Pierre-Olivier Mercier
28f55960de
Integrate go-altcha to protect login, change password, lost password, and reset password forms against automated submissions. Serves the altcha widget JS from the embedded library, exposes a challenge endpoint, validates responses server-side with replay prevention, and updates the CSP to allow self-hosted scripts and WebAssembly. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
16 lines
813 B
HTML
16 lines
813 B
HTML
{{template "header"}}
|
|
<h1 class="display-4">Forgot your password? <small class="text-muted">We'll send you a link by e-mail to reset it!</small></h1>
|
|
|
|
<form method="post" action="lost">
|
|
{{if .error}}<div class="alert alert-danger" role="alert">{{.error}}</div>{{end}}
|
|
<input type="hidden" name="csrf_token" value="{{ .csrf_token }}">
|
|
<div class="form-group">
|
|
<input name="login" required="" class="form-control" id="input_0" type="text" placeholder="Login" autofocus>
|
|
</div>
|
|
<div class="form-group">
|
|
<altcha-widget challengeurl="altcha-challenge"></altcha-widget>
|
|
</div>
|
|
<button class="btn btn-primary" type="submit">Reset my password</button>
|
|
<a href="/change" class="btn btn-outline-success">Just want to change your password?</a>
|
|
</form>
|
|
{{template "footer"}}
|