moth/src/handlers.go

package main

import (
	"bufio"
	"encoding/json"
	"fmt"
	"io"
	"log"
	"net/http"
	"os"
	"strconv"
	"strings"
)

// https://github.com/omniti-labs/jsend
type JSend struct {
	Status string    `json:"status"`
	Data   struct {
		Short       string `json:"short"`
		Description string `json:"description"`
	}  `json:"data"`
}

const (
	JSendSuccess = "success"
	JSendFail = "fail"
	JSendError = "error"
)

func respond(w http.ResponseWriter, req *http.Request, status string, short string, format string, a ...interface{}) {
	resp := JSend{}
	resp.Status = status
	resp.Data.Short = short
	resp.Data.Description = fmt.Sprintf(format, a...)

	respBytes, err := json.Marshal(resp)
	if err != nil {
		http.Error(w, err.Error(), http.StatusInternalServerError)
		return
	}

	w.Header().Set("Content-Type", "application/json")
	w.WriteHeader(http.StatusOK) // RFC2616 makes it pretty clear that 4xx codes are for the user-agent
	w.Write(respBytes)
}

// hasLine returns true if line appears in r.
// The entire line must match.
func hasLine(r io.Reader, line string) bool {
	scanner := bufio.NewScanner(r)
	for scanner.Scan() {
		if scanner.Text() == line {
			return true
		}
	}
	return false
}

func (ctx *Instance) registerHandler(w http.ResponseWriter, req *http.Request) {
	teamname := req.FormValue("name")
	teamid := req.FormValue("id")

	// Keep foolish operators from shooting themselves in the foot
	// You would have to add a pathname to your list of Team IDs to open this vulnerability,
	// but I have learned not to overestimate people.
	if strings.Contains(teamid, "../") {
		teamid = "rodney"
	}

	if (teamid == "") || (teamname == "") {
		respond(
			w, req, JSendFail,
			"Invalid Entry",
			"Either `id` or `name` was missing from this request.",
		)
		return
	}

	teamids, err := os.Open(ctx.StatePath("teamids.txt"))
	if err != nil {
		respond(
			w, req, JSendFail,
			"Cannot read valid team IDs",
			"An error was encountered trying to read valid teams IDs: %v", err,
		)
		return
	}
	defer teamids.Close()
	if !hasLine(teamids, teamid) {
		respond(
			w, req, JSendFail,
			"Invalid Team ID",
			"I don't have a record of that team ID. Maybe you used capital letters accidentally?",
		)
		return
	}

	f, err := os.OpenFile(ctx.StatePath("teams", teamid), os.O_CREATE|os.O_EXCL|os.O_WRONLY, 0644)
	if os.IsExist(err) {
		respond(
			w, req, JSendFail,
			"Already registered",
			"This team ID has already been registered.",
		)
		return
	} else if err != nil {
		log.Print(err)
		respond(
			w, req, JSendFail,
			"Registration failed",
			"Unable to register. Perhaps a teammate has already registered?",
		)
		return
	}
	defer f.Close()
	fmt.Fprintln(f, teamname)
	respond(
		w, req, JSendSuccess,
		"Team registered",
		"Okay, your team has been named and you may begin using your team ID!",
	)
}

func (ctx *Instance) answerHandler(w http.ResponseWriter, req *http.Request) {
	teamid := req.FormValue("id")
	category := req.FormValue("cat")
	pointstr := req.FormValue("points")
	answer := req.FormValue("answer")

	points, err := strconv.Atoi(pointstr)
	if err != nil {
		respond(
			w, req, JSendFail,
			"Cannot parse point value",
			"This doesn't look like an integer: %s", pointstr,
		)
		return
	}

	haystack, err := ctx.OpenCategoryFile(category, "answers.txt")
	if err != nil {
		respond(
			w, req, JSendFail,
			"Cannot list answers",
			"Unable to read the list of answers for this category.",
		)
		return
	}
	defer haystack.Close()

