refactored config into struct and added http basic auth

Author: bafto

config.go

@@ -0,0 +1,44 @@
+package main
+
+import (
+	"time"
+
+	"github.com/spf13/viper"
+)
+
+type Config struct {
+	Spotify_client_id     string            `mapstructure:"spotify_client_id"`
+	Spotify_client_secret string            `mapstructure:"spotify_client_secret"`
+	Db_path               string            `mapstructure:"db_path"`
+	Port                  string            `mapstructure:"port"`
+	Log_level             string            `mapstructure:"log_level"`
+	Redirect_url          string            `mapstructure:"redirect_url"`
+	Shutdown_timeout      time.Duration     `mapstructure:"shutdown_timeout"`
+	Users                 map[string]string `mapstructure:"users"`
+}
+
+func read_config() (Config, error) {
+	viper.SetDefault("spotify_client_id", "")
+	viper.SetDefault("spotify_client_secret", "")
+	viper.SetDefault("db_path", "ffs.db")
+	viper.SetDefault("port", "8080")
+	viper.SetDefault("log_level", "INFO")
+	viper.SetDefault("redirect_url", "http://localhost:8080/spotifyauthentication")
+	viper.SetDefault("shutdown_timeout", time.Second*10)
+	viper.SetDefault("users", map[string]string{})
+
+	viper.SetEnvPrefix("ffs")
+	viper.AutomaticEnv()
+
+	viper.AddConfigPath(".")
+	viper.SetConfigName("ffs_config")
+	viper.SetConfigType("yaml")
+
+	if err := viper.ReadInConfig(); err != nil {
+		panic(err)
+	}
+
+	var config Config
+	err := viper.Unmarshal(&config)
+	return config, err
+}

main.go

@@ -11,41 +11,18 @@ import (
 	"os/signal"
 	"strings"
 	"syscall"
-	"time"
 
 	"github.com/bafto/FindFavouriteSong/db"
 	"github.com/gorilla/securecookie"
 	"github.com/gorilla/sessions"
-	"github.com/spf13/viper"
 	"github.com/zmb3/spotify/v2"
 	spotifyauth "github.com/zmb3/spotify/v2/auth"
 )
 
-func read_config() {
-	viper.SetDefault("spotify_client_id", "")
-	viper.SetDefault("spotify_client_secret", "")
-	viper.SetDefault("db_path", "ffs.db")
-	viper.SetDefault("port", "8080")
-	viper.SetDefault("log_level", "INFO")
-	viper.SetDefault("redirect_url", "http://localhost:8080/spotifyauthentication")
-	viper.SetDefault("shutdown_timeout", time.Second*10)
-
-	viper.SetEnvPrefix("ffs")
-	viper.AutomaticEnv()
-
-	viper.AddConfigPath(".")
-	viper.SetConfigName("ffs_config")
-	viper.SetConfigType("yaml")
-
-	if err := viper.ReadInConfig(); err != nil {
-		panic(err)
-	}
-}
-
 func configure_slog() {
 	var level slog.Level
 	if err := level.UnmarshalText(
-		[]byte(viper.GetString("log_level")),
+		[]byte(config.Log_level),
 	); err != nil {
 		panic(err)
 	}
@@ -72,6 +49,8 @@ type ActiveUser struct {
 }
 
 var (
+	config Config
+
 	selectSongsHtml    = template.Must(template.ParseFiles("select_songs.html"))
 	selectPlaylistHtml = template.Must(template.ParseFiles("select_playlist.html"))
 	winnerHtml         = template.Must(template.ParseFiles("winner.html"))
@@ -92,17 +71,20 @@ var (
 )
 
 func main() {
-	read_config()
+	var err error
+	config, err = read_config()
+	if err != nil {
+		panic(err)
+	}
 	configure_slog()
 
 	spotifyAuth = spotifyauth.New(
-		spotifyauth.WithRedirectURL(viper.GetString("redirect_url")),
+		spotifyauth.WithRedirectURL(config.Redirect_url),
 		spotifyauth.WithScopes(spotifyauth.ScopePlaylistReadPrivate, spotifyauth.ScopeUserReadPrivate),
-		spotifyauth.WithClientSecret(viper.GetString("SPOTIFY_CLIENT_SECRET")),
-		spotifyauth.WithClientID(viper.GetString("SPOTIFY_CLIENT_ID")),
+		spotifyauth.WithClientSecret(config.Spotify_client_secret),
+		spotifyauth.WithClientID(config.Spotify_client_id),
 	)
 
