TenerifeProp

UniqueSoft/TenerifeProp

Fork 0

Commit Graph

Author	SHA1	Message	Date
TenerifeProp Dev	0d290f29a1	feat: implement administrative section with authentication ## Features Implemented ### Authentication System - Login page at /login.html with Bootstrap 5 UI - Session-based authentication using SQLite - bcrypt password hashing via Bun.password API - CSRF protection for form submissions - Rate limiting on login attempts (10 req/min) - 7-day session persistence with HTTP-only cookies ### Admin Routes Protection - All admin endpoints protected with requireAuth middleware - requireAdmin middleware for role-based access - Session validation on each authenticated request - Expired session cleanup on startup ### API Endpoints - POST /api/auth/login - user authentication - POST /api/auth/logout - session termination - GET /api/auth/me - current user info - GET /api/csrf-token - CSRF token for forms - GET /api/admin/stats - admin statistics ### Seed Data - 12 realistic properties in Tenerife - 3 testimonials with international clients - 3 FAQ items about buying process - 3 services offered - Admin user: admin@tenerifeprop.com / admin123 ### Tests - Authentication tests (password, session) - Input validation tests (email, phone, XSS) - Property CRUD tests ## Files Changed - src/server/index.ts - CSRF fix, auth endpoints - public/login.html - New login page - public/js/api.js - Auth API methods - public/admin.html - Auth check on load - src/db/seed-comprehensive.ts - Seed script - tests/auth.test.ts - Test suite ## Tested ✅ Login page renders correctly ✅ Valid credentials return success ✅ Invalid credentials return error ✅ Session cookie is set ✅ Protected endpoints require authentication ✅ Logout clears session ✅ Auth/me returns 401 after logout ## Access - URL: http://localhost:3000/login.html - Email: admin@tenerifeprop.com - Password: admin123 Closes #28, #29, #30	2026-04-06 00:44:38 +01:00
TenerifeProp Dev	d0e3a87eac	refactor: extract CSS into separate files (issue #5 )\n\n- Create public/css/base.css with reset and typography\n- Create public/css/components.css with shared UI components\n- Create public/css/pages/home.css for homepage styles\n- Create public/css/pages/property.css for property page styles\n- Create public/css/pages/admin.css for admin panel styles\n- Add CSS variables for badges and text colors\n- Remove inline styles from HTML files\n- Add link tags to HTML files\n- Add CSS extraction tests\n\nCloses #5	2026-04-05 05:46:05 +01:00
TenerifeProp Dev	d7a04e8114	feat: initial project structure for TenerifeProp real estate agency - Set up project architecture with TypeScript types - Create property, user, lead, and content type definitions - Add i18n translations (ES, RU) - Add sample JSON data for properties and leads - Create comprehensive architecture documentation - Set up package.json with Bun + Hono stack	2026-04-04 21:58:55 +01:00

Author

SHA1

Message

Date

TenerifeProp Dev

0d290f29a1

feat: implement administrative section with authentication

## Features Implemented

### Authentication System
- Login page at /login.html with Bootstrap 5 UI
- Session-based authentication using SQLite
- bcrypt password hashing via Bun.password API
- CSRF protection for form submissions
- Rate limiting on login attempts (10 req/min)
- 7-day session persistence with HTTP-only cookies

### Admin Routes Protection
- All admin endpoints protected with requireAuth middleware
- requireAdmin middleware for role-based access
- Session validation on each authenticated request
- Expired session cleanup on startup

### API Endpoints
- POST /api/auth/login - user authentication
- POST /api/auth/logout - session termination
- GET /api/auth/me - current user info
- GET /api/csrf-token - CSRF token for forms
- GET /api/admin/stats - admin statistics

### Seed Data
- 12 realistic properties in Tenerife
- 3 testimonials with international clients
- 3 FAQ items about buying process
- 3 services offered
- Admin user: admin@tenerifeprop.com / admin123

### Tests
- Authentication tests (password, session)
- Input validation tests (email, phone, XSS)
- Property CRUD tests

## Files Changed
- src/server/index.ts - CSRF fix, auth endpoints
- public/login.html - New login page
- public/js/api.js - Auth API methods
- public/admin.html - Auth check on load
- src/db/seed-comprehensive.ts - Seed script
- tests/auth.test.ts - Test suite

## Tested
✅ Login page renders correctly
✅ Valid credentials return success
✅ Invalid credentials return error
✅ Session cookie is set
✅ Protected endpoints require authentication
✅ Logout clears session
✅ Auth/me returns 401 after logout

## Access
- URL: http://localhost:3000/login.html
- Email: admin@tenerifeprop.com
- Password: admin123

Closes #28, #29, #30

2026-04-06 00:44:38 +01:00

TenerifeProp Dev

d0e3a87eac

refactor: extract CSS into separate files (issue #5 )\n\n- Create public/css/base.css with reset and typography\n- Create public/css/components.css with shared UI components\n- Create public/css/pages/home.css for homepage styles\n- Create public/css/pages/property.css for property page styles\n- Create public/css/pages/admin.css for admin panel styles\n- Add CSS variables for badges and text colors\n- Remove inline styles from HTML files\n- Add link tags to HTML files\n- Add CSS extraction tests\n\nCloses #5

2026-04-05 05:46:05 +01:00

TenerifeProp Dev

d7a04e8114

feat: initial project structure for TenerifeProp real estate agency

- Set up project architecture with TypeScript types
- Create property, user, lead, and content type definitions
- Add i18n translations (ES, RU)
- Add sample JSON data for properties and leads
- Create comprehensive architecture documentation
- Set up package.json with Bun + Hono stack

2026-04-04 21:58:55 +01:00

3 Commits