Feature/add auth (#65)

* Add auth

* Add auto refresh

* fix autorefresh bar

* Add misc fixed and improvements

* Update Changelog

Author: mostafa-wahied

CHANGELOG.md

@@ -2,88 +2,114 @@
 
 All notable changes to portracker will be documented in this file.
 
+## [Unreleased]
+
+### Security
+
+- **Authentication**: Optional authentication to secure dashboard access using `ENABLE_AUTH=true`
+  - **[sub]** Disabled by default for backward compatibility
+  - **[sub]** Recovery mode accessible via `RECOVERY_MODE=true` if you lose your password
+  - **[sub]** When recovery mode is enabled, a time-limited recovery code (valid 15 minutes) appears in the logs to use on the login page with any username
+
+### Dashboard
+
+- **Auto-Refresh**: Added a toggle to auto-refresh ports and services every 30 seconds
+
 ## [1.1.1] - 2025-01-17
 
-### Features
+### Server Integrations
+
 - **TrueNAS Enhanced Features**: Add your TrueNAS API key directly from the UI to unlock VM and LXC container monitoring with step-by-step setup instructions
 
 ### Fixes
+
 - **TrueNAS API Key Revocation**: Fixed automatic key revocation issue by prioritizing secure WebSocket connections
 - **Virtual Machines & Containers**: VMs and LXC containers now display correctly with icons and badges to distinguish between them
 - **Debug Logging**: DEBUG environment variable now properly enables debug output
 
 ## [1.1.0] - 2025-08-23
 
-### Frontend & Backend
+### Dashboard
+
 - **System Port Name Fix**: Fixed the issue where system ports were incorrectly displayed as "unknown".
 - **Consistent Status Indicators**: Improved status indicators for system ports to ensure consistency.
 
 ## [1.0.8] - 2025-08-20
 
-### Frontend
-- **Batch rename migration fix**: Fix migration issue affecting batch rename operations so renamed services persist correctly.
+### Dashboard
 
-### Dev
+- **Batch rename migration fix**: Fix migration issue affecting batch rename operations so renamed services persist correctly.
 - **Misc.**: minor migration-related fix for batch rename flow.
 
 ## [1.0.7] - 2025-08-19
 
-### Frontend
+### Dashboard
+
 - **Service renaming**: Allow renaming services from the UI.
 - **Batch actions**: Add selection and batch operations for services and ports (ignore, add note, etc.).
 - **Internal / Port display fixes**: Fix display issues so internal and published ports are shown correctly; fix select-box overlap.
 
 ### Backend
+
 - **Port protocol reporting**: Ensure ports include protocol information so reported mappings are accurate.
 
 ## [1.0.6] - 2025-08-15
 
-### Frontend
+### Dashboard
+
 - **Container Details Drawer**: New slide-out panel to show detailed information for Docker containers including stats, labels, mounts, and environment variables
 - **Internal Port Display**: UI now correctly shows and differentiates internal-only ports from published ports with health status monitoring
 - **Global Search**: Search bar now includes an option to search across all servers simultaneously
 - **What's New**: Automatic notification system to stay updated with new features when releasing new versions
 
-### Backend
+### Data
+
 - **Collector Caching**: Added caching mechanism to all data collectors to reduce duplicate requests and improve data refresh speed
 
 ## [1.0.5] - 2025-08-09
 
-### Backend
+### Server Integrations
+
 - **Dockerode Integration**: Switched to use the dockerode library for more reliable Docker API interactions instead of shell commands
 - **Centralized Logging**: All collectors now use a single Logger class for consistent and structured logging throughout the application
 
 ## [1.0.4] - 2025-08-09
 
-### Frontend
+### Dashboard
+
 - **Enhanced Service Detection**: Improved identification and categorization of running services with Single Page Application (SPA) detection support
 - **Port Status Indicators**: Added clear visual distinction between different types of ports (published vs internal) with detailed status information
 
-### Backend
+### Server Integrations
+
 - **Removed network_mode: host Requirement**: Eliminated the need for Docker host networking mode by implementing direct /proc filesystem parsing for better security
 - **Advanced Port Detection**: Enhanced system for more accurate container and system port identification using multiple detection methods
 - **Improved Container Introspection**: Better error handling and fallback strategies across different platforms for reliable port collection
 
 ## [1.0.3] - 2025-08-07
 
-### Infrastructure
+### Data
+
 - **Simplified Docker Dependencies**: Streamlined system requirements - no longer requires mounting additional system sockets for container information and support for docker proxy.
 - **Enhanced Data Accuracy**: Improved container information display with more accurate timestamps and metadata parsing
 
 ## [1.0.2] - 2025-07-11
 
-### Security & Improvements
+### Security
+
 - **Security Hardening**: Key security aspects addressed
 - **Data Collection**: Improved data collection accuracy
 
