AIHostingTycoon

josh/AIHostingTycoon

Fork 0

Commit Graph

Author	SHA1	Message	Date
josh	2912d760cb	Fix admin seed, open username/email changes, invite refresh & revocation - Seed checks for any admin role instead of username='admin' - Username change open to all registered users (was admin-only) - New change-email endpoint requiring password confirmation - Settings page: inline editing for username and email - Invitations: await refresh after generate so list updates visibly - Invitations: revoke button to delete unused invites (admin only) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-27 22:22:42 -04:00
josh	4881907c28	Add auth system with invite-only registration and admin roles JWT-based auth (hono/jwt + bcrypt), anonymous-first flow preserved. Registration requires invite code when REQUIRE_INVITE=true. Admin user seeded on startup (admin/admin, forced password reset). Login accepts email or username. Admin invitations management page in sidebar. Regular users get invite-a-friend button when USER_INVITATIONS > 0. Frontend gate screen blocks game access for unregistered users with invite code entry, registration, login, and password reset flows. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-27 19:25:16 -04:00

Author

SHA1

Message

Date

josh

2912d760cb

Fix admin seed, open username/email changes, invite refresh & revocation

- Seed checks for any admin role instead of username='admin'
- Username change open to all registered users (was admin-only)
- New change-email endpoint requiring password confirmation
- Settings page: inline editing for username and email
- Invitations: await refresh after generate so list updates visibly
- Invitations: revoke button to delete unused invites (admin only)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-04-27 22:22:42 -04:00

josh

4881907c28

Add auth system with invite-only registration and admin roles

JWT-based auth (hono/jwt + bcrypt), anonymous-first flow preserved.
Registration requires invite code when REQUIRE_INVITE=true. Admin
user seeded on startup (admin/admin, forced password reset). Login
accepts email or username. Admin invitations management page in
sidebar. Regular users get invite-a-friend button when USER_INVITATIONS > 0.
Frontend gate screen blocks game access for unregistered users with
invite code entry, registration, login, and password reset flows.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-04-27 19:25:16 -04:00

2 Commits