Correct login

FossilOrigin-Name: b604906872b289329c2b57028b5d64b4463e65d5dee1e26283e9663c0e13ec53
This commit is contained in:
me@ow.nekobit.net 2022-02-27 05:39:34 +00:00
parent 4d617fd6a9
commit f81c1fba96
7 changed files with 91 additions and 11 deletions

View file

@ -42,6 +42,8 @@ $(PAGES_DIR)/list.chtml: $(PAGES_DIR)/list.html
./filec $< data_list_html > $@
$(PAGES_DIR)/lists.chtml: $(PAGES_DIR)/lists.html
./filec $< data_lists_html > $@
$(PAGES_DIR)/error.chtml: $(PAGES_DIR)/error.html
./filec $< data_error_html > $@
$(MASTODONT_DIR):
git clone $(MASTODONT_URL) || true

32
src/error.c Normal file
View file

@ -0,0 +1,32 @@
/*
* RatFE - Lightweight frontend for Pleroma
* Copyright (C) 2022 Nekobit
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
#include "error.h"
#include "easprintf.h"
// Pages
#include "../static/error.chtml"
char* construct_error(char* error, size_t* size)
{
char* error_html;
size_t s = easprintf(&error_html, data_error_html,
error);
if (size) *size = s;
return error_html;
}

25
src/error.h Normal file
View file

@ -0,0 +1,25 @@
/*
* RatFE - Lightweight frontend for Pleroma
* Copyright (C) 2022 Nekobit
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
#ifndef ERROR_H
#define ERROR_H
#include <stddef.h>
char* construct_error(char* message, size_t* size);
#endif // ERROR_H

View file

@ -34,10 +34,10 @@ void content_index(mastodont_t* api)
int cleanup = 0;
size_t status_count, statuses_html_count;
struct mstdnt_status* statuses;
struct mstdnt_storage storage;
struct mstdnt_storage storage = { 0 };
char* status_format, *post_box;
char* output = NULL;
try_post_status(api);
if (mastodont_timeline_public(api, NULL, &storage, &statuses, &status_count))

View file

@ -66,7 +66,7 @@ void content_lists(mastodont_t* api, char** data, size_t size)
int cleanup = 0;
struct mstdnt_list* lists;
size_t size_list;
struct mstdnt_storage storage;
struct mstdnt_storage storage = { 0 };
char* lists_format;
char* lists_page = NULL;

View file

@ -22,6 +22,8 @@
#include "query.h"
#include "base_page.h"
#include "login.h"
#include "error.h"
#include "easprintf.h"
#include "../config.h"
// Files
@ -29,9 +31,11 @@
void content_login(mastodont_t* api, char** data, size_t data_size)
{
struct mstdnt_storage storage, oauth_store;
struct mstdnt_storage storage = { 0 }, oauth_store = { 0 };
struct mstdnt_app app;
struct mstdnt_oauth_token token;
char* error = NULL;
char* page;
if (post.username && post.password)
{
@ -49,23 +53,39 @@ void content_login(mastodont_t* api, char** data, size_t data_size)
.grant_type = "password",
.client_id = app.client_id,
.client_secret = app.client_secret,
.redirect_uri = NULL,
.scope = NULL,
.code = NULL,
.username = post.username,
.password = post.password
};
mastodont_obtain_oauth_token(api, &args_token, &oauth_store,
&token);
// TODO checking, also ^ returns non-zero
printf("Set-Cookie: access_token=%s; HttpOnly; SameSite=Strict;\r\n", token.access_token);
printf("Set-Cookie: logged_in=t; SameSite=Strict\r\n");
if (mastodont_obtain_oauth_token(api, &args_token, &oauth_store,
&token) == 1)
{
error = construct_error(oauth_store.error, NULL);
}
else {
// TODO checking, also ^ returns non-zero
printf("Set-Cookie: access_token=%s; HttpOnly; SameSite=Strict;\r\n", token.access_token);
printf("Set-Cookie: logged_in=t; SameSite=Strict\r\n");
printf("Location: %s/\r\n", config_url_prefix);
}
}
easprintf(&page, "%s%s", error ? error : "", data_login_html);
struct base_page b = {
.locale = L10N_EN_US,
.content = data_login_html,
.content = page,
.sidebar_right = NULL
};
// Output
render_base_page(&b);
// Cleanup
mastodont_storage_cleanup(&storage);
mastodont_storage_cleanup(&oauth_store);
if (error) free(error);
if (page) free(page);
}

1
static/error.html Normal file
View file

@ -0,0 +1 @@
<span class="error">%s</span>