versia-pub/frontend
2
0
Fork 0
mirror of https://github.com/versia-pub/frontend.git synced 2025-12-06 08:28:20 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix: 🐛 Make authorize flow client-only to prevent weird HTML output

Browse source
This commit is contained in:
Jesse Wierzbinski 2024-05-12 12:30:34 -10:00
parent d551d7ac65
commit c0ced8b4cb
No known key found for this signature in database
1 changed files with 77 additions and 74 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

151
pages/oauth/authorize.vue
View file

@ -2,84 +2,87 @@
<div class="flex min-h-screen relative flex-col justify-center py-12 px-8"> <div class="flex min-h-screen relative flex-col justify-center py-12 px-8">
<img crossorigin="anonymous" src="https://cdn.lysand.org/logo-long-dark.webp" alt="Lysand logo" <img crossorigin="anonymous" src="https://cdn.lysand.org/logo-long-dark.webp" alt="Lysand logo"
class="mx-auto h-24 hidden md:block mb-10" /> class="mx-auto h-24 hidden md:block mb-10" />
<div v-if="validUrlParameters" <ClientOnly>
class="sm:mx-auto w-full sm:max-w-md px-10 py-10 rounded md:ring-1 md:ring-white/10"> <div v-if="validUrlParameters"
<div v-if="error" class="ring-1 ring-white/10 rounded p-4 bg-red-500 text-white mb-10"> class="sm:mx-auto w-full sm:max-w-md px-10 py-10 rounded md:ring-1 md:ring-white/10">
<h2 class="font-bold text-lg">An error occured</h2> <div v-if="error" class="ring-1 ring-white/10 rounded p-4 bg-red-500 text-white mb-10">
<span class="text-sm">{{ error_description }}</span> <h2 class="font-bold text-lg">An error occured</h2>
</div> <span class="text-sm">{{ error_description }}</span>
<VeeForm class="space-y-6" method="POST" :validation-schema="schema"
:action="`/api/auth/login?redirect_uri=${redirect_uri}&response_type=${response_type}&client_id=${client_id}&scope=${scope}`">
<h1 class="font-bold text-2xl text-gray-50 text-center tracking-tight">Login to your account</h1>
<VeeField name="identifier" as="div" v-slot="{ errors, field }" validate-on-change>
<LoginInput label="Username or Email" placeholder="joemama" autocomplete="email" required
:is-invalid="errors.length > 0" v-bind="field" />
<VeeErrorMessage name="identifier" as="p" class="mt-2 text-sm text-red-600" v-slot="{ message }">
{{ message }}
</VeeErrorMessage>
</VeeField>
<VeeField name="password" as="div" v-slot="{ errors, field }" validate-on-change>
<LoginInput label="Password" placeholder="Password here" type="password"
autocomplete="current-password" required :is-invalid="errors.length > 0" v-bind="field" />
<VeeErrorMessage name="password" as="p" class="mt-2 text-sm text-red-600" v-slot="{ message }">
{{ message }}
</VeeErrorMessage>
</VeeField>
<div v-if="oauthProviders && oauthProviders.length > 0" class="w-full flex flex-col gap-3">
<h2 class="text-sm text-gray-200">Or sign in with</h2>
<div class="grid grid-cols-1 gap-4 w-full">
<a v-for="provider of oauthProviders" :key="provider.id"
:href="`/oauth/authorize-external?issuer=${provider.id}&redirect_uri=${redirect_uri}&response_type=${response_type}&clientId=${client_id}&scope=${scope}`">
<ButtonsSecondary class="flex flex-row w-full items-center justify-center gap-3">
<img crossorigin="anonymous" :src="provider.icon" :alt="`${provider.name}'s logo'`"
class="w-6 h-6" />
<div class="flex flex-col gap-0 justify-center">
<h3 class="font-bold">{{ provider.name }}</h3>
</div>
</ButtonsSecondary>
</a>
</div>
</div> </div>
<VeeForm class="space-y-6" method="POST" :validation-schema="schema"
:action="`/api/auth/login?redirect_uri=${redirect_uri}&response_type=${response_type}&client_id=${client_id}&scope=${scope}`">
<ButtonsPrimary type="submit" class="w-full">Sign in</ButtonsPrimary> <h1 class="font-bold text-2xl text-gray-50 text-center tracking-tight">Login to your account</h1>
</VeeForm>
</div> <VeeField name="identifier" as="div" v-slot="{ errors, field }" validate-on-change>
<div v-else class="mx-auto max-w-md"> <LoginInput label="Username or Email" placeholder="joemama" autocomplete="email" required
<h1 class="text-2xl font-bold tracking-tight text-gray-50 sm:text-4xl">Invalid access :is-invalid="errors.length > 0" v-bind="field" />
