tldr; nothing works

eod commit
added jwt, sqlite, build sh
2025-11-28 12:31:12 +01:00 · 2025-11-27 22:11:13 +01:00 · 2025-11-27 20:45:50 +01:00 · 2025-11-27 17:31:00 +01:00
19 changed files with 676 additions and 143 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -16,6 +16,7 @@ main
 *.zst
 *.gzip
 *.env
+*.db

 bin/

--- a/app/build
+++ b/app/build
@@ -0,0 +1,6 @@
+#!/bin/bash
+
+cd src
+v install fleximus.argon2
+v install thomaspeissl.dotenv
+v -prod -cflags "-static" -os linux -o ../../build/app/cdn .
--- a/app/src/cryptography/crypto.v
+++ b/app/src/cryptography/crypto.v
@@ -0,0 +1,14 @@
+module cryptography
+
+import rand
+import fleximus.argon2
+
+pub fn hash_password(password string) !string {
+	salt := rand.bytes(16) or { return error('failed to generate salt: ${err}') }
+	hash := argon2.hash(password.bytes(), salt) or { return error('argon2 hash failed: ${err}') }
+	return hash
+}
+
+pub fn hash_verify(password string, hash string) !bool {
+	return argon2.verify(hash, password.bytes()) or { return error('argon2 verify failed: ${err}') }
+}
--- a/app/src/database/db.v
+++ b/app/src/database/db.v
@@ -1,22 +1,12 @@
 module database

 import os
-import rand
+import orm
 import util
-// import db.mysql
-// import db.redis
-import fleximus.argon2
+import db.sqlite

-pub struct Crypto {}
-
-pub fn Crypto.hash_password(password string) !string {
-	salt := rand.bytes(16) or { return error('failed to generate salt: ${err}') }
-	hash := argon2.hash(password.bytes(), salt) or { return error('argon2 hash failed: ${err}') }
-	return hash
-}
-
-pub fn Crypto.hash_verify(password string, hash string) !bool {
-	return argon2.verify(hash, password.bytes()) or { return error('argon2 verify failed: ${err}') }
+pub struct Database {
+	cfg util.Config
 }

 pub fn get_dummy_exclusion_list(exe string, root string) []string {
@@ -26,42 +16,34 @@ pub fn get_dummy_exclusion_list(exe string, root string) []string {
 	]
 }

-// struct Database {
-// mut:
-// 	conn mysql.DB
-// }
-//
-// pub fn get_connection(cfg util.Config) !&Database {
-// 	// connection := mysql.connect(mysql.Config{
-// 	// 	host:     cfg.database.host
-// 	// 	// port:     u32(cfg.database.port)
-// 	// 	dbname:   'CDN_DATABASE'
-// 	// 	username: cfg.database.username
-// 	// 	password: cfg.database.password
-// 	// })!
-//
-// 	//return &Database{ conn: connection }
-// 	return &Database{}
-// }
-//
-// pub fn (mut db Database) query[T](query_fn fn(conn &mysql.Connection) ![]T) ![]T {
-// 	result := query_fn(db.conn) or {
-// 		// Connection died, reconnect
-// 		db.conn = mysql.connect(db.config)!
-// 		return query_fn(db.conn)!
-// 	}
-// 	return result
-// }
-//
-// pub fn Database.test() {}
+fn (db &Database) get_connection() !sqlite.DB {
+	conn := sqlite.connect(db.cfg.database)!

