user account updates

- move user accounts to subdir - add password support - implemented basics of multi-user support - Can add users, edit them, and log in with them (password or not) - Cannot delete users (with service) yet
2022-02-07 20:24:16 -05:00
parent 622698ee66
commit 0d991d5eac
35 changed files with 2228 additions and 154 deletions
--- a/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/ValidateLogin.js
+++ b/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/ValidateLogin.js
@@ -0,0 +1,83 @@
+var minisrv_service_file = true;
+
+var challenge_response, challenge_header = '';
+var gourl;
+var wtvsec_login = null;
+
+var user_id = (request_headers.query.user_id) ? request_headers.query.user_id : ssid_sessions[socket.ssid].user_id;
+
+if (socket.ssid !== null && user_id !== null) ssid_sessions[socket.ssid].switchUserID(user_id);
+
+if (socket.ssid !== null && !ssid_sessions[socket.ssid].get("wtvsec_login")) {
+	wtvsec_login = new WTVSec(minisrv_config);
+	wtvsec_login.IssueChallenge();
+	wtvsec_login.set_incarnation(request_headers["wtv-incarnation"]);
+	ssid_sessions[socket.ssid].set("wtvsec_login", wtvsec_login);
+} else {
+	wtvsec_login = ssid_sessions[socket.ssid].get("wtvsec_login");
+}
+
+if (socket.ssid !== null) {
+	if (wtvsec_login.ticket_b64 == null) {
+		challenge_response = wtvsec_login.challenge_response;
+		var client_challenge_response = request_headers["wtv-challenge-response"] || null;
+		if (challenge_response && client_challenge_response) {
+			if (challenge_response.toString(CryptoJS.enc.Base64) == client_challenge_response) {
+				console.log(" * wtv-challenge-response success for " + wtvshared.filterSSID(socket.ssid));
+				wtvsec_login.PrepareTicket();
+				gourl = "wtv-head-waiter:/login-stage-two?";
+			} else {
+				console.log(" * wtv-challenge-response FAILED for " + wtvshared.filterSSID(socket.ssid));
+				if (minisrv_config.config.debug_flags.debug) console.log("Response Expected:", challenge_response.toString(CryptoJS.enc.Base64));
+				if (minisrv_config.config.debug_flags.debug) console.log("Response Received:", client_challenge_response)
+				gourl = "wtv-head-waiter:/login?reissue_challenge=true";
+			}
+		} else {
+			gourl = "wtv-head-waiter:/login?no_response=true";
+		}
+	} else {
+		gourl = "wtv-head-waiter:/login-stage-two?";
+    }
+}
+
+if (user_id && !request_headers.query.initial_login && !request_headers.query.user_login) {
+	if (request_headers.query.password == "") {
+		headers = `500 Please enter your password and try again
+minisrv-no-mail-count: true
+`;
+	} else if (ssid_sessions[socket.ssid].validateUserPassword(request_headers.query.password)) {
+		ssid_sessions[socket.ssid].setSessionData('password_valid', true)
+		headers = `200 OK
+minisrv-no-mail-count: true
+Content-Type: text/html
+wtv-visit: ${gourl}
+`;
+	} else {
+		headers = `500 The password you entered was incorrect. Please retype it and try again.
+minisrv-no-mail-count: true
+`;
+	}
+} else {
+	if (ssid_sessions[socket.ssid].getNumberOfUserAccounts() > 1 && user_id === 0 && request_headers.query.initial_login) {
+		gourl = "wtv-head-waiter:/choose-user?"
+	} else {
+		var limitedLogin = (!ssid_sessions[socket.ssid].lockdown && (!ssid_sessions[socket.ssid].getSessionData('password_valid') && ssid_sessions[socket.ssid].getUserPasswordEnabled()));
+		var limitedLoginRegistered = (limitedLogin && ssid_sessions[socket.ssid].isRegistered());
+	}
+	headers = `200 OK
+wtv-connection-close: true
+Connection: close
+minisrv-no-mail-count: true
+Content-Type: text/html`;
+	if (client_challenge_response) {
+		headers += `
+wtv-encrypted: true
+wtv-ticket: ${wtvsec_login.ticket_b64}
+`;
+	}
+	console.log(ssid_sessions[socket.ssid])
+	if (limitedLoginRegistered) gourl = "wtv-head-waiter:/password?";
+	headers += `
+wtv-visit: ${gourl}`;
+
+}
--- a/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/choose-user.js
+++ b/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/choose-user.js
@@ -0,0 +1,141 @@
+var minisrv_service_file = true;
+if (socket.ssid !== null) ssid_sessions[socket.ssid].switchUserID(0);
+
+headers = `200 OK
+minisrv-no-mail-count: true
+wtv-expire-all: wtv-head-waiter:/ValidateLogin
+wtv-noback-all: wtv-
+Content-Type: text/html`
+
+data = `
+<HTML>
+<HEAD>
+<title>
+Choose your name
+</title>
+<display nooptions nostatus switchtowebmode>
+</HEAD>
+<sidebar width=144> <table cellspacing=0 cellpadding=0 bgcolor="30364D">
+<tr>
+<td width=138 absheight=109 valign=top align=center>
+<img src="ROMCache/Spacer.gif" width=1 height=8><br>
+<img src="ROMCache/Spacer.gif" width=7 height=1>
