Add login to applicatio

auth.go

@@ -0,0 +1,74 @@
+package main
+
+import (
+	"crypto/rand"
+	"encoding/base64"
+	"errors"
+	"log"
+	"net/http"
+	"time"
+)
+
+type SessionData struct {
+	username string
+}
+
+var (
+	sessions = make(map[string]*SessionData)
+)
+
+func userOk(username, password string) bool {
+	return (username == "Lamperi" && password == "paskaa")
+}
+
+func tryLogin(username, password string, longerTime bool) (http.Cookie, error) {
+	if exists := userOk(username, password); !exists {
+		return http.Cookie{},
+			errors.New("The username or password you entered isn't correct.")
+	}
+
+	sid, err := randString(32)
+	if err != nil {
+		return http.Cookie{}, err
+	}
+
+	sessions[sid] = &SessionData{username}
+
+	hours := time.Duration(1)
+	if longerTime {
+		hours = time.Duration(336)
+	}
+
+	loginCookie := http.Cookie{
+		Name:     "id",
+		Value:    sid,
+		MaxAge:   int((time.Hour * hours).Seconds()),
+		HttpOnly: true,
+	}
+
+	return loginCookie, nil
+}
+
+func getSession(req *http.Request) (*SessionData, error) {
+	cookie, err := req.Cookie("id")
+	if err != nil {
+		return nil, err
+	}
+
+	session, exists := sessions[cookie.Value]
+	if !exists {
+		return nil, errors.New("Session expired from server")
+	}
+	return session, nil
+}
+
+func randString(size int) (string, error) {
+	buf := make([]byte, size)
+
+	if _, err := rand.Read(buf); err != nil {
+		log.Println(err)
+		return "", errors.New("Couldn't generate random string")
+	}
+
+	return base64.URLEncoding.EncodeToString(buf)[:size], nil
+}

web.go

@@ -17,26 +17,39 @@ func indexHandler(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	songs, err := loadDb()
-	if err != nil {
-		http.Error(w, err.Error(), http.StatusInternalServerError)
-		return
-	}
 	alsoEmptySongs := SongsFile{
 		Songs: make([]*SongEntry, 52),
 	}
 	for week := 1; week <= 52; week++ {
 		alsoEmptySongs.Songs[week-1] = &SongEntry{Week: week}
 	}
-	for _, song := range songs.Songs {
-		alsoEmptySongs.Songs[song.Week-1] = song
+	username := ""
+	session, err := getSession(r)
+	if session != nil {
+		songs, err := loadDb()
+		if err != nil {
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+		for _, song := range songs.Songs {
+			alsoEmptySongs.Songs[song.Week-1] = song
+		}
+		username = session.username
 	}
 
 	var templates = cachedTemplates
 	if true {
 		templates = template.Must(template.ParseFiles("web/index.html"))
 	}
-	err = templates.ExecuteTemplate(w, "index.html", alsoEmptySongs)
+
+	data := struct {
+		Username string
+		Songs    []*SongEntry
+	}{
+		username,
+		alsoEmptySongs.Songs,
+	}
+	err = templates.ExecuteTemplate(w, "index.html", data)
 	if err != nil {
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 	}
@@ -47,6 +60,7 @@ func updateHandler(w http.ResponseWriter, r *http.Request) {
 		http.Error(w, "Forbidden", http.StatusForbidden)
 		return
 	}
+
 	err := r.ParseForm()
 	if err != nil {
 		http.Error(w, err.Error(), http.StatusBadRequest)
@@ -100,16 +114,41 @@ func updateHandler(w http.ResponseWriter, r *http.Request) {
 	http.Redirect(w, r, "/", http.StatusTemporaryRedirect)
 }
 
+func loginHandler(w http.ResponseWriter, r *http.Request) {
+	err := r.ParseForm()
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusBadRequest)
+		return
+	}
+	username := r.Form.Get("username")
+	password := r.Form.Get("password")
+	remember := r.Form.Get("remember")
+	longer := remember == "remember-me"
+
+	cookie, err := tryLogin(username, password, longer)
+
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusForbidden)
+		return
+	}
+
+	http.SetCookie(w, &cookie)
+	http.Redirect(w, r, "/", http.StatusTemporaryRedirect)
+}
+
 func webStart(modifiedSongChan chan *SongEntry) {
 	songsChan = modifiedSongChan
 
