add admin page
In order to allow users to configure Karapulse (configuring Spotify, etc) we'll need a password protected admin
web page.
I was thinking of something like this:
Server
- add
/api/admin/auth POST
endpoint, taking the admin password as input and returning a JWT on success - add
/api/admin/config GET
endpoint, returning a JSON with the current configuration - add
/api/admin/config POST
endpoint, taking a JSON to update the configuration -
/api/admin/config
requires a validJWT
except if there is no password defined yet, then only setting this password is allowed (required for initial setup) - Redirect any HTML request to the admin page if no admin password is defined, forcing user to define one before starting to use Karapulse.
Frontend
- Add an
admin
button, asking for password and requesting aJWT
if none stored yet - Have this admin page request the config and displaying UI to change it.
- Store the
JWT
in local storage or cookie so it can be re-used.
Edited by Guillaume Desmottes