From 176ab4a1944b8072bd143f102ae562efaa0081a8 Mon Sep 17 00:00:00 2001
From: Kobe <kobeamerijckx@outlook.com>
Date: Mon, 9 Jun 2025 15:07:29 +0200
Subject: [PATCH] updated authentication of instances

---
 __pycache__/app.cpython-313.pyc               | Bin 10288 -> 11253 bytes
 __pycache__/models.cpython-313.pyc            | Bin 37357 -> 37475 bytes
 .../versions/761908f0cacf_merge_heads.py      |  24 +++
 migrations/versions/add_connection_token.py   |  24 +++
 migrations/versions/add_status_details.py     |  14 +-
 models.py                                     |   1 +
 routes/__pycache__/main.cpython-313.pyc       | Bin 85748 -> 87061 bytes
 routes/admin_api.py                           |  21 ++-
 routes/main.py                                |  21 +++
 templates/main/instances.html                 | 137 ++++++++++++++++++
 10 files changed, 240 insertions(+), 2 deletions(-)
 create mode 100644 migrations/versions/761908f0cacf_merge_heads.py
 create mode 100644 migrations/versions/add_connection_token.py

diff --git a/__pycache__/app.cpython-313.pyc b/__pycache__/app.cpython-313.pyc
index 0244db845e75700f226a8997045d0d237bc528af..6ca4e8a9c035defd40822643a9d1d02c813b7b9f 100644
GIT binary patch
delta 1882
zcmZ{kZA@EL7{~AJ>+S73+(KU{eOqY@V^Am?bQ9brgS`NwceprIR_Pt<MsL||ac=6E
zQ<nve8#yM^nc?O(9cr8le(}qa#YD52AZQIuLzXOAVode{WJc33`kX=wF0;-3o&WQk
z=YO7a4!3;0`_H|aMYWnH;Pc>zZ3p*RZ)&cJwJHe3@GM@J6U2)ubX#mARp`FB8mN_6
zb2OkWlDcIzDrp3Du82Xi67_N}TbSJ<Ez}j%&(exgRRf9p5`>-TH7qHD*aID84X{S5
zY_ob*1?2C`4CuN{19SIfOi7O_K(fVV;t<ua?BzwdB9~YdvLU^s7>$qyR3oneL!TTU
zU_|bEY{?sP59Dvi4d|h~2-H7?coT)=G0KNtp^Q1T6V_dix~XFH2W1Am5&2bS<Wu;S
z&H2rTp2qX!R@`0gW-FS=P%Bhf>ggWZyId3*C5YaZyo2?yZr02C*h;nvzH8a)CW?pZ
zP#a#Obls{e(&as&cHE_EXFgsTd+7hKCp++dpNG5d${X04Rpl$$+9ziHPt4Y>%66k(
zg=?#74dEbqL-`(ZB5WiGUb(7keUDN@)QeV}HiCtU&B{*C(ui&=+)7yIDY1<>K>7lc
z3yN!Mr4p7bhG$VELYGUwP$*ahOS8%*3UwPz@E1C4ye3vRkmxs~PpnxUwM(N`x6*7t
z;?pCW$xCKYyQz$vK%A+8Q*VyMqI@)w6vD~4kWoAn?;qYhJec6J40|k*<YM;!6zs`J
z283v2g33_C2~Oa{F;0lV)-sC0a3a}<<BYsN9vcet$1>DVJP}Ps<2;%+m6$a{0(XED
z1TNC|a+Euoq52Po`2jA*WzoFJZ_O6v8rl1yfa8<V@L(dCb+*RB(ZQe{Z8uq%Y|-v;
zB5^b>M1uCb7dgyh<SjI5-ez*A8C%*=l{T2tCFZonv7lGz=`+%K2B|EKBPnXz9Hl->
zkJ8h{o)qOR1RGLRV<GVTN_hnzoJYX#oNyRp5QE2vV+>&&0qhY3EE5>7V!Vd&I>rf%
z5y0{4y<vfm@&jm}#Y0w3p0Y^EAcbdZF-~ImG2Xza!>Gpy05Z}cA<8EO1}9zs_|)jb
zvO3e7I6j539|QjnNT>mJbg!&jc>xr>c0_^|Ps**eB5kSEw<soL?s*ZYM*-AsbB>fL
z+Q<hg&DoC8j(58r$q0k#{Eo35vy69!@lMz5ng%i*vkW`Ku)i=pXIk$S8|RE=Y3tgw
zc|*FqI$h>TTkF$SN4ngZcKP6<O-1M6q6vM;tj;;3b6yIjbnE7HMd#@;`n+aL^TBXR
z=U$Fyb&jSPog<}l&FKu&CG9EQ_ME6p>8f%9yc-J{*qqv(QdRu5fuJq(&FC##bz2k2
zl)^mUOsKRccVrXz0`IOTyF}u<jax09R?(D|?rf1xc{H6t=~ROhCZ>W?oM{n*{z*i4
z>E*w_kM=v-P_x}_`3U?IqKxzayuyct@m#cYx8vx9-7ftEGB?l_dyKq@^bUjaD#XIa
z7?+XXVWB?-`3(-Qpl2N+$3>9GweTB=#rc{*t$*FYWNc9Q3>Pe$?l{Wn35dU4GA%el
z?T?vimrS3pm_Q{&0J~kNgdwARDIDn&xFf?H{B*yB%q@6e2k$u3u+4}oAiIPU<7nKq
zUWU&ke1$TuM(ItE-=Weqe@iDp{fHR%Ch`*Mb_dAQlc(KslDvT4t0-NA&n)1B33#Kq
j1_HJUXECr<cpKfRaFXAnhZWDsSrMsSI3z*4JP-Z_?99o5