-// pub fn test() ! {
-// 	mut r := redis.connect(redis.Config{
-// 		host:     'vpn.security-command.org'
-// 		port:     6767
-// 		password: 'SuperSecretPassword123'
-// 	})!
-//
-// 	pong := r.ping() or { panic(err) }
-// 	println(pong)
-// }
+	if db.cfg.debug {
+		conn.synchronization_mode(.off)!
+		conn.journal_mode(.memory)!
+	}
+
+	sql conn {
+		create table User
+		create table Files
+		create table Logins
+	}!
+
+	return conn
+}
+
+pub fn get_database(cfg util.Config) !&Database {
+	return &Database{
+		cfg: cfg
+	}
+}
+
+pub fn (mut db Database) query[T](statement orm.QueryBuilder[T]) ![]T {
+	return statement.query()!
+}
+
+pub fn (db Database) get_query_builder[T]() &orm.QueryBuilder[T] {
+	conn := db.get_connection() or { panic(err) }
+	return orm.new_query[T](conn)
+}
--- a/app/src/database/files.v
+++ b/app/src/database/files.v
@@ -0,0 +1,8 @@
+module database
+
+@[table: 'files']
+pub struct Files {
+	id      int    @[primary; serial]
+	path    string @[nonnull; unique]
+	visible bool   @[default: false; nonnull]
+}
--- a/app/src/database/logins.v
+++ b/app/src/database/logins.v
@@ -0,0 +1,46 @@
+module database
+
+import time
+
+@[table: 'login_attempts']
+pub struct Logins {
+mut:
+	ip           string    @[primary]
+	attempts     int       @[nonnull]
+	attempt_time time.Time @[nonnull]
+}
+
+pub fn Logins.by_ip(ip string, mut database_ Database) ?Logins {
+	query := database_.get_query_builder[Logins]().where('ip = ?', ip) or { return none }
+	result := database_.query[Logins](query) or { return none }
+
+	return result.first()
+}
+
+pub fn Logins.create_or_update(ip string, mut database_ Database) ?Logins {
+	mut login := Logins{
+		ip:           ip
+		attempts:     1
+		attempt_time: time.now()
+	}
+
+	if existing := Logins.by_ip(ip, mut database_) {
+		login.attempts = existing.attempts + 1
+		login.attempt_time = time.now()
+
+		db := database_.get_connection() or { panic(err) }
+
+		sql db {
+			update Logins set attempts = login.attempts, attempt_time = login.attempt_time
+			where ip == ip
+		} or { return none }
+	} else {
+		db := database_.get_connection() or { panic(err) }
+
+		sql db {
+			insert login into Logins
+		} or { return none }
+	}
+
+	return login
+}
--- a/app/src/database/tables.v
+++ b/app/src/database/tables.v
@@ -1,23 +0,0 @@
-module database
-
-//
-// @[table: 'users']
-// struct Users {
-// 	id            int    @[primary; serial]
-// 	name          string @[nonnull; unique]
-// 	password_hash string @[nonnull]
-// }
-//
-// @[table: 'login_attempts']
-// struct Logins {
-// 	ip           string @[primary]
-// 	attempts     int    @[nonnull]
-// 	attempt_time string @[default: 'CURRENT_TIMESTAMP'; nonnull]
-// }
-//
-// @[table: 'files']
-// struct Files {
-// 	id      int    @[primary; serial]
-// 	path    string @[nonnull; unique]
-// 	visible bool   @[default: false; nonnull]
-// }
--- a/app/src/database/user.v
+++ b/app/src/database/user.v
@@ -0,0 +1,52 @@
+module database
+
+import orm
+import cryptography
+
+@[table: 'users']
+pub struct User {
+pub:
+	id       ?int   @[primary; serial]
+	username string @[nonnull; unique]
+	password string @[nonnull]
+}
+
+pub fn User.by_id(user_id orm.Primitive, mut database_ Database) ?User {
+	query := database_.get_query_builder[User]().where('id = ?', user_id) or { return none }
+	result := database_.query[User](query) or { return none }
+
+	return result.first()
+}
+
+pub fn User.by_name(username orm.Primitive, mut database_ Database) ?User {
+	eprintln('qb')
+	query := database_.get_query_builder[User]().where('username = ?', username) or { return none }
+	eprintln('result')
+	result := database_.query[User](*query) or { return none }
+
+	eprintln('first')
+	return result.first()
+}
+
+pub fn User.create(username string, password string, database_ Database) ?User {
+	hash := cryptography.hash_password(password) or { return none }
+	mut user := User{
+		id:       none
+		username: username
+		password: hash
+	}
+
+	db := database_.get_connection() or { panic(err) }
+
+	sql db {
+		insert user into User
+	} or { return none }
+
+	return user
+}
+
