Edit any files in user dir

finish sign-in sign-up

.gitignore

@@ -1,3 +1,5 @@
 .env
 test.txt
 ledger-quicknote
+*.txt
+.htpasswd

auth/auth.go

@@ -0,0 +1,129 @@
+package auth
+
+import (
+	"bufio"
+	"errors"
+	"fmt"
+	"os"
+	"strings"
+	"time"
+
+	"github.com/gorilla/securecookie"
+	"golang.org/x/crypto/bcrypt"
+)
+
+type AuthStore interface {
+	Get(user string) bool
+	Register(user, pass string) error
+	Login(user, pass string) (token string, err error)
+	Verify(token string) (session Session, err error)
+	Remove(user string) error
+}
+
+type Session struct {
+	User   string
+	Expiry time.Time
+}
+
+type Htpasswd struct {
+	accounts map[string]string
+	filePath string
+	cookie   *securecookie.SecureCookie
+}
+
+func New(path string, hashKey []byte) (AuthStore, error) {
+	s := Htpasswd{
+		filePath: path,
+		cookie:   securecookie.New(hashKey, nil),
+	}
+	err := s.read()
+	return s, err
+}
+
+func (s Htpasswd) Get(user string) bool {
+	_, ok := s.accounts[user]
+	return ok
+}
+
+func (s Htpasswd) Register(user, pass string) (err error) {
+	if _, ok := s.accounts[user]; ok {
+		return errors.New("user already exists")
+	}
+	s.accounts[user], err = hash(pass)
+	if err != nil {
+		return
+	}
+	return s.write()
+}
+
+func (s Htpasswd) Login(user, pass string) (token string, err error) {
+	hashed, ok := s.accounts[user]
+	if !ok {
+		return "", errors.New("user not found")
+	}
+	err = bcrypt.CompareHashAndPassword([]byte(hashed), []byte(pass))
+	if err != nil {
+		return "", errors.New("wrong password")
+	}
+	session := Session{
+		User:   user,
+		Expiry: time.Now().AddDate(0, 0, 7),
+	}
+	token, err = s.cookie.Encode("session", session)
+	if err != nil {
+		panic(err)
+	}
+	return
+}
+
+func (s Htpasswd) Verify(token string) (session Session, err error) {
+	err = s.cookie.Decode("session", token, &session)
+	return
+}
+
+func (s Htpasswd) Remove(user string) (err error) {
+	delete(s.accounts, user)
+	return s.write()
+}
+
+func (s *Htpasswd) read() (err error) {
+	file, err := os.OpenFile(s.filePath, os.O_RDONLY|os.O_CREATE, 0600)
+	if err != nil {
+		return err
+	}
+	defer file.Close()
+
+	fileScanner := bufio.NewScanner(file)
+	fileScanner.Split(bufio.ScanLines)
+
+	s.accounts = make(map[string]string)
+	for fileScanner.Scan() {
+		arr := strings.SplitN(fileScanner.Text(), ":", 2)
+		if len(arr) < 2 {
+			return fmt.Errorf("invalid data %s", arr)
+		}
+		s.accounts[arr[0]] = arr[1]
+	}
+	return nil
+}
+
+func (s *Htpasswd) write() (err error) {
+	file, err := os.OpenFile(s.filePath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
+	if err != nil {
+		return fmt.Errorf("failed to open htpasswd file: %w", err)
+	}
+	defer file.Close()
+
+	for u, p := range s.accounts {
+		_, err = fmt.Fprintf(file, "%s:%s\n", u, p)
+		if err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+func hash(pass string) (string, error) {
+	output, err := bcrypt.GenerateFromPassword([]byte(pass), bcrypt.DefaultCost)
+	return string(output), err
+}

