diff --git a/src/paths.js b/src/paths.js
index 600a7c7e9..034ec7387 100644
--- a/src/paths.js
+++ b/src/paths.js
@@ -16,6 +16,7 @@ exports = module.exports = {
CLOUDRON_DEFAULT_AVATAR_FILE: path.join(__dirname + '/../assets/avatar.png'),
INFRA_VERSION_FILE: path.join(baseDir(), 'platformdata/INFRA_VERSION'),
+ DASHBOARD_DIR: path.join(baseDir(), 'box/dashboard/dist'),
PROVIDER_FILE: '/etc/cloudron/PROVIDER',
@@ -59,5 +60,5 @@ exports = module.exports = {
// this pattern is for the cloudron logs API route to work
BACKUP_LOG_FILE: path.join(baseDir(), 'platformdata/logs/backup/app.log'),
- UPDATER_LOG_FILE: path.join(baseDir(), 'platformdata/logs/updater/app.log')
+ UPDATER_LOG_FILE: path.join(baseDir(), 'platformdata/logs/updater/app.log'),
};
diff --git a/src/proxyauth.js b/src/proxyauth.js
index e00e115c3..3eda6f9ec 100644
--- a/src/proxyauth.js
+++ b/src/proxyauth.js
@@ -18,7 +18,6 @@ const assert = require('assert'),
HttpSuccess = require('connect-lastmile').HttpSuccess,
jwt = require('jsonwebtoken'),
middleware = require('./middleware'),
- mustacheExpress = require('mustache-express'),
path = require('path'),
paths = require('./paths.js'),
users = require('./users.js');
@@ -46,12 +45,7 @@ function jwtVerify(req, res, next) {
}
function loginPage(req, res) {
- const requestUri = req.headers['x-original-uri'];
- const host = req.headers['x-original-host'];
-
- return res.render('login', {
- referer: requestUri ? `${host}/${requestUri}` : '/',
- });
+ return res.sendfile(path.join(paths.DASHBOARD_DIR, 'proxyauth-login.html'));
}
// called by nginx to authorize any protected route
@@ -77,15 +71,15 @@ function login(req, res, next) {
const appId = req.headers['x-app-id'] || '';
if (!appId) return next(new HttpError(503, 'Nginx misconfiguration'));
- if (typeof req.body.username !== 'string') return res.render('login', { error: 'username must be non empty string' });
- if (typeof req.body.password !== 'string') return res.render('login', { error: 'password must be non empty string' });
+ if (typeof req.body.username !== 'string') return next(new HttpError(400, 'username must be non empty string' ));
+ if (typeof req.body.password !== 'string') return next(new HttpError(400, 'password must be non empty string' ));
const { username, password } = req.body;
const api = username.indexOf('@') !== -1 ? users.verifyWithEmail : users.verifyWithUsername;
api(username, password, appId, function (error, user) {
- if (error) return res.render('login', { error: 'Invalid username or password' });
+ if (error) return next(new HttpError(403, 'Invalid username or password' ));
const token = jwt.sign({ user: users.removePrivateFields(user) }, TOKEN_SECRET, { expiresIn: `${EXPIRY_DAYS}d` });
@@ -125,10 +119,6 @@ function initializeAuthwallExpressSync() {
var router = new express.Router();
router.del = router.delete; // amend router.del for readability further on
- app.engine('html', mustacheExpress());
- app.set('views', path.join(__dirname, 'proxyauth'));
- app.set('view engine', 'html');
-
app
.use(middleware.timeout(REQUEST_TIMEOUT))
.use(middleware.cookieParser())
diff --git a/src/proxyauth/login.html b/src/proxyauth/login.html
deleted file mode 100644
index f80bc624e..000000000
--- a/src/proxyauth/login.html
+++ /dev/null
@@ -1,83 +0,0 @@
-
-
- Cloudron Login
-
-
-
-
-
-
-
-
Cloudron Login
-
-
{{{ error }}}
-
-
-