+pub fn User.verify(username orm.Primitive, password string, mut database_ Database) ?User {
+	eprintln('by_name')
+	user := User.by_name(username, mut database_) or { return none }
+	return if cryptography.hash_verify(password, user.password) or { false } { user } else { none }
+}
--- a/app/src/jwt/algoritm.v
+++ b/app/src/jwt/algoritm.v
@@ -0,0 +1,19 @@
+module jwt
+
+pub interface Algorithm {
+	name string
+	sign(contents string, secretOrKey string) !string
+	verify(token string, secretOrKey string) !Token
+}
+
+pub enum AlgorithmType {
+	hs256
+}
+
+pub fn new_algorithm(algorithmType AlgorithmType) Algorithm {
+	match algorithmType {
+		.hs256 {
+			return HS256{}
+		}
+	}
+}
--- a/app/src/jwt/hs256.v
+++ b/app/src/jwt/hs256.v
@@ -0,0 +1,31 @@
+module jwt
+
+import crypto.hmac
+import crypto.sha256
+import encoding.base64
+
+pub struct HS256 {
+pub:
+	name string = 'HS256'
+}
+
+pub fn (algorithm HS256) sign(content string, secret string) !string {
+	return base64.url_encode(hmac.new(secret.bytes(), content.bytes(), sha256.sum, sha256.block_size))
+}
+
+pub fn (algorithm HS256) verify(token_raw string, secret string) !Token {
+	token := parse_token(token_raw)!
+	parts := token_raw.split('.')
+	header := parts[0]
+	claims := parts[1]
+	signed := algorithm.sign('${header}.${claims}', secret)!
+
+	if signed != token.signature {
+		return error('Invalid token')
+	}
+	if token.is_expired() {
+		return error('Token already expired')
+	}
+
+	return token
+}
--- a/app/src/jwt/jwt.v
+++ b/app/src/jwt/jwt.v
@@ -0,0 +1,40 @@
+module jwt
+
+import json
+import time
+import x.json2
+import encoding.base64
+
+pub fn encode[T](claims T, algorithm Algorithm, secretOrKey string, exp int) !string {
+	header := new_header(algorithm)
+	header_b64 := base64.url_encode(json.encode(header).bytes())
+
+	mut claims_final := json2.decode[json2.Any](json.encode(claims))!.as_map()
+
+	if exp != 0 {
+		claims_final['exp'] = time.now().unix() + exp
+	}
+
+	claims_b64 := base64.url_encode(claims_final.str().bytes())
+	contents := '${header_b64}.${claims_b64}'
+	signature := algorithm.sign(contents, secretOrKey)!
+
+	return '${contents}.${signature}'
+}
+
+pub fn verify[T](token string, algorithm Algorithm, secretOrKey string) !T {
+	return algorithm.verify(token, secretOrKey)!.parse_claims[T]()
+}
+
+pub struct UserJwt {
+pub:
+	id string
+}
+
+pub fn create(user_id string, secret string) !string {
+	return encode[UserJwt](UserJwt{ id: user_id }, new_algorithm(.hs256), secret, 7 * 24 * 60 * 60)!
+}
+
+pub fn decode(token string, secret string) !string {
+	return verify[UserJwt](token, new_algorithm(.hs256), secret)!.id
+}
--- a/app/src/jwt/structs.v
+++ b/app/src/jwt/structs.v
@@ -0,0 +1,65 @@
+module jwt
+
+import json
+import time
+import x.json2
+import encoding.base64
+
+pub struct JWTHeader {
+pub:
+	alg string
+	typ string = 'JWT'
+}
+
+fn new_header(algorithm Algorithm) JWTHeader {
+	return JWTHeader{
+		alg: algorithm.name.str().to_upper()
+	}
+}
+
+struct Token {
+pub:
+	header     JWTHeader
+	claims     string
+	signature  string
+	expiration int
+}
+
+pub fn (t Token) parse_claims[T]() !T {
+	return json.decode(T, t.claims)
+}
+
+pub fn (t Token) is_expired() bool {
+	return t.expiration == -1 || time.unix(t.expiration) < time.now()
+}
+
+pub fn parse_token(token_raw string) !Token {
+	parts := token_raw.split('.')
+	if parts.len != 3 {
+		return error('Invalid token')
+	}
+
+	header_raw := if parts[0].len % 4 == 0 { parts[0] } else { parts[0] + '==' }
+	claims_raw := if parts[1].len % 4 == 0 { parts[1] } else { parts[1] + '==' }
+
+	decoded_header := base64.decode_str(header_raw)
+	decoded_claims := base64.decode_str(claims_raw)
+
+	claims := json2.decode[json2.Any](decoded_claims)!.as_map()
+
+	mut expiration_given := true
+
+	expiration_unix := claims['exp'] or {
+		expiration_given = false
+		json2.Null{}
+	}
+
+	token := Token{
+		header:     json.decode(JWTHeader, decoded_header)!
+		claims:     decoded_claims
+		signature:  parts[2]
+		expiration: if expiration_given { expiration_unix.int() } else { -1 }
+	}
+
+	return token
+}
--- a/app/src/main.v
+++ b/app/src/main.v
@@ -2,24 +2,27 @@ module main

