diff options
author | Javier Sánchez Parra <jsanchez@soleta.eu> | 2022-04-21 17:30:12 +0200 |
---|---|---|
committer | Javier Sánchez Parra <jsanchez@soleta.eu> | 2022-04-22 13:02:30 +0200 |
commit | c7b0024d2405d29e5c36445b6d28af046b2213f1 (patch) | |
tree | 4987ac0135c1f264ac90b20c6d479261d45baca7 /ogcp/templates/auth/login.html | |
parent | 1f9a3d3b4156aef3562efec41da3f2b6cc8ec74b (diff) |
Add password hashing
The front-end now hashes passwords before sending them to the back-end.
It uses SHA-512.
This commit adds a hidden input which sends the password hash to not
interfere with browsers' save password functionality.
Also change passwords of the template configuration file for their
hashed/digested versions.
Diffstat (limited to 'ogcp/templates/auth/login.html')
-rw-r--r-- | ogcp/templates/auth/login.html | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/ogcp/templates/auth/login.html b/ogcp/templates/auth/login.html index ee3f2e3..2b6cce9 100644 --- a/ogcp/templates/auth/login.html +++ b/ogcp/templates/auth/login.html @@ -15,7 +15,8 @@ {{ wtf.quick_form(form, method='post', form_type='basic', - button_map={'submit_btn':'primary'}) }} + button_map={'submit_btn':'primary'}, + id='login-form') }} </div> <!-- /.login-card-body --> </div> @@ -23,5 +24,12 @@ <!-- /.login-box --> </div> +<script> + document.addEventListener('readystatechange', () => { + if (document.readyState === 'complete') { + digestLoginPassword() + } + }); +</script> {% endblock %} |