h21/klice25
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

basic auth

Browse Source
This commit is contained in:
prokopparuzek
2025-09-04 19:33:52 +02:00
parent 2cee105670
commit 8abc610bec
4 changed files with 154 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
go.mod Normal file
View File

@@ -0,0 +1,5 @@
module klice25
go 1.24.6
require github.com/mattn/go-sqlite3 v1.14.32

12
insertTestData.sql
View File

@@ -4,11 +4,11 @@ INSERT INTO DIFFICULTY_LEVELS (id, level_name) VALUES
(2, 'Střední'), (2, 'Střední'),
(3, 'Těžká'); (3, 'Těžká');
-- Vložení týmů -- Vložení týmů: heslo1, heslo2, heslo3
INSERT INTO TEAMS (id, name, city, difficulty_level, password, last_cipher, penalty) VALUES INSERT INTO TEAMS (id, name, city, difficulty_level, password, last_cipher, penalty) VALUES
(1, 'Rychlé šípy', 'Praha', 1, 'heslo1', 0, 0), (1, 'Rychlé šípy', 'Praha', 1, '4bc2ef0648cdf275032c83bb1e87dd554d47f4be293670042212c8a01cc2ccbe', 0, 0),
(2, 'Vlčí smečka', 'Brno', 2, 'heslo2', 0, 10), (2, 'Vlčí smečka', 'Brno', 2, '274efeaa827a33d7e35be9a82cd6150b7caf98f379a4252aa1afce45664dcbe1', 0, 10),
(3, 'Orli', 'Ostrava', 3, 'heslo3', 1, 5); (3, 'Orli', 'Ostrava', 3, '05af533c6614544a704c4cf51a45be5c10ff19bd10b7aa1dfe47efc0fd059ede', 1, 5);
-- Vložení pozic -- Vložení pozic
INSERT INTO POSITIONS (id, gps, clue) VALUES INSERT INTO POSITIONS (id, gps, clue) VALUES
@@ -34,6 +34,6 @@ INSERT INTO TASKS (id, cipher_id, position_id, difficulty_level, order_num, end_
(2, 2, 2, 2, 2, 'Hledej QR kód u stromu.'), (2, 2, 2, 2, 2, 'Hledej QR kód u stromu.'),
(3, 3, 3, 3, 3, 'Gratulujeme, jsi v cíli!'); (3, 3, 3, 3, 3, 'Gratulujeme, jsi v cíli!');
-- Vložení admina -- Vložení admina: heslo
INSERT INTO ADMINS (id, username, password) VALUES INSERT INTO ADMINS (id, username, password) VALUES
(1, 'admin', 'adminheslo'); (1, 'admin', '56b1db8133d9eb398aabd376f07bf8ab5fc584ea0b8bd6a1770200cb613ca005');

123
klice.go Normal file
View File

@@ -0,0 +1,123 @@
package main
import (
"crypto/sha256"
"database/sql"
"encoding/hex"
"fmt"
"io"
"net/http"
"os"
_ "github.com/mattn/go-sqlite3"
)
var db *sql.DB
func hashPassword(password string) string {
hash := sha256.Sum256([]byte(password))
return hex.EncodeToString(hash[:])
}
func loginHandler(w http.ResponseWriter, r *http.Request) {
if r.Method == http.MethodPost {
// Handle login logic here
if err := r.ParseForm(); err != nil {
http.Error(w, "Could not parse form", http.StatusBadRequest)
return
}
password := r.FormValue("password")
hashedPassword := hashPassword(password)
var teamID int
err := db.QueryRow("SELECT id FROM teams WHERE password = ?", hashedPassword).Scan(&teamID)
if err == sql.ErrNoRows {
http.Error(w, "No team found", http.StatusUnauthorized)
return
} else if err != nil {
http.Error(w, "Could not retrieve team", http.StatusInternalServerError)
return
}
var sessionID string
sessionID = hashedPassword
cookie := &http.Cookie{
Name: "session_id",
Value: sessionID,
Path: "/",
}
http.SetCookie(w, cookie)
http.Redirect(w, r, "/", http.StatusSeeOther)
return
} else if r.Method == http.MethodGet {
loginPage, err := os.Open("login.html")
if err != nil {
http.Error(w, "Could not open login page", http.StatusInternalServerError)
return
}
defer loginPage.Close()
io.Copy(w, loginPage)
return
}
}
func logoutHandler(w http.ResponseWriter, r *http.Request) {
cookie := &http.Cookie{
Name: "session_id",
Value: "",
Path: "/",
MaxAge: -1,
}
http.SetCookie(w, cookie)
http.Redirect(w, r, "/login", http.StatusSeeOther)
}
func isLoggedIn(r *http.Request) (bool, int) {
cookie, err := r.Cookie("session_id")
if err != nil {
return false, 0
}
var teamID int
err = db.QueryRow("SELECT id FROM teams WHERE password = ?", cookie.Value).Scan(&teamID)
if err == sql.ErrNoRows {
return false, 0
} else if err != nil {
return false, 0
}
return true, teamID
}
func main() {
// Set up a new SQLite database
var err error
db, err = sql.Open("sqlite3", "./klice.db?_fk=on")
if err != nil {
fmt.Println("Error opening database:", err)
return
}
defer db.Close()
http.HandleFunc("/login", loginHandler)
http.HandleFunc("/logout", logoutHandler)
http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
if loggedIn, teamID := isLoggedIn(r); loggedIn {
var teamName string
err := db.QueryRow("SELECT name FROM teams WHERE id = ?", teamID).Scan(&teamName)
if err != nil {
http.Error(w, "Could not retrieve team name", http.StatusInternalServerError)
return
}
fmt.Fprintf(w, "Welcome back, team %s!", teamName)
} else {
http.Redirect(w, r, "/login", http.StatusSeeOther)
}
})
fmt.Println("Server started at :8080")
http.ListenAndServe(":8080", nil)
}

20
login.html Normal file
View File

@@ -0,0 +1,20 @@
<!DOCTYPE html>
<html lang="cs">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Login</title>
</head>
<body>
<h1>Login</h1>
<form action="/login" method="post">
<label for="password">Heslo:</label>
<input type="password" id="password" name="password" required>
<br>
<button type="submit">Přihlásit se</button>
</form>
</body>
</html>