 import os
 import veb
+import jwt
 import util
+import sync
 import database
 import thomaspeissl.dotenv
+import time
+import net.http

 // structs

-pub struct User {
-pub mut:
-	name string
-	id   int
+pub struct CachedUser {
+pub:
+	user    database.User
+	expires int
 }

 pub struct Context {
 	veb.Context
 pub mut:
-	embed      util.Embedded
-	user       User
-	session_id string
+	app  &App
+	user database.User
 }

 pub struct App {
@@ -27,11 +30,17 @@ pub struct App {
 	veb.StaticHandler
 	veb.Middleware[Context]
 pub:
-	cfg   &util.Config
+	cfg   util.Config
 	embed util.Embedded
+pub mut:
+	database   database.Database
+	cache_lock sync.RwMutex
+	user_cache map[string]CachedUser
 }

 pub struct Auth {
+	veb.Controller
+	veb.Middleware[Context]
 pub:
 	app &App
 }
@@ -40,8 +49,8 @@ pub:

@['/:path...']
 pub fn (app &App) root(mut ctx Context, path string) veb.Result {
-	abs_root := util.Utility.normalize_path(os.abs_path(app.cfg.root))
-	abs_path := util.Utility.normalize_path(abs_root + os.abs_path(path))
+	abs_root := util.Utility.normalize_path(os.real_path(app.cfg.root))
+	abs_path := util.Utility.normalize_path(os.real_path(os.join_path(abs_root, path)))

 	if !abs_path.starts_with(abs_root) && abs_path != abs_root {
 		return ctx.forbidden()
@@ -62,19 +71,78 @@ pub fn (app &App) root(mut ctx Context, path string) veb.Result {
 	files, meta := util.HtmlBuilder.generate_file_list(entries, abs_path)
 	style := app.embed.style_css

+	username := if ctx.user.username != '' { ctx.user.username } else { 'noone' }
 	return ctx.html($tmpl('template/dashboard.html'))
 }

 // auth endpoints

+@['/']
+pub fn (auth &Auth) root(mut ctx Context) veb.Result {
+	return ctx.redirect('/')
+}
+
@[get; post]
 pub fn (auth &Auth) login(mut ctx Context) veb.Result {
-	return ctx.text('login')
+	if ctx.req.method == .get {
+		style := auth.app.embed.admin_css
+		return ctx.html($tmpl('template/auth/login.html'))
+	}
+
+	token := ctx.get_cookie('veb_session') or { '' }
+	if token != '' {
+		return ctx.redirect('/')
+	}
+
+	username := ctx.form['username'] or { return ctx.request_error('') }
+	password := ctx.form['password'] or { return ctx.request_error('') }
+
+	if password.len < 8 {
+		return ctx.request_error('')
+	}
+
+	if user := database.User.verify(username, password, mut ctx.app.database) {
+		id := user.id or { return ctx.server_error('') }
+		ctx.set_cookie(http.Cookie{
+			name:      'veb_session'
+			value:     jwt.create(id.str(), ctx.app.cfg.jwt_key) or { return ctx.server_error('') }
+			path:      '/'
+			secure:    true
+			http_only: true
+			same_site: .same_site_strict_mode
+		})
+	} else {
+		// todo cache login attempts per ip as well and block early.
+		database.Logins.create_or_update(ctx.ip(), mut ctx.app.database)
+		return ctx.forbidden()
+	}
+
+	return ctx.redirect('/')
 }

