various fixes
This commit is contained in:
parent
3db376b549
commit
e9883a049b
|
@ -17,6 +17,7 @@ import (
|
|||
|
||||
kitlog "github.com/go-kit/kit/log"
|
||||
"github.com/go-kit/kit/log/level"
|
||||
"github.com/gorilla/csrf"
|
||||
"github.com/gorilla/mux"
|
||||
"github.com/gorilla/sessions"
|
||||
"github.com/skip2/go-qrcode"
|
||||
|
@ -256,7 +257,10 @@ func (h WithSSBHandler) decideMethod(w http.ResponseWriter, req *http.Request) {
|
|||
|
||||
// without any query params: shows a form field so you can input alias or SSB ID
|
||||
if alias == "" && cid == nil {
|
||||
h.render.StaticHTML("auth/start_login_form.tmpl").ServeHTTP(w, req)
|
||||
data := map[string]interface{}{
|
||||
csrf.TemplateTag: csrf.TemplateField(req),
|
||||
}
|
||||
h.render.Render(w, req, "auth/start_login_form.tmpl", http.StatusOK, data)
|
||||
return
|
||||
}
|
||||
|
||||
|
@ -449,8 +453,6 @@ func (h WithSSBHandler) eventSource(w http.ResponseWriter, r *http.Request) {
|
|||
go func() {
|
||||
time.Sleep(3 * time.Minute)
|
||||
tick.Stop()
|
||||
sender.send("ping", "Warning: reached waiting time of 3 minutes.")
|
||||
flusher.Flush()
|
||||
logger.Log("event", "stopped")
|
||||
}()
|
||||
|
||||
|
|
|
@ -47,14 +47,18 @@ func TestLoginForm(t *testing.T) {
|
|||
|
||||
a, r := assert.New(t), require.New(t)
|
||||
|
||||
url, err := ts.Router.Get(router.AuthFallbackSignInForm).URL()
|
||||
ts.AliasesDB.ResolveReturns(roomdb.Alias{}, roomdb.ErrNotFound)
|
||||
|
||||
url, err := ts.Router.Get(router.AuthLogin).URL()
|
||||
r.Nil(err)
|
||||
html, resp := ts.Client.GetHTML(url.String())
|
||||
a.Equal(http.StatusOK, resp.Code, "wrong HTTP status code")
|
||||
|
||||
webassert.Localized(t, html, []webassert.LocalizedElement{
|
||||
{"#welcome", "AuthFallbackWelcome"},
|
||||
{"title", "AuthFallbackTitle"},
|
||||
{"title", "AuthTitle"},
|
||||
{"#welcome", "AuthWelcome"},
|
||||
{"#describe-withssb", "AuthWithSSBStart"},
|
||||
{"#describe-password", "AuthFallbackWelcome"},
|
||||
})
|
||||
}
|
||||
|
||||
|
@ -66,7 +70,9 @@ func TestFallbackAuth(t *testing.T) {
|
|||
jar, err := cookiejar.New(nil)
|
||||
r.NoError(err)
|
||||
|
||||
signInFormURL, err := ts.Router.Get(router.AuthFallbackSignInForm).URL()
|
||||
ts.AliasesDB.ResolveReturns(roomdb.Alias{}, roomdb.ErrNotFound)
|
||||
|
||||
signInFormURL, err := ts.Router.Get(router.AuthLogin).URL()
|
||||
r.Nil(err)
|
||||
signInFormURL.Host = "localhost"
|
||||
signInFormURL.Scheme = "https"
|
||||
|
@ -79,9 +85,10 @@ func TestFallbackAuth(t *testing.T) {
|
|||
|
||||
jar.SetCookies(signInFormURL, csrfCookie)
|
||||
|
||||
webassert.CSRFTokenPresent(t, doc.Find("form"))
|
||||
passwordForm := doc.Find("#password-fallback")
|
||||
webassert.CSRFTokenPresent(t, passwordForm)
|
||||
|
||||
csrfTokenElem := doc.Find("input[type=hidden]")
|
||||
csrfTokenElem := passwordForm.Find("input[type=hidden]")
|
||||
a.Equal(1, csrfTokenElem.Length())
|
||||
|
||||
csrfName, has := csrfTokenElem.Attr("name")
|
||||
|
@ -344,14 +351,14 @@ func TestAuthWithSSBHasClient(t *testing.T) {
|
|||
jar.SetCookies(signInStartURL, sessionCookie)
|
||||
|
||||
// now request the protected dashboard page
|
||||
|
||||
dashboardURL.Host = "localhost"
|
||||
dashboardURL.Scheme = "https"
|
||||
|
||||
var sessionHeader = http.Header(map[string][]string{})
|
||||
// load the cookie for the dashboard
|
||||
cs := jar.Cookies(dashboardURL)
|
||||
|
||||
r.True(len(cs) > 0, "expecting one cookie!")
