diff --git a/handlers/account/authentication.go b/handlers/account/authentication.go index 8751322..d83282c 100644 --- a/handlers/account/authentication.go +++ b/handlers/account/authentication.go @@ -27,7 +27,8 @@ func Login(db *sql.DB) http.HandlerFunc { } tmpl := templateHelpers.LoadTemplateFiles("login.html", "templates/account/login.html") - context := templateHelpers.TemplateContext(w, r, models.TemplateData{}) + data := models.TemplateData{} + context := templateHelpers.TemplateContext(w, r, data) context["csrfField"] = csrf.TemplateField(r) if err := tmpl.ExecuteTemplate(w, "layout", context); err != nil { diff --git a/handlers/admin/audit.go b/handlers/admin/audit.go index 2132e9c..7d7a4fe 100644 --- a/handlers/admin/audit.go +++ b/handlers/admin/audit.go @@ -21,7 +21,8 @@ type AdminLogEntry struct { func AdminAccessLogHandler(db *sql.DB) http.HandlerFunc { return middleware.Auth(true)(func(w http.ResponseWriter, r *http.Request) { - context := templateHelpers.TemplateContext(w, r, models.TemplateData{}) + data := models.TemplateData{} + context := templateHelpers.TemplateContext(w, r, data) rows, err := db.Query(` SELECT accessed_at, user_id, path, ip, user_agent @@ -55,7 +56,8 @@ func AdminAccessLogHandler(db *sql.DB) http.HandlerFunc { func AuditLogHandler(db *sql.DB) http.HandlerFunc { return middleware.Auth(true)(func(w http.ResponseWriter, r *http.Request) { - context := templateHelpers.TemplateContext(w, r, models.TemplateData{}) + data := models.TemplateData{} + context := templateHelpers.TemplateContext(w, r, data) rows, err := db.Query(` SELECT timestamp, user_id, action, ip, user_agent diff --git a/handlers/admin/dashboard.go b/handlers/admin/dashboard.go index 4ae170b..7d24305 100644 --- a/handlers/admin/dashboard.go +++ b/handlers/admin/dashboard.go @@ -6,26 +6,37 @@ import ( "net/http" httpHelpers "synlotto-website/helpers/http" + securityHelpers "synlotto-website/helpers/security" templateHelpers "synlotto-website/helpers/template" "synlotto-website/models" + "synlotto-website/storage" +) + +var ( + total, winners int + prizeSum float64 ) func AdminDashboardHandler(db *sql.DB) http.HandlerFunc { return httpHelpers.AuthMiddleware(func(w http.ResponseWriter, r *http.Request) { - // userID, ok := securityHelpers.GetCurrentUserID(r) - // if !ok { - // http.Redirect(w, r, "/account/login", http.StatusSeeOther) - // return - // } + userID, ok := securityHelpers.GetCurrentUserID(r) + if !ok { + http.Redirect(w, r, "/account/login", http.StatusSeeOther) + return + } - // TODO: check is_admin from users table here + user := storage.GetUserByID(db, userID) + if user == nil { + http.Error(w, "User not found", http.StatusUnauthorized) + return + } - context := templateHelpers.TemplateContext(w, r, models.TemplateData{}) - - // Total ticket stats - var total, winners int - var prizeSum float64 + data := models.TemplateData{} + context := templateHelpers.TemplateContext(w, r, data) + context["User"] = user + context["IsAdmin"] = user.IsAdmin + // Missing messages, notifications, potentially syndicate notifictions if that becomes a new top bar icon. db.QueryRow(`SELECT COUNT(*), SUM(CASE WHEN is_winner THEN 1 ELSE 0 END), SUM(prize_amount) FROM my_tickets`).Scan(&total, &winners, &prizeSum) context["Stats"] = map[string]interface{}{ "TotalTickets": total, @@ -33,7 +44,6 @@ func AdminDashboardHandler(db *sql.DB) http.HandlerFunc { "TotalPrizeAmount": prizeSum, } - // Match run log rows, err := db.Query(` SELECT run_at, triggered_by, tickets_matched, winners_found, COALESCE(notes, '') FROM log_ticket_matching diff --git a/handlers/admin/draws.go b/handlers/admin/draws.go index adebaad..5432b63 100644 --- a/handlers/admin/draws.go +++ b/handlers/admin/draws.go @@ -13,7 +13,8 @@ import ( func NewDrawHandler(db *sql.DB) http.HandlerFunc { return httpHelpers.AuthMiddleware(func(w http.ResponseWriter, r *http.Request) { - context := templateHelpers.TemplateContext(w, r, models.TemplateData{}) + data := models.TemplateData{} + context := templateHelpers.TemplateContext(w, r, data) if r.Method == http.MethodPost { game := r.FormValue("game_type") @@ -74,7 +75,8 @@ func DeleteDrawHandler(db *sql.DB) http.HandlerFunc { func ListDrawsHandler(db *sql.DB) http.HandlerFunc { return