@[get; post]
 pub fn (auth &Auth) logout(mut ctx Context) veb.Result {
-	return ctx.text('logout')
+	if ctx.req.method == .get {
+		style := auth.app.embed.admin_css
+		return ctx.html($tmpl('template/auth/logout.html'))
+	}
+
+	token := ctx.get_cookie('veb_session') or { '' }
+	if token == '' {
+		return ctx.redirect('/')
+	}
+
+	ctx.set_cookie(http.Cookie{
+		name:      'veb_session'
+		value:     ''
+		path:      '/'
+		secure:    true
+		http_only: true
+		same_site: .same_site_strict_mode
+		max_age:   -1
+	})
+
+	return ctx.redirect('/')
 }

@[get; post; put]
@@ -82,10 +150,60 @@ pub fn (auth &Auth) register(mut ctx Context) veb.Result {
 	return ctx.text('register')
 }

+// middleware
+
+fn (mut app App) prepare() fn (mut Context) bool {
+	return fn [mut app] (mut ctx Context) bool {
+		ctx.app = &app
+		return true
+	}
+}
+
+pub fn session(mut ctx Context) bool {
+	token := ctx.get_cookie('veb_session') or { '' }
+	if token == '' {
+		return true
+	}
+
+	if id := jwt.decode(token, ctx.app.cfg.jwt_key) {
+		if user := ctx.app.get_user(id) {
+			ctx.user = user
+		}
+	}
+
+	return true
+}
+
+fn (mut app App) get_user(user_id string) ?database.User {
+	now := time.now().unix()
+
+	app.cache_lock.rlock()
+
+	if cu := app.user_cache[user_id] {
+		if cu.expires > int(now) {
+			app.cache_lock.runlock()
+			return cu.user
+		}
+	}
+
+	app.cache_lock.runlock()
+
+	user := database.User.by_id(user_id, mut app.database) or { return none }
+
+	app.cache_lock.lock()
+	app.user_cache[user_id] = CachedUser{
+		user:    user
+		expires: int(now) + 300
+	}
+	app.cache_lock.unlock()
+
+	return user
+}
+
 // utility

 fn (mut ctx Context) error_page(code int, short string, long string) string {
-	style := ctx.embed.error_css.clone()
+	style := ctx.app.embed.error_css
 	return $tmpl('template/error.html')
 }

@@ -111,65 +229,43 @@ pub fn (mut ctx Context) server_error(msg string) veb.Result {

 // main

-fn populate() (&util.Config, &util.Embedded) {
+fn populate() (util.Config, util.Embedded) {
 	dotenv.load()
-	dotenv.require('CDN_DB_HOST', 'CDN_DB_PORT')

 	executable := os.executable()
 	def_root := os.dir(executable)
 	def_port := int($d('port', 6767))
-	def_user := $d('username', 'cdn')
-	def_pass := $d('password', 'totallySafeCdnDatabasePassword1235')
+	def_sqlt := $d('database', 'cdn_web.db')
+	def_jwt := $d('jwt', 'supersecurejwttokenkey')

-	return &util.Config{
+	// vfmt off
+	return util.Config{
 		exe:      util.Utility.normalize_path(executable)
-		root:     util.Utility.normalize_path(if os.getenv('CDN_ROOT') != '' {
-			util.Utility.resolve_path(def_root, os.getenv('CDN_ROOT').str())
-		} else {
-			def_root
-		})
+		root:     util.Utility.normalize_path(if os.getenv('CDN_ROOT') != '' { util.Utility.resolve_path(def_root, os.getenv('CDN_ROOT').str()) } else { def_root })
 		port:     if os.getenv('CDN_PORT')    != '' { os.getenv('CDN_PORT').int()    } else { def_port }
-		database: &util.Database{
-			host:     os.getenv('CDN_DB_HOST').str()
-			port:     os.getenv('CDN_DB_PORT').int()
-			username: if os.getenv('CDN_DB_USERNAME') != '' {
-				os.getenv('CDN_DB_USERNAME').str()
-			} else {
-				def_user
-			}
-			password: if os.getenv('CDN_DB_PASSWORD') != '' {
-				os.getenv('CDN_DB_PASSWORD').str()
-			} else {
-				def_pass
-			}
-		}
-	}, &util.Embedded{
+		jwt_key:  if os.getenv('CDN_JWT_KEY') != '' { os.getenv('CDN_JWT_KEY').str() } else { def_jwt  }
+		database: if os.getenv('CDN_SQL_DSN') != '' { os.getenv('CDN_SQL_DSN').str() } else { def_sqlt }
+	}, util.Embedded{
 		style_css: $embed_file('template/assets/style.css', .zlib).to_string()
 		error_css: $embed_file('template/assets/error.css', .zlib).to_string()
+		admin_css: $embed_file('template/assets/admin.css', .zlib).to_string()
 	}
+	// vfmt on
 }

