auto update script executed

api.go

@@ -36,16 +36,16 @@ func initAPIs() {
 	}
 
 	//Auth APIs
-	authRouter.HandleFunc("/api/auth/login", authAgent.HandleLogin)
-	authRouter.HandleFunc("/api/auth/logout", authAgent.HandleLogout)
-	authRouter.HandleFunc("/api/auth/checkLogin", func(w http.ResponseWriter, r *http.Request) {
+	http.HandleFunc("/api/auth/login", authAgent.HandleLogin)
+	http.HandleFunc("/api/auth/logout", authAgent.HandleLogout)
+	http.HandleFunc("/api/auth/checkLogin", func(w http.ResponseWriter, r *http.Request) {
 		if requireAuth {
 			authAgent.CheckLogin(w, r)
 		} else {
 			utils.SendJSONResponse(w, "true")
 		}
 	})
-	authRouter.HandleFunc("/api/auth/username", func(w http.ResponseWriter, r *http.Request) {
+	http.HandleFunc("/api/auth/username", func(w http.ResponseWriter, r *http.Request) {
 		username, err := authAgent.GetUserName(w, r)
 		if err != nil {
 			http.Error(w, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
@@ -60,6 +60,17 @@ func initAPIs() {
 		js, _ := json.Marshal(uc)
 		utils.SendJSONResponse(w, string(js))
 	})
+	http.HandleFunc("/api/auth/register", func(w http.ResponseWriter, r *http.Request) {
+		if authAgent.GetUserCounts() == 0 {
+			//Allow register root admin
+			authAgent.HandleRegisterWithoutEmail(w, r, func(username, reserved string) {
+
+			})
+		} else {
+			//This function is disabled
+			utils.SendErrorResponse(w, "Root management account already exists")
+		}
+	})
 
 	//Reverse proxy
 	authRouter.HandleFunc("/api/proxy/enable", ReverseProxyHandleOnOff)

mod/auth/auth.go

@@ -95,7 +95,7 @@ func (a *AuthAgent) HandleLogin(w http.ResponseWriter, r *http.Request) {
 	username, err := utils.PostPara(r, "username")
 	if err != nil {
 		//Username not defined
-		log.Println("[Auth] Someone trying to login with username: " + username)
+		log.Println("[Auth] " + r.RemoteAddr + " trying to login with username: " + username)
 		utils.SendErrorResponse(w, "Username not defined or empty.")
 		return
 	}
@@ -324,7 +324,7 @@ func (a *AuthAgent) HandleRegisterWithoutEmail(w http.ResponseWriter, r *http.Re
 
 	//Return to the client with OK
 	utils.SendOK(w)
-	log.Println("[Auth] New user " + newusername + " added to system.")
+	log.Println("[Auth] Admin account created: " + newusername)
 }
 
 //Check authentication from request header's session value

web/index.html

@@ -5,7 +5,8 @@
         <meta name="viewport" content="user-scalable=no, width=device-width, initial-scale=1, maximum-scale=1"/>
         <meta charset="UTF-8">
         <meta name="theme-color" content="#4b75ff">
-        <link rel="icon" type="image/png" href="img/small_icon.png"/>
+        <link rel="icon" type="image/png" href="./favicon.png" />
+        <title>Portal | Zoraxy</title>
         <link rel="stylesheet" href="script/semantic/semantic.min.css">
         <script src="script/jquery-3.6.0.min.js"></script>
         <script src="../script/ao_module.js"></script>

web/login.html

@@ -15,6 +15,21 @@
             background: linear-gradient(28deg, rgba(245,245,245,1) 63%, rgba(255,255,255,1) 100%); 
         }
 
