Embed token in markup, fix authorization
このコミットが含まれているのは:
コミット
edba60e3e1
|
@ -159,8 +159,8 @@ a {
|
||||||
font-variant: all-small-caps;
|
font-variant: all-small-caps;
|
||||||
text-decoration: none;
|
text-decoration: none;
|
||||||
color: inherit;
|
color: inherit;
|
||||||
background-color: #753ba8;
|
background-color: #3674bf;
|
||||||
border: 2px outset #8a2be2;
|
border: 2px outset #3584e4;
|
||||||
}
|
}
|
||||||
|
|
||||||
footer {
|
footer {
|
||||||
|
@ -183,7 +183,7 @@ footer {
|
||||||
#info:target ~ #toggle > [href="#info"],
|
#info:target ~ #toggle > [href="#info"],
|
||||||
#chat:target ~ #toggle > [href="#chat"],
|
#chat:target ~ #toggle > [href="#chat"],
|
||||||
#both:target > #toggle > [href="#both"] {
|
#both:target > #toggle > [href="#both"] {
|
||||||
background-color: #9943e9;
|
background-color: #3065a6;
|
||||||
border-style: inset;
|
border-style: inset;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
<meta charset="utf-8">
|
<meta charset="utf-8">
|
||||||
<link rel="stylesheet" href="/static/style.css" type="text/css">
|
<link rel="stylesheet" href="/static/style.css" type="text/css">
|
||||||
</head>
|
</head>
|
||||||
<body id="both">
|
<body id="both" data-token="{{ token }}">
|
||||||
<video id="stream" src="/stream.mp4" controls></video>
|
<video id="stream" src="/stream.mp4" controls></video>
|
||||||
<article id="info">
|
<article id="info">
|
||||||
<noscript><iframe id="info_js" data-js="false"></iframe></noscript>
|
<noscript><iframe id="info_js" data-js="false"></iframe></noscript>
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
from functools import wraps
|
from functools import wraps
|
||||||
|
|
||||||
from quart import current_app
|
from quart import current_app, request, abort, make_response
|
||||||
from werkzeug.security import check_password_hash
|
from werkzeug.security import check_password_hash
|
||||||
|
|
||||||
from anonstream.utils.token import generate_token
|
from anonstream.utils.token import generate_token
|
||||||
|
@ -11,16 +11,23 @@ def check_auth(context):
|
||||||
auth is not None
|
auth is not None
|
||||||
and auth.type == "basic"
|
and auth.type == "basic"
|
||||||
and auth.username == current_app.config["AUTH_USERNAME"]
|
and auth.username == current_app.config["AUTH_USERNAME"]
|
||||||
and check_password_hash(auth.password, current_app.config["AUTH_PWHASH"])
|
and check_password_hash(current_app.config["AUTH_PWHASH"], auth.password)
|
||||||
)
|
)
|
||||||
|
|
||||||
def auth_required(f):
|
def auth_required(f):
|
||||||
@wraps(f)
|
@wraps(f)
|
||||||
async def wrapper(*args, **kwargs):
|
async def wrapper(*args, **kwargs):
|
||||||
if check_auth(request):
|
if check_auth(request):
|
||||||
return await func(*args, **kwargs)
|
return await f(*args, **kwargs)
|
||||||
else:
|
hint = 'The broadcaster should log in with the credentials printed ' \
|
||||||
abort(401)
|
'in their terminal.'
|
||||||
|
body = (
|
||||||
|
f'<p>{hint}</p>'
|
||||||
|
if request.authorization is None else
|
||||||
|
'<p>Wrong username or password. Refresh the page to try again.</p>'
|
||||||
|
f'<p>{hint}</p>'
|
||||||
|
)
|
||||||
|
return body, 401, {'WWW-Authenticate': 'Basic'}
|
||||||
|
|
||||||
return wrapper
|
return wrapper
|
||||||
|
|
||||||
|
|
読み込み中…
新しいイシューから参照