Kategorien dazu

V 1.0.2. Keine vorausgefüllte Login-Seite mehr
V 1.0.1: Auth erfolgreich
2026-03-01 11:26:44 +00:00 · 2026-03-01 08:46:59 +00:00 · 2026-03-01 08:35:46 +00:00 · 2026-03-01 07:52:31 +00:00
23 changed files with 778 additions and 20 deletions
--- a/.vscode/launch.json
+++ b/.vscode/launch.json
@@ -0,0 +1,17 @@
 {
  "version": "0.2.0",
  "configurations": [
    {
      "type": "node",
      "request": "launch",
      "name": "Next.js Debug",
      "runtimeExecutable": "node",
      "args": [
        "--inspect-brk",
        "${workspaceFolder}/node_modules/.bin/next",
        "dev"
      ],
      "console": "integratedTerminal"
    }
  ]
 }
--- a/AUTH_README.md
+++ b/AUTH_README.md
@@ -0,0 +1,174 @@
 # Wiederverwendbare Authentifizierung
 Diese Authentifizierungslösung kann einfach in andere Next.js Projekte übernommen werden.
 ## Komponenten
 ### 1. Core Libraries (wiederverwendbar)
 - `/lib/auth.ts` - Authentifizierungslogik (Benutzerverwaltung über .env)
 - `/lib/session.ts` - JWT-basiertes Session-Management
 - `/middleware.ts` - Route-Schutz Middleware
 ### 2. UI Komponenten (wiederverwendbar)
 - `/app/login/page.tsx` - Login-Seite
 - `/app/login/actions.ts` - Server Actions für Login/Logout
 - `/components/LogoutButton.tsx` - Logout-Button Komponente
 ## Installation in neuen Projekten
 ### 1. Dependencies installieren
 ```bash
 npm install jose bcryptjs
 npm install --save-dev @types/bcryptjs
 ```
 ### 2. Dateien kopieren
 Kopiere folgende Dateien in dein neues Projekt:
 - `lib/auth.ts`
 - `lib/session.ts`
 - `middleware.ts`
 - `app/login/` (gesamter Ordner)
 - `scripts/generate-password.js` (Passwort-Hash Generator)
 - `components/LogoutButton.tsx` (optional)
 ### 3. Passwort-Hashes generieren
 Verwende das mitgelieferte Script, um sichere Passwort-Hashes zu erstellen:
 ```bash
 # Interactive Mode
 node scripts/generate-password.js
 # Mit Passwort als Argument
 node scripts/generate-password.js meinPasswort123
 ```
 Das Script gibt einen bcrypt-Hash aus, den du in der `.env` verwenden kannst.
 ### 4. Umgebungsvariablen einrichten
 Füge zu deiner `.env` hinzu:
 ```env
 # Authentifizierung
 # Format: username:passwordHash,username2:passwordHash2
 # Verwende 'node scripts/generate-password.js' um Hashes zu generieren
 AUTH_USERS=admin:$2b$10$DKLO7uQPmdAw9Z64NChro...,user1:$2b$10$K613Z70Hodr6xyEh10Mw2u...
 # Secret Key für JWT (unbedingt ändern in Production!)
 AUTH_SECRET=your-super-secret-key-change-this
 ```
 ### 5. Logout-Button einbinden (optional)
 ```tsx
 import LogoutButton from '@/components/LogoutButton';
 // In deiner Komponente:
 <LogoutButton />
 ```
 ## Konfiguration
 ### Benutzer hinzufügen/entfernen
 1. Generiere einen Passwort-Hash:
 ```bash
 node scripts/generate-password.js neuesPasswort
 ```
 2. Editiere die `AUTH_USERS` Variable in der `.env`:
 ```env
 AUTH_USERS=user1:$2b$10$hash1...,user2:$2b$10$hash2...,user3:$2b$10$hash3...
 ```
 ### Authentifizierung deaktivieren
 Entferne die `AUTH_USERS` Variable oder setze sie auf einen leeren String:
 ```env
 AUTH_USERS=
 ```
 ### Session-Dauer anpassen
 Editiere in `lib/session.ts`:
 ```ts
 const SESSION_DURATION = 7 * 24 * 60 * 60 * 1000; // 7 Tage
 ```
 ### Geschützte Routen anpassen
 Editiere in `middleware.ts` die `publicPaths`:
 ```ts
 const publicPaths = ['/login', '/public-page'];
 ```
 ## Sicherheitshinweise
 1. **AUTH_SECRET ändern**: Verwende in Production einen starken, zufälligen Schlüssel
 2. **HTTPS verwenden**: In Production immer HTTPS aktivieren
 3. **Passwort-Hashing**: Passwörter werden mit bcrypt gehashed (10 Salt Rounds)
 4. **Keine Klartext-Passwörter**: Verwende immer das Script zur Hash-Generierung
 ## Passwort-Hash Generator
 Das Script `scripts/generate-password.js` verwendet bcrypt mit 10 Salt Rounds, um sichere Passwort-Hashes zu erstellen.
