diff --git a/README.md b/README.md index a983af8..f731644 100644 --- a/README.md +++ b/README.md @@ -9,8 +9,8 @@ Configure service with .env: ``` EXPOSE=0.0.0.0:8136 # IP/Port to bind -UID=1000 # files will be written as user -GID=1000 # files will be writter as group +UUID=1000 # files will be written as user +UGID=1000 # files will be writter as group TZ=Europe/Helsinki # your timezone WORKERS=4 # number of concurrent processes FLASK_APP_SECRET_KEY=8a36bfea77d842386a2a0c7c3e044228363d # Key that encrypts cookies diff --git a/code/app.py b/code/app.py index f9d9afd..207f8c7 100644 --- a/code/app.py +++ b/code/app.py @@ -223,13 +223,14 @@ def login(): session[request.form["token"]] = request.form["password"] return redirect(request.form["redirect"]) - return render_template( - "login.html", - filename=session["name"], - redirect=session["redirect"], - token=session["token"], - ) - + if set(('name','redirect','token')).issubset(session.keys()): + return render_template( + "login.html", + filename=session["name"], + redirect=session["redirect"], + token=session["token"], + ) + return "",400 @app.route("/logout", methods=["GET"]) def logout(): diff --git a/code/templates/login.html b/code/templates/login.html index 800ef26..139d420 100644 --- a/code/templates/login.html +++ b/code/templates/login.html @@ -1,25 +1,19 @@ + - + + -
-
- Password required for file {{ filename }}
- - -
- -
-
+
+
+ Password required for file {{ filename }}
+ + +
+ +
+
diff --git a/env.example b/env.example index d88db46..e0ad435 100644 --- a/env.example +++ b/env.example @@ -1,6 +1,6 @@ EXPOSE=0.0.0.0:8136 -UID=1000 -GID=1000 +UUID=1000 +UGID=1000 TZ=Europe/Helsinki WORKERS=4 TIMEOUT=1800