Custom CSS is displayed in admin interface

Plus some smaller comments and formatting changes.

assets/admin.html

@@ -21,17 +21,32 @@
 		<input type="date" id="date" name="date">
 		<input type="submit" value="Publish">
 	</form>
+	<hr />
 
 	<form action="/admin/css" method="post" enctype="multipart/form-data">
 		<label for="css">Custom CSS</label>
-		<textarea name="css" id="css" cols="30" rows="10"></textarea>
+		<textarea name="css" id="css" cols="120" rows="20"></textarea><br />
-		<input type="submit">
+		<input type="submit" value="Submit">
 	</form>
 
 <footer>
     <p>White Rabbit licensed under the GPLv3</p>
 </footer>
 </div>
+<script>
+get("/admin/css", function(data) {
+	document.getElementById("css").innerHTML=data;
+});
 
+function get(url, callback) {
+    var xmlHttp = new XMLHttpRequest();
+    xmlHttp.onreadystatechange = function() { 
+        if (xmlHttp.readyState == 4 && xmlHttp.status == 200)
+            callback(xmlHttp.responseText);
+    }
+    xmlHttp.open("GET", url, true);
+    xmlHttp.send(null);
+}
+</script>
 </body>
 </html> 

src/admin.go

@@ -29,18 +29,20 @@ func CustomCss(w http.ResponseWriter, r *http.Request) {
 			w.Write([]byte("success")) 
 		}
 	} else {
-			css,err := ioutil.ReadFile("./assets/static/custom.css")
+		css,err := ioutil.ReadFile("./assets/static/custom.css")
-			if err != nil {
+		if err != nil {
-				panic (err)
+			panic (err)
-			} else {
+		} else {
-				w.Write(css)
+			w.Write(css)
-			}
+		}
 	}
 }
 
 func CreateEpisode(w http.ResponseWriter, r *http.Request) {
 	if r.Method == "POST" {
 		r.ParseMultipartForm(32 << 20)
+
+		// Build filename for episode
 		date := strings.Join(r.Form["date"], "")
 		title := strings.Join(r.Form["title"], "")
 
@@ -50,6 +52,7 @@ func CreateEpisode(w http.ResponseWriter, r *http.Request) {
 		fmt.Println(name)
 		description := strings.Join(r.Form["description"], "")
 		fmt.Println(description)
+		// Finish building filenames 
 
 		err := ioutil.WriteFile("./podcasts/" + shownotes, []byte(description), 0644)
 	    if err != nil {

src/webserver.go

@@ -58,14 +58,16 @@ func HomeHandler(w http.ResponseWriter, r *http.Request) {
  * Code from stackoverflow by user Timmmm
  * https://stackoverflow.com/questions/21936332/idiomatic-way-of-requiring-http-basic-auth-in-go/39591234#39591234
 */
-func BasicAuth(handler http.HandlerFunc, username, password, realm string) http.HandlerFunc {
+func BasicAuth(handler http.HandlerFunc,) http.HandlerFunc {
 
     return func(w http.ResponseWriter, r *http.Request) {
-
+ 	username := viper.GetString("AdminUsername")
+ 	password := viper.GetString("AdminPassword")
+ 	realm := "Login to White Rabbit admin interface"
         user, pass, ok := r.BasicAuth()
 
         if !ok || subtle.ConstantTimeCompare([]byte(user), []byte(username)) != 1 || subtle.ConstantTimeCompare([]byte(pass), []byte(password)) != 1 {
-            w.Header().Set("WWW-Authenticate", `Basic realm="White Rabbit"`)
+            w.Header().Set("WWW-Authenticate", `Basic realm="`+realm+`"`)
             w.WriteHeader(401)
             w.Write([]byte("Unauthorised.\n"))
             return
@@ -112,10 +114,16 @@ func main() {
 	r.HandleFunc("/", HomeHandler)
 	r.HandleFunc("/rss", RssHandler)
 	r.HandleFunc("/json", JsonHandler)
-	r.HandleFunc("/admin", BasicAuth(AdminHandler, viper.GetString("AdminUsername"), viper.GetString("AdminPassword"), "Login to White Rabbit admin interface"))
+
-	r.HandleFunc("/admin/publish", CreateEpisode)
+	// Authenticated endpoints should be passed to BasicAuth()
-	r.HandleFunc("/admin/css", CustomCss)
+	// first
+	r.HandleFunc("/admin", BasicAuth(AdminHandler))
+	r.HandleFunc("/admin/publish", BasicAuth(CreateEpisode))
+	r.HandleFunc("/admin/delete", BasicAuth(RemoveEpisode))
+	r.HandleFunc("/admin/css", BasicAuth(CustomCss))
 
 	// We're live!
+	log.Fatal("Live at localhost:8000")
+
 	log.Fatal(http.ListenAndServe(":8000", r))
 }