 ### Verwendung
 Interactive Mode (empfohlen für sensible Passwörter):
 ```bash
 npm run generate-password
 # oder
 node scripts/generate-password.js
 # Passwort wird interaktiv abgefragt
 ```
 Mit Argument:
 ```bash
 npm run generate-password -- meinPasswort
 # oder
 node scripts/generate-password.js meinPasswort
 ```
 ### Ausgabe
 ```
 🔐 Generiere Passwort-Hash...
 ✅ Hash generiert:
 ────────────────────────────────────────────────────────────────────────────────
 $2b$10$DKLO7uQPmdAw9Z64NChro.8mOsnqZQaRZjctWDojIkK926ROBVyJW
 ────────────────────────────────────────────────────────────────────────────────
 📝 Verwende diesen Hash in der .env Datei:
 AUTH_USERS=username:$2b$10$DKLO7uQPmdAw9Z64NChro.8mOsnqZQaRZjctWDojIkK926ROBVyJW
 ```
 ## Erweiterte Verwendung
 ### Session-Informationen abrufen
 ```ts
 import { getSession } from '@/lib/session';
 const session = await getSession();
 if (session) {
  console.log('Eingeloggt als:', session.username);
 }
 ```
 ### Programmatisch prüfen, ob authentifiziert
 ```ts
 import { isAuthenticated } from '@/lib/session';
 const authenticated = await isAuthenticated();
 ```
 ### In Server Components
 ```tsx
 import { getSession } from '@/lib/session';
 import { redirect } from 'next/navigation';
 export default async function ProtectedPage() {
  const session = await getSession();
  if (!session) {
    redirect('/login');
  }
  return <div>Hallo {session.username}!</div>;
 }
 ```
--- a/2
+++ b/2
@@ -37,7 +37,7 @@ RUN addgroup --system --gid 1001 nodejs
 RUN adduser --system --uid 1001 nextjs
 # Copy necessary files
-COPY --from=builder /app/public ./public
+#COPY --from=builder /app/public ./public
 COPY --from=builder --chown=nextjs:nodejs /app/.next/standalone ./
 COPY --from=builder --chown=nextjs:nodejs /app/.next/static ./.next/static
--- a/add_kategorie.sql
+++ b/add_kategorie.sql
@@ -0,0 +1,5 @@
 -- Migration: Kategorie-Spalte zur Ausgaben-Tabelle hinzufügen
 -- Ausführen: mysql -u <user> -p <database> < add_kategorie.sql
 ALTER TABLE Ausgaben
  ADD COLUMN Kat VARCHAR(4) NOT NULL DEFAULT 'L' AFTER Was;
--- a/app/api/ausgaben/[id]/route.ts
+++ b/app/api/ausgaben/[id]/route.ts
@@ -10,7 +10,7 @@ export async function PUT(
  try {
    const { id } = await context.params;
    const body = await request.json();
-    const { Datum, Wo, Was, Wieviel, Wie, TYP } = body;
+    const { Datum, Wo, Was, Kat, Wieviel, Wie, TYP } = body;
    if (!Datum || !Wo || !Was || !Wieviel || !Wie || TYP === undefined) {
      return NextResponse.json(
@@ -23,7 +23,7 @@ export async function PUT(
    const query = `
      UPDATE Ausgaben
-      SET Datum = ?, Wo = ?, Was = ?, Wieviel = ?, Wie = ?, TYP = ?
+      SET Datum = ?, Wo = ?, Was = ?, Kat = ?, Wieviel = ?, Wie = ?, TYP = ?
      WHERE ID = ?
    `;
@@ -31,6 +31,7 @@ export async function PUT(
      Datum,
      Wo,
      Was,
      Kat || 'L',
      parseFloat(Wieviel),
      Wie,
      TYP,
--- a/app/api/ausgaben/route.ts
+++ b/app/api/ausgaben/route.ts
@@ -15,7 +15,7 @@ export async function GET(request: Request) {
    const pool = getDbPool();
    let query = `SELECT 
-      ID, Datum, Wo, Was, Wieviel, Wie, TYP,
+      ID, Datum, Wo, Was, Kat, Wieviel, Wie, TYP,
      CASE DAYOFWEEK(Datum)
        WHEN 1 THEN 'Sonntag'
        WHEN 2 THEN 'Montag'
@@ -68,7 +68,7 @@ export async function GET(request: Request) {
 export async function POST(request: Request) {
  try {
    const body = await request.json();
-    const { Datum, Wo, Was, Wieviel, Wie, TYP } = body;
+    const { Datum, Wo, Was, Kat, Wieviel, Wie, TYP } = body;
    if (!Datum || !Wo || !Was || !Wieviel || !Wie || TYP === undefined) {
      return NextResponse.json(
@@ -80,14 +80,15 @@ export async function POST(request: Request) {
    const pool = getDbPool();
    const query = `
-      INSERT INTO Ausgaben (Datum, Wo, Was, Wieviel, Wie, TYP)
+      INSERT INTO Ausgaben (Datum, Wo, Was, Kat, Wieviel, Wie, TYP)
-      VALUES (?, ?, ?, ?, ?, ?)