parameters <VeeErrorMessage name="identifier" as="p" class="mt-2 text-sm text-red-600"
</h1> v-slot="{ message }">
<p class="mt-6 text-lg leading-8 text-gray-300">This page should be accessed {{ message }}
through a valid OAuth2 authorization request. Please use a <strong class="font-bold">Mastodon </VeeErrorMessage>
API</strong> client to access this page. </VeeField>
</p>
<p class="mt-6 text-lg leading-8 text-gray-300">Here are some recommended clients:</p> <VeeField name="password" as="div" v-slot="{ errors, field }" validate-on-change>
<ul class="w-full flex flex-col gap-3 mt-4"> <LoginInput label="Password" placeholder="Password here" type="password"
<li v-for="client of useConfig().RECOMMENDED_CLIENTS" :key="client.name" class="w-full"> autocomplete="current-password" required :is-invalid="errors.length > 0" v-bind="field" />
<a :href="client.link" target="_blank" <VeeErrorMessage name="password" as="p" class="mt-2 text-sm text-red-600" v-slot="{ message }">
class="rounded-sm ring-2 ring-white/10 px-4 py-2 w-full flex flex-row gap-3 items-center"> {{ message }}
<img crossorigin="anonymous" :src="client.icon" :alt="`${client.name}'s logo'`" </VeeErrorMessage>
class="h-10 w-10" /> </VeeField>
<div class="flex flex-col justify-between items-start">
<h2 class="font-bold text-gray-100">{{ client.name }}</h2> <div v-if="oauthProviders && oauthProviders.length > 0" class="w-full flex flex-col gap-3">
<span class="underline text-pink-700">{{ client.link }}</span> <h2 class="text-sm text-gray-200">Or sign in with</h2>
<div class="grid grid-cols-1 gap-4 w-full">
<a v-for="provider of oauthProviders" :key="provider.id"
:href="`/oauth/authorize-external?issuer=${provider.id}&redirect_uri=${redirect_uri}&response_type=${response_type}&clientId=${client_id}&scope=${scope}`">
<ButtonsSecondary class="flex flex-row w-full items-center justify-center gap-3">
<img crossorigin="anonymous" :src="provider.icon" :alt="`${provider.name}'s logo'`"
class="w-6 h-6" />
<div class="flex flex-col gap-0 justify-center">
<h3 class="font-bold">{{ provider.name }}</h3>
</div>
</ButtonsSecondary>
</a>
</div> </div>
</a> </div>
</li>
</ul>
<p class="mt-6 text-lg leading-8 text-gray-300">
Many other clients exist, but <strong class="font-bold">they have not been tested for
compatibility</strong>. Bug reports are nevertheless welcome.
</p>
<p class="mt-6 text-lg leading-8 text-gray-300"> <ButtonsPrimary type="submit" class="w-full">Sign in</ButtonsPrimary>
Found a problem? Report it on <a href="https://github.com/lysand-org/lysand/issues/new/choose" </VeeForm>
target="_blank" class="underline text-pink-700">the issue tracker</a>. </div>
</p> <div v-else class="mx-auto max-w-md">
</div> <h1 class="text-2xl font-bold tracking-tight text-gray-50 sm:text-4xl">Invalid access
parameters
</h1>
<p class="mt-6 text-lg leading-8 text-gray-300">This page should be accessed
through a valid OAuth2 authorization request. Please use a <strong class="font-bold">Mastodon
API</strong> client to access this page.
</p>
<p class="mt-6 text-lg leading-8 text-gray-300">Here are some recommended clients:</p>
<ul class="w-full flex flex-col gap-3 mt-4">
<li v-for="client of useConfig().RECOMMENDED_CLIENTS" :key="client.name" class="w-full">
<a :href="client.link" target="_blank"
class="rounded-sm ring-2 ring-white/10 px-4 py-2 w-full flex flex-row gap-3 items-center">
<img crossorigin="anonymous" :src="client.icon" :alt="`${client.name}'s logo'`"
class="h-10 w-10" />
<div class="flex flex-col justify-between items-start">
<h2 class="font-bold text-gray-100">{{ client.name }}</h2>
<span class="underline text-pink-700">{{ client.link }}</span>
</div>
</a>
</li>
</ul>
<p class="mt-6 text-lg leading-8 text-gray-300">
Many other clients exist, but <strong class="font-bold">they have not been tested for
compatibility</strong>. Bug reports are nevertheless welcome.
</p>
<p class="mt-6 text-lg leading-8 text-gray-300">
Found a problem? Report it on <a href="https://github.com/lysand-org/lysand/issues/new/choose"
target="_blank" class="underline text-pink-700">the issue tracker</a>.
</p>
</div>
</ClientOnly>
</div> </div>
</template> </template>