New feature : Read-only server by default with persistent authenticated write access

[messeant]

Hello

Summary
The cook server command should operate in read-only (consultation) mode by default. Any mutating operation — adding or editing a recipe, modifying the shopping list/cart, or any other state-changing action — must require prior authentication. The authenticated session must persist across browser restarts (no re-login on page refresh or next visit).

Motivation
Currently, the server exposes all operations without any access control. This is a problem for users who self-host and want to share their cookbook publicly (read access) while keeping write operations private. A two-tier access model (anonymous read / authenticated write) is the standard pattern for self-hosted tools and would make cook server production-ready for personal or family use.

Operation	Anonymous	Authenticated
Browse / view recipes	✅	✅
Search recipes	✅	✅
View shopping list / cart	✅	✅
Add or edit a recipe	❌ 401	✅
Delete a recipe	❌ 401	✅
Add / modify / clear the cart	❌ 401	✅
Any other write operation	❌ 401	✅

for example

[server.auth]
  username = "admin"
  # bcrypt hash or plain text with a warning
  password_hash = "$2b$12$..."

and

# Start with auth enabled (write-protected)
cook server --auth

# Disable auth entirely for local/trusted networks (current behavior, opt-in)
cook server --no-auth

Eric

[therealfakemoot]

Yes please. Just upgraded to the latest version and was surprised to find that my recipes were editable to the open internet. Not catastrophic, I can just throw htauth or something on my reverse proxy but it would be nice to have a safer default.