Custom CSS is displayed in admin interface

Plus some smaller comments and formatting changes.
2024-09-19 17:21:10 +01:00 · 2017-09-06 20:02:14 -07:00 · 2017-09-06 20:02:14 -07:00 · 46bffa9ff4
parent 973ad0e72e
commit 46bffa9ff4
3 changed files with 40 additions and 14 deletions
--- a/assets/admin.html
+++ b/assets/admin.html
@ -21,17 +21,32 @@
 		<input type="date" id="date" name="date">
 		<input type="submit" value="Publish">
 	</form>
+	<hr />

 	<form action="/admin/css" method="post" enctype="multipart/form-data">
 		<label for="css">Custom CSS</label>
-		<textarea name="css" id="css" cols="30" rows="10"></textarea>
-		<input type="submit">
+		<textarea name="css" id="css" cols="120" rows="20"></textarea><br />
+		<input type="submit" value="Submit">
 	</form>

 <footer>
    <p>White Rabbit licensed under the GPLv3</p>
 </footer>
 </div>
+<script>
+get("/admin/css", function(data) {
+	document.getElementById("css").innerHTML=data;
+});

+function get(url, callback) {
+    var xmlHttp = new XMLHttpRequest();
+    xmlHttp.onreadystatechange = function() { 
+        if (xmlHttp.readyState == 4 && xmlHttp.status == 200)
+            callback(xmlHttp.responseText);
+    }
+    xmlHttp.open("GET", url, true);
+    xmlHttp.send(null);
+}
+</script>
 </body>
 </html> 
--- a/src/admin.go
+++ b/src/admin.go
@ -41,6 +41,8 @@ func CustomCss(w http.ResponseWriter, r *http.Request) {
 func CreateEpisode(w http.ResponseWriter, r *http.Request) {
 	if r.Method == "POST" {
 		r.ParseMultipartForm(32 << 20)
+
+		// Build filename for episode
 		date := strings.Join(r.Form["date"], "")
 		title := strings.Join(r.Form["title"], "")

@ -50,6 +52,7 @@ func CreateEpisode(w http.ResponseWriter, r *http.Request) {
 		fmt.Println(name)
 		description := strings.Join(r.Form["description"], "")
 		fmt.Println(description)
+		// Finish building filenames 

 		err := ioutil.WriteFile("./podcasts/" + shownotes, []byte(description), 0644)
 	    if err != nil {
--- a/src/webserver.go
+++ b/src/webserver.go
@ -58,14 +58,16 @@ func HomeHandler(w http.ResponseWriter, r *http.Request) {
 * Code from stackoverflow by user Timmmm
 * https://stackoverflow.com/questions/21936332/idiomatic-way-of-requiring-http-basic-auth-in-go/39591234#39591234
 */
-func BasicAuth(handler http.HandlerFunc, username, password, realm string) http.HandlerFunc {
+func BasicAuth(handler http.HandlerFunc,) http.HandlerFunc {

    return func(w http.ResponseWriter, r *http.Request) {
-
+ 	username := viper.GetString("AdminUsername")
+ 	password := viper.GetString("AdminPassword")
+ 	realm := "Login to White Rabbit admin interface"
        user, pass, ok := r.BasicAuth()

        if !ok || subtle.ConstantTimeCompare([]byte(user), []byte(username)) != 1 || subtle.ConstantTimeCompare([]byte(pass), []byte(password)) != 1 {
-            w.Header().Set("WWW-Authenticate", `Basic realm="White Rabbit"`)
+            w.Header().Set("WWW-Authenticate", `Basic realm="`+realm+`"`)
            w.WriteHeader(401)
            w.Write([]byte("Unauthorised.\n"))
            return
@ -112,10 +114,16 @@ func main() {
 	r.HandleFunc("/", HomeHandler)
 	r.HandleFunc("/rss", RssHandler)
 	r.HandleFunc("/json", JsonHandler)
-	r.HandleFunc("/admin", BasicAuth(AdminHandler, viper.GetString("AdminUsername"), viper.GetString("AdminPassword"), "Login to White Rabbit admin interface"))
-	r.HandleFunc("/admin/publish", CreateEpisode)
-	r.HandleFunc("/admin/css", CustomCss)
+
+	// Authenticated endpoints should be passed to BasicAuth()
+	// first
+	r.HandleFunc("/admin", BasicAuth(AdminHandler))
+	r.HandleFunc("/admin/publish", BasicAuth(CreateEpisode))
+	r.HandleFunc("/admin/delete", BasicAuth(RemoveEpisode))
+	r.HandleFunc("/admin/css", BasicAuth(CustomCss))

 	// We're live!
+	log.Fatal("Live at localhost:8000")
+
 	log.Fatal(http.ListenAndServe(":8000", r))
 }