auth/auth_test.go

@@ -0,0 +1,77 @@
+package auth
+
+import (
+	"fmt"
+	"io/ioutil"
+	"strings"
+	"testing"
+
+	"github.com/gorilla/securecookie"
+)
+
+type User struct {
+	user   string
+	pass   string
+	hashed string
+}
+
+func TestHtpasswdSuccess(t *testing.T) {
+	hashKey := securecookie.GenerateRandomKey(32)
+	path := "/tmp/.htpasswd"
+	user1 := User{
+		user:   "user",
+		pass:   "password",
+		hashed: "$2a$14$SQSscaF4fVO3e5dp2/.VPuVQDPKqxSagLQnN6OncTRtoQw0ie9ByK",
+	}
+	err := ioutil.WriteFile(path,
+		[]byte(fmt.Sprintf("%s:%s", user1.user, user1.hashed)), 0640)
+	if err != nil {
+		t.Fatal(err)
+	}
+	store, err := New(path, hashKey)
+	if err != nil {
+		t.Fatal(err)
+	}
+	token, err := store.Login(user1.user, user1.pass)
+	if err != nil {
+		t.Error(err)
+	}
+
+	session, err := store.Verify(token)
+	if err != nil {
+		t.Error(err)
+	}
+	if session.User != user1.user {
+		t.Fatalf("expected %s, got %s", user1.user, session.User)
+	}
+
+	user2 := User{
+		user: "foo",
+		pass: "bar",
+	}
+	err = store.Register(user2.user, user2.pass)
+	if err != nil {
+		t.Error(err)
+	}
+	data, err := ioutil.ReadFile(path)
+	if err != nil {
+		t.Error(err)
+	}
+	for _, u := range []User{user1, user2} {
+		if !strings.Contains(string(data), u.user) {
+			t.Errorf("%s not found in htpasswd file: %s", u.user, string(data))
+		}
+	}
+	err = store.Remove(user1.user)
+	if err != nil {
+		t.Error(err)
+	}
+
+	data, err = ioutil.ReadFile(path)
+	if err != nil {
+		t.Error(err)
+	}
+	if strings.Contains(string(data), user1.user) {
+		t.Errorf("%s is found in htpasswd file but should be removed: %s", user1.user, string(data))
+	}
+}

config.go

@@ -1,7 +1,7 @@
 package main
 
-var SCRIPTS = map[string][]string{
+var SCRIPTS = map[string]string{
-	"balance assets":     {"b", "assets", "-X", "$"},
+	"balance assets":     "b assets -X $",
-	"register":           {"r", "--tail", "10"},
+	"register":           "r --tail 10",
-	"balance this month": {"b", "-b", "this month"},
+	"balance this month": "b -b \"this month\"",
 }

data/lancatlin@pm.me/expense.tpl

@@ -0,0 +1,4 @@
+{{ .Date }} {{ with .Name }}{{ . }}{{ else }}{{ .Destination }}{{ end }}
+    {{ .Destination }}      ${{ .Amount }}
+    {{ with .Source }}{{ . }}{{ else }}cash{{ end }}
+

go.mod

@@ -1,3 +1,27 @@
 module github.com/lancatlin/ledger-quicknote
 
 go 1.19
+
+require (
+	github.com/gin-contrib/multitemplate v0.0.0-20220829131020-8c2a8441bc2b // indirect
+	github.com/gin-contrib/sse v0.1.0 // indirect
+	github.com/gin-gonic/gin v1.8.1 // indirect
+	github.com/go-playground/locales v0.14.0 // indirect
+	github.com/go-playground/universal-translator v0.18.0 // indirect
+	github.com/go-playground/validator/v10 v10.10.0 // indirect
+	github.com/goccy/go-json v0.9.7 // indirect
+	github.com/gorilla/securecookie v1.1.1 // indirect
+	github.com/json-iterator/go v1.1.12 // indirect
+	github.com/leodido/go-urn v1.2.1 // indirect
+	github.com/mattn/go-isatty v0.0.14 // indirect
+	github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421 // indirect
+	github.com/modern-go/reflect2 v1.0.2 // indirect
+	github.com/pelletier/go-toml/v2 v2.0.1 // indirect
+	github.com/ugorji/go/codec v1.2.7 // indirect
+	golang.org/x/crypto v0.1.0 // indirect
+	golang.org/x/net v0.1.0 // indirect
+	golang.org/x/sys v0.1.0 // indirect
+	golang.org/x/text v0.4.0 // indirect
+	google.golang.org/protobuf v1.28.0 // indirect
+	gopkg.in/yaml.v2 v2.4.0 // indirect
+)

