added target redirect
This commit is contained in:
parent
189ac61cd7
commit
70f7954f61
2 changed files with 28 additions and 13 deletions
|
@ -30,10 +30,6 @@ public static class Program {
|
|||
var app = Initialize(args);
|
||||
app.UseSession();
|
||||
|
||||
app.MapGet("/favicon.ico", () => Results.File(Convert.FromBase64String(
|
||||
$"AAABAAEAEBAAAAAAAABoBQAAFgAAACgAAAAQAAAAIAAAAAEACAAAAAAAAAEAAAAAAAAAAAAAAAEAAAAAAAD///8{new string('A', 1788)}="),
|
||||
contentType: "image/x-icon"));
|
||||
|
||||
app.MapGet("/auth/check", async (context) => {
|
||||
var token = context.Request.Cookies[COOKIE_NAME];
|
||||
if (!TokenIsValid(token)) {
|
||||
|
@ -75,10 +71,10 @@ public static class Program {
|
|||
return Task.CompletedTask;
|
||||
});
|
||||
|
||||
app.MapPost("/auth", async (context) => {
|
||||
app.MapPost("/auth/password", async (context) => {
|
||||
if (context.Request.Form.TryGetValue("password", out var reqPassword)
|
||||
&& !string.IsNullOrEmpty(s_password)
|
||||
&& string.Equals(reqPassword, s_password, StringComparison.Ordinal)) {
|
||||
&& string.Equals(reqPassword.FirstOrDefault(), s_password, StringComparison.Ordinal)) {
|
||||
var cookieOpts = new CookieOptions {
|
||||
Path = "/",
|
||||
Secure = true,
|
||||
|
@ -96,7 +92,12 @@ public static class Program {
|
|||
COOKIE_NAME,
|
||||
GenerateToken(connection),
|
||||
cookieOpts);
|
||||
await context.Response.WriteAsJsonAsync(new { status = "ok" });
|
||||
if (!context.Request.Form.TryGetValue("target", out var target)
|
||||
|| string.IsNullOrEmpty(target.FirstOrDefault())) {
|
||||
target = [];
|
||||
}
|
||||
|
||||
context.Response.Redirect(target.FirstOrDefault() ?? "/");
|
||||
} else {
|
||||
context.Response.StatusCode = 401;
|
||||
await context.Response.WriteAsJsonAsync(new { error = "bad password" });
|
||||
|
|
|
@ -2,10 +2,24 @@
|
|||
<html lang='en'>
|
||||
<head>
|
||||
<title>RDSM.ca Login</title>
|
||||
<body>
|
||||
<form action='/auth' method='post'>
|
||||
<input type='password' name='password' />
|
||||
<input type='submit' value='Login' />
|
||||
</form>
|
||||
</body>
|
||||
<script>
|
||||
function getParameterByName(name) {
|
||||
name = name.replace(/[\[]/, "\\[").replace(/[\]]/, "\\]");
|
||||
var regex = new RegExp("[\\?&]" + name + "=([^&#]*)"),
|
||||
results = regex.exec(location.search);
|
||||
return results === null ? "" : decodeURIComponent(results[1].replace(/\+/g, " "));
|
||||
}
|
||||
|
||||
document.addEventListener("DOMContentLoaded", function() {
|
||||
document.getElementById('target').value = getParameterByName('target');
|
||||
});
|
||||
</script>
|
||||
</head>
|
||||
<body>
|
||||
<form action='/auth/password' method='post'>
|
||||
<input type='password' name='password' />
|
||||
<input type='hidden' name='target' id='target' />
|
||||
<input type='submit' value='Login' />
|
||||
</form>
|
||||
</body>
|
||||
</html>
|
||||
|
|
Loading…
Reference in a new issue