Autofill login name sent from external service

2024-11-12 23:01:33 +00:00 · 2023-10-04 21:51:11 +01:00 · 2023-10-04 21:51:11 +01:00 · a8afddb02b
commit a8afddb02b
parent b33454627a
3 changed files with 22 additions and 3 deletions
--- a/pages/login.go.html
+++ b/pages/login.go.html
@ -18,11 +18,11 @@
        <input type="hidden" name="redirect" value="{{.Redirect}}"/>
        <div>
            <label for="field_username">User Name:</label>
-            <input type="text" name="username" id="field_username" required/>
+            <input type="text" name="username" id="field_username" {{if gt (len .LoginName) 0}} value="{{.LoginName}}" {{else}} autofocus {{end}} required/>
        </div>
        <div>
            <label for="field_password">Password:</label>
-            <input type="password" name="password" id="field_password" required/>
+            <input type="password" name="password" id="field_password" {{if gt (len .LoginName) 0}} autofocus {{end}} required/>
        </div>
        <button type="submit">Login</button>
    </form>
--- a/server/login.go
+++ b/server/login.go
@ -16,18 +16,37 @@ import (
 	"time"
 )

+// getUserLoginName finds the `login_name` query parameter within the `/authorize` redirect url
+func getUserLoginName(req *http.Request) string {
+	q := req.URL.Query()
+	if !q.Has("redirect") {
+		return ""
+	}
+	originUrl, err := url.ParseRequestURI(q.Get("redirect"))
+	if err != nil {
+		return ""
+	}
+	if originUrl.Path != "/authorize" {
+		return ""
+	}
+	return originUrl.Query().Get("login_name")
+}
+
 func (h *HttpServer) LoginGet(rw http.ResponseWriter, req *http.Request, _ httprouter.Params, auth UserAuth) {
 	if !auth.IsGuest() {
 		h.SafeRedirect(rw, req)
 		return
 	}

+	loginName := getUserLoginName(req)
+
 	rw.Header().Set("Content-Type", "text/html")
 	rw.WriteHeader(http.StatusOK)
 	pages.RenderPageTemplate(rw, "login", map[string]any{
 		"ServiceName": h.serviceName,
 		"Redirect":    req.URL.Query().Get("redirect"),
 		"Mismatch":    req.URL.Query().Get("mismatch"),
+		"LoginName":   loginName,
 	})
 }

--- a/server/server.go
+++ b/server/server.go
@ -135,7 +135,7 @@ func NewHttpServer(listen, domain, otpIssuer, serviceName string, mailer mail.Ma
 		if !scope2.ScopesExist(a) {
 			return "", errInvalidScope
 		}
-		return "openid", nil
+		return a, nil
 	})

 	r.GET("/.well-known/openid-configuration", func(rw http.ResponseWriter, req *http.Request, params httprouter.Params) {