epicyon/webapp_login.py

__filename__ = "webapp_login.py"
__author__ = "Bob Mottram"
__license__ = "AGPL3+"
__version__ = "1.3.0"
__maintainer__ = "Bob Mottram"
__email__ = "bob@libreserver.org"
__status__ = "Production"
__module_group__ = "Web Interface"

import os
import time
from shutil import copyfile
from utils import get_config_param
from utils import no_of_accounts
from utils import get_nickname_validation_pattern
from webapp_utils import set_custom_background
from webapp_utils import html_header_with_website_markup
from webapp_utils import html_footer
from webapp_utils import html_keyboard_navigation
from theme import get_text_mode_logo


def html_get_login_credentials(loginParams: str,
                               last_login_time: int,
                               domain: str) -> (str, str, bool):
    """Receives login credentials via HTTPServer POST
    """
    if not loginParams.startswith('username='):
        return None, None, None
    # minimum time between login attempts
    curr_time = int(time.time())
    if curr_time < last_login_time+10:
        return None, None, None
    if '&' not in loginParams:
        return None, None, None
    login_args = loginParams.split('&')
    nickname = None
    password = None
    register = False
    for arg in login_args:
        if '=' not in arg:
            continue
        if arg.split('=', 1)[0] == 'username':
            nickname = arg.split('=', 1)[1]
            if nickname.startswith('@'):
                nickname = nickname[1:]
            if '@' in nickname:
                # the full nickname@domain has been entered
                nickname = nickname.split('@')[0]
        elif arg.split('=', 1)[0] == 'password':
            password = arg.split('=', 1)[1]
        elif arg.split('=', 1)[0] == 'register':
            register = True
    return nickname, password, register


def html_login(css_cache: {}, translate: {},
               base_dir: str,
               http_prefix: str, domain: str,
               system_language: str,
               autocomplete: bool) -> str:
    """Shows the login screen
    """
    accounts = no_of_accounts(base_dir)

    login_image = 'login.png'
    login_image_filename = None
    if os.path.isfile(base_dir + '/accounts/' + login_image):
        login_image_filename = base_dir + '/accounts/' + login_image
    elif os.path.isfile(base_dir + '/accounts/login.jpg'):
        login_image = 'login.jpg'
        login_image_filename = base_dir + '/accounts/' + login_image
    elif os.path.isfile(base_dir + '/accounts/login.jpeg'):
        login_image = 'login.jpeg'
        login_image_filename = base_dir + '/accounts/' + login_image
    elif os.path.isfile(base_dir + '/accounts/login.gif'):
        login_image = 'login.gif'
        login_image_filename = base_dir + '/accounts/' + login_image
    elif os.path.isfile(base_dir + '/accounts/login.svg'):
        login_image = 'login.svg'
        login_image_filename = base_dir + '/accounts/' + login_image
    elif os.path.isfile(base_dir + '/accounts/login.webp'):
        login_image = 'login.webp'
        login_image_filename = base_dir + '/accounts/' + login_image
    elif os.path.isfile(base_dir + '/accounts/login.avif'):
        login_image = 'login.avif'
        login_image_filename = base_dir + '/accounts/' + login_image
    elif os.path.isfile(base_dir + '/accounts/login.jxl'):
        login_image = 'login.jxl'
        login_image_filename = base_dir + '/accounts/' + login_image

    if not login_image_filename:
        login_image_filename = base_dir + '/accounts/' + login_image
        copyfile(base_dir + '/img/login.png', login_image_filename)

    text_mode_logo = get_text_mode_logo(base_dir)
    text_mode_logo_html = html_keyboard_navigation(text_mode_logo, {}, {})

    set_custom_background(base_dir, 'login-background-custom',
                          'login-background')

    if accounts > 0:
        login_text = \
            '<p class="login-text">' + \
            translate['Welcome. Please enter your login details below.'] + \
            '</p>'
    else:
        login_text = \
            '<p class="login-text">' + \
            translate['Please enter some credentials'] + '</p>' + \
            '<p class="login-text">' + \
            translate['You will become the admin of this site.'] + \
            '</p>'
    if os.path.isfile(base_dir + '/accounts/login.txt'):
        # custom login message
        with open(base_dir + '/accounts/login.txt', 'r') as file:
            login_text = '<p class="login-text">' + file.read() + '</p>'

    css_filename = base_dir + '/epicyon-login.css'
    if os.path.isfile(base_dir + '/login.css'):
        css_filename = base_dir + '/login.css'

