From fc9a4ea22eb91757b95cbe1bf1708be17fc2337a Mon Sep 17 00:00:00 2001
From: yo momma <shutup@oops.wtf>
Date: Tue, 27 Jan 2026 03:33:16 +0000
Subject: Fix HTTPS/mixed content; make config env-driven

- Replace hardcoded dump.fm URLs with host/scheme config\n- Add optional passwordless login flow\n- Update templates/static assets to avoid blocked HTTP resources\n- Ignore local uploads/SQL dumps
---
 static/js/fullscreen.js | 22 ++++++++++++++++++----
 1 file changed, 18 insertions(+), 4 deletions(-)

(limited to 'static/js/fullscreen.js')

diff --git a/static/js/fullscreen.js b/static/js/fullscreen.js
index 17b0614..38e09ee 100755
--- a/static/js/fullscreen.js
+++ b/static/js/fullscreen.js
@@ -92,6 +92,21 @@ function initLogin() {
                                  );
 }
 
+function loginErrorText(resp) {
+    var code = "";
+    try {
+        code = (resp && resp.responseText) ? ("" + resp.responseText).replace(/^\s+|\s+$/g, "") : "";
+    } catch(e) {}
+    if (code == "NICK_TOO_SHORT") return "Username too short (min 3 characters).";
+    if (code == "NICK_TOO_LONG") return "Username too long (max 16 characters).";
+    if (code == "NICK_INVALID_CHARS") return "Username can only use letters, numbers, '_' and '-'.";
+    if (code == "NICK_TAKEN") return "That username is taken/reserved. Try another.";
+    if (code == "RECENTLY_CREATED") return "Too many new accounts from this IP. Try an existing username.";
+    if (code == "RECENTLY_MUTED") return "This IP is restricted from creating new accounts. Try an existing username.";
+    if (code && code != "BAD_LOGIN") return "Couldn't log you in (" + code + ").";
+    return "Couldn't log you in :( Try a different username.";
+}
+
 function showLogin() {
     $('#nickInput').val('');
     $('#passwordInput').val('');
@@ -104,9 +119,9 @@ function login() {
     $('#spinner').show();
     $('input').attr('disabled', 'disabled');
     var nick = $('#nickInput').val();
-    var password = $('#passwordInput').val();
+    var password = $('#passwordInput').val() || '';
     var rememberme = $('#remembermeInput').attr('checked') ? 'yes' : '';
-    var hash = hex_sha1(nick + '$' + password + '$dumpfm');
+    var hash = password ? hex_sha1(nick + '$' + password + '$dumpfm') : '';
 
     var onSuccess = function(json) {
 	//  if (typeof pageTracker !== 'undefined') {
@@ -121,7 +136,7 @@ function login() {
     var onError = function(resp, textStatus, errorThrown) {
         $('#spinner').hide();
         $('input').removeAttr('disabled');
-        $('#errormsg').text("Couldn't log you in :( Bad password?");
+        $('#errormsg').text(loginErrorText(resp));
     }
 
     $.ajax({
@@ -507,4 +522,3 @@ function bit_rol(num, cnt)
 {
   return (num << cnt) | (num >>> (32 - cnt));
 }
-
-- 
cgit v1.2.3-70-g09d2