Implement proper demo authentication flow

AUTHENTICATION FLOW:
- All pages redirect to /login when no user is authenticated
- Root /, /form, /map, /welcome all require login first
- Demo account auto-logs in without password prompt
- After demo login, redirect to /welcome screen
- Demo user then navigates through welcome → form/map

ROUTE UPDATES:
- / → /login (if not authenticated)
- /form → /login (if not authenticated)
- /map → /login (if not authenticated)
- /welcome → /login (if not authenticated)
- Demo users: login → /welcome → form/map exploration

DEMO LOGIN FLOW:
1. Visitor goes to any page → redirected to /login
2. Ishita clicks 'Demo Account' → auto-logs in
3. Redirected to /welcome screen
4. Welcome buttons work with authenticated demo user
5. Full exploration available

Result: Secure, consistent authentication flow for demo presentation

app.py

@@ -464,8 +464,12 @@ async def get_user_info(user: Dict[str, Any] = Depends(require_auth)):
 
 # Frontend routes
 @app.get("/welcome", response_class=HTMLResponse, tags=["Frontend"])
-async def serve_welcome():
-    """Serve the conference welcome screen"""
+async def serve_welcome(request: Request):
+    """Serve the demo welcome screen for authenticated users"""
+    user = get_current_user(request)
+    if not user:
+        return RedirectResponse(url="/login")
+        
     try:
         with open("static/welcome.html", encoding="utf-8") as f:
             content = f.read()
@@ -487,14 +491,14 @@ async def serve_login():
 
 @app.get("/", response_class=HTMLResponse, tags=["Frontend"])
 async def read_root(request: Request):
-    """Serve main app or redirect to welcome based on user type"""
+    """Serve main app or redirect based on user type"""
     user = get_current_user(request)
     
-    # No user? Show welcome screen
+    # No user? Redirect to login
     if not user:
-        return RedirectResponse(url="/welcome")
+        return RedirectResponse(url="/login")
     
-    # Demo users always see welcome screen for conference flow
+    # Demo users see welcome screen after login
     if user.get('role') == 'demo_user':
         return RedirectResponse(url="/welcome")
     
@@ -508,10 +512,10 @@ async def read_root(request: Request):
 
 @app.get("/form", response_class=HTMLResponse, tags=["Frontend"])
 async def serve_form(request: Request):
-    """Direct access to form for conference - simplified route"""
+    """Direct access to form for demo users"""
     user = get_current_user(request)
     if not user:
-        return RedirectResponse(url="/welcome")
+        return RedirectResponse(url="/login")
     
     try:
         with open("static/index.html", encoding="utf-8") as f:
@@ -526,9 +530,9 @@ async def serve_map(request: Request):
     # Check if user is authenticated
     user = get_current_user(request)
     
-    # Regular authentication check
+    # Redirect to login if not authenticated
     if not user:
-        return RedirectResponse(url="/welcome")
+        return RedirectResponse(url="/login")
     
     return RedirectResponse(url="/static/map.html")
 

static/index.html

@@ -953,7 +953,7 @@
         // Force refresh if we detect cached version
         (function() {
             const currentVersion = '5.1.1';
-            const timestamp = '1761486700'; // Cache-busting bump
+            const timestamp = '1761486823'; // Cache-busting bump
             const lastVersion = sessionStorage.getItem('treetrack_version');
             const lastTimestamp = sessionStorage.getItem('treetrack_timestamp');
             
@@ -1199,7 +1199,7 @@
         </div>
     </div>
 
-    <script type="module" src="/static/js/tree-track-app.js?v=5.1.1&t=1761486700"></script>
+    <script type="module" src="/static/js/tree-track-app.js?v=5.1.1&t=1761486823"></script>
     
     <script>
         // Idle-time prefetch of map assets to speed up first navigation

static/login.html

@@ -419,9 +419,9 @@
                     
                     showMessage('Demo access granted! Redirecting...', 'success');
                     
-                    // Redirect to main app
+                    // Redirect to welcome screen for demo users
                     setTimeout(() => {
-                        window.location.href = '/';
+                        window.location.href = '/welcome';
                     }, 1500);
                 } else {
                     throw new Error('Demo mode not available');

static/map.html

@@ -799,7 +799,7 @@
         // Force refresh if we detect cached version
         (function() {
             const currentVersion = '5.1.1';
-const timestamp = '1761486700'; // Current timestamp for cache busting
+const timestamp = '1761486823'; // Current timestamp for cache busting
             const lastVersion = sessionStorage.getItem('treetrack_version');
             const lastTimestamp = sessionStorage.getItem('treetrack_timestamp');
             
@@ -925,7 +925,7 @@ const timestamp = '1761486700'; // Current timestamp for cache busting
 
     <!-- Leaflet JS -->
     <script src="https://unpkg.com/leaflet@1.9.4/dist/leaflet.js"></script>
-<script src="/static/map.js?v=5.1.1&t=1761486700">
+<script src="/static/map.js?v=5.1.1&t=1761486823">
     
                     "default-state": {
                         gradients: [

static/sw.js

@@ -1,5 +1,5 @@
 // TreeTrack Service Worker - PWA and Offline Support
-const VERSION = 1761486700; // Cache busting bump - force clients to fetch new static assets and header image change
+const VERSION = 1761486823; // Cache busting bump - force clients to fetch new static assets and header image change
 const CACHE_NAME = `treetrack-v${VERSION}`;
 const STATIC_CACHE = `static-v${VERSION}`;
 const API_CACHE = `api-v${VERSION}`;

version.json

@@ -1,4 +1,4 @@
 {
   "version": "5.1.1",
-  "timestamp": 1761486700
+  "timestamp": 1761486823
 }