From 2beb67b456221a9a56d4354f0f4a5c435f0c3a73 Mon Sep 17 00:00:00 2001
From: Marius Gavrilescu <marius@ieval.ro>
Date: Mon, 16 Mar 2015 12:04:24 +0200
Subject: [PATCH] Remove login dependency on cookies & referer

---
 js/95-login.js               | 28 +++++++++++++++-------------
 lib/Plack/App/Gruntmaster.pm |  4 +---
 tmpl/skel.en                 |  2 +-
 3 files changed, 17 insertions(+), 17 deletions(-)

diff --git a/js/95-login.js b/js/95-login.js
index 81e4533..60ede9d 100644
--- a/js/95-login.js
+++ b/js/95-login.js
@@ -2,20 +2,22 @@
 	'use strict';
 
 	$( document ).ready(function(){
-		$('#login').detach().prependTo($('#sidebar'));
+		$('#login').detach().prependTo($('#sidebar')).on('click', function(e) {
+			var xhr = new XMLHttpRequest();
+			xhr.open('GET', '/login');
+			xhr.onload = function () {
+				if(this.status != 200)
+					return;
+				var username = this.responseText;
+				sessionStorage.setItem('login_username', username);
+				start_tracking(username);
+				$('#login').html('Probably logged in as ' + username);
+			}
+			xhr.send();
+			return false;
+		});
 
-		document.cookie = "cookietest=1";
-		var cookie = document.cookie.indexOf("cookietest=") != -1;
-		document.cookie = "cookietest=1; expires=Thu, 01-Jan-1970 00:00:01 GMT";
-
-		if(!cookie) return;
-		var username = document.cookie.replace(/(?:(?:^|.*;\s*)username\s*\=\s*([^;]*).*$)|^.*$/, "$1");
-		if(username) {
-			sessionStorage.setItem('login_username', username);
-			document.cookie = "username=; expires=Thu, 01-Jan-1970 00:00:01 GMT";
-			start_tracking(username);
-		}
-		username = sessionStorage.getItem('login_username');
+		var username = sessionStorage.getItem('login_username');
 		if(username)
 			$('#login').html('Probably logged in as ' + username);
 	});
diff --git a/lib/Plack/App/Gruntmaster.pm b/lib/Plack/App/Gruntmaster.pm
index 0666fad..7a3dc34 100644
--- a/lib/Plack/App/Gruntmaster.pm
+++ b/lib/Plack/App/Gruntmaster.pm
@@ -140,9 +140,7 @@ sub dispatch_request{
 
 		sub (/login) {
 			forbid !remote_user;
-
-			my $return = $env->{HTTP_REFERER} // '/';
-			[303, ['Set-Cookie' => "username=".remote_user->id, Location => $return], []]
+			[200, ['Content-Type' => 'text/plain; charset=UTF-8', 'Cache-Control' => 'private, max-age=300', Vary => 'Authorization'], [$env->{REMOTE_USER}]]
 		},
 
 		sub (/ct/:contest/log/st) { redirect "/st/$_{contest}" },
diff --git a/tmpl/skel.en b/tmpl/skel.en
index b713e0e..39b4dda 100644
--- a/tmpl/skel.en
+++ b/tmpl/skel.en
@@ -31,7 +31,7 @@
 
 <div id="content">Content goes here</div>
 
-<div id="login" class="reqjs"><a href="/login">Log in</a></div>
+<div id="login" class="reqjs"><a href="#">Log in</a></div>
 
 <div id="theme-selector" class="reqjs">
 Themes:
-- 
2.39.5