Twig, Tests, AES,

2021-12-08 16:53:43 +01:00
parent 25d47f7528
commit 918244125c
74 changed files with 5350 additions and 1515 deletions
--- a/core/Templates/404.twig
+++ b/core/Templates/404.twig
@@ -0,0 +1,4 @@
+{% extends "base.twig" %}
+{% block body %}
+    <b>Not found</b>
+{% endblock %}
--- a/core/Templates/account.twig
+++ b/core/Templates/account.twig
@@ -0,0 +1,36 @@
+{% extends "base.twig" %}
+
+{% block head %}
+    <script src="/js/jquery.min.js" nonce="{{ site.csp.nonce }}"></script>
+    <script src="/js/script.js" nonce="{{ site.csp.nonce }}"></script>
+    <script src="/js/account.js" nonce="{{ site.csp.nonce }}"></script>
+    <link rel="stylesheet" href="/css/bootstrap.min.css" nonce="{{ site.csp.nonce }}">
+    <script src="/js/bootstrap.bundle.min.js" nonce="{{ site.csp.nonce }}"></script>
+    <link rel="stylesheet" href="/css/fontawesome.min.css" nonce="{{ site.csp.nonce }}">
+    <link rel="stylesheet" href="/css/account.css" nonce="{{ site.csp.nonce }}">
+    <title>Account - {{ view_title }}</title>
+    {% if site.recaptcha.enabled %}
+        <script src="https://www.google.com/recaptcha/api.js?render={{ site.recaptcha.key }}" nonce="{{ site.csp.nonce }}"></script>
+    {% endif %}
+{% endblock %}
+
+{% block body %}
+    <div class="container mt-5">
+        <div class="row">
+            <div class="col-md-3 py-5 bg-primary text-white text-center" style='border-top-left-radius:.4em;border-bottom-left-radius:.4em;margin-left: auto'>
+                <div class="card-body">
+                    <i class="fas fa-{{ view_icon }} fa-3x"></i>
+                    <h2 class="py-3">{{ view_title }}</h2>
+                    <p>{{ view_description }}</p>
+                </div>
+            </div>
+            <div class="col-md-5 pt-5 pb-2 border border-info" style='border-top-right-radius:.4em;border-bottom-right-radius:.4em;margin-right:auto'>
+                {% block view_content %}{% endblock %}
+                <div class='alert mt-2' style='display:none' id='alertMessage'></div>
+            </div>
+        </div>
+    </div>
+    {% if site.recaptcha.enabled %}
+        <input type='hidden' value='{{ site.recaptcha.key }}' id='siteKey' />
+    {% endif %}
+{% endblock %}
--- a/core/Templates/account/accept_invite.twig
+++ b/core/Templates/account/accept_invite.twig
@@ -0,0 +1,46 @@
+{% extends "account.twig" %}
+
+{% set view_title = 'Invitation' %}
+{% set view_icon = 'user-check' %}
+{% set view_description = 'Finnish your account registration by choosing a password.' %}
+
+{% block view_content %}
+
+    {% if not view.success %}
+        <div class="alert alert-danger" role="alert">{{ view.message }}</div>
+        <a href='/login' class='btn btn-primary'>Back to login</a>
+    {% else %}
+        <h4 class="pb-4">Please fill with your details</h4>
+        <form>
+            <input name='token' id='token' type='hidden' value='{{ view.token }}'/>
+            <div class="input-group">
+                <div class="input-group-append">
+                    <span class="input-group-text"><i class="fas fa-hashtag"></i></span>
+                </div>
+                <input id="username" name="username" placeholder="Username" class="form-control" type="text" maxlength="32" value='{{ view.invited_user.name }}' disabled>
+            </div>
+            <div class="input-group mt-3">
+            <div class="input-group-append">
+                <span class="input-group-text"><i class="fas fa-at"></i></span>
+            </div>
+                <input type="email" name='email' id='email' class="form-control" placeholder="Email" maxlength="64" value='{{ view.invited_user.email }}' disabled>
+            </div>
+            <div class="input-group mt-3">
+            <div class="input-group-append">
+                <span class="input-group-text"><i class="fas fa-key"></i></span>
+            </div>
+                <input type="password" autocomplete='new-password' name='password' id='password' class="form-control" placeholder="Password">
