1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
|
<html lang="en">
<head>
<meta charset="UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>Slowcord</title>
<link rel="preconnect" href="https://fonts.googleapis.com" />
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin />
<link
href="https://fonts.googleapis.com/css2?family=Montserrat&display=swap"
rel="stylesheet"
/>
<link rel="stylesheet" href="./css/index.css" />
<script src="js/handler.js"></script>
</head>
<body>
<div class="content">
<div class="login">
<div class="header">
<h1>Welcome to Slowcord</h1>
<div class="header-subtext">
<p>Glad to see you <3</p>
<a href="/register">Wait, I'm new!</a>
</div>
<p id="failure">Login failed</p>
</div>
<form action="javascript:void(0);" name="login">
<label for="email">Email</label>
<input type="email" name="email" />
<label for="password">Password</label>
<input type="password" name="password" />
<input type="submit" value="Login" />
<a
id="loginDiscord"
class="oauth"
href="https://discord.com/api/oauth2/authorize?client_id=991688571415175198&redirect_uri=https%3A%2F%2Fslowcord.maddy.k.vu%2Foauth%2Fdiscord&response_type=code&scope=identify%20email"
>
Login with Discord
</a>
<div
class="h-captcha"
data-sitekey="fa3163ea-79a7-4b7b-b752-b58c545906c8"
data-theme="dark"
></div>
<script
src="https://js.hcaptcha.com/1/api.js"
async
defer
></script>
</form>
<form
action="javascript:void(0);"
name="2fa"
style="display: none"
>
<label for="code">2FA Code</label>
<input type="number" name="code" />
<input type="hidden" name="ticket" />
<input type="submit" value="Login" />
</form>
</div>
</div>
<script>
/* https://stackoverflow.com/questions/5639346/what-is-the-shortest-function-for-reading-a-cookie-by-name-in-javascript */
const getCookieValue = (name) =>
document.cookie
.match("(^|;)\\s*" + name + "\\s*=\\s*([^;]+)")
?.pop() || "";
let token = getCookieValue("token");
if (token.trim().length) {
/* https://stackoverflow.com/a/27374365 */
// why is clearing cookies so weird? wtf
document.cookie.split(";").forEach(function (c) {
document.cookie = c
.replace(/^ +/, "")
.replace(
/=.*/,
"=;expires=" + new Date().toUTCString() + ";path=/",
);
});
window.localStorage.setItem("token", `"${token}"`);
window.location.href = "/app";
}
token = window.localStorage.getItem("token");
if (token) window.location.href = "/app";
document.forms["login"].addEventListener("submit", async (e) => {
const data = new FormData(e.target);
const email = data.get("email");
const password = data.get("password");
const hcaptcha = data.get("h-captcha-response");
await handleSubmit("/api/v9/auth/login", {
login: email,
password: password,
captcha_key: hcaptcha,
});
});
document.forms["2fa"].addEventListener("submit", async (e) => {
const data = new FormData(e.target);
const code = data.get("code");
const ticket = data.get("ticket");
await handleSubmit("/api/v9/auth/mfa/totp", {
code: code,
ticket: ticket,
});
});
</script>
</body>
</html>
|
