1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
|
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="render-time" content="{{ .RenderTime }}">
<meta name="csrf-token" content="{{ .CSRFToken }}" />
{{ if .Context.HasKey "title" }}<title>{{ .Context.Get "title" }}</title>{{ else }}<title>SSH Proxy</title>{{ end }}
<script type="text/javascript" src="/js/base64.js"></script>
<script type="text/javascript">
function doRegister(evt) {
evt.preventDefault();
const code = document.getElementById("code").value;
const username = document.getElementById("username").value;
document.cookie = `username=${username}; expires=Fri, 31 Dec 9999 23:59:59 GMT; Secure`;
fetch(`/auth/register/${username}?code=${code}`)
.then((response) => {
if (!response.ok) {
document.body.innerHTML = "<h1>Error Fetching Registration Request</h1>";
throw new Error("Error fetching registration request");
}
return response.json();
})
.then((data) => {
data.publicKey.challenge = base64url.decode(data.publicKey.challenge);
data.publicKey.user.id = base64url.decode(data.publicKey.user.id);
navigator.credentials.create(data)
.then((credential) => {
fetch(`/auth/register/${username}`, {
method: "POST",
mode: "same-origin",
headers: {
"Content-Type": "application/json",
"X-CSRF-Token": document.querySelector("meta[name=csrf-token]").content,
},
body: JSON.stringify({
code: code,
type: credential.type,
id: credential.id,
rawId: base64url.encode(credential.rawId),
response: {
clientDataJSON: base64url.encode(credential.response.clientDataJSON),
attestationObject: base64url.encode(credential.response.attestationObject)
}
})
})
.then((response) => {
if (response.ok) { document.body.innerHTML = "<h1>Success</h1>"; }
else { document.body.innerHTML = "<h1>Failure</h1>"; }
});
});
});
}
window.addEventListener("load", _ => {
const urlParams = new URLSearchParams(window.location.search);
const code = urlParams.get("code");
if (code !== "") {
document.getElementById("code").value = code;
}
const usernameCookie = document.cookie.split("; ")
.find((row) => row.startsWith("username="))
.split("=")[1];
if (usernameCookie != undefined && usernameCookie !== "") {
document.getElementById("username").value = usernameCookie;
}
document.getElementById("login").addEventListener("click", doRegister);
});
</script>
</head>
<body>
<form>
<label for="code">Code: <input type="text" name="code" id="code" /></label><br/>
<label for="username">Username: <input type="text" name="username" id="username" autocorrect="off" autocapitalize="none" autocomplete="username" /></label><br/>
<input type="submit" id="login" value="Login" />
</form>
</body>
</html>
|