zaklaus
/
microblog
1
0
Fork 0
Code Issues Pull Requests Releases Activity

HTML error for failed admin login

main
Thomas Sileo 2022-08-22 18:50:20 +02:00
parent e047a87620
commit ce15d2b0c3
4 changed files with 23 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
app/admin.py
View File

@ -1072,9 +1072,21 @@ async def login_validation(
password: str = Form(), password: str = Form(),
redirect: str | None = Form(None), redirect: str | None = Form(None),
csrf_check: None = Depends(verify_csrf_token), csrf_check: None = Depends(verify_csrf_token),
) -> RedirectResponse: db_session: AsyncSession = Depends(get_db_session),
) -> RedirectResponse | templates.TemplateResponse:
if not verify_password(password): if not verify_password(password):
raise HTTPException(status_code=401) logger.warning("Invalid password")
return await templates.render_template(
db_session,
request,
"login.html",
{
"error": "Invalid password",
"csrf_token": generate_csrf_token(),
"redirect": request.query_params.get("redirect", ""),
},
status_code=403,
)
resp = RedirectResponse(redirect or "/admin/stream", status_code=302) resp = RedirectResponse(redirect or "/admin/stream", status_code=302)
resp.set_cookie("session", session_serializer.dumps({"is_logged_in": True})) # type: ignore # noqa: E501 resp.set_cookie("session", session_serializer.dumps({"is_logged_in": True})) # type: ignore # noqa: E501

4
app/scss/main.scss
View File

@ -13,6 +13,10 @@ $code-highlight-background: #f0f0f0;
// Load custom theme // Load custom theme
@import "theme.scss"; @import "theme.scss";
.primary-color {
color: $primary-color;
}
.show-more-wrapper { .show-more-wrapper {
.p-summary { .p-summary {
display: inline-block; display: inline-block;

2
app/templates.py
View File

@ -90,6 +90,7 @@ async def render_template(
request: Request, request: Request,
template: str, template: str,
template_args: dict[str, Any] | None = None, template_args: dict[str, Any] | None = None,
status_code: int = 200,
) -> TemplateResponse: ) -> TemplateResponse:
if template_args is None: if template_args is None:
template_args = {} template_args = {}
@ -133,6 +134,7 @@ async def render_template(
"actor_types": ap.ACTOR_TYPES, "actor_types": ap.ACTOR_TYPES,
**template_args, **template_args,
}, },
status_code=status_code,
) )

3
app/templates/login.html
View File

@ -3,6 +3,9 @@
{% block content %} {% block content %}
<div style="display:grid;height:80%;"> <div style="display:grid;height:80%;">
<div style="margin:auto;"> <div style="margin:auto;">
{% if error %}
<p class="primary-color">Invalid password.</p>
{% endif %}
<form class="form" action="/admin/login" method="POST"> <form class="form" action="/admin/login" method="POST">
<input type="hidden" name="csrf_token" value="{{ csrf_token }}"> <input type="hidden" name="csrf_token" value="{{ csrf_token }}">
<input type="hidden" name="redirect" value="{{ redirect }}"> <input type="hidden" name="redirect" value="{{ redirect }}">