fix: service edit, CSRF token stability, and license restore (v1.1.1)

- Fix service edit double-write bug (was creating duplicate entries) - Add editable display name field to service edit modal - Backend update endpoint now accepts name, logo, and recalculates url - Fix CSRF token regeneration breaking all POST requests (nonce was being regenerated on every request, invalidating cached tokens) - CSRF nonce now persists across requests, rotated only on TOTP login - Frontend secureFetch auto-retries on CSRF failure with fresh token - Restore lifetime license activation on DNS2 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-23 13:39:05 -07:00
parent 263b090769
commit b4022288dc
9 changed files with 122 additions and 70 deletions
--- a/status/js/totp-auth.js
+++ b/status/js/totp-auth.js
@@ -75,6 +75,10 @@

      if (data.success) {
        errorEl.textContent = '';
+        // Update cached CSRF token from TOTP response (server rotates it on login)
+        if (data.csrfToken) {
+          csrfToken = data.csrfToken;
+        }
        hideTotpOverlay();
        // Check if redirected here from another service
        const redirect = safeSessionGet('totp_redirect');