add some auth
This commit is contained in:
parent
ef554197e6
commit
945695f148
@ -13,6 +13,7 @@ import (
|
||||
var (
|
||||
password = "hardcodedpassword"
|
||||
lootPath = "Loot"
|
||||
sessionCookieName = "auth_session"
|
||||
)
|
||||
|
||||
type PageData struct {
|
||||
@ -44,6 +45,12 @@ func loginHandler(w http.ResponseWriter, r *http.Request) {
|
||||
}
|
||||
|
||||
if r.FormValue("password") == password {
|
||||
http.SetCookie(w, &http.Cookie{
|
||||
Name: sessionCookieName,
|
||||
Value: "authenticated",
|
||||
Path: "/",
|
||||
MaxAge: 3600,
|
||||
})
|
||||
http.Redirect(w, r, "/loot", http.StatusSeeOther)
|
||||
return
|
||||
}
|
||||
@ -52,10 +59,7 @@ func loginHandler(w http.ResponseWriter, r *http.Request) {
|
||||
}
|
||||
|
||||
func lootHandler(w http.ResponseWriter, r *http.Request) {
|
||||
if !isAuthenticated(r) {
|
||||
http.Redirect(w, r, "/", http.StatusSeeOther)
|
||||
return
|
||||
}
|
||||
checkAuth(w, r)
|
||||
|
||||
uids, err := getDeviceUIDs()
|
||||
if err != nil {
|
||||
@ -68,12 +72,20 @@ func lootHandler(w http.ResponseWriter, r *http.Request) {
|
||||
}
|
||||
|
||||
func fileHandler(w http.ResponseWriter, r *http.Request) {
|
||||
checkAuth(w, r)
|
||||
|
||||
requestedPath := strings.TrimPrefix(r.URL.Path, "/files/")
|
||||
filePath := filepath.Join(lootPath, requestedPath)
|
||||
http.ServeFile(w, r, filePath)
|
||||
}
|
||||
|
||||
func logoutHandler(w http.ResponseWriter, r *http.Request) {
|
||||
http.SetCookie(w, &http.Cookie{
|
||||
Name: sessionCookieName,
|
||||
Value: "",
|
||||
Path: "/",
|
||||
MaxAge: -1,
|
||||
})
|
||||
http.Redirect(w, r, "/", http.StatusSeeOther)
|
||||
}
|
||||
|
||||
@ -87,6 +99,10 @@ func renderTemplate(w http.ResponseWriter, tmpl string, data interface{}) {
|
||||
}
|
||||
|
||||
func isAuthenticated(r *http.Request) bool {
|
||||
sessionCookie, err := r.Cookie(sessionCookieName)
|
||||
if err != nil || sessionCookie.Value != "authenticated" {
|
||||
return false
|
||||
}
|
||||
return true
|
||||
}
|
||||
|
||||
@ -104,3 +120,10 @@ func getDeviceUIDs() ([]string, error) {
|
||||
return uids, nil
|
||||
}
|
||||
|
||||
func checkAuth(w http.ResponseWriter, r *http.Request) {
|
||||
if !isAuthenticated(r) {
|
||||
http.Redirect(w, r, "/", http.StatusSeeOther)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user