From 8299915502ef482f10526ef9b84cc228abbb1594 Mon Sep 17 00:00:00 2001
From: Arzumify <jliwin98@hectabit.org>
Date: Mon, 29 Apr 2024 01:45:22 +0100
Subject: [PATCH] Added aeskeyshare and fixed html files to be more
 standard-complient

---
 main.go                    |  4 ++++
 static/js/aeskeyshare.js   | 24 ++++++++++++++++++++++++
 templates/aeskeyshare.html | 11 +++++++++++
 templates/dashboard.html   |  3 ++-
 templates/login.html       | 25 ++++++++-----------------
 templates/logout.html      | 21 ++++++---------------
 templates/main.html        | 30 +++++++++++-------------------
 templates/signup.html      | 25 ++++++++-----------------
 8 files changed, 74 insertions(+), 69 deletions(-)
 create mode 100644 static/js/aeskeyshare.js
 create mode 100644 templates/aeskeyshare.html

diff --git a/main.go b/main.go
index d32e410..ce3ea50 100644
--- a/main.go
+++ b/main.go
@@ -275,6 +275,10 @@ func main() {
 		c.HTML(200, "dashboard.html", gin.H{})
 	})
 
+	router.GET("/aeskeyshare", func(c *gin.Context) {
+		c.HTML(200, "keyshare.html", gin.H{})
+	})
+
 	router.GET("/.well-known/openid-configuration", func(c *gin.Context) {
 		c.HTML(200, "openid.html", gin.H{})
 	})
diff --git a/static/js/aeskeyshare.js b/static/js/aeskeyshare.js
new file mode 100644
index 0000000..09d2d97
--- /dev/null
+++ b/static/js/aeskeyshare.js
@@ -0,0 +1,24 @@
+window.addEventListener("message", function(event) {
+    try {
+        let data = JSON.parse(event.data);
+        const access_token = data["access_token"];
+        const redirect_uri = data["redirect_uri"];
+
+        fetch("https://auth.hectabit.org/api/isloggedin", {
+            method: "POST",
+            body: JSON.stringify({
+                access_token: access_token
+            })
+        })
+            .then((response) => {
+                if (response.status === 200) {
+                    console.log("Key is valid");
+                    let newtab = window.open(redirect_uri);
+                    newtab.postMessage(localStorage.getItem("DONOTSHARE-password"), "*");
+                    window.close();
+                }
+            });
+    } catch {
+        console.log("Error parsing JSON");
+    }
+});
diff --git a/templates/aeskeyshare.html b/templates/aeskeyshare.html
new file mode 100644
index 0000000..39ceda8
--- /dev/null
+++ b/templates/aeskeyshare.html
@@ -0,0 +1,11 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+    <title>Burgerauth</title>
+    <meta charset="UTF-8" />
+    <meta http-equiv="X-UA-Compatible" content="IE=edge" />
+    <link rel="icon" href="/static/svg/favicon.svg">
+</head>
+<p>Redirecting...</p>
+<script src="/static/js/aeskeyshare.js"></script>
diff --git a/templates/dashboard.html b/templates/dashboard.html
index 87aabfe..0963d5c 100644
--- a/templates/dashboard.html
+++ b/templates/dashboard.html
@@ -1,8 +1,9 @@
 <!DOCTYPE html>
-<html>
+<html lang="en">
     <head>
         <link rel="stylesheet" href="/static/css/dashboard.css" media="">
         <script src="/static/js/dashboard.js"></script>
+        <title>Dashboard</title>
     </head>
     <body>
         <div class="newoauth">
diff --git a/templates/login.html b/templates/login.html
index 17ed7ab..a369b47 100644
--- a/templates/login.html
+++ b/templates/login.html
@@ -1,28 +1,19 @@
 <!DOCTYPE html>
-<html>
+<html lang="en">
 