go.sum

@@ -0,0 +1,86 @@
+github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/gin-contrib/multitemplate v0.0.0-20220829131020-8c2a8441bc2b h1:WMas4AhGwZLRBAYGikjEzx02gk5SbAn3xbbxhnGrgao=
+github.com/gin-contrib/multitemplate v0.0.0-20220829131020-8c2a8441bc2b/go.mod h1:XLLtIXoP9+9zGcEDc7gAGV3AksGPO+vzv4kXHMJSdU0=
+github.com/gin-contrib/sse v0.1.0 h1:Y/yl/+YNO8GZSjAhjMsSuLt29uWRFHdHYUb5lYOV9qE=
+github.com/gin-contrib/sse v0.1.0/go.mod h1:RHrZQHXnP2xjPF+u1gW/2HnVO7nvIa9PG3Gm+fLHvGI=
+github.com/gin-gonic/gin v1.8.1 h1:4+fr/el88TOO3ewCmQr8cx/CtZ/umlIRIs5M4NTNjf8=
+github.com/gin-gonic/gin v1.8.1/go.mod h1:ji8BvRH1azfM+SYow9zQ6SZMvR8qOMZHmsCuWR9tTTk=
+github.com/go-playground/assert/v2 v2.0.1/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4=
+github.com/go-playground/locales v0.14.0 h1:u50s323jtVGugKlcYeyzC0etD1HifMjqmJqb8WugfUU=
+github.com/go-playground/locales v0.14.0/go.mod h1:sawfccIbzZTqEDETgFXqTho0QybSa7l++s0DH+LDiLs=
+github.com/go-playground/universal-translator v0.18.0 h1:82dyy6p4OuJq4/CByFNOn/jYrnRPArHwAcmLoJZxyho=
+github.com/go-playground/universal-translator v0.18.0/go.mod h1:UvRDBj+xPUEGrFYl+lu/H90nyDXpg0fqeB/AQUGNTVA=
+github.com/go-playground/validator/v10 v10.10.0 h1:I7mrTYv78z8k8VXa/qJlOlEXn/nBh+BF8dHX5nt/dr0=
+github.com/go-playground/validator/v10 v10.10.0/go.mod h1:74x4gJWsvQexRdW8Pn3dXSGrTK4nAUsbPlLADvpJkos=
+github.com/goccy/go-json v0.9.7 h1:IcB+Aqpx/iMHu5Yooh7jEzJk1JZ7Pjtmys2ukPr7EeM=
+github.com/goccy/go-json v0.9.7/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I=
+github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
+github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
+github.com/gorilla/securecookie v1.1.1 h1:miw7JPhV+b/lAHSXz4qd/nN9jRiAFV5FwjeKyCS8BvQ=
+github.com/gorilla/securecookie v1.1.1/go.mod h1:ra0sb63/xPlUeL+yeDciTfxMRAA+MP+HVt/4epWDjd4=
+github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
+github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
+github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
+github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
+github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk=
+github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
+github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
+github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
+github.com/leodido/go-urn v1.2.1 h1:BqpAaACuzVSgi/VLzGZIobT2z4v53pjosyNd9Yv6n/w=
+github.com/leodido/go-urn v1.2.1/go.mod h1:zt4jvISO2HfUBqxjfIshjdMTYS56ZS/qv49ictyFfxY=
+github.com/mattn/go-isatty v0.0.14 h1:yVuAays6BHfxijgZPzw+3Zlu5yQgKGP2/hcQbHb7S9Y=
+github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94=
+github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421 h1:ZqeYNhU3OHLH3mGKHDcjJRFFRrJa6eAM5H+CtDdOsPc=
+github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
+github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M=
+github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
+github.com/pelletier/go-toml/v2 v2.0.1 h1:8e3L2cCQzLFi2CR4g7vGFuFxX7Jl1kKX8gW+iV0GUKU=
+github.com/pelletier/go-toml/v2 v2.0.1/go.mod h1:r9LEWfGN8R5k0VXJ+0BkIe7MYkRdwZOjgMj2KwnJFUo=
+github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
+github.com/rogpeppe/go-internal v1.8.0/go.mod h1:WmiCO8CzOY8rg0OYDC4/i/2WRWAB6poM+XZ2dLUbcbE=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
+github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
+github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
+github.com/ugorji/go v1.2.7/go.mod h1:nF9osbDWLy6bDVv/Rtoh6QgnvNDpmCalQV5urGCCS6M=
+github.com/ugorji/go/codec v1.2.7 h1:YPXUKf7fYbp/y8xloBqZOw2qaVggbfwMlI8WM3wZUJ0=
+github.com/ugorji/go/codec v1.2.7/go.mod h1:WGN1fab3R1fzQlVQTkfxVtIBhWDRqOviHU95kRgeqEY=
+golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
+golang.org/x/crypto v0.1.0 h1:MDRAIl0xIo9Io2xV565hzXHw3zVseKrJKodhohM5CjU=
+golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw=
+golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
+golang.org/x/net v0.1.0 h1:hZ/3BUoy5aId7sCpA/Tc5lt8DkFgdVS2onTpJsZ/fl0=
+golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco=
+golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.1.0 h1:kunALQeHf1/185U1i0GOB/fy1IPRDDpuoOOqRReG57U=
+golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
+golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/text v0.4.0 h1:BrVqGRd7+k1DiOgtnFvAkoQEWQvBc25ouMJM6429SFg=
+golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
+golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
+google.golang.org/protobuf v1.28.0 h1:w43yiav+6bVFTBQFZX0r7ipe9JQ1QsbMgHwbBziscLw=
+google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
+gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
+gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
+gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