+<img src="${minisrv_config.config.service_logo}" width=127 height=98>
+<td rowspan=99 width=6 absheight=420 valign=top align=left>
+<img src="ROMCache/Shadow.gif" width=6 height=420>
+<tr>
+<td absheight=5>
+<table cellspacing=0 cellpadding=0>
+<tr><td abswidth=138 absheight=2 valign=middle align=center bgcolor="1C1E28">
+<img src="ROMCache/Spacer.gif" width=1 height=1>
+<tr><td abswidth=138 absheight=1 valign=top align=left>
+<tr><td abswidth=138 absheight=2 valign=top align=left bgcolor="4D5573">
+<img src="ROMCache/Spacer.gif" width=1 height=1>
+</table>
+<tr>
+<td absheight=170>
+<tr>
+<td align=right>
+<img src="images/NameBanner.gif" width=50 height=125>
+<tr>
+<td absheight=8>
+</table>
+</sidebar>
+<body background="wtv-content:/ROMCache/NameStrip.gif"
+novtilebg
+nohtilebg
+bgcolor=191919
+text="AA9B4A" link=189cd6 vlink=189cd6 hspace=0 fontsize="large">
+<LINK href="wtv-content:/ROMCache/TopBackground_Classic.jpg" rel=next>
+<LINK href="wtv-content:/ROMCache/Community.gif" rel=next>
+<LINK href="wtv-content:/ROMCache/UtilityBullet.gif" rel=next>
+<LINK href="wtv-content:/ROMCache/BackgroundWebTVToday_a.swf" rel=next>
+<form action=/ValidateLogin enctype="x-www-form-encoded" method=post>
+<input type="hidden" NAME="target-url" VALUE="">
+<table cellspacing=0 cellpadding=0>
+<tr>
+<td width=20>
+<td valign=center absheight=104 colspan=3>
+<font size="+1" color="E7CE4A"><blackface><shadow>
+Choose your name
+</shadow></blackface>
+<tr>
+<td>
+<td bgcolor=2b2b2b width=400 absheight=2 colspan=3>
+<img src="ROMCache/Spacer.gif" width=1 height=1>
+<tr>
+<td>
+<td absheight=1 colspan=3>
+<tr>
+<td>
+<td bgcolor=000000 width=400 absheight=2 colspan=3>
+<img src="ROMCache/Spacer.gif" width=1 height=1>
+</table>
+<table cellspacing=0 cellpadding=0 width=416>
+<tr><td width=20>
+<tr><td absheight=39>`;
+
+var accounts = ssid_sessions[socket.ssid].listPrimaryAccountUsers();
+var accounts_listed = 0;
+for (const [key, value] of Object.entries(accounts)) {
+    data += "<td valign=middle abswidth=50% maxlines=1>";
+    if (key == "subscriber") var user_id = 0
+    else var user_id = key.replace("user", '');
+    data += `<a href=/ValidateLogin?user_id=${user_id}&user_login=true nocancel>`;
+    if (key == "subscriber") data += `<font size=+1><b>${value['subscriber_username']}</b></font></a>`;
+    else data += `<font size=+1>${value['subscriber_username']}</font>`
+    data += "<td width=15><td nowrap>	<font color=42BD52>";
+    data += "<!-- do mailcheck here -->" // todo
+    data += `</font>
+<tr>
+<td>
+<td bgcolor=1e1e1e width=400 absheight=2 colspan=3>
+<img src="ROMCache/Spacer.gif" width=1 height=1>
+<tr>
+<td>
+<td absheight=1 colspan=3>
+<tr>
+<td>
+<td bgcolor=121212 width=400 absheight=2 colspan=3>
+<img src="ROMCache/Spacer.gif" width=1 height=1>
+<tr>
+<td absheight=37>
+`;
+    accounts_listed++;
+};
+
+while (accounts_listed < minisrv_config.config.user_accounts.max_users_per_account) {
+    data += `<tr>
+<td>
+<td bgcolor=1e1e1e width=400 absheight=2 colspan=3>
+<img src="ROMCache/Spacer.gif" width=1 height=1>
+<tr>
+<td>
+<td absheight=1 colspan=3>
+<tr>
+<td>
+<td bgcolor=121212 width=400 absheight=2 colspan=3>
+<img src="ROMCache/Spacer.gif" width=1 height=1>`;
+    if (accounts_listed != minisrv_config.config.user_accounts.max_users_per_account - 1) {
+        data += `<tr>
+<td>
+<td absheight=37>`;
+    } 
+    accounts_listed++;
+}
+
+data += `
+<tr>
+<td height=5>
+<tr>
+<td>
+<td colspan=3 valign=bottom align=right>
+<font color=e7ce4a size=-1><shadow>
+<img src="ROMCache/Spacer.gif" width=20 height=1>
+<!-- Only show this button on plus, since classic has no useful purpose offline -->
+<input type=submit name=hangup value="Hang Up" borderimage="file://ROM/Borders/ButtonBorder2.bif" useStyle width=110><spacer width=20 type=horizontal>
+</table>
+</form>
+</body>
+</html>
+`; 
--- a/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/images/NameBanner.gif
+++ b/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/images/NameBanner.gif
--- a/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/images/NameStrip.gif
+++ b/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/images/NameStrip.gif
--- a/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/images/PasswordBanner.gif
+++ b/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/images/PasswordBanner.gif
--- a/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/login-stage-two.js
+++ b/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/login-stage-two.js
@@ -1,47 +1,14 @@
 var minisrv_service_file = true;
+var gourl = null;

