|
|
input[type="text"] {
|
|
width: 100%;
|
|
background: rgba(255,255,255,0.04);
|
|
border: 1px solid rgba(255,255,255,0.1);
|
|
border-radius: 10px;
|
|
padding: 11px 14px;
|
|
font-size: 14px;
|
|
color: #eaf2f0;
|
|
outline: none;
|
|
transition: border-color .2s;
|
|
}
|
|
input:focus { border-color: rgba(0,201,184,0.5); }
|
|
input::placeholder { color: #364e4c; }
|
|
|
|
.btn-primary {
|
|
width: 100%;
|
|
background: linear-gradient(135deg, #00c9b8, #33d9ca);
|
|
color: #030609;
|
|
font-size: 14px;
|
|
font-weight: 700;
|
|
border: none;
|
|
border-radius: 10px;
|
|
padding: 13px;
|
|
cursor: pointer;
|
|
transition: opacity .2s;
|
|
margin-top: 4px;
|
|
}
|
|
.btn-primary:hover { opacity: 0.88; }
|
|
|
|
.divider {
|
|
display: flex;
|
|
align-items: center;
|
|
gap: 12px;
|
|
margin: 22px 0;
|
|
font-size: 12px;
|
|
color: #364e4c;
|
|
}
|
|
.divider::before, .divider::after {
|
|
content: '';
|
|
flex: 1;
|
|
height: 1px;
|
|
background: rgba(255,255,255,0.07);
|
|
}
|
|
|
|
.btn-google {
|
|
width: 100%;
|
|
background: rgba(255,255,255,0.05);
|
|
border: 1px solid rgba(255,255,255,0.1);
|
|
border-radius: 10px;
|
|
padding: 11px;
|
|
font-size: 14px;
|
|
font-weight: 600;
|
|
color: #eaf2f0;
|
|
cursor: pointer;
|
|
display: flex;
|
|
align-items: center;
|
|
justify-content: center;
|
|
gap: 10px;
|
|
text-decoration: none;
|
|
transition: background .2s, border-color .2s;
|
|
}
|
|
.btn-google:hover { background: rgba(255,255,255,0.09); border-color: rgba(255,255,255,0.18); }
|
|
.btn-google svg { flex-shrink: 0; }
|
|
|
|
.footer-link {
|
|
text-align: center;
|
|
margin-top: 20px;
|
|
font-size: 12px;
|
|
color: #364e4c;
|
|
}
|
|
.footer-link a { color: #00c9b8; text-decoration: none; }
|
|
.footer-link a:hover { text-decoration: underline; }
|
|
</style>
|
|
</head>
|
|
<body>
|
|
<canvas id="c"></canvas>
|
|
|
|
<div class="wrap">
|
|
<div class="logo-row">
|
|
<div class="logo-icon">₣</div>
|
|
<span class="logo-name">Finance Hub</span>
|
|
</div>
|
|
|
|
<div class="card">
|
|
<h1>Welcome back</h1>
|
|
<p class="sub">Sign in to your account. No account? <a href="/auth/register">Create one →</a></p>
|
|
|
|
{{if .Error}}
|
|
<div class="error-box">{{.Error}}</div>
|
|
{{end}}
|
|
|
|
{{if eq (index . "Error") "oauth"}}
|
|
<div class="error-box">Google sign-in failed. Please try again.</div>
|
|
{{end}}
|
|
|
|
<form method="POST" action="/auth/login">
|
|
<div class="field">
|
|
<label for="email">Email</label>
|
|
<input type="email" id="email" name="email" value="{{.Email}}" placeholder="you@example.com" required autofocus>
|
|
</div>
|
|
<div class="field">
|
|
<label for="password">Password</label>
|
|
<input type="password" id="password" name="password" placeholder="••••••••" required>
|
|
</div>
|
|
<button class="btn-primary" type="submit">Sign in →</button>
|
|
</form>
|
|
|
|
{{if .GoogleEnabled}}
|
|
<div class="divider">or</div>
|
|
<a class="btn-google" href="/auth/oauth/google">
|
|
<svg width="18" height="18" viewBox="0 0 24 24">
|
|
<path fill="#4285F4" d="M22.56 12.25c0-.78-.07-1.53-.2-2.25H12v4.26h5.92c-.26 1.37-1.04 2.53-2.21 3.31v2.77h3.57c2.08-1.92 3.28-4.74 3.28-8.09z"/>
|
|
<path fill="#34A853" d="M12 23c2.97 0 5.46-.98 7.28-2.66l-3.57-2.77c-.98.66-2.23 1.06-3.71 1.06-2.86 0-5.29-1.93-6.16-4.53H2.18v2.84C3.99 20.53 7.7 23 12 23z"/>
|
|
<path fill="#FBBC05" d="M5.84 14.09c-.22-.66-.35-1.36-.35-2.09s.13-1.43.35-2.09V7.07H2.18C1.43 8.55 1 10.22 1 12s.43 3.45 1.18 4.93l3.66-2.84z"/>
|
|
<path fill="#EA4335" d="M12 5.38c1.62 0 3.06.56 4.21 1.64l3.15-3.15C17.45 2.09 14.97 1 12 1 7.7 1 3.99 3.47 2.18 7.07l3.66 2.84c.87-2.6 3.3-4.53 6.16-4.53z"/>
|
|
</svg>
|
|
Continue with Google
|
|
</a>
|
|
{{end}}
|
|
</div>
|
|
|
|
<div class="footer-link"><a href="/">← Back to home</a></div>
|
|
</div>
|
|
|
|
<script>
|
|
(function(){
|
|
const c = document.getElementById('c');
|
|
const ctx = c.getContext('2d');
|
|
let W, H, pts;
|
|
function resize() {
|
|
W = c.width = innerWidth; H = c.height = innerHeight;
|
|
pts = Array.from({length: 55}, () => ({
|
|
x: Math.random()*W, y: Math.random()*H,
|
|
vx: (Math.random()-.5)*.4, vy: (Math.random()-.5)*.4
|
|
}));
|
|
}
|
|
resize();
|
|
window.addEventListener('resize', resize);
|
|
function draw() {
|
|
ctx.clearRect(0,0,W,H);
|
|
for (let p of pts) {
|
|
p.x += p.vx; p.y += p.vy;
|
|
if (p.x<0||p.x>W) p.vx*=-1;
|
|
if (p.y<0||p.y>H) p.vy*=-1;
|
|
}
|
|
for (let i=0;i<pts.length;i++) for (let j=i+1;j<pts.length;j++) {
|
|
const d = Math.hypot(pts[i].x-pts[j].x, pts[i].y-pts[j].y);
|
|
if (d < 110) {
|
|
ctx.strokeStyle = `rgba(0,201,184,${(1-d/110)*0.18})`;
|
|
ctx.lineWidth = 1;
|
|
ctx.beginPath(); ctx.moveTo(pts[i].x,pts[i].y); ctx.lineTo(pts[j].x,pts[j].y); ctx.stroke();
|
|
}
|
|
}
|
|
for (let p of pts) {
|
|
ctx.fillStyle = 'rgba(0,201,184,0.35)';
|
|
ctx.beginPath(); ctx.arc(p.x,p.y,2,0,Math.PI*2); ctx.fill();
|
|
}
|
|
requestAnimationFrame(draw);
|
|
}
|
|
draw();
|
|
})();
|
|
</script>
|
|
</body>
|
|
</html>
|