diff --git a/internal/features/auth/handler.go b/internal/features/auth/handler.go index 9d20f28..6766f1f 100644 --- a/internal/features/auth/handler.go +++ b/internal/features/auth/handler.go @@ -1,7 +1,6 @@ package auth import ( - "errors" "net/http" "mal/internal/templates" @@ -66,35 +65,3 @@ func (h *Handler) HandleLogout(w http.ResponseWriter, r *http.Request) { func (h *Handler) HandleLoginPage(w http.ResponseWriter, r *http.Request) { templates.Login(rateLimitErrorFromQuery(r), "").Render(r.Context(), w) } - -func (h *Handler) HandleRecoverPage(w http.ResponseWriter, r *http.Request) { - templates.Recover(rateLimitErrorFromQuery(r), "", "").Render(r.Context(), w) -} - -func (h *Handler) HandleRecover(w http.ResponseWriter, r *http.Request) { - if err := r.ParseForm(); err != nil { - templates.Recover("Something went wrong. Please try again.", "", "").Render(r.Context(), w) - return - } - - username := r.FormValue("username") - recoveryKey := r.FormValue("recovery_key") - newPassword := r.FormValue("new_password") - - if username == "" || recoveryKey == "" || newPassword == "" { - templates.Recover("Unable to recover account with those details.", username, recoveryKey).Render(r.Context(), w) - return - } - - newRecoveryKey, err := h.authService.RecoverAccount(r.Context(), username, recoveryKey, newPassword) - if err != nil { - if errors.Is(err, ErrInvalidRecoveryKey) || errors.Is(err, ErrInvalidPassword) { - templates.Recover("Unable to recover account with those details.", username, recoveryKey).Render(r.Context(), w) - return - } - templates.Recover("Something went wrong. Please try again.", username, recoveryKey).Render(r.Context(), w) - return - } - - templates.RecoveryComplete(newRecoveryKey).Render(r.Context(), w) -} diff --git a/internal/server/routes.go b/internal/server/routes.go index 2775750..9fb60d8 100644 --- a/internal/server/routes.go +++ b/internal/server/routes.go @@ -68,13 +68,6 @@ func NewRouter(cfg Config) http.Handler { middleware.RateLimitAuth(middleware.VerifyOrigin(http.HandlerFunc(authHandler.HandleLogin))).ServeHTTP(w, r) } }) - mux.HandleFunc("/recover", func(w http.ResponseWriter, r *http.Request) { - if r.Method == http.MethodGet { - authHandler.HandleRecoverPage(w, r) - } else { - middleware.RateLimitAuth(middleware.VerifyOrigin(http.HandlerFunc(authHandler.HandleRecover))).ServeHTTP(w, r) - } - }) mux.HandleFunc("/logout", func(w http.ResponseWriter, r *http.Request) { middleware.VerifyOrigin(http.HandlerFunc(authHandler.HandleLogout)).ServeHTTP(w, r) }) diff --git a/internal/shared/middleware/auth.go b/internal/shared/middleware/auth.go index 0fc6f6f..056b28d 100644 --- a/internal/shared/middleware/auth.go +++ b/internal/shared/middleware/auth.go @@ -60,7 +60,7 @@ func RequireAuth(next http.Handler) http.Handler { func RequireGlobalAuth(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { // Allow unauthenticated access to auth pages, search, and static files - if r.URL.Path == "/login" || r.URL.Path == "/recover" || + if r.URL.Path == "/login" || strings.HasPrefix(r.URL.Path, "/static/") || strings.HasPrefix(r.URL.Path, "/dist/") || r.URL.Path == "/search" || r.URL.Path == "/api/search" || r.URL.Path == "/api/search-quick" || r.URL.Path == "/" { diff --git a/internal/templates/auth.templ b/internal/templates/auth.templ index 377da15..2344b7b 100644 --- a/internal/templates/auth.templ +++ b/internal/templates/auth.templ @@ -20,62 +20,6 @@ templ Login(formError string, username string) { } -

- Lost access? Recover account -

- - - } -} - - -templ Recover(formError string, username string, recoveryKey string) { - @Layout("Recover account", false) { -
-
-

Recover account

-

Enter your username, recovery key, and a new password.

-
-
- - -
-
- - -
-
- - -
- - if formError != "" { - - } -
-

- Remembered your password? Sign in -

-
-
- } -} - -templ RecoveryComplete(newRecoveryKey string) { - @Layout("Recovery complete", false) { -
-
-

Account recovered

-

Your password was reset and your recovery key was rotated.

-
-

{ newRecoveryKey }

- -
-

-

Replace your old recovery key with this one.

-

- Go to login -

} diff --git a/internal/templates/layout.templ b/internal/templates/layout.templ index 1ac0ea1..af58828 100644 --- a/internal/templates/layout.templ +++ b/internal/templates/layout.templ @@ -15,7 +15,6 @@ templ Layout(title string, showHeader bool) { - diff --git a/static/auth.ts b/static/auth.ts deleted file mode 100644 index e642b71..0000000 --- a/static/auth.ts +++ /dev/null @@ -1,27 +0,0 @@ -export {} - -function copyRecoveryKey(keyElementId: string, feedbackElementId: string): void { - const keyElement = document.getElementById(keyElementId) - const feedbackElement = document.getElementById(feedbackElementId) - - if (!keyElement || !feedbackElement) { - return - } - - const key = keyElement.textContent || '' - navigator.clipboard - .writeText(key) - .then((): void => { - feedbackElement.textContent = 'Recovery key copied.' - }) - .catch((): void => { - feedbackElement.textContent = 'Copy failed. Select and copy manually.' - }) -} - -function confirmDangerAction(message: string): boolean { - return window.confirm(message) -} - -;(window as Window & { copyRecoveryKey?: typeof copyRecoveryKey; confirmDangerAction?: typeof confirmDangerAction }).copyRecoveryKey = copyRecoveryKey -;(window as Window & { copyRecoveryKey?: typeof copyRecoveryKey; confirmDangerAction?: typeof confirmDangerAction }).confirmDangerAction = confirmDangerAction