+            </div>
+            <div class="input-group mt-3">
+            <div class="input-group-append">
+                <span class="input-group-text"><i class="fas fa-key"></i></span>
+            </div>
+                <input type="password" autocomplete='new-password' name='confirmPassword' id='confirmPassword' class="form-control" placeholder="Confirm Password">
+            </div>
+            <div class="input-group mt-3">
+            <button type="button" class="btn btn-success" id='btnAcceptInvite'>Submit</button>
+            </div>
+        </form>
+    {% endif %}
+
+{% endblock %}
--- a/core/Templates/account/confirm_email.twig
+++ b/core/Templates/account/confirm_email.twig
@@ -0,0 +1,37 @@
+{% extends "account.twig" %}
+
+{% set view_title = 'Confirm Email' %}
+{% set view_icon = 'user-check' %}
+{% set view_description = 'Request a password reset, once you got the e-mail address, you can choose a new password' %}
+
+{% block view_content %}
+    <noscript>
+        <div class="alert alert-danger">Javascript is required</div>
+    </noscript>
+    <div class="alert alert-info" id="confirm-status">
+        Confirming email… <i class="fas fa-spinner fa-spin"></i>
+    </div>
+    <a href='/login'><button class='btn btn-primary' style='position: absolute; bottom: 10px' type='button'>Proceed to Login</button></a>
+    <script nonce="{{ site.csp.nonce }}">
+        $(document).ready(function() {
+            let token = jsCore.getParameter("token");
+            let confirmStatus = $("#confirm-status");
+            if (token) {
+                jsCore.apiCall("/user/confirmEmail", { token: token }, (res) => {
+                    confirmStatus.removeClass("alert-info");
+                    if (!res.success) {
+                        confirmStatus.addClass("alert-danger");
+                        confirmStatus.text("Error confirming e-mail address: " + res.msg);
+                    } else {
+                        confirmStatus.addClass("alert-success");
+                        confirmStatus.text("Your e-mail address was successfully confirmed, you may now log in.");
+                    }
+                });
+            } else {
+                confirmStatus.removeClass("alert-info");
+                confirmStatus.addClass("alert-danger");
+                confirmStatus.text("The link you visited is no longer valid");
+            }
+        });
+    </script>
+{% endblock %}
--- a/core/Templates/account/register.twig
+++ b/core/Templates/account/register.twig
@@ -0,0 +1,50 @@
+{% extends "account.twig" %}
+
+{% set view_title = 'Registration' %}
+{% set view_icon = 'user-plus' %}
+{% set view_description = 'Create a new account' %}
+
+{% block view_content %}
+
+    {% if not view.success %}
+        <div class="alert alert-danger" role="alert">{{ view.message }}</div>
+        <a href='/login' class='btn btn-primary'>Go back</a>
+    {% else %}
+        <h4 class="pb-4">Please fill with your details</h4>
+        <form>
+            <div class="input-group">
+                <div class="input-group-append">
+                    <span class="input-group-text"><i class="fas fa-hashtag"></i></span>
+                </div>
+                <input id="username" autocomplete='username' name="username" placeholder="Username" class="form-control" type="text" maxlength="32">
+            </div>
+            <div class="input-group mt-3">
+            <div class="input-group-append">
+                <span class="input-group-text"><i class="fas fa-at"></i></span>
+            </div>
+                <input type="email" autocomplete='email' name='email' id='email' class="form-control" placeholder="Email" maxlength="64">
+            </div>
+            <div class="input-group mt-3">
+            <div class="input-group-append">
+                <span class="input-group-text"><i class="fas fa-key"></i></span>
+            </div>
+                <input type="password" autocomplete='new-password' name='password' id='password' class="form-control" placeholder="Password">