-var challenge_response, challenge_header = '';
-var gourl;
-
-if (socket.ssid != null && !ssid_sessions[socket.ssid].get("wtvsec_login")) {
-	var wtvsec_login = new WTVSec(minisrv_config);
-	wtvsec_login.IssueChallenge();
-	wtvsec_login.set_incarnation(request_headers["wtv-incarnation"]);
-	ssid_sessions[socket.ssid].set("wtvsec_login", wtvsec_login);
-} else {
-	var wtvsec_login = ssid_sessions[socket.ssid].get("wtvsec_login");
-}
-
-if (socket.ssid !== null) {
-	if (wtvsec_login.ticket_b64 == null) {
-		challenge_response = wtvsec_login.challenge_response;
-		var client_challenge_response = request_headers["wtv-challenge-response"] || null;
-		if (challenge_response && client_challenge_response) {
-			if (challenge_response.toString(CryptoJS.enc.Base64) == client_challenge_response) {
-				console.log(" * wtv-challenge-response success for " + wtvshared.filterSSID(socket.ssid));
-				wtvsec_login.PrepareTicket();
-
-			} else {
-				console.log(" * wtv-challenge-response FAILED for " + wtvshared.filterSSID(socket.ssid));
-				if (minisrv_config.config.debug_flags.debug) console.log("Response Expected:", challenge_response.toString(CryptoJS.enc.Base64));
-				if (minisrv_config.config.debug_flags.debug) console.log("Response Received:", client_challenge_response)
-				gourl = "wtv-head-waiter:/login?reissue_challenge=true";
-			}
-		} else {
-			gourl = "wtv-head-waiter:/login?no_response=true";
-		}
-	}
-}
-
-if (!ssid_sessions[socket.ssid].getSessionData("registered") && (!request_headers.query.guest_login || !minisrv_config.config.allow_guests)) gourl = "wtv-register:/splash?";
+if (!ssid_sessions[socket.ssid].isRegistered() && (!request_headers.query.guest_login || !minisrv_config.config.allow_guests)) gourl = "wtv-register:/splash?";