    # show the register button
    register_button_str = ''
    if get_config_param(base_dir, 'registration') == 'open':
        if int(get_config_param(base_dir, 'registrationsRemaining')) > 0:
            if accounts > 0:
                idx = 'Welcome. Please login or register a new account.'
                login_text = \
                    '<p class="login-text">' + \
                    translate[idx] + \
                    '</p>'
            register_button_str = \
                '<button type="submit" name="register">Register</button>'

    tos_str = \
        '<p class="login-text"><a href="/about">' + \
        translate['About this Instance'] + '</a></p>' + \
        '<p class="login-text"><a href="/terms">' + \
        translate['Terms of Service'] + '</a></p>'

    login_button_str = ''
    if accounts > 0:
        login_button_str = \
            '<button type="submit" name="submit">' + \
            translate['Login'] + '</button>'

    autocomplete_nickname_str = 'autocomplete="username"'
    autocomplete_password_str = 'autocomplete="current-password"'
    if not autocomplete:
        autocomplete_nickname_str = 'autocomplete="username" value=""'
        autocomplete_password_str = 'autocomplete="off" value=""'

    instance_title = \
        get_config_param(base_dir, 'instanceTitle')
    login_form = \
        html_header_with_website_markup(css_filename, instance_title,
                                        http_prefix, domain,
                                        system_language)

    nickname_pattern = get_nickname_validation_pattern()
    instance_title = get_config_param(base_dir, 'instanceTitle')
    login_form += \
        '<br>\n' + \
        '<form method="POST" action="/login">\n' + \
        '  <div class="imgcontainer">\n' + \
        text_mode_logo_html + '\n' + \
        '    <img loading="lazy" src="' + login_image + \
        '" alt="' + instance_title + '" class="loginimage">\n' + \
        login_text + tos_str + '\n' + \
        '  </div>\n' + \
        '\n' + \
        '  <div class="container">\n' + \
        '    <label for="nickname"><b>' + \
        translate['Nickname'] + '</b></label>\n' + \
        '    <input type="text" ' + autocomplete_nickname_str + \
        ' placeholder="' + translate['Enter Nickname'] + '" ' + \
        'pattern="' + nickname_pattern + '" name="username" ' + \
        'required autofocus>\n' + \
        '\n' + \
        '    <label for="password"><b>' + \
        translate['Password'] + '</b></label>\n' + \
        '    <input type="password" ' + autocomplete_password_str + \
        ' placeholder="' + translate['Enter Password'] + '" ' + \
        'pattern="{8,256}" name="password" required>\n' + \
        login_button_str + register_button_str + '\n' + \
        '  </div>\n' + \
        '</form>\n' + \
        '<a href="https://gitlab.com/bashrc2/epicyon">' + \
        '<img loading="lazy" class="license" title="' + \
        translate['Get the source code'] + '" alt="' + \
        translate['Get the source code'] + '" src="/icons/agpl.png" /></a>\n'
    login_form += html_footer()
    return login_form
Separate module for login screen 2020-11-10 09:45:18 +00:00			`__filename__ = "webapp_login.py"`
			`__author__ = "Bob Mottram"`
			`__license__ = "AGPL3+"`
Version 1.3.0 2022-02-03 13:58:20 +00:00			`__version__ = "1.3.0"`
Separate module for login screen 2020-11-10 09:45:18 +00:00			`__maintainer__ = "Bob Mottram"`
Change domain to libreserver.org 2021-09-10 16:14:50 +00:00			`__email__ = "bob@libreserver.org"`
Separate module for login screen 2020-11-10 09:45:18 +00:00			`__status__ = "Production"`
Module groups 2021-06-15 15:08:12 +00:00			`__module_group__ = "Web Interface"`
Separate module for login screen 2020-11-10 09:45:18 +00:00
			`import os`
			`import time`
			`from shutil import copyfile`
Snake case 2021-12-26 14:08:58 +00:00			`from utils import get_config_param`
Snake case 2021-12-28 14:41:10 +00:00			`from utils import no_of_accounts`
Snake case 2021-12-28 14:55:45 +00:00			`from utils import get_nickname_validation_pattern`
Moving to snake case 2021-12-29 21:55:09 +00:00			`from webapp_utils import set_custom_background`
			`from webapp_utils import html_header_with_website_markup`
			`from webapp_utils import html_footer`
			`from webapp_utils import html_keyboard_navigation`
			`from theme import get_text_mode_logo`
Separate module for login screen 2020-11-10 09:45:18 +00:00

