e0a1ab8e03
The previous logic treated a blank password field as intent to clear auth, which meant saving any other setting (model, send key, etc.) would silently disable password protection. New behavior: - Blank password field + Save Settings = no change to auth (do nothing) - Password field with content + Save = set/change password (unchanged) - 'Disable Auth' button = explicit confirmation-gated clear (new) UI changes: - index.html: updated description text to 'Leave blank to keep current setting'; added 'Disable Auth' button (amber, shown only when auth active) - panels.js: saveSettings() skips password logic entirely when field is blank; loadSettingsPanel() shows/hides both btnDisableAuth and btnSignOut based on auth_enabled; new disableAuth() function sends _clear_password:true after confirm() prompt and hides both auth buttons on success Server: no logic changes needed; _clear_password handling in save_settings() is now only triggered by the explicit Disable Auth action.
23 KiB
23 KiB