pub / rememori

Simple file-based bookmarking and notes application
git clone https://src.jayvii.de/pub/rememori.git
Home | Log | Files | Exports | Refs | README | RSS

commit 484a23db169a87e145199d29235cac525117d587
parent 3148f5abd63610857773012011208275963b61fb
Author: JayVii <jayvii[AT]posteo[DOT]de>
Date:   Fri,  1 Nov 2024 17:28:53 +0100

feat: implement account view

Diffstat:
Mapi/new.php | 6++----
Mapi/rss.php | 2--
Massets/css/custom.css | 4++++
Mconfig/i18n.php | 14+++++++++++++-
Mindex.php | 22+++++++++++++++++++++-
Alib/account.php | 94+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Mlib/menus.php | 23++++++++++++++---------
Mlib/users.php | 47+++++++++++++++++++++++++++++++++++++++++------
Mmisc/add_token_for_user.php | 1+
Mmisc/create_initial_user.php | 1+
10 files changed, 191 insertions(+), 23 deletions(-)

diff --git a/api/new.php b/api/new.php @@ -1,9 +1,8 @@ <?php /* Load library functions */ - $libs = array("api.php", "write.php", "users.php", "helpers.php"); - foreach ($libs as $lib) { - include($_SERVER["DOCUMENT_ROOT"] . "/lib/" . $lib); + foreach (glob($_SERVER["DOCUMENT_ROOT"] . "/lib/*.php") as $lib) { + include($lib); } /* Load configurations */ @@ -86,7 +85,6 @@ } /* update filename, once we found a unique one */ $filename = $file_counter . "_" . $filename; - } } /* write note */ diff --git a/api/rss.php b/api/rss.php @@ -17,7 +17,6 @@ $token = validate_input_string(gather_post("token")); $return = validate_input_string(gather_post("return")); - /* Fallback to GET request, if no POST was found */ if (empty($category)) { $category = validate_input_string(gather_get("category")); @@ -32,7 +31,6 @@ $return = validate_input_string(gather_get("return")); } - /* run authentification method. exit immediately if it fails */ $auth = auth_user($user, $token, -1); if ($auth !== true) { diff --git a/assets/css/custom.css b/assets/css/custom.css @@ -79,3 +79,7 @@ header { .danger.likeanchor:hover { color: #ff6161 !important; } + +input.marked { + +} diff --git a/config/i18n.php b/config/i18n.php @@ -33,9 +33,16 @@ if ($lang == "en") { $GLOBALS["i18n_search"] = "Search"; $GLOBALS["i18n_search_placeholder"] = "Search your notes..."; $GLOBALS["i18n_matches"] = "Matches"; + $GLOBALS["i18n_account"] = "Account"; $GLOBALS["i18n_bookmarklet"] = "Bookmarklet"; $GLOBALS["i18n_bookmarklet_tp"] = "Drag this to your bookmark toolbar. On other websites you can then click the icon to remember it in Rememori."; $GLOBALS["i18n_bookmarklet_prompt"] = "Under which category do you want to remember this site?"; + $GLOBALS["i18n_tokens"] = "Login-Tokens"; + $GLOBALS["i18n_tokens_info"] = "Tokens are used for authentication. They represent your passwords, but they do not work at the login-screen, only for API requests. In order to remove a token along with its connected password, empty the according input field."; + $GLOBALS["i18n_tokens_add"] = "Add Login-Token"; + $GLOBALS["i18n_tokens_add_info"] = "Insert a password here, which you then can use for the login to your account. It will appear as \"Token\" above, which you can also use for API requests."; + $GLOBALS["i18n_tokens_curr"] = "Corresponds to the password you are currently logged in with."; + } if ($lang == "de") { $GLOBALS["i18n_error"] = "Fehler"; @@ -65,10 +72,15 @@ if ($lang == "de") { $GLOBALS["i18n_search"] = "Suchen"; $GLOBALS["i18n_search_placeholder"] = "Notizen durchsuchen..."; $GLOBALS["i18n_matches"] = "Funde"; + $GLOBALS["i18n_account"] = "Konto"; $GLOBALS["i18n_bookmarklet"] = "Bookmarklet"; $GLOBALS["i18n_bookmarklet_tp"] = "Dieser