 if (gourl) {
 	headers = `200 OK
 wtv-open-isp-disabled: false
 `;
-	if (!ssid_sessions[socket.ssid].getSessionData("registered") && (!request_headers.query.guest_login || !minisrv_config.config.allow_guests)) {
+	if (!ssid_sessions[socket.ssid].isRegistered() && (!request_headers.query.guest_login || !minisrv_config.config.allow_guests)) {
 		headers += `wtv-encrypted: true
-wtv-ticket: ${wtvsec_login.ticket_b64}
 ${getServiceString('wtv-register')}
 ${getServiceString('wtv-head-waiter')}
 ${getServiceString('wtv-star')}
@@ -77,91 +44,111 @@ else {
 		var messenger_authorized = ssid_sessions[socket.ssid].getSessionData("messenger_authorized") || 0;
 		var home_url = "wtv-home:/splash?";
 	}
+	var limitedLogin = ssid_sessions[socket.ssid].lockdown;
+	var limitedLoginRegistered = (limitedLogin || (ssid_sessions[socket.ssid].isRegistered() && ssid_sessions[socket.ssid].getSessionData('password_valid')));
 	var offline_user_list = CryptoJS.enc.Latin1.parse("<user-list>\n\t<user userid=\"" + userid + " user-name=\"" + nickname + "\" first-name=\"" + minisrv_config.config.service_name + "User \" last-name=\\" + namerand + "\" password=\"\" mail-enabled=\"true\" />\n</user-list>").toString(CryptoJS.enc.Base64);
+
+	if (limitedLoginRegistered) var home_url = "wtv-head-waiter:/password?";
+
 	data = '';
+
 	headers = `200 OK
 Connection: Keep-Alive
-wtv-encrypted: true
-wtv-client-time-zone: GMT -0000
+wtv-expire-all: wtv-head-waiter:
+`;
+
+	if (!limitedLogin) {
+		headers += `wtv-client-time-zone: GMT -0000
 wtv-client-time-dst-rule: GMT
 wtv-client-date: `+ strftime("%a, %d %b %Y %H:%M:%S", new Date(new Date().toUTCString())) + ` GMT
 wtv-country: US
 wtv-language-header: en-US,en
+wtv-noback-all: wtv-
 wtv-visit: client:closeallpanels
 wtv-expire-all: client:closeallpanels
 wtv-transition-override: off
-wtv-force-lightweight-targets: webtv.net:/
 wtv-smartcard-inserted-message: Contacting service
-wtv-bypass-proxy: false`;
-	if (!ssid_sessions[socket.ssid].lockdown) {
-		headers += `
-wtv-offline-user-list: ${offline_user_list}
-wtv-messenger-authorized: ${messenger_authorized}
-wtv-messenger-enable: ${messenger_enabled}`;
-	}
-	headers += `
-wtv-noback-all: wtv-
-wtv-service: reset
+wtv-ssl-timeout: 240
+wtv-login-timeout: 7200
 `;
-	if (!ssid_sessions[socket.ssid].lockdown) {
-		headers += getServiceString('all', { "exceptions": ["wtv-register"] });
-	} else {
-		headers += getServiceString('wtv-1800') + "\n";
-		headers += getServiceString('wtv-head-waiter') + "\n";
-		headers += getServiceString('wtv-star') + "\n";
-	}
-	headers += `
-wtv-ticket: ${wtvsec_login.ticket_b64}`;
-	if (!ssid_sessions[socket.ssid].lockdown) {
-		headers += `
+		if (!limitedLogin) {
+
+			headers += getServiceString('all', { "exceptions": ["wtv-register"] });
+			headers += `wtv-offline-user-list: ${offline_user_list}
+wtv-messenger-authorized: ${messenger_authorized}
+wtv-messenger-enable: ${messenger_enabled}
+wtv-messagewatch-checktimeoffset: off
+`;
+		} else {
+			/*
+			headers += getServiceString('wtv-1800') + "\n";
+			headers += getServiceString('wtv-head-waiter') + "\n";
+			headers += getServiceString('wtv-log') + "\n";
+			headers += getServiceString('wtv-star') + "\n";
+			headers += getServiceString('wtv-flashrom') + "\n";
+			*/
+			headers += `wtv-messenger-authorized: 0
+wtv-messenger-enable: 0
+`;
+		}
+
+		headers += `wtv-log-url: wtv-log:/log
+wtv-ssl-log-url: wtv-log:/log
+`;
+
+		if (!limitedLogin) {
+			headers += `wtv-bypass-proxy: false
 user-id: ${userid}
 wtv-human-name: ${human_name}
 ${ssid_sessions[socket.ssid].setIRCNick(nickname)}
 wtv-domain: ${minisrv_config.config.domain_name}
-wtv-messagewatch-checktimeoffset: off
 wtv-input-timeout: 14400
 wtv-connection-timeout: 1440
 wtv-fader-timeout: 1440
-wtv-inactive-timeout: 1440`;
-	} else {
-		headers += `
-user-id: 0
-wtv-human-name: Unauthorized User
-wtv-domain: ${minisrv_config.config.domain_name}
-wtv-input-timeout: 30
-wtv-connection-timeout: 60
-wtv-fader-timeout: 60
-wtv-inactive-timeout: 60`;
-	}
+wtv-inactive-timeout: 1440
+`;
+		}
+		/*
+		else {
+			headers += `wtv-bypass-proxy: true
+	user-id: 0
+	wtv-human-name: Unauthorized User
+	wtv-domain: ${minisrv_config.config.domain_name}
+	wtv-input-timeout: 30
+	wtv-connection-timeout: 60
+	wtv-fader-timeout: 60
+	wtv-inactive-timeout: 60`;
+		}
+		*/