|
||||
|
||||
var sessionHeader = http.Header(map[string][]string{})
|
||||
for _, c := range cs {
|
||||
theCookie := c.String()
|
||||
a.NotEqual("", theCookie, "should have a new cookie")
|
||||
|
@ -374,5 +381,4 @@ func TestAuthWithSSBHasClient(t *testing.T) {
|
|||
{"#welcome", "AdminDashboardWelcome"},
|
||||
{"title", "AdminDashboardTitle"},
|
||||
})
|
||||
|
||||
}
|
||||
|
|
|
@ -61,6 +61,8 @@ func TestNoticesEditButtonVisible(t *testing.T) {
|
|||
|
||||
urlTo := web.NewURLTo(ts.Router)
|
||||
|
||||
ts.AliasesDB.ResolveReturns(roomdb.Alias{}, roomdb.ErrNotFound)
|
||||
|
||||
noticeData := roomdb.Notice{
|
||||
ID: 42,
|
||||
Title: "Welcome!",
|
||||
|
@ -89,7 +91,7 @@ func TestNoticesEditButtonVisible(t *testing.T) {
|
|||
|
||||
// when dealing with cookies we also need to have an Host and URL-Scheme
|
||||
// for the jar to save and load them correctly
|
||||
formEndpoint := urlTo(router.AuthFallbackSignInForm)
|
||||
formEndpoint := urlTo(router.AuthLogin)
|
||||
r.NotNil(formEndpoint)
|
||||
formEndpoint.Host = "localhost"
|
||||
formEndpoint.Scheme = "https"
|
||||
|
|
|
@ -15,16 +15,19 @@ RoleAdmin = "Admin"
|
|||
LandingTitle = "ohai my room"
|
||||
LandingWelcome = "Landing welcome here"
|
||||
|
||||
AuthTitle = "Member Authentication"
|
||||
AuthWelcome = "Some text about the different login methods(?)"
|
||||
|
||||
AuthFallbackWelcome = "Here you can log in with username and password."
|
||||
AuthFallbackTitle = "Password Login"
|
||||
AuthSignIn = "Sign in"
|
||||
AuthSignOut = "Sign out"
|
||||
|
||||
AuthTitle = "Member Authentication"
|
||||
AuthWelcome = "TODO: Some text about the different login methods"
|
||||
|
||||
AuthWithSSBTitle = "Sign-in with SSB"
|
||||
AuthWithSSBWelcome = "If you have a compatible device/application, you can sign-in here without a password. Open the QR-Code on your mobile device to complete the process or click the link below."
|
||||
AuthWithSSBStart = "To begin, enter your alias on this room or your public key"
|
||||
AuthWithSSBServerStart = "If you have a compatible device/application, you can sign-in here without a password. Open the QR-Code on your mobile device to complete the process or click the link below."
|
||||
|
||||
AuthFallbackWelcome = "Here you can log in with username and password."
|
||||
AuthFallbackTitle = "Password Login"
|
||||
|
||||
|
||||
AdminDashboardWelcome = "Welcome to your dashboard"
|
||||
AdminDashboardTitle = "Room Admin Dashboard"
|
||||
|
|
|
@ -6,8 +6,7 @@ import "github.com/gorilla/mux"
|
|||
|
||||
// constant names for the named routes
|
||||
const (
|
||||
AuthFallbackSignInForm = "auth:fallback:signin:form"
|
||||
AuthFallbackSignIn = "auth:fallback:signin"
|
||||
AuthFallbackSignIn = "auth:fallback:signin"
|
||||
|
||||
AuthLogin = "auth:login"
|
||||
AuthLogout = "auth:logout"
|
||||
|
@ -23,7 +22,6 @@ func Auth(m *mux.Router) *mux.Router {
|
|||
m.Path("/logout").Methods("GET").Name(AuthLogout)
|
||||
|
||||
// register password fallback
|
||||
m.Path("/password/signin").Methods("GET").Name(AuthFallbackSignInForm)
|
||||
m.Path("/password/signin").Methods("POST").Name(AuthFallbackSignIn)
|
||||
|
||||
return m
|
||||
|
|
|
@ -1,32 +1,51 @@
|
|||
{{ define "title" }}{{i18n "AuthTitle"}}{{ end }}
|
||||
{{ define "content" }}
|
||||
<div id="page-header">
|
||||
