42 lines
875 B
HTML
42 lines
875 B
HTML
<!DOCTYPE html>
|
|
<html>
|
|
<body>
|
|
<h2>Vulnerable App</h2>
|
|
|
|
<input id="username" placeholder="username">
|
|
<input id="password" placeholder="password">
|
|
<button onclick="login()">Login</button>
|
|
|
|
<div id="result"></div>
|
|
|
|
<script>
|
|
function login() {
|
|
fetch('/api/login', {
|
|
method: 'POST',
|
|
headers: {'Content-Type': 'application/json'},
|
|
body: JSON.stringify({
|
|
username: username.value,
|
|
password: password.value
|
|
})
|
|
})
|
|
.then(res => res.json())
|
|
.then(data => {
|
|
localStorage.setItem('token', data.token);
|
|
});
|
|
}
|
|
|
|
function loadProfile() {
|
|
fetch('/api/profile', {
|
|
headers: { Authorization: 'Bearer ' + localStorage.getItem('token') }
|
|
})
|
|
.then(res => res.json())
|
|
.then(data => {
|
|
document.getElementById('result').innerHTML = JSON.stringify(data);
|
|
});
|
|
}
|
|
</script>
|
|
|
|
<button onclick="loadProfile()">Load Profile</button>
|
|
|
|
</body>
|
|
</html>
|