main.go

@@ -1,139 +1,54 @@
 package main
 
 import (
-	"bytes"
+	"encoding/base64"
 	"flag"
-	"fmt"
-	"io"
 	"log"
-	"net/http"
-	"net/url"
-	"os"
-	"os/exec"
-	"strings"
 	"text/template"
-	"time"
+
+	"github.com/gorilla/securecookie"
+	"github.com/lancatlin/ledger-quicknote/auth"
 )
 
 var ledgerTpl *template.Template
 var htmlTpl *template.Template
 
-var LEDGER_FILE string
+var DATA_DIR string
-var LEDGER_INIT string
-var WORKING_DIR string
 var HOST string
 
-type TxData struct {
+var store auth.AuthStore
-	Name    string
+
-	Date    string
+const HTPASSWD_FILE = ".htpasswd"
-	Amount  string
+const DEFAULT_JOURNAL = "ledger.txt"
-	Account string
-}
 
 func init() {
 	ledgerTpl = template.Must(template.ParseGlob("tx/*"))
-	htmlTpl = template.Must(template.ParseGlob("templates/*.html"))
+	flag.StringVar(&DATA_DIR, "d", "data", "data folder")
-	flag.StringVar(&LEDGER_FILE, "f", "example.txt", "ledger journal file to write")
-	flag.StringVar(&LEDGER_INIT, "i", "", "ledger initiation file")
-	flag.StringVar(&WORKING_DIR, "w", "", "ledger working directory")
 	flag.StringVar(&HOST, "b", "127.0.0.1:8000", "binding address")
+	var hashKeyString string
+	flag.StringVar(&hashKeyString, "s", "", "session secret")
 	flag.Parse()
+
+	var hashKey []byte
+	var err error
+
+	if hashKeyString == "" {
+		hashKey = securecookie.GenerateRandomKey(32)
+		log.Printf("Generate random session key: %s", base64.StdEncoding.EncodeToString(hashKey))
+	} else {
+		hashKey, err = base64.StdEncoding.DecodeString(hashKeyString)
+		if err != nil {
+			panic(err)
+		}
+	}
+	store, err = auth.New(HTPASSWD_FILE, hashKey)
+	if err != nil {
+		panic(err)
+	}
 }
 
 func main() {
-	http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
+	r := router()
-		htmlTpl.ExecuteTemplate(w, "index.html", struct {
-			Templates []*template.Template
-			Scripts   map[string][]string
-		}{
-			ledgerTpl.Templates(),
-			SCRIPTS,
-		})
-	})
 
-	http.HandleFunc("/new", func(w http.ResponseWriter, r *http.Request) {
+	log.Fatal(r.Run(HOST))
-		if err := r.ParseForm(); err != nil {
-			http.Error(w, err.Error(), 400)
-			return
-		}
-		tx, err := newTx(r.Form)
-		if err != nil {
-			http.Error(w, err.Error(), 400)
-			log.Println(err, r.Form)
-			return
-		}
-		if err := htmlTpl.ExecuteTemplate(w, "new.html", struct {
-			Tx string
-		}{tx}); err != nil {
-			http.Error(w, err.Error(), 500)
-		}
-	})
-
-	http.HandleFunc("/submit", func(w http.ResponseWriter, r *http.Request) {
-		if err := r.ParseForm(); err != nil {
-			http.Error(w, err.Error(), 400)
-			return
-		}
-
-		tx := r.FormValue("tx")
-		if err := appendToFile(tx); err != nil {
-			http.Error(w, err.Error(), 500)
-			return
-		}
-
-		if err := htmlTpl.ExecuteTemplate(w, "success.html", struct {
-			Tx string
-		}{tx}); err != nil {
-			http.Error(w, err.Error(), 500)
-		}
-	})
-
-	http.HandleFunc("/exec", func(w http.ResponseWriter, r *http.Request) {
-		name := r.FormValue("name")
-		if err := executeScript(w, name); err != nil {
-			http.Error(w, err.Error(), 500)
-			log.Println(err)
-			return
-		}
-	})
-
-	log.Printf("Listen on %s", HOST)
-	log.Fatal(http.ListenAndServe(HOST, nil))
-}
-
-func newTx(params url.Values) (result string, err error) {
-	action := params.Get("action")
-	data := TxData{
-		Date:    time.Now().Format("2006/01/02"),
-		Amount:  params.Get("amount"),
-		Account: params.Get("account"),
-		Name:    params.Get("name"),
-	}
-	var buf bytes.Buffer
-	err = ledgerTpl.ExecuteTemplate(&buf, action, data)
-	return buf.String(), nil
-}
-
-func appendToFile(tx string) (err error) {
-	f, err := os.OpenFile(LEDGER_FILE, os.O_WRONLY|os.O_CREATE|os.O_APPEND, 0644)
-	if err != nil {
-		return err
-	}
-	defer f.Close()
-
-	buf := strings.NewReader(strings.ReplaceAll(tx, "\r", "")) // Remove CR generated from browser
-	_, err = io.Copy(f, buf)
-	return err
-}
-
-func executeScript(w io.Writer, name string) (err error) {
-	script, ok := SCRIPTS[name]
-	if !ok {
-		return fmt.Errorf("%s script not found", name)
-	}
-	cmd := exec.Command("ledger", append([]string{"--init-file", LEDGER_INIT, "--file", LEDGER_FILE}, script...)...)
-	cmd.Dir = WORKING_DIR
-	cmd.Stdout = w
-	cmd.Stderr = w
-	return cmd.Run()
 }

