From 58ebbf601b09bd1f0f3e8e4e80e2e202f28b2bb4 Mon Sep 17 00:00:00 2001
From: Paul Brinkmeier <hallo@pbrinkmeier.de>
Date: Sun, 20 Aug 2023 11:51:51 +0200
Subject: [PATCH] Add template for unauthenticated response
---
jon/auth.py | 21 +++++------
jon/static/jon.css | 65 ++++++++++++++++++++++++++++++++
jon/templates/auth/denied.html | 36 ++++++++++++++++++
jon/templates/base.html | 68 +---------------------------------
4 files changed, 112 insertions(+), 78 deletions(-)
create mode 100644 jon/static/jon.css
create mode 100644 jon/templates/auth/denied.html
diff --git a/jon/auth.py b/jon/auth.py
index 7bf3885..cfe8916 100644
--- a/jon/auth.py
+++ b/jon/auth.py
@@ -1,7 +1,7 @@
import random
import string
-from flask import Blueprint, make_response, request, redirect, session
+from flask import Blueprint, request, redirect, render_template, session
bp = Blueprint("auth", __name__, url_prefix="/auth")
@@ -9,15 +9,10 @@ bp = Blueprint("auth", __name__, url_prefix="/auth")
ACCESS_TOKEN = "".join(random.choice(string.ascii_lowercase) for i in range(64))
-ERROR_TEXT = """
- For security-reasons we must make sure you are the person who executed jon :D <br />
- <form action="" method="get">
- <input type="password" name="token" placeholder="Token" />
- <input type="submit" value="login" />
- </form>
- <hr />
-
- """
+ALLOWED_PATHS = [
+ "/favicon.ico",
+ "/static/jon.css"
+]
def before_request():
@@ -32,8 +27,12 @@ def before_request():
# Reload the page without query parameters
return redirect(request.path)
+ # Don't deny any paths in `ALLOWED_PATHS`
+ if request.path in ALLOWED_PATHS:
+ return
+
if not "authenticated" in session:
- return ERROR_TEXT, 403
+ return render_template("auth/denied.html"), 403
@bp.get("/logout")
diff --git a/jon/static/jon.css b/jon/static/jon.css
new file mode 100644
index 0000000..9897996
--- /dev/null
+++ b/jon/static/jon.css
@@ -0,0 +1,65 @@
+html {
+ font-family: Helvetica, sans-serif;
+}
+h1 {
+ margin: 0;
+}
+nav > ul {
+ padding-left: 0;
+}
+nav > ul > li {
+ display: inline-block;
+ list-style: none;
+}
+nav > ul > li + li:before {
+ content: ' · ';
+}
+.current-page > a {
+ position: relative;
+}
+.current-page > a:after {
+ content: '↓';
+ font-size: 0.8em;
+ box-sizing: border-box;
+ position: absolute;
+ display: block;
+ right: 50%;
+ top: -1em;
+ width: 1em;
+ text-align: center;
+ margin-right: -0.5em;
+ animation: wiggle 0.8s ease-in-out 0s infinite;
+ /* animation-direction: alternate; */
+}
+.--align-left {
+ text-align: left;
+}
+.--align-right {
+ text-align: right;
+}
+.--centered {
+ text-align: center;
+}
+@keyframes wiggle {
+ 0%, 100% { margin-top: 0; }
+ 50% { margin-top: -0.5em; }
+ /* 100% { transform: rotate(1turn); } */
+}
+table {
+ border-spacing: .5em 0;
+}
+th {
+ font-size: .8em;
+}
+@media print {
+ body {
+ font-size: 8px;
+ }
+}
+.form-input > label {
+ font-size: .8em;
+}
+.form-input > input:not([type=radio]),
+.form-input > select {
+ display: block;
+}
diff --git a/jon/templates/auth/denied.html b/jon/templates/auth/denied.html
new file mode 100644
index 0000000..1122b1b
--- /dev/null
+++ b/jon/templates/auth/denied.html
@@ -0,0 +1,36 @@
+
+<!DOCTYPE html>
+<html>
+ <head>
+ <meta charset="UTF-8">
+ <title>jon · not authenticated</title>
+ <link rel="stylesheet" href="/static/jon.css">
+ </head>
+ <body>
+ <header>
+ <h1>jon</h1>
+
+ {% if config.DEBUG %}
+ <details>
+ <summary><code>config</code></summary>
+ <pre>{% for key, value in config.items() %}{{ key }} = {{ value }}
+{% endfor %}</pre>
+ </details>
+ {% endif %}
+ </header>
+
+ <main>
+ <p>
+ Damit kein Schabernack getrieben wird müssen wir sicherstellen, dass du die Person bist die jon ausgeführt hat.
+ Gib unten das Token ein, welches jon beim Starten ausgegeben hat.
+ </p>
+ <form method="GET">
+ <div class="form-input">
+ <label for="token">Token</label>
+ <input type="password" name="token" placeholder="Token" id="token">
+ </div>
+ <button type="submit">Authentifizieren</button>
+ </form>
+ </main>
+ </body>
+</html>
diff --git a/jon/templates/base.html b/jon/templates/base.html
index 07b30b8..c4af7be 100644
--- a/jon/templates/base.html
+++ b/jon/templates/base.html
@@ -3,73 +3,7 @@
<head>
<meta charset="UTF-8">
<title>jon</title>
- <style>
- html {
- font-family: Helvetica, sans-serif;
- }
- h1 {
- margin: 0;
- }
- nav > ul {
- padding-left: 0;
- }
- nav > ul > li {
- display: inline-block;
- list-style: none;
- }
- nav > ul > li + li:before {
- content: ' · ';
- }
- .current-page > a {
- position: relative;
- }
- .current-page > a:after {
- content: '↓';
- font-size: 0.8em;
- box-sizing: border-box;
- position: absolute;
- display: block;
- right: 50%;
- top: -1em;
- width: 1em;
- text-align: center;
- margin-right: -0.5em;
- animation: wiggle 0.8s ease-in-out 0s infinite;
- /* animation-direction: alternate; */
- }
- .--align-left {
- text-align: left;
- }
- .--align-right {
- text-align: right;
- }
- .--centered {
- text-align: center;
- }
- @keyframes wiggle {
- 0%, 100% { margin-top: 0; }
- 50% { margin-top: -0.5em; }
- /* 100% { transform: rotate(1turn); } */
- }
- table {
- border-spacing: .5em 0;
- }
- th {
- font-size: .8em;
- }
- @media print {
- body {
- font-size: 8px;
- }
- }
- .form-input > label {
- font-size: .8em;
- }
- .form-input > input:not([type=radio]),
- .form-input > select {
- display: block;
- }
- </style>
+ <link rel="stylesheet" href="/static/jon.css">
</head>
<body>
<header>