Remove special casing for /a/authenticate page (#1619)

2024-10-11 15:16:11 -07:00 · 2024-10-11 15:16:11 -07:00 · 787ad11421
parent bdb3862dbb
commit 787ad11421
3 changed files with 14 additions and 30 deletions
--- a/files/app/main/authenticate.ut
+++ b/files/app/main/authenticate.ut
@ -34,23 +34,19 @@
 %}
 {%
 response.headers["Content-Type"] = "application/json";
-if (request.env.REQUEST_METHOD === "POST") {
-    try {
-        const j = json(uhttpd.recv(1024));
-        if (j.version === 1) {
-            if (j.logout) {
-                auth.deauthenticate();
-                print('{"authenticated":false}\n');
-                return;
-            }
-            if (auth.authenticate(j.password)) {
-                print('{"authenticated":true}\n');
-                return;
-            }
-        }
+try {
+    if (match(request.env.QUERY_STRING, /^version=1&logout=1$/)) {
+        auth.deauthenticate();
+        print('{"authenticated":false}\n');
+        return;
    }
-    catch (_) {
+    const m = match(request.env.QUERY_STRING, /^version=1&password=(.+)$/);
+    if (m && auth.authenticate(uhttpd.urldecode(m[1]))) {
+        print('{"authenticated":true}\n');
+        return;
    }
 }
+catch (_) {
+}
 print('{"authenticated":false}\n');
 %}
--- a/files/app/partial/login.ut
+++ b/files/app/partial/login.ut
@ -63,13 +63,7 @@
            loginDialog.close();
        }
        else {
-            fetch(`${location.origin}/a/authenticate`, {
-                method: "POST",
-                headers: {
-                    "Content-Type": "application/json"
-                },
-                body: JSON.stringify({ version: 1, password: document.querySelector("#login input").value })
-            }).then(function(response) {
+            fetch(`${location.origin}/a/authenticate?version=1&password=${encodeURIComponent(document.querySelector("#login input").value)}`).then(function(response) {
                if (response.status === 200) {
                    response.json().then(function(json) {
                        loginInput.value = "";
@ -115,13 +109,7 @@
 <script>
    document.querySelector("#logout-icon .menu > div:first-child").addEventListener("click", function()
    {
-        fetch(`${location.origin}/a/authenticate`, {
-            method: "POST",
-            headers: {
-                "Content-Type": "application/json"
-            },
-            body: JSON.stringify({ version: 1, logout: true })
-        }).then(function(response) {
+        fetch(`${location.origin}/a/authenticate?version=1&logout=1`).then(function(response) {
            location.reload();
        });
    });
--- a/files/app/root.ut
+++ b/files/app/root.ut
@ -446,7 +446,7 @@ global.handle_request = function(env)
                    uhttpd.send("Status: 401 Unauthorized\r\n\r\n");
                    return;
                }
-                if (env.REQUEST_METHOD !== "GET" && configuration.isConfigured() && page !== "authenticate") {
+                if (env.REQUEST_METHOD !== "GET" && configuration.isConfigured()) {
                    uhttpd.send("Status: 401 Unauthorized\r\n\r\n");
                    return;
                }