+            </div>
+            <div class="input-group mt-3">
+            <div class="input-group-append">
+                <span class="input-group-text"><i class="fas fa-key"></i></span>
+            </div>
+                <input type="password" autocomplete='new-password' name='confirmPassword' id='confirmPassword' class="form-control" placeholder="Confirm Password">
+            </div>
+            <div class="input-group mt-3">
+            <button type="button" class="btn btn-primary" id='btnRegister'>Submit</button>
+            <a href='/login' style='margin-left: 10px'>
+                <button class='btn btn-secondary' type='button'>
+                    Back to Login
+                </button>
+            </a>
+            </div>
+        </form>
+    {% endif %}
+
+{% endblock %}
--- a/core/Templates/account/resend_confirm_email.twig
+++ b/core/Templates/account/resend_confirm_email.twig
@@ -0,0 +1,27 @@
+{% extends "account.twig" %}
+
+{% set view_title = 'Resend Confirm Email' %}
+{% set view_icon = 'envelope' %}
+{% set view_description = 'Request a new confirmation email to finalize the account creation' %}
+
+{% block view_content %}
+    <p class='lead'>Enter your E-Mail address, to receive a new e-mail to confirm your registration.</p>
+    <form>
+        <div class="input-group">
+            <div class="input-group-append">
+                <span class="input-group-text"><i class="fas fa-at"></i></span>
+            </div>
+            <input id="email" autocomplete='email' name="email" placeholder="E-Mail address" class="form-control" type="email" maxlength="64" />
+        </div>
+        <div class="input-group mt-2" style='position: absolute;bottom: 15px'>
+            <button id='btnResendConfirmEmail' class='btn btn-primary'>
+                Request
+            </button>
+            <a href='/login' style='margin-left: 10px'>
+                <button class='btn btn-secondary' type='button'>
+                    Back to Login
+                </button>
+            </a>
+        </div>
+    </form>
+{% endblock %}
--- a/core/Templates/account/reset_password.twig
+++ b/core/Templates/account/reset_password.twig
@@ -0,0 +1,59 @@
+{% extends "account.twig" %}
+
+{% set view_title = 'Reset Password' %}
+{% set view_icon = 'user-lock' %}
+{% set view_description = 'Request a password reset, once you got the e-mail address, you can choose a new password' %}
+
+{% block view_content %}
+    {% if view.token %}
+        {% if not view.success %}
+            <div class="alert alert-danger" role="alert">{{ view.message }}</div>
+            <a href='/resetPassword' class='btn btn-primary'>Go back</a>
+        {% else %}
+            <h4 class="pb-4">Choose a new password</h4>
+            <form>
+                <input name='token' id='token' type='hidden' value='{{ view.token }}'/>
+                <div class="input-group mt-3">
+                    <div class="input-group-append">
+                        <span class="input-group-text"><i class="fas fa-key"></i></span>
+                    </div>
+                    <input type="password" autocomplete='new-password' name='password' id='password' class="form-control" placeholder="Password">
+                </div>
+                <div class="input-group mt-3">
+                    <div class="input-group-append">
+                        <span class="input-group-text"><i class="fas fa-key"></i></span>
+                    </div>
+                    <input type="password" autocomplete='new-password' name='confirmPassword' id='confirmPassword' class="form-control" placeholder="Confirm Password">
+                </div>
+                <div class="input-group mt-3">
+                    <button type="button" class="btn btn-primary" id='btnResetPassword'>Submit</button>
+                    <a href='/login' style='margin-left: 10px; display: none' id='backToLogin'>
+                        <button class='btn btn-success' type='button'>