 <head>
-    <title>Login - Hectabit</title>
+    <title>Login - Burgerauth</title>
     <meta charset="UTF-8" />
     <meta http-equiv="X-UA-Compatible" content="IE=edge" />
     <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
-    <link rel="stylesheet" type="text/css" href="../static/css/style.css" />
-    <script src="../static/js/hash-wasm.js"></script>
-    <link rel="icon" href="../static/svg/favicon.svg">
-    <script>
-    if (window.location.href.endsWith('/index.html')) {
-        if (window.location.origin !== null) {
-            var currentUrl = window.location.href;
-            var newUrl = currentUrl.replace('/index.html', '');
-            window.location.href = newUrl;
-        }
-    }
-    </script>
+    <link rel="stylesheet" type="text/css" href="/static/css/style.css" />
+    <script src="/static/js/hash-wasm.js"></script>
+    <link rel="icon" href="/static/svg/favicon.svg">
 </head>
 
 <body>
     <p class="credit">Image by perga (@pergagreen on discord)</p>
-    <img src="/static/img/background.jpg" class="background">
+    <img src="/static/img/background.jpg" class="background" alt="">
     <div class="inoutdiv">
         <h2 class="w300">Login</h2>
         <p id="statusBox"></p>
@@ -33,8 +24,8 @@
         <button id="backButton" class="hidden">Back</button>
         <br>
         <br>
-        <p>Don't have an account? If so, <a href="#" id="signuprdirButton">Create one here!</a></p>
-        <a href="#" id="privacyButton">Privacy &amp; Terms</a>
+        <p>Don't have an account? If so, <a href="/signup" id="signuprdirButton">Create one here!</a></p>
+        <a href="/privacy" id="privacyButton">Privacy &amp; Terms</a>
     </div>
 
     <script type="text/javascript" src="../static/js/login.js"></script>
diff --git a/templates/logout.html b/templates/logout.html
index 821930e..aa59d17 100644
--- a/templates/logout.html
+++ b/templates/logout.html
@@ -1,25 +1,16 @@
 <!DOCTYPE html>
-<html>
+<html lang="en">
 
 <head>
-    <title>Burgernotes</title>
+    <title>Burgerauth</title>
     <meta charset="UTF-8" />
     <meta http-equiv="X-UA-Compatible" content="IE=edge" />
-    <link rel="icon" href="../static/svg/favicon.svg">
-    <script>
-    if (window.location.href.endsWith('/index.html')) {
-        if (window.location.origin !== null) {
-            var currentUrl = window.location.href;
-            var newUrl = currentUrl.replace('/index.html', '');
-            window.location.href = newUrl;
-        }
-    }
-    </script>
-<head>
-Logging out..
+    <link rel="icon" href="/static/svg/favicon.svg">
+</head>
+<p>Logging out...</p>
 <script>
     localStorage.removeItem("DONOTSHARE-secretkey")
     localStorage.removeItem("DONOTSHARE-password")
     localStorage.removeItem("CACHE-username")
-    window.location.replace("../login")
+    window.location.replace("/login")
 </script>
diff --git a/templates/main.html b/templates/main.html
index cc2a7c9..05af2e1 100644
--- a/templates/main.html
+++ b/templates/main.html
@@ -1,22 +1,14 @@
-<html>
+<html lang="en">
 <head>
     <title>Authorize application</title>
     <meta charset="UTF-8">
     <meta http-equiv="X-UA-Compatible" content="IE=edge">
     <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
-    <link rel="stylesheet" type="text/css" href="../static/css/style.css" media="">
-    <script src="../static/js/hash-wasm.js"></script>
-    <link rel="icon" href="../static/svg/favicon.svg">
+    <link rel="stylesheet" type="text/css" href="/static/css/style.css" media="">
+    <script src="/static/js/hash-wasm.js"></script>
+    <link rel="icon" href="/static/svg/favicon.svg">
     <script>
-        var client_id, redirect_uri, response_type, state, code, codemethod, secret_key, expires;
-
-        if (window.location.href.endsWith('/index.html')) {
-            if (window.location.origin !== null) {
-                var currentUrl = window.location.href;
-                var newUrl = currentUrl.replace('/index.html', '');
-                window.location.href = newUrl;
-            }
-        }
+        let client_id, redirect_uri, response_type, state, code, codemethod, secret_key, expires;
 
         if (localStorage.getItem("DONOTSHARE-secretkey") === null) {
             window.location.replace("/login" + window.location.search)
@@ -26,7 +18,7 @@
 
         document.addEventListener("DOMContentLoaded", function() {
             const urlParams = new URLSearchParams(window.location.search);
-            var statusBox = document.getElementById("statusBox");
+            const statusBox = document.getElementById("statusBox");
 