+      VALUES (?, ?, ?, ?, ?, ?, ?)
    `;
    const [result] = await pool.query<ResultSetHeader>(query, [
      Datum,
      Wo,
      Was,
      Kat || 'L',
      parseFloat(Wieviel),
      Wie,
      TYP,
--- a/app/api/categories/route.ts
+++ b/app/api/categories/route.ts
@@ -0,0 +1,33 @@
 import { NextResponse } from 'next/server';
 import fs from 'fs';
 import path from 'path';
 export interface Category {
  value: string;
  label: string;
 }
 // GET /api/categories - Fetch categories from categories.txt
 export async function GET() {
  try {
    const filePath = path.join(process.cwd(), 'categories.txt');
    const content = fs.readFileSync(filePath, 'utf-8');
    const categories: Category[] = content
      .split('\n')
      .map((line) => line.trim())
      .filter((line) => line.includes('='))
      .map((line) => {
        const [value, label] = line.split('=');
        return { value: value.trim(), label: label.trim() };
      });
    return NextResponse.json({ success: true, data: categories });
  } catch (error) {
    console.error('Error reading categories:', error);
    return NextResponse.json(
      { success: false, error: 'Could not load categories' },
      { status: 500 }
    );
  }
 }
--- a/app/login/actions.ts
+++ b/app/login/actions.ts
@@ -0,0 +1,28 @@
 'use server';
 import { verifyCredentials } from '@/lib/auth';
 import { createSession, deleteSession } from '@/lib/session';
 import { redirect } from 'next/navigation';
 export async function login(prevState: any, formData: FormData) {
  const username = formData.get('username') as string;
  const password = formData.get('password') as string;
  if (!username || !password) {
    return { error: 'Bitte Benutzername und Passwort eingeben' };
  }
  const isValid = verifyCredentials(username, password);
  if (!isValid) {
    return { error: 'Ungültige Anmeldedaten' };
  }
  await createSession(username);
  redirect('/');
 }
 export async function logout() {
  await deleteSession();
  redirect('/login');
 }
--- a/app/login/page.tsx
+++ b/app/login/page.tsx
@@ -0,0 +1,79 @@
 'use client';
 import { useActionState } from 'react';
 import { login } from './actions';
 export default function LoginPage() {
  const [state, loginAction, isPending] = useActionState(login, undefined);
  return (
    <div className="min-h-screen flex items-center justify-center bg-gradient-to-br from-blue-50 to-indigo-100 dark:from-gray-900 dark:to-gray-800 px-4">
      <div className="max-w-md w-full space-y-8 bg-white dark:bg-gray-800 p-8 rounded-2xl shadow-xl">
        <div className="text-center">
          <h1 className="text-3xl font-bold text-gray-900 dark:text-white mb-2">
            Anmeldung
          </h1>
          <p className="text-gray-600 dark:text-gray-400">
            Bitte melden Sie sich an, um fortzufahren
          </p>
        </div>
        <form action={loginAction} className="mt-8 space-y-6">
          <div className="space-y-4">
            <div>
              <label
                htmlFor="username"
                className="block text-sm font-medium text-gray-700 dark:text-gray-300 mb-1"
              >
                Benutzername
              </label>
              <input
                id="username"
                name="username"
                type="text"
                required
                autoComplete="off"
                className="appearance-none relative block w-full px-4 py-3 border border-gray-300 dark:border-gray-600 placeholder-gray-500 dark:placeholder-gray-400 text-gray-900 dark:text-white bg-white dark:bg-gray-700 rounded-lg focus:outline-none focus:ring-2 focus:ring-blue-500 focus:border-transparent transition-colors"
                placeholder="Benutzername"
                disabled={isPending}
              />
            </div>
            <div>
              <label
                htmlFor="password"
                className="block text-sm font-medium text-gray-700 dark:text-gray-300 mb-1"
              >
                Passwort
              </label>
              <input
                id="password"
                name="password"
                type="password"
                required
                autoComplete="new-password"
                className="appearance-none relative block w-full px-4 py-3 border border-gray-300 dark:border-gray-600 placeholder-gray-500 dark:placeholder-gray-400 text-gray-900 dark:text-white bg-white dark:bg-gray-700 rounded-lg focus:outline-none focus:ring-2 focus:ring-blue-500 focus:border-transparent transition-colors"
