gawells/Self-Service-Dashboard
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 6 Wiki Activity

Compare commits

base: gawells:074b3f8f31
Branches Tags
gawells:master
gawells:v0.0.6 gawells:v0.0.5 gawells:v0.0.4 gawells:737a1908e0 gawells:074b3f8f31 gawells:c5358e6c50
..
compare: gawells:737a1908e0
Branches Tags
gawells:master
gawells:v0.0.6 gawells:v0.0.5 gawells:v0.0.4 gawells:737a1908e0 gawells:074b3f8f31 gawells:c5358e6c50

19 Commits
074b3f8f31 ... 737a1908e0

Author SHA1 Message Date
Gregory Wells
737a1908e0 add server side password change information 2026-03-31 22:05:47 -04:00
Gregory Wells
c628c688f7 send request to the server 2026-03-31 21:39:38 -04:00
Gregory Wells
d283ad0a0a add close button 2026-03-31 21:37:10 -04:00
Gregory Wells
a8c8feeb3e redid final styling touches 2026-03-31 21:19:36 -04:00
Gregory Wells
939a55c44b finish styling for change password page 2026-03-31 21:15:26 -04:00
Gregory Wells
ffcaee7170 change order of change password and sign out 2026-03-31 21:04:54 -04:00
Gregory Wells
3a69c04c25 change some button styling 2026-03-31 21:03:16 -04:00
Gregory Wells
cacddd16e2 change file structure 2026-03-31 20:57:40 -04:00
Gregory Wells
2f6ff081f3 change default style for input 2026-03-31 20:56:39 -04:00
Gregory Wells
59bc23bdc2 third time failing to fix 2026-03-31 20:55:19 -04:00
Gregory Wells
a7c33392ce actually fix 2026-03-31 20:54:09 -04:00
Gregory Wells
05e01f4b23 fix background color on hovering bottom button 2026-03-31 20:53:54 -04:00
Gregory Wells
e2f4a0692c change default style for buttons 2026-03-31 20:53:08 -04:00
Gregory Wells
efd7d15722 display errors for simple password mistakes 2026-03-31 20:50:53 -04:00
Gregory Wells
4e412e9c18 extract out error login 2026-03-31 20:42:14 -04:00
Gregory Wells
6220021953 show error when new passwords do not match 2026-03-31 20:33:38 -04:00
Gregory Wells
01ca68e16b make login page use the card style 2026-03-31 19:53:48 -04:00
Gregory Wells
6c435e6135 get a simple change password dialogue to popup on press change password 2026-03-31 19:51:21 -04:00
Gregory Wells
e1f992e052 dim and block profile page when executing change profile request 2026-03-25 15:16:13 -04:00
10 changed files with 402 additions and 118 deletions
Expand all files Collapse all files

35
src/main/ldap.go
View File

@@ -133,6 +133,41 @@ func modifyLDAPAttribute(server *LDAPServer, userDN string, attribute string, da
return nil return nil
} }
func changeLDAPPassword(server *LDAPServer, userDN, oldPassword, newPassword string) error {
logging.Infof("Changing LDAP password for %s", userDN)
if server == nil || server.Connection == nil {
return fmt.Errorf("LDAP connection not initialized")
}
// Ensure connection is alive
if server.Connection.IsClosing() {
if err := reconnectToLDAPServer(server); err != nil {
return err
}
}
// Bind as the user (required for FreeIPA self-password change)
err := server.Connection.Bind(userDN, oldPassword)
if err != nil {
logging.Errorf("Failed to bind as user: %s", err.Error())
return err
}
// Perform password modify extended operation
_, err = server.Connection.PasswordModify(&ldap.PasswordModifyRequest{
UserIdentity: userDN,
OldPassword: oldPassword,
NewPassword: newPassword,
})
if err != nil {
logging.Errorf("Password modify failed: %s", err.Error())
return err
}
logging.Infof("Password successfully changed for %s", userDN)
return nil
}
func closeLDAPServer(server *LDAPServer) { func closeLDAPServer(server *LDAPServer) {
if server != nil && server.Connection != nil { if server != nil && server.Connection != nil {
logging.Debug("Closing connection to LDAP server") logging.Debug("Closing connection to LDAP server")