Moving to snake case 2021-12-29 21:55:09 +00:00			`def html_get_login_credentials(loginParams: str,`
			`last_login_time: int,`
			`domain: str) -> (str, str, bool):`
Separate module for login screen 2020-11-10 09:45:18 +00:00			`"""Receives login credentials via HTTPServer POST`
			`"""`
			`if not loginParams.startswith('username='):`
			`return None, None, None`
			`# minimum time between login attempts`
Snake case 2021-12-26 13:17:46 +00:00			`curr_time = int(time.time())`
			`if curr_time < last_login_time+10:`
Separate module for login screen 2020-11-10 09:45:18 +00:00			`return None, None, None`
			`if '&' not in loginParams:`
			`return None, None, None`
Snake case 2022-01-03 23:30:31 +00:00			`login_args = loginParams.split('&')`
Separate module for login screen 2020-11-10 09:45:18 +00:00			`nickname = None`
			`password = None`
			`register = False`
Snake case 2022-01-03 23:30:31 +00:00			`for arg in login_args:`
Function for checking url prefixes 2021-07-06 09:44:45 +00:00			`if '=' not in arg:`
			`continue`
			`if arg.split('=', 1)[0] == 'username':`
			`nickname = arg.split('=', 1)[1]`
			`if nickname.startswith('@'):`
			`nickname = nickname[1:]`
			`if '@' in nickname:`
			`# the full nickname@domain has been entered`
			`nickname = nickname.split('@')[0]`
			`elif arg.split('=', 1)[0] == 'password':`
			`password = arg.split('=', 1)[1]`
			`elif arg.split('=', 1)[0] == 'register':`
			`register = True`
Separate module for login screen 2020-11-10 09:45:18 +00:00			`return nickname, password, register`


