swissmakers_gmbh/fail2ban-ui
12
1
Fork 0
mirror of https://github.com/swissmakers/fail2ban-ui.git synced 2026-04-17 05:53:15 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add optional OIDC authentication with Keycloak, Authentik, and Pocket-ID support

Browse Source
This commit is contained in:
Michael Reber
2026-01-19 22:09:54 +01:00
parent 62ab6dede3
commit d64eb3db95
25 changed files with 2028 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

297
pkg/web/static/fail2ban-ui.css
View File

@@ -21,6 +21,277 @@
opacity: 1;
}
/* Login Page Styling */
#loginPage {
min-height: 100vh;
display: flex;
align-items: center;
justify-content: center;
background-color: #f3f4f6;
padding: 3rem 1rem;
position: relative;
z-index: 1;
}
/* Ensure login page is visible when shown */
body:has(#loginPage:not(.hidden)) {
background-color: #f3f4f6;
overflow: hidden;
}
#loginPage .max-w-md {
max-width: 28rem;
width: 100%;
}
#loginPage .bg-white {
background-color: #ffffff;
}
#loginPage .rounded-lg {
border-radius: 0.5rem;
}
#loginPage .shadow-lg {
box-shadow: 0 10px 15px -3px rgba(0, 0, 0, 0.1), 0 4px 6px -2px rgba(0, 0, 0, 0.05);
}
#loginPage .p-8 {
padding: 2rem;
}
#loginPage .mb-8 {
margin-bottom: 2rem;
}
#loginPage .mb-4 {
margin-bottom: 1rem;
}
#loginPage .mb-6 {
margin-bottom: 1.5rem;
}
#loginPage .mb-2 {
margin-bottom: 0.5rem;
}
#loginPage .mr-2 {
margin-right: 0.5rem;
}
#loginPage .mr-3 {
margin-right: 0.75rem;
}
#loginPage .ml-3 {
margin-left: 0.75rem;
}
#loginPage .pt-6 {
padding-top: 1.5rem;
}
#loginPage .py-4 {
padding-top: 1rem;
padding-bottom: 1rem;
}
#loginPage .py-3 {
padding-top: 0.75rem;
padding-bottom: 0.75rem;
}
#loginPage .px-4 {
padding-left: 1rem;
padding-right: 1rem;
}
#loginPage .h-16 {
height: 4rem;
}
#loginPage .w-16 {
width: 4rem;
}
#loginPage .h-10 {
height: 2.5rem;
}
#loginPage .w-10 {
width: 2.5rem;
}
#loginPage .h-5 {
height: 1.25rem;
}
#loginPage .w-5 {
width: 1.25rem;
}
#loginPage .rounded-full {
border-radius: 9999px;
}
#loginPage .bg-blue-600 {
background-color: #2563eb;
}
#loginPage .text-white {
color: #ffffff;
}
#loginPage .text-gray-900 {
color: #111827;
}
#loginPage .text-gray-600 {
color: #4b5563;
}
#loginPage .text-gray-500 {
color: #6b7280;
}
#loginPage .text-red-700 {
color: #b91c1c;
}
#loginPage .text-red-400 {
color: #f87171;
}
#loginPage .text-3xl {
font-size: 1.875rem;
line-height: 2.25rem;
}
#loginPage .text-base {
font-size: 1rem;
line-height: 1.5rem;
}
#loginPage .text-sm {
font-size: 0.875rem;
line-height: 1.25rem;
}
#loginPage .text-xs {
font-size: 0.75rem;
line-height: 1rem;
}
#loginPage .font-bold {
font-weight: 700;
}
#loginPage .font-medium {
font-weight: 500;
}
#loginPage .border {
border-width: 1px;
}
#loginPage .border-l-4 {
border-left-width: 4px;
}
#loginPage .border-t {
border-top-width: 1px;
}
#loginPage .border-gray-200 {
border-color: #e5e7eb;
}
#loginPage .border-red-400 {
border-color: #f87171;
}
#loginPage .border-transparent {
border-color: transparent;
}
#loginPage .bg-red-50 {
background-color: #fef2f2;
}
#loginPage .hover\:bg-blue-700:hover {
background-color: #1d4ed8;
}
#loginPage .focus\:outline-none:focus {
outline: 2px solid transparent;
outline-offset: 2px;
}
#loginPage .focus\:ring-2:focus {
box-shadow: 0 0 0 2px rgba(59, 130, 246, 0.5);
}
#loginPage .focus\:ring-offset-2:focus {
box-shadow: 0 0 0 2px #ffffff, 0 0 0 4px rgba(59, 130, 246, 0.5);
}
#loginPage .focus\:ring-blue-500:focus {
box-shadow: 0 0 0 2px rgba(59, 130, 246, 0.5);
}
#loginPage .transition-colors {
transition-property: background-color, border-color, color;
transition-timing-function: cubic-bezier(0.4, 0, 0.2, 1);
transition-duration: 150ms;
}
#loginPage .animate-spin {
animation: spin 1s linear infinite;
}
@keyframes spin {
from {
transform: rotate(0deg);
}
to {
transform: rotate(360deg);
}
}
#loginPage .flex {
display: flex;
}
#loginPage .inline-flex {
display: inline-flex;
}
#loginPage .items-center {
align-items: center;
}
#loginPage .justify-center {
justify-content: center;
}
#loginPage .text-center {
text-align: center;
}
#loginPage .mx-auto {
margin-left: auto;
margin-right: auto;
}
#loginPage .w-full {
width: 100%;
}
#loginPage .hidden {
display: none;
}
/* Restart banner */
#restartBanner {
display: none;
@@ -296,6 +567,32 @@ mark {
}
/* Mobile responsive adjustments */
/* Custom breakpoint at 830px for menu collapse */
/* This overrides Tailwind's default md: breakpoint (768px) to collapse at 830px instead */
@media (max-width: 830px) {
/* Hide desktop menu navigation at 830px */
nav .hidden.md\:block {
display: none !important;
}
/* Show burger menu button at 830px */
nav > div > div > div.md\:hidden:not(#mobileMenu) {
display: block !important;
}
/* Allow mobile menu to be shown at 830px (override md:hidden) */
/* The menu visibility is controlled by JavaScript via the 'hidden' class */
/* When hidden class is NOT present, show the menu */
nav #mobileMenu:not(.hidden) {
display: block !important;
}
/* When mobile menu has 'hidden' class, hide it (JavaScript control takes precedence) */
nav #mobileMenu.hidden {
display: none !important;
}
}
@media (max-width: 768px) {
#backendStatus {
padding: 0.125rem 0.375rem;