delta 1195
zcmZWnT}&KR6ux(6=Vxd32iRR?e_)oMWji!=7x@t)Vo6hIgx1<^V+>JT+2O~sv*a$s
zX4TXOAJmvuIIY%bZCb6?Xo3xiKJ-OjOMNibh?~Yp(!@0J0Yu}^i=MmFBG#MSbHDSQ
zbG|v}-udmZPY?Pwy<Uyry8qVRsl~d>zV}7HjIM}#GmYp;9ljI|s>7PN3+;wCsAa??
zMl-I%6&D6v9ZmpVarGklF&KpJT;AK<pIgxZX)A9FeJv&L(Yq+h;fj;dkb?+8ZNJ=w
z8hhmd@3su&*W?gfl6@FklY_NK^iG-yM94F0*X>$cs3bLu`XK|VT>&^wLy%HZSTLsW
zNscSccS$ZON#vK55d5svAo_dD?^C(Ipqg+@t*fA6)a`~x)d2jWMi4)+7>a=DZl@2y
zH(K)^y@fQA(cO3EP)N3p5L+AFbBD<!j%Ys8A^bbFK{A*zpdCm$C-mwG9d#ZQ4KhK^
z*5zsaqE~mLKmhk<i9$I1v7~0)y)t|i4pR+&3SabZyQE2%=>a3ULnuYzg;<oDU`4wO
z*MWj<mEF0*`26hrOwl@Q%4K!FXfZpRx7bnmAsPl63u@~4RMwuf@>U5_v3B?*wm=u4
zzkV<fTMZhkq3~*LWW%deYcEUdRdBYxNBdSCWF~gTs$gG32W?t@zCofjLC!pZrYy~}
zX?qS^x?<cHIL7IxxZ&?r^q>Jb-k_gEfHy^op9{;Wcv`5gk%s7|NaV!2z~QfLU^g{I
zB=-=#>G7T1|LXqN9=YLZx$bHG-A%M8wz98z*PxE@x;wI7MLhl&AO5SDM#Zb$bVL@f
z_87yB!b+nyB1$VeeZ&3IO0R_cO2356HBm%-P1Z(2%B@rIMPdlVmc;JYvHT;UEKSU0
zi$@t$Jg0e%ivpT>oVDRm_RVG|tuebWH#Sk2w{z@GBmt&c@`H<rO8)UeK3}j?o#~Ey
zr{?lA>@8&3DQ@0C^B*bqM1eg$oy%D^dmCeCc+we&CJr^;CDraoy~7h6DL9d6(B4J=
ztW)&a|BKR2(Yb9!W^2869{meW(ZSYLx(H^nQ$EcJfbnFv%m-%g!MS9Q^Z~*T;YRWg
z=@OzP_<lzpJq@*HCw*>t*i>jAf6L1AmOU0@1&04qZUzy*lgdbpx5)S>85d(Oal^$}
Z2~M;%(JOGd?Q!K<O8py5gzB9){{eLxBdP!Z

diff --git a/__pycache__/models.cpython-313.pyc b/__pycache__/models.cpython-313.pyc
index bda7478b3242fe5358e8f1d6807430252b51f8d2..32cd4ed80b70598c2a7700638156820112752d2f 100644
GIT binary patch
delta 269
zcmaF6nCbBnCf?7yyj%=Gu;Qd!#*U4=3)>lIZC>9#jcKw&p4jBKU0j^Z!OX$zmdr(>
zlQ)V<PoA74Jb6PG>ty3BF@8Z)MvzVhhF~F}yac*D2TXplqpbMk35+Z<aP`8LEJc#R
zB2o-RQo*7{(&=KF;*+_$<5*uh08N{m(QU-IZ}RN!Rz~K@ianZ>xpGV<D+I7kZtlqt
zx+RdDpO=@KT#}ie7hjT}otiiKb&oA$&ScHrZ&Kot(<>)cE)ZHSxkz$_(PG&RB?nS2
oihEyR5!o!)H=B|1;^tlb3QWR6jG7%q{S}=RUm1YRB2%E90H{<``2YX_