httpHelpers.AuthMiddleware(func(w http.ResponseWriter, r *http.Request) { - context := templateHelpers.TemplateContext(w, r, models.TemplateData{}) + data := models.TemplateData{} + context := templateHelpers.TemplateContext(w, r, data) draws := []models.DrawSummary{} rows, err := db.Query(` diff --git a/handlers/admin/manualtriggers.go b/handlers/admin/manualtriggers.go index 59deef9..9e26261 100644 --- a/handlers/admin/manualtriggers.go +++ b/handlers/admin/manualtriggers.go @@ -16,7 +16,8 @@ import ( func AdminTriggersHandler(db *sql.DB) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { - context := templateHelpers.TemplateContext(w, r, models.TemplateData{}) + data := models.TemplateData{} + context := templateHelpers.TemplateContext(w, r, data) if flash := r.URL.Query().Get("flash"); flash != "" { context["Flash"] = flash diff --git a/handlers/admin/prizes.go b/handlers/admin/prizes.go index 9c35626..865b7b5 100644 --- a/handlers/admin/prizes.go +++ b/handlers/admin/prizes.go @@ -14,10 +14,10 @@ import ( func AddPrizesHandler(db *sql.DB) http.HandlerFunc { return httpHelpers.AuthMiddleware(func(w http.ResponseWriter, r *http.Request) { + data := models.TemplateData{} if r.Method == http.MethodGet { tmpl := templateHelpers.LoadTemplateFiles("add_prizes.html", "templates/admin/draws/prizes/add_prizes.html") - - tmpl.ExecuteTemplate(w, "layout", templateHelpers.TemplateContext(w, r, models.TemplateData{})) + tmpl.ExecuteTemplate(w, "layout", templateHelpers.TemplateContext(w, r, data)) return } @@ -46,10 +46,11 @@ func AddPrizesHandler(db *sql.DB) http.HandlerFunc { func ModifyPrizesHandler(db *sql.DB) http.HandlerFunc { return httpHelpers.AuthMiddleware(func(w http.ResponseWriter, r *http.Request) { + data := models.TemplateData{} if r.Method == http.MethodGet { tmpl := templateHelpers.LoadTemplateFiles("modify_prizes.html", "templates/admin/draws/prizes/modify_prizes.html") - tmpl.ExecuteTemplate(w, "layout", templateHelpers.TemplateContext(w, r, models.TemplateData{})) + tmpl.ExecuteTemplate(w, "layout", templateHelpers.TemplateContext(w, r, data)) return } diff --git a/handlers/lottery/draws/draw_handler.go b/handlers/lottery/draws/draw_handler.go index 6a914cb..9395677 100644 --- a/handlers/lottery/draws/draw_handler.go +++ b/handlers/lottery/draws/draw_handler.go @@ -14,9 +14,8 @@ import ( func NewDraw(db *sql.DB) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { - log.Println("➡️ New draw form opened") - - context := templateHelpers.TemplateContext(w, r, models.TemplateData{}) + data := models.TemplateData{} + context := templateHelpers.TemplateContext(w, r, data) context["Page"] = "new_draw" context["Data"] = nil diff --git a/handlers/lottery/tickets/ticket_handler.go b/handlers/lottery/tickets/ticket_handler.go index cbaeeec..8ccb729 100644 --- a/handlers/lottery/tickets/ticket_handler.go +++ b/handlers/lottery/tickets/ticket_handler.go @@ -44,7 +44,8 @@ func AddTicket(db *sql.DB) http.HandlerFunc { } } - context := templateHelpers.TemplateContext(w, r, models.TemplateData{}) + data := models.TemplateData{} + context := templateHelpers.TemplateContext(w, r, data) context["csrfField"] = csrf.TemplateField(r) context["DrawDates"] = drawDates @@ -270,6 +271,11 @@ func SubmitTicket(db *sql.DB) http.HandlerFunc { func GetMyTickets(db *sql.DB) http.HandlerFunc { return httpHelpers.AuthMiddleware(func(w http.ResponseWriter, r *http.Request) { + data := models.TemplateData{} + var tickets []models.Ticket + context := templateHelpers.TemplateContext(w, r, data) + context["Tickets"] = tickets + userID, ok := securityHelpers.GetCurrentUserID(r) if !ok { http.Redirect(w, r, "/account/login", http.StatusSeeOther) @@ -293,8 +299,6 @@ func GetMyTickets(db *sql.DB) http.HandlerFunc { } defer rows.Close() - var tickets []models.Ticket - for rows.Next() { var t models.Ticket var b1, b2, b3, b4, b5, b6, bo1, bo2 sql.NullInt64 @@ -360,9 +364,6 @@ func GetMyTickets(db *sql.DB) http.HandlerFunc { tickets = append(tickets, t) } - context := templateHelpers.TemplateContext(w, r, models.TemplateData{}) - context["Tickets"] = tickets - tmpl := templateHelpers.LoadTemplateFiles("my_tickets.html", "templates/account/tickets/my_tickets.html") err = tmpl.ExecuteTemplate(w, "layout", context)