Authentication
✓ Password-based authentication with JWT sessions
Method: Secure Password + HTTP-Only Cookies
Session tokens are stored in secure HTTP-only cookies and expire after 4 hours of inactivity.
Session Management
Current Session
This browser • Active
Session expires in 4 hours of inactivity
Security Features
✓ Session tokens stored in HTTP-only cookies (cannot be accessed by JavaScript)
✓ JWT tokens with 4-hour expiry time
✓ Secure password authentication
✓ Rate limiting: 10 login attempts per hour per IP
✓ All communication encrypted over HTTPS (in production)
✓ Dashboard access requires active session
Admin Access
This dashboard provides secure access to IslandPulse analytics and metrics.
Your session is authenticated via JWT token stored in a secure HTTP-only cookie.
For production use, ensure the ADMIN_PASSWORD environment variable is set to a strong password.