diff options
author | Bryan Newbold <bnewbold@robocracy.org> | 2019-04-03 10:59:28 -0700 |
---|---|---|
committer | Bryan Newbold <bnewbold@robocracy.org> | 2019-04-03 10:59:28 -0700 |
commit | 323e34107ab58c746748799bacef00aa65c6b317 (patch) | |
tree | 6bcc912f96601a46da2e329d8b6360a7135ff767 /python/fatcat_web/templates | |
parent | 9d62040d7a2d3bc6034fbb4b8ff28397ce3b5d54 (diff) | |
download | fatcat-323e34107ab58c746748799bacef00aa65c6b317.tar.gz fatcat-323e34107ab58c746748799bacef00aa65c6b317.zip |
better CSRF handling; restyle account page
Diffstat (limited to 'python/fatcat_web/templates')
-rw-r--r-- | python/fatcat_web/templates/405.html | 12 | ||||
-rw-r--r-- | python/fatcat_web/templates/auth_account.html | 16 | ||||
-rw-r--r-- | python/fatcat_web/templates/csrf_error.html | 10 |
3 files changed, 33 insertions, 5 deletions
diff --git a/python/fatcat_web/templates/405.html b/python/fatcat_web/templates/405.html new file mode 100644 index 00000000..97d21d73 --- /dev/null +++ b/python/fatcat_web/templates/405.html @@ -0,0 +1,12 @@ +{% extends "base.html" %} +{% block body %} + +<center> +<div style="font-size: 8em;">405</div> +<div style="font-size: 3em;">Method Not Allowed</div> + +<p>Either we have a bug, or you tried something weird (like making up a URL). + +</center> + +{% endblock %} diff --git a/python/fatcat_web/templates/auth_account.html b/python/fatcat_web/templates/auth_account.html index 57155722..0311c538 100644 --- a/python/fatcat_web/templates/auth_account.html +++ b/python/fatcat_web/templates/auth_account.html @@ -1,23 +1,29 @@ {% extends "base.html" %} {% block body %} -<h1>Your Account</h1> +<h1 class="ui header"> + <i class="user icon"></i> + Account Settings +</h1> <p><b>Username:</b> <code>{{ current_user.username }}</code> <p><b>Editor Id:</b> <code><a href="/editor/{{ current_user.editor_id }}">{{ current_user.editor_id }}</a></code> -<div> -<p>Change username: +<br> +<div class="ui segment"> +<h3 class="ui header">Change Username</h3> <form class="" role="change_username" action="/auth/change_username" method="post"> + <input type="hidden" name="csrf_token" value="{{ csrf_token() }}"/> <div class="ui form"> - <div class="ui action input medium fluid"> + <div class="ui action input medium"> <input type="text" name="username" value="{{ current_user.username }}" aria-label="account username"> - <button class="ui button">Update</button> + <button class="ui red button">Update</button> </div> </div> </form> </div> +<br> <p>In the future, you might be able to... <ul> <li>Create a bot user diff --git a/python/fatcat_web/templates/csrf_error.html b/python/fatcat_web/templates/csrf_error.html new file mode 100644 index 00000000..357f9047 --- /dev/null +++ b/python/fatcat_web/templates/csrf_error.html @@ -0,0 +1,10 @@ +{% extends "base.html" %} +{% block body %} + +<center> +<div style="font-size: 8em;">400</div> +<div style="font-size: 3em;">Cross-Site Scripting Error</div> +{{ reason }} +</center> + +{% endblock %} |