add some auth

loothandler.go

@@ -11,8 +11,9 @@ import (
 )
 
 var (
-	password = "hardcodedpassword"
+	password          = "hardcodedpassword"
-	lootPath = "Loot"
+	lootPath          = "Loot"
+	sessionCookieName = "auth_session"
 )
 
 type PageData struct {
@@ -44,6 +45,12 @@ func loginHandler(w http.ResponseWriter, r *http.Request) {
 	}
 
 	if r.FormValue("password") == password {
+		http.SetCookie(w, &http.Cookie{
+			Name:   sessionCookieName,
+			Value:  "authenticated",
+			Path:   "/",
+			MaxAge: 3600,
+		})
 		http.Redirect(w, r, "/loot", http.StatusSeeOther)
 		return
 	}
@@ -52,10 +59,7 @@ func loginHandler(w http.ResponseWriter, r *http.Request) {
 }
 
 func lootHandler(w http.ResponseWriter, r *http.Request) {
-	if !isAuthenticated(r) {
+	checkAuth(w, r)
-		http.Redirect(w, r, "/", http.StatusSeeOther)
-		return
-	}
 
 	uids, err := getDeviceUIDs()
 	if err != nil {
@@ -68,12 +72,20 @@ func lootHandler(w http.ResponseWriter, r *http.Request) {
 }
 
 func fileHandler(w http.ResponseWriter, r *http.Request) {
+	checkAuth(w, r)
+
 	requestedPath := strings.TrimPrefix(r.URL.Path, "/files/")
 	filePath := filepath.Join(lootPath, requestedPath)
 	http.ServeFile(w, r, filePath)
 }
 
 func logoutHandler(w http.ResponseWriter, r *http.Request) {
+	http.SetCookie(w, &http.Cookie{
+		Name:   sessionCookieName,
+		Value:  "",
+		Path:   "/",
+		MaxAge: -1,
+	})
 	http.Redirect(w, r, "/", http.StatusSeeOther)
 }
 
@@ -87,6 +99,10 @@ func renderTemplate(w http.ResponseWriter, tmpl string, data interface{}) {
 }
 
 func isAuthenticated(r *http.Request) bool {
+	sessionCookie, err := r.Cookie(sessionCookieName)
+	if err != nil || sessionCookie.Value != "authenticated" {
+		return false
+	}
 	return true
 }
 
@@ -104,3 +120,10 @@ func getDeviceUIDs() ([]string, error) {
 	return uids, nil
 }
 
+func checkAuth(w http.ResponseWriter, r *http.Request) {
+	if !isAuthenticated(r) {
+		http.Redirect(w, r, "/", http.StatusSeeOther)
+		return
+	}
+}
+