From fc69ef4b575fe62925cb273f7e4e96334f8a6ea2 Mon Sep 17 00:00:00 2001 From: Kevin Morris Date: Sat, 15 Jan 2022 19:16:56 -0800 Subject: [PATCH] try to use X-Forwarded-Proto to determine https login Signed-off-by: Kevin Morris --- aurweb/routers/auth.py | 4 +++- templates/login.html | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/aurweb/routers/auth.py b/aurweb/routers/auth.py index 0b68dac3..405b2894 100644 --- a/aurweb/routers/auth.py +++ b/aurweb/routers/auth.py @@ -6,18 +6,20 @@ from fastapi.responses import HTMLResponse, RedirectResponse import aurweb.config -from aurweb import cookies, db +from aurweb import cookies, db, logging from aurweb.auth import requires_auth, requires_guest from aurweb.l10n import get_translator_for_request from aurweb.models import User from aurweb.templates import make_variable_context, render_template +logger = logging.get_logger(__name__) router = APIRouter() async def login_template(request: Request, next: str, errors: list = None): """ Provide login-specific template context to render_template. """ context = await make_variable_context(request, "Login", next) + logger.info(f"Request scheme: '{request.url.scheme}'.") context["errors"] = errors context["url_base"] = f"{request.url.scheme}://{request.url.netloc}" return render_template(request, "login.html", context) diff --git a/templates/login.html b/templates/login.html index c62de43e..6a1f2892 100644 --- a/templates/login.html +++ b/templates/login.html @@ -18,7 +18,7 @@

{% else %} - {% if request.url.scheme == "http" and config.getboolean("options", "disable_http_login") %} + {% if request.headers.get("X-Forwarded-Proto", "http") and config.getboolean("options", "disable_http_login") %} {% set https_login = url_base.replace("http://", "https://") + "/login" %}

{{ "HTTP login is disabled. Please %sswitch to HTTPs%s if you want to login."