You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

BoulderBadgeDad 5b52d579c5 Login mode: enforce "every profile has a password" at every write-point (no gaps) ... Invariant: while security.require_login is on, every profile must have a login password or it's locked out. Previously only the admin's own anti-lockout existed, so members could be stranded (created without a password, or login flipped on while passwordless members existed). Closed all the write-points: core/security/login_provisioning.py (pure policy, single source of truth): - members_without_password(profiles) — non-admin profiles that can't sign in - create_needs_password(require_login) / removing_password_strands(require_login) Wired into web_server: - create_profile: while login is on, a new member must be given a password (400 otherwise) and it's set on creation. - enable-login (settings save): refuses to turn login on while any member lacks a password — lists them — same shape as the existing admin anti-lockout. - set-password: refuses to CLEAR a password while login is on (would strand them). UI: Create Profile form gains a login-password field (alongside the optional PIN); the Manage Profiles per-member password button (prior commit) covers existing members + changes. Tests: pure policy seam + endpoint enforcement (create blocked w/o password when on, allowed w/ password, no friction when off, clear blocked when on). 442 profile/settings/auth tests green; ruff clean.		1 week ago
..
__init__.py	Security: enforce the launch PIN server-side, not just a client overlay (#832)	2 weeks ago
auth_proxy.py	Security: trust a forward-auth proxy user header (Tier 3)	1 week ago
launch_lock.py	Fix: launch PIN re-triggered the first-run setup wizard every visit (#842)	2 weeks ago
login_gate.py	Login recovery (DB + backend): security question to reset a forgotten password	1 week ago
login_provisioning.py	Login mode: enforce "every profile has a password" at every write-point (no gaps)	1 week ago
rate_limit.py	Security: brute-force limiter on the launch-PIN unlock (Tier 2)	1 week ago
reverse_proxy.py	Security: add gated security headers in reverse-proxy mode (Tier 2)	1 week ago
ws_gate.py	#852: gate the WebSocket handshake — close the launch-PIN/login bypass	1 week ago