commit f919f271bb82e62c3baf63869155d6294d8070c2
parent 77f9aae7420dfb14693240ae7e57571300436cce
Author: n0tr1v <n0tr1v@protonmail.com>
Date: Tue, 6 Jun 2023 20:47:30 -0700
cleanup
Diffstat:
1 file changed, 85 insertions(+), 82 deletions(-)
diff --git a/pkg/web/handlers/handlers.go b/pkg/web/handlers/handlers.go
@@ -282,110 +282,111 @@ func LoginAttackHandler(c echo.Context) error {
return loginHandler(c)
}
-func loginHandler(c echo.Context) error {
- formName := c.Request().PostFormValue("formName")
+func loginFormHandler(c echo.Context) error {
db := c.Get("database").(*database.DkfDB)
- if formName == "" {
- var data loginData
- data.Autofocus = 0
- data.HomeUsersList = config.HomeUsersList.Load()
+ var data loginData
+ data.Autofocus = 0
+ data.HomeUsersList = config.HomeUsersList.Load()
+
+ if data.HomeUsersList {
+ data.Online = managers.ActiveUsers.GetActiveUsers()
+ }
- if data.HomeUsersList {
- data.Online = managers.ActiveUsers.GetActiveUsers()
+ actualLogin := func(username, password string, sessionDuration time.Duration, captchaSolved bool) error {
+ username = strings.TrimSpace(username)
+ user, err := db.GetVerifiedUserByUsername(database.Username(username))
+ if err != nil {
+ time.Sleep(utils.RandMs(50, 200))
+ data.Error = "Invalid username/password"
+ return c.Render(http.StatusOK, "standalone.login", data)
}
- actualLogin := func(username, password string, sessionDuration time.Duration, captchaSolved bool) error {
- username = strings.TrimSpace(username)
- user, err := db.GetVerifiedUserByUsername(database.Username(username))
- if err != nil {
- time.Sleep(utils.RandMs(50, 200))
- data.Error = "Invalid username/password"
- return c.Render(http.StatusOK, "standalone.login", data)
- }
+ user.LoginAttempts++
+ user.DoSave(db)
- user.LoginAttempts++
- user.DoSave(db)
-
- if user.LoginAttempts > 4 && !captchaSolved {
- data.CaptchaRequired = true
- data.Autofocus = 2
- data.Error = "Captcha required"
- data.CaptchaID, data.CaptchaImg = captcha.New()
- data.Password = password
- captchaID := c.Request().PostFormValue("captcha_id")
- captchaInput := c.Request().PostFormValue("captcha")
- if captchaInput == "" {
+ if user.LoginAttempts > 4 && !captchaSolved {
+ data.CaptchaRequired = true
+ data.Autofocus = 2
+ data.Error = "Captcha required"
+ data.CaptchaID, data.CaptchaImg = captcha.New()
+ data.Password = password
+ captchaID := c.Request().PostFormValue("captcha_id")
+ captchaInput := c.Request().PostFormValue("captcha")
+ if captchaInput == "" {
+ return c.Render(http.StatusOK, "standalone.login", data)
+ } else {
+ if err := hutils.CaptchaVerifyString(c, captchaID, captchaInput); err != nil {
+ data.Error = "Invalid captcha"
return c.Render(http.StatusOK, "standalone.login", data)
- } else {
- if err := hutils.CaptchaVerifyString(c, captchaID, captchaInput); err != nil {
- data.Error = "Invalid captcha"
- return c.Render(http.StatusOK, "standalone.login", data)
- }
}
}
+ }
- if !user.CheckPassword(db, password) {
- data.Password = ""
- data.Autofocus = 1
- data.Error = "Invalid username/password"
- return c.Render(http.StatusOK, "standalone.login", data)
- }
-
- if user.GpgTwoFactorEnabled {
- token := utils.GenerateToken32()
- if user.GpgTwoFactorMode {
- partialAuthCache.SetD(token, NewPartialAuthItem(user.ID, PgpSignStep, sessionDuration))
- return SessionsGpgSignTwoFactorHandler(c, true, token)
- }
- partialAuthCache.SetD(token, NewPartialAuthItem(user.ID, PgpStep, sessionDuration))
- return SessionsGpgTwoFactorHandler(c, true, token)
+ if !user.CheckPassword(db, password) {
+ data.Password = ""
+ data.Autofocus = 1
+ data.Error = "Invalid username/password"
+ return c.Render(http.StatusOK, "standalone.login", data)
+ }
- } else if string(user.TwoFactorSecret) != "" {
- token := utils.GenerateToken32()
- partialAuthCache.SetD(token, NewPartialAuthItem(user.ID, TwoFactorStep, sessionDuration))