-	headers += "\nwtv-relogin-url: wtv-head-waiter:/relogin?relogin=true";
-	if (request_headers.query.guest_login) headers += "&guest_login=true";
+		if (!limitedLogin) {
+			headers += "\nwtv-relogin-url: wtv-head-waiter:/relogin?relogin=true";
+			if (request_headers.query.guest_login) headers += "&guest_login=true";

-	headers += "\nwtv-reconnect-url: wtv-head-waiter:/login-stage-two?reconnect=true";
-	if (request_headers.query.guest_login) headers += "&guest_login=true";
+			headers += "\nwtv-reconnect-url: wtv-head-waiter:/login-stage-two?reconnect=true";
+			if (request_headers.query.guest_login) headers += "&guest_login=true";

-	headers += "\nwtv-boot-url: wtv-head-waiter:/relogin?relogin=true";
-	if (request_headers.query.guest_login) headers += "&guest_login=true";
+			headers += "\nwtv-boot-url: wtv-head-waiter:/relogin?relogin=true";
+			if (request_headers.query.guest_login) headers += "&guest_login=true";

-	if (!ssid_sessions[socket.ssid].lockdown) headers += "\nwtv-home-url: wtv-home:/home?";	
+			headers += "\nwtv-home-url: wtv-home:/home?";
+		}

-	if (ssid_sessions[socket.ssid].get('wtv-need-upgrade') != 'true' && !request_headers.query.reconnect && !ssid_sessions[socket.ssid].lockdown)
-		headers += "\nwtv-settings-url: wtv-setup:/get";
+		if (ssid_sessions[socket.ssid].get('wtv-need-upgrade') != 'true' && !request_headers.query.reconnect && !limitedLogin)
+			headers += "\nwtv-settings-url: wtv-setup:/get\n";

-	headers += `
+		if (!limitedLogin) {
+			headers += `wtv-force-lightweight-targets: webtv.net:/
 wtv-show-time-enabled: true
 wtv-allow-dsc: true
 wtv-tourist-enabled: true
-wtv-log-url: wtv-log:/log
-wtv-ssl-log-url: wtv-log:/log
-wtv-ssl-timeout: 240
-wtv-login-timeout: 7200
 wtv-open-isp-disabled: false
 wtv-offline-mail-enable: false
 wtv-demo-mode: 0
 wtv-wink-deferrer-retries: 3
 wtv-name-server: 8.8.8.8`;
-
+		}
+	}
 	if (!request_headers.query.reconnect) headers += "\nwtv-visit: " + home_url;
 	headers += "\nContent-Type: text/html";
 }
--- a/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/login.js
+++ b/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/login.js
@@ -1,8 +1,9 @@
 var minisrv_service_file = true;

 var challenge_response, challenge_header = "";
+if (socket.ssid !== null) ssid_sessions[socket.ssid].switchUserID(0);

-var gourl = "wtv-head-waiter:/login-stage-two?";
+var gourl = "wtv-head-waiter:/ValidateLogin?initial_login=true&";
 if (request_headers.query.relogin) gourl += "relogin=true";
 else if (request_headers.query.reconnect) gourl += "reconnect=true";

