From 83127589cb53e347a435c8470ff113eab1ea523b Mon Sep 17 00:00:00 2001
From: ChrisChrome <chris@chrischro.me>
Date: Sat, 20 Dec 2025 13:56:03 -0700
Subject: [PATCH] Gwug 2

---
 index.js        | 36 ++++++++++++++++++++++--------------
 views/index.ejs |  2 +-
 2 files changed, 23 insertions(+), 15 deletions(-)

diff --git a/index.js b/index.js
index 78bafac..704fece 100644
--- a/index.js
+++ b/index.js
@@ -39,25 +39,33 @@ app.set('views', './views');
 app.use(express.static('static'));
 
 function auth(req, res, next) {
-	// Temporary auth function. See if the user provided correct basic auth (process.env.USER and PASS)
-	const authHeader = req.headers['authorization'];
-	if (!authHeader) {
-		res.setHeader('WWW-Authenticate', 'Basic realm="Restricted Area"');
-		return res.status(401).send('Authentication required.');
-	}
-	const base64Credentials = authHeader.split(' ')[1];
-	const credentials = Buffer.from(base64Credentials, 'base64').toString('ascii');
-	const [username, password] = credentials.split(':');
-	if (username === process.env.USER && password === process.env.PASS) {
-		next();
-	} else {
-		return res.status(403).send('Forbidden');
+	if (!req.session || !req.session.authenticated) {
+		return res.redirect('/login');
 	}
+	next();
 }
 
 app.get('/', auth, (req, res) => {
-	res.render('index', { user: process.env.USER });
+	res.render('index', { session: req.session });
 });
+
+app.get('/login', (req, res) => {
+	if (req.session && req.session.authenticated) {
+		return res.redirect('/');
+	}
+	res.render('login');
+});
+
+app.post('/login', (req, res) => {
+	const { username, password } = req.body;
+	if (username === process.env.USER && password === process.env.PASS) {
+		req.session.authenticated = true;
+		req.session.username = username;
+		return res.redirect('/');
+	}
+	res.redirect('/login');
+});
+
 app.listen(PORT, HOST, () => {
 	console.log(`Server running on http://${HOST}:${PORT}`);
 });
\ No newline at end of file
diff --git a/views/index.ejs b/views/index.ejs
index c5bb809..b24cf8c 100644
--- a/views/index.ejs
+++ b/views/index.ejs
@@ -7,7 +7,7 @@
 	<title>Funny goofy test page!!!!!1!</title>
 </head>
 <body>
-	<h1>Welcome to the Funny Goofy Test Page <%= user %>!</h1>
+	<h1>Welcome to the Funny Goofy Test Page <%= session.username %>!</h1>
 	<p>This is a simple web page to demonstrate EJS templating with Bootstrap styling.</p>
 
 	<script src="/assets/js/bootstrap.min.js"></script>