summaryrefslogtreecommitdiffstats
path: root/python/fatcat_web/templates
diff options
context:
space:
mode:
authorBryan Newbold <bnewbold@robocracy.org>2019-04-03 10:59:28 -0700
committerBryan Newbold <bnewbold@robocracy.org>2019-04-03 10:59:28 -0700
commit323e34107ab58c746748799bacef00aa65c6b317 (patch)
tree6bcc912f96601a46da2e329d8b6360a7135ff767 /python/fatcat_web/templates
parent9d62040d7a2d3bc6034fbb4b8ff28397ce3b5d54 (diff)
downloadfatcat-323e34107ab58c746748799bacef00aa65c6b317.tar.gz
fatcat-323e34107ab58c746748799bacef00aa65c6b317.zip
better CSRF handling; restyle account page
Diffstat (limited to 'python/fatcat_web/templates')
-rw-r--r--python/fatcat_web/templates/405.html12
-rw-r--r--python/fatcat_web/templates/auth_account.html16
-rw-r--r--python/fatcat_web/templates/csrf_error.html10
3 files changed, 33 insertions, 5 deletions
diff --git a/python/fatcat_web/templates/405.html b/python/fatcat_web/templates/405.html
new file mode 100644
index 00000000..97d21d73
--- /dev/null
+++ b/python/fatcat_web/templates/405.html
@@ -0,0 +1,12 @@
+{% extends "base.html" %}
+{% block body %}
+
+<center>
+<div style="font-size: 8em;">405</div>
+<div style="font-size: 3em;">Method Not Allowed</div>
+
+<p>Either we have a bug, or you tried something weird (like making up a URL).
+
+</center>
+
+{% endblock %}
diff --git a/python/fatcat_web/templates/auth_account.html b/python/fatcat_web/templates/auth_account.html
index 57155722..0311c538 100644
--- a/python/fatcat_web/templates/auth_account.html
+++ b/python/fatcat_web/templates/auth_account.html
@@ -1,23 +1,29 @@
{% extends "base.html" %}
{% block body %}
-<h1>Your Account</h1>
+<h1 class="ui header">
+ <i class="user icon"></i>
+ Account Settings
+</h1>
<p><b>Username:</b> <code>{{ current_user.username }}</code>
<p><b>Editor Id:</b> <code><a href="/editor/{{ current_user.editor_id }}">{{ current_user.editor_id }}</a></code>
-<div>
-<p>Change username:
+<br>
+<div class="ui segment">
+<h3 class="ui header">Change Username</h3>
<form class="" role="change_username" action="/auth/change_username" method="post">
+ <input type="hidden" name="csrf_token" value="{{ csrf_token() }}"/>
<div class="ui form">
- <div class="ui action input medium fluid">
+ <div class="ui action input medium">
<input type="text" name="username" value="{{ current_user.username }}" aria-label="account username">
- <button class="ui button">Update</button>
+ <button class="ui red button">Update</button>
</div>
</div>
</form>
</div>
+<br>
<p>In the future, you might be able to...
<ul>
<li>Create a bot user
diff --git a/python/fatcat_web/templates/csrf_error.html b/python/fatcat_web/templates/csrf_error.html
new file mode 100644
index 00000000..357f9047
--- /dev/null
+++ b/python/fatcat_web/templates/csrf_error.html
@@ -0,0 +1,10 @@
+{% extends "base.html" %}
+{% block body %}
+
+<center>
+<div style="font-size: 8em;">400</div>
+<div style="font-size: 3em;">Cross-Site Scripting Error</div>
+{{ reason }}
+</center>
+
+{% endblock %}