delta 203
zcmaF7gz4>KCf?7yyj%=GV7SjMBYPw7!gj{6&FkBzF-`uJFT%(+c|wxp<mfIgRzXYV
zBJs%^#iUWhIbrg`LY6E=62Zb!3`LT`B1KZ^qMBlp{kr2OZ|pW=+snwnP_%RMh6v}$
zIz6_GOp~*EG$%8Qh)q_=k(;a#z&iO%PsU`oUR$0(pu#qW8zS-zz7HlZR1}$<StK}l
mOYgDGQ~PEyGM?XTFhPMySddY(qo}{4v*IfQkXd93bUOe6W<zrT

diff --git a/migrations/versions/761908f0cacf_merge_heads.py b/migrations/versions/761908f0cacf_merge_heads.py
new file mode 100644
index 0000000..d9907ec
--- /dev/null
+++ b/migrations/versions/761908f0cacf_merge_heads.py
@@ -0,0 +1,24 @@
+"""merge heads
+
+Revision ID: 761908f0cacf
+Revises: 4ee23cb29001, add_connection_token
+Create Date: 2025-06-09 13:57:17.650231
+
+"""
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision = '761908f0cacf'
+down_revision = ('4ee23cb29001', 'add_connection_token')
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    pass
+
+
+def downgrade():
+    pass
diff --git a/migrations/versions/add_connection_token.py b/migrations/versions/add_connection_token.py
new file mode 100644
index 0000000..6070679
--- /dev/null
+++ b/migrations/versions/add_connection_token.py
@@ -0,0 +1,24 @@
+"""add connection_token column
+
+Revision ID: add_connection_token
+Revises: fix_updated_at_trigger
+Create Date: 2024-03-19 13:00:00.000000
+
+"""
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision = 'add_connection_token'
+down_revision = 'fix_updated_at_trigger'
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    op.add_column('instances', sa.Column('connection_token', sa.String(64), nullable=True, unique=True))
+
+
+def downgrade():
+    op.drop_column('instances', 'connection_token') 
\ No newline at end of file
diff --git a/migrations/versions/add_status_details.py b/migrations/versions/add_status_details.py
index c073ac6..34b1f4a 100644
--- a/migrations/versions/add_status_details.py
+++ b/migrations/versions/add_status_details.py
@@ -7,6 +7,7 @@ Create Date: 2024-03-19 11:00:00.000000
 """
 from alembic import op
 import sqlalchemy as sa
+from sqlalchemy import text
 
 
 # revision identifiers, used by Alembic.
@@ -17,7 +18,18 @@ depends_on = None
 
 
 def upgrade():
-    op.add_column('instances', sa.Column('status_details', sa.Text(), nullable=True))
+    # Check if column exists before adding
+    conn = op.get_bind()
+    result = conn.execute(text("""
+        SELECT EXISTS (
+            SELECT FROM information_schema.columns 
+            WHERE table_name = 'instances' AND column_name = 'status_details'
+        );
+    """))
+    exists = result.scalar()
+    
+    if not exists:
+        op.add_column('instances', sa.Column('status_details', sa.Text(), nullable=True))
 
 
 def downgrade():
diff --git a/models.py b/models.py
index 727f100..4fd334f 100644
--- a/models.py
+++ b/models.py
@@ -508,6 +508,7 @@ class Instance(db.Model):
     main_url = db.Column(db.String(255), unique=True, nullable=False)
     status = db.Column(db.String(20), nullable=False, default='inactive')
     status_details = db.Column(db.Text, nullable=True)
+    connection_token = db.Column(db.String(64), unique=True, nullable=True)
     created_at = db.Column(db.DateTime, nullable=False, server_default=db.text('CURRENT_TIMESTAMP'))
     updated_at = db.Column(db.DateTime, nullable=False, server_default=db.text('CURRENT_TIMESTAMP'), onupdate=db.text('CURRENT_TIMESTAMP'))
 