	// Look for the answer
	needle := fmt.Sprintf("%d %s", points, answer)
	if !hasLine(haystack, needle) {
		respond(
			w, req, JSendFail,
			"Wrong answer",
			"That is not the correct answer for %s %d.", category, points,
		)
		return
	}

	if err := ctx.AwardPoints(teamid, category, points); err != nil {
		respond(
			w, req, JSendError,
			"Cannot award points",
			"The answer is correct, but there was an error awarding points: %v", err.Error(),
		)
		return
	}
	respond(
		w, req, JSendSuccess,
		"Points awarded",
		fmt.Sprintf("%d points for %s!", points, teamid),
	)
}

func (ctx *Instance) puzzlesHandler(w http.ResponseWriter, req *http.Request) {
	teamid := req.FormValue("id")
	if _, err := ctx.TeamName(teamid); err != nil {
		http.Error(w, "Unauthorized: must provide team ID", http.StatusUnauthorized)
		return
	}

	w.Header().Set("Content-Type", "application/json")
	w.WriteHeader(http.StatusOK)
	w.Write(ctx.jPuzzleList)
}

func (ctx *Instance) pointsHandler(w http.ResponseWriter, req *http.Request) {
	w.Header().Set("Content-Type", "application/json")
	w.WriteHeader(http.StatusOK)
	w.Write(ctx.jPointsLog)
}

func (ctx *Instance) contentHandler(w http.ResponseWriter, req *http.Request) {
	// Prevent directory traversal
	if strings.Contains(req.URL.Path, "/.") {
		http.Error(w, "Not Found", http.StatusNotFound)
		return
	}

	// Be clever: use only the last three parts of the path. This may prove to be a bad idea.
	parts := strings.Split(req.URL.Path, "/")
	if len(parts) < 3 {
		http.Error(w, "Not Found", http.StatusNotFound)
		return
	}

	fileName := parts[len(parts)-1]
	puzzleId := parts[len(parts)-2]
	categoryName := parts[len(parts)-3]

	mb, ok := ctx.Categories[categoryName]
	if !ok {
		http.Error(w, "Not Found", http.StatusNotFound)
		return
	}

	mbFilename := fmt.Sprintf("content/%s/%s", puzzleId, fileName)
	mf, err := mb.Open(mbFilename)
	if err != nil {
		log.Print(err)
		http.Error(w, "Not Found", http.StatusNotFound)
		return
	}
	defer mf.Close()

	http.ServeContent(w, req, fileName, mf.ModTime(), mf)
}

func (ctx *Instance) staticHandler(w http.ResponseWriter, req *http.Request) {
	path := req.URL.Path
	if strings.Contains(path, "..") {
		http.Error(w, "Invalid URL path", http.StatusBadRequest)
		return
	}
	if path == "/" {
		path = "/index.html"
	}

	f, err := os.Open(ctx.ResourcePath(path))
	if err != nil {
		http.NotFound(w, req)
		return
	}
	defer f.Close()

	d, err := f.Stat()
	if err != nil {
		http.NotFound(w, req)
		return
	}

	http.ServeContent(w, req, path, d.ModTime(), f)
}

type FurtiveResponseWriter struct {
	w http.ResponseWriter
	statusCode *int
}

func (w FurtiveResponseWriter) WriteHeader(statusCode int) {
	*w.statusCode = statusCode
	w.w.WriteHeader(statusCode)
}

func (w FurtiveResponseWriter) Write(buf []byte) (n int, err error) {
	n, err = w.w.Write(buf)
	return
}

func (w FurtiveResponseWriter) Header() http.Header {
	return w.w.Header()
}

// This gives Instances the signature of http.Handler
func (ctx *Instance) ServeHTTP(wOrig http.ResponseWriter, r *http.Request) {
	w := FurtiveResponseWriter{
		w: wOrig,
		statusCode: new(int),
	}
	ctx.mux.ServeHTTP(w, r)
	log.Printf(
		"%s %s %s %d\n",
		r.RemoteAddr,
		r.Method,
		r.URL,
		*w.statusCode,
	)
}

