feat: implement admin login

Implement Story 1.2 (Admin Login) with full TDD approach including: - RateLimit model for tracking authentication attempts - LoginForm for admin authentication with email, password, and remember_me fields - Rate limiting utility functions (check, increment, reset) - admin_required decorator for route protection - Login route with rate limiting (5 attempts per 15 minutes) - Logout route with session clearing - Admin dashboard now requires authentication - Login template with flash message support - 14 comprehensive integration tests covering all acceptance criteria - Email normalization to lowercase - Session persistence with configurable duration (7 or 30 days) All acceptance criteria met: - Login form accepts email and password - Invalid credentials show appropriate error message - Successful login redirects to admin dashboard - Session persists across browser refreshes - Rate limiting after 5 failed attempts Test coverage: 90.67% (exceeds 80% requirement) All linting and type checking passes Story: 1.2 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-12-22 11:53:27 -07:00
parent 6a2ac7a8a7
commit 6764455703
12 changed files with 716 additions and 4 deletions
--- a/src/templates/admin/login.html
+++ b/src/templates/admin/login.html
@@ -0,0 +1,59 @@
+{% extends "layouts/base.html" %}
+
+{% block title %}Admin Login - Sneaky Klaus{% endblock %}
+
+{% block content %}
+<article style="max-width: 600px; margin: 4rem auto;">
+    <header>
+        <h1>Admin Login</h1>
+        <p>Sign in to manage your gift exchanges.</p>
+    </header>
+
+    {% with messages = get_flashed_messages(with_categories=true) %}
+        {% if messages %}
+            {% for category, message in messages %}
+                <div role="alert" style="margin-bottom: 1rem; {% if category == 'error' %}color: var(--pico-form-element-invalid-border-color);{% else %}color: var(--pico-primary);{% endif %}">
+                    {{ message }}
+                </div>
+            {% endfor %}
+        {% endif %}
+    {% endwith %}
+
+    <form method="POST" action="{{ url_for('admin.login') }}">
+        {{ form.hidden_tag() }}
+
+        <div>
+            <label for="email">
+                {{ form.email.label.text }}
+                {{ form.email(required=True) }}
+            </label>
+            {% if form.email.errors %}
+                <small style="color: var(--pico-form-element-invalid-border-color);">
+                    {{ form.email.errors[0] }}
+                </small>
+            {% endif %}
+        </div>
+
+        <div>
+            <label for="password">
+                {{ form.password.label.text }}
+                {{ form.password(required=True) }}
+            </label>
+            {% if form.password.errors %}
+                <small style="color: var(--pico-form-element-invalid-border-color);">
+                    {{ form.password.errors[0] }}
+                </small>
+            {% endif %}
+        </div>
+
+        <div>
+            <label>
+                {{ form.remember_me() }}
+                {{ form.remember_me.label.text }}
+            </label>
+        </div>
+
+        <button type="submit">Login</button>
+    </form>
+</article>
+{% endblock %}