Managed to get a simple and NOT SECURE login system going.

2025-07-06 00:38:01 -04:00 · 2025-07-06 00:38:01 -04:00 · 3bd8d38847
commit 3bd8d38847
parent 75b1eb1edb
7 changed files with 63 additions and 23 deletions
--- a/api/handlers.go
+++ b/api/handlers.go
@ -23,8 +23,8 @@ func GetApiLogout(c *fiber.Ctx) error {
 }

 func GetApiStream(c *fiber.Ctx) error {
-  authed, _, err := CheckAuthed(c)
-  if NotAuthed(err, authed) { return IfErrNil(err, c) }
+  _, err := CheckAuthed(c, false)
+  if err != nil { return IfErrNil(err, c) }

  sql, args, err := sq.Select("*").From("stream").ToSql()
  err = data.SelectJson[data.Stream](c, err, sql, args...)
@ -80,7 +80,9 @@ func PostApiLogin(c *fiber.Ctx) error {
    sess, err := STORE.Get(c)
    if err != nil { return IfErrNil(err, c) }

+    // BUG: THIS IS A BIG NO NO, just for getting going
    sess.Set("authenticated", true)
+    sess.Set("admin", IsAdmin(&user))
    err = sess.Save()
    if err != nil { return IfErrNil(err, c) }

@ -94,20 +96,20 @@ func PostApiLink(c *fiber.Ctx) error {
  var sql string
  var args []interface{}

-  link, err := ReceivePost[data.Link](c)
-  if err != nil { goto fail }
+  _, err := CheckAuthed(c, false)
+  if err != nil { return c.Redirect("/login/") }

-  sql, args, err = sq.Insert("stream_blah").
+  link, err := ReceivePost[data.Link](c)
+  if err != nil { return IfErrNil(err, c) }
+
+  sql, args, err = sq.Insert("stream_link").
    Columns("stream_id", "url", "description").
    Values(link.StreamId, link.Url, link.Description).ToSql()

  err = data.Exec(err, sql, args...)
-  if(err != nil) { goto fail }
+  if(err != nil) { return IfErrNil(err, c) }

  return c.Redirect("/live/")
-
-  fail:
-     return IfErrNil(err, c)
 }