func (ctx *Instance) BindHandlers() {
	ctx.mux.HandleFunc(ctx.Base+"/", ctx.staticHandler)
	ctx.mux.HandleFunc(ctx.Base+"/register", ctx.registerHandler)
	ctx.mux.HandleFunc(ctx.Base+"/answer", ctx.answerHandler)
	ctx.mux.HandleFunc(ctx.Base+"/content/", ctx.contentHandler)
	ctx.mux.HandleFunc(ctx.Base+"/puzzles.json", ctx.puzzlesHandler)
	ctx.mux.HandleFunc(ctx.Base+"/points.json", ctx.pointsHandler)
}
Checking in go work 2018-05-02 15:45:45 -06:00			`package main`

			`import (`
Moving toward a working server 2018-09-17 17:00:08 -06:00			`"bufio"`
Generate proper JSON 2018-09-24 14:00:18 -06:00			`"encoding/json"`
Checking in go work 2018-05-02 15:45:45 -06:00			`"fmt"`
Check for duplicate points 2018-09-17 18:02:44 -06:00			`"io"`
Moving toward a working server 2018-09-17 17:00:08 -06:00			`"log"`
Checking in go work 2018-05-02 15:45:45 -06:00			`"net/http"`
It compiles! 2018-05-04 17:20:51 -06:00			`"os"`
			`"strconv"`
Moving toward a working server 2018-09-17 17:00:08 -06:00			`"strings"`
Checking in go work 2018-05-02 15:45:45 -06:00			`)`

work on updated client API 2019-02-22 17:43:04 -07:00			`// https://github.com/omniti-labs/jsend`
Generate proper JSON 2018-09-24 14:00:18 -06:00			`type JSend struct {`
Stop trying to put static files in the binary 2018-09-27 17:12:29 -06:00			Status string `json:"status"`
work on updated client API 2019-02-22 17:43:04 -07:00			`Data struct {`
			Short string `json:"short"`
			Description string `json:"description"`
			} `json:"data"`
Generate proper JSON 2018-09-24 14:00:18 -06:00			`}`
Add basic authentication and remove legacy html responses 2019-02-21 16:00:06 -07:00
			`const (`
work on updated client API 2019-02-22 17:43:04 -07:00			`JSendSuccess = "success"`
			`JSendFail = "fail"`
			`JSendError = "error"`
Add basic authentication and remove legacy html responses 2019-02-21 16:00:06 -07:00			`)`
Generate proper JSON 2018-09-24 14:00:18 -06:00
work on updated client API 2019-02-22 17:43:04 -07:00			`func respond(w http.ResponseWriter, req *http.Request, status string, short string, format string, a ...interface{}) {`
			`resp := JSend{}`
			`resp.Status = status`
			`resp.Data.Short = short`
			`resp.Data.Description = fmt.Sprintf(format, a...)`
Generate proper JSON 2018-09-24 14:00:18 -06:00
			`respBytes, err := json.Marshal(resp)`
Stop trying to put static files in the binary 2018-09-27 17:12:29 -06:00			`if err != nil {`
Generate proper JSON 2018-09-24 14:00:18 -06:00			`http.Error(w, err.Error(), http.StatusInternalServerError)`
			`return`
			`}`
Stop trying to put static files in the binary 2018-09-27 17:12:29 -06:00
Generate proper JSON 2018-09-24 14:00:18 -06:00			`w.Header().Set("Content-Type", "application/json")`
			`w.WriteHeader(http.StatusOK) // RFC2616 makes it pretty clear that 4xx codes are for the user-agent`
			`w.Write(respBytes)`
			`}`

