rack-planner

jason/rack-planner

Fork 0

Commit Graph

Author	SHA1	Message	Date
jason	69b7262535	Fix 401 Unauthorized on all API calls after login (HTTP installs) Root cause: cookie was set with Secure=true whenever NODE_ENV=production. Browsers refuse to send Secure cookies over plain HTTP, so the session cookie was dropped on every request after login — causing every protected endpoint to return 401. Fix: replace the NODE_ENV check with an explicit COOKIE_SECURE env var (default false). Set COOKIE_SECURE=true only when running behind an HTTPS reverse proxy. Direct HTTP installs (standard Unraid setup) work as-is. Also updated UNRAID.md to document COOKIE_SECURE with a warning explaining why it must stay false for plain-HTTP access. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-21 22:40:08 -05:00
jason	bcb8a95fae	Switch auth to plain-text password env var (remove bcrypt) - Replace ADMIN_PASSWORD_HASH with ADMIN_PASSWORD in auth route and docker-compose - Remove bcryptjs / @types/bcryptjs dependencies - Delete scripts/hashPassword.ts (no longer needed) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-21 22:05:42 -05:00
jason	231de3d005	Initial scaffold: full-stack RackMapper application Complete project scaffold with working auth, REST API, Prisma/SQLite schema, Docker config, and React frontend for both Rack Planner and Service Mapper modules. Both server and client pass TypeScript strict mode with zero errors. Initial migration applied. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-21 21:48:56 -05:00

Author

SHA1

Message

Date

jason

69b7262535

Fix 401 Unauthorized on all API calls after login (HTTP installs)

Root cause: cookie was set with Secure=true whenever NODE_ENV=production.
Browsers refuse to send Secure cookies over plain HTTP, so the session
cookie was dropped on every request after login — causing every protected
endpoint to return 401.

Fix: replace the NODE_ENV check with an explicit COOKIE_SECURE env var
(default false). Set COOKIE_SECURE=true only when running behind an HTTPS
reverse proxy. Direct HTTP installs (standard Unraid setup) work as-is.

Also updated UNRAID.md to document COOKIE_SECURE with a warning explaining
why it must stay false for plain-HTTP access.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-03-21 22:40:08 -05:00

jason

bcb8a95fae

Switch auth to plain-text password env var (remove bcrypt)

- Replace ADMIN_PASSWORD_HASH with ADMIN_PASSWORD in auth route and docker-compose
- Remove bcryptjs / @types/bcryptjs dependencies
- Delete scripts/hashPassword.ts (no longer needed)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-03-21 22:05:42 -05:00

jason

231de3d005

Initial scaffold: full-stack RackMapper application

Complete project scaffold with working auth, REST API, Prisma/SQLite
schema, Docker config, and React frontend for both Rack Planner and
Service Mapper modules. Both server and client pass TypeScript strict
mode with zero errors. Initial migration applied.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-03-21 21:48:56 -05:00

3 Commits