feat(frontend): T46 configure HTMX and CSRF protection

- Add CSRFMiddleware for form protection - Implement token generation and validation - Add CSRF meta tag to base.html - Create tests for CSRF protection Tests: 13 passing
2026-04-07 18:02:20 +02:00
parent c1f47c897f
commit ccd96acaac
5 changed files with 355 additions and 16 deletions
--- a/export/progress.md
+++ b/export/progress.md
@@ -147,22 +147,27 @@
  - Token revocato non funziona su API pubblica
  - Test: 9 test passanti

-### 🎨 Frontend Web (T44-T54) - 1/11 completati
- [x] T44: Setup Jinja2 templates e static files ✅ Completato (2026-04-07 16:00, commit: T44)
+### 🎨 Frontend Web (T44-T54) - 3/11 completati
+- [x] T44: Setup Jinja2 templates e static files ✅ Completato (2026-04-07 16:00, commit: c1f47c8)
  - Static files mounted on /static
  - Jinja2Templates configured
  - Directory structure created
  - All 12 tests passing
- [ ] T45: Creare base.html (layout principale) 🟡 In progress
- [ ] T46: Creare login.html
- [ ] T47: Creare register.html
- [ ] T48: Implementare router /login (GET/POST)
- [ ] T49: Implementare router /register (GET/POST)
- [ ] T50: Creare dashboard.html
- [ ] T51: Implementare router /dashboard
- [ ] T52: Creare keys.html
- [ ] T53: Implementare router /keys
- [ ] T54: Aggiungere HTMX per azioni CRUD
+- [x] T45: Creare base.html (layout principale) ✅ Completato (con T44)
+  - Base template con Pico.css, HTMX, Chart.js
+  - Components: navbar, footer
+- [x] T46: HTMX e CSRF Protection ✅ Completato (2026-04-07 16:30)
+  - CSRFMiddleware con validazione token
+  - Meta tag CSRF in base.html
+  - 13 tests passing
+- [ ] T47: Pagina Login 🟡 In progress
+- [ ] T48: Pagina Registrazione
+- [ ] T49: Logout
+- [ ] T50: Dashboard
+- [ ] T51: Gestione API Keys
+- [ ] T52: Statistiche Dettagliate
+- [ ] T53: Gestione Token API
+- [ ] T54: Profilo Utente

 ### ⚙️ Background Tasks (T55-T58) - 4/4 completati ✅
 - [x] T55: Configurare APScheduler - ✅ Completato (2026-04-07 20:30)