From 4d07441225652ea3406bd25cafd1412f792548cb Mon Sep 17 00:00:00 2001
From: burny <gamingburny@gmail.com>
Date: Sat, 16 Sep 2023 03:45:38 +0200
Subject: [PATCH] Use server side rendering

---
 fastapi_server/frontend/chat/index.html       |  3 --
 fastapi_server/frontend/login/index.html      | 36 -----------------
 fastapi_server/frontend/logout/index.html     | 18 ---------
 fastapi_server/main.py                        |  2 +-
 fastapi_server/routes/login_logout.py         | 39 ++++++-------------
 .../templates/chat/chat_header.html           |  8 ----
 6 files changed, 13 insertions(+), 93 deletions(-)
 delete mode 100644 fastapi_server/frontend/login/index.html
 delete mode 100644 fastapi_server/frontend/logout/index.html

diff --git a/fastapi_server/frontend/chat/index.html b/fastapi_server/frontend/chat/index.html
index 82408b9b..6c0c12b4 100644
--- a/fastapi_server/frontend/chat/index.html
+++ b/fastapi_server/frontend/chat/index.html
@@ -11,9 +11,6 @@
     ></script>
     <script src="https://cdn.tailwindcss.com/3.3.0"></script>
     <script src="https://unpkg.com/htmx.org/dist/ext/ws.js"></script>
-    <script>
-      htmx.config.withCredentials = true;
-    </script>
   </head>
 
   <body id="parent-div" class="flex flex-col items-center h-screen">
diff --git a/fastapi_server/frontend/login/index.html b/fastapi_server/frontend/login/index.html
deleted file mode 100644
index e4456986..00000000
--- a/fastapi_server/frontend/login/index.html
+++ /dev/null
@@ -1,36 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-  <head>
-    <meta charset="UTF-8" />
-    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <title>HTMX+Fastapi Todo App</title>
-    <script>
-      // Summary:
-      // Using oauth2 we get redirected back to this page with a 'code=...' parameter in the URL
-      // Set this as cookies so that we can access it with the htmx request
-
-      // Get the URL of the current page
-      const currentUrl = window.location.href;
-      // Create a URLSearchParams object
-      const urlParams = new URLSearchParams(window.location.search);
-      // Get the value of the "code" parameter
-      const codeParam = urlParams.get("code");
-      // Check if the "code" parameter exists and is not null
-      if (codeParam !== null) {
-        // Use the value of the "code" parameter
-        console.log("Value of 'code' parameter:", codeParam);
-        document.cookie = `code=${codeParam}; expires=30; path=/`;
-
-        // Redirect after successful login
-        window.location.href = "/chat";
-      } else {
-        // "code" parameter is not present in the URL
-        console.log("'code' parameter is missing.");
-      }
-    </script>
-  </head>
-
-  <body>
-    <h1>Logging in ...</h1>
-  </body>
-</html>
diff --git a/fastapi_server/frontend/logout/index.html b/fastapi_server/frontend/logout/index.html
deleted file mode 100644
index 104b9060..00000000
--- a/fastapi_server/frontend/logout/index.html
+++ /dev/null
@@ -1,18 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-  <head>
-    <meta charset="UTF-8" />
-    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <title>HTMX+Fastapi Todo App</title>
-    <script>
-      document.cookie = `github_access_token=; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/;`;
-
-        // Redirect after successful removal of cookies
-      window.location.href = "/chat";
-    </script>
-  </head>
-
-  <body>
-    <h1>Logging out ...</h1>
-  </body>
-</html>
diff --git a/fastapi_server/main.py b/fastapi_server/main.py
index 1274aa33..75eac296 100644
--- a/fastapi_server/main.py
+++ b/fastapi_server/main.py
@@ -46,7 +46,7 @@
 app.add_middleware(
     CORSMiddleware,
     allow_origins=origins,
-    allow_credentials=True,
+    # allow_credentials=True,
     allow_methods=["*"],
     allow_headers=["*"],
 )
diff --git a/fastapi_server/routes/login_logout.py b/fastapi_server/routes/login_logout.py
index f96f5e5f..ba639ccc 100644
--- a/fastapi_server/routes/login_logout.py
+++ b/fastapi_server/routes/login_logout.py
@@ -4,8 +4,8 @@
 from typing import Annotated
 