Basic rendering of open puzzles 2018-09-17 21:32:24 -06:00			`// hasLine returns true if line appears in r.`
			`// The entire line must match.`
			`func hasLine(r io.Reader, line string) bool {`
Check for duplicate points 2018-09-17 18:02:44 -06:00			`scanner := bufio.NewScanner(r)`
			`for scanner.Scan() {`
Basic rendering of open puzzles 2018-09-17 21:32:24 -06:00			`if scanner.Text() == line {`
Check for duplicate points 2018-09-17 18:02:44 -06:00			`return true`
			`}`
			`}`
			`return false`
			`}`

Cache points.json and puzzles.json 2018-09-19 21:44:34 -06:00			`func (ctx Instance) registerHandler(w http.ResponseWriter, req http.Request) {`
Moving toward a working server 2018-09-17 17:00:08 -06:00			`teamname := req.FormValue("name")`
			`teamid := req.FormValue("id")`

			`// Keep foolish operators from shooting themselves in the foot`
			`// You would have to add a pathname to your list of Team IDs to open this vulnerability,`
			`// but I have learned not to overestimate people.`
			`if strings.Contains(teamid, "../") {`
			`teamid = "rodney"`
It compiles! 2018-05-04 17:20:51 -06:00			`}`
Moving toward a working server 2018-09-17 17:00:08 -06:00
It compiles! 2018-05-04 17:20:51 -06:00			`if (teamid == "") \|\| (teamname == "") {`
Moving toward a working server 2018-09-17 17:00:08 -06:00			`respond(`
work on updated client API 2019-02-22 17:43:04 -07:00			`w, req, JSendFail,`
Moving toward a working server 2018-09-17 17:00:08 -06:00			`"Invalid Entry",`
			"Either `id` or `name` was missing from this request.",
			`)`
It compiles! 2018-05-04 17:20:51 -06:00			`return`
			`}`
Moving toward a working server 2018-09-17 17:00:08 -06:00
Basic rendering of open puzzles 2018-09-17 21:32:24 -06:00			`teamids, err := os.Open(ctx.StatePath("teamids.txt"))`
			`if err != nil {`
			`respond(`
work on updated client API 2019-02-22 17:43:04 -07:00			`w, req, JSendFail,`
Basic rendering of open puzzles 2018-09-17 21:32:24 -06:00			`"Cannot read valid team IDs",`
			`"An error was encountered trying to read valid teams IDs: %v", err,`
			`)`
			`return`
			`}`
			`defer teamids.Close()`
			`if !hasLine(teamids, teamid) {`
Moving toward a working server 2018-09-17 17:00:08 -06:00			`respond(`
work on updated client API 2019-02-22 17:43:04 -07:00			`w, req, JSendFail,`
Moving toward a working server 2018-09-17 17:00:08 -06:00			`"Invalid Team ID",`
			`"I don't have a record of that team ID. Maybe you used capital letters accidentally?",`
			`)`
It compiles! 2018-05-04 17:20:51 -06:00			`return`
			`}`
Moving toward a working server 2018-09-17 17:00:08 -06:00
			`f, err := os.OpenFile(ctx.StatePath("teams", teamid), os.O_CREATE\|os.O_EXCL\|os.O_WRONLY, 0644)`
work on updated client API 2019-02-22 17:43:04 -07:00			`if os.IsExist(err) {`
			`respond(`
			`w, req, JSendFail,`
			`"Already registered",`
			`"This team ID has already been registered.",`
			`)`
			`return`
			`} else if err != nil {`
Moving toward a working server 2018-09-17 17:00:08 -06:00			`log.Print(err)`
			`respond(`
work on updated client API 2019-02-22 17:43:04 -07:00			`w, req, JSendFail,`
It compiles! 2018-05-04 17:20:51 -06:00			`"Registration failed",`
			`"Unable to register. Perhaps a teammate has already registered?",`
			`)`
			`return`
			`}`
			`defer f.Close()`
			`fmt.Fprintln(f, teamname)`
Moving toward a working server 2018-09-17 17:00:08 -06:00			`respond(`
work on updated client API 2019-02-22 17:43:04 -07:00			`w, req, JSendSuccess,`
Moving toward a working server 2018-09-17 17:00:08 -06:00			`"Team registered",`
			`"Okay, your team has been named and you may begin using your team ID!",`
			`)`
It compiles! 2018-05-04 17:20:51 -06:00			`}`

