feat: add simple password auth gate

- Flask session-based login with styled dark-theme login page - All routes gated behind password (configurable via SITE_PASSWORD env) - /login and /api/health are public - Wrong password shows red error, correct redirects to original page - 30-day session persistence - /logout to clear session - Password: jv2026 (set in docker-compose.yml)
2026-03-02 23:04:22 +08:00
parent ab875cd4d9
commit 21f67d39c7
2 changed files with 90 additions and 2 deletions
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -7,6 +7,8 @@ services:
    environment:
      - GEMINI_API_KEY=AIzaSyCHnesXLjPw-UgeZaQotut66bgjFdvy12E
      - DATABASE_URL=postgresql://jv:jvpass@tasks.db:5432/justvitamin
+      - SECRET_KEY=c4f8a2e91b0d7f3e5a6c9d2b8e1f4a7d
+      - SITE_PASSWORD=jv2026
    volumes:
      - jv-generated:/app/generated
    networks: