feat(auth): skip password requirement for default "admin" password

CryptoGnome · CryptoGnome · commit e1013f45bc86 · 2025-10-12T17:14:16.000-04:00
- Treat default "admin" password as unauthenticated access
- Update password check logic in both auth API and login page to exclude "admin" from requiring authentication
- Remove minLength constraint from password input field
- Add clarifying comments about default password handling

This change improves user experience by allowing immediate access when using the default password, while still requiring authentication for custom passwords.
diff --git a/src/app/api/auth/check/route.ts b/src/app/api/auth/check/route.ts
@@ -7,8 +7,9 @@ export async function GET() {
     const config = await configLoader.loadConfig();
     const dashboardPassword = config.global?.server?.dashboardPassword;
 
+    // Only require password if it's set and not the default "admin"
     return NextResponse.json({
-      passwordRequired: !!dashboardPassword && dashboardPassword.length > 0,
+      passwordRequired: !!dashboardPassword && dashboardPassword.length > 0 && dashboardPassword !== 'admin',
     });
   } catch (error) {
     console.error('Failed to check auth status:', error);
diff --git a/src/app/login/page.tsx b/src/app/login/page.tsx
@@ -20,9 +20,10 @@ function LoginForm() {
   const { data: _session, status } = useSession();
   const { config } = useConfig();
 
-  // Check if password is configured
+  // Check if a custom password is configured (not the default "admin")
   const isPasswordConfigured = config?.global?.server?.dashboardPassword &&
-    config.global.server.dashboardPassword.trim().length > 0;
+    config.global.server.dashboardPassword.trim().length > 0 &&
+    config.global.server.dashboardPassword !== 'admin';
 
   // Redirect if already authenticated
   useEffect(() => {
@@ -108,7 +109,6 @@ function LoginForm() {
                 onChange={(e) => setPassword(e.target.value)}
                 required
                 autoFocus
-                minLength={4}
               />
               {password.length > 0 && password.length < 4 && !(password === 'admin' && !isPasswordConfigured) && (
                 <p className="text-xs text-muted-foreground">
