Add auth auto-login, env-based auth toggle, and logout support

[youbuwei]

Summary

This PR improves the auth experience in etcdkeeper by:

• Adding a "Remember password and auto login" option to the Authentication dialog
• Automatically reconnecting on page load using saved credentials
• Introducing an environment-variable-based switch for enabling/disabling auth
• Adding a Logout button in the top-right to clear saved credentials and reconnect unauthenticated

All existing behavior remains compatible, with environment configuration taking precedence where applicable.

---

Background / Motivation

Previously:

• Auth was controlled only via the -auth CLI flag.
• The frontend stored the etcd endpoint, tree mode, and editor mode in cookies, but did not persist credentials.
• Users had to manually enter username/password frequently when working with auth-enabled etcd clusters.

In typical usage (local development or internal tools), it is convenient to:

• Remember credentials for a given browser/session
• Automatically reconnect when reopening the UI

This PR implements that behavior while trying to keep the implementation simple and opt-in.

---

Changes

Backend (Go)

• Add an environment-variable-based override for the -auth flag:

  • New env var: ETCD_KEEPER_AUTH
  • Accepted values: anything strconv.ParseBool can parse, e.g.:
    • truthy: 1, t, T, true, TRUE, True
    • falsy: 0, f, F, false, FALSE, False
  • If ETCD_KEEPER_AUTH is set and parses successfully, it overrides the -auth flag.
  • If ETCD_KEEPER_AUTH is set but invalid, the flag value is used and a log line is printed:
    invalid ETCD_KEEPER_AUTH value "<value>", expected true/false; fallback to -auth=<flagValue>

• No behavior change if ETCD_KEEPER_AUTH is not set: -auth continues to work exactly as before.

Frontend (assets/etcdkeeper/index.html)

1. Authentication dialog

   • Add a checkbox:

     <tr>
       <td></td>
       <td>
         <label style="user-select:none;">
           <input id="rememberAuth" type="checkbox" style="vertical-align:middle;margin-right:4px;">
           Remember password and auto login
         </label>
       </td>
     </tr>

   • The submit button still calls userOK(), which closes the dialog and calls connect() as before.

2. Auth persistence (localStorage)

   • Introduce two helper functions:

     function loadSavedAuth() { ... }  // reads "etcdkeeper_auth" from localStorage
     function saveAuth(username, password, remember) { ... }  // writes/clears it

   • saveAuth stores the following JSON object in localStorage under the key etcdkeeper_auth:

     {
       "username": "<username>",
       "password": "<password>",
       "remember": true
     }

   • loadSavedAuth returns this object or null if not found/invalid.

3. Auto-connect on page load

   • At the end of $(document).ready(...), connect() is called automatically:

     $(document).ready(function() {
       // existing editor + UI setup...
       connect();
     });

4. Auto-fill and auto-login in connect()

   • connect() now:

     • Reads the current values from #uname and #passwd.
     • If either is empty, it attempts to load etcdkeeper_auth via loadSavedAuth().
     • If valid saved credentials are found and remember === true:
       • It fills #uname and #passwd with the saved values.
       • It checks the #rememberAuth checkbox.
       • Then it sends the /v3/connect request with these credentials.

   • On successful connect (data.status === 'ok'):

     • connect() inspects the state of #rememberAuth:
       • If checked → saveAuth(uname, passwd, true) persists the credentials.
       • If not checked → localStorage entry is cleared.
     • Then reload() is called to refresh the tree.

   • On status === 'login' or status === 'root':

     • The Authentication window is opened as before.
     • For status === 'root', a warning message is shown as before.

5. User button behavior

   • Clicking the user icon (#userButton) now:

     • Prefills the Authentication dialog with loadSavedAuth() if any credentials are stored.
     • Restores the state of the #rememberAuth checkbox.
     • Opens the Authentication window.

6. Logout button in the top right

   • Add a Logout button to the header area:

     <div class="noborder" style="position:relative;">
       <img id="userButton" ...>
     
       <input id="etcdAddr" class="easyui-textbox" ... />
     
       <a id="logoutButton"
          href="javascript:void(0)"
          class="easyui-linkbutton"
          style="position:absolute;right:0;top:4px;height:28px;line-height:28px;">
         Logout
       </a>
     </div>

   • Bind click handler in jQuery init:

     $('#logoutButton').bind('click', function() {
       logout();
     });

   • Implement logout():

     function logout() {
       // Clear saved auth info from localStorage
       try {
         if (window.localStorage) {
           localStorage.removeItem('etcdkeeper_auth');
         }
       } catch (e) {
         console.warn('Failed to clear auth from localStorage', e);
       }
     
       // Clear UI fields
       $('#uname').textbox('setValue', '');
       $('#passwd').textbox('setValue', '');
       if ($('#rememberAuth').length) {
         $('#rememberAuth').prop('checked', false);
       }
     
       // Reset editor and tree view
       resetValue();
       $('#etree').tree('loadData', []);
     
       // Try to reconnect without credentials.
       // For auth-enabled etcd this will trigger "login required"
       // and show the Authentication window again when needed.
       connect();
     }

   • This effectively:

     • Removes auto-login
     • Clears the current view
     • Triggers a fresh connect in unauthenticated mode

---

Configuration / Migration

• New environment variable

  • ETCD_KEEPER_AUTH (bool string)
  • If set and valid, it overrides the -auth flag.
  • If unset, the existing -auth flag behavior is unchanged.

• No changes required to existing cookies

  • etcd-endpoint, etcd-version, tree-mode, ace-mode continue to work as before.
  • No migration is required for existing users.

• New localStorage entry

  • Key: etcdkeeper_auth
  • Only used if the user explicitly checks "Remember password and auto login" and the connection succeeds.

---

Security Considerations

• Credentials are stored in localStorage only on the client side and only when the user opts in.
• Both storage and usage are limited to the browser where the user enabled auto-login.
• This is primarily intended for local development or internal tooling scenarios where the browser environment is trusted.
• If users prefer not to persist passwords:
  • They can avoid checking "Remember password and auto login".
  • They can click "Logout" to clear stored credentials at any time.

---

Testing

Tested manually with:

1. Auth-enabled etcd

   • Start etcd with auth enabled (root user/password).
   • Start etcdkeeper with ETCD_KEEPER_AUTH=true.
   • Visit /etcdkeeper in the browser:
     • First visit shows Authentication dialog when connect returns "login".
     • Enter valid username/password without "Remember password" → tree loads; refresh page does not auto-login.
     • Enter valid username/password with "Remember password and auto login" checked:
       • Tree loads.
       • Refresh page → automatically reconnects and loads tree without showing the Authentication dialog.
   • Click "Logout":
     • localStorage entry is cleared.
     • Credentials fields are cleared and checkbox is unchecked.
     • A new connect attempt ends up prompting for login again.

2. Non-auth etcd

   • Start etcd without auth.
   • Start etcdkeeper with ETCD_KEEPER_AUTH=false.
   • Visit /etcdkeeper:
     • Auto-connect works as before, no Authentication dialog is shown.
     • "Logout" clears localStorage but does not affect connectivity (since auth is off).

---

Notes

• All new UI text and comments are in English.
• Existing endpoints (/v2/* and /v3/*) and overall UX remain backward compatible.
• The PR keeps the code changes minimal and self-contained to avoid impacting unrelated behavior.