func Welcome(w http.ResponseWriter, req *http.Request) {
cookie, err := req.Cookie("username")
if err != nil {
io.WriteString(w, "no cookie, get lost")
return
}
dehexedUsername, err := hex.DecodeString(cookie.Value)
if err != nil {
io.WriteString(w, "mangled cookie, it should be hex, get lost")
}
decryptedUsername := dimebag.Encrypt(string(dehexedUsername))
flag := "only for the admin"
if decryptedUsername == "admin" {
flagtmp, err := ioutil.ReadFile("/home/badmedicine/flag")
if err != nil {
panic(err)
}
flag = string(flagtmp)
}
views.WriteSuccess(w, decryptedUsername, flag)
}
func Login(w http.ResponseWriter, req *http.Request) {
username := req.FormValue("username")
password := req.FormValue("password")
foundUsername, sql := phial.Login(username, password)
w.Header().Set("X-SQL", sql)
switch u := foundUsername.(type) {
case string:
w.WriteHeader(200)
views.WriteSuccess(w, u)
return
case nil:
w.WriteHeader(403)
views.WriteIndex(w)
return
}
}