-	var err error
 	db_conn, err = create_db(ctx, "ffs.db")
 	if err != nil {
 		slog.Error("Error opening DB connection", "err", err)
@@ -127,7 +109,7 @@ func main() {
 	mux.HandleFunc("/winner", withMiddleware(winnerHandler))
 	mux.HandleFunc("/stats", withMiddleware(statsPageHandler))
 
-	server := &http.Server{Addr: ":" + viper.GetString("port"), Handler: mux}
+	server := &http.Server{Addr: ":" + config.Port, Handler: mux}
 
 	go func() {
 		if err := server.ListenAndServe(); !errors.Is(err, http.ErrServerClosed) {
@@ -143,7 +125,7 @@ func main() {
 	sig := <-sigChan
 	slog.Warn("received signal, shutting down server", "signal", sig.String())
 
-	shutdownCtx, cancelShutdown := context.WithTimeout(ctx, viper.GetDuration("shutdown_timeout"))
+	shutdownCtx, cancelShutdown := context.WithTimeout(ctx, config.Shutdown_timeout)
 	defer cancelShutdown()
 
 	if err := server.Shutdown(shutdownCtx); err != nil {

middleware.go

@@ -46,6 +46,27 @@ func withLoggingMiddleware(nextHandler http.HandlerFunc) http.HandlerFunc {
 	}
 }
 
+func withAuthMiddleware(nextHandler http.HandlerFunc) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		logger := getLogger(r)
+
+		user, passwd, ok := r.BasicAuth()
+		if !ok {
+			w.Header().Set("WWW-Authenticate", `Basic realm="restricted", charset="UTF-8"`)
+			logAndErr(w, logger, "no BasicAuth header given", http.StatusUnauthorized)
+			return
+		}
+
+		if expectedPassword, ok := config.Users[user]; !ok || expectedPassword != passwd {
+			w.Header().Set("WWW-Authenticate", `Basic realm="restricted", charset="UTF-8"`)
+			logAndErr(w, logger, "invalid password for user", http.StatusUnauthorized, "user", user)
+			return
+		}
+
+		nextHandler(w, r)
+	}
+}
+
 type SessionHandlerFunc func(http.ResponseWriter, *http.Request, *sessions.Session)
 
 func withSessionMiddleware(nextHandler SessionHandlerFunc) http.HandlerFunc {
@@ -79,10 +100,12 @@ func withTimerMiddleware(nextHandler SessionHandlerFunc) SessionHandlerFunc {
 func withMiddleware(nextHandler SessionHandlerFunc) http.HandlerFunc {
 	return withPanicMiddleware(
 		withLoggingMiddleware(
-			withSessionMiddleware(
-				withAuthMiddleware(
-					withTimerMiddleware(
-						nextHandler,
+			withAuthMiddleware(
+				withSessionMiddleware(
+					withSpotifyAuthMiddleware(
+						withTimerMiddleware(
+							nextHandler,
+						),
 					),
 				),
 			),

rmdb.sh

@@ -11,7 +11,7 @@ import (
 	"github.com/zmb3/spotify/v2"
 )
 
-func withAuthMiddleware(nextHandler SessionHandlerFunc) SessionHandlerFunc {
+func withSpotifyAuthMiddleware(nextHandler SessionHandlerFunc) SessionHandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request, s *sessions.Session) {
 		if s.IsNew {
 			state := generateState(state_length)