             // Get URL parameters
             if (urlParams.has('client_id')) {
@@ -52,8 +44,8 @@
 
             // Get DONOTSHARE-secretkey from localStorage
             secret_key = localStorage.getItem("DONOTSHARE-secretkey");
-            var now = new Date();
-            var expireTime = now.getTime() + (21 * 1000); // 21 seconds from now
+            const now = new Date();
+            const expireTime = now.getTime() + (21 * 1000); // 21 seconds from now
             expires = new Date(expireTime).toUTCString();
         });
 
@@ -68,14 +60,14 @@
 
 <body>
     <p class="credit">Image by perga (@pergagreen on discord)</p>
-    <img src="/static/img/background.jpg" class="background">
+    <img src="/static/img/background.jpg" class="background" alt="">
     <div class="inoutdiv">
         <h2 class="w300">Authorise Application</h2>
         <p id="statusBox">Loading...</p>
         <br>
         <div style="display: flex;justify-content: center;">
-            <button onclick="oauth();" style="margin: 0;width: 100%;margin-right: 2.5px;">Allow</button>
-            <button onclick="window.location.replace('https://www.hectabit.org');" style="margin: 0;width: 100%;margin-left: 2.5px;">Deny</button>
+            <button onclick="oauth();" style="width: 100%;margin: 0 3px 0 0;">Allow</button>
+            <button onclick="window.location.replace('https://www.hectabit.org');" style="width: 100%;margin: 0 0 0 3px;">Deny</button>
         </div>
     </div>
 </body>
diff --git a/templates/signup.html b/templates/signup.html
index 2149bc7..bbac48d 100644
--- a/templates/signup.html
+++ b/templates/signup.html
@@ -1,28 +1,19 @@
 <!DOCTYPE html>
-<html>
+<html lang="en">
 
 <head>
-    <title>Signup - Hectabit</title>
+    <title>Signup - Burgerauth</title>
     <meta charset="UTF-8" />
     <meta http-equiv="X-UA-Compatible" content="IE=edge" />
     <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
-    <link rel="stylesheet" type="text/css" href="../static/css/style.css" />
-    <script src="../static/js/hash-wasm.js"></script>
-    <link rel="icon" href="../static/svg/favicon.svg">
-    <script>
-    if (window.location.href.endsWith('/index.html')) {
-        if (window.location.origin !== null) {
-            var currentUrl = window.location.href;
-            var newUrl = currentUrl.replace('/index.html', '');
-            window.location.href = newUrl;
-        }
-    }
-    </script>
+    <link rel="stylesheet" type="text/css" href="/static/css/style.css" />
+    <script src="/static/js/hash-wasm.js"></script>
+    <link rel="icon" href="/static/svg/favicon.svg">
 </head>
 
 <body>
     <p class="credit">Image by perga (@pergagreen on discord)</p>
-    <img src="/static/img/background.jpg" class="background">
+    <img src="/static/img/background.jpg" class="background" alt="">
     <div class="inoutdiv">
         <h2 class="w300">Signup</h2>
         <p>Signup for an account</p>
@@ -30,9 +21,9 @@
         <input id="usernameBox" type="text" placeholder="Username">
         <input id="passwordBox" type="password" placeholder="Password"><br>
         <button id="signupButton">Signup</button><br><br>
-        <p>Already have an account? If so, <a href="#" id="loginButton">Login</a> instead!</p>
+        <p>Already have an account? If so, <a href="/login" id="loginButton">Login</a> instead!</p>
         <p>Please note that it's impossible to reset your password, do not forget it!</p>
-        <a href="#" id="privacyButton">Privacy &amp; Terms</a>
+        <a href="/privacy" id="privacyButton">Privacy &amp; Terms</a>
     </div>
     <script type="text/javascript" src="../static/js/signup.js"></script>
 </body>