diff --git a/routes/__pycache__/main.cpython-313.pyc b/routes/__pycache__/main.cpython-313.pyc
index 53844d3312253e5c0bea45c10544c3f739f9ed42..2163a11856b8d35cbd5d97733ab96b002d2e532b 100644
GIT binary patch
delta 4937
zcmbtY4RBLc7JesbUef$DE$RPn3h7UvP+D4~h(cSSrBJ|z^0N%o(59u5Cgr}gh2mQ9
z4;2ycs*e>>W*v5{B2u$s)ddC>sXMStvDKAFcZ9W~&hALD;A~k}_nw>5U<F6VH<PdD
zoqPW7x#ymHU$5-dJpGa;Y|v!V3+zcbId^TDr6cT>5Z#xdg0R}QI*q;)G6-q3LyV!P
zG|7<W|Cgp17$aL7k4#OJ!;lU1Q*Eru5lss<2^zg4rol$f?@OjhcSNd|*yt8*zQL9c
zXkQSl0&1ya9dY!WHc4a414lf)q)GC-b*apZMz3;=MKkn|p(}LPm8e?Z5@kn64r768
zWk|r3AUMX;9r_8OX^x1%2z^gKZA8hhHcW%0n<(8DFXRU-(7DD5YDYmlec1Tfh#p;U
znx=D@hb?xP_F=%2ORvXrgZFtOhOQeFJmcyFd)dNjfgWm(^t;1i*Fd}fp~kKdxaKc!
znyn7I#ypeL2<I8l!Ws*GeZy(Upxc_0t<GlGM4xw^%Tqm^EhZueTK2QB-{5%abnTaS
z#zQ3C++w7)?(y;=8|WuHMV1O}rRsL3<unVzO15-?#}VStO@`~CJ3{kRHX&J{@2rWG
z*QCK6wA`z==pBZjh)qZpRwl~hGa#E9?@eX`Mo6W<^Cr=qK0V#yjRqs_@TJUBG(67M
zh$R@VwO+Ck*ZQV<;;JE+m}~MigVxx<pv0zCW0jh!t6h>*+vIj{v`0MIIF2@M5EF22
zWPpJZUhVaGT-CmMucwOJrt8nfWs|?5zz_ooSKZ1UQh?$Xv|3f~k$g^1wJV^ZWYP;q
zqvL)$@HtD2bWxyRH?FF<XtwNZ*;msOGrrFfzq_P6ZCZCiL62qno5kIhncc>j10iDQ
zlut6VURu^}dZe`1nAT?u+fnvt+24&xXN*a`#uQYW*PT(=olw+cDeg8F)2!y{W0P4>
z?^^PTb;5f({p>O7_r~PUHmQ$mfziiJ8ixM1je}+g^GlEZ4=N*AL?jGh48j*on^=&F
zL@+b3>qtD(KQ9@Bk{YrY^~3z{Z(9mrrit52AdJ>*&y5dS81050+D@a>n6?sHTkm#N
zH9CE3NfbJarYoLU1K;}(KQUH>4fNBeK7sq_n@<zSrxTvZhX?)6XUrOirR(?1*Tpi0
zb`>e2$M?(`GvcgWB(pG}Seo$Mh3P0m{)F!fkUEZ3IZ`9?M9p~Z2Erw0;ZPAm37xuk
zqPQ5zMYMjeRb0eKWh`6cs4$P$S6^FS?Zk4C9`nDx_q^D~)n}qOw^4``H&l%-mm;h{
zD8_-cNL3)r#@Bn0T7)nMU*|GtR|jSh40ApXEo5L%AiQuZknsU(IY5x986xN_&*kKi
zCCJByN|qwU1It9}mKj(^x9)eq`~GwLlR`x9aX$UN-9DMCZbM7A(r;HOI-ZTH`Wmv5
zE_-=74EYbe9IpZsJ$b+$#a)J@1p~sT2y1BQt4mZywZH1s$03YMAS|(~h=~pzd=X;(
zdtdttXiUhYrw^n@1r7XggO%MK3&HCDq9ais&J!KX@my*-oC<oHe|S;u2Ap{-0$<C!
z7^P^MBo~nsv#Y^b@2>K>8XDbBpGzWE6l<Yx9G(mn^ozqe;Gl6wl43BSil)(7$3)PR
zqLy4fvXqt|nH9)ZGNnh3w%v=`zekwJqO_aIeMn=oSB%x(hDN7nV^yt}G>{hL^SDMr
zB5lYE6dt1#9Y)A<Dk&OQv&-Wn2XW$?Q3&TEu|CV&5w@h^hjt&G1X=zcj@D~!G79cS
z_yfYT2zwBoL)eSZLLWb2PsAKwGqE&yCb2pB>OFN5X=Xe-5Fb5rV!DB+Bv52Dy6aA8