                placeholder="Passwort"
                disabled={isPending}
              />
            </div>
          </div>
          {state?.error && (
            <div className="bg-red-50 dark:bg-red-900/30 border border-red-200 dark:border-red-800 text-red-700 dark:text-red-300 px-4 py-3 rounded-lg text-sm">
              {state.error}
            </div>
          )}
          <button
            type="submit"
            disabled={isPending}
            className="w-full flex justify-center py-3 px-4 border border-transparent text-sm font-semibold rounded-lg text-white bg-blue-600 hover:bg-blue-700 focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-blue-500 disabled:opacity-50 disabled:cursor-not-allowed transition-all duration-200 shadow-lg hover:shadow-xl"
          >
            {isPending ? 'Anmeldung läuft...' : 'Anmelden'}
          </button>
        </form>
      </div>
    </div>
  );
 }
--- a/app/page.tsx
+++ b/app/page.tsx
@@ -3,6 +3,7 @@
 import { useState, useEffect } from 'react';
 import AusgabenForm from '@/components/AusgabenForm';
 import AusgabenList from '@/components/AusgabenList';
 import LogoutButton from '@/components/LogoutButton';
 import { AusgabenEntry } from '@/types/ausgaben';
 import packageJson from '@/package.json';
@@ -59,7 +60,10 @@ export default function Home() {
  return (
    <div className="min-h-screen bg-white py-4 px-4">
      <main className="max-w-7xl mx-auto border-2 border-black rounded-lg p-6 bg-[#FFFFDD]">
-        <h1 className="text-3xl font-bold text-center mb-6">Ausgaben - Log</h1>
+        <div className="flex justify-between items-center mb-6">
          <h1 className="text-3xl font-bold">Ausgaben - Log</h1>
          <LogoutButton className="px-4 py-2 bg-red-600 hover:bg-red-700 text-white text-sm rounded-lg transition-colors shadow-md" />
        </div>
        {/* Tab Navigation */}
        <div className="flex gap-2 mb-6">
--- a/categories.txt
+++ b/categories.txt
@@ -0,0 +1,15 @@
 R=Restaurant
 L=Lebensmittel
 H=Haushalt
 Ku=Kultur
 Kl=Kleidung
 Dr=Drogerie
 Ap=Apotheke
 Ar=Arzt
 Re=Reise
 Au=Auto
 El=Elektronik
 Fr=Freizeit
 Ge=Getränke
 Ba=Bäckerei
 So=Sonstiges
--- a/components/AusgabenForm.tsx
+++ b/components/AusgabenForm.tsx
@@ -1,7 +1,8 @@
 'use client';
-import { useState, useEffect, useCallback } from 'react';
+import { useState, useEffect, useCallback, useRef } from 'react';
 import { CreateAusgabenEntry, AusgabenEntry, ZAHLUNGSARTEN_HAUSHALT, ZAHLUNGSARTEN_PRIVAT, MonthlyStats } from '@/types/ausgaben';
 import { Category } from '@/app/api/categories/route';
 interface AusgabenFormProps {
  onSuccess: () => void;
@@ -18,6 +19,7 @@ export default function AusgabenForm({ onSuccess, selectedEntry, typ }: Ausgaben
    WochTag: '',
    Wo: '',
    Was: '',
    Kat: 'L',
    Wieviel: '',
    Wie: defaultZahlungsart,
    TYP: typ,
@@ -35,6 +37,9 @@ export default function AusgabenForm({ onSuccess, selectedEntry, typ }: Ausgaben
  // Autocomplete data
  const [autoCompleteWo, setAutoCompleteWo] = useState<string[]>([]);
  const [autoCompleteWas, setAutoCompleteWas] = useState<string[]>([]);
  const [categories, setCategories] = useState<Category[]>([]);
  const [katDropdownOpen, setKatDropdownOpen] = useState(false);
  const katDropdownRef = useRef<HTMLDivElement>(null);
  const fetchStats = useCallback(async (y: string, m: string) => {
    if (!y || !m) return;
@@ -87,6 +92,25 @@ export default function AusgabenForm({ onSuccess, selectedEntry, typ }: Ausgaben
    fetchAutoComplete();
  }, [typ, fetchAutoComplete]);
  // Close Kat dropdown when clicking outside
  useEffect(() => {
    const handleClickOutside = (e: MouseEvent) => {
      if (katDropdownRef.current && !katDropdownRef.current.contains(e.target as Node)) {
        setKatDropdownOpen(false);
      }
    };
    document.addEventListener('mousedown', handleClickOutside);
    return () => document.removeEventListener('mousedown', handleClickOutside);
  }, []);
  // Fetch categories once on mount
  useEffect(() => {
    fetch('/api/categories')
      .then((r) => r.json())
      .then((data) => { if (data.success) setCategories(data.data); })
      .catch(() => {});
  }, []);
  const handleMonthChange = (newMonth: string) => {
    setMonth(newMonth);
