federated-nexus/website
2
1
Fork 1
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add nonce support
Some checks failed
Deploy to Pages / Build (push) Has been cancelled
Details
Deploy to Pages / Deploy (push) Has been cancelled
Details

Browse source
This commit is contained in:
Henry Hiles 2025-07-21 21:52:11 -04:00
commit 8e90ca3cc1
No known key found for this signature in database
1 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/pages/login.astro
View file

@ -8,6 +8,7 @@ import "../styles/login.css"
> >
<form method="post" action="https://auth.federated.nexus/login"> <form method="post" action="https://auth.federated.nexus/login">
<input type="hidden" name="state" /> <input type="hidden" name="state" />
<input type="hidden" name="nonce" />
<input type="hidden" name="user_id" /> <input type="hidden" name="user_id" />
<input type="hidden" name="access_token" /> <input type="hidden" name="access_token" />
<input type="hidden" name="redirect_uri" /> <input type="hidden" name="redirect_uri" />
@ -33,7 +34,7 @@ import "../styles/login.css"
<script> <script>
const params = new URLSearchParams(window.location.search) const params = new URLSearchParams(window.location.search)
for (const name of ["redirect_uri", "state"]) { for (const name of ["redirect_uri", "state", "nonce"]) {
const input = document.querySelector( const input = document.querySelector(
`input[name="${name}"]` `input[name="${name}"]`
) as HTMLInputElement ) as HTMLInputElement
@ -81,7 +82,6 @@ import "../styles/login.css"
const token = form.querySelector( const token = form.querySelector(
'input[name="access_token"]' 'input[name="access_token"]'
) as HTMLInputElement ) as HTMLInputElement
token.value = data.access_token token.value = data.access_token
form.submit() form.submit()