auth: authd/templates/simple.gotmpl annotate

Randomly generate codes. We've been using our IDs for auth codes. But our IDs may at some point be non-random, for the purpose of optimising database performance, or some other perfectly valid reason. Auth codes we always want to be random, and have no relation to IDs, so why conflate them? Instead, we pull 16 random bytes out of crypto/rand.Reader and hex encode them.

paddy@100	1 {{ define "login" }}<html>
paddy@100	2 <head>
paddy@100	3 <title>Log in</title>
paddy@100	4 </head>
paddy@100	5 <body>
paddy@100	6 <h1>Please log into your account</h1>{{ if .errors }}
paddy@100	7 <h2>Errors:</h2>
paddy@100	8 <ul>{{ range .errors }}
paddy@100	9 <li>{{ . }}</li>
paddy@100	10 </ul>{{ end }}{{ end }}
paddy@100	11 <form method="POST">
paddy@100	12 <p>Username: <input type="text" name="login"></p>
paddy@100	13 <p>Password: <input type="password" name="passphrase"></p>
paddy@100	14 <p><input type="submit"></p>
paddy@100	15 </form>
paddy@100	16 </body>
paddy@100	17 </html>{{ end }}
paddy@106	18
paddy@106	19 {{ define "get_grant" }}<html>
paddy@106	20 <head>
paddy@106	21 <title>Grant access</title>
paddy@106	22 </head>
paddy@106	23 <body>{{ if .error }}
paddy@106	24 <h1>Error</h1>
paddy@106	25 <p>{{ .error }}</p>{{ end }}{{ if .internal_error }}
paddy@106	26 <h1>Error</h1>
paddy@106	27 <p>{{ .internal_error }}</p>{{ end }}{{ if not .error }}{{ if not .internal_error }}<h1>Grant access</h1>
paddy@108	28 <p>{{ .client.Name }} is requesting access to your account. if you grant it, you'll be redirected to {{ .redirectURL }}. Their access will be limited to {{ .scope }}. You are granting access for {{ .profile.Name }}.</p>{{ end }}{{ end }}
paddy@108	29 <form method="POST">
paddy@108	30 <input type="submit" name="grant" value="approved">
paddy@132	31 <input type="hidden" name="csrftoken" value="{{ .csrftoken }}">
paddy@108	32 </form>
paddy@106	33 </body>
paddy@106	34 </html>{{ end }}

auth

auth/authd/templates/simple.gotmpl