Implement complete user authentication system

- Configured Flask-Login with user_loader - Added register, login, logout routes with proper validation - Created login.html and register.html templates with auth forms - Updated base.html navigation to show username and conditional menu - Added auth page styling to style.css - Protected all routes with @login_required decorator - Updated all routes to filter by current_user.id - Added user ownership validation for: - Channels (can only view/refresh own channels) - Videos (can only watch/download own videos) - Streams (can only stream videos from own channels) - Updated save_to_db() calls to pass current_user.id - Improved user_loader to properly handle session management Features: - User registration with password confirmation - Secure password hashing with bcrypt - Login with "remember me" functionality - Flash messages for all auth actions - Redirect to requested page after login - User-specific data isolation (multi-tenant) Security: - All sensitive routes require authentication - Users can only access their own data - Passwords hashed with bcrypt salt - Session-based authentication via Flask-Login 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-26 14:29:31 -05:00
parent 403d65e4ea
commit 1a4413ae1a
8 changed files with 445 additions and 146 deletions
--- a/templates/login.html
+++ b/templates/login.html
@@ -0,0 +1,54 @@
+{% extends "base.html" %}
+
+{% block title %}Login - YottoB{% endblock %}
+
+{% block content %}
+<div class="auth-page">
+    <div class="auth-container">
+        <h2>Login to YottoB</h2>
+        <p class="auth-subtitle">Access your YouTube video collection</p>
+
+        <form method="POST" action="{{ url_for('login') }}" class="auth-form">
+            <div class="form-group">
+                <label for="username">Username</label>
+                <input
+                    type="text"
+                    id="username"
+                    name="username"
+                    required
+                    autofocus
+                    class="form-input"
+                    placeholder="Enter your username"
+                >
+            </div>
+
+            <div class="form-group">
+                <label for="password">Password</label>
+                <input
+                    type="password"
+                    id="password"
+                    name="password"
+                    required
+                    class="form-input"
+                    placeholder="Enter your password"
+                >
+            </div>
+
+            <div class="form-group checkbox-group">
+                <label class="checkbox-label">
+                    <input type="checkbox" name="remember" id="remember">
+                    <span>Remember me</span>
+                </label>
+            </div>
+
+            <div class="form-actions">
+                <button type="submit" class="btn btn-primary btn-block">Login</button>
+            </div>
+        </form>
+
+        <div class="auth-footer">
+            <p>Don't have an account? <a href="{{ url_for('register') }}">Register here</a></p>
+        </div>
+    </div>
+</div>
+{% endblock %}