Skip to content

admin-access.md

Latest commit

 

History

History
58 lines (37 loc) · 1.71 KB

admin-access.md

File metadata and controls

58 lines (37 loc) · 1.71 KB

Admin Access

Security Model

Admin access is protected by in-app authentication. Email/password login and admin authorization are required for all protected /admin/* routes.

Note: The app always trusts X-Real-IP / X-Forwarded-For headers for client IP resolution (used for login rate limiting and telemetry dedupe). It must be deployed behind a trusted reverse proxy (Caddy) — never exposed directly to the internet.

Admin Bootstrap

Create initial admin user

echo 'secure-password' | wpcomposer admin create --email admin@example.com --name "Admin" --password-stdin

Promote existing user to admin

wpcomposer admin promote --email user@example.com

Reset admin password

echo 'new-password' | wpcomposer admin reset-password --email admin@example.com --password-stdin

Login/Logout

  • Login: GET /admin/login renders a login form. POST /admin/login authenticates with email/password and creates a server-side session.
  • Logout: POST /admin/logout destroys the session and clears the cookie.
  • Session cookie: session, HttpOnly, Secure (in production), SameSite=Lax.
  • Session lifetime: configurable via SESSION_LIFETIME_MINUTES (default 7200 minutes / 5 days).

Session Cleanup

Expired sessions accumulate in the sessions table. Clean them periodically:

wpcomposer cleanup-sessions

Run via systemd timer or cron (daily recommended).

Emergency Password Reset

If locked out of the admin panel:

# SSH to the server
ssh deploy@your-server

# Reset the password
echo 'new-password' | wpcomposer admin reset-password --email admin@example.com --password-stdin

No database access or application restart required.