From 85b2af82259011e526fb6ea7b76b2c5c98700bdd Mon Sep 17 00:00:00 2001 From: Arzumify Date: Mon, 6 May 2024 12:53:04 +0100 Subject: [PATCH] BETA: Add name support instead of relying on the appId --- main.go | 61 ++++++++++++++++++++++--------- schema.sql | 3 +- static/css/dashboard.css | 79 +++++++++++++++++++++++++++++++++------- static/js/dashboard.js | 18 +++++---- templates/dashboard.html | 6 ++- templates/main.html | 5 ++- 6 files changed, 128 insertions(+), 44 deletions(-) diff --git a/main.go b/main.go index 71f8c4c..ab05fec 100644 --- a/main.go +++ b/main.go @@ -355,7 +355,28 @@ func main() { }) router.GET("/app", func(c *gin.Context) { - c.HTML(200, "main.html", gin.H{}) + conn := get_db_connection() + defer func(conn *sql.DB) { + err := conn.Close() + if err != nil { + log.Println("[ERROR] Unknown in /app defer at", strconv.FormatInt(time.Now().Unix(), 10)+":", err) + c.String(500, "Something went wrong on our end. Please report this bug at https://centrifuge.hectabit.org/hectabit/burgerauth and refer to the docs for more detail. Include this error code: cannot_close_db.") + return + } + }(conn) + + appId := c.Request.URL.Query().Get("client_id") + var name string + err := conn.QueryRow("SELECT name FROM oauth WHERE appId = ? LIMIT 1", appId).Scan(&name) + if err != nil { + if errors.Is(err, sql.ErrNoRows) { + c.String(404, "App not found") + } else { + log.Println("[ERROR] Unknown in /app at", strconv.FormatInt(time.Now().Unix(), 10)+":", err) + } + return + } + c.HTML(200, "main.html", gin.H{"name": name}) }) router.GET("/dashboard", func(c *gin.Context) { @@ -954,7 +975,7 @@ func main() { } secretKey := data["secretKey"].(string) - appId := data["appId"].(string) + name := data["name"].(string) rdiruri := data["rdiruri"].(string) id, norows := get_user_from_session(secretKey) @@ -963,7 +984,7 @@ func main() { return } - var testsecret string + var testsecret, testappid string secret := genSalt(512) conn := get_db_connection() defer func(conn *sql.DB) { @@ -990,26 +1011,30 @@ func main() { } } - _, err = conn.Exec("SELECT secret FROM oauth WHERE appId = ?", appId) - if err != nil { - if errors.Is(err, sql.ErrNoRows) { - log.Println("[Info] New Oauth source added with ID:", appId) + appId := genSalt(32) + for { + err = conn.QueryRow("SELECT appId FROM oauth WHERE appId = ?", appId).Scan(&testappid) + if err != nil { + if errors.Is(err, sql.ErrNoRows) { + log.Println("[Info] New Oauth source added with ID:", appId) + break + } else { + log.Println("[ERROR] Unknown in /api/newauth appidcheck at", strconv.FormatInt(time.Now().Unix(), 10)+":", err) + c.JSON(500, gin.H{"error": "Unknown error occured"}) + return + } } else { - log.Println("[ERROR] Unknown in /api/newauth at", strconv.FormatInt(time.Now().Unix(), 10)+":", err) - c.JSON(500, gin.H{"error": "Unknown error occured"}) - return + appId = genSalt(32) } - } else { - secret = genSalt(512) } - _, err = conn.Exec("INSERT INTO oauth (appId, creator, secret, rdiruri) VALUES (?, ?, ?, ?)", appId, id, secret, rdiruri) + _, err = conn.Exec("INSERT INTO oauth (name, appId, creator, secret, rdiruri) VALUES (?, ?, ?, ?, ?)", name, appId, id, secret, rdiruri) if err != nil { log.Println("[ERROR] Unknown in /api/newauth insert at", strconv.FormatInt(time.Now().Unix(), 10)+":", err) return } - c.JSON(200, gin.H{"key": secret}) + c.JSON(200, gin.H{"key": secret, "appId": appId}) }) router.POST("/api/listauth", func(c *gin.Context) { @@ -1038,7 +1063,7 @@ func main() { } }(conn) - rows, err := conn.Query("SELECT appId FROM oauth WHERE creator = ? ORDER BY creator DESC", id) + rows, err := conn.Query("SELECT appId, name, rdiruri FROM oauth WHERE creator = ? ORDER BY creator DESC", id) if err != nil { c.JSON(500, gin.H{"error": "Failed to query database"}) return @@ -1052,12 +1077,12 @@ func main() { var datatemplate []map[string]interface{} for rows.Next() { - var appId string - if err := rows.Scan(&appId); err != nil { + var appId, name, rdiruri string + if err := rows.Scan(&appId, &name, &rdiruri); err != nil { c.JSON(500, gin.H{"error": "Failed to scan row"}) return } - template := map[string]interface{}{"appId": appId} + template := map[string]interface{}{"appId": appId, "name": name, "rdiruri": rdiruri} datatemplate = append(datatemplate, template) } if err := rows.Err(); err != nil { diff --git a/schema.sql b/schema.sql index 34a606c..742f7e1 100644 --- a/schema.sql +++ b/schema.sql @@ -49,5 +49,6 @@ CREATE TABLE oauth ( appId TEXT NOT NULL, secret TEXT NOT NULL, creator INTEGER NOT NULL, - rdiruri TEXT NOT NULL + rdiruri TEXT NOT NULL, + name TEXT NOT NULL ) diff --git a/static/css/dashboard.css b/static/css/dashboard.css index d4507d7..7f0184d 100644 --- a/static/css/dashboard.css +++ b/static/css/dashboard.css @@ -1,7 +1,47 @@ +@import url("/static/fonts/inter.css"); + body { - font-family: Arial, sans-serif; + margin: 0; + font-family: "Inter", sans-serif; text-align: center; overflow-wrap: anywhere; + --theme-color: #157efb; + --border-color: #dadada; + --editor: #ffffff; + --bar: #f4f4f4; + color: #000000; +} + +@media (prefers-color-scheme: dark) { + body { + --border-color: #393b3d; + --bar: #2d2f31; + --editor: #202124; + color: #ffffff; + } +} + +.spacer { + margin-top: 30px; +} + +.credit { + position: fixed; + left: 5px; + color: white; + z-index: -1; + margin: 0; + bottom: 5px; + text-shadow: black 1px 1px 5px; +} + +.background { + position: fixed; + z-index: -2; + top: 0; + left: 0; + width: 100%; + min-height: 100%; } .newoauth, .oauthlist, .oauthentry { @@ -15,7 +55,8 @@ body { border-radius: 8px; border-width: 1px; font-size: 17px; - background-color: rgb(235, 255, 235); + background-color: var(--bar); + border-color: var(--border-color); } .oauthentry { @@ -23,7 +64,6 @@ body { flex-direction: column; justify-content: center; padding: 5px; - background-color: lightcyan; } .oauthentry button { @@ -37,25 +77,36 @@ body { } button { - border: 1px solid black; - padding: 3px; - border-radius: 5px; - background-color: lightcyan; - transition: all 0.3s ease 0s; + background-color: var(--theme-color); + color: white; + padding: 10px; + margin-right: 5px; + border: none; + border-radius: 8px; + font-size: 14px; } button:hover { - background-color: white; + background-color: #152efb; + transition: all 0.3s ease 0s; } -h { +h2 { display: block; margin-top: 20px; - font-size: 20px; + font-weight: 300; } input { - padding: 3px; - border-radius: 5px; - border: black solid 1px; + width: calc(100% - 120px); + height: 30px; + margin-bottom: 10px; + padding-left: 10px; + padding-right: 10px; + + border: solid; + border-color: var(--border-color); + border-width: 1px; + border-radius: 8px; + background-color: var(--editor); } diff --git a/static/js/dashboard.js b/static/js/dashboard.js index ac9013c..8e82609 100644 --- a/static/js/dashboard.js +++ b/static/js/dashboard.js @@ -18,7 +18,7 @@ function attempt() { "Content-Type": "application/json" }, body: JSON.stringify({ - appId: document.getElementById("appidbox").value, + name: document.getElementById("appidbox").value, rdiruri: document.getElementById("rdiruribox").value, secretKey: localStorage.getItem("DONOTSHARE-secretkey") }) @@ -26,12 +26,12 @@ function attempt() { .then(response => { async function doStuff() { let code = await response.json() - if (response.status == 200) { - document.getElementById("status").innerText = "Your key is: " + code["key"] + ". This will only be shown once!" + if (response.status === 200) { + document.getElementById("status").innerText = "Your secret key is: " + code["key"] + " and your client id is: " + code["appId"] + ". This will only be shown once!" getauths(); - } else if (response.status == 500) { + } else if (response.status === 500) { document.getElementById("status").innerText = "Whoops... Something went wrong. Please try again later. (Error Code 500)" - } else if (response.status == 401) { + } else if (response.status === 401) { document.getElementById("status").innerText = "AppID already taken. (Error Code 401)" } else { document.getElementById("status").innerText = "Unkown error encountered. (Error Code " + response.status + ")" @@ -59,11 +59,15 @@ function getauths() { for (let i in responseData) { let oauthElement = document.createElement("div") let oauthText = document.createElement("p") + let oauthName = document.createElement("p") + let oauthUrl = document.createElement("p") let oauthRemoveButton = document.createElement("button") oauthText.innerText = "Client ID: " + responseData[i]["appId"] + oauthName.innerText = "App name: " + responseData[i]["name"] + oauthUrl.innerText = "Redirect Url: " + responseData[i]["rdiruri"] oauthRemoveButton.innerText = "Delete Permanently" - oauthRemoveButton.addEventListener("click", (event) => { - if (window.confirm("Are you SURE you would like to delete this FOREVER?") == true) { + oauthRemoveButton.addEventListener("click", () => { + if (window.confirm("Are you SURE you would like to delete this FOREVER?") === true) { fetch(origin + "/api/deleteauth", { method: "POST", body: JSON.stringify({ diff --git a/templates/dashboard.html b/templates/dashboard.html index 0963d5c..ab32fc0 100644 --- a/templates/dashboard.html +++ b/templates/dashboard.html @@ -6,8 +6,10 @@ Dashboard +

Image by perga (@pergagreen on discord)

+
- Submit a new OAuth2 App +

Submit a new OAuth2 App

AppID:

@@ -17,7 +19,7 @@
- Your existing apps +

Your existing apps

diff --git a/templates/main.html b/templates/main.html index a0003a5..a753a23 100644 --- a/templates/main.html +++ b/templates/main.html @@ -22,8 +22,8 @@ // Get URL parameters if (urlParams.has('client_id')) { - client_id = urlParams.get('client_id'); - statusBox.textContent = "Would you like to allow " + client_id + " to access your user information?"; + let name = document.getElementById("passthrough").innerText; + statusBox.textContent = "Would you like to allow " + name + " to access your user information?"; redirect_uri = urlParams.get('redirect_uri'); response_type = urlParams.get('response_type'); } else { @@ -65,6 +65,7 @@ +

Image by perga (@pergagreen on discord)