Cache points.json and puzzles.json 2018-09-19 21:44:34 -06:00			`func (ctx Instance) answerHandler(w http.ResponseWriter, req http.Request) {`
Flesh out remaining handlers I think at this point we just need to drop in text for puzzle.html, puzzle-list.html, and scoreboard.html, and we'll have a working server. 2018-09-17 17:40:05 -06:00			`teamid := req.FormValue("id")`
			`category := req.FormValue("cat")`
			`pointstr := req.FormValue("points")`
			`answer := req.FormValue("answer")`
It compiles! 2018-05-04 17:20:51 -06:00
			`points, err := strconv.Atoi(pointstr)`
			`if err != nil {`
Moving toward a working server 2018-09-17 17:00:08 -06:00			`respond(`
work on updated client API 2019-02-22 17:43:04 -07:00			`w, req, JSendFail,`
Flesh out remaining handlers I think at this point we just need to drop in text for puzzle.html, puzzle-list.html, and scoreboard.html, and we'll have a working server. 2018-09-17 17:40:05 -06:00			`"Cannot parse point value",`
			`"This doesn't look like an integer: %s", pointstr,`
Moving toward a working server 2018-09-17 17:00:08 -06:00			`)`
A passable start at a go-based mothd 2018-09-14 18:24:48 -06:00			`return`
It compiles! 2018-05-04 17:20:51 -06:00			`}`

Flesh out remaining handlers I think at this point we just need to drop in text for puzzle.html, puzzle-list.html, and scoreboard.html, and we'll have a working server. 2018-09-17 17:40:05 -06:00			`haystack, err := ctx.OpenCategoryFile(category, "answers.txt")`
A passable start at a go-based mothd 2018-09-14 18:24:48 -06:00			`if err != nil {`
Moving toward a working server 2018-09-17 17:00:08 -06:00			`respond(`
work on updated client API 2019-02-22 17:43:04 -07:00			`w, req, JSendFail,`
Flesh out remaining handlers I think at this point we just need to drop in text for puzzle.html, puzzle-list.html, and scoreboard.html, and we'll have a working server. 2018-09-17 17:40:05 -06:00			`"Cannot list answers",`
			`"Unable to read the list of answers for this category.",`
Moving toward a working server 2018-09-17 17:00:08 -06:00			`)`
A passable start at a go-based mothd 2018-09-14 18:24:48 -06:00			`return`
			`}`
			`defer haystack.Close()`
Moving toward a working server 2018-09-17 17:00:08 -06:00
A passable start at a go-based mothd 2018-09-14 18:24:48 -06:00			`// Look for the answer`
			`needle := fmt.Sprintf("%d %s", points, answer)`
Basic rendering of open puzzles 2018-09-17 21:32:24 -06:00			`if !hasLine(haystack, needle) {`
Moving toward a working server 2018-09-17 17:00:08 -06:00			`respond(`
work on updated client API 2019-02-22 17:43:04 -07:00			`w, req, JSendFail,`
Moving toward a working server 2018-09-17 17:00:08 -06:00			`"Wrong answer",`
Flesh out remaining handlers I think at this point we just need to drop in text for puzzle.html, puzzle-list.html, and scoreboard.html, and we'll have a working server. 2018-09-17 17:40:05 -06:00			`"That is not the correct answer for %s %d.", category, points,`
Moving toward a working server 2018-09-17 17:00:08 -06:00			`)`
A passable start at a go-based mothd 2018-09-14 18:24:48 -06:00			`return`
It compiles! 2018-05-04 17:20:51 -06:00			`}`