route.go

@@ -0,0 +1,144 @@
+package main
+
+import (
+	"fmt"
+	"io/ioutil"
+	"log"
+	"text/template"
+
+	"github.com/gin-gonic/gin"
+)
+
+func router() *gin.Engine {
+	r := gin.Default()
+	r.HTMLRender = loadTemplates("templates")
+
+	r.GET("/", func(c *gin.Context) {
+		c.Redirect(303, "/dashboard")
+	})
+
+	r.GET("/signup", func(c *gin.Context) {
+		HTML(c, 200, "signup.html", nil)
+	})
+
+	r.GET("/signin", func(c *gin.Context) {
+		HTML(c, 200, "signin.html", nil)
+	})
+
+	r.POST("/signup", signup)
+
+	r.POST("/signin", signin)
+
+	authZone := r.Group("", authenticate)
+
+	authZone.GET("/dashboard", func(c *gin.Context) {
+		HTML(c, 200, "dashboard.html", struct {
+			Templates []*template.Template
+			Scripts   map[string]string
+		}{
+			ledgerTpl.Templates(),
+			SCRIPTS,
+		})
+	})
+
+	authZone.POST("/new", func(c *gin.Context) {
+		var data TxData
+		if err := c.ShouldBind(&data); err != nil {
+			c.AbortWithError(400, err)
+			return
+		}
+		tx, err := newTx(data)
+		if err != nil {
+			c.AbortWithError(400, err)
+			log.Println(err, c.Request.Form)
+			return
+		}
+		HTML(c, 200, "new.html", struct {
+			Tx string
+		}{tx})
+	})
+	authZone.POST("/submit", func(c *gin.Context) {
+		user := getUser(c)
+		tx := c.PostForm("tx")
+		if err := user.appendToFile(tx); err != nil {
+			c.AbortWithError(500, err)
+			return
+		}
+
+		HTML(c, 200, "success.html", struct {
+			Tx string
+		}{tx})
+	})
+
+	authZone.GET("/edit", func(c *gin.Context) {
+		c.Redirect(303, fmt.Sprintf("/edit/%s", DEFAULT_JOURNAL))
+	})
+
+	authZone.GET("/edit/:filename", func(c *gin.Context) {
+		user := getUser(c)
+		filename := c.Param("filename")
+		list, err := user.List()
+		if err != nil {
+			panic(err)
+		}
+		exists := contain(list, filename)
+		var data []byte
+		if exists {
+			f, err := user.ReadFile(filename)
+			if err != nil {
+				panic(err)
+			}
+			defer f.Close()
+			data, err = ioutil.ReadAll(f)
+			if err != nil {
+				panic(err)
+			}
+		}
+
+		HTML(c, 200, "edit.html", gin.H{
+			"Data":     string(data),
+			"FileName": filename,
+			"FileList": list,
+			"Exists":   exists,
+		})
+	})
+
+	authZone.POST("/edit/:filename", func(c *gin.Context) {
+		user := getUser(c)
+		filename := c.Param("filename")
+		data := c.PostForm("data")
+		err := user.overwriteFile(filename, data)
+		if err != nil {
+			panic(err)
+		}
+		HTML(c, 200, "success.html", struct {
+			Tx string
+		}{data})
+	})
+
+	authZone.GET("/download", func(c *gin.Context) {
+		user := getUser(c)
+		c.FileAttachment(user.FilePath(DEFAULT_JOURNAL), DEFAULT_JOURNAL)
+	})
+
+	authZone.GET("/query", func(c *gin.Context) {
+		response := struct {
+			Query   string
+			Result  string
+			Scripts map[string]string
+		}{Scripts: SCRIPTS}
+		user := getUser(c)
+		var ok bool
+		var err error
+		response.Query, ok = c.GetQuery("query")
+		if ok && response.Query != "" {
+			response.Result, err = user.query(response.Query)
+			if err != nil {
+				panic(err)
+			}
+		}
+		HTML(c, 200, "query.html", response)
+	})
+
+	return r
+}

