| 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
 | <!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>TimeTrack: Unknown user</title>
<script>
"use strict";
var ROOT_ENDPOINT="/timetrack2";
function fetch(method,url,data/*?*/,creds/*?*/,cb){
	if(!creds){
		cb=data;
		data=undefined;
		creds=undefined;
	} else if(!cb){
		cb=creds;
		creds=undefined;
	}
	if(!cb)throw new Error("No callback passed to fetch");
	var xhr=new XMLHttpRequest();
	xhr.onreadystatechange=function(ev){
		if(xhr.readyState<4)return;
		cb(xhr.status,xhr.responseText);
	};
	if(creds){
		xhr.open(method,url,true,creds[0],creds[1]);
	} else {
		xhr.open(method,url);
	}
	xhr.send(data);
}
function asciiValid(str){
	var i,c;
	for(i=0;i<str.length;i++){
		c=str.charCodeAt(i);
		if(c<32||c>=127)return false;
	}
	return true;
}
function logoutReload(){
	fetch("GET",ROOT_ENDPOINT+"/authfail",undefined,["baduser","badpass"],function(status,body){
		location.href=location.href;
	});
}
function doCreateUser(){
	var username=document.getElementById("username").value;
	var password=document.getElementById("password").value;
	var fail=false;
	[["Username",username],["Password",password]].forEach(function(name,value){
		if(value.length<3){fail=true;alert(name+" too short!");}
		else if(value.length>32){fail=true;alert(name+" too long!");}
		else if(!asciiValid(value)){fail=true;alert("Invalid "+name.toLowerCase()+"! Please use only ASCII characters.");}
	});
	if(fail)return;
	fetch("POST",ROOT_ENDPOINT+"/createuser",undefined,[username,password],function(status,body){
		if(status==200){
			alert("User \""+username+"\" created successfully. Please login.");
			logoutReload();
		} else {
			alert("Error: "+body);
		}
	});
}
</script>
<style>
body{
	font-family:Georgia,Times,serif;
	font-size:14px;
}
</style>
</head>
<body>
<h1>TimeTrack: Unknown user</h1>
<p>The user you entered is not known in the system. You can use the form below to create a new user.
Be aware: this system is not secure.</p>
Username: <input type="text" id="username" placeholder="username"><br>
Password: <input type="password" id="password" placeholder="password"><br>
<input type="button" value="Create user" onclick="doCreateUser();">
<br><br>
<p>You can also <input type="button" onclick="logoutReload();" value="log out and try again"> if you just can't type.</p>
</body>
</html>
 |