Implement M7: auth middleware, rate limiting, CORS, and GUI login flow

Add SHA-256 API key authentication with constant-time comparison, configurable token bucket rate limiter, CORS origin allowlist middleware, and React auth context with login page. Auth info endpoint bootstraps GUI without credentials. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-06-11 21:28:52 +00:00 · 2026-03-15 11:58:13 -04:00
parent 73f27bfb48
commit 1904a92359
12 changed files with 590 additions and 71 deletions
@@ -0,0 +1,24 @@
+import type { ReactNode } from 'react';
+import { useAuth } from './AuthProvider';
+import LoginPage from '../pages/LoginPage';
+
+export default function AuthGate({ children }: { children: ReactNode }) {
+  const { loading, authRequired, authenticated } = useAuth();
+
+  if (loading) {
+    return (
+      <div className="min-h-screen bg-slate-900 flex items-center justify-center">
+        <div className="text-center">
+          <h1 className="text-2xl font-bold text-blue-400 mb-2">certctl</h1>
+          <p className="text-sm text-slate-400">Connecting...</p>
+        </div>
+      </div>
+    );
+  }
+
+  if (authRequired && !authenticated) {
+    return <LoginPage />;
+  }
+
+  return <>{children}</>;
+}