From e9a3e807ec7bb4839207929beee284b54911e2fd Mon Sep 17 00:00:00 2001
From: Tueem <tueem@tomatentum.net>
Date: Fri, 23 Jan 2026 11:17:58 +0100
Subject: [PATCH] feat(http): add server and auth middleware

---
 cmd/svg-templater/main.go  | 16 ++++++++++++---
 pkg/auth/authmiddleware.go | 40 ++++++++++++++++++++++++++++++++++++++
 2 files changed, 53 insertions(+), 3 deletions(-)
 create mode 100644 pkg/auth/authmiddleware.go

diff --git a/cmd/svg-templater/main.go b/cmd/svg-templater/main.go
index 878cd7c..d5dcb82 100644
--- a/cmd/svg-templater/main.go
+++ b/cmd/svg-templater/main.go
@@ -2,10 +2,13 @@ package main
 
 import (
 	"flag"
+	"fmt"
 	"log"
+	"net/http"
 
 	"tomatentum.net/svg-templater/internal/database"
 	svgtemplater "tomatentum.net/svg-templater/internal/svg-templater"
+	"tomatentum.net/svg-templater/pkg/auth"
 )
 
 var (
@@ -18,10 +21,11 @@ func main() {
 		log.Fatal("Failed opening DB:\n", err)
 		return
 	}
+	defer database.Close()
 	database.InitDB()
 	prepareCommandLine()
+	prepareHTTP()
 	handleCommandline()
-	defer database.Close()
 }
 
 func prepareCommandLine() {
@@ -29,6 +33,12 @@ func prepareCommandLine() {
 	flag.BoolVar(&deleteTokenFlag, "tokendel", false, "svg-templater --tokendel <name> : Delete token with name")
 }
 
+func prepareHTTP() {
+	http.HandleFunc("/", auth.AuthMiddleware(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		fmt.Fprintln(w, "You are authorized!")
+	})))
+}
+
 func handleCommandline() {
 	flag.Parse()
 	if generateTokenFlag {
@@ -36,7 +46,7 @@ func handleCommandline() {
 	} else if deleteTokenFlag {
 		svgtemplater.DeleteTokenCommand()
 	} else {
-		log.Println("No commend provided!")
-		flag.PrintDefaults()
+		log.Println("Starting http server on :3000")
+		http.ListenAndServe(":3000", nil)
 	}
 }
diff --git a/pkg/auth/authmiddleware.go b/pkg/auth/authmiddleware.go
new file mode 100644
index 0000000..10f95b1
--- /dev/null
+++ b/pkg/auth/authmiddleware.go
@@ -0,0 +1,40 @@
+package auth
+
+import (
+	"log"
+	"net/http"
+	"strings"
+
+	"tomatentum.net/svg-templater/internal/database"
+)
+
+func AuthMiddleware(next http.Handler) http.HandlerFunc {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		valid, err := validateAuthHeader(r)
+		if err != nil {
+			http.Error(w, "Internal Server Error", http.StatusInternalServerError)
+			log.Println("Database Query for token validation failed.\n", r)
+			return
+		}
+
+		if valid {
+			next.ServeHTTP(w, r)
+		} else {
+			http.Error(w, "Unauthorized", http.StatusUnauthorized)
+		}
+	})
+}
+
+// Accepts ("Authorization": "BEARER <TOKEN>"), returns database error if query failed
+func validateAuthHeader(r *http.Request) (bool, error) {
+	header := strings.Split(r.Header.Get("Authorization"), " ")
+	if len(header) < 2 {
+		return false, nil
+	}
+	token := header[1]
+	if len(strings.TrimSpace(token)) < 1 {
+		return false, nil
+	}
+
+	return database.ValidateTokenCache(token)
+}