Actualiser admin/login.html

2026-06-18 12:37:10 +02:00
parent fbcc3e8125
commit 8cc82a3e49
1 changed files with 58 additions and 3 deletions
@@ -25,9 +25,64 @@
        </div>
    </div>
 </div>
-
    <script>
-    // ... (votre code JavaScript ici) ...
+        const API_URL = '../api.php';
+
+        document.addEventListener('DOMContentLoaded', async () => {
+            const formBlock  = document.getElementById('login-form-block');
+            const blankBlock = document.getElementById('blank-setup-block');
+
+            try {
+                const res = await fetch(`${API_URL}?action=check_security_status`);
+                const data = await res.json();
+                
+                if (data.is_blank === true) {
+                    formBlock.style.display  = 'none';
+                    blankBlock.style.display = 'block';
+                } else {
+                    formBlock.style.display  = 'block';
+                    blankBlock.style.display = 'none';
+                }
+            } catch(e) {
+                console.error("Erreur API :", e);
+                alert("Erreur de connexion au serveur.");
+            }
+        });
+
+        async function doLoginBlank() { await performLogin(""); }
+        async function doLogin() { 
+            const pwd = document.getElementById('login-pwd').value; 
+            await performLogin(pwd); 
+        }
+
+        async function performLogin(pwd) {
+            try {
+                const res = await fetch(`${API_URL}?action=login`, {
+                    method: 'POST',
+                    headers: { 'Content-Type': 'application/json' },
+                    body: JSON.stringify({ password: pwd })
+                });
+                const data = await res.json();
+                if (data.success) {
+                    localStorage.setItem('token', data.token);
+                    if (data.blank === true) {
+                        const newPwd = prompt("Définissez votre mot de passe (min 4 caractères) :");
+                        if (newPwd && newPwd.length >= 4) {
+                            await fetch(`${API_URL}?action=setup_admin`, {
+                                method: 'POST',
+                                headers: { 'Content-Type': 'application/json', 'Authorization': data.token },
+                                body: JSON.stringify({ password: newPwd })
+                            });
+                        }
+                    }
+                    window.location.href = 'dashboard.html';
+                } else {
+                    alert("Erreur : " + (data.error || "Mot de passe incorrect"));
+                }
+            } catch(e) {
+                alert("Erreur technique : " + e.message);
+            }
+        }
    </script>
 </body>
 </html>