Link kann zur Lesezeichensymbollietse gezogen werden. Anderen Webseiten können dann per Klick auf das Symbol in Rememori gespeichert werden."; $GLOBALS["i18n_bookmarklet_prompt"] = "Unter welcher Kategorie soll diese Seite gespeicher werden?"; + $GLOBALS["i18n_tokens"] = "Login-Tokens"; + $GLOBALS["i18n_tokens_info"] = "Tokens werden für den Authentifizierungs-Vorgang genutzt. Sie repräsentieren Passwörter, funktionieren jedoch nicht zum Login in Rememori, sondern nur für API-Anfragen. Um einen Token zusammen mit dem damit verbundenen Passwort zu löschen, muss das entsprechende Eingabefeld geleert werden."; + $GLOBALS["i18n_tokens_add"] = "Login-Token hinzufügen"; + $GLOBALS["i18n_tokens_add_info"] = "Ein neues Passwort für den Login zu Rememori kann hier erstellt werden. Das Passwort wird im Anschluss als \"Token\" aufgelistet, welche für API-Anfragen genutzt werden können."; + $GLOBALS["i18n_tokens_curr"] = "Gehört zu dem Passwort, mit dem dieser Account aktuell angemeldet ist." } - ?> diff --git a/index.php b/index.php @@ -73,6 +73,21 @@ $action = "login"; } + /* New Password action */ + if ($action == "add_password") { + add_auth( + $user, + gather_post("new_pass") + ); + $action = "account"; + } + + /* Update tokens action */ + if ($action == "update_tokens") { + update_tokens($user); + $action = "account"; + } + /* Edit action */ if ($action == "edit") { /* if no filename is given, try to come up with one ourselves */ @@ -122,7 +137,7 @@ <link rel="apple-touch-icon" type="image/png" href="/assets/img/favicon.png"> <link rel=stylesheet href=/assets/css/simple.min.css media=all> <link rel=stylesheet href=/assets/css/custom.css> - <link rel="manifest" href="/manifest.json"> + <link crossorigin="use-credentials" rel="manifest" href="/manifest.json"> <script async src="/assets/js/deletion.js"></script> <meta name="viewport" content="width=device-width, initial-scale=1.0"> </head> @@ -175,6 +190,11 @@ die(); // ensure the process stops after this } + /* Account action */ + if ($action == "account") { + show_account($user, $token); + } + /* Listing action */ if ($action == "list") { list_notes($user, $category); diff --git a/lib/account.php b/lib/account.php @@ -0,0 +1,94 @@ +<?php + +function show_account( + string $user, + string $token +) { + + /* generate token path */ + $tokens_storage = $GLOBALS["data_dir"] . "/" . $user . "/tokens.json"; + + /* Read from file */ + if (file_exists($tokens_storage)) { + $tokens = json_decode(file_get_contents($tokens_storage)); + } else { + die(); + } + +?> + +<!-- Headline --> +<h4><?php echo $GLOBALS["i18n_account"] . ": " . $user; ?></h4> + +<!-- Bookmarklet --> +<h5><?php echo $GLOBALS["i18n_bookmarklet"]; ?></h5> +<p><?php echo $GLOBALS["i18n_bookmarklet_tp"]; ?></p> +<a + href="<?php echo bookmarklet(); ?>" + onclick="window.alert('<?php echo $GLOBALS["i18n_bookmarklet_tp"];?>');" + title="<?php echo $GLOBALS["i18n_bookmarklet_tp"]; ?>" +> + Rememori +</a> + +<!-- Tokens --> +<h5><?php echo $GLOBALS["i18n_tokens"]; ?></h5> +<p><?php echo $GLOBALS["i18n_tokens_info"]; ?></p> +<form action="/" target="_self" method="post"> + <input + id="action" + name="action" + type="hidden" + value="update_tokens" + > +<?php + + /* cycle through each token and list it in the form */ + for ($i = 0; $i < count($tokens); $i++) { + + /* mark token as "current" if the user is auth'ed with it */ + if ($token == $tokens[$i]) { + $class="marked"; + } else { + $class = ""; + } + +?> + <label for="token_<?php echo $i; ?