24
pkg/web/static/js/api.js
View File

@@ -17,3 +17,27 @@ function serverHeaders(headers) {
return headers;
}
// Auth-aware fetch wrapper that handles 401/403 responses
function authFetch(url, options) {
options = options || {};
// Ensure Accept header for API requests
if (!options.headers) {
options.headers = {};
}
if (!options.headers['Accept']) {
options.headers['Accept'] = 'application/json';
}
return fetch(url, options).then(function(response) {
// Handle authentication errors
if (response.status === 401 || response.status === 403) {
if (typeof handleAuthError === 'function') {
handleAuthError(response);
}
// Return a rejected promise to stop the chain
return Promise.reject(new Error('Authentication required'));
}
return response;
});
}

247
pkg/web/static/js/auth.js Normal file
View File

@@ -0,0 +1,247 @@
// Authentication functions for Fail2ban UI
"use strict";
let authEnabled = false;
let isAuthenticated = false;
let currentUser = null;
// Check authentication status on page load
async function checkAuthStatus() {
// Immediately hide main content to prevent flash
const mainContent = document.getElementById('mainContent');
const nav = document.querySelector('nav');
if (mainContent) {
mainContent.style.display = 'none';
}
if (nav) {
nav.style.display = 'none';
}
try {
const response = await fetch('/auth/status', {
headers: serverHeaders()
});
if (!response.ok) {
throw new Error('Failed to check auth status');
}
const data = await response.json();
authEnabled = data.enabled || false;
isAuthenticated = data.authenticated || false;
if (authEnabled) {
if (isAuthenticated && data.user) {
currentUser = data.user;
showAuthenticatedUI();
} else {
showLoginPage();
}
} else {
// OIDC not enabled, show main content
showMainContent();
}
return { enabled: authEnabled, authenticated: isAuthenticated, user: currentUser };
} catch (error) {
console.error('Error checking auth status:', error);
// If auth check fails and we're on a protected route, show login
if (authEnabled) {
showLoginPage();
} else {
showMainContent();
}
return { enabled: false, authenticated: false, user: null };
}
}
// Get current user info
async function getUserInfo() {
try {
const response = await fetch('/auth/user', {
headers: serverHeaders()
});
if (!response.ok) {
if (response.status === 401) {
isAuthenticated = false;
currentUser = null;
showLoginPage();
return null;
}
throw new Error('Failed to get user info');
}
const data = await response.json();
if (data.authenticated && data.user) {
currentUser = data.user;
isAuthenticated = true;
return data.user;
}
return null;
} catch (error) {
console.error('Error getting user info:', error);
return null;
}
}
// Handle login - redirect to login endpoint with action parameter
function handleLogin() {
const loginLoading = document.getElementById('loginLoading');
const loginError = document.getElementById('loginError');
const loginErrorText = document.getElementById('loginErrorText');
const loginButton = event?.target?.closest('button');
// Show loading state
if (loginLoading) loginLoading.classList.remove('hidden');
if (loginButton) {
loginButton.disabled = true;
loginButton.classList.add('opacity-75', 'cursor-not-allowed');
}
// Hide error if shown
if (loginError) {
loginError.classList.add('hidden');
if (loginErrorText) loginErrorText.textContent = '';
}
// Redirect to login endpoint with action=redirect to trigger OIDC redirect
window.location.href = '/auth/login?action=redirect';
}
// Handle logout - use direct redirect instead of fetch to avoid CORS issues
function handleLogout() {
// Clear local state
isAuthenticated = false;
currentUser = null;
// Direct redirect to logout endpoint (server will handle redirect to provider)
// Using window.location.href instead of fetch to avoid CORS issues with redirects
window.location.href = '/auth/logout';
}
// Show login page
function showLoginPage() {
const loginPage = document.getElementById('loginPage');
const mainContent = document.getElementById('mainContent');
const nav = document.querySelector('nav');
// Hide main content and nav immediately
if (mainContent) {
mainContent.style.display = 'none';
