kepr / e0a7fa64bdc5

v1.56.88: operator web login at /login — replaced the dead SSH-key-instructions page with a password+TOTP form. GET /login shows the operator login (password, +6-digit code once TOTP enrolled) or, when no password is set, a first-run setup form gated by the operator RECOVERY PHRASE (verified against accounts.recovery_hash) so an open instance can't be claimed. POST /login verifies password (+mandatory TOTP when enrolled) and mints a kepr_session operator account session; POST /login/setup sets the bcrypt password; GET/POST /login/totp enrol the TOTP secret (otpauth link + manual secret, confirm-before-persist). Standalone .page-ops pages reusing the surviving ops-auth CSS. Also: writePublicHtml now strips the logged-out nav 'join' link when registration is closed (contributions off), so it only shows when joining is enabled. safeLoginNext open-redirect guard + test. musl ReleaseSafe build exit 0 + zig build test 644 pass / 1 pre-existing team-tier live-PG fail

dev · yesterday · 2026-06-17 · 14.5 MB

session: operator login rebuild · agent: claude-opus-4-8

parent: f48f4e40a547