feat: add PIN-based login with server-side cookie sessions

- Server: POST /auth/login (verify PIN, set httpOnly cookie) - Server: GET /auth/check, POST /auth/logout - Client: Login page shown when not authenticated - Session persists 7 days via httpOnly cookie - PIN stored server-side only (ADMIN_PIN env var) - Dashboard loads data only after successful auth Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-31 22:02:34 +03:00
parent c99f2abe10
commit 8cf6f9eedd
12 changed files with 331 additions and 4 deletions
--- a/src/locales/ar.json
+++ b/src/locales/ar.json
@@ -168,6 +168,13 @@
    "namePlaceholder": "مثال: رمضان",
    "add": "إضافة"
  },
+  "login": {
+    "subtitle": "أدخل رمز PIN للوصول إلى لوحة التحكم",
+    "placeholder": "رمز PIN",
+    "submit": "تسجيل الدخول",
+    "invalid": "رمز PIN غير صحيح",
+    "error": "خطأ في الاتصال. يرجى المحاولة مرة أخرى."
+  },
  "errors": {
    "config": "لم يتم تهيئة لوحة المعلومات. يرجى إعداد اتصال ERP API.",
    "network": "لا يمكن الوصول إلى خادم قاعدة البيانات. يرجى التحقق من اتصالك بالإنترنت.",
--- a/src/locales/en.json
+++ b/src/locales/en.json
@@ -168,6 +168,13 @@
    "namePlaceholder": "e.g. Ramadan",
    "add": "Add"
  },
+  "login": {
+    "subtitle": "Enter your PIN to access the dashboard",
+    "placeholder": "PIN code",
+    "submit": "Login",
+    "invalid": "Invalid PIN code",
+    "error": "Connection error. Please try again."
+  },
  "errors": {
    "config": "The dashboard is not configured. Please set up the ERP API connection.",
    "network": "Cannot reach the database server. Please check your internet connection.",