multi-user: users, per-user profiles/filters/notifications, tab UI, apply forensics

* DB: users + user_profiles/filters/notifications/preferences; applications gets user_id + forensics_json + profile_snapshot_json; new errors table with 14d retention; schema versioning via MIGRATIONS list * auth: password hashes in DB (argon2); env vars seed first admin; per-user sessions; CSRF bound to user id * apply: personal info/WBS moved out of env into the request body; providers take an ApplyContext with Profile + submit_forms; full Playwright recorder (step log, console, page errors, network, screenshots, final HTML) * web: five top-level tabs (Wohnungen/Bewerbungen/Logs/Fehler/Einstellungen); settings sub-tabs profil/filter/benachrichtigungen/account/benutzer; per-user matching, auto-apply and notifications (UI/Telegram/SMTP); red auto-apply switch on Wohnungen tab; forensics detail view for bewerbungen and fehler; retention background thread Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-21 10:52:41 +02:00 · 2026-04-21 10:52:41 +02:00 · c630b500ef
commit c630b500ef
parent e663386a19
36 changed files with 2763 additions and 1113 deletions
--- a/web/templates/_settings_account.html
+++ b/web/templates/_settings_account.html
@ -0,0 +1,27 @@
+<h2 class="font-semibold mb-4">Account</h2>
+
+<div class="text-sm text-slate-600 mb-4">
+    Angemeldet als <b>{{ user.username }}</b>{% if is_admin %} (Administrator){% endif %}.
+</div>
+
+{% if request.query_params.get('ok') %}<div class="chip chip-ok mb-4">Passwort geändert.</div>{% endif %}
+{% if request.query_params.get('err') == 'wrongold' %}<div class="chip chip-bad mb-4">Altes Passwort falsch.</div>{% endif %}
+{% if request.query_params.get('err') == 'mismatch' %}<div class="chip chip-bad mb-4">Neue Passwörter stimmen nicht überein.</div>{% endif %}
+{% if request.query_params.get('err') == 'tooshort' %}<div class="chip chip-bad mb-4">Passwort zu kurz (min. 10 Zeichen).</div>{% endif %}
+
+<form method="post" action="/actions/account/password" class="space-y-3 max-w-md">
+    <input type="hidden" name="csrf" value="{{ csrf }}">
+    <div>
+        <label class="block text-xs uppercase text-slate-500 mb-1">Altes Passwort</label>
+        <input class="input" type="password" name="old_password" autocomplete="current-password" required>
+    </div>
+    <div>
+        <label class="block text-xs uppercase text-slate-500 mb-1">Neues Passwort (≥ 10 Zeichen)</label>
+        <input class="input" type="password" name="new_password" autocomplete="new-password" required>
+    </div>
+    <div>
+        <label class="block text-xs uppercase text-slate-500 mb-1">Neues Passwort wiederholen</label>
+        <input class="input" type="password" name="new_password_repeat" autocomplete="new-password" required>
+    </div>
+    <button class="btn btn-primary" type="submit">Passwort ändern</button>
+</form>