+                            Back to Login
+                        </button>
+                    </a>
+                </div>
+            </form>
+        {% endif %}
+    {% else %}
+        <p class='lead'>Enter your E-Mail address, to receive a password reset token.</p>
+        <form>
+            <div class="input-group">
+                <div class="input-group-append">
+                    <span class="input-group-text"><i class="fas fa-at"></i></span>
+                </div>
+                <input id="email" autocomplete='email' name="email" placeholder="E-Mail address" class="form-control" type="email" maxlength="64" />
+            </div>
+            <div class="input-group mt-2" style='position: absolute;bottom: 15px'>
+                <button id='btnRequestPasswordReset' class='btn btn-primary'>
+                    Request
+                </button>
+                <a href='/login' style='margin-left: 10px'>
+                    <button class='btn btn-secondary' type='button'>
+                        Back to Login
+                    </button>
+                </a>
+            </div>
+        </form>
+    {% endif %}
+{% endblock %}
--- a/core/Templates/admin.twig
+++ b/core/Templates/admin.twig
@@ -0,0 +1,12 @@
+{% extends "base.twig" %}
+
+{% block head %}
+    <title>{{ site.name }} - Administration</title>
+    <script src="/js/fontawesome-all.min.js" nonce="{{ site.csp.nonce }}"></script>
+{% endblock %}
+
+{% block body %}
+    <noscript>You need Javascript enabled to run this app</noscript>
+    <div class="wrapper" id="root"></div>
+    <script src="/js/admin.min.js" nonce="{{ site.csp.nonce }}"></script>
+{% endblock %}
--- a/core/Templates/base.twig
+++ b/core/Templates/base.twig
@@ -0,0 +1,15 @@
+<!DOCTYPE html>
+<html lang="{{ user.lang }}">
+  <head>
+    <meta charset="utf-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <meta name="format-detection" content="telephone=yes" />
+    {% block head %}
+      <title>{{ site.title }}</title>
+    {% endblock %}
+  </head>
+  <body>
+    {% block body %}
+    {% endblock %}
+  </body>
+</html>
--- a/core/Templates/mail/accept_invite.twig
+++ b/core/Templates/mail/accept_invite.twig
@@ -0,0 +1,8 @@
+Hello {{ username }},<br><br>
+You were invited to create an account on {{ site_name }}. Please click on the following link to confirm your email address and complete your registration by choosing a new password.
+If you want to decline the invitation, you can simply ignore this email. The link is valid for {{ valid_time }}:<br><br>
+
+<a href="{{ link }}">{{ link }}</a><br><br>
+
+Best Regards<br>
+{{ site_name }} Administration
--- a/core/Templates/mail/confirm_email.twig
+++ b/core/Templates/mail/confirm_email.twig
@@ -0,0 +1,8 @@
+Hello {{ username }},<br><br>
+You recently created an account on {{ site_name }}. Please click on the following link to confirm your email address and complete your registration.<br>
+If you haven't registered an account, you can simply ignore this email. The link is valid for {{ valid_time }}:<br><br>
+
+<a href="{{ link }}">{{ link }}</a><br><br>
+
+Best Regards<br>
+{{ site_name }} Administration
--- a/core/Templates/mail/reset_password.twig
+++ b/core/Templates/mail/reset_password.twig
@@ -0,0 +1,8 @@
+Hello {{ username }},<br>
+you requested a password reset on {{ site_name }}. Please click on the following link to choose a new password. <br>
+If this request was not intended, you can simply ignore the email. The Link is valid for {{ valid_time }}:<br><br>
+
+<a href="{{ link }}">{{ link }}</a><br><br>
+
+Best Regards<br>
+{{ site_name }} Administration
--- a/core/Templates/redirect.twig
+++ b/core/Templates/redirect.twig
@@ -0,0 +1,7 @@
+{% extends "base.twig" %}
+{% block head %}
+    <meta http-equiv="refresh" content="0;url={{ url }}">
+{% endblock %}
+{% block body %}
+    You will be automatically redirected to <b>{{ url }}</b>. If that doesn't work, click <a href="{{ url }}">here</a>.
+{% endblock %}