New rule: (category, points) must be unique across the contest. No more having 2 tokens in a category with the same point value. 2018-09-17 18:06:29 -06:00			`if err := ctx.AwardPoints(teamid, category, points); err != nil {`
Moving toward a working server 2018-09-17 17:00:08 -06:00			`respond(`
work on updated client API 2019-02-22 17:43:04 -07:00			`w, req, JSendError,`
Friendler error message if you got the right answer 2018-09-20 14:44:56 -06:00			`"Cannot award points",`
			`"The answer is correct, but there was an error awarding points: %v", err.Error(),`
Moving toward a working server 2018-09-17 17:00:08 -06:00			`)`
It compiles! 2018-05-04 17:20:51 -06:00			`return`
			`}`
Moving toward a working server 2018-09-17 17:00:08 -06:00			`respond(`
work on updated client API 2019-02-22 17:43:04 -07:00			`w, req, JSendSuccess,`
Moving toward a working server 2018-09-17 17:00:08 -06:00			`"Points awarded",`
			`fmt.Sprintf("%d points for %s!", points, teamid),`
			`)`
			`}`

Cache points.json and puzzles.json 2018-09-19 21:44:34 -06:00			`func (ctx Instance) puzzlesHandler(w http.ResponseWriter, req http.Request) {`
Now you can hit enter to sign in 2019-02-22 19:09:38 -07:00			`teamid := req.FormValue("id")`
			`if _, err := ctx.TeamName(teamid); err != nil {`
			`http.Error(w, "Unauthorized: must provide team ID", http.StatusUnauthorized)`
			`return`
			`}`

Moving toward a working server 2018-09-17 17:00:08 -06:00			`w.Header().Set("Content-Type", "application/json")`
			`w.WriteHeader(http.StatusOK)`
Cache points.json and puzzles.json 2018-09-19 21:44:34 -06:00			`w.Write(ctx.jPuzzleList)`
Add flags and other stuff 2018-05-08 12:45:50 -06:00			`}`

Cache points.json and puzzles.json 2018-09-19 21:44:34 -06:00			`func (ctx Instance) pointsHandler(w http.ResponseWriter, req http.Request) {`
Moving toward a working server 2018-09-17 17:00:08 -06:00			`w.Header().Set("Content-Type", "application/json")`
			`w.WriteHeader(http.StatusOK)`
Cache points.json and puzzles.json 2018-09-19 21:44:34 -06:00			`w.Write(ctx.jPointsLog)`
Moving toward a working server 2018-09-17 17:00:08 -06:00			`}`

Cache points.json and puzzles.json 2018-09-19 21:44:34 -06:00			`func (ctx Instance) contentHandler(w http.ResponseWriter, req http.Request) {`
I think I'm done. 2018-09-19 17:56:26 -06:00			`// Prevent directory traversal`
			`if strings.Contains(req.URL.Path, "/.") {`
			`http.Error(w, "Not Found", http.StatusNotFound)`
			`return`
			`}`
Cache points.json and puzzles.json 2018-09-19 21:44:34 -06:00
I think I'm done. 2018-09-19 17:56:26 -06:00			`// Be clever: use only the last three parts of the path. This may prove to be a bad idea.`
			`parts := strings.Split(req.URL.Path, "/")`
			`if len(parts) < 3 {`
			`http.Error(w, "Not Found", http.StatusNotFound)`
			`return`
			`}`
Cache points.json and puzzles.json 2018-09-19 21:44:34 -06:00
I think I'm done. 2018-09-19 17:56:26 -06:00			`fileName := parts[len(parts)-1]`
			`puzzleId := parts[len(parts)-2]`
			`categoryName := parts[len(parts)-3]`
Cache points.json and puzzles.json 2018-09-19 21:44:34 -06:00
I think I'm done. 2018-09-19 17:56:26 -06:00			`mb, ok := ctx.Categories[categoryName]`
			`if !ok {`
			`http.Error(w, "Not Found", http.StatusNotFound)`
			`return`
			`}`
Cache points.json and puzzles.json 2018-09-19 21:44:34 -06:00
I think I'm done. 2018-09-19 17:56:26 -06:00			`mbFilename := fmt.Sprintf("content/%s/%s", puzzleId, fileName)`
			`mf, err := mb.Open(mbFilename)`
			`if err != nil {`
			`log.Print(err)`
			`http.Error(w, "Not Found", http.StatusNotFound)`
			`return`
			`}`
			`defer mf.Close()`
Cache points.json and puzzles.json 2018-09-19 21:44:34 -06:00
I think I'm done. 2018-09-19 17:56:26 -06:00			`http.ServeContent(w, req, fileName, mf.ModTime(), mf)`
			`}`

