88 lines
3.5 KiB
HTML
88 lines
3.5 KiB
HTML
<!DOCTYPE html>
|
|
<html lang="fr">
|
|
<head>
|
|
<meta charset="UTF-8">
|
|
<title>Login - Backoffice</title>
|
|
<link rel="stylesheet" href="../css/admin.css">
|
|
</head>
|
|
<body>
|
|
|
|
<div id="page-login" class="page active">
|
|
<div class="login-wrap">
|
|
<h2>Backoffice</h2>
|
|
|
|
<div id="login-form-block" style="display:none;">
|
|
<input type="password" id="login-pwd" placeholder="Mot de passe" onkeydown="if(event.key==='Enter') doLogin()" />
|
|
<p class="login-err" id="login-err">Mot de passe incorrect.</p>
|
|
<button class="btn btn-gold" onclick="doLogin()" style="width:100%;">Accéder</button>
|
|
</div>
|
|
|
|
<div id="blank-setup-block" style="display:none; text-align:center;">
|
|
<p style="color:var(--muted); font-size:0.85rem; margin-bottom:1.5rem;">
|
|
Aucun mot de passe configuré.<br>Connectez-vous pour en définir un.
|
|
</p>
|
|
<button class="btn btn-gold" onclick="doLoginBlank()" style="width:100%;">Se connecter sans mot de passe</button>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
<script>
|
|
const API_URL = '../api.php';
|
|
|
|
document.addEventListener('DOMContentLoaded', async () => {
|
|
const formBlock = document.getElementById('login-form-block');
|
|
const blankBlock = document.getElementById('blank-setup-block');
|
|
|
|
try {
|
|
const res = await fetch(`${API_URL}?action=check_security_status`);
|
|
const data = await res.json();
|
|
|
|
if (data.is_blank === true) {
|
|
formBlock.style.display = 'none';
|
|
blankBlock.style.display = 'block';
|
|
} else {
|
|
formBlock.style.display = 'block';
|
|
blankBlock.style.display = 'none';
|
|
}
|
|
} catch(e) {
|
|
console.error("Erreur API :", e);
|
|
alert("Erreur de connexion au serveur.");
|
|
}
|
|
});
|
|
|
|
async function doLoginBlank() { await performLogin(""); }
|
|
async function doLogin() {
|
|
const pwd = document.getElementById('login-pwd').value;
|
|
await performLogin(pwd);
|
|
}
|
|
|
|
async function performLogin(pwd) {
|
|
try {
|
|
const res = await fetch(`${API_URL}?action=login`, {
|
|
method: 'POST',
|
|
headers: { 'Content-Type': 'application/json' },
|
|
body: JSON.stringify({ password: pwd })
|
|
});
|
|
const data = await res.json();
|
|
if (data.success) {
|
|
localStorage.setItem('token', data.token);
|
|
if (data.blank === true) {
|
|
const newPwd = prompt("Définissez votre mot de passe (min 4 caractères) :");
|
|
if (newPwd && newPwd.length >= 4) {
|
|
await fetch(`${API_URL}?action=setup_admin`, {
|
|
method: 'POST',
|
|
headers: { 'Content-Type': 'application/json', 'Authorization': data.token },
|
|
body: JSON.stringify({ password: newPwd })
|
|
});
|
|
}
|
|
}
|
|
window.location.href = 'dashboard.html';
|
|
} else {
|
|
alert("Erreur : " + (data.error || "Mot de passe incorrect"));
|
|
}
|
|
} catch(e) {
|
|
alert("Erreur technique : " + e.message);
|
|
}
|
|
}
|
|
</script>
|
|
</body>
|
|
</html> |