+        .background{
+            position: fixed;
+            top: 0;
+            right: 0;
+            height: 100%;
+            width: 100%;
+            opacity: 0.8;
+            z-index: -99;
+            background-image: url("img/public/bg.png");
+            background-size: auto 100%;
+            background-position: right top;
+            background-repeat: no-repeat;
+            overflow-x: hidden;
+        }
+
         form {
             margin:auto;
         }
@@ -31,54 +46,72 @@
         @media all and (max-width: 550px) {
             /* CSS rules here for screens lower than 750px */
             #loginForm{
-                width: 100%;
-                margin-left: 0em;
+                width: calc(100% - 4em);
+                margin-left: 2em;
             }
         }
+
+        #errmsg{
+            color: #9f3a38;
+            margin-top: 1em;
+            margin-bottom: 0.4em;
+            text-align: left;
+        }
+
+        .registerOnly{
+            display:none;
+        }
+
+        .ui.fluid.button.registerOnly{
+            display:none;
+        }
     </style>
     </head>
     <body>
+        <div class="background"></div>
         <div id="loginForm" class="ui middle aligned center aligned grid">
             <div class="column">
-              <form class="ui large form">
-                <div  class="ui basic segment">
-                <img class="ui fluid image" src="img/public/logo.svg" style="pointer-events:none;">
-                  <div class="field">
-                    <div class="ui left icon input">
-                      <i class="user icon"></i>
-                      <input type="text" name="username" placeholder="Username">
-                    </div>
-                  </div>
-                  <div class="field">
-                    <div class="ui left icon input">
-                      <i class="lock icon"></i>
-                      <input type="password" name="password" placeholder="Password">
+                <form class="ui large form">
+                    <div class="ui basic segment">
+                        <img class="ui fluid image" src="img/public/logo.svg" style="pointer-events:none;">
+                        <p class="registerOnly">Account Setup</p>
+                        <div class="field">
+                            <div class="ui left icon input">
+                                <i class="user icon"></i>
+                                <input id="username" type="text" name="username" placeholder="Username">
+                            </div>
+                        </div>
+                        <div class="field">
+                            <div class="ui left icon input">
+                                <i class="lock icon"></i>
+                                <input id="magic" type="password" name="password" placeholder="Password">
+                            </div>
+                        </div>
+                        <div class="field registerOnly">
+                            <div class="ui left icon input">
+                                <i class="lock icon"></i>
+                                <input id="repeatMagic" type="password" name="passwordconfirm" placeholder="Confirm Password">
+                            </div>
+                        </div>
+                        <div class="field loginOnly" style="text-align: left;">
+                            <div class="ui checkbox">
+                            <input id="rmbme" type="checkbox" tabindex="0" class="hidden">
+                            <label>Remember Me</label>
+                            </div>
+                        </div>
+                            <div id="loginbtn" class="ui fluid basic blue button loginOnly">Login</div>
+                            <div id="regsiterbtn" class="ui fluid basic blue button registerOnly">Create</div>
+                            <div id="errmsg"></div>
                     </div>
-                  </div>
-
-                  <div class="ui fluid basic blue submit button">Login</div>
-                </div>
-                <div class="ui error message"></div>
-                <div class="ui divider"></div>
-                <small>Proudly powered by Zoraxy</small>
-              </form>
+                    <div class="ui divider"></div>
+                    <small>Proudly powered by Zoraxy</small>
+                </form>
             </div>
-          </div>
+        </div>
     <script>
         var redirectionAddress = "/";
         var loginAddress = "/api/auth/login";
-        var isMobile = false; //initiate as false
-        // device detection
-        if(/(android|bb\d+|meego).+mobile|avantgo|bada\/|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hone|od)|ipad|iris|kindle|Android|Silk|lge |maemo|midp|mmp|netfront|opera m(ob|in)i|palm( os)?|phone|p(ixi|re)\/|plucker|pocket|psp|series(4|6)0|symbian|treo|up\.(browser|link)|vodafone|wap|windows (ce|phone)|xda|xiino/i.test(navigator.userAgent) 
-            || /1207|6310|6590|3gso|4thp|50[1-6]i|770s|802s|a wa|abac|ac(er|oo|s\-)|ai(ko|rn)|al(av|ca|co)|amoi|an(ex|ny|yw)|aptu|ar(ch|go)|as(te|us)|attw|au(di|\-m|r |s )|avan|be(ck|ll|nq)|bi(lb|rd)|bl(ac|az)|br(e|v)w|bumb|bw\-(n|u)|c55\/|capi|ccwa|cdm\-|cell|chtm|cldc|cmd\-|co(mp|nd)|craw|da(it|ll|ng)|dbte|dc\-s|devi|dica|dmob|do(c|p)o|ds(12|\-d)|el(49|ai)|em(l2|ul)|er(ic|k0)|esl8|ez([4-7]0|os|wa|ze)|fetc|fly(\-|_)|g1 u|g560|gene|gf\-5|g\-mo|go(\.w|od)|gr(ad|un)|haie|hcit|hd\-(m|p|t)|hei\-|hi(pt|ta)|hp( i|ip)|hs\-c|ht(c(\-| |_|a|g|p|s|t)|tp)|hu(aw|tc)|i\-(20|go|ma)|i230|iac( |\-|\/)|ibro|idea|ig01|ikom|im1k|inno|ipaq|iris|ja(t|v)a|jbro|jemu|jigs|kddi|keji|kgt( |\/)|klon|kpt |kwc\-|kyo(c|k)|le(no|xi)|lg( g|\/(k|l|u)|50|54|\-[a-w])|libw|lynx|m1\-w|m3ga|m50\/|ma(te|ui|xo)|mc(01|21|ca)|m\-cr|me(rc|ri)|mi(o8|oa|ts)|mmef|mo(01|02|bi|de|do|t(\-| |o|v)|zz)|mt(50|p1|v )|mwbp|mywa|n10[0-2]|n20[2-3]|n30(0|2)|n50(0|2|5)|n7(0(0|1)|10)|ne((c|m)\-|on|tf|wf|wg|wt)|nok(6|i)|nzph|o2im|op(ti|wv)|oran|owg1|p800|pan(a|d|t)|pdxg|pg(13|\-([1-8]|c))|phil|pire|pl(ay|uc)|pn\-2|po(ck|rt|se)|prox|psio|pt\-g|qa\-a|qc(07|12|21|32|60|\-[2-7]|i\-)|qtek|r380|r600|raks|rim9|ro(ve|zo)|s55\/|sa(ge|ma|mm|ms|ny|va)|sc(01|h\-|oo|p\-)|sdk\/|se(c(\-|0|1)|47|mc|nd|ri)|sgh\-|shar|sie(\-|m)|sk\-0|sl(45|id)|sm(al|ar|b3|it|t5)|so(ft|ny)|sp(01|h\-|v\-|v )|sy(01|mb)|t2(18|50)|t6(00|10|18)|ta(gt|lk)|tcl\-|tdg\-|tel(i|m)|tim\-|t\-mo|to(pl|sh)|ts(70|m\-|m3|m5)|tx\-9|up(\.b|g1|si)|utst|v400|v750|veri|vi(rg|te)|vk(40|5[0-3]|\-v)|vm40|voda|vulc|vx(52|53|60|61|70|80|81|83|85|98)|w3c(\-| )|webc|whit|wi(g |nc|nw)|wmlb|wonu|x700|yas\-|your|zeto|zte\-/i.test(navigator.userAgent.substr(0,4))) { 
-            isMobile = true;
-        }  
-
-        if (isMobile){
-            //Full screen the login panel
-            $("#loginInterface").css("width","100%");
-        }
-
+        $(".checkbox").checkbox();
         $(document).ready(function(){
             var currentdate = new Date(); 
             var datetime = currentdate.getDate() + "/"
@@ -88,8 +121,17 @@
                 + currentdate.getMinutes() + ":" 
                 + currentdate.getSeconds();
             $("#requestTime").text(datetime);
+
+            //Check if this is a new system
+            $.get("/api/auth/userCount", function(data){
+                if (data == 0){
+                    //Allow user creation
+                    $(".loginOnly").hide();
+                    $(".registerOnly").show();
+                }
+            });
             //Check if the user already logged in
-            $.get("system/auth/checkLogin",function(data){
+            $.get("/api/auth/checkLogin",function(data){
                 try{
                     if (data === true || data.trim() == "true"){
                     //User already logged in. Redirect to target page.
@@ -137,17 +179,49 @@
             }
         });
 
