mirror of
https://github.com/Dvorinka/PPve.git
synced 2026-06-04 04:22:58 +00:00
Tomáš Dvořák
78 lines
1.6 KiB
Markdown
78 lines
1.6 KiB
Markdown
# Admin Login System
|
|
|
|
This document provides information about the admin login system for the PP Kunovice web application.
|
|
|
|
## Default Admin Credentials
|
|
|
|
- **Username**: `admin`
|
|
- **Password**: `admin123`
|
|
|
|
**Important**: Change the default password after the first login in a production environment.
|
|
|
|
## Accessing the Admin Panel
|
|
|
|
1. Navigate to `/admin` in your web browser
|
|
2. Enter the admin credentials
|
|
3. After successful login, you'll be redirected to the admin dashboard
|
|
|
|
## API Endpoints
|
|
|
|
### Login
|
|
- **URL**: `/api/login`
|
|
- **Method**: `POST`
|
|
- **Content-Type**: `application/json`
|
|
- **Request Body**:
|
|
```json
|
|
{
|
|
"username": "admin",
|
|
"password": "admin123"
|
|
}
|
|
```
|
|
- **Success Response**:
|
|
- **Code**: 200 OK
|
|
- **Content**:
|
|
```json
|
|
{
|
|
"token": "jwt.token.here"
|
|
}
|
|
```
|
|
- **Error Response**:
|
|
- **Code**: 401 Unauthorized
|
|
- **Content**:
|
|
```json
|
|
{
|
|
"error": "Invalid credentials"
|
|
}
|
|
```
|
|
|
|
### Protected Endpoints
|
|
|
|
All protected endpoints require a valid JWT token in the `Authorization` header:
|
|
|
|
```
|
|
Authorization: Bearer <token>
|
|
```
|
|
|
|
## Environment Variables
|
|
|
|
- `JWT_SECRET`: Secret key used to sign JWT tokens (default: auto-generated)
|
|
- `PORT`: Port the server listens on (default: 80)
|
|
|
|
## Security Notes
|
|
|
|
1. Always use HTTPS in production
|
|
2. Change the default admin password
|
|
3. Set a strong `JWT_SECRET` environment variable in production
|
|
4. Consider implementing rate limiting for login attempts
|
|
5. Keep the server and dependencies up to date
|
|
|
|
## Development
|
|
|
|
To run the server in development mode:
|
|
|
|
```bash
|
|
go run .
|
|
```
|
|
|
|
The admin interface will be available at `http://localhost/admin`
|