fix login on open store

2024-02-26 11:21:29 +01:00 · 2024-02-26 11:21:29 +01:00 · e08bf0e99d
commit e08bf0e99d
parent 1e904b7361
2 changed files with 7 additions and 8 deletions
--- a/cmd/dkl-local-server/auth.go
+++ b/cmd/dkl-local-server/auth.go
@ -13,8 +13,7 @@ func authorizeAdmin(r *http.Request) bool {

 func authorizeToken(r *http.Request, token string) bool {
 	if token == "" {
-		// access is open
-		return true
+		return false
 	}

 	reqToken := r.Header.Get("Authorization")
@ -30,9 +29,9 @@ func forbidden(w http.ResponseWriter, r *http.Request) {
 	http.Error(w, "Forbidden", http.StatusForbidden)
 }

-func requireToken(token string, handler http.Handler) http.Handler {
+func requireToken(token *string, handler http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
-		if !authorizeToken(req, token) {
+		if !authorizeToken(req, *token) {
 			forbidden(w, req)
 			return
 		}
@ -41,5 +40,5 @@ func requireToken(token string, handler http.Handler) http.Handler {
 }

 func requireAdmin(handler http.Handler) http.Handler {
-	return requireToken(adminToken, handler)
+	return requireToken(&adminToken, handler)
 }
--- a/html/ui/index.html
+++ b/html/ui/index.html
@ -64,9 +64,9 @@
    <p v-if="!session.token">Not logged in.</p>
    <p v-else>Invalid token</p>

-    <form @submit="setToken">
-        <input type="password" v-model="forms.setToken" required placeholder="Token" />
-        <input type="submit" value="set token"/>
+    <form @submit="unlockStore">
+        <input type="password" v-model="forms.store.pass1" required placeholder="Passphrase" />
+        <input type="submit" value="log in"/>
    </form>
 </template>
 <template v-else>