From 0e2da62081b475787b14fd1fd17c9d6eadce9bae Mon Sep 17 00:00:00 2001
From: Nazar Kanaev <nkanaev@live.com>
Date: Tue, 3 Nov 2020 21:54:55 +0000
Subject: [PATCH] login page

---
 assets/login.html  | 38 ++++++++++++++++++++++++++++++++++++++
 server/auth.go     | 22 ++++++++++++++++++++++
 server/handlers.go | 29 ++++++++++++++++++++++++++---
 server/router.go   |  6 ++++++
 server/server.go   | 12 ++++++++++++
 5 files changed, 104 insertions(+), 3 deletions(-)
 create mode 100644 assets/login.html
 create mode 100644 server/auth.go

diff --git a/assets/login.html b/assets/login.html
new file mode 100644
index 0000000..b76a8a2
--- /dev/null
+++ b/assets/login.html
@@ -0,0 +1,38 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <title>yarr!</title>
+    <link rel="stylesheet" href="./static/stylesheets/bootstrap.min.css">
+    <link rel="stylesheet" href="./static/stylesheets/app.css">
+    <link rel="icon shortcut" href="./static/graphicarts/anchor.png">
+    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+    <style>
+        form {
+            max-width: 300px;
+            margin: 0 auto;
+            padding: 1rem;
+        }
+        form img {
+            width: 4rem;
+            height: 4rem;
+            display: block;
+            margin: 3rem auto;
+        }
+    </style>
+</head>
+<body>
+    <form action="" method="post">
+        <img src="./static/graphicarts/anchor.svg" alt="">
+        <div class="form-group">
+            <label for="username">Username</label>
+            <input class="form-control" id="username">
+        </div>
+        <div class="form-group">
+            <label for="password">Password</label>
+            <input class="form-control" id="password" type="password">
+        </div>
+        <button class="btn btn-block btn-default" type="submit">Login</button>
+    </form>
+</body>
+</html>
diff --git a/server/auth.go b/server/auth.go
new file mode 100644
index 0000000..121d3bf
--- /dev/null
+++ b/server/auth.go
@@ -0,0 +1,22 @@
+package server
+
+import (
+	"net/http"
+)
+
+
+func userIsAuthenticated(req *http.Request, username, password string) bool {
+	cookie, _ :=  req.Cookie("auth")
+	if cookie == nil {
+		return false
+	}
+	// TODO: change to something sane
+	if cookie.Value != username {
+		return false
+	}
+	return true
+}
+
+func userAuthenticate(rw http.ResponseWriter, username, password string) {
+
+}
diff --git a/server/handlers.go b/server/handlers.go
index 1556b0f..bfae5be 100644
--- a/server/handlers.go
+++ b/server/handlers.go
@@ -22,8 +22,8 @@ import (
 )
 
 var routes []Route = []Route{
-	p("/", IndexHandler),
-	p("/static/*path", StaticHandler),
+	p("/", IndexHandler).SkipAuth(),
+	p("/static/*path", StaticHandler).SkipAuth(),
 	p("/api/status", StatusHandler),
 	p("/api/folders", FolderListHandler),
 	p("/api/folders/:id", FolderHandler),
@@ -38,7 +38,7 @@ var routes []Route = []Route{
 	p("/opml/import", OPMLImportHandler),
 	p("/opml/export", OPMLExportHandler),
 	p("/page", PageCrawlHandler),
-	p("/fever/", FeverHandler),
+	p("/fever/", FeverHandler).SkipAuth(),
 }
 
 type asset struct {
@@ -90,6 +90,29 @@ type ItemUpdateForm struct {
 }
 
 func IndexHandler(rw http.ResponseWriter, req *http.Request) {
+	h := handler(req)
+	if h.requiresAuth() && !userIsAuthenticated(req, h.Username, h.Password) {
+		if req.Method == "POST" {
+			// TODO: implement
+		}
+
+		if assets != nil {
+			asset := assets["login.html"]
+			rw.Header().Set("Content-Type", "text/html")
+			rw.Header().Set("Content-Encoding", "gzip")
+			rw.Write(*asset.gzip())
+			return
+		} else {
+			f, err := os.Open("assets/login.html")
+			if err != nil {
+				handler(req).log.Print(err)
+				return
+			}
+			io.Copy(rw, f)
+			return
+		}
+	}
+
 	if assets != nil {
 		asset := assets["index.html"]
 
diff --git a/server/router.go b/server/router.go
index 439c1a0..e6dc32f 100644
--- a/server/router.go
+++ b/server/router.go
@@ -9,6 +9,12 @@ type Route struct {
 	url      string
 	urlRegex *regexp.Regexp
 	handler  func(http.ResponseWriter, *http.Request)
+	skipAuth bool
+}
+
+func (r Route) SkipAuth() Route {
+	r.skipAuth = true
+	return r
 }
 
 func p(path string, handler func(http.ResponseWriter, *http.Request)) Route {
diff --git a/server/server.go b/server/server.go
index f73fb2d..11937c1 100644
--- a/server/server.go
+++ b/server/server.go
@@ -49,6 +49,14 @@ func (h Handler) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
 		rw.WriteHeader(http.StatusNotFound)
 		return
 	}
+
+	if h.requiresAuth() && !route.skipAuth {
+		if !userIsAuthenticated(req, h.Username, h.Password) {
+			rw.WriteHeader(http.StatusUnauthorized)
+			return
+		}
+	}
+
 	ctx := context.WithValue(req.Context(), ctxHandler, &h)
 	ctx = context.WithValue(ctx, ctxVars, vars)
 	route.handler(rw, req.WithContext(ctx))
@@ -137,6 +145,10 @@ func (h *Handler) startJobs() {
 	}
 }
 
+func (h Handler) requiresAuth() bool {
+	return h.Username != "" && h.Password != ""
+}
+
 func (h *Handler) fetchAllFeeds() {
 	h.log.Print("Refreshing all feeds")
 	for _, feed := range h.db.ListFeeds() {