Add Content-Security-Policy in Authelia web pages
parent
a3560ef8d3
commit
969561f4ad
|
@ -1,6 +1,6 @@
|
||||||
|
|
||||||
body {
|
body {
|
||||||
background-image: url("data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSI1NiIgaGVpZ2h0PSIxMDAiPgo8cmVjdCB3aWR0aD0iNTYiIGhlaWdodD0iMTAwIiBmaWxsPSIjRkZGRkZGIj48L3JlY3Q+CjxwYXRoIGQ9Ik0yOCA2NkwwIDUwTDAgMTZMMjggMEw1NiAxNkw1NiA1MEwyOCA2NkwyOCAxMDAiIGZpbGw9Im5vbmUiIHN0cm9rZT0iI0ZDRkNGQyIgc3Ryb2tlLXdpZHRoPSIyIj48L3BhdGg+CjxwYXRoIGQ9Ik0yOCAwTDI4IDM0TDAgNTBMMCA4NEwyOCAxMDBMNTYgODRMNTYgNTBMMjggMzQiIGZpbGw9Im5vbmUiIHN0cm9rZT0iI0ZCRkJGQiIgc3Ryb2tlLXdpZHRoPSIyIj48L3BhdGg+Cjwvc3ZnPg==");
|
background-image: url("/img/background.svg");
|
||||||
}
|
}
|
||||||
|
|
||||||
.authelia-brand {
|
.authelia-brand {
|
||||||
|
|
|
@ -0,0 +1,5 @@
|
||||||
|
<svg xmlns="http://www.w3.org/2000/svg" width="56" height="100">
|
||||||
|
<rect width="56" height="100" fill="#FFFFFF"></rect>
|
||||||
|
<path d="M28 66L0 50L0 16L28 0L56 16L56 50L28 66L28 100" fill="none" stroke="#FCFCFC" stroke-width="2"></path>
|
||||||
|
<path d="M28 0L28 34L0 50L0 84L28 100L56 84L56 50L28 34" fill="none" stroke="#FBFBFB" stroke-width="2"></path>
|
||||||
|
</svg>
|
After Width: | Height: | Size: 347 B |
|
@ -10,27 +10,22 @@ import ResetPasswordForm from "./lib/reset-password/reset-password-form";
|
||||||
import jslogger = require("js-logger");
|
import jslogger = require("js-logger");
|
||||||
import jQuery = require("jquery");
|
import jQuery = require("jquery");
|
||||||
import U2fApi = require("u2f-api");
|
import U2fApi = require("u2f-api");
|
||||||
|
import Endpoints = require("../../shared/api");
|
||||||
|
|
||||||
jslogger.useDefaults();
|
jslogger.useDefaults();
|
||||||
jslogger.setLevel(jslogger.INFO);
|
jslogger.setLevel(jslogger.INFO);
|
||||||
|
|
||||||
export = {
|
(function () {
|
||||||
firstfactor: function () {
|
if (window.location.pathname == Endpoints.FIRST_FACTOR_GET)
|
||||||
FirstFactor(window, jQuery, FirstFactorValidator, jslogger);
|
FirstFactor(window, jQuery, FirstFactorValidator, jslogger);
|
||||||
},
|
else if (window.location.pathname == Endpoints.SECOND_FACTOR_GET)
|
||||||
secondfactor: function () {
|
SecondFactor(window, jQuery, U2fApi);
|
||||||
SecondFactor(window, jQuery, U2fApi);
|
else if (window.location.pathname == Endpoints.SECOND_FACTOR_TOTP_IDENTITY_FINISH_GET)
|
||||||
},
|
TOTPRegister(window, jQuery);
|
||||||
register_totp: function() {
|
else if (window.location.pathname == Endpoints.SECOND_FACTOR_U2F_IDENTITY_FINISH_GET)
|
||||||
TOTPRegister(window, jQuery);
|
U2fRegister(window, jQuery);
|
||||||
},
|
else if (window.location.pathname == Endpoints.RESET_PASSWORD_IDENTITY_FINISH_GET)
|
||||||
register_u2f: function () {
|
ResetPasswordForm(window, jQuery);
|
||||||
U2fRegister(window, jQuery);
|
else if (window.location.pathname == Endpoints.RESET_PASSWORD_REQUEST_GET)
|
||||||
},
|
ResetPasswordRequest(window, jQuery);
|
||||||
reset_password_request: function () {
|
})();
|
||||||
ResetPasswordRequest(window, jQuery);
|
|
||||||
},
|
|
||||||
reset_password_form: function () {
|
|
||||||
ResetPasswordForm(window, jQuery);
|
|
||||||
}
|
|
||||||
};
|
|
||||||
|
|
|
@ -15,7 +15,4 @@ block content
|
||||||
<!-- <label class="checkbox pull-left"><input type="checkbox" value="remember-me">Remember me</label> -->
|
<!-- <label class="checkbox pull-left"><input type="checkbox" value="remember-me">Remember me</label> -->
|
||||||
a(href=reset_password_request_endpoint, class="pull-right link forgot-password") Forgot password?
