diff --git a/public/assets/seria.css b/public/assets/seria.css index 76ddef9..f3e23d4 100644 --- a/public/assets/seria.css +++ b/public/assets/seria.css @@ -776,3 +776,34 @@ body { font-size: 1.2em; padding: 4px 10px; } + +.settings {} + +.settings > div { + background: #161616; + overflow: hidden; + width: 100%; + box-shadow: 0 1px 2px rgba(0, 0, 0, .6); + text-shadow: 0 1px 4px #000; + align-items: center; + padding: 2px; +} +.settings > div:not(:first-child) { + margin-top: 2px; +} +.settings > div > h2 { + font-size: 1.4em; + padding: 5px 10px 2px; +} +.settings > div > p { + font-size: 0.9em; + line-height: 1.5em; + padding: 0 10px 5px; +} +.settings > div > form { + padding: 5px 10px 10px; + overflow: auto; +} +.settings > div > form > button { + padding: 5px 10px; +} diff --git a/src/SeriaContext.php b/src/SeriaContext.php index 9406de6..345dd38 100644 --- a/src/SeriaContext.php +++ b/src/SeriaContext.php @@ -106,7 +106,7 @@ final class SeriaContext { $routing->register(new HomeRoutes($this->templating)); $routing->register(new Users\ProfileRoutes($this->authInfo, $this->torrentsCtx, $this->usersCtx, $this->templating)); - $routing->register(new Users\SettingsRoutes($this->authInfo, $this->templating)); + $routing->register(new Users\SettingsRoutes($this->authInfo, $this->usersCtx, $this->csrfp, $this->templating)); $routing->register(new Torrents\AnnounceRouting($this->torrentsCtx, $this->usersCtx)); $routing->register(new Torrents\TorrentCreateRouting($this->dbConn, $this->authInfo, $this->torrentsCtx, $this->csrfp, $this->templating)); $routing->register(new Torrents\TorrentInfoRouting($this->authInfo, $this->torrentsCtx, $this->usersCtx, $this->csrfp, $this->templating)); diff --git a/src/Users/SettingsRoutes.php b/src/Users/SettingsRoutes.php index cd09ab7..dc25f25 100644 --- a/src/Users/SettingsRoutes.php +++ b/src/Users/SettingsRoutes.php @@ -3,23 +3,45 @@ namespace Seria\Users; use Index\Routing\Route; use Index\Routing\RouteHandler; +use Index\Security\CSRFP; use Sasae\SasaeEnvironment; use Seria\Auth\AuthInfo; +use Seria\Users\UsersContext; class SettingsRoutes extends RouteHandler { public function __construct( private AuthInfo $authInfo, + private UsersContext $usersCtx, + private CSRFP $csrfp, private ?SasaeEnvironment $templating ) {} - #[Route('GET', '/settings')] - public function getIndex($response) { + #[Route('/settings')] + public function checkLogin($response, $request) { if(!$this->authInfo->isLoggedIn()) return 403; + if($request->getMethod() === 'POST') { + if(!$request->isFormContent()) + return 400; + + $content = $request->getContent(); + if(!$this->csrfp->verifyToken((string)$content->getParam('_csrfp'))) + return 403; + } + } + + #[Route('GET', '/settings')] + public function getIndex($response) { return $this->templating->render('settings'); } + #[Route('POST', '/settings/passkey')] + public function postPasskey($response) { + $this->usersCtx->getUsers()->updatePassKey($this->authInfo->getUserInfo()); + $response->redirect('/settings'); + } + #[Route('GET', '/settings.php')] public function getSettingsPHP($response): void { $response->redirect('/settings', true); diff --git a/templates/settings.twig b/templates/settings.twig index 831d5f2..61d02fd 100644 --- a/templates/settings.twig +++ b/templates/settings.twig @@ -3,5 +3,14 @@ {% set title = 'Settings' %} {% block content %} - Provide option to reset pass key and shit here, maybe also a nuke tracker profile option but probably not. +
+
+

Reset Passkey

+

In case you accidentally exposed your passkey to other people. This button will generate a new passkey for you, but that also means any existing torrent you may be seeding or downloading will no longer work and you'll have to redownload the .torrent file.

+
+ + +
+
+
{% endblock %}