>"> + Token <?php echo ($i + 1); ?> + </label> + <stretch style="font-size:66%;"> +<?php if ($token == $tokens[$i]) { echo " " . $GLOBALS["i18n_tokens_curr"]; } ?> + </stretch> + <input + id="token_<?php echo $i; ?>" + name="token_<?php echo $i; ?>" + class="<?php echo $class; ?>" + type="text" + value="<?php echo $tokens[$i]; ?>" + > +<?php + } // for-loop +?> + <input type="submit" value="<?php echo $GLOBALS["i18n_save"]; ?>"> +</form> + +<!-- New token --> +<h5><?php echo $GLOBALS["i18n_tokens_add"]; ?></h5> +<p><?php echo $GLOBALS["i18n_tokens_add_info"]; ?></p> +<form action="/" target="_self" method="post"> + <input + id="action" + name="action" + type="hidden" + value="add_password" + > + <input id="new_pass" name="new_pass" type="text" placeholder="secret123"> + <input type="submit" value="<?php echo $GLOBALS["i18n_save"]; ?>"> +</form> + +<?php + +} // function + +?> diff --git a/lib/menus.php b/lib/menus.php @@ -55,15 +55,20 @@ function top_navigation() { > </form> - <!-- Bookmarklet --> - <a - class="likenavitem" - href="<?php echo bookmarklet(); ?>" - onclick="window.alert('<?php echo $GLOBALS["i18n_bookmarklet_tp"];?>');" - title="<?php echo $GLOBALS["i18n_bookmarklet_tp"]; ?>" - > - <?php echo $GLOBALS["i18n_bookmarklet"]; ?> - </a> + <!-- Configure user: Account-Action --> + <form action="/" method="post" class="inline"> + <input + id="action" + name="action" + type="hidden" + value="account" + > + <input + class="likenavitem" + type="submit" + value="<?php echo $GLOBALS["i18n_account"]; ?>" + > + </form> <!-- Logout-Action --> <form action="/" method="post" class="inline"> diff --git a/lib/users.php b/lib/users.php @@ -138,10 +138,8 @@ function add_auth( /* create hash from given password */ $token = create_password_hash($pass); - echo "New token: " . $token . PHP_EOL; - /* generate token path */ - $tokens_storage = "./" . $GLOBALS["data_dir"] . "/" . $user . "/tokens.json"; + $tokens_storage = $GLOBALS["data_dir"] . "/" . $user . "/tokens.json"; /* get filesize */ $filesize = filesize($tokens_storage); @@ -172,14 +170,51 @@ function add_auth( /* close file-hanle */ fclose($file); - /* return "true" on success and "false" otherwise */ - return $bytes !== false; + /* return token on success and "false" otherwise */ + if ($bytes !== false) { + return $token; + } else { + return false; + } } else { return false; } -} +} // function + + +function update_tokens( + string $user +) { + + /* gather tokens from POST */ + $tokens = array(); + $i = 0; + while (array_key_exists("token_" . $i, $_POST)) { + $token = $_POST["token_" . $i]; + if (!empty($token)) { + array_push($tokens, $token); + } + $i++; + } + + /* generate token path */ + $tokens_storage = $GLOBALS["data_dir"] . "/" . $user . "/tokens.json"; + + /* write file */ + if (file_exists($tokens_storage)) { + file_put_contents( + $tokens_storage, + json_encode($tokens) + ); + } else { + return false; + } + + /* return "true" */ + return true; +} // function ?> diff --git a/misc/add_token_for_user.php b/misc/add_token_for_user.php @@ -2,6 +2,7 @@ include("./lib/users.php"); include("./config/config.php"); +$GLOBALS["data_dir"] = "./" . $GLOBALS["data_dir"]; $user = readline('Enter the username: '); $pass = readline('Enter new password: '); diff --git a/misc/create_initial_user.php b/misc/create_initial_user.php @@ -2,6 +2,7 @@ include("./lib/users.php"); include("./config/config.php"); +$GLOBALS["data_dir"] = "./" . $GLOBALS["data_dir"]; $user = readline('Enter new username: '); $pass = readline('Enter new password: ');