mirror of
https://git.sr.ht/~tsileo/microblog.pub
synced 2024-12-22 13:14:28 +00:00
HTML error for failed admin login
This commit is contained in:
parent
e047a87620
commit
ce15d2b0c3
4 changed files with 23 additions and 2 deletions
16
app/admin.py
16
app/admin.py
|
@ -1072,9 +1072,21 @@ async def login_validation(
|
||||||
password: str = Form(),
|
password: str = Form(),
|
||||||
redirect: str | None = Form(None),
|
redirect: str | None = Form(None),
|
||||||
csrf_check: None = Depends(verify_csrf_token),
|
csrf_check: None = Depends(verify_csrf_token),
|
||||||
) -> RedirectResponse:
|
db_session: AsyncSession = Depends(get_db_session),
|
||||||
|
) -> RedirectResponse | templates.TemplateResponse:
|
||||||
if not verify_password(password):
|
if not verify_password(password):
|
||||||
raise HTTPException(status_code=401)
|
logger.warning("Invalid password")
|
||||||
|
return await templates.render_template(
|
||||||
|
db_session,
|
||||||
|
request,
|
||||||
|
"login.html",
|
||||||
|
{
|
||||||
|
"error": "Invalid password",
|
||||||
|
"csrf_token": generate_csrf_token(),
|
||||||
|
"redirect": request.query_params.get("redirect", ""),
|
||||||
|
},
|
||||||
|
status_code=403,
|
||||||
|
)
|
||||||
|
|
||||||
resp = RedirectResponse(redirect or "/admin/stream", status_code=302)
|
resp = RedirectResponse(redirect or "/admin/stream", status_code=302)
|
||||||
resp.set_cookie("session", session_serializer.dumps({"is_logged_in": True})) # type: ignore # noqa: E501
|
resp.set_cookie("session", session_serializer.dumps({"is_logged_in": True})) # type: ignore # noqa: E501
|
||||||
|
|
|
@ -13,6 +13,10 @@ $code-highlight-background: #f0f0f0;
|
||||||
// Load custom theme
|
// Load custom theme
|
||||||
@import "theme.scss";
|
@import "theme.scss";
|
||||||
|
|
||||||
|
.primary-color {
|
||||||
|
color: $primary-color;
|
||||||
|
}
|
||||||
|
|
||||||
.show-more-wrapper {
|
.show-more-wrapper {
|
||||||
.p-summary {
|
.p-summary {
|
||||||
display: inline-block;
|
display: inline-block;
|
||||||
|
|
|
@ -90,6 +90,7 @@ async def render_template(
|
||||||
request: Request,
|
request: Request,
|
||||||
template: str,
|
template: str,
|
||||||
template_args: dict[str, Any] | None = None,
|
template_args: dict[str, Any] | None = None,
|
||||||
|
status_code: int = 200,
|
||||||
) -> TemplateResponse:
|
) -> TemplateResponse:
|
||||||
if template_args is None:
|
if template_args is None:
|
||||||
template_args = {}
|
template_args = {}
|
||||||
|
@ -133,6 +134,7 @@ async def render_template(
|
||||||
"actor_types": ap.ACTOR_TYPES,
|
"actor_types": ap.ACTOR_TYPES,
|
||||||
**template_args,
|
**template_args,
|
||||||
},
|
},
|
||||||
|
status_code=status_code,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -3,6 +3,9 @@
|
||||||
{% block content %}
|
{% block content %}
|
||||||
<div style="display:grid;height:80%;">
|
<div style="display:grid;height:80%;">
|
||||||
<div style="margin:auto;">
|
<div style="margin:auto;">
|
||||||
|
{% if error %}
|
||||||
|
<p class="primary-color">Invalid password.</p>
|
||||||
|
{% endif %}
|
||||||
<form class="form" action="/admin/login" method="POST">
|
<form class="form" action="/admin/login" method="POST">
|
||||||
<input type="hidden" name="csrf_token" value="{{ csrf_token }}">
|
<input type="hidden" name="csrf_token" value="{{ csrf_token }}">
|
||||||
<input type="hidden" name="redirect" value="{{ redirect }}">
|
<input type="hidden" name="redirect" value="{{ redirect }}">
|
||||||
|
|
Loading…
Reference in a new issue