GKaszewski/movies-diary
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d034af9e9c9cd5b3983973929121000f9f0d26b6
movies-diary/docs/superpowers/specs/2026-05-04-frontend-html-design.md

1.1 KiB
Raw Blame History

Frontend HTML/CSS Design

Date: 2026-05-04

Summary

Server-rendered HTML frontend using Rust/Axum + Askama templates + HTTP-only cookie JWT auth. No JavaScript.

Pages

Route Access Description
GET / public Diary index
GET /login public Login form
POST /login public Set cookie → redirect /
GET /logout Clear cookie → redirect /
GET /register public Only if ALLOW_REGISTRATION
POST /register public Set cookie → redirect /
GET /reviews/new auth New review form
POST /reviews auth Log review → redirect /

Design Decisions

  • Auth: Cookie-based JWT (HttpOnly, SameSite=Lax). Existing Bearer auth untouched.
  • Template inheritance: base.html owns header. Child templates use {% extends %}/{% block %}.
  • Entry layout: Poster thumbnail (60px) + text block. Fallback to text-only when no poster.
  • Header (logged out): [Login] [Register?]
  • Header (logged in): [Add Review] email@example.com [Logout]
  • Form errors: PRG → redirect back with ?error=
  • Diary visibility: Public (anyone can read, auth required to add)
Reference in New Issue View Git Blame Copy Permalink