zp_N^g;wH9dq-;4NmYv8Sb!}HqL^muglADaUR@6SXbc1WYoOAgi?>KoIOKsQ5Txh1(
zPA-Mr{<}^!h=wf~S0Ib@uOF^3KF{7;Gm5=#FOg`<wkTTMlWJ<h=v3Fm*7rn<38<Dt
zxA#nCMR&Z%YfC`}-y*^2BQbyX<G`?kWxYv(#fzY=z478O_u1Zs@Rt9p-aa)Pq$fTp
zWfsk6v*CF<^Q_Hqqq^s;OZ#uk!U2I^>do?t${V3f<;Z6_O!(4g8RBc`>kv)skEIp;
zu~W!4e19BaJHitPI}mm<P>gPGowur~v4+)Q4e3C>pSJa9G5-hpA1gu6!6HIgat0@a
zEtH%?YAjL|sc}fz5K{4#^#(x+@zpoDNIG5EpP2A7kx-Tt1K<C=@7rnL=P6*N-+exg
zUAe3m*QtaM|MrU;LfPVp1DoJ(djG&3aEcxqNQ7?sj{yg)ra6~iVjShN6V~`=d@~u+
z(7#<xPGcBQt%%MBZ<EI-Vbir*H}m6^oT0l0E1-_{4;CeUgz_5F&Hj*oBAi9|7(t;$
zS5|?G?z@r?GwH`yUKCF;c55a*bk*vA;cBTG`skPc`SCi%45b?aYl{~8Y3a}$ao89g
zDu=uL7lv*#IA-BsA;MzJSrJmduy3~m*?~H|ePib)r3mxnbsAW@YSb?0lH3{h!#6#z
z`c0^V!uHVN0!7A11G#Cp*diy3U^Cos49L68aJ!xNe{2weGwxBOD$(2nNIi(K2Vtq)
zA%bN&)>hD`-4vKkFi4(^5)@jFumWK!(^rf>ug~eO;{8bqbXPuIKC65|o|Fo4S{}KQ
zfXAjbAo*11axLuCF8B>OCzmmZV8&O=d1jbs;NG#plf|;z4DmlnO&d=QKNV+T2KaLD
zqm8%MVC7#$BY0P^8-Hm!$T!?E0*`|-N-{DN*5D)04~HpmuCpy1=7@=_nS@<Sf|2l(
zmPc|`J|7LwPPk=g*HBfX=y*o)=%w=h7^sD)PGc<0(@q+dTYl%@^?b97$7T6}6etWk
z#B3^}W23~*LsBMxm;x)si;PDq<*r<?L518`2(fab70TO!nc`O~o=1LH=JzYio)RLt
zT<Zva3;eXCeq2a_d>K^Cm63rWdYgQWO+I2m4yKX3&OkB+b1BbAg(A4Uvn>@`#o<mX
z|BwOEF_EYf#lS8Gwlb=c1UV}ctYQ+<ez_tOvc-U)yfu@hYgmac?@gQ#oY_j|k9>nL
zh=9|xhmaU_5QlJvzR(*Z=i8x3yidd8djOBa^v)OU@RfEFL04x{PeSS#QZtbnwKCjX
zk^FWJ*hNkk%U|U{VnXm*h%IFaDMtgtjm4S^*0xqO7Q8-i2i!JqEZh{|hnrE3w;0r5
zmy%#J40e}aWz32eb!d`Z5;pPL_|ZoDHW#Ma_(ppWC3*W8)s5nDHkG{n+|AohCNf4M
zV^Q90KEX!B+mBe?<nz|nj=I|gE>e8fc=IB==vzk<RistEFa=WJU?=23x@KH5F5pP5
z1iU@W#1*Z?E?ZSjABmI83czl=m0;jPY~#fs%LTAn3+yvkI>Y|I&}HkiPKS%)uiJ!4
za$X@6TFO|;6qrbuVS$KfUMoLR2sWb*=}-i{O8y`h#s&6cP8*Mq=a+xbJ%ox|5qRIv
zLW*xKzMI0(0N=8F^2czL7c(z*J{>c6#0Kp8(W@|O+w!V0grht+o-WHpumGYv`-{M%
ziW-ZnkCzce*Wg^|s;MWEJzcJw1DS3AMZW@$s}Xbvxd>Ac3J_)>;3pTULa0HgLvSN_
z5uQTWhwuu*pAk9{P9S`Zz&r7`NC_Bb1VX&Z%8&=2f$!M}IVjV^!jjS%(931kC+COA
z3+6(UA)k#i4MB<#JKb|(7vzbit*f@I>bA@{)_iR3=2hLAMSU7epC<9LDqJ&VP%Vf_
z2$2YjVL)We0bA#HCD5ROcjbG^A>Dv|js(_5-ct_AuwQ<=92VIpU>N+EMz5rlxg|3Y
d_<tRAGa9@#O>Wnnq(shT_tel$v7qPU{|A0ql)wN0

