web-login-html.c

00001 #include "http.h"
00002 #include "web-add.h"
00003 #include "web-login.h"
00004 #include "web-pages-base.h"
00005 
00006 void WebLoginHtml()
00007 {
00008     HttpOk("text/html; charset=UTF-8", "no-cache", NULL, NULL);
00009     WebAddHeader("Login", NULL, NULL);
00010     HttpAddText(
00011 "<style>"
00012 #include "web-login-css.inc"
00013 "</style>"
00014     );
00015     WebAddH1("Login");
00016     if (WebLoginPasswordIsSet())
00017     {
00018         WebAddH2("Welcome - please enter the password");
00019     }
00020     else
00021     {
00022         WebAddH2("Please enter a new password following user reset");
00023         HttpAddText("<p>Be careful to make it the one people expect!</p>");
00024     }
00025     
00026     HttpAddText("<form action='/login' method='get' autocomplete='off'>\r\n");
00027     HttpAddText("  <div style='width:8em; display:inline-block;'>Password</div>\r\n");
00028     HttpAddF   ("  <input type='hidden' name='todo'     value='%d'>\r\n", WebLoginOriginalToDo);
00029     HttpAddText("  <input type='text'   name='password' value='' autofocus>\r\n");
00030     HttpAddText("  <input type='submit'                 value='' >\r\n");
00031     HttpAddF   ("</form>\r\n");
00032 
00033     WebAddEnd();
00034 }
00035 
00036 /*
00037 Device sends request for resource to server
00038 Server cannot validate the session cookie (or there isn't one) so sends login form with original resource number as a hidden input
00039 Device does a GET for /login with query containing password and original resource
00040 Server validates password and sends original resource with a valid session cookie.
00041 */