Split "auth" and "user" routes

2023-01-05 13:55:05 +01:00 · 2023-01-05 13:55:05 +01:00 · 59b565ae19
commit 59b565ae19
parent f3939c5016
15 changed files with 148 additions and 99 deletions
--- a/internal/dis/component/auth/panel/templates/password.html
+++ b/internal/dis/component/auth/panel/templates/password.html
@ -0,0 +1,13 @@
+{{ template "_form.html" . }}
+{{ define "form/title" }}Change Password{{ end }}
+{{ define "form/button" }}Update{{ end }}
+
+{{ define "header"}}
+<p>
+    <a class="pure-button" href="/user/">{{ .User.User }}</a> &gt;
+    <a class="pure-button pure-button-primary" href="/user/password/">Change Password</a>
+</p>
+<p>
+    <a class="pure-button pure-button-small" href="/auth/logout/">Logout</a>
+</p>
+{{ end }}
--- a/internal/dis/component/auth/panel/templates/totp_disable.html
+++ b/internal/dis/component/auth/panel/templates/totp_disable.html
@ -0,0 +1,22 @@
+{{ template "_form.html" . }}
+{{ define "form/title" }}Disable TOTP{{ end }}
+{{ define "form/button" }}Disable{{ end }}
+
+{{ define "header"}}
+<p>
+    <a class="pure-button" href="/user/">{{ .User.User }}</a> &gt;
+    <a class="pure-button pure-button-primary" href="/user/totp/disable/">Disable TOTP</a>
+</p>
+<p>
+    <a class="pure-button pure-button-small" href="/auth/logout/">Logout</a>
+</p>
+{{ end }}
+
+{{ define "form/inside" }}
+<div>
+    <ul>
+        <li>remove the TOTP token from your account</li>
+        <li>your account will be less secure, but you will be able to login without it</li>
+    </ul>
+</div>
+{{ end }}
--- a/internal/dis/component/auth/panel/templates/totp_enable.html
+++ b/internal/dis/component/auth/panel/templates/totp_enable.html
@ -0,0 +1,21 @@
+{{ template "_form.html" . }}
+{{ define "form/title" }}Enable TOTP{{ end }}
+{{ define "form/button" }}Enable{{ end }}
+{{ define "header"}}
+<p>
+    <a class="pure-button" href="/user/">{{ .User.User }}</a> &gt;
+    <a class="pure-button pure-button-primary" href="/user/totp/enable/">Enable TOTP</a>
+</p>
+<p>
+    <a class="pure-button pure-button-small" href="/auth/logout/">Logout</a>
+</p>
+{{ end }}
+{{ define "form/inside" }}
+<div>
+    <ul>
+        <li>Use this page to add a <a href="https://en.wikipedia.org/wiki/Time-based_one-time_password">TOTP</a> token to your account</li>
+        <li>You will not be able to login without the second factor</li>
+        <li>If you forget your token, only an administrator can reset it</li>
+    </ul>
+</div>
+{{ end }}
--- a/internal/dis/component/auth/panel/templates/totp_enroll.html
+++ b/internal/dis/component/auth/panel/templates/totp_enroll.html
@ -0,0 +1,23 @@
+{{ template "_form.html" . }}
+{{ define "form/title" }}Enable TOTP{{ end }}
+{{ define "form/button" }}Enable{{ end }}
+{{ define "header" }}
+<p>
+    <a class="pure-button" href="/user/">{{ .User.User }}</a> &gt;
+    <a class="pure-button pure-button-primary" href="/user/totp/enroll/">Enroll TOTP</a>
+</p>
+<p>
+    <a class="pure-button pure-button-small" href="/auth/logout/">Logout</a>
+</p>
+{{ end }}
+{{ define "form/inside" }}
+<div>
+    <a href="{{ .TOTPURL }}">
+        <img src="{{ .TOTPImage }}" alt="TOTP Enrollment Image">
+    </a>
+    <ul>
+        <li>scan the token above using a <a href="https://en.wikipedia.org/wiki/Time-based_one-time_password">TOTP</a> app on your phone</li>
+        <li>enter your current password and the now generated token to confirm</li>
+    </ul>
+</div>
+{{ end }}
--- a/internal/dis/component/auth/panel/templates/user.html
+++ b/internal/dis/component/auth/panel/templates/user.html
@ -0,0 +1,62 @@
+{{ template "_base.html" . }}
+{{ define "title" }}User{{ end }}
+
+{{ define "header"}}
+<p>
+    <a class="pure-button pure-button-primary" href="/user/">{{ .User.User }}</a>
+</p>
+<p>
+    <a class="pure-button pure-button-small" href="/auth/logout/">Logout</a>
+</p>
+{{ end }}
+
+{{ define "content" }}
+<div class="pure-u-1">
+    <p>
+        <ul>
+            {{ if .User.IsAdmin }}
+                <li>Role: <b>Administrator</b></li>
+            {{ else }}
+                <li>Role: <b>Regular User</b></li>
+            {{ end }}
+
+            {{ if .User.IsTOTPEnabled }}
+                <li>Passcode Enabled: <b>true</b></li>
+            {{ else }}
+                <li>Passcode Enabled: <b>false</b> <small>(some actions are disabled)</small></li>
+            {{ end }}
+        </ul>
+    </p>
+    <div class="pure-button-group" role="group" role="Actions">
+        <a class="pure-button" href="/user/password/">Change Password</a>
+        {{ if .User.IsTOTPEnabled }}
+            <a class="pure-button" href="/user/totp/disable/">Disable Passcode (TOTP)</a>
+        {{ else }}
+            <a class="pure-button" href="/user/totp/enable/">Enable Passcode (TOTP)</a>
+        {{ end }}
+    </div>
+    <hr /> 
+</div>
+
+{{ if .User.IsAdmin }}
+<div class="pure-u-1">
+    {{ if (not .User.IsTOTPEnabled) }}
+    <div>
+        <p class="error-message">
+            TOTP is required to access these.
+        </p>
+    </div>
+    {{ end }}
+    <div class="pure-button-group" role="group" role="Actions">
+        <a class="pure-button" href="/admin/">Distillery Admin Page</a>
+    </div>
+    <hr />
+</div>
+{{ end }}
+
+<div class="pure-u-1">
+    There will be a list of WissKIs you have access to here.
+</div>
+
+
+{{ end }}