Update login.js to use Bearer on header

Session features now use Bearer to send the token
Moving the login position
2025-03-10 14:17:24 +07:00 · 2025-03-10 14:16:16 +07:00 · 2025-03-10 14:13:50 +07:00
3 changed files with 21 additions and 48 deletions
--- a/handler.py
+++ b/handler.py
@ -62,15 +62,6 @@ def index():
    }
    return public_verify.verify().html(params)

-@app.route('/login')
-def index():
-    params = {
-        "mako"  : {
-            "website" : template_public.main(directory.page["public"], "login")
-        }
-    }
-    return public_login.login().html(params)
-
@app.route('/forgot')
 def index():
    params = {
@ -89,6 +80,15 @@ def index():
    }
    return public_reset.reset().html(params)

+@app.route('/login')
+def index():
+    params = {
+        "mako"  : {
+            "website" : template_public.main(directory.page["public"], "login")
+        }
+    }
+    return public_login.login().html(params)
+
@app.route('/logout')
 def index():
    beaker_session = request.environ.get('beaker.session')
--- a/modules/api/auth.py
+++ b/modules/api/auth.py
@ -291,25 +291,17 @@ class auth:
        loggorilla.prcss(APIADDR, "Define parameters")
        response    = {}
        try:
-            type        = params["type" ] # set / check / out
-            if type == "set":
-                loggorilla.fyinf(APIADDR, "type is 'set': get the jwt from parameters")
-                loggorilla.prcss(APIADDR, "Get the token from params")
-                jwt         = params["jwt"  ]
+            type        = params["type" ] # set / out
+            loggorilla.prcss(APIADDR, "Extract the token from Header")
+            auth_header = request.get_header('Authorization')
+            if auth_header and auth_header.split(' ')[0] == 'Bearer':
+                loggorilla.fyinf(APIADDR, "Use Bearer")
+                jwt 	    = auth_header.split(' ')[1]
+                payload     	= tokenguard.decode(jwt, globalvar.ssh['key']['public'])
+                session_id  	= payload["session"]["id"]
            else:
-                jwt         = params["jwt"  ]
-                #loggorilla.fyinf(APIADDR, "type is not 'set': get the jwt from Header")
-                #loggorilla.prcss(APIADDR, "Extract the token from Header")
-                #auth_header = request.get_header('Authorization')
-                #loggorilla.prcss(APIADDR, "Check the bearer")
-                #if auth_header.split(' ')[0] == 'Bearer':
-                #    loggorilla.fyinf(APIADDR, "Use bearer")
-                #    jwt 	    = auth_header.split(' ')[1]
-                #else:
-                #    loggorilla.fyinf(APIADDR, "Not use bearer")
-                #    jwt = None
-            payload     	= tokenguard.decode(jwt, globalvar.ssh['key']['public'])
-            session_id  	= payload["session"]["id"]
+                loggorilla.fyinf(APIADDR, "Not use Bearer")
+                jwt = None
            session_beaker	= request.environ.get('beaker.session')
            if type == 'set':
                loggorilla.prcss(APIADDR, "Set session")
@ -317,23 +309,6 @@ class auth:
                session_beaker.save()
                response["status"   ] = "success"
                response["desc"     ] = "Session set"
-            elif type == 'check':
-                loggorilla.prcss(APIADDR, "Check session")
-                self.cursor.execute(f"SELECT COUNT(*) AS `count` FROM auth_session WHERE id = %s ; ", (session_id,) )
-                result_session = self.cursor.fetchone()
-                if result_session['count'] == 0:
-                    bottle_response.set_header("Authorization", "")
-                    response["status"   ] = "success"
-                    response["desc"     ] = "session out"
-                    response["data"     ] = {
-                        "status":"lost"
-                    }
-                else:
-                    response["status"   ] = "success"
-                    response["desc"     ] = "session active"
-                    response["data"     ] = {
-                        "status":"active"
-                    }
            elif type == 'out':
                loggorilla.prcss(APIADDR, "Out session")
                session_beaker.delete()
--- a/static/js/auth/login.js
+++ b/static/js/auth/login.js
@ -32,16 +32,14 @@ function responseSession(response) {

 function setSession(jwt) {
  var url     = "/api/auth/session/set";
-  var payload = {
-    "jwt" : jwt
-  };
+  var payload = {};
  sendHttpRequest(url, "POST", payload, function (error, response) {
    if (error) console.error("Error:", error);
    else {
      console.log("JSON Response:", response);
      responseSession(response);
    }
-  }, "application/json");
+  }, "application/json", `Bearer ${jwt}`);
 }

 function responseAlert(response) {
Author	SHA1	Message	Date
Dita Aji Pratama	7f77ad39bf	Update login.js to use Bearer on header	2025-03-10 14:17:24 +07:00
Dita Aji Pratama	2be2f425c6	Session features now use Bearer to send the token	2025-03-10 14:16:16 +07:00
Dita Aji Pratama	182c888553	Moving the login position	2025-03-10 14:13:50 +07:00