58
src/main/main.go
View File

@@ -309,6 +309,63 @@ func cleanupSessions() {
} }
} }
func changePasswordHandler(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "application/json")
exist, sessionData := validateSession(r)
if !exist {
w.WriteHeader(http.StatusUnauthorized)
w.Write([]byte(`{"success": false, "error": "Not authenticated"}`))
return
}
err := r.ParseMultipartForm(10 << 20)
if err != nil {
w.WriteHeader(http.StatusBadRequest)
w.Write([]byte(`{"success": false, "error": "Bad request"}`))
return
}
if r.FormValue("csrf_token") != sessionData.CSRFToken {
w.WriteHeader(http.StatusForbidden)
w.Write([]byte(`{"success": false, "error": "CSRF Forbidden"}`))
return
}
oldPassword := r.FormValue("old_password")
newPassword := r.FormValue("new_password")
newPasswordRepeat := r.FormValue("new_password_repeat")
if newPassword != newPasswordRepeat {
w.WriteHeader(http.StatusBadRequest)
w.Write([]byte(`{"success": false, "error": "Passwords do not match"}`))
return
}
userDN := fmt.Sprintf(
"uid=%s,cn=users,cn=accounts,%s",
sessionData.data.Username,
serverConfig.LDAPConfig.BaseDN,
)
err = changeLDAPPassword(ldapServer, userDN, oldPassword, newPassword)
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
if strings.Contains(err.Error(), "Invalid Credentials") {
w.Write([]byte(`{"success": false, "error": "Current password incorrect"}`))
} else if strings.Contains(err.Error(), "Too soon to change password") {
w.Write([]byte(`{"success": false, "error": "Too soon to change password"}`))
} else {
w.Write([]byte(`{"success": false, "error": "Internal error"}`))
}
return
}
w.WriteHeader(http.StatusOK)
w.Write([]byte(`{"success": true}`))
}
func main() { func main() {
logging.Info("Starting the server") logging.Info("Starting the server")
@@ -339,6 +396,7 @@ func main() {
HandleFunc("/avatar", avatarHandler) HandleFunc("/avatar", avatarHandler)
HandleFunc("/change-photo", uploadPhotoHandler) HandleFunc("/change-photo", uploadPhotoHandler)
HandleFunc("/change-password", changePasswordHandler)
HandleFunc("/", func(w http.ResponseWriter, r *http.Request) { HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
http.Redirect(w, r, "/profile", http.StatusFound) // 302 redirect http.Redirect(w, r, "/profile", http.StatusFound) // 302 redirect

22
src/pages/login_page.html
View File

@@ -6,37 +6,31 @@
rel="stylesheet" rel="stylesheet"
/> />
<link rel="stylesheet" href="static/style.css" /> <link rel="stylesheet" href="static/style.css" />
<link rel="stylesheet" href="static/error/error.css" />
<link rel="stylesheet" href="static/card.css" />
<link rel="stylesheet" href="static/login_page.css" /> <link rel="stylesheet" href="static/login_page.css" />
<img id="logo_image" alt="logo" src="/logo" /> <img id="logo_image" alt="logo" src="/logo" />
<form id="login_card" method="POST"> <form id="login_card" class="card" method="POST">
<div id="welcome_text"> <div id="welcome_text">
Welcome to Astral Tech, Please Sign in to your account below Welcome to Astral Tech, Please Sign in to your account below
</div> </div>
<div id="incorrect_password_text" class="{{.IsHiddenClassList}}"> <div class="error {{.IsHiddenClassList}}">
⚠️ Invalid username or password. ⚠️ Invalid username or password.
<button id="incorrect_password_close_button">X</button> <button class="close_error_button">X</button>
</div> </div>
<div> <div>
<label class="login_text">Username</label><br /> <label class="input_label">Username</label><br />
<input type="text" name="username" placeholder="" required /> <input type="text" name="username" placeholder="" required />
</div> </div>
<div> <div>
<label class="login_text">Password</label><br /> <label class="input_label">Password</label><br />
<input type="password" name="password" placeholder="" required /> <input type="password" name="password" placeholder="" required />
</div> </div>
<button type="submit">Login</button> <button type="submit">Login</button>
</form> </form>
<script> <script src="/static/error/error.js" type="text/javascript"></script>
document
.getElementById("incorrect_password_close_button")
.addEventListener("click", function () {
document
.getElementById("incorrect_password_text")
.classList.add("hidden");
});
</script>

