feat: Replace complex auto-login with simple Conference Demo button

- Add Conference Demo option to login page with prominent styling
- Remove complex auto-login logic that caused redirect loops
- Simplify auth.py with on-demand session creation
- Add one-click conference access via dedicated login button
- Clean UX for conference participants
- Maintains all demo permissions and 12-hour sessions

app.py

@@ -390,48 +390,40 @@ async def login(login_data: LoginRequest, response: Response):
 
 @app.get("/api/auth/conference-login", response_model=ConferenceLoginResponse, tags=["Authentication"])
 async def conference_auto_login(response: Response):
-    """Auto-login for conference demo mode"""
+    """Login for conference demo mode"""
     if not settings.is_conference_mode():
         raise HTTPException(
             status_code=status.HTTP_404_NOT_FOUND,
             detail="Conference mode not enabled"
         )
     
-    # Get the pre-created conference session token
-    conference_token = auth_manager.get_conference_token()
-    if not conference_token:
-        raise HTTPException(
-            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
-            detail="Conference session not initialized"
-        )
-    
-    # Validate the session to get user data
-    session_data = auth_manager.validate_session(conference_token)
-    if not session_data:
+    # Create a new conference session
+    result = auth_manager.create_conference_session()
+    if not result:
         raise HTTPException(
             status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
-            detail="Conference session invalid"
+            detail="Could not create conference session"
         )
     
     # Set authentication cookie for web page requests (12 hour expiry)
     response.set_cookie(
         key="auth_token",
-        value=conference_token,
+        value=result["token"],
         max_age=12*60*60,  # 12 hours for conference duration
         httponly=True,
         secure=True,
         samesite="lax"
     )
     
-    logger.info("Conference participant auto-logged in")
+    logger.info("Conference participant logged in via demo button")
     
     return ConferenceLoginResponse(
-        token=conference_token,
+        token=result["token"],
         user={
-            "username": session_data["username"],
-            "role": session_data["role"],
-            "full_name": session_data["full_name"],
-            "permissions": session_data["permissions"]
+            "username": result["user"]["username"],
+            "role": result["user"]["role"],
+            "full_name": result["user"]["full_name"],
+            "permissions": result["user"]["permissions"]
         },
         is_demo_mode=True
     )
@@ -502,33 +494,11 @@ async def serve_login():
         raise HTTPException(status_code=404, detail="Login page not found")
 
 @app.get("/", response_class=HTMLResponse, tags=["Frontend"])
-async def read_root(request: Request, response: Response):
+async def read_root(request: Request):
     """Serve the main application page with auth check"""
     # Check if user is authenticated
     user = get_current_user(request)
     
-    # If no user and conference mode is enabled, auto-login
-    if not user and settings.is_conference_mode():
-        # Check if we already tried to set the cookie (prevent infinite loop)
-        if not request.cookies.get('auth_token'):
-            conference_token = auth_manager.get_conference_token()
-            if conference_token:
-                # Validate the session immediately to use it
-                session = auth_manager.validate_session(conference_token)
-                if session:
-                    # Set the conference session cookie
-                    response.set_cookie(
-                        key="auth_token",
-                        value=conference_token,
-                        max_age=12*60*60,  # 12 hours
-                        httponly=True,
-                        secure=True,
-                        samesite="lax"
-                    )
-                    # Don't redirect - serve the page directly with the new session
-                    user = session
-                    logger.info("Conference participant auto-logged in")
-    
     # Regular authentication check
     if not user:
         return RedirectResponse(url="/login")
@@ -543,33 +513,11 @@ async def read_root(request: Request, response: Response):
 
 
 @app.get("/map", response_class=HTMLResponse, tags=["Frontend"])
-async def serve_map(request: Request, response: Response):
+async def serve_map(request: Request):
     """Serve the map page with auth check"""
     # Check if user is authenticated
     user = get_current_user(request)
     
-    # If no user and conference mode is enabled, auto-login
-    if not user and settings.is_conference_mode():
-        # Check if we already tried to set the cookie (prevent infinite loop)
-        if not request.cookies.get('auth_token'):
-            conference_token = auth_manager.get_conference_token()
-            if conference_token:
-                # Validate the session immediately to use it
-                session = auth_manager.validate_session(conference_token)
-                if session:
-                    # Set the conference session cookie
-                    response.set_cookie(
-                        key="auth_token",
-                        value=conference_token,
-                        max_age=12*60*60,  # 12 hours
-                        httponly=True,
-                        secure=True,
-                        samesite="lax"
-                    )
-                    # Don't redirect - serve the page directly with the new session
-                    user = session
-                    logger.info("Conference participant auto-logged in for map")
-    
     # Regular authentication check
     if not user:
         return RedirectResponse(url="/login")

auth.py

@@ -78,23 +78,20 @@ class AuthManager:
         }
         
         logger.info(f"AuthManager initialized with {len(self.users)} user accounts")
-        
-        # Initialize conference session if needed
-        self._init_conference_session()
     
-    def _init_conference_session(self):
-        """Initialize long-lasting conference session if in conference mode"""
-        from config import get_settings
-        settings = get_settings()
-        
-        if settings.is_conference_mode():
-            # Create a long-lasting session for conference participants
-            self.conference_session_token = secrets.token_urlsafe(AUTH_TOKEN_LENGTH)
+    def create_conference_session(self) -> Optional[Dict[str, Any]]:
+        """Create a new conference session when requested"""
+        try:
+            conference_user = self.users.get("conference_participant")
+            if not conference_user:
+                return None
+            
+            # Create session token
+            session_token = secrets.token_urlsafe(AUTH_TOKEN_LENGTH)
             
-            # Extended timeout for conference (12 hours to be safe)
+            # Extended timeout for conference (12 hours)
             conference_timeout = timedelta(hours=12)
             
