diff --git a/lib/controllers/controllers_admin.go b/lib/controllers/controllers_admin.go index e08221c..d0818b6 100644 --- a/lib/controllers/controllers_admin.go +++ b/lib/controllers/controllers_admin.go @@ -1,8 +1,12 @@ package controllers import ( + "crypto/sha512" + "encoding/hex" "fmt" + "net/http" + "github.com/JustKato/FreePad/lib/helper" "github.com/gin-gonic/gin" ) @@ -14,6 +18,45 @@ func AdminMiddleware(router *gin.RouterGroup) { // Check which route we are accessing fmt.Println(`Accesing: `, ctx.Request.RequestURI) + // Check if the request is other than the login request + if ctx.Request.RequestURI != "/admin/login" { + // Check if the user is logged-in + + fmt.Println(`Checking if admin`) + + if !IsAdmin(ctx) { + // Not an admin, redirect to homepage + ctx.Redirect(http.StatusTemporaryRedirect, "/") + ctx.Abort() + + fmt.Println(`Not an admin!`) + return + } + + } + }) } + +func IsAdmin(ctx *gin.Context) bool { + adminToken, err := ctx.Cookie("admin_token") + if err != nil { + return false + } + + // Encode the real token + sha512Hasher := sha512.New() + sha512Hasher.Write([]byte(helper.GetAdminToken())) + hashHexToken := sha512Hasher.Sum(nil) + trueToken := hex.EncodeToString(hashHexToken) + + // Check if the user's admin token matches the token + if adminToken != "" && adminToken == trueToken { + // Yep, it's the admin! + return true + } + + // Definitely not an admin + return false +} diff --git a/lib/objects/objects_post.go b/lib/objects/objects_post.go index b66518b..eb8a5a9 100644 --- a/lib/objects/objects_post.go +++ b/lib/objects/objects_post.go @@ -295,3 +295,30 @@ func CleanupPosts(age int) { } } + +func GetAllPosts() []Post { + // Initialize the list of posts + postList := []Post{} + + // Get the posts storage directory + storageDir := getStorageDirectory() + + // Read the directory listing + files, err := os.ReadDir(storageDir) + // Check if thereh as been an issues with reading the directory contents + if err != nil { + // Log the error + fmt.Println("Error::GetAllPosts:", err) + // Return an empty list to have a clean fallback + return []Post{} + } + + // Go through all of the files + for _, v := range files { + // Process the file into a pad + postList = append(postList, GetPost(v.Name())) + } + + // Return the post list + return postList +} diff --git a/templates/pages/admin_view.html b/templates/pages/admin_view.html new file mode 100644 index 0000000..5da8e85 --- /dev/null +++ b/templates/pages/admin_view.html @@ -0,0 +1,78 @@ +{{ template "inc/header.html" .}} + + + + + +
+
+ + + Logo + + +
+ +
+
+ Pad Name +
+
+ Create Date +
+
+ Actions +
+
+ +
+ {{ range $indx, $element := .padList }} + +
+
+ + {{ $element.Name }} + +
+
+ {{ $element.LastModified }} +
+
+ + Delete + +
+
+ + {{ end }} +
+ +
+
+ +
+ + {{ template "inc/theme-toggle.html" .}} + + +{{ template "inc/footer.html" .}} \ No newline at end of file