 fn main() {
-	cfg, mut embed := populate()
-	mut app := &App{
-		cfg:   cfg
-		embed: embed
-	}
-	mut auth := &Auth{
-		app: &app
-	}
+	// vfmt off
+	mut cfg, mut embed := populate()
+	mut app := &App{ cfg: cfg, embed: embed, database: database.get_database(cfg)! }
+	mut auth := &Auth{ app: app }
+	// vfmt on

 	app.register_controller[Auth, Context]('/auth', mut auth)!

 	app.enable_static_compression = true
 	app.use(veb.encode_auto[Context]())
-
-	app.use(veb.MiddlewareOptions[Context]{
-		handler: fn [mut embed] (mut ctx Context) bool {
-			ctx.embed = embed
-			return true
-		}
-	})
+	app.use(handler: app.prepare())
+	app.use(handler: session)

 	veb.run[App, Context](mut app, app.cfg.port)
 }
--- a/app/src/template/assets/admin.css
+++ b/app/src/template/assets/admin.css
@@ -0,0 +1,157 @@
+/* General Reset */
+* {
+    margin: 0;
+    padding: 0;
+    box-sizing: border-box;
+}
+
+/* Light Theme */
+:root[data-theme="light"] {
+    --bg-primary: #ffffff;
+    --bg-secondary: #f5f7fb;
+    --bg-tertiary: #eff2f5;
+    --text-primary: #1a202c;
+    --text-secondary: #6c757d;
+    --border-color: #d4d7de;
+    --accent: #0051ba;
+    --accent-hover: #003e8f;
+}
+
+/* Dark Theme */
+:root[data-theme="dark"] {
+    --bg-primary: #0d1117;
+    --bg-secondary: #161b22;
+    --bg-tertiary: #21262d;
+    --text-primary: #e6edf3;
+    --text-secondary: #8b949e;
+    --border-color: #30363d;
+    --accent: #58a6ff;
+    --accent-hover: #79c0ff;
+}
+
+/* Default theme */
+:root {
+    --bg-primary: #0d1117;
+    --bg-secondary: #161b22;
+    --bg-tertiary: #21262d;
+    --text-primary: #e6edf3;
+    --text-secondary: #8b949e;
+    --border-color: #30363d;
+    --accent: #58a6ff;
+    --accent-hover: #79c0ff;
+}
+
+body {
+    font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif;
+    background-color: var(--bg-primary);
+    color: var(--text-primary);
+    display: flex;
+    justify-content: center;
+    align-items: center;
+    height: 100vh;
+    flex-direction: column;
+    text-align: center;
+    transition: background-color 0.3s ease, color 0.3s ease;
+}
+
+.container {
+    background-color: var(--bg-secondary);
+    border: 1px solid var(--border-color);
+    padding: 2rem 3rem;
+    border-radius: 0.5rem;
+    box-shadow: 0 4px 12px rgba(0,0,0,0.15);
+    width: 100%;
+    max-width: 400px;
+}
+
+h1 {
+    font-size: 2rem;
+    margin-bottom: 1.5rem;
+    color: var(--accent);
+}
+
+form {
+    display: flex;
+    flex-direction: column;
+    gap: 1rem;
+}
+
+label {
+    text-align: left;
+    font-size: 0.875rem;
+    color: var(--text-secondary);
+}
+
+input[type="text"],
+input[type="password"] {
+    padding: 0.5rem 0.75rem;
+    border-radius: 0.375rem;
+    border: 1px solid var(--border-color);
+    background-color: var(--bg-tertiary);
+    color: var(--text-primary);
+    font-size: 1rem;
+    transition: all 0.2s ease;
+}
+
+input[type="text"]:focus,
+input[type="password"]:focus {
+    border-color: var(--accent);
+    outline: none;
+}
+
+button {
+    padding: 0.5rem 1rem;
+    border-radius: 0.375rem;
+    border: 1px solid var(--border-color);
+    background-color: var(--bg-tertiary);
+    color: var(--text-primary);
+    cursor: pointer;
+    font-size: 1rem;
+    transition: all 0.2s ease;
+}
+
+button:hover {
