lazyflat: combined alert + apply behind authenticated web UI

Three isolated services (alert scraper, apply HTTP worker, web UI+DB) with argon2 auth, signed cookies, CSRF, rate-limited login, kill switch, apply circuit breaker, audit log, and strict CSP. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-21 09:51:35 +02:00 · 2026-04-21 09:51:35 +02:00 · 69f2f1f635
commit 69f2f1f635
46 changed files with 4183 additions and 0 deletions
--- a/web/templates/dashboard.html
+++ b/web/templates/dashboard.html
@ -0,0 +1,25 @@
+{% extends "base.html" %}
+{% block title %}lazyflat dashboard{% endblock %}
+{% block body %}
+<header class="border-b border-[#1e2335]">
+    <div class="max-w-6xl mx-auto px-6 py-4 flex items-center justify-between">
+        <div class="flex items-center gap-3">
+            <div class="w-8 h-8 rounded-lg bg-gradient-to-br from-[#5b8def] to-[#7bd88f]"></div>
+            <h1 class="text-xl font-semibold">lazyflat</h1>
+        </div>
+        <div class="flex items-center gap-3 text-sm">
+            <span class="text-slate-400">{{ user }}</span>
+            <form method="post" action="/logout">
+                <button class="btn btn-ghost text-sm" type="submit">Logout</button>
+            </form>
+        </div>
+    </div>
+</header>
+
+<main class="max-w-6xl mx-auto px-6 py-6 space-y-6"
+      hx-get="/partials/dashboard" hx-trigger="every 15s" hx-target="#dashboard-body" hx-swap="innerHTML">
+    <div id="dashboard-body">
+        {% include "_dashboard_body.html" %}
+    </div>
+</main>
+{% endblock %}