diff --git a/src/Program.cs b/src/Program.cs
index 0f3a840..2b0fdb8 100644
--- a/src/Program.cs
+++ b/src/Program.cs
@@ -30,10 +30,6 @@ public static class Program {
var app = Initialize(args);
app.UseSession();
- app.MapGet("/favicon.ico", () => Results.File(Convert.FromBase64String(
- $"AAABAAEAEBAAAAAAAABoBQAAFgAAACgAAAAQAAAAIAAAAAEACAAAAAAAAAEAAAAAAAAAAAAAAAEAAAAAAAD///8{new string('A', 1788)}="),
- contentType: "image/x-icon"));
-
app.MapGet("/auth/check", async (context) => {
var token = context.Request.Cookies[COOKIE_NAME];
if (!TokenIsValid(token)) {
@@ -75,10 +71,10 @@ public static class Program {
return Task.CompletedTask;
});
- app.MapPost("/auth", async (context) => {
+ app.MapPost("/auth/password", async (context) => {
if (context.Request.Form.TryGetValue("password", out var reqPassword)
&& !string.IsNullOrEmpty(s_password)
- && string.Equals(reqPassword, s_password, StringComparison.Ordinal)) {
+ && string.Equals(reqPassword.FirstOrDefault(), s_password, StringComparison.Ordinal)) {
var cookieOpts = new CookieOptions {
Path = "/",
Secure = true,
@@ -96,7 +92,12 @@ public static class Program {
COOKIE_NAME,
GenerateToken(connection),
cookieOpts);
- await context.Response.WriteAsJsonAsync(new { status = "ok" });
+ if (!context.Request.Form.TryGetValue("target", out var target)
+ || string.IsNullOrEmpty(target.FirstOrDefault())) {
+ target = [];
+ }
+
+ context.Response.Redirect(target.FirstOrDefault() ?? "/");
} else {
context.Response.StatusCode = 401;
await context.Response.WriteAsJsonAsync(new { error = "bad password" });
diff --git a/src/login.html b/src/login.html
index 9d7d511..8c6b113 100644
--- a/src/login.html
+++ b/src/login.html
@@ -2,10 +2,24 @@
RDSM.ca Login
-
-
-
+
+
+
+
+