Decided to use JSON instead of SQL for user storage

Simplifies dependencies and portability, Docker deployment is also much easier. Possibility to add more complex things like permissions and roles also possible later on down the line.
2024-09-19 17:21:10 +01:00 · 2017-09-25 10:26:03 -07:00 · 2017-09-25 10:26:03 -07:00 · 019e303b3b
parent 577535c897
commit 019e303b3b
5 changed files with 28 additions and 39 deletions
--- a/config.json
+++ b/config.json
@ -1,6 +1,4 @@
 {
-	"AdminUsername": "gabriel",
-	"AdminPassword": "password1",
 	"MediaDirectory": "podcasts/",
 	"Name": "Pogo Test Feed",
 	"Host": "Gabriel Simmer",
--- a/src/configreader.go
+++ b/src/configreader.go
@ -12,8 +12,11 @@ type Config struct {
 	Description   string
 	Image         string
 	PodcastUrl    string
-	AdminUsername string
-	AdminPassword string
+}
+
+type User struct {
+	Username string
+	Hash string
 }

 func ReadConfig() Config {
@ -30,3 +33,22 @@ func ReadConfig() Config {

 	return c
 }
+
+func GetUser(username string) (usr string, pwd string) {
+	d, err := ioutil.ReadFile("users.json")
+	if err != nil {
+		panic(err)
+	}
+
+	var u interface{}
+	err = json.Unmarshal(d, &u)
+
+	users := u.(map[string]interface{})
+	for k, v := range users {
+    	if k == username {
+    		usr = k
+    		pwd = v.(string)
+    	}
+	}
+	return
+}
--- a/src/usermanagement.go
+++ b/src/usermanagement.go
@ -1,32 +0,0 @@
-package main
-
-import (
-	"database/sql"
-	"fmt"
-)
-
-// Translate POST requests into more basic parameters
-// and pass to specific function
-func RequestTranslator(w http.ResponseWriter, r *http.Request) {
-
-}
-
-// Check username and password, pass back secure cookie
-func Login() {
-
-}
-
-// Called to verify cookie token
-func VerifyLogin() {
-
-}
-
-// Unregister cookie - clear cached token from database
-func Logout() {
-
-}
-
-// Insert new user into database
-func CreateUser() {
-
-}
--- a/src/webserver.go
+++ b/src/webserver.go
@ -62,11 +62,9 @@ func HomeHandler(w http.ResponseWriter, r *http.Request) {
 func BasicAuth(handler http.HandlerFunc) http.HandlerFunc {

 	return func(w http.ResponseWriter, r *http.Request) {
-		config := ReadConfig()
-		username := config.AdminUsername
-		password := config.AdminPassword
 		realm := "Login to Pogo admin interface"
 		user, pass, ok := r.BasicAuth()
+		username, password := GetUser(user)

 		if !ok || subtle.ConstantTimeCompare([]byte(user), []byte(username)) != 1 || subtle.ConstantTimeCompare([]byte(pass), []byte(password)) != 1 {
 			w.Header().Set("WWW-Authenticate", `Basic realm="`+realm+`"`)
--- a/users.json
+++ b/users.json
@ -0,0 +1,3 @@
+{
+	"admin": "password"
+}