session.go

@@ -0,0 +1,56 @@
+package main
+
+import (
+	"net/http"
+
+	"github.com/gin-gonic/gin"
+)
+
+func authenticate(c *gin.Context) {
+	cookie, err := c.Cookie("session")
+	if err == http.ErrNoCookie {
+		c.Redirect(303, "/signin")
+		return
+	}
+	session, err := store.Verify(cookie)
+	if err != nil {
+		c.Redirect(303, "/signin")
+		return
+	}
+	c.Set("user", User{
+		Email: session.User,
+	})
+	c.Next()
+}
+
+func getUser(c *gin.Context) User {
+	return c.MustGet("user").(User)
+}
+
+func signup(c *gin.Context) {
+	var user User
+	if err := c.ShouldBind(&user); err != nil {
+		HTML(c, 400, "signup.html", err)
+		return
+	}
+	if err := store.Register(user.Email, user.Password); err != nil {
+		HTML(c, 400, "signup.html", err)
+		return
+	}
+	signin(c)
+}
+
+func signin(c *gin.Context) {
+	var user User
+	if err := c.ShouldBind(&user); err != nil {
+		HTML(c, 400, "signin.html", err)
+		return
+	}
+	token, err := store.Login(user.Email, user.Password)
+	if err != nil {
+		HTML(c, 401, "signin.html", err)
+		return
+	}
+	c.SetCookie("session", token, 60*60*24*7, "", "", false, false)
+	c.Redirect(303, "/dashboard")
+}

template.go

@@ -0,0 +1,46 @@
+package main
+
+import (
+	"path"
+	"path/filepath"
+
+	"github.com/gin-contrib/multitemplate"
+	"github.com/gin-gonic/gin"
+)
+
+func loadTemplates(templatesDir string) multitemplate.Renderer {
+	r := multitemplate.NewRenderer()
+
+	layouts, err := filepath.Glob(path.Join(templatesDir, "layouts", "*.html"))
+	if err != nil {
+		panic(err)
+	}
+
+	includes, err := filepath.Glob(path.Join(templatesDir, "*.html"))
+	if err != nil {
+		panic(err)
+	}
+
+	for _, include := range includes {
+		r.AddFromFiles(filepath.Base(include), append(layouts, include)...)
+	}
+	return r
+}
+
+type Data interface{}
+
+type Page struct {
+	Data
+	User User
+}
+
+func HTML(c *gin.Context, status int, name string, data interface{}) {
+	output := Page{
+		Data: data,
+	}
+	_, ok := c.Get("user")
+	if ok {
+		output.User = c.MustGet("user").(User)
+	}
+	c.HTML(status, name, output)
+}

templates/dashboard.html

@@ -0,0 +1,16 @@
+{{ define "main" }}
+<h1>Ledger 速記</h1>
+<form action="/new" method="POST">
+    <label>選擇模板：
+        {{ range .Templates }}
+        <input type="radio" name="action" value="{{ .Name }}">{{ .Name }}</option>
+        {{ end }}
+    </label><br>
+    <label>金額：<input name="amount" type="number"></label><br>
+    <label>目的帳戶：<input name="dest" type="text"></label></br>
+    <label>來源帳戶：<input name="src" type="text"></label></br>
+    <label>名稱：<input name="name" type="text"></label></br>
+    <input type="submit" value="新增記錄">
+</form>
+{{ template "scripts" .Scripts }}
+{{ end }}

templates/edit.html

@@ -0,0 +1,18 @@
+{{ define "title" }}編輯{{ end }}
+{{ define "main" }}
+<h1>編輯帳本</h1>
+<aside>
+    <ul>
+        {{ range .FileList }}
+        <li><a href="/edit/{{ . }}">{{ . }}</a></li>
+        {{ end }}
+    </ul>
+</aside>
+
+<p>{{ .FileName }}{{ if not .Exists }} - New file{{ end }}</p>
+
+<form action="/edit/{{ .FileName }}" method="POST">
+    <textarea name="data" rows="15" cols="40">{{ .Data }}</textarea><br>
+    <input type="submit" value="儲存">
+</form>
+{{ end }}

templates/error.html

@@ -0,0 +1,4 @@
+{{ define "title" }}Error{{ end }}
+{{ define "main" }}
+<p class="error">{{ .Error }}</p>
+{{ end }}

