code002lover/IPost
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

add an unauthorized page

Browse Source
This commit is contained in:
Mystikfluu 2022-11-30 22:44:31 +01:00
parent 77ae066e46
commit 3a15b47fb1
11 changed files with 80 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
js/login.js
View File

@ -1,15 +1,16 @@
async function login() { async function login() {
let r = (await post("/login",{ let r = (await post("/login",{
user: document.getElementById("user").value, user: document.getElementById("user").value,
pass: document.getElementById("pass").value pass: document.getElementById("pass").value,
r: REDIRECT_URL
})) }))
if(!r.url.endsWith("/user")) { if(!r.url.endsWith("/user") && !r.url.endsWith(REDIRECT_URL)) {
document.getElementById("pass").value = "" document.getElementById("pass").value = ""
console.error("login failed") console.error("login failed")
alert("Login failed, please make sure you have the right password") alert("Login failed, please make sure you have the right password")
return; return;
} }
window.location = "/user" window.location = r.url
} }
let passfield = document.getElementById("pass") let passfield = document.getElementById("pass")

8
js/register.js
View File

@ -13,10 +13,10 @@ async function register() {
} }
let r = (await post("/register",{ let r = (await post("/register",{
user: document.getElementById("user").value, user: document.getElementById("user").value,
pass: document.getElementById("pass").value pass: document.getElementById("pass").value,
r: REDIRECT_URL
})) }))
console.log(r) if(!r.url.endsWith("/user?success=true") && !r.url.endsWith(REDIRECT_URL)) {
if(!r.url.endsWith("/user?success=true")) {
if(r.url.endsWith("already_exists")) { if(r.url.endsWith("already_exists")) {
alert("An account with that name already exists! Did you mean to login?") alert("An account with that name already exists! Did you mean to login?")
return return
@ -27,7 +27,7 @@ async function register() {
alert("Registration failed") alert("Registration failed")
return; return;
} }
window.location = "/user" window.location = r.url
} }
function passkeydown(e) { function passkeydown(e) {

12
routes/user_auth.js
View File

@ -82,7 +82,11 @@ export const setup = function (router, con, server) {
if (err) if (err)
throw err; throw err;
res.cookie('AUTH_COOKIE', cookiesigned, { maxAge: Math.pow(10, 10), httpOnly: true, secure: DID_I_FINALLY_ADD_HTTPS }); res.cookie('AUTH_COOKIE', cookiesigned, { maxAge: Math.pow(10, 10), httpOnly: true, secure: DID_I_FINALLY_ADD_HTTPS });
res.redirect("/user?success=true"); if(req.body.r !== undefined) {
res.redirect(decodeURIComponent(req.body.r))
} else {
res.redirect("/user");
}
}); });
}); });
}); });
@ -153,7 +157,11 @@ export const setup = function (router, con, server) {
throw error; throw error;
}); });
} }
res.redirect("/user?success=true"); if(req.body.r !== undefined) {
res.redirect(decodeURIComponent(req.body.r))
} else {
res.redirect("/user");
}
} }
else { else {
console.log(5,"login failed, username: ", username); console.log(5,"login failed, username: ", username);

1
routes/userfiles.js
View File

@ -115,6 +115,7 @@ export const setup = function (router, con, server) {
if(path != "" && originalUrl != "/favicon.ico" && originalUrl != "/api/documentation/") { if(path != "" && originalUrl != "/favicon.ico" && originalUrl != "/api/documentation/") {
global_page_variables.user = { "username": response.locals.username, "bio": response.locals.bio, "avatar": response.locals.avatar } global_page_variables.user = { "username": response.locals.username, "bio": response.locals.bio, "avatar": response.locals.avatar }
global_page_variables.query = request.query
ejs.renderFile(path,global_page_variables,{async: true},async function(err,str){ ejs.renderFile(path,global_page_variables,{async: true},async function(err,str){
str = await str str = await str
err = await err err = await err

3
views/dms.html
View File

@ -3,6 +3,9 @@
<head> <head>
<meta charset="utf-8"> <meta charset="utf-8">
<title>DMs</title> <title>DMs</title>
<% if(user.username === undefined) { %>
<script> document.location.href = '/no_login?r='+encodeURIComponent(document.location.pathname) </script>
<% } %>
<%- newrelic %> <%- newrelic %>
<style> <style>
<%- globalcss %> <%- globalcss %>

5
views/login.html
View File

@ -8,7 +8,10 @@
<script src="/js/warn_message.js" charset="utf-8"></script> <script src="/js/warn_message.js" charset="utf-8"></script>
<script src="/js/addnavbar.js" charset="utf-8"></script> <script src="/js/addnavbar.js" charset="utf-8"></script>
<link rel="stylesheet" href="/css/global.css"> <link rel="stylesheet" href="/css/global.css">
<script> <%- httppostjs %> </script> <script>
const REDIRECT_URL = "<%-query.r%>"
<%- httppostjs %>
</script>
</head> </head>
<body> <body>

34
views/no_login.html Normal file
View File

@ -0,0 +1,34 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="Chat now by creating an account on IPost">
<title>You have to be logged in to view this!</title>
<link rel="stylesheet" href="/css/global.css">
<style>
body {
background-color: var(--bg-color);
color: var(--text-color);
text-align: center;
margin-top: 10%;
}
div {
font-size: 130%;
}
</style>
</head>
<body>
<h1>Uh oh.. </h1>
<h2>You have to be logged in to view this content</h2>
<div>
<div>
To continue <br>
<a href="/login?r=<%-query.r%>">login</a> or <a href="/register?r=<%-query.r%>">register</a> <br>
</div>
</div>
</body>
</html>

3
views/posts.html
View File

@ -9,6 +9,9 @@
<%- globalcss %> <%- globalcss %>
<%- loadfile("./css/posts.css") %> <%- loadfile("./css/posts.css") %>
</style> </style>
<% if(user.username === undefined) { %>
<script> document.location.href = '/no_login?r='+encodeURIComponent(document.location.pathname) </script>
<% } %>
<script type="text/javascript" async> <script type="text/javascript" async>
<%- httppostjs %> <%- httppostjs %>
<%- htmlescapejs %> <%- htmlescapejs %>

5
views/register.html
View File

@ -8,7 +8,10 @@
<link rel="stylesheet" href="/css/global.css"> <link rel="stylesheet" href="/css/global.css">
<meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Register | IPost</title> <title>Register | IPost</title>
<script> <%- httppostjs %> </script> <script>
const REDIRECT_URL = "<%-query.r%>"
<%- httppostjs %>
</script>
</head> </head>
<body> <body>
<header> <header>

3
views/search.html
View File

@ -28,6 +28,9 @@
padding-bottom: 2px; padding-bottom: 2px;
} }
</style> </style>
<% if(user.username === undefined) { %>
<script> document.location.href = '/no_login?r='+encodeURIComponent(document.location.pathname) </script>
<% } %>
</head> </head>
<body> <body>
<main> <main>

3
views/user.html
View File

@ -5,6 +5,9 @@
<meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>User | IPost</title> <title>User | IPost</title>
<% if(user.username === undefined) { %>
<script> document.location.href = '/no_login?r='+encodeURIComponent(document.location.pathname) </script>
<% } %>
<%- newrelic %> <%- newrelic %>
<style> <style>
<%- globalcss %> <%- globalcss %>