Fault if not able to authenticate user

author: ivar <i@oiee.no> 2026-03-31 18:31:06 +0200
committer: ivar <i@oiee.no> 2026-03-31 18:31:06 +0200
commit: 1f799efb15a80f5aedee975fe8b4af5415b1fd78 (patch)
tree: 3f9bf7498ee30a80c383e480f81d2758ca09f8fc /internal/admin
parent: 6eb034f132bcc521b0d088c538bbdc2ce9fc1190 (diff)
download: nebbet.no-1f799efb15a80f5aedee975fe8b4af5415b1fd78.tar.xz
nebbet.no-1f799efb15a80f5aedee975fe8b4af5415b1fd78.zip
1 files changed, 6 insertions, 6 deletions
diff --git a/internal/admin/server.go b/internal/admin/server.go
index 858d498..bad7e66 100644
--- a/internal/admin/server.go
+++ b/internal/admin/server.go
@@ -73,10 +73,10 @@ func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 // Returns true if the request is authorised (or if auth is disabled).
 func (s *Server) checkAuth(w http.ResponseWriter, r *http.Request) bool {
 	if s.AuthFile == "" {
-		return true
+		return false
 	}
 	if _, err := os.Stat(s.AuthFile); os.IsNotExist(err) {
-		return true // no passwords file → no auth required
+		return false
 	}
 	a := auth.New(s.AuthFile)
 	username, password, ok := r.BasicAuth()
@@ -107,10 +107,10 @@ func (s *Server) handleNew(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	s.render(w, "form", map[string]any{
-		"Title":   "New Post",
-		"Action":  "/admin/new",
-		"Post":    post{Date: time.Now().Format("2006-01-02")},
-		"IsNew":   true,
+		"Title":  "New Post",
+		"Action": "/admin/new",
+		"Post":   post{Date: time.Now().Format("2006-01-02")},
+		"IsNew":  true,
 	})
 }
author	ivar <i@oiee.no>	2026-03-31 18:31:06 +0200
committer	ivar <i@oiee.no>	2026-03-31 18:31:06 +0200
commit	1f799efb15a80f5aedee975fe8b4af5415b1fd78 (patch)
tree	3f9bf7498ee30a80c383e480f81d2758ca09f8fc /internal/admin
parent	6eb034f132bcc521b0d088c538bbdc2ce9fc1190 (diff)
download	nebbet.no-1f799efb15a80f5aedee975fe8b4af5415b1fd78.tar.xz nebbet.no-1f799efb15a80f5aedee975fe8b4af5415b1fd78.zip