More stuff for login and editor
This commit is contained in:
Caleb Gardner
@@ -39,4 +39,29 @@ func (e Editor) LoginPage(w http.ResponseWriter, r *http.Request) {
|
||||
sendContent(w, r, string(dat), "", "")
|
||||
}
|
||||
|
||||
func (e Editor) Editor(w http.ResponseWriter, r *http.Request) {}
|
||||
func (e Editor) Editor(w http.ResponseWriter, r *http.Request) {
|
||||
hdr, err := back.ParseHeader(r)
|
||||
if err == backend.ErrApiKeyUnauthorized || err == backend.ErrTokenUnauthorized || hdr == nil || hdr.User == nil {
|
||||
if r.Header.Get("HX-Request") == "true" {
|
||||
w.Header().Set("HX-Location", `{"path":"/login", "target":"#content"}`)
|
||||
return
|
||||
}
|
||||
w.Header().Set("Content-Type", "text/html")
|
||||
http.Redirect(w, r, "https://darkstorm.tech/login", http.StatusSeeOther)
|
||||
return
|
||||
}
|
||||
page, err := editorFS.Open("embed/editor.html")
|
||||
defer page.Close()
|
||||
if err != nil {
|
||||
log.Println("error getting editor.html:", err)
|
||||
sendContent(w, r, "error getting page", "", "")
|
||||
return
|
||||
}
|
||||
dat, err := io.ReadAll(page)
|
||||
if err != nil {
|
||||
log.Println("error reading editor.html:", err)
|
||||
sendContent(w, r, "error getting page", "", "")
|
||||
return
|
||||
}
|
||||
sendContent(w, r, string(dat), "", "")
|
||||
}
|
||||
|
||||
@@ -0,0 +1 @@
|
||||
<p>THIS IS A POGGIES EDITOR. SAY WOW!</p>
|
||||
|
||||
+3
-8
@@ -1,14 +1,9 @@
|
||||
<script src="https://unpkg.com/htmx-ext-json-enc@2.0.1/json-enc.js"></script>
|
||||
<script>
|
||||
document.addEventListener("htmx:beforeOnLoad", function (e) {
|
||||
console.log(e);
|
||||
e.preventDefault();
|
||||
});
|
||||
</script>
|
||||
<form id="loginForm" hx-post="https://api.darkstorm.tech/user/login">
|
||||
<div id="invisiblePusher" hx-push-url="/editor"></div>
|
||||
<form id="loginForm" onsubmit="login(event)">
|
||||
<label for="username">Username:</label>
|
||||
<input name="username" id="usernameInput"></input>
|
||||
<label for="password">Password:</label>
|
||||
<input name="password" type="password" id="passwordInput"></input>
|
||||
<p id="formResult"></p>
|
||||
<button id="loginButton" type="submit">Login</button>
|
||||
</form>
|
||||
|
||||
@@ -104,7 +104,7 @@ func (b *Backend) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
||||
if r.Method == http.MethodOptions {
|
||||
w.Header().Set("Access-Control-Allow-Methods", "*")
|
||||
w.Header().Set("Access-Control-Allow-Credentials", "true")
|
||||
w.Header().Set("Access-Control-Allow-Headers", "*")
|
||||
w.Header().Set("Access-Control-Allow-Headers", "*, Authorization")
|
||||
}
|
||||
}
|
||||
b.m.ServeHTTP(w, r)
|
||||
|
||||
@@ -39,6 +39,9 @@ func (m *MongoTable[T]) Find(ctx context.Context, values map[string]any) ([]T, e
|
||||
}
|
||||
var out []T
|
||||
err = res.All(ctx, &out)
|
||||
if len(out) == 0 {
|
||||
return nil, backend.ErrNotFound
|
||||
}
|
||||
return out, err
|
||||
}
|
||||
|
||||
|
||||
@@ -52,7 +52,7 @@ func (b *Backend) ParseHeader(r *http.Request) (*ParsedHeader, error) {
|
||||
}
|
||||
out.Key = apiKey
|
||||
} else {
|
||||
fmt.Println(r.Header.Get("origin"))
|
||||
fmt.Println("origin:", r.Header.Get("origin"))
|
||||
keys, err := b.keyTable.Find(r.Context(), map[string]any{"allowedOrigins": r.Header.Get("origin")})
|
||||
if err == ErrNotFound {
|
||||
return nil, ErrApiKeyUnauthorized
|
||||
|
||||
@@ -1,12 +1,14 @@
|
||||
package backend
|
||||
|
||||
import (
|
||||
"context"
|
||||
"crypto/rand"
|
||||
"encoding/base64"
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"log"
|
||||
"net/http"
|
||||
"strconv"
|
||||
"time"
|
||||
|
||||
"github.com/golang-jwt/jwt/v5"
|
||||
@@ -208,9 +210,10 @@ type loginRequest struct {
|
||||
}
|
||||
|
||||
type loginReturn struct {
|
||||
Token string `json:"token"`
|
||||
Error string `json:"error"`
|
||||
Timeout int64 `json:"timeout"`
|
||||
Token string `json:"token"`
|
||||
Error string `json:"error"`
|
||||
ErrorMsg string `json:"errorMsg"`
|
||||
Timeout int64 `json:"timeout"`
|
||||
}
|
||||
|
||||
func (b *Backend) login(w http.ResponseWriter, r *http.Request) {
|
||||
@@ -234,6 +237,7 @@ func (b *Backend) login(w http.ResponseWriter, r *http.Request) {
|
||||
users, err := b.userTable.Find(r.Context(), map[string]any{"username": req.Username})
|
||||
if errors.Is(err, ErrNotFound) || len(users) != 1 {
|
||||
ret.Error = "invalid"
|
||||
ret.ErrorMsg = "Incorrect username or password"
|
||||
w.WriteHeader(http.StatusUnauthorized)
|
||||
json.NewEncoder(w).Encode(ret)
|
||||
return
|
||||
@@ -241,7 +245,8 @@ func (b *Backend) login(w http.ResponseWriter, r *http.Request) {
|
||||
u := users[0]
|
||||
if time.Unix(u.Timeout, 0).After(time.Now()) {
|
||||
ret.Error = "timeout"
|
||||
ret.Timeout = time.Now().Unix() - u.Timeout
|
||||
ret.Timeout = u.Timeout - time.Now().Unix()
|
||||
ret.ErrorMsg = "Timed out for " + strconv.Itoa(int(ret.Timeout)) + " seconds"
|
||||
w.WriteHeader(http.StatusUnauthorized)
|
||||
json.NewEncoder(w).Encode(ret)
|
||||
return
|
||||
@@ -260,8 +265,15 @@ func (b *Backend) login(w http.ResponseWriter, r *http.Request) {
|
||||
return
|
||||
}
|
||||
json.NewEncoder(w).Encode(ret)
|
||||
if u.Fails != 0 {
|
||||
err = b.userTable.PartUpdate(context.Background(), u.ID, map[string]any{"fails": 0})
|
||||
if err != nil {
|
||||
log.Println("error resetting fails after successful login:", err)
|
||||
}
|
||||
}
|
||||
} else {
|
||||
ret.Error = "invalid"
|
||||
ret.ErrorMsg = "Incorrect username or password"
|
||||
upd := map[string]any{"fails": u.Fails + 1}
|
||||
if (u.Fails+1)%3 == 0 {
|
||||
minutes := 3 ^ ((u.Fails / 3) - 1)
|
||||
|
||||
Reference in New Issue
Block a user