Release v2.2: admin auth settings, Passkey RP ID, Cloudflare and Google captcha

Co-authored-by: Cursor <cursoragent@cursor.com>

app/templates/admin/settings.html

@@ -2,7 +2,7 @@
 
 {% block title %}Настройки — Админка{% endblock %}
 {% block admin_title %}Настройки системы{% endblock %}
-{% block admin_subtitle %}<p class="admin-main__subtitle">S3, SFTP, FTP, SMTP и лимиты загрузки</p>{% endblock %}
+{% block admin_subtitle %}<p class="admin-main__subtitle">Авторизация, captcha, S3, SFTP, FTP, SMTP и лимиты загрузки</p>{% endblock %}
 
 {% block admin_content %}
         <form method="post" class="settings-form">
@@ -16,6 +16,58 @@
                 </div>
             </div>
 
+            <div class="admin-panel" style="margin-top:24px">
+                <h2 class="admin-panel__title">Регистрация и авторизация</h2>
+                <label class="form-checkbox"><input type="checkbox" name="registration_enabled" {% if settings.registration_enabled %}checked{% endif %}><span>Разрешить регистрацию</span></label>
+                <label class="form-checkbox"><input type="checkbox" name="password_login_enabled" {% if settings.password_login_enabled %}checked{% endif %}><span>Вход по паролю</span></label>
+                <label class="form-checkbox"><input type="checkbox" name="passkey_enabled" {% if settings.passkey_enabled %}checked{% endif %}><span>Passkey (WebAuthn)</span></label>
+            </div>
+
+            <div class="admin-panel" style="margin-top:24px">
+                <h2 class="admin-panel__title">Passkey — RP ID и Origin</h2>
+                <p class="folder-hint">Для production укажите домен сайта. Значения из админки имеют приоритет над <code>.env</code>.</p>
+                <div class="settings-grid">
+                    <div class="form-group"><label>RP ID (домен)</label><input type="text" name="webauthn_rp_id" value="{{ settings.webauthn_rp_id or '' }}" placeholder="example.com"></div>
+                    <div class="form-group"><label>RP Name</label><input type="text" name="webauthn_rp_name" value="{{ settings.webauthn_rp_name or 'PhotoHost' }}"></div>
+                    <div class="form-group"><label>Origin (полный URL)</label><input type="text" name="webauthn_origin" value="{{ settings.webauthn_origin or '' }}" placeholder="https://example.com"></div>
+                </div>
+            </div>
+
+            <div class="admin-panel" style="margin-top:24px">
+                <h2 class="admin-panel__title">Captcha</h2>
+                <div class="form-group">
+                    <label for="captcha_provider">Провайдер</label>
+                    <select id="captcha_provider" name="captcha_provider">
+                        <option value="none" {% if settings.captcha_provider == 'none' %}selected{% endif %}>Отключена</option>
+                        <option value="turnstile" {% if settings.captcha_provider == 'turnstile' %}selected{% endif %}>Cloudflare Turnstile</option>
+                        <option value="recaptcha_v2" {% if settings.captcha_provider == 'recaptcha_v2' %}selected{% endif %}>Google reCAPTCHA v2</option>
+                        <option value="recaptcha_v3" {% if settings.captcha_provider == 'recaptcha_v3' %}selected{% endif %}>Google reCAPTCHA v3</option>
+                    </select>
+                </div>
+                <label class="form-checkbox"><input type="checkbox" name="captcha_on_login" {% if settings.captcha_on_login %}checked{% endif %}><span>На странице входа</span></label>
+                <label class="form-checkbox"><input type="checkbox" name="captcha_on_register" {% if settings.captcha_on_register %}checked{% endif %}><span>На странице регистрации</span></label>
+                <label class="form-checkbox"><input type="checkbox" name="captcha_on_forgot_password" {% if settings.captcha_on_forgot_password %}checked{% endif %}><span>На сбросе пароля</span></label>
+
+                <h3 class="admin-panel__subtitle" style="margin-top:16px">Cloudflare Turnstile</h3>
+                <div class="settings-grid">
+                    <div class="form-group"><label>Site Key</label><input type="text" name="turnstile_site_key" value="{{ settings.turnstile_site_key or '' }}"></div>
+                    <div class="form-group"><label>Secret Key</label><input type="password" name="turnstile_secret_key" placeholder="оставьте пустым, если не меняете"></div>
+                </div>
+
+                <h3 class="admin-panel__subtitle" style="margin-top:16px">Google reCAPTCHA v2</h3>
+                <div class="settings-grid">
+                    <div class="form-group"><label>Site Key</label><input type="text" name="recaptcha_v2_site_key" value="{{ settings.recaptcha_v2_site_key or '' }}"></div>
+                    <div class="form-group"><label>Secret Key</label><input type="password" name="recaptcha_v2_secret_key" placeholder="оставьте пустым, если не меняете"></div>
+                </div>
+
+                <h3 class="admin-panel__subtitle" style="margin-top:16px">Google reCAPTCHA v3</h3>
+                <div class="settings-grid">
+                    <div class="form-group"><label>Site Key</label><input type="text" name="recaptcha_v3_site_key" value="{{ settings.recaptcha_v3_site_key or '' }}"></div>
+                    <div class="form-group"><label>Secret Key</label><input type="password" name="recaptcha_v3_secret_key" placeholder="оставьте пустым, если не меняете"></div>
+                    <div class="form-group"><label>Мин. score (0–1)</label><input type="number" step="0.1" min="0" max="1" name="recaptcha_v3_min_score" value="{{ settings.recaptcha_v3_min_score or 0.5 }}"></div>
+                </div>
+            </div>
+
             <div class="admin-panel" style="margin-top:24px">
                 <h2 class="admin-panel__title">Amazon S3 / совместимое хранилище</h2>
                 <label class="form-checkbox"><input type="checkbox" name="s3_enabled" {% if settings.s3_enabled %}checked{% endif %}><span>Включить S3</span></label>