RonnyG/QueryBuilder
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

🔒 Disable self-registration and compact admin interface

Browse Source 
Security improvements:
- Removed registration link from login page
- Disabled /auth/register route - redirects with error message
- Removed demo credentials from login page
- Added info message: 'New users are created by administrators'

UI improvements:
- Compacted all admin interface buttons (btn-sm)
- Reduced heading sizes (H2 → H4) for less visual dominance
- Shortened badge texts ('Administrator' → 'Admin', 'Benutzer' → 'User')
- Optimized spacing and reduced margins/paddings
- Cleaner, more professional admin interface

Access control:
- Only administrators can create new users via admin panel
- Self-registration completely disabled for security
- Maintains full admin functionality with improved UX
This commit is contained in:
DGSoft
2025-10-14 21:42:32 +02:00
parent f176560c02
commit 86f9117d55
10 changed files with 75 additions and 109 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
app/templates/admin/users.html
View File

@@ -7,13 +7,13 @@
<div class="row">
<div class="col-12">
<div class="d-flex justify-content-between align-items-center mb-4">
<h2><i class="fas fa-users"></i> Benutzerverwaltung</h2>
<h4><i class="fas fa-users"></i> Benutzerverwaltung</h4>
<div>
<a href="{{ url_for('admin.create_user') }}" class="btn btn-success">
<i class="fas fa-user-plus"></i> Neuen Benutzer erstellen
<a href="{{ url_for('admin.create_user') }}" class="btn btn-success btn-sm">
<i class="fas fa-user-plus"></i> Erstellen
</a>
<a href="{{ url_for('admin.admin_dashboard') }}" class="btn btn-outline-secondary">
<i class="fas fa-arrow-left"></i> Admin Dashboard
<a href="{{ url_for('admin.admin_dashboard') }}" class="btn btn-outline-secondary btn-sm">
<i class="fas fa-arrow-left"></i> Zurück
</a>
</div>
</div>
@@ -47,17 +47,17 @@
<td>
<div class="d-flex align-items-center">
{% if user.is_admin %}
<span class="badge bg-danger me-2">
<i class="fas fa-user-shield"></i> Administrator
<span class="badge bg-danger me-1">
<i class="fas fa-user-shield"></i> Admin
</span>
{% else %}
<span class="badge bg-secondary me-2">
<i class="fas fa-user"></i> Benutzer
<span class="badge bg-secondary me-1">
<i class="fas fa-user"></i> User
</span>
{% endif %}
{% if user.id != current_user.id %}
<button class="btn btn-xs btn-outline-info"
<button class="btn btn-xs btn-outline-info btn-sm"
onclick="toggleAdmin({{ user.id }})"
title="Rolle wechseln">
<i class="fas fa-exchange-alt"></i>
@@ -69,14 +69,14 @@
<td>
<div class="btn-group btn-group-sm">
<a href="{{ url_for('admin.edit_user', user_id=user.id) }}"
class="btn btn-outline-primary" title="Bearbeiten">
class="btn btn-outline-primary btn-sm" title="Bearbeiten">
<i class="fas fa-edit"></i>
</a>
{% if user.id != current_user.id %}
<form method="POST" action="{{ url_for('admin.delete_user', user_id=user.id) }}"
class="d-inline" onsubmit="return confirm('Benutzer {{ user.username }} wirklich löschen?')">
<button type="submit" class="btn btn-outline-danger" title="Löschen">
<button type="submit" class="btn btn-outline-danger btn-sm" title="Löschen">
<i class="fas fa-trash"></i>
</button>
</form>
@@ -92,11 +92,11 @@
</div>
{% else %}
<div class="card">
<div class="card-body text-center py-5">
<i class="fas fa-users fa-3x text-muted mb-3"></i>
<h4>Keine Benutzer gefunden</h4>
<p class="text-muted">Erstellen Sie den ersten Benutzer.</p>
<a href="{{ url_for('admin.create_user') }}" class="btn btn-success">
<div class="card-body text-center py-4">
<i class="fas fa-users fa-2x text-muted mb-2"></i>
<h6>Keine Benutzer gefunden</h6>
<p class="text-muted small">Erstellen Sie den ersten Benutzer.</p>
<a href="{{ url_for('admin.create_user') }}" class="btn btn-success btn-sm">
<i class="fas fa-user-plus"></i> Ersten Benutzer erstellen
</a>
</div>