From 9549c1cd2220034b789bd24b5ba7687c10f9bf82 Mon Sep 17 00:00:00 2001
From: vilmibm <vilmibm@protonmail.com>
Date: Tue, 19 Apr 2022 22:27:31 -0500
Subject: [PATCH] write some stuff

---
 server/cmd/main.go | 61 ++++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 59 insertions(+), 2 deletions(-)

diff --git a/server/cmd/main.go b/server/cmd/main.go
index fe2053b..5be35b8 100644
--- a/server/cmd/main.go
+++ b/server/cmd/main.go
@@ -2,6 +2,7 @@ package main
 
 import (
 	"database/sql"
+	"encoding/json"
 	"flag"
 	"fmt"
 	"io"
@@ -51,6 +52,7 @@ func main() {
 		},
 		Logf: func(s string, args ...interface{}) {
 			fmt.Fprintf(io.Out, s, args...)
+			fmt.Fprintf(io.Out, "\n")
 		},
 	}
 
@@ -89,7 +91,7 @@ func _main(opts *Opts) error {
 	setupAPI(*opts)
 
 	// TODO TLS or SSL or something
-	opts.Logf("starting server at %s:%d\n", cfg.Host, cfg.Port)
+	opts.Logf("starting server at %s:%d", cfg.Host, cfg.Port)
 	if err := http.ListenAndServe(fmt.Sprintf("%s:%d", cfg.Host, cfg.Port), nil); err != nil {
 		return fmt.Errorf("http server exited with error: %w", err)
 	}
@@ -105,8 +107,63 @@ func handler(opts Opts, f http.HandlerFunc) http.HandlerFunc {
 	}
 }
 
+// TODO I'm not entirely sold on this hash system; without transport
+// encryption, it doesn't really help anything. I'd rather have plaintext +
+// transport encryption and then, on the server side, proper salted hashing.
+
+type User struct {
+	// TODO
+	ID string
+}
+
+type BBJResponse struct {
+	Error   bool            `json:"error"`
+	Data    interface{}     `json:"data"`
+	Usermap map[string]User `json:"usermap"`
+}
+
+func writeResponse(w http.ResponseWriter, resp BBJResponse) {
+	json.NewEncoder(w).Encode(resp)
+}
+
 func setupAPI(opts Opts) {
+
 	http.HandleFunc("/instance", handler(opts, func(w http.ResponseWriter, req *http.Request) {
-		io.WriteString(w, opts.Config.InstanceName)
+		w.WriteHeader(http.StatusOK)
+		w.Header().Set("Content-Type", "application/json")
+		writeResponse(w, BBJResponse{
+			Data: opts.Config.InstanceName,
+		})
+	}))
+
+	http.HandleFunc("/check_auth", handler(opts, func(w http.ResponseWriter, req *http.Request) {
+		if req.Method != "POST" {
+			http.Error(w, "bad method", 400)
+			return
+		}
+
+		type args struct {
+			TargetUser string `json:"target_user"`
+			TargetHash string `json:"target_hash"`
+		}
+
+		var a args
+
+		err := json.NewDecoder(req.Body).Decode(&a)
+
+		if err != nil {
+			http.Error(w, "could not parse arguments", 400)
+		}
+
+		opts.Logf("got %s %s", a.TargetUser, a.TargetHash)
+
+		// TODO
+		result := false
+
+		w.WriteHeader(http.StatusOK)
+		w.Header().Set("Content-Type", "application/json")
+		writeResponse(w, BBJResponse{
+			Data: result,
+		})
 	}))
 }