+	mux := http.NewServeMux()
+
 	fs := http.FileServer(http.Dir("web"))
-	http.Handle("/css/", fs)
-	http.Handle("/fonts/", fs)
-	http.Handle("/js/", fs)
-	http.Handle("/favicon.ico", fs)
-	http.HandleFunc("/", indexHandler)
-	http.HandleFunc("/update", updateHandler)
-
-	http.ListenAndServe("localhost:8080", nil)
+	mux.Handle("/css/", fs)
+	mux.Handle("/fonts/", fs)
+	mux.Handle("/js/", fs)
+	mux.Handle("/favicon.ico", fs)
+	mux.HandleFunc("/", indexHandler)
+	mux.HandleFunc("/update", updateHandler)
+	mux.HandleFunc("/login", loginHandler)
+
+	http.ListenAndServe("localhost:8080", mux)
 }

web/index.html

@@ -18,48 +18,21 @@
 
   <body>
 
-    <nav class="navbar navbar-toggleable-md navbar-inverse fixed-top bg-inverse">
-      <button class="navbar-toggler navbar-toggler-right" type="button" data-toggle="collapse" data-target="#navbarsExampleDefault" aria-controls="navbarsExampleDefault" aria-expanded="false" aria-label="Toggle navigation">
-        <span class="navbar-toggler-icon"></span>
-      </button>
-      <a class="navbar-brand" href="#"></a>
-
-      <div class="collapse navbar-collapse" id="navbarsExampleDefault">
-        <ul class="navbar-nav mr-auto">
-          <li class="nav-item active">
-            <a class="nav-link" href="#">Home <span class="sr-only">(current)</span></a>
-          </li>
-          <li class="nav-item">
-            <a class="nav-link" href="#">Link</a>
-          </li>
-          <li class="nav-item">
-            <a class="nav-link disabled" href="#">Disabled</a>
-          </li>
-          <li class="nav-item dropdown">
-            <a class="nav-link dropdown-toggle" href="http://example.com" id="dropdown01" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">Dropdown</a>
-            <div class="dropdown-menu" aria-labelledby="dropdown01">
-              <a class="dropdown-item" href="#">Action</a>
-              <a class="dropdown-item" href="#">Another action</a>
-              <a class="dropdown-item" href="#">Something else here</a>
-            </div>
-          </li>
-        </ul>
-        <form class="form-inline my-2 my-lg-0">
-          <input class="form-control mr-sm-2" type="text" placeholder="Search">
-          <button class="btn btn-outline-success my-2 my-sm-0" type="submit">Search</button>
-        </form>
-      </div>
-    </nav>
-
     <!-- Main jumbotron for a primary marketing message or call to action -->
     <div class="jumbotron">
       <div class="container">
-        <h1 class="display-3">Hello Lamperi!</h1>
+        {{if .Username}}
+        <h1 class="display-3">Hello {{ .Username }}!</h1>
         <p>Please fill in the songs for year 2018.</p>
+        {{else}}
+        <h1 class="display-3">Please log in</h1>
+        <p>Login to fill in the songs for year 2018.</p>
+        {{end}}
       </div>
     </div>
 
     <div class="container">
+        {{if .Username }}
         {{range .Songs }}
         <div class="row">
             <small style="width: 70px">Week {{ .Week }}</small>
@@ -84,6 +57,21 @@
             
         </div>
         {{end}}
+        {{else}}
+        <form class="form-signin" method="post" action="/login">
+            <h2 class="form-signin-heading">Please sign in</h2>
+            <label for="username" class="sr-only">Email address</label>
+            <input type="text" name="username" class="form-control" placeholder="Username" required autofocus>
+            <label for="password" class="sr-only">Password</label>
+            <input type="password" name="password" class="form-control" placeholder="Password" required>
+            <div class="checkbox">
+                <label>
+                    <input type="checkbox" name="remember-me" value="remember-me"> Remember me
+                </label>
+            </div>
+            <button class="btn btn-lg btn-primary btn-block" type="submit">Sign in</button>
+        </form>
+    {{end}}
 
       <hr>