templates/index.html

@@ -1,27 +1,3 @@
-<!DOCTYPE html>
+{{ define "main" }}
-<html>
+<h1>Ledger 速記</h1>
-    <head>
+{{ end }}
-        <title>Ledger Quick Note</title>
-        <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    </head>
-    <body>
-        <h1>Ledger Quick Note</h1>
-        <form action="/new" method="POST">
-            <label>Action: 
-                {{ range .Templates }}
-                <input type="radio" name="action" value="{{ .Name }}">{{ .Name }}</option>
-                {{ end }}
-                </label><br>
-            <label>Amount: <input name="amount" type="number"></label><br>
-            <label>Account: <input name="account" type="text"></label></br>
-            <label>Tx Name: <input name="name" type="text"></label></br>
-            <input type="submit">
-        </form>
-        <h2>Scripts</h2>
-        <ul>
-            {{ range $k, $v := .Scripts }}
-            <li><a href="/exec?name={{ $k }}">{{ $k }}</a></li>
-            {{ end }}
-        </ul>
-    </body>
-</html>

templates/layouts/base.html

@@ -0,0 +1,22 @@
+<!DOCTYPE html>
+<html>
+    <head>
+        <title>{{ block "title" . }}Ledger 速記{{ end }}</title>
+        <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    </head>
+    <body>
+        <nav>
+            <ul>
+            {{ with .User }}
+                {{ .Email }}
+                <li><a href="/dashboard">儀表板</a></li>
+                <li><a href="/edit">編輯</a></li>
+                <li><a href="/download">下載</a></li>
+                <li><a href="/query">查詢</a></li>
+            {{ end }}
+        </nav>
+        {{ block "main" .Data }}
+
+        {{ end }}
+    </body>
+</html>

templates/layouts/scripts.html

@@ -0,0 +1,8 @@
+{{ define "scripts" }}
+<h3>快速查詢</h3>
+<ul>
+    {{ range $k, $v := . }}
+    <li><a href="/query?query={{ urlquery $v }}">{{ $k }}</a></li>
+    {{ end }}
+</ul>
+{{ end }}

templates/new.html

@@ -1,14 +1,8 @@
-<!DOCTYPE html>
+{{ define "title" }}Confirm{{ end }}
-<html>
+{{ define "main" }}
-    <head>
+<h1>Confirm new Tx</h1>
-        <title>Ledger Quick Note</title>
+<form action="/submit" method="POST">
-        <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    </head>
-    <body>
-        <h1>Confirm new Tx</h1>
-        <form action="/submit" method="POST">
     <textarea name="tx" rows="15" cols="40">{{ .Tx }}</textarea><br>
     <input type="submit">
-        </form>
+</form>
-    </body>
+{{ end }}
-</html>

templates/query.html

@@ -0,0 +1,12 @@
+{{ define "title" }}查詢{{ end }}
+{{ define "main" }}
+<h1>查詢</h1>
+{{ with .Result }}
+<pre><code>{{ . }}</code></pre>
+{{ end }}
+<form action="/query" method="GET">
+    <input type="text" name="query" value="{{ .Query }}" autofocus>
+    <input type="submit" value="查詢">
+</form>
+{{ template "scripts" .Scripts }}
+{{ end }}

templates/signin.html

@@ -0,0 +1,11 @@
+{{ define "title" }}登入{{ end }}
+{{ define "main" }}
+<h1>登入</h1>
+<form action="/signin" method="POST">
+    <label>Email: <input type="text" name="email"></label><br>
+    <label>Password: <input type="password" name="password"></label><br>
+    {{ with .Error }}<p class="error">{{ . }}</p>{{ end }}
+    <input type="submit" value="登入">
+</form>
+<a href="signup">沒有帳號嗎？註冊</a>
+{{ end }}

templates/signup.html

@@ -0,0 +1,11 @@
+{{ define "title" }}註冊{{ end }}
+{{ define "main" }}
+<h1>註冊</h1>
+<form action="/signup" method="POST">
+    <label>Email: <input type="text" name="email"></label><br>
+    <label>Password: <input type="password" name="password"></label><br>
+    {{ with .Error }}<p class="error">{{ . }}</p>{{ end }}
+    <input type="submit" value="註冊">
+</form>
+<a href="signin">已有帳號嗎？登入</a>
+{{ end }}