|
a(href=reset_password_request_endpoint, class="pull-right link forgot-password") Forgot password?
|
||||||
<span class="clearfix"></span>
|
<span class="clearfix"></span>
|
||||||
</form>
|
</form>
|
||||||
|
|
||||||
block entrypoint
|
|
||||||
<script>authelia.firstfactor();</script>
|
|
|
@ -1,31 +1,32 @@
|
||||||
block variables
|
block variables
|
||||||
|
|
||||||
html
|
html
|
||||||
head
|
head
|
||||||
title Authelia - 2FA
|
title Authelia - 2FA
|
||||||
meta(name="viewport", content="width=device-width, initial-scale=1.0")/
|
meta(name="viewport", content="width=device-width, initial-scale=1.0")/
|
||||||
meta(name="robots", content="noindex, nofollow, nosnippet, noarchive")/
|
meta(name="robots", content="noindex, nofollow, nosnippet, noarchive")/
|
||||||
link(rel="icon", href="/img/icon.png" type="image/png" sizes="32x32")/
|
meta(http-equiv="Content-Security-Policy", content="default-src 'self'; img-src 'self' data:;")/
|
||||||
link(rel="stylesheet", type="text/css", href="/css/authelia.css")/
|
link(rel="icon", href="/img/icon.png" type="image/png" sizes="32x32")/
|
||||||
if redirection_url
|
link(rel="stylesheet", type="text/css", href="/css/authelia.css")/
|
||||||
<meta http-equiv="refresh" content="4;url=#{redirection_url}">
|
if redirection_url
|
||||||
body
|
<meta http-equiv="refresh" content="4;url=#{redirection_url}">
|
||||||
<div class="container">
|
body
|
||||||
|
<div class="container">
|
||||||
|
<div class="row">
|
||||||
|
<div class="col-xs-12 col-sm-8 col-sm-offset-2 col-md-6 col-md-offset-3 col-lg-6 col-lg-offset-3">
|
||||||
|
<div class="account-wall #{page_classname}">
|
||||||
|
block form-header
|
||||||
<div class="row">
|
<div class="row">
|
||||||
<div class="col-xs-12 col-sm-8 col-sm-offset-2 col-md-6 col-md-offset-3 col-lg-6 col-lg-offset-3">
|
<div class="form col-xs-10 col-xs-offset-1 col-sm-8 col-sm-offset-2 col-md-8 col-md-offset-2">
|
||||||
<div class="account-wall #{page_classname}">
|
block content
|
||||||
block form-header
|
</div>
|
||||||
<div class="row">
|
|
||||||
<div class="form col-xs-10 col-xs-offset-1 col-sm-8 col-sm-offset-2 col-md-8 col-md-offset-2">
|
|
||||||
block content
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
<div class="row poweredby-block">
|
|
||||||
<div class="poweredby col-xs-6 col-xs-offset-4 col-sm-6 col-sm-offset-4 col-md-6 col-md-offset-4">Powered by <a class="authelia-brand" href="https://github.com/clems4ever/authelia">Authelia</a></div>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
</div>
|
</div>
|
||||||
|
<div class="row poweredby-block">
|
||||||
|
<div class="poweredby col-xs-6 col-xs-offset-4 col-sm-6 col-sm-offset-4 col-md-6 col-md-offset-4">Powered by <a class="authelia-brand" href="https://github.com/clems4ever/authelia">Authelia</a></div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
</div>
|
</div>
|
||||||
script(src="/js/authelia.js")
|
</div>
|
||||||
block entrypoint
|
</div>
|
||||||
|
block entrypoint
|
||||||
|
script(src="/js/authelia.js")
|
|
@ -17,7 +17,4 @@ block content
|
||||||
</div>
|
</div>
|
||||||
<button id="reset-password-button" class="btn btn-lg btn-primary btn-block" type="submit">Reset Password</button>
|
<button id="reset-password-button" class="btn btn-lg btn-primary btn-block" type="submit">Reset Password</button>
|
||||||
<span class="clearfix"></span>
|
<span class="clearfix"></span>
|
||||||
</form>
|
</form>
|
||||||
|
|
||||||
block entrypoint
|
|
||||||
