diff options
| author |  Alexandre Alapetite <alexandre@alapetite.fr>
| 2024-11-26 16:52:39 +0100 |
|---|---|---|
| committer |  GitHub <noreply@github.com>
| 2024-11-26 16:52:39 +0100 |
| commit | 4baed120d0fd26dc8fd03c802830cd66de502035 (patch) | |
| tree | c007a6d6ed6e802a45cd16f3b3e2ebc6519c5bdc | |
| parent | 51133a5b7d6c945ac7f2c5eea8f25a9c92dde97e (diff) | |
Async XHR for login form (#7023)
Fix https://github.com/FreshRSS/FreshRSS/issues/7019
| -rw-r--r-- | p/scripts/extra.js | 65 |
1 files changed, 37 insertions, 28 deletions
diff --git a/p/scripts/extra.js b/p/scripts/extra.js index edc9edd95..6f756b393 100644 --- a/p/scripts/extra.js +++ b/p/scripts/extra.js @@ -39,44 +39,53 @@ function init_crypto_form() { } crypto_form.onsubmit = function (e) { - if (submit_button) { - submit_button.disabled = true; + e.preventDefault(); + + if (!submit_button) { + return false; + } + submit_button.disabled = true; + + if (document.getElementById('challenge').value) { + // Already computed + return true; } - let success = false; const req = new XMLHttpRequest(); - req.open('GET', './?c=javascript&a=nonce&user=' + document.getElementById('username').value, false); + req.open('GET', './?c=javascript&a=nonce&user=' + document.getElementById('username').value, true); + req.onerror = function () { openNotification('Communication error!', 'bad'); + submit_button.disabled = false; }; - req.send(); - if (req.status == 200) { - const json = xmlHttpRequestJson(req); - if (!json.salt1 || !json.nonce) { - openNotification('Invalid user!', 'bad'); - } else { - try { - const strong = window.Uint32Array && window.crypto && (typeof window.crypto.getRandomValues === 'function'); - const s = dcodeIO.bcrypt.hashSync(document.getElementById('passwordPlain').value, json.salt1); - const c = dcodeIO.bcrypt.hashSync(json.nonce + s, strong ? dcodeIO.bcrypt.genSaltSync(4) : poormanSalt()); - document.getElementById('challenge').value = c; - if (!s || !c) { - openNotification('Crypto error!', 'bad'); - } else { - success = true; + + req.onload = function () { + if (req.status == 200) { + const json = xmlHttpRequestJson(req); + if (!json.salt1 || !json.nonce) { + openNotification('Invalid user!', 'bad'); + } else { + try { + const strong = window.Uint32Array && window.crypto && (typeof window.crypto.getRandomValues === 'function'); + const s = dcodeIO.bcrypt.hashSync(document.getElementById('passwordPlain').value, json.salt1); + const c = dcodeIO.bcrypt.hashSync(json.nonce + s, strong ? dcodeIO.bcrypt.genSaltSync(4) : poormanSalt()); + document.getElementById('challenge').value = c; + if (!s || !c) { + openNotification('Crypto error!', 'bad'); + } else { + crypto_form.removeEventListener('submit', crypto_form.onsubmit); + crypto_form.submit(); + } + } catch (ex) { + openNotification('Crypto exception! ' + ex, 'bad'); } - } catch (ex) { - openNotification('Crypto exception! ' + ex, 'bad'); } + } else { + req.onerror(); } - } else { - req.onerror(); - } + }; - if (submit_button) { - submit_button.disabled = false; - } - return success; + req.send(); }; } // </crypto form (Web login)> |