Moving to snake case 2021-12-29 21:55:09 +00:00			`def html_login(css_cache: {}, translate: {},`
			`base_dir: str,`
			`http_prefix: str, domain: str,`
			`system_language: str,`
			`autocomplete: bool) -> str:`
Separate module for login screen 2020-11-10 09:45:18 +00:00			`"""Shows the login screen`
			`"""`
Snake case 2021-12-28 14:41:10 +00:00			`accounts = no_of_accounts(base_dir)`
Separate module for login screen 2020-11-10 09:45:18 +00:00
Snake case 2022-01-03 23:30:31 +00:00			`login_image = 'login.png'`
			`login_image_filename = None`
			`if os.path.isfile(base_dir + '/accounts/' + login_image):`
			`login_image_filename = base_dir + '/accounts/' + login_image`
Snake case 2021-12-25 16:17:53 +00:00			`elif os.path.isfile(base_dir + '/accounts/login.jpg'):`
Snake case 2022-01-03 23:30:31 +00:00			`login_image = 'login.jpg'`
			`login_image_filename = base_dir + '/accounts/' + login_image`
Snake case 2021-12-25 16:17:53 +00:00			`elif os.path.isfile(base_dir + '/accounts/login.jpeg'):`
Snake case 2022-01-03 23:30:31 +00:00			`login_image = 'login.jpeg'`
			`login_image_filename = base_dir + '/accounts/' + login_image`
Snake case 2021-12-25 16:17:53 +00:00			`elif os.path.isfile(base_dir + '/accounts/login.gif'):`
Snake case 2022-01-03 23:30:31 +00:00			`login_image = 'login.gif'`
			`login_image_filename = base_dir + '/accounts/' + login_image`
Snake case 2021-12-25 16:17:53 +00:00			`elif os.path.isfile(base_dir + '/accounts/login.svg'):`
Snake case 2022-01-03 23:30:31 +00:00			`login_image = 'login.svg'`
			`login_image_filename = base_dir + '/accounts/' + login_image`
Snake case 2021-12-25 16:17:53 +00:00			`elif os.path.isfile(base_dir + '/accounts/login.webp'):`
Snake case 2022-01-03 23:30:31 +00:00			`login_image = 'login.webp'`
			`login_image_filename = base_dir + '/accounts/' + login_image`
Snake case 2021-12-25 16:17:53 +00:00			`elif os.path.isfile(base_dir + '/accounts/login.avif'):`
Snake case 2022-01-03 23:30:31 +00:00			`login_image = 'login.avif'`
			`login_image_filename = base_dir + '/accounts/' + login_image`
Support jpeg-xl format 2022-02-06 11:04:49 +00:00			`elif os.path.isfile(base_dir + '/accounts/login.jxl'):`
			`login_image = 'login.jxl'`
			`login_image_filename = base_dir + '/accounts/' + login_image`
Separate module for login screen 2020-11-10 09:45:18 +00:00
Snake case 2022-01-03 23:30:31 +00:00			`if not login_image_filename:`
			`login_image_filename = base_dir + '/accounts/' + login_image`
			`copyfile(base_dir + '/img/login.png', login_image_filename)`
Separate module for login screen 2020-11-10 09:45:18 +00:00
Snake case 2022-01-03 23:30:31 +00:00			`text_mode_logo = get_text_mode_logo(base_dir)`
			`text_mode_logo_html = html_keyboard_navigation(text_mode_logo, {}, {})`
Text mode logo on login screen 2021-02-06 14:30:18 +00:00
Moving to snake case 2021-12-29 21:55:09 +00:00			`set_custom_background(base_dir, 'login-background-custom',`
			`'login-background')`
Separate module for login screen 2020-11-10 09:45:18 +00:00
			`if accounts > 0:`
Snake case 2022-01-03 23:30:31 +00:00			`login_text = \`
Separate module for login screen 2020-11-10 09:45:18 +00:00			`'<p class="login-text">' + \`
			`translate['Welcome. Please enter your login details below.'] + \`
			`'</p>'`
			`else:`
Snake case 2022-01-03 23:30:31 +00:00			`login_text = \`
Separate module for login screen 2020-11-10 09:45:18 +00:00			`'<p class="login-text">' + \`
Function for checking url prefixes 2021-07-06 09:44:45 +00:00			`translate['Please enter some credentials'] + '</p>' + \`
Separate module for login screen 2020-11-10 09:45:18 +00:00			`'<p class="login-text">' + \`
			`translate['You will become the admin of this site.'] + \`
			`'</p>'`
Snake case 2021-12-25 16:17:53 +00:00			`if os.path.isfile(base_dir + '/accounts/login.txt'):`
Separate module for login screen 2020-11-10 09:45:18 +00:00			`# custom login message`
Snake case 2021-12-25 16:17:53 +00:00			`with open(base_dir + '/accounts/login.txt', 'r') as file:`
Snake case 2022-01-03 23:30:31 +00:00			`login_text = '<p class="login-text">' + file.read() + '</p>'`
Separate module for login screen 2020-11-10 09:45:18 +00:00
Snake case 2021-12-31 21:18:12 +00:00			`css_filename = base_dir + '/epicyon-login.css'`
Snake case 2021-12-25 16:17:53 +00:00			`if os.path.isfile(base_dir + '/login.css'):`
Snake case 2021-12-31 21:18:12 +00:00			`css_filename = base_dir + '/login.css'`
Separate module for login screen 2020-11-10 09:45:18 +00:00
			`# show the register button`
Snake case 2022-01-03 23:30:31 +00:00			`register_button_str = ''`
Snake case 2021-12-26 14:08:58 +00:00			`if get_config_param(base_dir, 'registration') == 'open':`
			`if int(get_config_param(base_dir, 'registrationsRemaining')) > 0:`
Separate module for login screen 2020-11-10 09:45:18 +00:00			`if accounts > 0:`
			`idx = 'Welcome. Please login or register a new account.'`
Snake case 2022-01-03 23:30:31 +00:00			`login_text = \`
Separate module for login screen 2020-11-10 09:45:18 +00:00			`'<p class="login-text">' + \`
			`translate[idx] + \`
			`'</p>'`
Snake case 2022-01-03 23:30:31 +00:00			`register_button_str = \`
Separate module for login screen 2020-11-10 09:45:18 +00:00			`'<button type="submit" name="register">Register</button>'`

