Serverside stuff. Mostly shuffling things around

server/server.go

@@ -7,7 +7,6 @@ import (
 	"github.com/mstarongithub/passkey"
 	"github.com/rs/zerolog/log"
 	"gitlab.com/mstarongitlab/goutils/other"
-	"gitlab.com/mstarongitlab/linstrom/config"
 	"gitlab.com/mstarongitlab/linstrom/storage"
 )
 
@@ -33,17 +32,13 @@ func buildRootHandler(pkey *passkey.Passkey, reactiveFS, staticFS fs.FS) http.Ha
 	mux.Handle("/", setupFrontendRouter(reactiveFS, staticFS))
 	mux.Handle("/pk/", http.StripPrefix("/pk", http.FileServer(http.Dir("pk-auth"))))
 	mux.HandleFunc("/alive", isAliveHandler)
+	mux.Handle("/api/", http.StripPrefix("/api", setupApiRouter()))
 
-	profilingHandler := setupProfilingHandler()
-	mux.Handle("/profiling/", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		// Only allow access to profiling if a password is provided and it matches the one in the config
-		if r.FormValue("password") != config.GlobalConfig.Admin.ProfilingPassword {
-			// Specifically reply with a plain 404
-			http.Error(w, "", 404)
-			return
-		}
-		profilingHandler.ServeHTTP(w, r)
-	}))
+	mux.Handle(
+		"/profiling/",
+		http.StripPrefix("/profiling", profilingAuthenticationMiddleware(setupProfilingHandler())),
+	)
+	// temporary until proper route structure exists
 	mux.Handle(
 		"/authonly/",
 		pkey.Auth(