package main import ( "database/sql" "log" "net/http" "synlotto-website/handlers" admin "synlotto-website/handlers/admin" "synlotto-website/helpers" "synlotto-website/middleware" "synlotto-website/models" "synlotto-website/storage" "github.com/gorilla/csrf" ) func main() { db := storage.InitDB("synlotto.db") models.SetDB(db) var isProduction = false csrfMiddleware := csrf.Protect( []byte("abcdefghijklmnopqrstuvwx12345678"), // TodO: Make Global csrf.Secure(true), csrf.Path("/"), ) mux := http.NewServeMux() setupAdminRoutes(mux, db) setupAccountRoutes(mux, db) setupResultRoutes(mux, db) setupSyndicateRoutes(mux, db) mux.Handle("/static/", http.StripPrefix("/static/", http.FileServer(http.Dir("static")))) mux.HandleFunc("/", handlers.Home(db)) wrapped := helpers.RateLimit(csrfMiddleware(mux)) wrapped = middleware.EnforceHTTPS(wrapped, isProduction) wrapped = middleware.SecureHeaders(wrapped) wrapped = middleware.Recover(wrapped) log.Println("🌐 Running on http://localhost:8080") http.ListenAndServe(":8080", wrapped) } func setupAdminRoutes(mux *http.ServeMux, db *sql.DB) { mux.HandleFunc("/admin/access", middleware.AdminOnly(db, admin.AdminAccessLogHandler(db))) mux.HandleFunc("/admin/audit", middleware.AdminOnly(db, admin.AuditLogHandler(db))) mux.HandleFunc("/admin/dashboard", middleware.AdminOnly(db, admin.AdminDashboardHandler(db))) mux.HandleFunc("/admin/triggers", middleware.AdminOnly(db, admin.AdminTriggersHandler(db))) // Draw management mux.HandleFunc("/admin/draws", middleware.AdminOnly(db, admin.ListDrawsHandler(db))) // mux.HandleFunc("/admin/draws/new", middleware.AdminOnly(db, admin.RenderNewDrawForm(db))) // mux.HandleFunc("/admin/draws/submit", middleware.AdminOnly(db, admin.CreateDrawHandler(db))) mux.HandleFunc("/admin/draws/modify", middleware.AdminOnly(db, admin.ModifyDrawHandler(db))) mux.HandleFunc("/admin/draws/delete", middleware.AdminOnly(db, admin.DeleteDrawHandler(db))) // Prize management mux.HandleFunc("/admin/draws/prizes/add", middleware.AdminOnly(db, admin.AddPrizesHandler(db))) mux.HandleFunc("/admin/draws/prizes/modify", middleware.AdminOnly(db, admin.ModifyPrizesHandler(db))) } func setupAccountRoutes(mux *http.ServeMux, db *sql.DB) { mux.HandleFunc("/login", middleware.Auth(false)(handlers.Login)) mux.HandleFunc("/logout", handlers.Logout) mux.HandleFunc("/signup", middleware.Auth(false)(handlers.Signup)) mux.HandleFunc("/account/tickets/add_ticket", handlers.AddTicket(db)) mux.HandleFunc("/account/tickets/my_tickets", handlers.GetMyTickets(db)) mux.HandleFunc("/account/messages", middleware.Auth(true)(handlers.MessagesInboxHandler(db))) mux.HandleFunc("/account/messages/read", middleware.Auth(true)(handlers.ReadMessageHandler(db))) mux.HandleFunc("/account/messages/archive", middleware.Auth(true)(handlers.ArchiveMessageHandler(db))) mux.HandleFunc("/account/messages/archived", middleware.Auth(true)(handlers.ArchivedMessagesHandler(db))) mux.HandleFunc("/account/messages/restore", middleware.Auth(true)(handlers.RestoreMessageHandler(db))) mux.HandleFunc("/account/messages/send", middleware.Auth(true)(handlers.SendMessageHandler(db))) mux.HandleFunc("/account/notifications", middleware.Auth(true)(handlers.NotificationsHandler(db))) mux.HandleFunc("/account/notifications/read", middleware.Auth(true)(handlers.MarkNotificationReadHandler(db))) } func setupResultRoutes(mux *http.ServeMux, db *sql.DB) { mux.HandleFunc("/results/thunderball", handlers.ResultsThunderball(db)) } func setupSyndicateRoutes(mux *http.ServeMux, db *sql.DB) { mux.HandleFunc("/account/syndicates", middleware.Auth(true)(handlers.ListSyndicatesHandler(db))) mux.HandleFunc("/account/syndicates/invite", middleware.Auth(true)(handlers.InviteMemberHandler(db))) mux.HandleFunc("/account/syndicates/view", middleware.Auth(true)(handlers.ViewSyndicateHandler(db))) mux.HandleFunc("/account/syndicates/tickets", middleware.Auth(true)(handlers.SyndicateTicketsHandler(db))) mux.HandleFunc("/account/syndicates/tickets/new", middleware.Auth(true)(handlers.SyndicateLogTicketHandler(db))) mux.HandleFunc("/account/syndicates/invite", middleware.Auth(true)(handlers.SyndicateInviteHandler(db))) mux.HandleFunc("/account/syndicates/invites", middleware.Auth(true)(handlers.ViewInvitesHandler(db))) mux.HandleFunc("/account/syndicates/invites/accept", middleware.Auth(true)(handlers.AcceptInviteHandler(db))) mux.HandleFunc("/account/syndicates/invites/decline", middleware.Auth(true)(handlers.DeclineInviteHandler(db))) }