Snake case 2022-01-03 23:30:31 +00:00			`tos_str = \`
Separate module for login screen 2020-11-10 09:45:18 +00:00			`'<p class="login-text"><a href="/about">' + \`
Function for checking url prefixes 2021-07-06 09:44:45 +00:00			`translate['About this Instance'] + '</a></p>' + \`
Add about and ToS to links 2020-11-10 11:38:27 +00:00			`'<p class="login-text"><a href="/terms">' + \`
			`translate['Terms of Service'] + '</a></p>'`
Separate module for login screen 2020-11-10 09:45:18 +00:00
Snake case 2022-01-03 23:30:31 +00:00			`login_button_str = ''`
Separate module for login screen 2020-11-10 09:45:18 +00:00			`if accounts > 0:`
Snake case 2022-01-03 23:30:31 +00:00			`login_button_str = \`
Separate module for login screen 2020-11-10 09:45:18 +00:00			`'<button type="submit" name="submit">' + \`
			`translate['Login'] + '</button>'`

Snake case 2022-01-03 23:30:31 +00:00			`autocomplete_nickname_str = 'autocomplete="username"'`
			`autocomplete_password_str = 'autocomplete="current-password"'`
Separate module for login screen 2020-11-10 09:45:18 +00:00			`if not autocomplete:`
Snake case 2022-01-03 23:30:31 +00:00			`autocomplete_nickname_str = 'autocomplete="username" value=""'`
			`autocomplete_password_str = 'autocomplete="off" value=""'`
Separate module for login screen 2020-11-10 09:45:18 +00:00
Snake case 2022-01-03 23:30:31 +00:00			`instance_title = \`
Snake case 2021-12-26 14:08:58 +00:00			`get_config_param(base_dir, 'instanceTitle')`
Snake case 2022-01-03 23:30:31 +00:00			`login_form = \`
			`html_header_with_website_markup(css_filename, instance_title,`
Moving to snake case 2021-12-29 21:55:09 +00:00			`http_prefix, domain,`
			`system_language)`
Setting custom background for login screen 2021-10-30 11:20:08 +00:00
Snake case 2022-01-03 23:30:31 +00:00			`nickname_pattern = get_nickname_validation_pattern()`
			`instance_title = get_config_param(base_dir, 'instanceTitle')`
			`login_form += \`
Function for checking url prefixes 2021-07-06 09:44:45 +00:00			`'<br>\n' + \`
			`'<form method="POST" action="/login">\n' + \`
			`' <div class="imgcontainer">\n' + \`
Snake case 2022-01-03 23:30:31 +00:00			`text_mode_logo_html + '\n' + \`
			`' <img loading="lazy" src="' + login_image + \`
			`'" alt="' + instance_title + '" class="loginimage">\n' + \`
			`login_text + tos_str + '\n' + \`
Function for checking url prefixes 2021-07-06 09:44:45 +00:00			`' </div>\n' + \`
			`'\n' + \`
			`' <div class="container">\n' + \`
			`' <label for="nickname"><b>' + \`
			`translate['Nickname'] + '</b></label>\n' + \`
Snake case 2022-01-03 23:30:31 +00:00			`' <input type="text" ' + autocomplete_nickname_str + \`
Improve login autocompletion for password managers 2021-09-24 12:33:51 +00:00			`' placeholder="' + translate['Enter Nickname'] + '" ' + \`
Snake case 2022-01-03 23:30:31 +00:00			`'pattern="' + nickname_pattern + '" name="username" ' + \`
Matching pattern 2021-07-29 13:21:04 +00:00			`'required autofocus>\n' + \`
Function for checking url prefixes 2021-07-06 09:44:45 +00:00			`'\n' + \`
			`' <label for="password"><b>' + \`
			`translate['Password'] + '</b></label>\n' + \`
Snake case 2022-01-03 23:30:31 +00:00			`' <input type="password" ' + autocomplete_password_str + \`
Simpler password validation 2021-07-29 14:15:44 +00:00			`' placeholder="' + translate['Enter Password'] + '" ' + \`
Same maximum username length as mastodon 2021-07-29 14:22:55 +00:00			`'pattern="{8,256}" name="password" required>\n' + \`
Snake case 2022-01-03 23:30:31 +00:00			`login_button_str + register_button_str + '\n' + \`
Function for checking url prefixes 2021-07-06 09:44:45 +00:00			`' </div>\n' + \`
			`'</form>\n' + \`
Separate module for login screen 2020-11-10 09:45:18 +00:00			`'<a href="https://gitlab.com/bashrc2/epicyon">' + \`
			`'<img loading="lazy" class="license" title="' + \`
			`translate['Get the source code'] + '" alt="' + \`
			`translate['Get the source code'] + '" src="/icons/agpl.png" /></a>\n'`
Snake case 2022-01-03 23:30:31 +00:00			`login_form += html_footer()`
			`return login_form`