init

1 files changed, 82 insertions, 0 deletions

diff --git a/desk/web/login.hoon b/desk/web/login.hoon
new file mode 100644
index 0000000..017df8d
--- /dev/null
+++ b/desk/web/login.hoon
@@ -0,0 +1,82 @@
+|_  who=@p
+++  script  ^~  %-  trip
+'''
+console.log('oh hai')
+'''
+++  css  ^~  %-  trip
+'''
+#login{
+  margin-top: 3rem;
+  & h1 {
+    text-align: center;
+  }
+  & form{
+    margin: auto;
+    width: 50%;
+    text-align: center;
+
+    & input[type=text]{
+      outline: none;
+      padding: 0.5rem;
+    }
+    & button{
+      display: block;
+      margin: 1rem auto;
+    }
+    
+  }
+}
+'''
+++  $  ^-  manx
+      :: =/  redirect=(unit @t)  (get-header:http 'redirect' u.parsed)
+:: =/  redirect-str  ?~(redirect-url "" (trip u.redirect-url))
+  =/  redirect-str  ""
+;div#login.blog
+  ;style: {css}
+  ;h1: Login
+  ;p: You can read the most of the blog or hang out at the public chat room without an account, but in order to leave comments or join the board you will need to login.
+  ;p: Bloody Shovel 4 does not keep any credentials from its visitors. There is no registration process. No passwords and emails or phone numbers here.
+  ;p: You can login with your Urbit ship. Input your Urbit ID below, you will be redirected to your own ship's interface to authorize the login.
+  ;form(action "/~/login", method "post")
+    ;p: Urbit ID
+    ;input.mono(type "text")
+      =name  "name"
+      =id    "name"
+      =placeholder  "~sorreg-namtyv"
+      =required   "true"
+      =minlength  "4"
+      =maxlength  "14"
+      =pattern    "~((([a-z]\{6})\{1,2}-\{0,2})+|[a-z]\{3})";
+    ;input(type "hidden", name "redirect", value redirect-str);
+    ;button(name "eauth", type "submit"):"Login"
+  ==
+  ;p: If you don't have an Urbit ID please reach out to site@spandrell.ch and we'll help you get one.
+==
+:: ++  new-session-key
+::   |-  ^-  @uv
+::   =/  candidate=@uv  (~(raw og (shas %session-key eny)) 128)
+::   ?.  (~(has by sessions.auth.state) candidate)
+::     candidate
+::   $(eny (shas %try-again candidate))
+::       ::  are there cookies passed with this request?
+:: =/  cookie-header=@t
+::   %+  roll  header-list.request
+::   |=  [[key=@t value=@t] c=@t]
+::   ?.  =(key 'cookie')
+::     c
+::   (cat 3 (cat 3 c ?~(c 0 '; ')) value)
+:: ::  is there an urbauth cookie?
+:: ::
+:: ?~  urbauth=(get-header:http (crip "urbauth-{(scow %p our)}") u.cookies)
+:: ++  session-cookie-string
+::   |=  [session=@uv extend=?]
+::   ^-  @t
+::   %-  crip
+::   =;  max-age=tape
+::     "urbauth-{(scow %p our)}={(scow %uv session)}; Path=/; Max-Age={max-age}"
+::   %-  format-ud-as-integer
+::   ?.  extend  0
+::   (div (msec:milly session-timeout) 1.000)
+:: ++  cookie-stuff
+:: ['set-cookie' (session-cookie-string session-id |)]
+--