  };
@@ -113,6 +137,7 @@ export default function AusgabenForm({ onSuccess, selectedEntry, typ }: Ausgaben
        WochTag: selectedEntry.WochTag,
        Wo: selectedEntry.Wo,
        Was: selectedEntry.Was,
        Kat: selectedEntry.Kat || 'L',
        Wieviel: selectedEntry.Wieviel.toString(),
        Wie: selectedEntry.Wie,
        TYP: selectedEntry.TYP,
@@ -132,6 +157,7 @@ export default function AusgabenForm({ onSuccess, selectedEntry, typ }: Ausgaben
        WochTag: weekday,
        Wo: '',
        Was: '',
        Kat: 'L',
        Wieviel: '',
        Wie: defaultZahlungsart,
        TYP: typ,
@@ -184,6 +210,7 @@ export default function AusgabenForm({ onSuccess, selectedEntry, typ }: Ausgaben
        Datum: formData.Datum,
        Wo: formData.Wo,
        Was: formData.Was,
        Kat: formData.Kat,
        Wieviel: formData.Wieviel,
        Wie: formData.Wie,
        TYP: formData.TYP,
@@ -223,6 +250,7 @@ export default function AusgabenForm({ onSuccess, selectedEntry, typ }: Ausgaben
      WochTag: weekday,
      Wo: '',
      Was: '',
      Kat: 'L',
      Wieviel: '',
      Wie: defaultZahlungsart,
      TYP: typ,
@@ -247,6 +275,7 @@ export default function AusgabenForm({ onSuccess, selectedEntry, typ }: Ausgaben
              <th className="p-2 w-32">Datum</th>
              <th className="p-2">Wo</th>
              <th className="p-2">Was</th>
              <th className="p-2 w-12">Kat.</th>
              <th className="p-2 w-24">Wieviel</th>
              <th className="p-2 w-4"></th>
              <th className="p-2 w-38 text-left">Wie</th>
@@ -295,6 +324,35 @@ export default function AusgabenForm({ onSuccess, selectedEntry, typ }: Ausgaben
                  ))}
                </datalist>
              </td>
              <td className="p-2 w-12">
                <div ref={katDropdownRef} className="relative w-full">
                  <button
                    type="button"
                    onClick={() => setKatDropdownOpen((o) => !o)}
                    className="w-full px-2 py-1 text-base text-left rounded border-2 border-gray-400 bg-white focus:border-blue-500 focus:outline-none"
                  >
                    {formData.Kat}
                  </button>
                  {katDropdownOpen && (
                    <ul className="absolute z-50 left-0 mt-1 w-48 bg-white border-2 border-gray-400 rounded shadow-lg max-h-60 overflow-y-auto text-left">
                      {categories.map((cat) => (
                        <li
                          key={cat.value}
                          className={`px-3 py-1 cursor-pointer hover:bg-blue-100 text-sm ${
                            formData.Kat === cat.value ? 'bg-blue-50 font-semibold' : ''
                          }`}
                          onMouseDown={() => {
                            setFormData({ ...formData, Kat: cat.value });
                            setKatDropdownOpen(false);
                          }}
                        >
                          {cat.value} - {cat.label}
                        </li>
                      ))}
                    </ul>
                  )}
                </div>
              </td>
              <td className="p-2 w-24">
                <input
                  type="number"
--- a/components/AusgabenList.tsx
+++ b/components/AusgabenList.tsx
@@ -29,12 +29,7 @@ export default function AusgabenList({ entries, onDelete, onEdit }: AusgabenList
  };
  const formatDate = (dateStr: string) => {
-    const date = new Date(dateStr);
+    return dateStr.toString().split('T')[0];
    return date.toLocaleDateString('de-DE', {
      day: '2-digit',
      month: '2-digit',
      year: 'numeric',
    });
  };
  const formatAmount = (amount: number) => {
@@ -53,6 +48,7 @@ export default function AusgabenList({ entries, onDelete, onEdit }: AusgabenList
            <th className="border-b-2 border-black p-2 w-12">Tag</th>
            <th className="border-b-2 border-black p-2 w-36">Wo</th>
            <th className="border-b-2 border-black p-2 w-48">Was</th>
            <th className="border-b-2 border-black p-2 w-12">Kat.</th>
            <th className="border-b-2 border-black p-2 w-8">Betrag</th>
            <th className="border-b-2 border-black p-2 w-16">Wie</th>
            <th className="border-b-2 border-black p-2 w-38">Aktion</th>
@@ -61,7 +57,7 @@ export default function AusgabenList({ entries, onDelete, onEdit }: AusgabenList
