forked from indymedia/epicyon
Clear login credentials if supported by the browser
parent
6f1d5d0cbd
commit
feda4d1eec
19
daemon.py
19
daemon.py
|
@ -242,6 +242,16 @@ class PubServer(BaseHTTPRequestHandler):
|
|||
self.send_header('X-Robots-Tag','noindex')
|
||||
self.end_headers()
|
||||
|
||||
def _logout_headers(self,fileFormat: str,length: int) -> None:
|
||||
self.send_response(200)
|
||||
self.send_header('Content-type', fileFormat)
|
||||
self.send_header('Content-Length', str(length))
|
||||
self.send_header('Set-Cookie', 'epicyon=; SameSite=Strict')
|
||||
self.send_header('Host', self.server.domainFull)
|
||||
self.send_header('WWW-Authenticate', 'title="Login to Epicyon", Basic realm="epicyon"')
|
||||
self.send_header('X-Robots-Tag','noindex')
|
||||
self.end_headers()
|
||||
|
||||
def _set_headers(self,fileFormat: str,length: int,cookie: str) -> None:
|
||||
self.send_response(200)
|
||||
self.send_header('Content-type', fileFormat)
|
||||
|
@ -634,12 +644,9 @@ class PubServer(BaseHTTPRequestHandler):
|
|||
|
||||
def do_GET(self):
|
||||
if self.path=='/logout':
|
||||
self.send_response(303)
|
||||
self.send_header('Content-Length', '0')
|
||||
self.send_header('Set-Cookie', 'epicyon=; SameSite=Strict')
|
||||
self.send_header('Location', '/')
|
||||
self.send_header('X-Robots-Tag','noindex')
|
||||
self.end_headers()
|
||||
msg=htmlLogin(self.server.translate,self.server.baseDir,False).encode('utf-8')
|
||||
self._logout_headers('text/html',len(msg))
|
||||
self._write(msg)
|
||||
return
|
||||
|
||||
# redirect music to #nowplaying list
|
||||
|
|
|
@ -669,7 +669,7 @@ def htmlGetLoginCredentials(loginParams: str,lastLoginTime: int) -> (str,str,boo
|
|||
register=True
|
||||
return nickname,password,register
|
||||
|
||||
def htmlLogin(translate: {},baseDir: str) -> str:
|
||||
def htmlLogin(translate: {},baseDir: str,autocomplete=True) -> str:
|
||||
"""Shows the login screen
|
||||
"""
|
||||
accounts=noOfAccounts(baseDir)
|
||||
|
@ -710,7 +710,11 @@ def htmlLogin(translate: {},baseDir: str) -> str:
|
|||
loginButtonStr=''
|
||||
if accounts>0:
|
||||
loginButtonStr='<button type="submit" name="submit">'+translate['Login']+'</button>'
|
||||
|
||||
|
||||
autocompleteStr=''
|
||||
if not autocomplete:
|
||||
autocompleteStr='autocomplete="off"'
|
||||
|
||||
loginForm=htmlHeader(cssFilename,loginCSS)
|
||||
loginForm+= \
|
||||
'<form method="POST" action="/login">' \
|
||||
|
@ -721,10 +725,10 @@ def htmlLogin(translate: {},baseDir: str) -> str:
|
|||
'' \
|
||||
' <div class="container">' \
|
||||
' <label for="nickname"><b>'+translate['Nickname']+'</b></label>' \
|
||||
' <input type="text" placeholder="'+translate['Enter Nickname']+'" name="username" required autofocus>' \
|
||||
' <input type="text" '+autocompleteStr+' placeholder="'+translate['Enter Nickname']+'" name="username" required autofocus>' \
|
||||
'' \
|
||||
' <label for="password"><b>'+translate['Password']+'</b></label>' \
|
||||
' <input type="password" placeholder="'+translate['Enter Password']+'" name="password" required>'+ \
|
||||
' <input type="password" '+autocompleteStr+' placeholder="'+translate['Enter Password']+'" name="password" required>'+ \
|
||||
registerButtonStr+loginButtonStr+ \
|
||||
' </div>' \
|
||||
'</form>'
|
||||
|
|
Loading…
Reference in New Issue