@@ -1,3 +1,4 @@ 
 felt
+user.db
 mongodb/data/*
 mongodb/.env

@@ -1,6 +1,7 @@ 
 package admin
 
 import (
+  "html/template"
 	"net/http"
 	"nilfm.cc/git/felt/admin/util"
 	"nilfm.cc/git/felt/models"
@@ -145,7 +146,7 @@ }
 
 func CreateAdminInterface(udb auth.UserStore, dbAdapter mongodb.DbAdapter) http.Handler {
 	// create quartzgun router
-	rtr := &router.Router{}
+	rtr := &router.Router{ Fallback: *template.Must(template.ParseFiles("static/error.html")) }
 
 	scopes := map[string]string{}
 

@@ -13,6 +13,7 @@ "nilfm.cc/git/felt/models"
 	"nilfm.cc/git/felt/mongodb"
 	"nilfm.cc/git/quartzgun/auth"
 	"nilfm.cc/git/quartzgun/cookie"
+	"nilfm.cc/git/quartzgun/renderer"
 	"sync"
 	"time"
 )
@@ -40,8 +41,8 @@ subscribers:            make(map[*Subscriber]models.TableKey),
 		publishLimiter:         rate.NewLimiter(rate.Every(time.Millisecond*100), 8),
 		dbAdapter:              adapter,
 	}
-	srvr.serveMux.Handle("/table/", http.FileServer(http.Dir("./static")))
-	srvr.serveMux.Handle("/admin/", admin.CreateAdminInterface(udb, adapter))
+	srvr.serveMux.Handle("/table/", http.StripPrefix("/table/", renderer.Subtree("./static")))
+	srvr.serveMux.Handle("/admin/", http.StripPrefix("/admin", admin.CreateAdminInterface(udb, adapter)))
 	srvr.serveMux.HandleFunc("/subscribe", srvr.subscribeHandler)
 	srvr.serveMux.HandleFunc("/publish", srvr.publishHandler)
 

@@ -34,6 +34,8 @@ }
 
 	udb := indentalUserDB.CreateIndentalUserDB(
 		"./user.db")
+		
+	udb.AddUser("nilix", "questing")
 
 	gt := gametable.New(dbEngine, udb)
 	s := &http.Server{

@@ -0,0 +1,36 @@ 
+let adminToken = null;
+
+async function doLogin() {
+  const adminUsrInput = document.getElementById("input_admin_usr");
+  const adminPassInput = document.getElementById("input_admin_pass");
+  const errDiv = document.getElementById("loginErr");
+  
+  if (adminUsrInput && adminPassInput) {
+    adminToken = await getAdminToken(adminUsrInput.value, adminPassInput.value);
+    if (adminToken) {
+      // render admin interface
+    } else {
+    if (errDiv) {
+      errDiv.innerHTML = "Incorrect credentials";
+    }
+    }
+  }
+}
+
+async function getAdminToken(user, pass) {
+  const headers = new Headers();
+  headers.set('Authorization', 'Basic ' + btoa(user + ":" + pass));
+  try {
+    const res = await fetch('/admin/api/auth/', {
+      method: 'POST',
+      headers: headers
+    });
+    
+    if (res.ok) {
+      return await res.json();
+    }
+    return null;
+  } catch (err) {
+    return null;
+  }
+}

@@ -0,0 +1,8 @@ 
+{{ $params := (.Context).Value "params" }}
+
+<html>
+<body>
+<h1>ERR {{ $params.ErrorCode }}</h1>
+<p>{{ $params.ErrorMessage }}</p>
+</body>
+</html>

@@ -4,7 +4,9 @@ <head>
     <meta charset="UTF-8" />
     <title>Felt</title>
     <meta name="viewport" content="width=device-width" />
-    <link href="/style.css" rel="stylesheet" />
+    <link href="./style.css" rel="stylesheet" />
+    <script src="./admin.js" type="text/javascript"></script>
+    <script src="./index.js" type="text/javascript"></script>
   </head>
   <body>
   <nav>
@@ -12,7 +14,12 @@ <input id="name_entry">
     <button id="goto_table">Change Table</button>
     <button id="admin_login">Admin Login</button>
   </nav>
-  <div id="dynamic_modal"></div>
+  <div id="admin_modal">
+    <label>usr<input id="input_admin_usr"></label>
+    <label>pass<input type="password" id="input_admin_pass"></label>
+    <button id="admin_login" onclick="doLogin()">login</button>
+    <div id="loginErr"></div>
+  </div>
   <div id="dice_log"></div>
   <select name="num_dice">
     <option>1</option>