No description

Claude 1671aaf8e8 fix: break infinite redirect for non-admin users on admin UI ... Root cause: auth_middleware redirected all non-admins (including logged-in ones) to /login, and login_page redirected logged-in users back — a loop. Fix: - auth_middleware now distinguishes unauthenticated (→ /login?next=) from logged-in-but-not-admin (→ /denied), breaking the loop entirely - /denied page's "sign in with a different account" link now goes to /logout first, so clicking it clears the session before the login form appears The login_page auto-redirect for logged-in users is restored, which is required for the Caddy forward_auth flow (deployed apps redirecting through /login?next=<app-url>). https://claude.ai/code/session_01FKCW3FDjNFj6jve4niMFXH		2026-03-23 08:24:41 +00:00
builder	Remove --memory limit to avoid memory.swap.max cgroup error on Pi	2026-03-22 15:23:49 +00:00
docs	Add roadmap: Podman + git push deploy + self-hosted git	2026-03-20 14:46:14 +00:00
infra	fix: auto-enable cgroup swap accounting on Pi before starting containers	2026-03-22 18:05:11 +00:00
proxy	chore: gitignore generated proxy/caddy.json	2026-03-22 18:18:08 +00:00
server	fix: break infinite redirect for non-admin users on admin UI	2026-03-23 08:24:41 +00:00
.dockerignore	Add .dockerignore to drop build context from ~1.8 GB to a few KB	2026-03-22 10:13:53 +00:00
.env.example	Add session-based auth to dashboard and API	2026-03-20 13:45:16 +00:00
.gitattributes	Add .gitattributes: force LF line endings for shell scripts	2026-03-19 09:40:26 +00:00
.gitignore	chore: gitignore generated proxy/caddy.json	2026-03-22 18:18:08 +00:00
Cargo.lock	Update Cargo.lock for bcrypt dependency	2026-03-20 14:23:31 +00:00
Cargo.toml	M1: Rust control plane, builder, dashboard, and infra	2026-03-19 08:25:59 +00:00
plan.md	Add MVP plan for self-hosted Heroku clone on Raspberry Pi	2026-03-19 07:38:17 +00:00