1 files changed, 32 insertions, 4 deletions

diff --git a/phlox/main.go b/phlox/main.go
index 3f80724..f2946c8 100644
--- a/phlox/main.go
+++ b/phlox/main.go
@@ -4,6 +4,7 @@ import (
 	"fmt"
 	"io"
 	"strings"
+	"errors"
 	"flag"
 	"net"
 	"net/http"
@@ -13,15 +14,15 @@ import (
 )
 
 
-var p *db.Phlox
+var P db.Phlox
 
 
 func main() {
+	p := &P
 	var dbfile string
 	flag.StringVar(&dbfile, "db", "/etc/phlox/phlox.conf", "path to the configuration db")
 	flag.Parse()
 
-	p := &db.Phlox{}
 	err := p.Open(dbfile)
 	if err != nil {
 		log.Fatal(err)
@@ -42,6 +43,8 @@ func main() {
 		configureEndpoint(endpoint.Path, endpoint.Address)
 	}
 
+	InitLogin()
+
 	log.Infof("serving on %v", addr)
 	log.Fatal(http.ListenAndServe(addr, nil))
 }
@@ -73,8 +76,32 @@ func configureEndpoint(path, address string) {
 
 
 func proxy(w http.ResponseWriter, req *http.Request, end Endpoint) {
+	p := &P
+	cookie, err := req.Cookie("phlox-session-id")
+	if errors.Is(err, http.ErrNoCookie) {
+		// not logged in
+		w.Header().Set("Location", "/login")
+		w.WriteHeader(http.StatusTemporaryRedirect)
+		return
+	}
+
+	// check cookie
+	check, err := p.CheckSessionId(cookie.Value)
+	if err != nil {
+		w.WriteHeader(http.StatusInternalServerError)
+		fmt.Fprintf(w, "internal server error")
+		return
+	}
+	if !check {
+		w.WriteHeader(http.StatusUnauthorized)
+		fmt.Fprintf(w, "unauthorized")
+		return
+	}
+
 	response := proxyRequest(w, req, end)
-	proxyResponse(w, response)
+	if response != nil {
+		proxyResponse(w, response)
+	}
 }
 
 
@@ -99,7 +126,8 @@ func proxyRequest(w http.ResponseWriter, req *http.Request, end Endpoint)  *http
 	if err != nil {
 		w.WriteHeader(http.StatusInternalServerError)
 		fmt.Fprintf(w, "%v", err)
-		log.Fatal(err)
+		log.Error(err)
+		return nil
 	}
 
 	return response