From c5ab93e5eba0d6a3a1d8cf8e0f5685186abc4d54 Mon Sep 17 00:00:00 2001 From: Claude Date: Mon, 11 May 2026 18:13:23 +0000 Subject: [PATCH 1/2] Settings: rename "Supabase password" -> "account password", push API keys near the end Two small follow-ups to the rotation form that just landed: 1. "Supabase password" reads as developer jargon to anyone who hasn't thought about where their data lives. "Account password" is what every other app calls the credential users sign in with. The subtle copy under the form keeps one explicit mention of "your Supabase account" so the user can still tell which credential they're touching, but everything load-bearing in the form chrome - h3, labels, button, error/info copy - now says "account password" instead. 2. API keys was the first tab in the sidebar - the most visible slot - even though it's a credential-rotation pane most users touch maybe once. Moves it between Security and About so the sidebar's reading order matches frequency of use: AI / Journal / Wiki / Appearance / Usage first, then the seldom-touched account-config trio (Security / API keys / About). docs/user/settings.md updated to match the new naming. --- docs/user/settings.md | 4 ++-- src/screens/Settings.svelte | 18 +++++++++--------- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/docs/user/settings.md b/docs/user/settings.md index 6c0389f..332ab4e 100644 --- a/docs/user/settings.md +++ b/docs/user/settings.md @@ -68,8 +68,8 @@ Two rotations live here: - **Master password** - the passphrase that unlocks your encrypted config blob in this browser. Re-encrypts locally; does not touch Supabase. -- **Supabase password** - the password you use to sign in to your - Supabase project. Nak re-verifies your current password before +- **Account password** - the password you use to sign in to your + Supabase account. Nak re-verifies your current password before updating, then calls Supabase to set the new one. Both require the current password and enforce an 8-character diff --git a/src/screens/Settings.svelte b/src/screens/Settings.svelte index a1360b8..5c1cb04 100644 --- a/src/screens/Settings.svelte +++ b/src/screens/Settings.svelte @@ -123,13 +123,13 @@ | 'security' | 'about'; const GROUPS: { id: Group; label: string }[] = [ - { id: 'keys', label: 'API keys' }, { id: 'ai', label: 'AI' }, { id: 'journal', label: 'Journal' }, { id: 'wiki', label: 'Wiki' }, { id: 'appearance', label: 'Appearance' }, { id: 'usage', label: 'Usage' }, { id: 'security', label: 'Security' }, + { id: 'keys', label: 'API keys' }, { id: 'about', label: 'About' }, ]; let group = $state('keys'); @@ -1134,7 +1134,7 @@ authPwError = null; authPwInfo = null; if (!authPwCurrent) { - authPwError = 'Enter your current Supabase password.'; + authPwError = 'Enter your current account password.'; return; } // Supabase enforces a 6-character minimum by default. Bump to 8 to @@ -1155,7 +1155,7 @@ authPwBusy = true; try { await app.supabase.changeAuthPassword(authPwCurrent, authPwNew); - authPwInfo = 'Supabase password changed.'; + authPwInfo = 'Account password changed.'; authPwCurrent = ''; authPwNew = ''; authPwConfirm = ''; @@ -1900,31 +1900,31 @@ -

Change Supabase password

+

Change account password

- Rotate the password you use to sign in to your Supabase project. + Rotate the password you use to sign in to your Supabase account. We re-verify your current password before updating, so a stolen unlocked tab can't quietly rotate you out of your own account.

- +
- +
- +
{#if authPwError}

{authPwError}

{/if} {#if authPwInfo}

{authPwInfo}

{/if} - +
{:else if group === 'about'}