        <tbody>
          {entries.length === 0 ? (
            <tr>
-              <td colSpan={7} className="text-center p-4 text-gray-500">
+              <td colSpan={8} className="text-center p-4 text-gray-500">
                Keine Einträge vorhanden
              </td>
            </tr>
@@ -74,6 +70,7 @@ export default function AusgabenList({ entries, onDelete, onEdit }: AusgabenList
                <td className="border-y border-black p-2 text-center">{entry.WochTag.slice(0, 2)}</td>
                <td className="border-y border-black p-2">{entry.Wo}</td>
                <td className="border-y border-black p-2">{entry.Was}</td>
                <td className="border-y border-black p-2 text-center">{entry.Kat}</td>
                <td className="border-y border-black p-2 text-right">
                  {formatAmount(entry.Wieviel)}
                </td>
--- a/components/LogoutButton.tsx
+++ b/components/LogoutButton.tsx
@@ -0,0 +1,23 @@
 'use client';
 import { logout } from '@/app/login/actions';
 interface LogoutButtonProps {
  className?: string;
  children?: React.ReactNode;
 }
 export default function LogoutButton({ className, children }: LogoutButtonProps) {
  const handleLogout = async () => {
    await logout();
  };
  return (
    <button
      onClick={handleLogout}
      className={className || "px-4 py-2 bg-red-600 hover:bg-red-700 text-white rounded-lg transition-colors"}
    >
      {children || 'Abmelden'}
    </button>
  );
 }
--- a/docker-compose.local.yml
+++ b/docker-compose.local.yml
@@ -15,3 +15,5 @@ services:
      - DB_USER=${DB_USER}
      - DB_PASS=${DB_PASS}
      - DB_NAME=${DB_NAME}
      - AUTH_USERS=${AUTH_USERS}
      - AUTH_SECRET=${AUTH_SECRET}
--- a/docker-compose.prod.yml
+++ b/docker-compose.prod.yml
@@ -12,6 +12,8 @@ services:
      - DB_USER=${DB_USER}
      - DB_PASS=${DB_PASS}
      - DB_NAME=${DB_NAME}
      - AUTH_USERS=${AUTH_USERS}
      - AUTH_SECRET=${AUTH_SECRET}
    labels:
      - traefik.enable=true
      - traefik.http.routers.ausgaben.entrypoints=http
--- a/lib/auth.ts
+++ b/lib/auth.ts
@@ -0,0 +1,50 @@
 /**
 * Reusable authentication library
 * Configure users via environment variables in .env:
 * AUTH_USERS=user1:$2a$10$hash1,user2:$2a$10$hash2
 * 
 * Use scripts/generate-password.js to generate password hashes
 */
 export interface User {
  username: string;
  password: string;
 }
 /**
 * Parse users from environment variable
 * Format: username:password,username2:password2
 */
 export function getUsers(): User[] {
  const usersString = process.env.AUTH_USERS || '';
  if (!usersString) {
    console.warn('AUTH_USERS not configured in .env');
    return [];
  }
  return usersString
    .split(',')
    .map((userPair) => {
      const [username, password] = userPair.trim().split(':');
      return { username: username?.trim(), password: password?.trim() };
    })
    .filter((user) => user.username && user.password);
 }
 /**
 * Verify user credentials
 */
 export function verifyCredentials(username: string, password: string): boolean {
  const users = getUsers();
  const user = users.find(u => u.username === username);
  if (!user) {
    return false;
  }
  return user.password === password;
 }
 /**
 * Check if authentication is enabled
 */
 export function isAuthEnabled(): boolean {
  return !!process.env.AUTH_USERS;
 }
--- a/lib/session.ts
+++ b/lib/session.ts
@@ -0,0 +1,102 @@
 import { cookies } from 'next/headers';
 import { SignJWT, jwtVerify } from 'jose';
 const SESSION_COOKIE_NAME = 'auth_session';
 const SESSION_DURATION = 7 * 24 * 60 * 60 * 1000; // 7 days
 const secretKey = process.env.AUTH_SECRET || 'default-secret-change-in-production';
 const key = new TextEncoder().encode(secretKey);
 export interface SessionData {
  username: string;
  isAuthenticated: boolean;
  expiresAt: number;
 }
 /**
 * Encrypt session data to JWT
 */
 async function encrypt(payload: SessionData): Promise<string> {
  return await new SignJWT(payload as any)
    .setProtectedHeader({ alg: 'HS256' })
    .setIssuedAt()
    .setExpirationTime(new Date(payload.expiresAt))
    .sign(key);
 }
 /**
 * Decrypt JWT to session data
 */
 async function decrypt(token: string): Promise<SessionData | null> {
  try {
    const { payload } = await jwtVerify(token, key, {
      algorithms: ['HS256'],
    });
    return {
      username: payload.username as string,