- return SessionsTwoFactorHandler(c, true, token)
+ if user.GpgTwoFactorEnabled {
+ token := utils.GenerateToken32()
+ if user.GpgTwoFactorMode {
+ partialAuthCache.SetD(token, NewPartialAuthItem(user.ID, PgpSignStep, sessionDuration))
+ return SessionsGpgSignTwoFactorHandler(c, true, token)
}
+ partialAuthCache.SetD(token, NewPartialAuthItem(user.ID, PgpStep, sessionDuration))
+ return SessionsGpgTwoFactorHandler(c, true, token)
- return completeLogin(c, user, sessionDuration)
+ } else if string(user.TwoFactorSecret) != "" {
+ token := utils.GenerateToken32()
+ partialAuthCache.SetD(token, NewPartialAuthItem(user.ID, TwoFactorStep, sessionDuration))
+ return SessionsTwoFactorHandler(c, true, token)
}
- usernameQuery := c.QueryParam("u")
- passwordQuery := c.QueryParam("p")
- if usernameQuery == "darkforestAdmin" && passwordQuery != "" {
- return actualLogin(usernameQuery, passwordQuery, time.Hour*24, false)
- }
+ return completeLogin(c, user, sessionDuration)
+ }
- if config.ForceLoginCaptcha.IsTrue() {
- data.CaptchaID, data.CaptchaImg = captcha.New()
- data.CaptchaRequired = true
- }
+ usernameQuery := c.QueryParam("u")
+ passwordQuery := c.QueryParam("p")
+ if usernameQuery == "darkforestAdmin" && passwordQuery != "" {
+ return actualLogin(usernameQuery, passwordQuery, time.Hour*24, false)
+ }
- if c.Request().Method == http.MethodGet {
- data.SessionDurationSec = 604800
- return c.Render(http.StatusOK, "standalone.login", data)
- }
+ if config.ForceLoginCaptcha.IsTrue() {
+ data.CaptchaID, data.CaptchaImg = captcha.New()
+ data.CaptchaRequired = true
+ }
- captchaSolved := false
+ if c.Request().Method == http.MethodGet {
+ data.SessionDurationSec = 604800
+ return c.Render(http.StatusOK, "standalone.login", data)
+ }
- data.Username = strings.TrimSpace(c.FormValue("username"))
- password := c.FormValue("password")
- data.SessionDurationSec = utils.Clamp(utils.DoParseInt64(c.Request().PostFormValue("session_duration")), 60, utils.OneMonthSecs)
- sessionDuration := time.Duration(data.SessionDurationSec) * time.Second
+ captchaSolved := false
- if config.ForceLoginCaptcha.IsTrue() {
- data.CaptchaRequired = true
- captchaID := c.Request().PostFormValue("captcha_id")
- captchaInput := c.Request().PostFormValue("captcha")
- if err := hutils.CaptchaVerifyString(c, captchaID, captchaInput); err != nil {
- data.ErrCaptcha = err.Error()
- return c.Render(http.StatusOK, "standalone.login", data)
- }
- captchaSolved = true
+ data.Username = strings.TrimSpace(c.FormValue("username"))
+ password := c.FormValue("password")
+ data.SessionDurationSec = utils.Clamp(utils.DoParseInt64(c.Request().PostFormValue("session_duration")), 60, utils.OneMonthSecs)
+ sessionDuration := time.Duration(data.SessionDurationSec) * time.Second
+
+ if config.ForceLoginCaptcha.IsTrue() {
+ data.CaptchaRequired = true
+ captchaID := c.Request().PostFormValue("captcha_id")
+ captchaInput := c.Request().PostFormValue("captcha")
+ if err := hutils.CaptchaVerifyString(c, captchaID, captchaInput); err != nil {
+ data.ErrCaptcha = err.Error()
+ return c.Render(http.StatusOK, "standalone.login", data)
}
+ captchaSolved = true
+ }
- return actualLogin(data.Username, password, sessionDuration, captchaSolved)
+ return actualLogin(data.Username, password, sessionDuration, captchaSolved)
+}
- } else if formName == "pgp_2fa" {
+func loginHandler(c echo.Context) error {
+ formName := c.Request().PostFormValue("formName")
+ if formName == "pgp_2fa" {
token := c.Request().PostFormValue("token")
return SessionsGpgTwoFactorHandler(c, false, token)
} else if formName == "pgp_sign_2fa" {
@@ -397,6 +398,8 @@ func loginHandler(c echo.Context) error {
} else if formName == "2fa_recovery" {
token := c.Request().PostFormValue("token")
return SessionsTwoFactorRecoveryHandler(c, token)
+ } else if formName == "" {
+ return loginFormHandler(c)
}
return c.Redirect(http.StatusFound, "/")
}