@@ -55,6 +56,8 @@ wtv-expire-all: wtv-head-waiter:
 wtv-log-url: wtv-log:/log`;
 	if (challenge_header != "") headers += "\n" + challenge_header;
 	headers += `
+wtv-country: US
+wtv-language-header: en-US,en
 wtv-relogin-url: wtv-head-waiter:/relogin?relogin=true
 wtv-reconnect-url: wtv-head-waiter:/relogin?reconnect=true
 wtv-visit: ${gourl}
--- a/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/password.js
+++ b/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/password.js
@@ -0,0 +1,58 @@
+var minisrv_service_file = true;
+
+headers = `200 OK
+Connection: Keep-Alive
+Content-Type: text/html
+wtv-visit: client:closeallpanels
+wtv-expire-all: client:closeallpanels`;
+
+data = `<html><HEAD><title>Password</title> 
+<DISPLAY noscroll nooptions nostatus switchtowebmode> </HEAD> <sidebar width=144> <table cellspacing=0 cellpadding=0 bgcolor="30364D"> <tr> <td width=138 absheight=109 valign=top align=center> <img src="ROMCache/Spacer.gif" width=1 height=8><br> <img src="ROMCache/Spacer.gif" width=7 height=1>
+<img src="${minisrv_config.config.service_logo}" width=127 height=98>
+<td rowspan=99 width=6 absheight=420 valign=top align=left> <img src="ROMCache/Shadow.gif" width=6 height=420> <tr> <td absheight=5>
+<table cellspacing=0 cellpadding=0> 
+<tr><td abswidth=138 absheight=2 valign=middle align=center bgcolor="1C1E28"> <img src="ROMCache/Spacer.gif" width=1 height=1> <tr><td abswidth=138 absheight=1 valign=top align=left> <tr><td abswidth=138 absheight=2 valign=top align=left bgcolor="4D5573"> <img src="ROMCache/Spacer.gif" width=1 height=1> </table> <tr> 
+<td absheight=106>
+<tr>
+<td align=right> 
+<img src="images/PasswordBanner.gif" width=50 height=191> <tr> <td absheight=8> 
+</table>
+</sidebar>
+<body background="images/NameStrip.gif"
+novtilebg
+nohtilebg
+bgcolor=191919 
+text="AA9B4A" link=189cd6 vlink=189cd6 hspace=0 fontsize="large"> <form action=/ValidateLogin enctype="x-www-form-encoded" method=post> <input type="hidden" NAME="target-url" VALUE=""> <table cellspacing=0 cellpadding=0> 
+<tr>
+<td width=20>
+<td valign=center absheight=104> 
+<font size="+1" color="E7CE4A"><blackface><shadow> Type your password </shadow></blackface> 
+<tr>
+<td> 
+<td bgcolor=2b2b2b abswidth=400 absheight=2> <img src="ROMCache/Spacer.gif" width=1 height=1> <tr> <td> 
+<td absheight=1>
+<tr>
+<td> 
+<td bgcolor=000000 abswidth=400 absheight=2> <img src="ROMCache/Spacer.gif" width=1 height=1> <tr> <td> 
+<td height=125 valign=center>
+<font size=+1 color=42bd52>Password 
+<img src="ROMCache/Spacer.gif" width=4 height=1> <input type=password size=26 maxlength=10 name="password" bgcolor=#444444 text=#ffdd33 cursor=#cc9933 id="password" selected >
+<input type=hidden name="user_id" id="user_id" value=${ssid_sessions[socket.ssid].user_id}> <tr> <td>
+<td>
+<tr>
+<td> 
+<td bgcolor=2b2b2b abswidth=400 absheight=2> <img src="ROMCache/Spacer.gif" width=1 height=1> <tr> <td> 
+<td absheight=1>
+<tr>
+<td> 
+<td bgcolor=000000 abswidth=400 absheight=2> <img src="ROMCache/Spacer.gif" width=1 height=1> <tr> <td height=8> 
+<tr>
+<td>
+<td align=right width=100%> 
+<font COLOR="#E7CE4A" SIZE=-1><shadow><input type=submit borderimage="file://ROM/Borders/ButtonBorder2.bif" value="Continue" usestyle>
+</shadow></font> 
+<img src="ROMCache/Spacer.gif" width=20 height=1> </table>
+</form> 
+</body>
+</html>
+`;