From b0c4144987c52f5dfc70ac5c581b7c9c095e2fe7 Mon Sep 17 00:00:00 2001
From: "Zed A. Shaw" <zed.shaw@gmail.com>
Date: Thu, 26 Jun 2025 16:50:22 -0400
Subject: [PATCH] Can now set an auth cookie to check for auth, but I should
 see what it takes to make a middleware.

---
 api/controllers.go         | 30 ++++++++++++++++++++++++++++--
 public/login/index.html    |  2 +-
 public/stream/1/index.html |  1 -
 3 files changed, 29 insertions(+), 4 deletions(-)

diff --git a/api/controllers.go b/api/controllers.go
index c8e19f0..32bfd13 100644
--- a/api/controllers.go
+++ b/api/controllers.go
@@ -13,9 +13,25 @@ import (
 
 var STORE *session.Store
 
+func Logout(c *fiber.Ctx) error {
+  sess, err := STORE.Get(c)
+  if err != nil { return IfErrNil(err, c) }
+
+  sess.Set("authenticated", false)
+  err = sess.Save()
+  if err != nil { return IfErrNil(err, c) }
+
+  return c.Redirect("/")
+}
+
 func GetApiStream(c *fiber.Ctx) error {
   sess, err := STORE.Get(c)
-  sess.Set("fuck", "off")
+  if err != nil { return IfErrNil(err, c) }
+
+  if sess.Get("authenticated") != true {
+    // NOTE: need my own error thing
+    return IfErrNil(err, c)
+  }
 
   sql, args, err := sq.Select("*").From("stream").ToSql()
   err = data.SelectJson[data.Stream](c, err, sql, args...)
@@ -56,6 +72,13 @@ func PostApiLogin(c *fiber.Ctx) error {
   if err != nil { return IfErrNil(err, c) }
 
   if login.Username == result.Username && login.Password == result.Password {
+    sess, err := STORE.Get(c)
+    if err != nil { return IfErrNil(err, c) }
+
+    sess.Set("authenticated", true)
+    err = sess.Save()
+    if err != nil { return IfErrNil(err, c) }
+
     return c.Redirect("/")
   } else {
     return c.Redirect("/login/")
@@ -69,7 +92,9 @@ func PostApiLink(c *fiber.Ctx) error {
   link, err := ReceivePost[data.Link](c)
   if err != nil { goto fail }
 
-  sql, args, err = sq.Insert("stream_blah").Columns("stream_id", "url", "description").Values(link.StreamId, link.Url, link.Description).ToSql()
+  sql, args, err = sq.Insert("stream_blah").
+    Columns("stream_id", "url", "description").
+    Values(link.StreamId, link.Url, link.Description).ToSql()
 
   err = data.Insert(err, sql, args...)
   return c.Redirect("/live/")
@@ -83,6 +108,7 @@ func Setup(app *fiber.App) {
   STORE = session.New()
 
   app.Get("/api/stream/", GetApiStream)
+  app.Get("/api/logout/", Logout)
   app.Get("/api/stream/:id", GetApiStreamId)
   app.Get("/api/stream/:id/links", GetApiStreamIdLinks)
   app.Post("/api/login", PostApiLogin)
diff --git a/public/login/index.html b/public/login/index.html
index c35e3ad..18a7ef3 100644
--- a/public/login/index.html
+++ b/public/login/index.html
@@ -24,7 +24,7 @@
             <label for="username">Username</label>
             <input id="username" name="username" placeholder="Username" type="text">
             <label for="password">Password</label>
-            <input id="password" name="password" placeholder="Password" type="text">
+            <input id="password" name="password" placeholder="Password" type="password">
           </middle>
           <bottom>
             <button-group>
diff --git a/public/stream/1/index.html b/public/stream/1/index.html
index 204b2b7..f037341 100644
--- a/public/stream/1/index.html
+++ b/public/stream/1/index.html
@@ -43,7 +43,6 @@
       </ul>
     </block>
 
-
     <block style="--value: 7; --border: 1px;" class="horizontal">
     <grid style="--cols: 2">
     <shape>Left Image</shape>