templates/success.html

@@ -1,13 +1,6 @@
-<!DOCTYPE html>
+{{ define "title" }}Success{{ end }}
-<html>
+{{ define "main" }}
-    <head>
+<p><strong>Success</strong></p>
-        <title>Ledger Quick Note</title>
+<pre><code>{{ .Tx }}</code></pre>
-        <meta name="viewport" content="width=device-width, initial-scale=1.0">
+<p><a href="/dashboard">Back to home</a></p>
-    </head>
+{{ end }}
-    <body>
-        <h1>Ledger Quick Note</h1>
-        <p><strong>Success</strong></p>
-        <pre><code>{{ .Tx }}</code></pre>
-        <p><a href="/">Back to home</a></p>
-    </body>
-</html>

tx.go

@@ -0,0 +1,61 @@
+package main
+
+import (
+	"bytes"
+	"io"
+	"os/exec"
+	"strings"
+	"time"
+)
+
+type TxData struct {
+	Action      string `form:"action" binding:"required"`
+	Name        string `form:"name"`
+	Date        string
+	Amount      string `form:"amount" binding:"required"`
+	Destination string `form:"dest"`
+	Source      string `form:"src"`
+}
+
+func newTx(data TxData) (result string, err error) {
+	data.Date = time.Now().Format("2006/01/02")
+	var buf bytes.Buffer
+	err = ledgerTpl.ExecuteTemplate(&buf, data.Action, data)
+	return buf.String(), nil
+}
+
+func (u *User) appendToFile(tx string) (err error) {
+	f, err := u.AppendFile(DEFAULT_JOURNAL)
+	if err != nil {
+		return err
+	}
+	defer f.Close()
+
+	buf := strings.NewReader(strings.ReplaceAll(tx, "\r", "")) // Remove CR generated from browser
+	_, err = io.Copy(f, buf)
+	return err
+}
+
+func (u *User) overwriteFile(filename string, tx string) (err error) {
+	f, err := u.WriteFile(filename)
+	if err != nil {
+		return err
+	}
+	defer f.Close()
+
+	buf := strings.NewReader(strings.ReplaceAll(tx, "\r", "")) // Remove CR generated from browser
+	_, err = io.Copy(f, buf)
+	return err
+}
+
+func (u *User) query(query string) (result string, err error) {
+	var buf bytes.Buffer
+
+	cmd := exec.Command("ledger", "--file", DEFAULT_JOURNAL)
+	cmd.Dir = u.Dir()
+	cmd.Stdin = strings.NewReader(query)
+	cmd.Stdout = &buf
+	cmd.Stderr = &buf
+	err = cmd.Run()
+	return buf.String(), err
+}

tx/expense.txt

@@ -1,4 +1,4 @@
-{{ .Date }} {{ with .Name }}{{ . }}{{ else }}{{ .Account }}{{ end }}
+{{ .Date }} {{ with .Name }}{{ . }}{{ else }}{{ .Destination }}{{ end }}
-    {{ .Account }}      ${{ .Amount }}
+    {{ .Destination }}      ${{ .Amount }}
-    cash
+    {{ with .Source }}{{ . }}{{ else }}cash{{ end }}
 

user.go

@@ -0,0 +1,52 @@
+package main
+
+import (
+	"os"
+	"path"
+)
+
+type User struct {
+	IsLogin  bool
+	Email    string `form:"email" binding:"required"`
+	Password string `form:"password" binding:"required"`
+}
+
+func (u *User) Dir() string {
+	dir := path.Join(DATA_DIR, u.Email)
+	if err := os.MkdirAll(dir, 0755); err != nil {
+		panic(err)
+	}
+	return dir
+}
+
+func (u *User) FilePath(name string) string {
+	return path.Join(u.Dir(), name)
+}
+
+func (u *User) File(name string, mode int) (*os.File, error) {
+	return os.OpenFile(u.FilePath(name), mode, 0644)
+}
+
+func (u *User) AppendFile(name string) (*os.File, error) {
+	return u.File(name, os.O_WRONLY|os.O_CREATE|os.O_APPEND)
+}
+
+func (u *User) ReadFile(name string) (*os.File, error) {
+	return u.File(name, os.O_RDONLY|os.O_CREATE)
+}
+
+func (u *User) WriteFile(name string) (*os.File, error) {
+	return u.File(name, os.O_WRONLY|os.O_CREATE|os.O_TRUNC)
+}
+
+func (u *User) List() ([]string, error) {
+	files, err := os.ReadDir(u.Dir())
+	if err != nil {
+		panic(err)
+	}
+	result := make([]string, len(files))
+	for i, v := range files {
+		result[i] = v.Name()
+	}
+	return result, nil
+}

utils.go

@@ -0,0 +1,10 @@
+package main
+
+func contain[T comparable](arr []T, elem T) bool {
+	for _, v := range arr {
+		if v == elem {
+			return true
+		}
+	}
+	return false
+}