<script>authelia.reset_password_form();</script>
|
|
|
@ -16,8 +16,4 @@ block content
|
||||||
</div>
|
</div>
|
||||||
<button id="reset-password-button" class="btn btn-lg btn-primary btn-block" type="submit">Reset Password</button>
|
<button id="reset-password-button" class="btn btn-lg btn-primary btn-block" type="submit">Reset Password</button>
|
||||||
<span class="clearfix"></span>
|
<span class="clearfix"></span>
|
||||||
</form>
|
</form>
|
||||||
|
|
||||||
block entrypoint
|
|
||||||
<script>authelia.reset_password_request();</script>
|
|
||||||
|
|
|
@ -5,25 +5,20 @@ block form-header
|
||||||
<img class="header-img" src="../img/padlock.png" alt="">
|
<img class="header-img" src="../img/padlock.png" alt="">
|
||||||
|
|
||||||
block content
|
block content
|
||||||
p Hi <b>#{username}</b>, please complete second factor or <a href="/logout">logout</a>.
|
p Hi <b>#{username}</b>, please complete second factor or <a href="/logout">logout</a>.
|
||||||
<div class="notification notification-totp"></div>
|
<div class="notification notification-totp"></div>
|
||||||
<form class="form-signin totp">
|
<form class="form-signin totp">
|
||||||
<div class="form-inputs">
|
<div class="form-inputs">
|
||||||
<input type="text" autocomplete="off" class="form-control" id="token" placeholder="Token" required autofocus>
|
<input type="text" autocomplete="off" class="form-control" id="token" placeholder="Token" required autofocus>
|
||||||
</div>
|
</div>
|
||||||
<button class="btn btn-lg btn-primary btn-block totp-button" type="submit">TOTP</button>
|
<button class="btn btn-lg btn-primary btn-block totp-button" type="submit">TOTP</button>
|
||||||
a(href=totp_identity_start_endpoint, class="pull-right link register-totp") Need to register?
|
a(href=totp_identity_start_endpoint, class="pull-right link register-totp") Need to register?
|
||||||
<span class="clearfix"></span>
|
<span class="clearfix"></span>
|
||||||
</form>
|
</form>
|
||||||
<hr>
|
<hr>
|
||||||
<div class="notification notification-u2f"></div>
|
<div class="notification notification-u2f"></div>
|
||||||
<form class="form-signin u2f">
|
<form class="form-signin u2f">
|
||||||
<button class="btn btn-lg btn-primary btn-block u2f-button" type="submit">U2F</button>
|
<button class="btn btn-lg btn-primary btn-block u2f-button" type="submit">U2F</button>
|
||||||
a(href=u2f_identity_start_endpoint, class="pull-right link register-u2f") Need to register?
|
a(href=u2f_identity_start_endpoint, class="pull-right link register-u2f") Need to register?
|
||||||
<span class="clearfix"></span>
|
<span class="clearfix"></span>
|
||||||
</form>
|
</form>
|
||||||
|
|
||||||
block entrypoint
|
|
||||||
<script>
|
|
||||||
| authelia.secondfactor();
|
|
||||||
</script>
|
|
|
@ -14,6 +14,3 @@ block content
|
||||||
|
|
||||||
block entrypoint
|
block entrypoint
|
||||||
<script src="/js/qrcode.min.js"></script>
|
<script src="/js/qrcode.min.js"></script>
|
||||||
<script>
|
|
||||||
| authelia.register_totp();
|
|
||||||
</script>
|
|
||||||
|
|
|
@ -8,7 +8,4 @@ block form-header
|
||||||
<p>Touch the token to register your U2F device.</p>
|
<p>Touch the token to register your U2F device.</p>
|
||||||
|
|
||||||
block content
|
block content
|
||||||
<img src="/img/pendrive.png" alt="pendrive" />
|
<img src="/img/pendrive.png" alt="pendrive" />
|
||||||
|
|
||||||
block entrypoint
|
|
||||||
<script>window.authelia.register_u2f()</script>
|
|
Loading…
Reference in New Issue