summaryrefslogtreecommitdiff
path: root/templates/login.tpl
blob: 03234091958475382124e91d32645a80631874ee (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
<!doctype html>
<html lang="en">
    <head>
        <meta charset="utf-8" />
        <meta name="viewport" content="width=device-width, initial-scale=1">
        <meta name="render-time" content="{{ .RenderTime }}">
        {{ if .Context.HasKey "title" }}<title>{{ .Context.Get "title" }}</title>{{ else }}<title>SSH Proxy</title>{{ end }}

        <script type="text/javascript">
            /*
             * Base64URL-ArrayBuffer
             * https://github.com/herrjemand/Base64URL-ArrayBuffer
             *
             * Copyright (c) 2017 Yuriy Ackermann <ackermann.yuriy@gmail.com>
             * Copyright (c) 2012 Niklas von Hertzen
             * Licensed under the MIT license.
             * 
             */
            (function(){
                'use strict';

                let chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_';

                // Use a lookup table to find the index.
                let lookup = new Uint8Array(256);
                for (let i = 0; i < chars.length; i++) {
                    lookup[chars.charCodeAt(i)] = i;
                }

                let encode = function(arraybuffer) {
                    let bytes = new Uint8Array(arraybuffer),
                    i, len = bytes.length, base64url = '';

                    for (i = 0; i < len; i+=3) {
                        base64url += chars[bytes[i] >> 2];
                        base64url += chars[((bytes[i] & 3) << 4) | (bytes[i + 1] >> 4)];
                        base64url += chars[((bytes[i + 1] & 15) << 2) | (bytes[i + 2] >> 6)];
                        base64url += chars[bytes[i + 2] & 63];
                    }

                    if ((len % 3) === 2) {
                        base64url = base64url.substring(0, base64url.length - 1);
                    } else if (len % 3 === 1) {
                        base64url = base64url.substring(0, base64url.length - 2);
                    }

                    return base64url;
                };

                let decode = function(base64string) {
                    let bufferLength = base64string.length * 0.75,
                    len = base64string.length, i, p = 0,
                    encoded1, encoded2, encoded3, encoded4;

                    let bytes = new Uint8Array(bufferLength);

                    for (i = 0; i < len; i+=4) {
                        encoded1 = lookup[base64string.charCodeAt(i)];
                        encoded2 = lookup[base64string.charCodeAt(i+1)];
                        encoded3 = lookup[base64string.charCodeAt(i+2)];
                        encoded4 = lookup[base64string.charCodeAt(i+3)];

                        bytes[p++] = (encoded1 << 2) | (encoded2 >> 4);
                        bytes[p++] = ((encoded2 & 15) << 4) | (encoded3 >> 2);
                        bytes[p++] = ((encoded3 & 3) << 6) | (encoded4 & 63);
                    }

                    return bytes.buffer
                };

                window.base64url = {
                    'decode': decode,
                    'encode': encode
                };
            })();
        </script>

        <script type="text/javascript">
            window.addEventListener("load", _ => {
                const urlParams = new URLSearchParams(window.location.search);
                const code = urlParams.get("code");
                if (code !== "") {
                    document.getElementById("code").value = code;
                }

                document.getElementById("login").addEventListener("click", evt => {
                    evt.preventDefault();

                    var username = document.getElementById("username");
                    fetch("/auth/login/" + username.value)
                        .then((result) => result.json())
                        .then((data) => {
                            data.publicKey.challenge = base64url.decode(data.publicKey.challenge);
                            data.publicKey.allowCredentials.forEach(e => e.id = base64url.decode(e.id));

                            navigator.credentials.get(data)
                                .then((credential) => {
                                    fetch("/auth/login/" + username.value, {
                                        method: "POST",
                                        mode: "same-origin",
                                        headers: {
                                            "Content-Type": "application/json",
                                            "X-CSRF-Token": "{{ .CSRFToken }}"
                                        },
                                        body: JSON.stringify({
                                            code: document.getElementById("code").value,
                                            type: credential.type,
                                            id: credential.id,
                                            rawId: base64url.encode(credential.rawId),
                                            response: {
                                                authenticatorData: base64url.encode(credential.response.authenticatorData),
                                                clientDataJSON: base64url.encode(credential.response.clientDataJSON),
                                                signature: base64url.encode(credential.response.signature),
                                                userHandle: base64url.encode(credential.response.userHandle)
                                            }
                                        })
                                    })
                                    .then((response) => {
                                        if (response.ok) { document.body.innerHTML = "<h1>Success</h1>"; }
                                        else {  document.body.innerHTML = "<h1>Failure</h1>"; }
                                    });
                                });
                        });
                });
            });
        </script>
    </head>

    <body>
        <form>
            <label for="code">Code: <input type="text" name="code" id="code" /></label><br/>
            <label for="username">Username: <input type="text" name="username" id="username" autocorrect="off" autocapitalize="none" autocomplete="username" /></label><br/>
            <input type="hidden" value="{{ .CSRFToken }}" name="csrf-token" />
            <input type="submit" id="login" value="Login" />
        </form>
    </body>
</html>