 import aiohttp
-from fastapi import APIRouter, Cookie, Request, Response, status
-from fastapi.responses import HTMLResponse, RedirectResponse
+from fastapi import APIRouter, Cookie, Response, status
+from fastapi.responses import RedirectResponse
 from fastapi.templating import Jinja2Templates
 
 login_router = APIRouter()
@@ -22,23 +22,9 @@
 # TODO Other login services like google, twitch etc
 
 
-# TODO Disable in production as it should be served by frontend, not by backend
-@login_router.get("/login", response_class=HTMLResponse)
-def login_page(request: Request):
-    return login_templates.TemplateResponse("index.html", {"request": request, "server_url": BACKEND_SERVER_URL})
-
-
-# TODO Disable in production as it should be served by frontend, not by backend
-@login_router.get("/logout", response_class=HTMLResponse)
-def logout_page(request: Request):
-    return logout_templates.TemplateResponse("index.html", {"request": request, "server_url": BACKEND_SERVER_URL})
-
-
-@login_router.get("/htmxapi/login")
+@login_router.get("/login")
 async def user_login(
-    response: Response,
-    code: Annotated[str | None, Cookie()] = None,
-    github_access_token: Annotated[str | None, Cookie()] = None
+    response: Response, code: str | None = None, github_access_token: Annotated[str | None, Cookie()] = None
 ):
     # TODO Check/log where the request came from (ip or website?)
     if code is None:
@@ -65,17 +51,16 @@ async def user_login(
         data = await post_response.json()
         if "error" in data:
             return "wrong client id code"
-        redirect = RedirectResponse("/htmxapi/chatheader")
+        redirect = RedirectResponse("/chat")
         # TODO What does "secure" and "same_site" do?
         redirect.set_cookie(key="github_access_token", value=data["access_token"], secure=True)
-        redirect.delete_cookie(key="code")
         return redirect
 
 
-# @login_router.get("/htmxapi/logout")
-# async def user_logout(response: Response, github_access_token: Annotated[str | None, Cookie()] = None):
-#     # TODO Check/log where the request came from (ip or website?)
-#     if github_access_token is not None:
-#         response.delete_cookie(key="github_access_token")
-#         response.status_code = status.HTTP_204_NO_CONTENT
-#         return
+@login_router.get("/logout")
+async def user_logout(response: Response, github_access_token: Annotated[str | None, Cookie()] = None):
+    # TODO Check/log where the request came from (ip or website?)
+    if github_access_token is not None:
+        redirect = RedirectResponse("/chat")
+        redirect.delete_cookie(key="github_access_token")
+        return redirect
diff --git a/fastapi_server/templates/chat/chat_header.html b/fastapi_server/templates/chat/chat_header.html
index 52f9f7bb..fb262092 100644
--- a/fastapi_server/templates/chat/chat_header.html
+++ b/fastapi_server/templates/chat/chat_header.html
@@ -1,14 +1,6 @@
 <header id="chatheader">
   <div>
     <!-- https://kit.svelte.dev/docs/link-options#data-sveltekit-preload-data -->
-    <div
-      class="flex flex-row"
-      hx-trigger="load"
-      hx-get="https://{{ server_url }}/htmxapi/login"
-      hx-swap="outerHTML"
-      hx-target="#chatheader"
-      hx-request="{credentials:true}"
-    ></div>
     {% if logged_in %}
     <a href="https://{{ server_url }}/logout">Log out</a>
     {% endif %} {% if not logged_in %}