delta 4387
zcmbVOeQ;FO72mU)eY>08d;q&7Y&Ic~5PgLJ%0~c0Ohf`0LVyJd+7bh7AiBwhyBp<0
zjTUQb8C1BHhtifW+c6*@eI3$Tr$eMg2c+UCg*+96VWvbF>Bu)D(EGbD$;JRq>-*#P
z&b{}1-E+@9=f3);{lahU$>)=j5-sAp{7&g2Z|bh(Z3)h`E{kPu&fHwyl5n1K`7R}m
zXMO78hwVPf)z8?+k(eCf@FxU)wK;r)V;JS|PaGozx}5!Ny@P2y-<fI88BW1;e$Jjr
ziO@iO_(6NX8uarLdxjo%_9L#jyj*uZ><qexP|!2l%6*AX`f`Fj%+VtW@Csj0<(m=*
zx_&f*%rQTlII2@f_qj)ryJIO>;OCEd270;(kLD*_z4&HNt2dZ(i{=t@F{zKYLqiwI
zadPow(sPc57Ios3`4*mZAzgnj**lL^{Yd@$33OH8(D0y*uJTh$zSgUs`6h*&`ka@p
z(@eK;l{o<(z`up#ED2OHz$HL+GB4=w=j;JaJDUo5r@rl#Swt>wT{D54{Gm1X`r{h9
zo8fEM@ZNoewBf3*35P1{t73~-3Jj+5`}sU-(>L?}3eD&Lc<m_F@ZY`8XbA7IegsAI
z3F}kr)RX^sW0|w35NNWpLcVq5_@14{niN(HhkA0_bYcv6*dH)11@(7O6F_zHGn<%e
zax=*}21|v25+2x`uRH{D60g{tO_O;2=DVmtU$^;7rBO1E#-fzCuTyM349o(|0gT1M
zB2d!-MHoH?sseC7hQ$J!Y^Kj~r^aJxq5w66Ilwy^6CZ#oCkt8lbDK(rvniOw{a{l;
zNw4~Yy5nZ2@!G9HdRuSVnwg+TbL07`9qLdix)Pf1B;RB;oOO{{O?73>0ydM6-8q|1
z>1%iTt>oalcBwvTG8G!!fa8Fl@N>InD3`4kOLPHWzq43>@sATJS#knqs8;6S$Mr2_
z(^vfIuOu|xzk9g*Mi=>Kc26O<esFgnF;yN*Jha99>Yjd-z%yDZQW^Ff1IPm_<I7qC
ziXY>}{5LH_X)-_9au1dBn=P4Xh?!xpuUZ(2%9A#1(NK&{<-^`9HUpB*m%jJ6iBCZK
zNkG1EM@?Z%K#vf#;h7()t*@$ET3H=owQMowr30pI43`4h)2MN;Us;B6jBnUG-jOEK
zExN?U_Z;);H}_UJ@>gSR4S)lF4R{r>7N7xOVp&eGe8yD1xGgJdFms5BYe}_LHFbl9
z^Rb$`g;7>7=2T*Jy!pTwx7@p#E&SU9MYNdT_u)*c)>nVnY|DoovFm7<b=o#;v2e7D
zZ5WtQDvzh(P=Sct_CxnlJ^%91EM)~Ya9ul5L<97ykH;zQ<${-);o>`w%%OGMb+kl{
zz#VJ*yr7#BWSuZv4bc#*tgEUGF&_lec=YH<aqwG@MsoXLLS}p1e=m~ZDJ-;`7~7g@
zo|BtD+Ui%@XP<4ILT~6FwSI1+H~Cv%OcWX~elbK@Cj`}G{&kx_^%g}lj)mxm{?4(}
zE+Mkz^gY7y!>8|RY=W(=0*us-bMA<->S51f^*O-L04o5`1AY#80q_gJF99zCekH*0
zgd+<hl@0X^s$!u9Y#Zjc3s{yn&P=834injYd0THc!oRHFc*Y`(f86HhyW6ViDW3UN
zS~ZF$`wTG&fa0JsL1h8@VJPZ@#Yl+NhzMt6@&~xgMUV%^i%|~Ld;{Gp0Ih(7fb#-W
z2lMljU*%9=uAF(?aR%uTM1Bv_-#9bDC35HNh2>Pn7hN2iwNEH&L+4bjh7yj(SWUfQ
zk2TbXLn3qc^Su{?qRggUdXx6?J(sGeT<?E*C^@kq)y6*H4_^r=2gJZA*NXF~_nOOT
zyy;3dP3QZsJP`N@Tz0l!{MhG!PXLDipYpq}{*<Qj7p{(=(fr-3TWFvD=(SoK{fqze
zdak=`c3r=o=QdLcg2(va8{?IB9ZPSNQ=$I;jRN<uF<6vEU-rI24Cf;t@$%HY@@w}b
zlFwZX&IbVFv}uVnYhJg)@iLT1?NYI<Bl3PVKnBdJD}JZqHR-km2!d*kmNkI-y1TRw
z?MW})*C<;@3e3rKei2j!jL0K?9>etj*;vGxnstzMzeO;S#JagH<52=-(*Z%iNTI^;
z#3He(aAoL;P)c1aY8Go5fu-8FZptR6WqQP~vAM`YuQ;atfH1?9Y_MlQ$u28nK3fb`
zMSDAgyxK4?dCitl1}2nkHNYDW`EH3)SVl>Ppco;L`;-lG2Zr$*at?~{xDX}ce+&jY
z+hN>1yj5D3k4hc;#Px{wweqna=Qh9WqYQ;+Yuhr&Pv^9K8T9(VJ6gYhZP*Q`2yR^r
zJ$jY4GC<W1i(M#OL{ecOllnRacMGe`RGGcEd#IezYI3P0Sr$YkxHK9I)v^b*Kj+dT
z%9q$cg|@wba%r+wG=M^l@rcMbmkfoh6o?H&l#GOEDD*fJZ}{6J&Ue$rjEh~o9+)D)
zP$CVn`i2;DU}hDJza=1=BvfUapVmK*9&qGg#{;csvCWNn^r$i?Uel99qHBgL#V+c@
zq85t|l?-hu0#wC($wH~@O@_OJO@z}(>Kw@Cl?JZu+NgXQqL?bQ+I*ViXjjLJS_AEE
zN;{rUex(P@^wMtT(_E@)o;#Sl&cR{mkkzyn)E>mB+oMvJ0V!LkZ5&Cesb{SA(MSqp
z#GjMM@foZf3filSQb5^_F{nj;GnwhqK)kw0wX(!41B<LPkPwfZcnR!$_H=z;f&KfH
z`N86p6^K}a%#rWhuFnf-q*;TW0jI1ODR5tAkgP_23}s2WUHQ2itDSBNmv84!yb#Iq
zqs(uJMXIYic9JeM$hgE~fcG6+DIRJ8hvYK+=rleLk|z2Z@@k#TD}Hlt@8-18bSWVx
z9S7T)M5Y@r2sMTyii=nk6Q@43h}7IWF`6&#EHgizE~2^Cv-ajMiYVp(ys2rLzm!UP
zJt*R7P(Bm-EX)F}q}7#DuEz@621u}KI|?YrytL_>QA&N>(mQzqPVGi1r7x8CPF^)9
zWaNF8+mwOsg}FyyLOSlkP~Pdp?g!EBPRo=`1iRFotvx+~CKEO9pFnk1UjWH~_l)7J
zt$IAPpoT@&0b2P(ba&%57`q9uf@u(7C}0?1Bw!L?4qz^z3Q!HG0lWlw9q@a=4!|zJ
z9>8gU>_z_pbq(N#n_fVSkSzT`s(^u5{zNzv9ia6nqdaX?ndt6A#8NgUPuiPjm(gl!
z&MK#{o!-?}PNzIKiWnP&9oV&Zr&AVf&_0_^73u&elWi9Y*hFv?0!9lkoQ1WK1r6a)
S5i8MxLHdiUI-L^b`hNi^nE4R^

