Authenticate before opening the Carbon Halo control plane. Sessions are signed, roles are enforced, and operator actions stay behind account-based access instead of LAN-only trust.
Role-Gated Console
Viewers, operators, and admins each see the same core dashboard with different control rights behind the API.
Profile-Aware Sessions
Each login carries identity, role, and profile settings so the panel can become multi-user instead of machine-wide.
Signed Cookies
Session integrity is validated server-side with a dedicated secret, not client-side state alone.
Outside-LAN Ready
This is the first step toward exposing the panel safely behind TLS and a reverse proxy.