194
src/pages/profile_page.html
View File

@@ -7,8 +7,59 @@
/> />
<link rel="stylesheet" href="static/style.css" /> <link rel="stylesheet" href="static/style.css" />
<link rel="stylesheet" href="static/card.css" /> <link rel="stylesheet" href="static/card.css" />
<link rel="stylesheet" href="static/error/error.css" />
<link rel="stylesheet" href="static/profile_page.css" /> <link rel="stylesheet" href="static/profile_page.css" />
<div id="popup_background" class="blocked hidden"></div>
<div id="change_password_dialogue" class="hidden card static_center">
Change Password
<button id="close_password_dialogue">X</button>
<div id="password_error" class="error hidden">
<div id="password_text"></div>
<button id="password_error_close_button" class="close_error_button">
X
</button>
</div>
<div>
<label class="input_label">Current password</label><br />
<input
type="password"
id="current_password"
name="current_password"
placeholder=""
required
/>
</div>
<div>
<label class="input_label">New password</label><br />
<input
type="password"
id="new_password"
name="new_password"
placeholder=""
required
/>
</div>
<div>
<label class="input_label">New password (repeat)</label><br />
<input
type="password"
id="new_password_repeat"
name="new_password_repeat"
placeholder=""
required
/>
</div>
<button id="final_change_password_button">Change Password</button>
</div>
<img id="logo_image" alt="logo" src="/logo" /> <img id="logo_image" alt="logo" src="/logo" />
<div id="main_content"> <div id="main_content">
<div class="cards"> <div class="cards">
@@ -51,28 +102,18 @@
<div class="data-value">{{.Email}}</div> <div class="data-value">{{.Email}}</div>
</div> </div>
<form <button class="bottom_button" id="change_password_button">
action="/logout" <input
method="POST" id="csrf_token_storage"
style=" type="hidden"
color: var(--primary-accent); name="csrf_token"
text-decoration: none; value="{{.CSRFToken}}"
font-weight: bold; />
margin-top: 20px; Change Password
display: inline-block; </button>
"
> <form action="/logout" method="POST" style="display: inline-block">
<button <button class="bottom_button" id="signout_button">
style="
background: none;
border-style: none;
color: var(--primary-accent);
text-decoration: none;
font-weight: bold;
font-size: 20px;
"
id="signout_button"
>
<input <input
id="csrf_token_storage" id="csrf_token_storage"
type="hidden" type="hidden"
@@ -95,10 +136,102 @@
}); });
</script> </script>
<script type="text/javascript">
const popup_botton = document.getElementById("change_password_button");
popup_botton.addEventListener("click", () => {
document.getElementById("popup_background").classList.remove("hidden");
document
.getElementById("change_password_dialogue")
.classList.remove("hidden");
});
</script>
<script type="text/javascript">
const changePasswordButton = document.getElementById(
"final_change_password_button",
);
function displayError(errorText) {
document.getElementById("password_error").classList.remove("hidden");
document.getElementById("password_text").innerText =
"⚠️ " + errorText + ".";
return;
}
changePasswordButton.addEventListener("click", () => {
if (document.getElementById("current_password").value === "") {
displayError("Please enter current password");
return;
}
if (document.getElementById("new_password").value === "") {
displayError("No value for new password");
return;
}
if (document.getElementById("new_password_repeat").value === "") {
displayError("Please repeat new password");
return;
}
if (
document.getElementById("new_password").value !==
document.getElementById("new_password_repeat").value
) {
displayError("New password and new password repeat do not match");
return;
}
const formData = new FormData();
formData.append(
"csrf_token",
document.getElementById("csrf_token_storage").value,
);
formData.append(
"old_password",
document.getElementById("current_password").value,
);
formData.append(
"new_password",
document.getElementById("new_password").value,
);
formData.append(
"new_password_repeat",
document.getElementById("new_password_repeat").value,
);
fetch("/change-password", {
method: "POST",
body: formData,
})
.then(async (res) => {
const data = await res.json();
if (!res.ok) {
throw new Error(data.error || "Request failed");
}
return data;
})
.then((data) => {
document
.getElementById("change_password_dialogue")
.classList.add("hidden");
document
.getElementById("popup_background")
.classList.add("hidden");
})
.catch((err) => {
displayError(err.message);
});
});
</script>
<script type="text/javascript"> <script type="text/javascript">
var currentPreviewURL = null; var currentPreviewURL = null;
fileInput.addEventListener("change", async () => { fileInput.addEventListener("change", async () => {
document.getElementById("popup_background").classList.remove("hidden");
const file = fileInput.files[0]; const file = fileInput.files[0];
if (!file) return; if (!file) return;
if (file.type !== "image/jpeg") { if (file.type !== "image/jpeg") {
@@ -118,7 +251,9 @@
credentials: "include", credentials: "include",
}); });
const text = await res.text(); const text = await res.text();
// show the picture (so we don't need to re render the whole page)
document.getElementById("popup_background").classList.add("hidden");
const img = document.querySelector(".profile-pic"); const img = document.querySelector(".profile-pic");
if (currentPreviewURL != null) { if (currentPreviewURL != null) {
@@ -129,3 +264,16 @@
currentPreviewURL = img.src; currentPreviewURL = img.src;
}); });
</script> </script>
<script type="text/javascript">
document
.getElementById("close_password_dialogue")
.addEventListener("click", () => {
document
.getElementById("change_password_dialogue")
.classList.add("hidden");
document.getElementById("popup_background").classList.add("hidden");
});
</script>
<script src="/static/error/error.js" type="text/javascript"></script>