 ## [1.0.1] - 2025-07-10
 
 ### Initial Improvements
+
 - Various fixes and improvements after initial release
 
 ## [1.0.0] - 2025-07-07
 
-### Initial Release
+### Dashboard
+
 - **Multi-platform Port Tracking**: Initial release of portracker with support for monitoring ports across multiple servers
 - **Docker Integration**: Native Docker container port monitoring
 - **Web Interface**: Clean, responsive web interface for port management

README.md

@@ -174,13 +174,40 @@ Configure `portracker` using environment variables.
 | `PORT`\*           | The port the web application will run on.              | `4999`                |
 | `DATABASE_PATH`\*  | Path inside the container to the SQLite database file. | `/data/portracker.db` |
 | `TRUENAS_API_KEY`  | Optional API key for enhanced TrueNAS data collection. | ` `                   |
+| `ENABLE_AUTH`      | Set to `true` to enable authentication (v1.2.0+).      | `false`               |
+| `SESSION_SECRET`   | Secret key for session encryption (recommended when auth enabled). | _random_  |
 | `CACHE_TIMEOUT_MS` | Duration in milliseconds to cache scan results.        | `60000`               |
 | `DISABLE_CACHE`    | Set to `true` to disable all caching.                  | `false`               |
 | `INCLUDE_UDP`      | Set to `true` to include UDP ports in scans.           | `false`               |
 | `DEBUG`            | Set to `true` for verbose application logging.         | `false`               |
 
 <sub>\*_Required_</sub>
 
+### Authentication Setup (v1.2.0+)
+
+Portracker includes optional authentication to secure dashboard access:
+
+1. **Enable Authentication**: Set `ENABLE_AUTH=true` in your environment variables
+2. **First-Time Setup**: On first access, you'll see a setup wizard to create the admin account
+3. **Login**: Use your admin credentials to access the dashboard
+4. **Production Recommendation**: Set a custom `SESSION_SECRET` for secure session management
+
+**Example with Authentication:**
+
+```yaml
+services:
+  portracker:
+    image: mostafawahied/portracker:latest
+    environment:
+      - ENABLE_AUTH=true
+      - SESSION_SECRET=your-random-secret-here-change-this
+```
+
+**Important Notes:**
+- Authentication is **disabled by default** for backward compatibility
+- When enabled, the dashboard requires login but API endpoints for peer communication remain accessible
+- API key authentication for peer-to-peer communication is planned for v1.3.0
+
 ## Technical Stack
 
 - **Backend**: Node.js, Express, WebSocket, better-sqlite3
@@ -191,9 +218,10 @@ Configure `portracker` using environment variables.
 
 Future development is focused on improving the application based on community feedback. Key areas include:
 
-- Adding user authentication.
-- Expanding the library of platform-specific collectors for other host systems.
-- Addressing bugs and incorporating requested changes from the community.
+- ~~Adding user authentication~~ ✅ **Added in v1.2.0** (optional authentication with setup wizard)
+- Adding API key authentication for peer-to-peer communication (planned for v1.3.0)
+- Expanding the library of platform-specific collectors for other host systems
+- Addressing bugs and incorporating requested changes from the community
 
 ## Star History
 

backend/db.js

@@ -97,6 +97,17 @@ if (!tableExists) {
   );
 `);
   createCustomServiceNamesTable.run();
+
+  const createUsersTable = db.prepare(`
+  CREATE TABLE IF NOT EXISTS users (
+    id TEXT PRIMARY KEY,
+    username TEXT UNIQUE NOT NULL,
+    password_hash TEXT NOT NULL,
+    created_at INTEGER NOT NULL,
+    last_login INTEGER
+  );
+`);
+  createUsersTable.run();
 } else {
   try {
     const notesColumns = db.prepare("PRAGMA table_info(notes)").all();
@@ -484,6 +495,26 @@ if (!tableExists) {
       logger.info('Schema migration: custom_service_names table updated with protocol support');
     }
 
+    const usersTableExists = db
+      .prepare(
+        "SELECT name FROM sqlite_master WHERE type='table' AND name='users'"
+      )
+      .get();
+    
+    if (!usersTableExists) {
+      logger.info('Schema migration: Creating "users" table for authentication');
+      db.exec(`
+        CREATE TABLE users (
+          id TEXT PRIMARY KEY,
+          username TEXT UNIQUE NOT NULL,
+          password_hash TEXT NOT NULL,
+          created_at INTEGER NOT NULL,
+          last_login INTEGER
+        );
+      `);
+      logger.info('Schema migration: users table created successfully');
+    }
+
   } catch (migrationError) {
     logger.error(
       "FATAL: Database schema migration failed:",