mainContent.classList.add('hidden');
}
if (nav) {
nav.style.display = 'none';
nav.classList.add('hidden');
}
// Show login page
if (loginPage) {
loginPage.style.display = 'flex';
loginPage.classList.remove('hidden');
}
}
// Show main content (when authenticated or OIDC disabled)
function showMainContent() {
const loginPage = document.getElementById('loginPage');
const mainContent = document.getElementById('mainContent');
const nav = document.querySelector('nav');
// Hide login page immediately
if (loginPage) {
loginPage.style.display = 'none';
loginPage.classList.add('hidden');
}
// Show main content and nav
if (mainContent) {
mainContent.style.display = '';
mainContent.classList.remove('hidden');
}
if (nav) {
nav.style.display = '';
nav.classList.remove('hidden');
}
}
// Toggle user menu dropdown
function toggleUserMenu() {
const dropdown = document.getElementById('userMenuDropdown');
if (dropdown) {
dropdown.classList.toggle('hidden');
}
}
// Close user menu when clicking outside
document.addEventListener('click', function(event) {
const userMenuButton = document.getElementById('userMenuButton');
const userMenuDropdown = document.getElementById('userMenuDropdown');
if (userMenuButton && userMenuDropdown &&
!userMenuButton.contains(event.target) &&
!userMenuDropdown.contains(event.target)) {
userMenuDropdown.classList.add('hidden');
}
});
// Show authenticated UI (update header with user info)
function showAuthenticatedUI() {
showMainContent();
const userInfoContainer = document.getElementById('userInfoContainer');
const userDisplayName = document.getElementById('userDisplayName');
const userMenuDisplayName = document.getElementById('userMenuDisplayName');
const userMenuEmail = document.getElementById('userMenuEmail');
const mobileUserInfoContainer = document.getElementById('mobileUserInfoContainer');
const mobileUserDisplayName = document.getElementById('mobileUserDisplayName');
const mobileUserEmail = document.getElementById('mobileUserEmail');
if (userInfoContainer && currentUser) {
userInfoContainer.classList.remove('hidden');
const displayName = currentUser.name || currentUser.username || currentUser.email;
if (userDisplayName) {
userDisplayName.textContent = displayName;
}
if (userMenuDisplayName) {
userMenuDisplayName.textContent = displayName;
}
if (userMenuEmail && currentUser.email) {
userMenuEmail.textContent = currentUser.email;
}
}
// Update mobile menu
if (mobileUserInfoContainer && currentUser) {
mobileUserInfoContainer.classList.remove('hidden');
const displayName = currentUser.name || currentUser.username || currentUser.email;
if (mobileUserDisplayName) {
mobileUserDisplayName.textContent = displayName;
}
if (mobileUserEmail && currentUser.email) {
mobileUserEmail.textContent = currentUser.email;
}
}
}
// Handle 401/403 responses from API
function handleAuthError(response) {
if (response.status === 401 || response.status === 403) {
if (authEnabled) {
isAuthenticated = false;
currentUser = null;
showLoginPage();
return true;
}
}
return false;
}

25
pkg/web/static/js/init.js
View File

@@ -3,6 +3,29 @@
window.addEventListener('DOMContentLoaded', function() {
showLoading(true);
// Check authentication status first (if auth.js is loaded)
if (typeof checkAuthStatus === 'function') {
checkAuthStatus().then(function(authStatus) {
// Only proceed with initialization if authenticated or OIDC disabled
if (!authStatus.enabled || authStatus.authenticated) {
initializeApp();
} else {
// Not authenticated, login page will be shown by checkAuthStatus
showLoading(false);
}
}).catch(function(err) {
console.error('Auth check failed:', err);
// Proceed with initialization anyway (fallback)
initializeApp();
});
} else {
// Auth.js not loaded, proceed normally
initializeApp();
}
});
function initializeApp() {
// Only display external IP if the element exists (not disabled via template variable)
if (document.getElementById('external-ip')) {
displayExternalIP();
@@ -148,4 +171,4 @@ window.addEventListener('DOMContentLoaded', function() {
advancedIntegrationSelect.addEventListener('change', updateAdvancedIntegrationFields);
}
});
});
}