-            conference_user = self.users["conference_participant"]
             session_data = {
                 "username": "conference_participant",
                 "role": conference_user["role"],
@@ -106,12 +103,17 @@ class AuthManager:
                 "session_timeout": conference_timeout
             }
             
-            self.sessions[self.conference_session_token] = session_data
-            logger.info("Conference auto-login session initialized")
-    
-    def get_conference_token(self) -> Optional[str]:
-        """Get the conference session token"""
-        return self.conference_session_token
+            self.sessions[session_token] = session_data
+            logger.info("Conference session created")
+            
+            return {
+                "token": session_token,
+                "user": session_data
+            }
+            
+        except Exception as e:
+            logger.error(f"Error creating conference session: {e}")
+            return None
     
     def _hash_password(self, password: str) -> str:
         """Hash password using bcrypt with automatic salt generation"""

static/index.html

@@ -907,7 +907,7 @@
         // Force refresh if we detect cached version
         (function() {
             const currentVersion = '5.1.1';
-            const timestamp = '1761483168'; // Cache-busting bump
+            const timestamp = '1761483327'; // Cache-busting bump
             const lastVersion = sessionStorage.getItem('treetrack_version');
             const lastTimestamp = sessionStorage.getItem('treetrack_timestamp');
             
@@ -1152,7 +1152,7 @@
         </div>
     </div>
 
-    <script type="module" src="/static/js/tree-track-app.js?v=5.1.1&t=1761483168"></script>
+    <script type="module" src="/static/js/tree-track-app.js?v=5.1.1&t=1761483327"></script>
     
     <script>
         // Idle-time prefetch of map assets to speed up first navigation

static/login.html

@@ -294,6 +294,28 @@
             }
         }
 
+        /* Conference Demo Styling */
+        .account-item.conference-demo {
+            background: linear-gradient(135deg, var(--primary-50), var(--primary-100));
+            border: 2px solid var(--primary-200);
+            margin-bottom: var(--space-2);
+        }
+        
+        .account-item.conference-demo:hover {
+            background: linear-gradient(135deg, var(--primary-100), var(--primary-150));
+            border-color: var(--primary-300);
+            transform: translateY(-1px);
+        }
+        
+        .account-item.conference-demo .account-role {
+            color: var(--primary-700);
+            font-weight: var(--font-semibold);
+        }
+        
+        .account-item.conference-demo .account-username {
+            color: var(--primary-600);
+        }
+
         /* Focus improvements */
         .demo-toggle:focus,
         .account-item:focus {
@@ -336,6 +358,10 @@
             </button>
             
             <div class="accounts-dropdown" id="accountsDropdown">
+                <button class="account-item conference-demo" onclick="selectConferenceDemo(event)">
+                    <div class="account-role">Conference Demo</div>
+                    <div class="account-username">Public demonstration access</div>
+                </button>
                 <button class="account-item" onclick="selectAccount('aalekh', event)">
                     <div class="account-role">Aalekh (Admin)</div>
                     <div class="account-username">Full system access</div>
@@ -374,6 +400,40 @@
             }
         }
 
+        function selectConferenceDemo(event) {
+            // Directly log in to conference demo
+            event.preventDefault();
+            
+            setLoading(true);
+            
+            // Call conference auto-login API
+            fetch('/api/auth/conference-login', {
+                method: 'GET'
+            })
+            .then(response => response.json())
+            .then(result => {
+                if (result.token) {
+                    // Store authentication token
+                    localStorage.setItem('auth_token', result.token);
+                    localStorage.setItem('user_info', JSON.stringify(result.user));
+                    
+                    showMessage('Conference demo access granted! Redirecting...', 'success');
+                    
+                    // Redirect to main app
+                    setTimeout(() => {
+                        window.location.href = '/';
+                    }, 1500);
+                } else {
+                    throw new Error('Conference mode not available');
+                }
+            })
+            .catch(error => {
+                console.error('Conference login error:', error);
+                showMessage('Conference demo is not currently available. Please try again later.');
+                setLoading(false);
+            });
+        }
+        
         function selectAccount(username, event) {
             document.getElementById('username').value = username;
             document.getElementById('password').value = '';

static/map.html

@@ -799,7 +799,7 @@
         // Force refresh if we detect cached version
         (function() {
             const currentVersion = '5.1.1';
-const timestamp = '1761483168'; // Current timestamp for cache busting
+const timestamp = '1761483327'; // Current timestamp for cache busting
             const lastVersion = sessionStorage.getItem('treetrack_version');
             const lastTimestamp = sessionStorage.getItem('treetrack_timestamp');
             
@@ -925,7 +925,7 @@ const timestamp = '1761483168'; // Current timestamp for cache busting
 
     <!-- Leaflet JS -->
     <script src="https://unpkg.com/leaflet@1.9.4/dist/leaflet.js"></script>
-<script src="/static/map.js?v=5.1.1&t=1761483168">
+<script src="/static/map.js?v=5.1.1&t=1761483327">
     
                     "default-state": {
                         gradients: [

static/sw.js

@@ -1,5 +1,5 @@
 // TreeTrack Service Worker - PWA and Offline Support
-const VERSION = 1761483168; // Cache busting bump - force clients to fetch new static assets and header image change
+const VERSION = 1761483327; // Cache busting bump - force clients to fetch new static assets and header image change
 const CACHE_NAME = `treetrack-v${VERSION}`;
 const STATIC_CACHE = `static-v${VERSION}`;
 const API_CACHE = `api-v${VERSION}`;

version.json

@@ -1,4 +1,4 @@
 {
   "version": "5.1.1",
-  "timestamp": 1761483168
+  "timestamp": 1761483327
 }