basic auth
This commit is contained in:
5
go.mod
Normal file
5
go.mod
Normal file
@@ -0,0 +1,5 @@
|
||||
module klice25
|
||||
|
||||
go 1.24.6
|
||||
|
||||
require github.com/mattn/go-sqlite3 v1.14.32
|
||||
@@ -4,11 +4,11 @@ INSERT INTO DIFFICULTY_LEVELS (id, level_name) VALUES
|
||||
(2, 'Střední'),
|
||||
(3, 'Těžká');
|
||||
|
||||
-- Vložení týmů
|
||||
-- Vložení týmů: heslo1, heslo2, heslo3
|
||||
INSERT INTO TEAMS (id, name, city, difficulty_level, password, last_cipher, penalty) VALUES
|
||||
(1, 'Rychlé šípy', 'Praha', 1, 'heslo1', 0, 0),
|
||||
(2, 'Vlčí smečka', 'Brno', 2, 'heslo2', 0, 10),
|
||||
(3, 'Orli', 'Ostrava', 3, 'heslo3', 1, 5);
|
||||
(1, 'Rychlé šípy', 'Praha', 1, '4bc2ef0648cdf275032c83bb1e87dd554d47f4be293670042212c8a01cc2ccbe', 0, 0),
|
||||
(2, 'Vlčí smečka', 'Brno', 2, '274efeaa827a33d7e35be9a82cd6150b7caf98f379a4252aa1afce45664dcbe1', 0, 10),
|
||||
(3, 'Orli', 'Ostrava', 3, '05af533c6614544a704c4cf51a45be5c10ff19bd10b7aa1dfe47efc0fd059ede', 1, 5);
|
||||
|
||||
-- Vložení pozic
|
||||
INSERT INTO POSITIONS (id, gps, clue) VALUES
|
||||
@@ -34,6 +34,6 @@ INSERT INTO TASKS (id, cipher_id, position_id, difficulty_level, order_num, end_
|
||||
(2, 2, 2, 2, 2, 'Hledej QR kód u stromu.'),
|
||||
(3, 3, 3, 3, 3, 'Gratulujeme, jsi v cíli!');
|
||||
|
||||
-- Vložení admina
|
||||
-- Vložení admina: heslo
|
||||
INSERT INTO ADMINS (id, username, password) VALUES
|
||||
(1, 'admin', 'adminheslo');
|
||||
(1, 'admin', '56b1db8133d9eb398aabd376f07bf8ab5fc584ea0b8bd6a1770200cb613ca005');
|
||||
123
klice.go
Normal file
123
klice.go
Normal file
@@ -0,0 +1,123 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"crypto/sha256"
|
||||
"database/sql"
|
||||
"encoding/hex"
|
||||
"fmt"
|
||||
"io"
|
||||
"net/http"
|
||||
"os"
|
||||
|
||||
_ "github.com/mattn/go-sqlite3"
|
||||
)
|
||||
|
||||
var db *sql.DB
|
||||
|
||||
func hashPassword(password string) string {
|
||||
hash := sha256.Sum256([]byte(password))
|
||||
return hex.EncodeToString(hash[:])
|
||||
}
|
||||
|
||||
func loginHandler(w http.ResponseWriter, r *http.Request) {
|
||||
if r.Method == http.MethodPost {
|
||||
// Handle login logic here
|
||||
if err := r.ParseForm(); err != nil {
|
||||
http.Error(w, "Could not parse form", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
password := r.FormValue("password")
|
||||
hashedPassword := hashPassword(password)
|
||||
var teamID int
|
||||
|
||||
err := db.QueryRow("SELECT id FROM teams WHERE password = ?", hashedPassword).Scan(&teamID)
|
||||
if err == sql.ErrNoRows {
|
||||
http.Error(w, "No team found", http.StatusUnauthorized)
|
||||
return
|
||||
} else if err != nil {
|
||||
http.Error(w, "Could not retrieve team", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
var sessionID string
|
||||
sessionID = hashedPassword
|
||||
cookie := &http.Cookie{
|
||||
Name: "session_id",
|
||||
Value: sessionID,
|
||||
Path: "/",
|
||||
}
|
||||
http.SetCookie(w, cookie)
|
||||
|
||||
http.Redirect(w, r, "/", http.StatusSeeOther)
|
||||
return
|
||||
} else if r.Method == http.MethodGet {
|
||||
loginPage, err := os.Open("login.html")
|
||||
if err != nil {
|
||||
http.Error(w, "Could not open login page", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
defer loginPage.Close()
|
||||
|
||||
io.Copy(w, loginPage)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
func logoutHandler(w http.ResponseWriter, r *http.Request) {
|
||||
cookie := &http.Cookie{
|
||||
Name: "session_id",
|
||||
Value: "",
|
||||
Path: "/",
|
||||
MaxAge: -1,
|
||||
}
|
||||
http.SetCookie(w, cookie)
|
||||
|
||||
http.Redirect(w, r, "/login", http.StatusSeeOther)
|
||||
}
|
||||
|
||||
func isLoggedIn(r *http.Request) (bool, int) {
|
||||
cookie, err := r.Cookie("session_id")
|
||||
if err != nil {
|
||||
return false, 0
|
||||
}
|
||||
|
||||
var teamID int
|
||||
err = db.QueryRow("SELECT id FROM teams WHERE password = ?", cookie.Value).Scan(&teamID)
|
||||
if err == sql.ErrNoRows {
|
||||
return false, 0
|
||||
} else if err != nil {
|
||||
return false, 0
|
||||
}
|
||||
|
||||
return true, teamID
|
||||
}
|
||||
|
||||
func main() {
|
||||
// Set up a new SQLite database
|
||||
var err error
|
||||
db, err = sql.Open("sqlite3", "./klice.db?_fk=on")
|
||||
if err != nil {
|
||||
fmt.Println("Error opening database:", err)
|
||||
return
|
||||
}
|
||||
defer db.Close()
|
||||
|
||||
http.HandleFunc("/login", loginHandler)
|
||||
http.HandleFunc("/logout", logoutHandler)
|
||||
http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
|
||||
if loggedIn, teamID := isLoggedIn(r); loggedIn {
|
||||
var teamName string
|
||||
err := db.QueryRow("SELECT name FROM teams WHERE id = ?", teamID).Scan(&teamName)
|
||||
if err != nil {
|
||||
http.Error(w, "Could not retrieve team name", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
fmt.Fprintf(w, "Welcome back, team %s!", teamName)
|
||||
} else {
|
||||
http.Redirect(w, r, "/login", http.StatusSeeOther)
|
||||
}
|
||||
})
|
||||
|
||||
fmt.Println("Server started at :8080")
|
||||
http.ListenAndServe(":8080", nil)
|
||||
}
|
||||
20
login.html
Normal file
20
login.html
Normal file
@@ -0,0 +1,20 @@
|
||||
<!DOCTYPE html>
|
||||
<html lang="cs">
|
||||
|
||||
<head>
|
||||
<meta charset="UTF-8">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||
<title>Login</title>
|
||||
</head>
|
||||
|
||||
<body>
|
||||
<h1>Login</h1>
|
||||
<form action="/login" method="post">
|
||||
<label for="password">Heslo:</label>
|
||||
<input type="password" id="password" name="password" required>
|
||||
<br>
|
||||
<button type="submit">Přihlásit se</button>
|
||||
</form>
|
||||
</body>
|
||||
|
||||
</html>
|
||||
Reference in New Issue
Block a user