The security section had grown into a flat pile of toggles with hidden dependencies. Regrouped into three labelled cards so it reads top-to-bottom: - 🔑 Lock with a PIN — set PIN (Step 1) → Require PIN - 👤 User accounts (login) — Step 1 admin password → Step 2 recovery question → Step 3 Require login. The Step 3 toggle is now visually LOCKED (greyed + disabled + "set the admin password first" hint) until an admin password exists, so the anti-lockout rule is obvious instead of surfacing as a 400 on save. It unlocks the moment the password is saved. - 🌐 Reverse proxy & remote access — the proxy toggle, with the auth-proxy header nested under it (indented), plus WebSocket origins. - get_all_profiles/get_profile now expose has_password + has_recovery so the UI can reflect setup state; updateRequireLoginGate() drives the lock. - New .security-subgroup/.security-subhead/.security-nested/.security-locked CSS. All IDs + handlers preserved. Inert unless used; default install unaffected. 64 script-split integrity tests pass. |
||
|---|---|---|
| .. | ||
| __init__.py | ||
| music_database.py | ||
| personalized_schema.py | ||