From 55df303d2bb1e10439744327be8d8907a834d838 Mon Sep 17 00:00:00 2001 From: Roberto Hidalgo Date: Sun, 16 Apr 2023 16:00:21 -0600 Subject: [PATCH] redirect on /admin, push tweaks --- .gitignore | 2 ++ internal/auth/middleware.go | 11 ++++++++++ internal/server/server.go | 2 +- internal/server/static/admin.js | 37 ++++++++++++++++++++++++--------- internal/server/static/login.js | 12 ++++++++++- 5 files changed, 52 insertions(+), 12 deletions(-) diff --git a/.gitignore b/.gitignore index 7c1d831..7960446 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,5 @@ puerta.db local.db config.joao.yaml test.db +puerta.db-shm +puerta.db-wal diff --git a/internal/auth/middleware.go b/internal/auth/middleware.go index 52a07d9..6e21f8b 100644 --- a/internal/auth/middleware.go +++ b/internal/auth/middleware.go @@ -82,6 +82,17 @@ func RequireAuthOrRedirect(handler httprouter.Handle, target string) httprouter. }) } +func RequireAdminOrRedirect(handler httprouter.Handle, target string) httprouter.Handle { + return withUser(func(w http.ResponseWriter, req *http.Request, ps httprouter.Params) { + if req.Context().Value(constants.ContextUser) == nil { + http.Redirect(w, req, target, http.StatusTemporaryRedirect) + return + } + + handler(w, req, ps) + }) +} + func RegisterSecondFactor() httprouter.Handle { return RequireAuth(func(w http.ResponseWriter, req *http.Request, ps httprouter.Params) { u := user.FromContext(req) diff --git a/internal/server/server.go b/internal/server/server.go index 18b06f0..f4a71d7 100644 --- a/internal/server/server.go +++ b/internal/server/server.go @@ -256,7 +256,7 @@ func Initialize(config *Config) (http.Handler, error) { w.WriteHeader(200) w.Write(buf) }) - router.GET("/admin", auth.RequireAdmin(renderTemplate(bytes.ReplaceAll(adminTemplate, []byte("$PUSH_KEY$"), []byte(config.WebPush.Key.Public))))) + router.GET("/admin", auth.RequireAdminOrRedirect(renderTemplate(bytes.ReplaceAll(adminTemplate, []byte("$PUSH_KEY$"), []byte(config.WebPush.Key.Public))), "/login?next=/admin")) // regular api router.POST("/api/login", auth.LoginHandler) diff --git a/internal/server/static/admin.js b/internal/server/static/admin.js index 6706319..770118c 100644 --- a/internal/server/static/admin.js +++ b/internal/server/static/admin.js @@ -296,20 +296,37 @@ window.addEventListener("load", async function() { scope: "/" }) - const sub = await reg.pushManager.getSubscription() - console.log(`registered SW, push sub: ${sub}`, reg) + try { + sub = await reg.pushManager.getSubscription() + if (sub) { + pnb.classList.add("subscribed") + pnb.innerHTML = "🔕" + } else { + pnb.classList.remove("subscribed") + pnb.innerHTML = "🔔" + } + } catch(err) { + console.error("Could not get pushmanager subscription", err) + } const pnb = document.querySelector("#push-notifications") - if (sub) { - pnb.classList.add("subscribed") - pnb.innerHTML = "🔕" - } else { - pnb.classList.remove("subscribed") - pnb.innerHTML = "🔔" - } - pnb.addEventListener('click', async evt =>{ + let sub + try { + sub = await reg.pushManager.getSubscription() + } catch(err) { + console.error("Could not get pushmanager subscription", err) + } + + if (sub) { + pnb.classList.add("subscribed") + pnb.innerHTML = "🔕" + } else { + pnb.classList.remove("subscribed") + pnb.innerHTML = "🔔" + } + if (!pnb.classList.contains("subscribed")) { if (await createPushSubscription()) { pnb.classList.add("subscribed") diff --git a/internal/server/static/login.js b/internal/server/static/login.js index a759a05..5490c67 100644 --- a/internal/server/static/login.js +++ b/internal/server/static/login.js @@ -34,7 +34,17 @@ function submit(evt){ clearStatus() Login().then(() => { - window.location = "/"; + let next = "/" + try { + const follow = window.location.search.replace("?next=", "") + if (follow != "") { + next = follow + } + } catch (err) { + console.error(`Could not find next path to follow: ${err}`) + } + + window.location = next; }).catch((err) => { form.classList.add("failed") document.querySelector('.error').innerText = err