15
static/card.css
View File

@@ -3,11 +3,22 @@
255, 255,
255, 255,
255, 255,
0.8 1
); /* Semi-transparent white for light theme */ ); /* Semi-transparent white for light theme */
border: 1px solid var(--border-subtle); border: 1px solid var(--border-subtle);
border-radius: 12px; border-radius: 12px;
padding: 24px; padding: 2.5rem;
box-shadow: 0 4px 15px rgba(0, 0, 0, 0.03); box-shadow: 0 4px 15px rgba(0, 0, 0, 0.03);
transition: transform 0.2s ease; transition: transform 0.2s ease;
display: flex;
flex-direction: column;
gap: 15px;
}
.static_center {
position: fixed;
left: 50%;
top: 50%;
transform: translateX(-50%) translateY(-50%);
} }

30
static/error/error.css Normal file
View File

@@ -0,0 +1,30 @@
.error {
background-color: var(--error-red) !important;
border-radius: 10px;
padding: 20px;
border-style: solid;
border-color: var(--error-border-red);
border-width: 1px;
box-sizing: border-box;
font-size: 12px;
position: relative;
color: white;
box-shadow: 0 2px 6px rgba(0, 0, 0, 0.1);
}
.close_error_button {
position: absolute !important;
background-color: rgba(0, 0, 0, 0) !important;
padding: 0px !important;
top: 20px;
right: 20px;
color: black !important;
font-weight: normal !important;
border: none;
width: fit-content !important;
}
.close_error_button:hover {
cursor: default;
font-weight: bold !important;
}

7
static/error/error.js Normal file
View File

@@ -0,0 +1,7 @@
var error_close_buttons = document.getElementsByClassName("close_error_button");
for (const close_button of error_close_buttons) {
close_button.addEventListener("click", function () {
this.parentElement.classList.add("hidden");
});
}