diff --git a/routes/admin_api.py b/routes/admin_api.py
index 6688902..0a8b606 100644
--- a/routes/admin_api.py
+++ b/routes/admin_api.py
@@ -1,4 +1,4 @@
-from flask import Blueprint, jsonify, request, current_app
+from flask import Blueprint, jsonify, request, current_app, make_response
 from functools import wraps
 from models import (
     KeyValueSettings, User, Room, Conversation, RoomFile,
@@ -13,6 +13,25 @@ import secrets
 
 admin_api = Blueprint('admin_api', __name__)
 
+def add_cors_headers(response):
+    """Add CORS headers to the response"""
+    response.headers['Access-Control-Allow-Origin'] = '*'
+    response.headers['Access-Control-Allow-Methods'] = 'GET, POST, PUT, DELETE, OPTIONS'
+    response.headers['Access-Control-Allow-Headers'] = 'Content-Type, Authorization, X-API-Key, X-CSRF-Token'
+    return response
+
+@admin_api.before_request
+def handle_preflight():
+    """Handle preflight requests"""
+    if request.method == 'OPTIONS':
+        response = make_response()
+        return add_cors_headers(response)
+
+@admin_api.after_request
+def after_request(response):
+    """Add CORS headers to all responses"""
+    return add_cors_headers(response)
+
 def token_required(f):
     @wraps(f)
     def decorated(*args, **kwargs):
diff --git a/routes/main.py b/routes/main.py
index 9d05298..89cba90 100644
--- a/routes/main.py
+++ b/routes/main.py
@@ -482,6 +482,27 @@ def init_routes(main_bp):
         
         return jsonify(status_info)
 
+    @main_bp.route('/instances/<int:instance_id>/save-token', methods=['POST'])
+    @login_required
+    @require_password_change
+    def save_instance_token(instance_id):
+        if not os.environ.get('MASTER', 'false').lower() == 'true':
+            return jsonify({'error': 'Unauthorized'}), 403
+
+        instance = Instance.query.get_or_404(instance_id)
+        data = request.get_json()
+        
+        if not data or 'token' not in data:
+            return jsonify({'error': 'Token is required'}), 400
+        
+        try:
+            instance.connection_token = data['token']
+            db.session.commit()
+            return jsonify({'message': 'Token saved successfully'})
+        except Exception as e:
+            db.session.rollback()
+            return jsonify({'error': str(e)}), 400
+
     UPLOAD_FOLDER = '/app/uploads/profile_pics'
     if not os.path.exists(UPLOAD_FOLDER):
         os.makedirs(UPLOAD_FOLDER)
diff --git a/templates/main/instances.html b/templates/main/instances.html
index 8da9ff8..642f4ed 100644
--- a/templates/main/instances.html
+++ b/templates/main/instances.html
@@ -43,6 +43,7 @@
                                     <th>Payment Plan</th>
                                     <th>Main URL</th>
                                     <th>Status</th>
+                                    <th>Connection Token</th>
                                     <th>Actions</th>
                                 </tr>
                             </thead>
@@ -64,6 +65,19 @@
                                             {{ instance.status|title }}
                                         </span>
                                     </td>
+                                    <td>
+                                        {% if instance.connection_token %}
+                                        <span class="badge bg-success" data-bs-toggle="tooltip" title="Instance is authenticated">
+                                            Authenticated
+                                        </span>
+                                        {% else %}
+                                        <span class="badge bg-warning" data-bs-toggle="tooltip" title="Click to authenticate instance">
+                                            <a href="#" class="text-dark text-decoration-none" onclick="showAuthModal('{{ instance.main_url }}', {{ instance.id }})">
+                                                Generate Token
+                                            </a>
+                                        </span>
+                                        {% endif %}
+                                    </td>
                                     <td>
                                         <div class="btn-group">
                                             <button class="btn btn-sm btn-outline-primary" onclick="editInstance({{ instance.id }})">
@@ -173,6 +187,37 @@
     </div>
 </div>
 