      isAuthenticated: payload.isAuthenticated as boolean,
      expiresAt: payload.expiresAt as number,
    };
  } catch (error) {
    return null;
  }
 }
 /**
 * Create a new session
 */
 export async function createSession(username: string): Promise<void> {
  const expiresAt = Date.now() + SESSION_DURATION;
  const session: SessionData = {
    username,
    isAuthenticated: true,
    expiresAt,
  };
  const encryptedSession = await encrypt(session);
  const cookieStore = await cookies();
  cookieStore.set(SESSION_COOKIE_NAME, encryptedSession, {
    httpOnly: true,
    secure: process.env.NODE_ENV === 'production',
    expires: expiresAt,
    sameSite: 'lax',
    path: '/',
  });
 }
 /**
 * Get current session
 */
 export async function getSession(): Promise<SessionData | null> {
  const cookieStore = await cookies();
  const cookie = cookieStore.get(SESSION_COOKIE_NAME);
  if (!cookie?.value) {
    return null;
  }
  const session = await decrypt(cookie.value);
  if (!session || session.expiresAt < Date.now()) {
    return null;
  }
  return session;
 }
 /**
 * Delete session (logout)
 */
 export async function deleteSession(): Promise<void> {
  const cookieStore = await cookies();
  cookieStore.delete(SESSION_COOKIE_NAME);
 }
 /**
 * Verify if user is authenticated
 */
 export async function isAuthenticated(): Promise<boolean> {
  const session = await getSession();
  return session?.isAuthenticated ?? false;
 }
--- a/middleware.ts
+++ b/middleware.ts
@@ -0,0 +1,72 @@
 import { NextRequest, NextResponse } from 'next/server';
 import { jwtVerify } from 'jose';
 const SESSION_COOKIE_NAME = 'auth_session';
 /**
 * Middleware to protect routes with authentication
 * Reusable for other projects - just copy this file
 */
 export async function middleware(request: NextRequest) {
  const { pathname } = request.nextUrl;
  // Check if authentication is enabled
  const authEnabled = !!process.env.AUTH_USERS;
  // If auth is not enabled, allow all requests
  if (!authEnabled) {
    return NextResponse.next();
  }
  // Public paths that don't require authentication
  const publicPaths = ['/login'];
  const isPublicPath = publicPaths.some(path => pathname.startsWith(path));
  if (isPublicPath) {
    return NextResponse.next();
  }
  // Check for session cookie
  const sessionCookie = request.cookies.get(SESSION_COOKIE_NAME);
  if (!sessionCookie) {
    return NextResponse.redirect(new URL('/login', request.url));
  }
  // Verify session token
  try {
    const secretKey = process.env.AUTH_SECRET || 'default-secret-change-in-production';
    const key = new TextEncoder().encode(secretKey);
    const { payload } = await jwtVerify(sessionCookie.value, key, {
      algorithms: ['HS256'],
    });
    // Check if session is expired
    if (payload.expiresAt && (payload.expiresAt as number) < Date.now()) {
      const response = NextResponse.redirect(new URL('/login', request.url));
      response.cookies.delete(SESSION_COOKIE_NAME);
      return response;
    }
    return NextResponse.next();
  } catch (error) {
    // Invalid token - redirect to login
    const response = NextResponse.redirect(new URL('/login', request.url));
    response.cookies.delete(SESSION_COOKIE_NAME);
    return response;
  }
 }
 export const config = {
  matcher: [
    /*
     * Match all request paths except for the ones starting with:
     * - _next/static (static files)
     * - _next/image (image optimization files)
     * - favicon.ico (favicon file)
     * - public folder
     */
    '/((?!_next/static|_next/image|favicon.ico|.*\\.(?:svg|png|jpg|jpeg|gif|webp)$).*)',
  ],
 };
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,13 +1,15 @@
 {
  "name": "ausgaben_next",
-  "version": "1.0.0",
+  "version": "1.0.1",
  "lockfileVersion": 3,
  "requires": true,
  "packages": {
    "": {
      "name": "ausgaben_next",
-      "version": "1.0.0",
+      "version": "1.0.1",
      "dependencies": {
        "bcryptjs": "^3.0.3",
        "jose": "^6.1.3",
        "mysql2": "^3.17.4",
        "next": "16.1.6",
        "react": "19.2.3",
@@ -15,6 +17,7 @@
      },
      "devDependencies": {
        "@tailwindcss/postcss": "^4",
        "@types/bcryptjs": "^2.4.6",
        "@types/node": "^20",
        "@types/react": "^19",
        "@types/react-dom": "^19",
@@ -1525,6 +1528,13 @@
        "tslib": "^2.4.0"
      }
    },
    "node_modules/@types/bcryptjs": {
