Authentication System
Full authentication support with multiple providers and secure session management.
Local Authentication
- User Login/Logout - Secure local authentication with username/password
- First-Run Setup - Setup wizard creates initial admin user on fresh install
- User Menu - Profile dropdown in header showing logged-in user
- Session Management - Secure JWT-based sessions with configurable expiration
- Password Security - Bcrypt hashing with configurable strength
Authentication Providers
- Local Auth - Built-in username/password authentication
- Dispatcharr Integration - Authenticate against Dispatcharr instance
- Provider Selection - Configure primary authentication method in settings
User Interface
- Login Page - Clean, themed login form with error handling
- Setup Page - First-run wizard for initial admin creation
- Settings Integration - Auth settings section in Settings tab
- Protected Routes - All app routes require authentication
TLS/HTTPS Support
Secure HTTPS connections with Let's Encrypt certificate automation.
Certificate Management
- Let's Encrypt Integration - Automatic certificate issuance via DNS-01 challenge
- AWS Route53 Support - DNS validation using Route53 for domain verification
- Certificate Upload - Manual certificate upload for custom certs
- Auto-Renewal - Background task checks and renews certificates before expiry
Dynamic HTTPS Server
- Hot Enable/Disable - Enable TLS without container restart
- Subprocess Management - HTTPS runs as managed subprocess on port 6143
- Graceful Restart - Certificate renewal triggers automatic HTTPS restart
- Status Monitoring - Real-time HTTPS server status in TLS settings
TLS Settings UI
- Certificate Status - View current certificate details and expiration
- Domain Configuration - Configure domain and Route53 credentials
- Enable/Disable Toggle - Turn TLS on/off dynamically
- Request/Renew Actions - One-click certificate operations
CSV Import/Export
Improvements
- Auto-Refresh - Channel list refreshes automatically after CSV import
- EPG Logo Assignment - Logos auto-assigned during import when EPG data available
- Error Handling - Better error messages for import failures
Test Infrastructure
Backend Tests
- 614 Tests Passing - Comprehensive unit and integration test coverage
- TLS Tests - New tests for certificate management and HTTPS server
- Auth Tests - Tests for login, session, and password security
- Fixture Improvements - Better database session handling in test fixtures
E2E Tests
- Auth Handling - E2E tests now auto-login with test credentials
- Updated Fixtures - appPage fixture handles authentication automatically
- Smoke Tests - Core functionality tests pass with auth enabled
Test Organization
- Specs Directory - Unimplemented feature specs moved to
backend/tests/specs/ - TDD Approach - Test specifications written ahead of implementation
Bug Fixes
- Fix setup_complete flag when users already exist
- Fix test session handling in conftest.py
- Fix notifications API test parameter format
- Fix CSV export mock methods in tests
- Fix auth provider message assertion in tests
Technical Details
- Version: 0.11.1-0018
- HTTP Port: 6100 (always active)
- HTTPS Port: 6143 (when TLS enabled)
- Auth: JWT with secure httpOnly cookies
- Certificates: Stored in /config/tls/