added authentication among other things. considered working at this point.

2025-03-25 11:27:21 +00:00
parent cf8b0041b2
commit f1ad9757ba
19 changed files with 310 additions and 58 deletions
--- a/main.go
+++ b/main.go
@@ -4,31 +4,32 @@ import (
 	"log"
 	"net/http"
 	"synlotto-website/handlers"
+	"synlotto-website/models"
 	"synlotto-website/storage"
+
+	"github.com/gorilla/csrf"
 )

 func main() {
 	db := storage.InitDB("synlotto.db")
+	models.SetDB(db)

-	http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
-		switch r.URL.Path {
-		case "/":
-			handlers.Home(w, r)
-		case "/new":
-			handlers.NewDraw(w, r)
-		case "/submit":
-			handlers.Submit(w, r)
-		case "/ticket":
-			handlers.NewTicket(db)
-		case "/tickets":
-			handlers.ListTickets(db)
-		case "/submit-ticket":
-			handlers.SubmitTicket(db)
-		default:
-			http.NotFound(w, r)
-		}
-	})
+	csrfMiddleware := csrf.Protect(
+		[]byte("32-byte-long-auth-key-here"), // TodO: Make Global
+		csrf.Secure(false),
+	)
+
+	mux := http.NewServeMux()
+
+	mux.HandleFunc("/", handlers.Home)
+	mux.HandleFunc("/new", handlers.NewDraw)
+	mux.HandleFunc("/submit", handlers.Submit)
+	mux.HandleFunc("/ticket", handlers.NewTicket(db))
+	mux.HandleFunc("/tickets", handlers.ListTickets(db))
+	mux.HandleFunc("/submit-ticket", handlers.RequireAuth(handlers.SubmitTicket(db)))
+	mux.HandleFunc("/login", handlers.Login)
+	mux.HandleFunc("/signup", handlers.Signup)

 	log.Println("🌐 Running on http://localhost:8080")
-	log.Fatal(http.ListenAndServe(":8080", nil))
+	http.ListenAndServe(":8080", csrfMiddleware(mux))
 }