From: PhiTux <redacted>
Date: Wed, 10 Sep 2025 14:38:55 +0000 (+0200)
Subject: admin now sees the env-vars
X-Git-Url: http://git.99rst.org/?a=commitdiff_plain;h=5f0470d6cde2f2c6c65d36c0188f7f3704b926d3;p=DailyTxT.git

admin now sees the env-vars
---

diff --git a/backend/handlers/admin.go b/backend/handlers/admin.go
index f6058e2..930b8fe 100644
--- a/backend/handlers/admin.go
+++ b/backend/handlers/admin.go
@@ -121,11 +121,15 @@ func GetAdminData(w http.ResponseWriter, r *http.Request) {
 	// Check for old directory and get old users info
 	oldDirInfo := getOldDirectoryInfo()
 
+	// Get App Settings (Env-vars)
+	appSettings := utils.GetAppSettings()
+
 	w.Header().Set("Content-Type", "application/json")
 	json.NewEncoder(w).Encode(map[string]any{
-		"users":      adminUsers,
-		"free_space": freeSpace,
-		"old_data":   oldDirInfo,
+		"users":        adminUsers,
+		"free_space":   freeSpace,
+		"old_data":     oldDirInfo,
+		"app_settings": appSettings,
 	})
 }
 
diff --git a/backend/handlers/users.go b/backend/handlers/users.go
index b1d3bed..c35bbbe 100644
--- a/backend/handlers/users.go
+++ b/backend/handlers/users.go
@@ -234,6 +234,11 @@ type RegisterRequest struct {
 // Register handles user registration
 // The API endpoint
 func RegisterHandler(w http.ResponseWriter, r *http.Request) {
+	if !utils.Settings.AllowRegistration {
+		http.Error(w, "Registration is not allowed", http.StatusForbidden)
+		return
+	}
+
 	// Parse the request body
 	var req RegisterRequest
 	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
diff --git a/backend/utils/helpers.go b/backend/utils/helpers.go
index 7b754a7..c13402b 100644
--- a/backend/utils/helpers.go
+++ b/backend/utils/helpers.go
@@ -121,6 +121,17 @@ func InitSettings() error {
 	return nil
 }
 
+func GetAppSettings() AppSettings {
+	// dont't show secret - remove it!
+	var tempSettings AppSettings
+
+	data, _ := json.Marshal(Settings)
+	json.Unmarshal(data, &tempSettings)
+
+	tempSettings.SecretToken = ""
+	return tempSettings
+}
+
 func GetUserIDByUsername(username string) (int, error) {
 	// Get users
 	users, err := GetUsers()
diff --git a/frontend/src/lib/settings/Admin.svelte b/frontend/src/lib/settings/Admin.svelte
index f69090e..10e1e62 100644
--- a/frontend/src/lib/settings/Admin.svelte
+++ b/frontend/src/lib/settings/Admin.svelte
@@ -23,6 +23,7 @@
 	let freeSpace = $state(0);
 	let oldData = $state({});
 	let users = $state([]);
+	let appSettings = $state({});
 	let isLoadingUsers = $state(false);
 	let deleteUserId = $state(null);
 	let isDeletingUser = $state(false);
@@ -83,6 +84,7 @@
 			users = response.data.users || [];
 			freeSpace = response.data.free_space;
 			oldData = response.data.old_data;
+			appSettings = response.data.app_settings || {};
 		} catch (error) {
 			console.error('Error loading users:', error);
 			if (error.response?.status === 401) {
@@ -129,6 +131,7 @@
 		adminPassword = '';
 		adminAuthError = '';
 		users = [];
+		appSettings = {};
 		deleteUserId = null;
 	}
 
@@ -423,6 +426,51 @@
 				</div>
 			{/if}
 
+			<!-- App Settings Card / Environment Variables -->
+			<div class="card mt-4">
+				<div class="card-header">
+					<h4 class="card-title mb-0">⚙️ {$t('settings.admin.environment_variables')}</h4>
+				</div>
+				<div class="card-body">
+					<p class="text-muted mb-3">
+						{$t('settings.admin.environment_variables_description')}
+					</p>
+
+					{#if Object.keys(appSettings).length > 0}
+						<div class="list-group list-group-flush">
+							{#each Object.entries(appSettings) as [key, value]}
+								<div class="list-group-item px-0 py-2">
+									<div class="row">
+										<div class="col-4">
+											<span class="fw-bold text-muted">{key}:</span>
+										</div>
+										<div class="col-8">
+											<span class="font-monospace">
+												{#if Array.isArray(value)}
+													{JSON.stringify(value)}
+												{:else if typeof value === 'boolean'}
+													<span class="badge {value ? 'bg-success' : 'bg-danger'}">
+														{value ? 'true' : 'false'}
+													</span>
+												{:else if key === 'secret_token' && value === ''}
+													<span class="text-muted fst-italic"
+														>{$t('settings.admin.hidden_for_security')}</span
+													>
+												{:else}
+													{value}
+												{/if}
+											</span>
+										</div>
+									</div>
+								</div>
+							{/each}
+						</div>
+					{:else}
+						<p class="text-muted">{$t('settings.admin.no_environment_variables')}</p>
+					{/if}
+				</div>
+			</div>
+
 			<!-- Reload Button moved to bottom -->
 			<div class="mt-4 d-flex justify-content-center">
 				<button class="btn btn-outline-primary" onclick={loadUsers} disabled={isLoadingUsers}>
diff --git a/frontend/src/routes/login/+page.svelte b/frontend/src/routes/login/+page.svelte
index deffe9e..406b13c 100644
--- a/frontend/src/routes/login/+page.svelte
+++ b/frontend/src/routes/login/+page.svelte
@@ -424,6 +424,12 @@
 				</h2>
 				<div id="collapseTwo" class="accordion-collapse collapse" data-bs-parent="#loginAccordion">
 					<div class="accordion-body">
+						<div class="alert alert-info">{$t('login.create_account_info')}</div>
+						{#if !registration_allowed}
+							<div class="alert alert-danger" role="alert">
+								{$t('login.alert.registration_not_allowed')}
+							</div>
+						{/if}
 						<form onsubmit={handleRegister}>
 							<div class="form-floating mb-3">
 								<input
@@ -455,11 +461,7 @@
 								/>
 								<label for="registerPassword2">{$t('login.confirm_password')}</label>
 							</div>
-							{#if !registration_allowed}
-								<div class="alert alert-danger" role="alert">
-									{$t('login.alert.registration_not_allowed')}
-								</div>
-							{/if}
+
 							{#if show_registration_failed_with_message}
 								<div class="alert alert-danger" role="alert">
 									{@html $t('login.alert.registration_failed_with_message', {