+<!-- Auth Modal -->
+<div class="modal fade" id="authModal" tabindex="-1">
+    <div class="modal-dialog modal-dialog-centered">
+        <div class="modal-content">
+            <div class="modal-header">
+                <h5 class="modal-title">Authenticate Instance</h5>
+                <button type="button" class="btn-close" data-bs-dismiss="modal"></button>
+            </div>
+            <div class="modal-body">
+                <form id="authForm">
+                    <input type="hidden" name="csrf_token" value="{{ csrf_token }}">
+                    <input type="hidden" id="instance_url" name="instance_url">
+                    <input type="hidden" id="instance_id" name="instance_id">
+                    <div class="mb-3">
+                        <label for="email" class="form-label">Email</label>
+                        <input type="email" class="form-control" id="email" name="email" required>
+                    </div>
+                    <div class="mb-3">
+                        <label for="password" class="form-label">Password</label>
+                        <input type="password" class="form-control" id="password" name="password" required>
+                    </div>
+                </form>
+            </div>
+            <div class="modal-footer">
+                <button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Cancel</button>
+                <button type="button" class="btn btn-primary" onclick="authenticateInstance()">Authenticate</button>
+            </div>
+        </div>
+    </div>
+</div>
+
 {% endblock %}
 
 {% block extra_js %}
@@ -181,11 +226,13 @@
 let addInstanceModal;
 let editInstanceModal;
 let addExistingInstanceModal;
+let authModal;
 
 document.addEventListener('DOMContentLoaded', function() {
     addInstanceModal = new bootstrap.Modal(document.getElementById('addInstanceModal'));
     editInstanceModal = new bootstrap.Modal(document.getElementById('editInstanceModal'));
     addExistingInstanceModal = new bootstrap.Modal(document.getElementById('addExistingInstanceModal'));
+    authModal = new bootstrap.Modal(document.getElementById('authModal'));
     
     // Initialize tooltips
     const tooltipTriggerList = [].slice.call(document.querySelectorAll('[data-bs-toggle="tooltip"]'));
@@ -409,5 +456,95 @@ async function submitAddExistingInstance() {
         alert('Error adding instance: ' + error.message);
     }
 }
+
+function showAuthModal(instanceUrl, instanceId) {
+    document.getElementById('instance_url').value = instanceUrl;
+    document.getElementById('instance_id').value = instanceId;
+    document.getElementById('authForm').reset();
+    authModal.show();
+}
+
+async function authenticateInstance() {
+    const form = document.getElementById('authForm');
+    const formData = new FormData(form);
+    const instanceUrl = formData.get('instance_url').replace(/\/+$/, ''); // Remove trailing slashes
+    const instanceId = formData.get('instance_id');
+    const email = formData.get('email');
+    const password = formData.get('password');
+
+    try {
+        // First login to get token
+        const loginResponse = await fetch(`${instanceUrl}/admin/login`, {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/json',
+                'Accept': 'application/json'
+            },
+            body: JSON.stringify({ email, password })
+        });
+
+        if (!loginResponse.ok) {
+            const errorData = await loginResponse.json().catch(() => ({}));
+            throw new Error(errorData.message || 'Login failed');
+        }
+
+        const { token } = await loginResponse.json();
+
+        // Then create management API key
+        const keyResponse = await fetch(`${instanceUrl}/admin/management-api-key`, {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/json',
+                'Accept': 'application/json',
+                'Authorization': `Bearer ${token}`
+            },
+            body: JSON.stringify({
+                name: `Connection from ${window.location.hostname}`
+            })
+        });
+
+        if (!keyResponse.ok) {
+            const errorData = await keyResponse.json().catch(() => ({}));
+            throw new Error(errorData.message || 'Failed to create API key');
+        }
+
+        const { api_key } = await keyResponse.json();
+        
+        // Save the token to our database
+        const saveResponse = await fetch(`/instances/${instanceId}/save-token`, {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/json',
+                'X-CSRF-Token': formData.get('csrf_token')
+            },
+            body: JSON.stringify({ token: api_key })
+        });
+
+        if (!saveResponse.ok) {
+            const errorData = await saveResponse.json().catch(() => ({}));
+            throw new Error(errorData.message || 'Failed to save token');
+        }
+
+        // Show success and refresh
+        authModal.hide();
+        location.reload();
+    } catch (error) {
+        console.error('Authentication error:', error);
+        alert('Error: ' + error.message);
+    }
+}
+
+function copyConnectionToken(button) {
+    const input = button.previousElementSibling;
+    input.select();
+    document.execCommand('copy');
+    
+    // Show feedback
+    const originalText = button.innerHTML;
+    button.innerHTML = '<i class="fas fa-check"></i>';
+    setTimeout(() => {
+        button.innerHTML = originalText;
+    }, 2000);
+}
 </script>
 {% endblock %} 
\ No newline at end of file