+        $("#regsiterbtn").on("click", function(event){
+            var username = $("#username").val();
+            var magic = $("#magic").val();
+            var repeatMagic = $("#repeatMagic").val();
+
+            if (magic !== repeatMagic) {
+                alert("Password does not match");
+                return;
+            }
+
+            $.ajax({
+                url: "/api/auth/register",
+                method: "POST",
+                data: {
+                    username: username,
+                    password: magic
+                },
+                success: function(data) {
+                    if (data.error != undefined){
+                        alert(data.error);
+                    }else{
+                        //Register success. Refresh page
+                        window.location.reload();
+                    }
+                },
+                error: function(xhr, status, error) {
+                    console.error("Error registering user:", error);
+                }
+            });
+        });
+
         //Login system with the given username and password
         function login(){
             var username = $("#username").val();
             var magic = $("#magic").val();
             var rmbme = document.getElementById("rmbme").checked;
+            $("#errmsg").stop().finish().slideUp("fast");
             $("input").addClass('disabled');
             $.post(loginAddress, {"username": username, "password": magic, "rmbme": rmbme}).done(function(data){
                 if (data.error !== undefined){
                     //Something went wrong during the login
-                    $("#errmsg").text(data.error);
-                    $("#errmsg").parent().stop().finish().slideDown('fast').delay(5000).slideUp('fast');
+                    $("#errmsg").html(`<i class="red remove icon"></i> ${data.error}`);
+                    $("#errmsg").stop().finish().slideDown('fast');
                 }else if(data.redirect !== undefined){
                     //LDAP Related Code
                     window.location.href = data.redirect;