      "version": "2.4.6",
      "resolved": "https://registry.npmjs.org/@types/bcryptjs/-/bcryptjs-2.4.6.tgz",
      "integrity": "sha512-9xlo6R2qDs5uixm0bcIqCeMCE6HiQsIyel9KQySStiyqNl2tnj2mP3DX1Nf56MD6KMenNNlBBsy3LJ7gUEQPXQ==",
      "dev": true,
      "license": "MIT"
    },
    "node_modules/@types/estree": {
      "version": "1.0.8",
      "resolved": "https://registry.npmjs.org/@types/estree/-/estree-1.0.8.tgz",
@@ -2453,6 +2463,15 @@
        "node": ">=6.0.0"
      }
    },
    "node_modules/bcryptjs": {
      "version": "3.0.3",
      "resolved": "https://registry.npmjs.org/bcryptjs/-/bcryptjs-3.0.3.tgz",
      "integrity": "sha512-GlF5wPWnSa/X5LKM1o0wz0suXIINz1iHRLvTS+sLyi7XPbe5ycmYI3DlZqVGZZtDgl4DmasFg7gOB3JYbphV5g==",
      "license": "BSD-3-Clause",
      "bin": {
        "bcrypt": "bin/bcrypt"
      }
    },
    "node_modules/brace-expansion": {
      "version": "1.1.12",
      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz",
@@ -4483,6 +4502,15 @@
        "jiti": "lib/jiti-cli.mjs"
      }
    },
    "node_modules/jose": {
      "version": "6.1.3",
      "resolved": "https://registry.npmjs.org/jose/-/jose-6.1.3.tgz",
      "integrity": "sha512-0TpaTfihd4QMNwrz/ob2Bp7X04yuxJkjRGi4aKmOqwhov54i6u79oCv7T+C7lo70MKH6BesI3vscD1yb/yzKXQ==",
      "license": "MIT",
      "funding": {
        "url": "https://github.com/sponsors/panva"
      }
    },
    "node_modules/js-tokens": {
      "version": "4.0.0",
      "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz",
--- a/package.json
+++ b/package.json
@@ -1,14 +1,17 @@
 {
  "name": "ausgaben_next",
-  "version": "1.0.1",
+  "version": "1.0.2",
  "private": true,
  "scripts": {
    "dev": "next dev -p 3005",
    "build": "next build",
    "start": "next start -p 3005",
-    "lint": "eslint"
+    "lint": "eslint",
    "generate-password": "node scripts/generate-password.js"
  },
  "dependencies": {
    "bcryptjs": "^3.0.3",
    "jose": "^6.1.3",
    "mysql2": "^3.17.4",
    "next": "16.1.6",
    "react": "19.2.3",
@@ -16,6 +19,7 @@
  },
  "devDependencies": {
    "@tailwindcss/postcss": "^4",
    "@types/bcryptjs": "^2.4.6",
    "@types/node": "^20",
    "@types/react": "^19",
    "@types/react-dom": "^19",
--- a/scripts/generate-password.js
+++ b/scripts/generate-password.js
@@ -0,0 +1,61 @@
 #!/usr/bin/env node
 /**
 * Password Hash Generator
 * 
 * Usage:
 *   node scripts/generate-password.js [password]
 * 
 * If no password is provided, you'll be prompted to enter one.
 */
 const bcrypt = require('bcryptjs');
 const readline = require('readline');
 function generateHash(password) {
  const saltRounds = 10;
  const hash = bcrypt.hashSync(password, saltRounds);
  return hash;
 }
 function promptPassword() {
  return new Promise((resolve) => {
    const rl = readline.createInterface({
      input: process.stdin,
      output: process.stdout
    });
    rl.question('Passwort eingeben: ', (password) => {
      rl.close();
      resolve(password);
    });
  });
 }
 async function main() {
  let password = process.argv[2];
  if (!password) {
    password = await promptPassword();
  }
  if (!password) {
    console.error('❌ Kein Passwort angegeben!');
    process.exit(1);
  }
  console.log('\n🔐 Generiere Passwort-Hash...\n');
  const hash = generateHash(password);
  console.log('✅ Hash generiert:');
  console.log('─'.repeat(80));
  console.log(hash);
  console.log('─'.repeat(80));
  console.log('\n📝 Verwende diesen Hash in der .env Datei:');
  console.log(`AUTH_USERS=username:${hash}`);
  console.log('\n💡 Beispiel für mehrere Benutzer:');
  console.log(`AUTH_USERS=admin:${hash},user2:$2a$10$...\n`);
 }
 main().catch(console.error);
--- a/types/ausgaben.ts
+++ b/types/ausgaben.ts
@@ -6,6 +6,7 @@ export interface AusgabenEntry {
  WochTag: string;
  Wo: string;
  Was: string;
  Kat: string;
  Wieviel: number;
  Wie: string;
  TYP: number;
@@ -16,6 +17,7 @@ export interface CreateAusgabenEntry {
  WochTag: string;
  Wo: string;
  Was: string;
  Kat: string;
  Wieviel: string | number;
  Wie: string;
  TYP: number;
Author	SHA1	Message	Date
Reinhard X. Fürst	ed6bc21248	Kategorien dazu	2026-03-01 11:26:44 +00:00
Reinhard X. Fürst	319ac8699e	V 1.0.2. Keine vorausgefüllte Login-Seite mehr	2026-03-01 08:46:59 +00:00
Reinhard X. Fürst	8c6d1bcf6d	V 1.0.1: Auth erfolgreich	2026-03-01 08:35:46 +00:00
Reinhard X. Fürst	1ccd66b307	weiter die Sache mit Auth	2026-03-01 07:52:31 +00:00