Cache points.json and puzzles.json 2018-09-19 21:44:34 -06:00			`func (ctx Instance) staticHandler(w http.ResponseWriter, req http.Request) {`
Stop trying to put static files in the binary 2018-09-27 17:12:29 -06:00			`path := req.URL.Path`
			`if strings.Contains(path, "..") {`
			`http.Error(w, "Invalid URL path", http.StatusBadRequest)`
			`return`
			`}`
			`if path == "/" {`
			`path = "/index.html"`
			`}`

			`f, err := os.Open(ctx.ResourcePath(path))`
			`if err != nil {`
			`http.NotFound(w, req)`
			`return`
			`}`
			`defer f.Close()`

			`d, err := f.Stat()`
			`if err != nil {`
			`http.NotFound(w, req)`
			`return`
			`}`

			`http.ServeContent(w, req, path, d.ModTime(), f)`
runs now 2018-05-06 21:37:52 -06:00			`}`
A passable start at a go-based mothd 2018-09-14 18:24:48 -06:00
Add basic authentication and remove legacy html responses 2019-02-21 16:00:06 -07:00			`type FurtiveResponseWriter struct {`
			`w http.ResponseWriter`
			`statusCode *int`
			`}`

			`func (w FurtiveResponseWriter) WriteHeader(statusCode int) {`
			`*w.statusCode = statusCode`
			`w.w.WriteHeader(statusCode)`
			`}`

			`func (w FurtiveResponseWriter) Write(buf []byte) (n int, err error) {`
			`n, err = w.w.Write(buf)`
			`return`
A passable start at a go-based mothd 2018-09-14 18:24:48 -06:00			`}`
Add basic authentication and remove legacy html responses 2019-02-21 16:00:06 -07:00
			`func (w FurtiveResponseWriter) Header() http.Header {`
			`return w.w.Header()`
			`}`

			`// This gives Instances the signature of http.Handler`
			`func (ctx Instance) ServeHTTP(wOrig http.ResponseWriter, r http.Request) {`
			`w := FurtiveResponseWriter{`
			`w: wOrig,`
			`statusCode: new(int),`
			`}`
Now you can hit enter to sign in 2019-02-22 19:09:38 -07:00			`ctx.mux.ServeHTTP(w, r)`
Add basic authentication and remove legacy html responses 2019-02-21 16:00:06 -07:00			`log.Printf(`
			`"%s %s %s %d\n",`
			`r.RemoteAddr,`
			`r.Method,`
			`r.URL,`
			`*w.statusCode,`
			`)`
			`}`

			`func (ctx *Instance) BindHandlers() {`
			`ctx.mux.HandleFunc(ctx.Base+"/", ctx.staticHandler)`
			`ctx.mux.HandleFunc(ctx.Base+"/register", ctx.registerHandler)`
			`ctx.mux.HandleFunc(ctx.Base+"/answer", ctx.answerHandler)`
			`ctx.mux.HandleFunc(ctx.Base+"/content/", ctx.contentHandler)`
			`ctx.mux.HandleFunc(ctx.Base+"/puzzles.json", ctx.puzzlesHandler)`
			`ctx.mux.HandleFunc(ctx.Base+"/points.json", ctx.pointsHandler)`
			`}`