Add RBAC support with roles, permissions, and session management. Implement middleware for authentication and CSRF protection. Enhance audit logging with additional fields. Update HTTP handlers and routes for new features.

2025-12-13 17:44:09 +00:00
parent d69e01bbaf
commit 8100f87686
44 changed files with 3262 additions and 76 deletions
--- a/internal/templates/base.html
+++ b/internal/templates/base.html
@@ -5,9 +5,20 @@
  <meta charset="utf-8">
  <meta name="viewport" content="width=device-width, initial-scale=1">
  <script src="https://unpkg.com/htmx.org@1.9.2"></script>
+  <script>
+    // HTMX CSRF token support
+    document.body.addEventListener('htmx:configRequest', function(event) {
+      const csrfToken = document.querySelector('meta[name="csrf-token"]')?.getAttribute('content');
+      if (csrfToken) {
+        event.detail.headers['X-CSRF-Token'] = csrfToken;
+      }
+    });
+  </script>
  <title>{{.Title}}</title>
  <link href="https://cdn.jsdelivr.net/npm/tailwindcss@2.2.19/dist/tailwind.min.css" rel="stylesheet">
-  <meta name="csrf-token" content="fake-csrf-token">
+  {{if .CSRFToken}}
+  <meta name="csrf-token" content="{{.CSRFToken}}">
+  {{end}}
 </head>
 <body class="bg-gray-100">
  <main class="container mx-auto p-4">