Serverside stuff. Mostly shuffling things around

server/middlewares.go

@@ -4,11 +4,13 @@ import (
 	"context"
 	"net/http"
 	"slices"
+	"strings"
 	"time"
 
 	"github.com/rs/zerolog/hlog"
 	"github.com/rs/zerolog/log"
 	"gitlab.com/mstarongitlab/goutils/other"
+	"gitlab.com/mstarongitlab/linstrom/config"
 )
 
 type HandlerBuilder func(http.Handler) http.Handler
@@ -38,6 +40,9 @@ func LoggingMiddleware(handler http.Handler) http.Handler {
 	return ChainMiddlewares(handler,
 		hlog.NewHandler(log.Logger),
 		hlog.AccessHandler(func(r *http.Request, status, size int, duration time.Duration) {
+			if strings.HasPrefix(r.URL.Path, "/assets") {
+				return
+			}
 			hlog.FromRequest(r).Info().
 				Str("method", r.Method).
 				Stringer("url", r.URL).
@@ -85,3 +90,13 @@ func passkeyIdToAccountIdTransformerMiddleware(handler http.Handler) http.Handle
 		handler.ServeHTTP(w, r)
 	})
 }
+
+func profilingAuthenticationMiddleware(handler http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		if r.FormValue("password") != config.GlobalConfig.Admin.ProfilingPassword {
+			other.HttpErr(w, HttpErrIdNotAuthenticated, "Bad password", http.StatusUnauthorized)
+			return
+		}
+		handler.ServeHTTP(w, r)
+	})
+}