74
static/login_page.css
View File

@@ -6,51 +6,17 @@
} }
#login_card { #login_card {
/* The Magic Three */
display: flex;
flex-direction: column; /* Stack vertically */
gap: 15px; /* Space between inputs */
position: fixed; position: fixed;
top: 50%; top: 50%;
left: 50%; left: 50%;
transform: translateX(-50%) translateY(-50%); transform: translateX(-50%) translateY(-50%);
background-color: var(--bg-card);
border: 1px solid var(--border-subtle);
padding: 2.5rem;
border-radius: 8px;
width: 350px; width: 350px;
/* Soft shadow for depth in light mode */
box-shadow:
0 4px 12px rgba(0, 0, 0, 0.05),
0 1px 3px rgba(0, 0, 0, 0.1);
} }
#login_card input { #login_card input {
padding: 12px;
background-color: var(--bg-input);
border: 1px solid var(--border-subtle);
color: var(--text-main);
border-radius: 6px;
width: 324px; width: 324px;
} }
#login_card input::placeholder {
color: var(--text-muted);
}
#login_card button {
padding: 12px;
background-color: var(--primary-accent); /* Our Teal/Blue */
color: white;
border: none;
border-radius: 6px;
cursor: pointer;
font-weight: bold;
}
#login_card div { #login_card div {
width: 100%; width: 100%;
} }
@@ -69,48 +35,8 @@
flex: 2; flex: 2;
} }
#login_card button:hover {
background-color: var(--primary-hover);
}
.login_text {
color: var(--text-muted);
margin: 0;
padding: 0;
font-size: 15px;
}
#welcome_text { #welcome_text {
font-weight: 700; font-weight: 700;
font-size: 1.25rem; font-size: 1.25rem;
margin-bottom: 8px; margin-bottom: 8px;
} }
#incorrect_password_text {
background-color: var(--error-red) !important;
border-radius: 10px;
padding: 20px;
border-style: solid;
border-color: var(--error-border-red);
border-width: 1px;
box-sizing: border-box;
font-size: 12px;
position: relative;
color: white;
box-shadow: 0 2px 6px rgba(0, 0, 0, 0.1);
}
#incorrect_password_close_button {
position: absolute !important;
background-color: rgba(0, 0, 0, 0) !important;
padding: 0px !important;
top: 20px;
right: 20px;
color: black !important;
font-weight: normal !important;
}
#incorrect_password_close_button:hover {
cursor: default;
font-weight: bold !important;
}

35
static/profile_page.css
View File

@@ -33,6 +33,8 @@
max-width: 500px; max-width: 500px;
text-align: center; text-align: center;
gap: 0px !important;
position: fixed; position: fixed;
left: 50%; left: 50%;
top: 50%; top: 50%;
@@ -83,6 +85,8 @@
border-radius: 50%; border-radius: 50%;
border: none; border: none;
padding: 6px; padding: 6px;
width: fit-content !important;
} }
#edit_picture_button:hover { #edit_picture_button:hover {
@@ -90,8 +94,8 @@
} }
#edit_picture_image { #edit_picture_image {
width: 20px; width: 20px !important;
height: 20px; height: 20px !important;
} }
#picture_holder { #picture_holder {
@@ -100,6 +104,31 @@
line-height: 0; line-height: 0;
} }
#signout_button:hover { .bottom_button:hover {
text-decoration: underline !important; text-decoration: underline !important;
background: none !important;
}
.bottom_button {
background: none;
border-style: none;
color: var(--primary-accent);
text-decoration: none;
font-weight: bold;
font-size: 20px;
}
#change_password_dialogue {
z-index: 10000;
position: fixed;
}
#change_password_dialogue input {
width: 350px;
}
#close_password_dialogue {
width: fit-content;
position: absolute;
right: 2.5rem;
} }

50
static/style.css
View File

@@ -24,6 +24,52 @@ body {
background-color: var(--bg-main); background-color: var(--bg-main);
} }
.hidden { button {
display: none; padding: 12px;
background-color: var(--primary-accent); /* Our Teal/Blue */
color: white;
border: none;
border-radius: 6px;
cursor: pointer;
font-weight: bold;
width: 100%;
}
button:hover {
background-color: var(--primary-hover);
}
input {
padding: 12px;
background-color: var(--bg-input);
border: 1px solid var(--border-subtle);
color: var(--text-main);
border-radius: 6px;
}
input::placeholder {
color: var(--text-muted);
}
.input_label {
color: var(--text-muted);
margin: 0;
padding: 0;
font-size: 15px;
}
.hidden {
display: none !important;
}
.blocked {
position: fixed; /* or absolute */
top: 0;
left: 0;
width: 100%;
height: 100%;
z-index: 9999; /* higher = on top */
background-color: black;
opacity: 10%;
} }