feat(backend): admin dashboard

author: Anhgelus Morhtuuzh <william@herges.fr> 2025-12-22 15:07:55 +0100
committer: Anhgelus Morhtuuzh <william@herges.fr> 2025-12-22 15:07:55 +0100
commit: 84af6427d8205b1882b9f9df11ce394f96d6b792 (patch)
tree: ae51188d67616069300afd6a19300ff7ed23e7d3 /backend/router.go
parent: 93c4f9047426f9f56940ed2b733dcde2d98b0c0e (diff)
1 files changed, 18 insertions, 0 deletions
diff --git a/backend/router.go b/backend/router.go
index 14abc06..f2ed775 100644
--- a/backend/router.go
+++ b/backend/router.go
@@ -2,6 +2,8 @@ package backend
 
 import (
 	"context"
+	"crypto/sha256"
+	"crypto/subtle"
 	"database/sql"
 	"embed"
 	"fmt"
@@ -23,6 +25,7 @@ const (
 	assetsFSKey = "assets_fs"
 	debugKey    = "debug"
 	dbKey       = "db"
+	loginKey    = "login"
 )
 
 //go:embed templates
@@ -112,6 +115,21 @@ func NewRouter(debug bool, cfg *Config, db *sql.DB, assets fs.FS) *chi.Mux {
 			next.ServeHTTP(w, r)
 		})
 	})
+	// login
+	r.Use(func(next http.Handler) http.Handler {
+		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			_, pass, ok := r.BasicAuth()
+			ctx := r.Context()
+			if ok {
+				cfg := ctx.Value(configKey).(*Config)
+				passHash := sha256.Sum256([]byte(pass))
+				rightPassHash := sha256.Sum256([]byte(cfg.AdminPassword))
+				ok = subtle.ConstantTimeCompare(passHash[:], rightPassHash[:]) == 1
+			}
+			ctx = context.WithValue(ctx, loginKey, ok)
+			next.ServeHTTP(w, r.WithContext(ctx))
+		})
+	})
 
 	return r
 }
author	Anhgelus Morhtuuzh <william@herges.fr>	2025-12-22 15:07:55 +0100
committer	Anhgelus Morhtuuzh <william@herges.fr>	2025-12-22 15:07:55 +0100
commit	84af6427d8205b1882b9f9df11ce394f96d6b792 (patch)
tree	ae51188d67616069300afd6a19300ff7ed23e7d3 /backend/router.go
parent	93c4f9047426f9f56940ed2b733dcde2d98b0c0e (diff)