+    background-color: var(--accent);
+    border-color: var(--accent);
+    color: #fff;
+}
+
+button:active {
+    transform: scale(0.98);
+}
+
+a.logout-link {
+    color: var(--accent);
+    text-decoration: none;
+    margin-top: 1rem;
+    display: inline-block;
+    font-size: 0.875rem;
+}
+
+a.logout-link:hover {
+    color: var(--accent-hover);
+}
+
+.theme-toggle {
+    margin-top: 1rem;
+    width: 1.75rem;
+    height: 1.75rem;
+    border: none;
+    background-color: var(--text-secondary);
+    border-radius: 6px;
+    cursor: pointer;
+}
+
+.theme-toggle:active {
+    transform: scale(0.98);
+}
+
+@media (max-width: 480px) {
+    .container {
+        padding: 1.5rem 2rem;
+    }
+
+    h1 {
+        font-size: 1.75rem;
+    }
+}
--- a/app/src/template/auth/login.html
+++ b/app/src/template/auth/login.html
@@ -0,0 +1,25 @@
+<!DOCTYPE html>
+<!--suppress HtmlFormInputWithoutLabel -->
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Login</title>
+    <style>@{style}</style>
+</head>
+<body>
+<div class="container">
+    <h1>Login</h1>
+    <form action="/auth/login" method="POST">
+        <input placeholder="Username" type="text" id="username" name="username" required>
+        <input placeholder="Password" type="password" id="password" name="password" minlength="8" required>
+
+        <button type="submit">Sign In</button>
+    </form>
+</div>
+<script>
+    if ((savedTheme = (localStorage.getItem('theme') || 'light')))
+        document.documentElement.setAttribute('data-theme', savedTheme);
+</script>
+</body>
+</html>
--- a/app/src/template/auth/logout.html
+++ b/app/src/template/auth/logout.html
@@ -0,0 +1,21 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Logout</title>
+    <style>@{style}</style>
+</head>
+<body>
+<div class="container">
+    <h1>Log Out?</h1>
+    <form action="/auth/logout" method="POST">
+        <button type="submit">Logout</button>
+    </form>
+</div>
+<script>
+    if ((savedTheme = (localStorage.getItem('theme') || 'light')))
+        document.documentElement.setAttribute('data-theme', savedTheme);
+</script>
+</body>
+</html>
--- a/app/src/template/dashboard.html
+++ b/app/src/template/dashboard.html
--- a/app/src/util/http.v
+++ b/app/src/util/http.v
@@ -0,0 +1 @@
+module util
--- a/app/src/util/structs.v
+++ b/app/src/util/structs.v
@@ -5,26 +5,21 @@ import os
 import time
 import encoding.base64

-pub struct Database {
-pub:
-	host     string
-	port     int
-	username string
-	password string
-}
-
 pub struct Config {
 pub:
 	exe      string
 	root     string
 	port     int
-	database Database
+	debug    bool
+	jwt_key  string
+	database string
 }

 pub struct Embedded {
 pub mut:
 	style_css string
 	error_css string
+	admin_css string
 }

 pub struct FileEntry {
@@ -159,7 +154,7 @@ pub fn Utility.list_files(dir_path string, relative string, exclude []string) ![
 }

 pub fn Utility.normalize_path(path string) string {
-	return path.replace('\\', '/')
+	return path.replace('\\', '/').replace('//', '/')
 }

 pub struct HtmlBuilder {}
Author	SHA1	Message	Date
Overlord	9d541bd2bc	tldr; nothing works	2025-11-28 12:31:12 +01:00
Overlord	58849118d8	eod commit	2025-11-27 22:11:13 +01:00
Overlord	09539a9cd0	added jwt, sqlite, build sh	2025-11-27 20:45:50 +01:00
Overlord	6c6dfade42	updated .gitignore	2025-11-27 17:31:00 +01:00