After the security hardening that introduced bootstrap token protection, the first-run setup flow was broken because FirstRunSetup.tsx didn't prompt users for the token. This caused a 401 "Bootstrap setup token required" error during initial admin account creation. Changes: - Add dedicated unlock screen before the setup wizard - Display instructions for retrieving token from host - Include bootstrap token in quick-setup API request headers and body - Only require unlock for first-run setup (skip in force mode) The unlock screen follows the documented flow in README.md and ensures only users with host access can configure an unconfigured instance. Related to #639 |
||
|---|---|---|
| .. | ||
| api | ||
| components | ||
| constants | ||
| hooks | ||
| pages | ||
| stores | ||
| styles | ||
| test | ||
| types | ||
| utils | ||
| App.tsx | ||
| constants.ts | ||
| index.css | ||
| index.tsx | ||
| vite-env.d.ts | ||