forked from indymedia/epicyon
Clear login credentials if supported by the browser
parent
6f1d5d0cbd
commit
feda4d1eec
19
daemon.py
19
daemon.py
|
@ -242,6 +242,16 @@ class PubServer(BaseHTTPRequestHandler):
|
||||||
self.send_header('X-Robots-Tag','noindex')
|
self.send_header('X-Robots-Tag','noindex')
|
||||||
self.end_headers()
|
self.end_headers()
|
||||||
|
|
||||||
|
def _logout_headers(self,fileFormat: str,length: int) -> None:
|
||||||
|
self.send_response(200)
|
||||||
|
self.send_header('Content-type', fileFormat)
|
||||||
|
self.send_header('Content-Length', str(length))
|
||||||
|
self.send_header('Set-Cookie', 'epicyon=; SameSite=Strict')
|
||||||
|
self.send_header('Host', self.server.domainFull)
|
||||||
|
self.send_header('WWW-Authenticate', 'title="Login to Epicyon", Basic realm="epicyon"')
|
||||||
|
self.send_header('X-Robots-Tag','noindex')
|
||||||
|
self.end_headers()
|
||||||
|
|
||||||
def _set_headers(self,fileFormat: str,length: int,cookie: str) -> None:
|
def _set_headers(self,fileFormat: str,length: int,cookie: str) -> None:
|
||||||
self.send_response(200)
|
self.send_response(200)
|
||||||
self.send_header('Content-type', fileFormat)
|
self.send_header('Content-type', fileFormat)
|
||||||
|
@ -634,12 +644,9 @@ class PubServer(BaseHTTPRequestHandler):
|
||||||
|
|
||||||
def do_GET(self):
|
def do_GET(self):
|
||||||
if self.path=='/logout':
|
if self.path=='/logout':
|
||||||
self.send_response(303)
|
msg=htmlLogin(self.server.translate,self.server.baseDir,False).encode('utf-8')
|
||||||
self.send_header('Content-Length', '0')
|
self._logout_headers('text/html',len(msg))
|
||||||
self.send_header('Set-Cookie', 'epicyon=; SameSite=Strict')
|
self._write(msg)
|
||||||
self.send_header('Location', '/')
|
|
||||||
self.send_header('X-Robots-Tag','noindex')
|
|
||||||
self.end_headers()
|
|
||||||
return
|
return
|
||||||
|
|
||||||
# redirect music to #nowplaying list
|
# redirect music to #nowplaying list
|
||||||
|
|
|
@ -669,7 +669,7 @@ def htmlGetLoginCredentials(loginParams: str,lastLoginTime: int) -> (str,str,boo
|
||||||
register=True
|
register=True
|
||||||
return nickname,password,register
|
return nickname,password,register
|
||||||
|
|
||||||
def htmlLogin(translate: {},baseDir: str) -> str:
|
def htmlLogin(translate: {},baseDir: str,autocomplete=True) -> str:
|
||||||
"""Shows the login screen
|
"""Shows the login screen
|
||||||
"""
|
"""
|
||||||
accounts=noOfAccounts(baseDir)
|
accounts=noOfAccounts(baseDir)
|
||||||
|
@ -710,7 +710,11 @@ def htmlLogin(translate: {},baseDir: str) -> str:
|
||||||
loginButtonStr=''
|
loginButtonStr=''
|
||||||
if accounts>0:
|
if accounts>0:
|
||||||
loginButtonStr='<button type="submit" name="submit">'+translate['Login']+'</button>'
|
loginButtonStr='<button type="submit" name="submit">'+translate['Login']+'</button>'
|
||||||
|
|
||||||
|
autocompleteStr=''
|
||||||
|
if not autocomplete:
|
||||||
|
autocompleteStr='autocomplete="off"'
|
||||||
|
|
||||||
loginForm=htmlHeader(cssFilename,loginCSS)
|
loginForm=htmlHeader(cssFilename,loginCSS)
|
||||||
loginForm+= \
|
loginForm+= \
|
||||||
'<form method="POST" action="/login">' \
|
'<form method="POST" action="/login">' \
|
||||||
|
@ -721,10 +725,10 @@ def htmlLogin(translate: {},baseDir: str) -> str:
|
||||||
'' \
|
'' \
|
||||||
' <div class="container">' \
|
' <div class="container">' \
|
||||||
' <label for="nickname"><b>'+translate['Nickname']+'</b></label>' \
|
' <label for="nickname"><b>'+translate['Nickname']+'</b></label>' \
|
||||||
' <input type="text" placeholder="'+translate['Enter Nickname']+'" name="username" required autofocus>' \
|
' <input type="text" '+autocompleteStr+' placeholder="'+translate['Enter Nickname']+'" name="username" required autofocus>' \
|
||||||
'' \
|
'' \
|
||||||
' <label for="password"><b>'+translate['Password']+'</b></label>' \
|
' <label for="password"><b>'+translate['Password']+'</b></label>' \
|
||||||
' <input type="password" placeholder="'+translate['Enter Password']+'" name="password" required>'+ \
|
' <input type="password" '+autocompleteStr+' placeholder="'+translate['Enter Password']+'" name="password" required>'+ \
|
||||||
registerButtonStr+loginButtonStr+ \
|
registerButtonStr+loginButtonStr+ \
|
||||||
' </div>' \
|
' </div>' \
|
||||||
'</form>'
|
'</form>'
|
||||||
|
|
Loading…
Reference in New Issue