aboutsummaryrefslogtreecommitdiff
path: root/tmpl (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* index.tmpl: Place the search bar inside the tableRunxi Yu2024-09-081-3/+5
|
* *: Password login stubRunxi Yu2024-09-081-1/+36
|
* index.tmpl: Rename the "Course" field into "Name", in the HTMLRunxi Yu2024-09-081-1/+1
|
* index.tmpl: Add .coursecheckbox to checkboxesRunxi Yu2024-09-081-1/+1
|
* index.tmpl: Search barRunxi Yu2024-09-081-3/+18
|
* index.tmpl: Checkbox should not have {{.Id}} as textRunxi Yu2024-09-081-1/+1
|
* *: Display coursesRunxi Yu2024-09-081-34/+38
|
* *: Basic WebSocket connection may be established nowRunxi Yu2024-09-081-1/+39
|
* index.tmpl: JavaScript warningRunxi Yu2024-09-081-1/+23
|
* *: Call Graph API for department informationRunxi Yu2024-09-071-62/+5
| | | | | | | | | | | | I am using a hybrid flow with "id_token" for OpenID Connect and "code" for an Authorization Code. I would use "token" too but that doesn't seem to be supported for standard web-apps and could result in strange session-hijacking issues. We still need PKCE sometime in the future; however it's not a priority: the worst attack someone could pull off is to use a different user's Authorization Code and steal a Department, which probably isn't too big of a deal as the Authorization Code should be secret anyways.
* *: Basic authentication and templatesRunxi Yu2024-09-072-0/+158
These are imported from FBFP and slightly modified to be specific to YKPS (while not being hard to port to other environments that use APIs that use OAUTH 2.0). Some code is also simplified. Database code still needs an audit, and things are not tested yet.