<h1 id="welcome" class="text-lg">{{i18n "AuthTitle"}}</h1>
|
||||
<p>{{i18n "AuthWelcome"}}</p>
|
||||
</div>
|
||||
<div>
|
||||
<form method="GET" action="{{urlTo "auth:login:check" }}" class="flex flex-row items-end">
|
||||
<label>Alias or SSB ID</label>
|
||||
<input
|
||||
type="text"
|
||||
name="input"
|
||||
class="shadow rounded border border-transparent h-8 p-1 focus:outline-none focus:ring-2 focus:ring-pink-400 focus:border-transparent"
|
||||
>
|
||||
<button
|
||||
type="submit"
|
||||
class="shadow rounded px-4 h-8 text-gray-100 bg-pink-600 hover:bg-pink-700 focus:outline-none focus:ring-2 focus:ring-pink-600 focus:ring-opacity-50"
|
||||
>Enter</button>
|
||||
</form>
|
||||
<h1 class="text-lg">{{i18n "AuthTitle"}}</h1>
|
||||
<p id="welcome">{{i18n "AuthWelcome"}}</p>
|
||||
</div>
|
||||
<hr class="mt-5 pt-5">
|
||||
|
||||
<div>
|
||||
<hr class="mt-5 pt-5">
|
||||
<div id="page-header">
|
||||
<h1 id="welcome" class="text-lg">{{i18n "AuthFallbackTitle"}}</h1>
|
||||
<p>{{i18n "AuthFallbackWelcome"}}</p>
|
||||
<h1 class="text-lg">{{i18n "AuthWithSSBTitle"}}</h1>
|
||||
<p id="describe-withssb">{{i18n "AuthWithSSBStart"}}</p>
|
||||
</div>
|
||||
<div>
|
||||
<form method="POST" action={{urlTo "auth:fallback:signin" }} class="flex flex-row items-end">
|
||||
<form
|
||||
id="start-siwssb"
|
||||
method="GET"
|
||||
action="{{urlTo "auth:login:check" }}"
|
||||
class="flex flex-row items-end"
|
||||
>
|
||||
<label>Alias or SSB ID</label>
|
||||
<input
|
||||
type="text"
|
||||
name="input"
|
||||
class="shadow rounded border border-transparent h-8 p-1 focus:outline-none focus:ring-2 focus:ring-pink-400 focus:border-transparent"
|
||||
>
|
||||
<button
|
||||
type="submit"
|
||||
class="shadow rounded px-4 h-8 text-gray-100 bg-pink-600 hover:bg-pink-700 focus:outline-none focus:ring-2 focus:ring-pink-600 focus:ring-opacity-50"
|
||||
>Enter</button>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<hr class="mt-5 pt-5">
|
||||
|
||||
<div>
|
||||
<div id="page-header">
|
||||
<h1 class="text-lg">{{i18n "AuthFallbackTitle"}}</h1>
|
||||
<p id="describe-password">{{i18n "AuthFallbackWelcome"}}</p>
|
||||
</div>
|
||||
<div>
|
||||
<form
|
||||
id="password-fallback"
|
||||
method="POST"
|
||||
action={{urlTo "auth:fallback:signin" }}
|
||||
class="flex flex-row items-end"
|
||||
>
|
||||
{{ .csrfField }}
|
||||
<div class="w-96 grid grid-cols-2 gap-x-4 gap-y-1 mr-4">
|
||||
<label>Username</label>
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
{{ define "title" }}{{i18n "AuthWithSSBTitle"}}{{ end }}
|
||||
{{ define "content" }}
|
||||
<div id="page-header">
|
||||
<h1 id="welcome" class="text-lg">{{i18n "AuthWithSSBWelcome"}}</h1>
|
||||
<h1 id="welcome" class="text-lg">{{i18n "AuthWithSSBServerStart"}}</h1>
|
||||
</div>
|
||||
<div>
|
||||
<img src="{{.QRCodeURI}}" alt="QR-Code to pass the challenge to an App" />
|
||||
|
|
|
@ -18,7 +18,7 @@ type LocalizedElement struct {
|
|||
func Localized(t *testing.T, html *goquery.Document, elems []LocalizedElement) {
|
||||
a := assert.New(t)
|
||||
for i, pair := range elems {
|
||||
a.Equal(pair.Label, html.Find(pair.Selector).Text(), "localized pair %d failed", i+1)
|
||||
a.Equal(pair.Label, html.Find(pair.Selector).Text(), "localized pair %d failed (selector: %s)", i+1, pair.Selector)
|
||||
}
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue