From 2101b706d3c1d66cdeec9d00d0d3063afd9794fd Mon Sep 17 00:00:00 2001
From: Zealotree <zealotree@gmail.com>
Date: Fri, 23 Jun 2017 09:40:35 -0400
Subject: [PATCH] Added HTTPS session support

---
 README.md   | 10 ++++++++++
 handlers.go |  8 ++++++--
 main.go     | 25 +++++++++++++++++++++++--
 3 files changed, 39 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index 049930c..999c318 100644
--- a/README.md
+++ b/README.md
@@ -35,6 +35,16 @@ cowyo
 
 and it will start a server listening  on `0.0.0.0:8050`. To view it, just go to http://localhost:8050 (the server prints out the local IP for your info if you want to do LAN networking). You can change the port with `-port X`, and you can listen *only* on localhost using `-host localhost`.
 
+### Running with TLS
+
+Specify a matching pair of SSL Certificate and Key to run cowyo using https. Cowyo will now run in a secure session. 
+
+*N.B. Let's Encrypt is a CA that signs free and signed certificates.*
+
+```
+cowyo --cert "/path/to/server.crt" --key "/p/t/server.key"
+```
+
 ## Usage
 
 *cowyo* is straightforward to use. Here are some of the basic features:
diff --git a/handlers.go b/handlers.go
index 89a4473..2d599a3 100755
--- a/handlers.go
+++ b/handlers.go
@@ -12,7 +12,7 @@ import (
 	"github.com/gin-gonic/gin"
 )
 
-func serve(host, port string) {
+func serve(host, port, crt_path, key_path string, TLS bool) {
 	gin.SetMode(gin.ReleaseMode)
 	router := gin.Default()
 	router.HTMLRender = loadTemplates("index.tmpl")
@@ -32,7 +32,11 @@ func serve(host, port string) {
 	router.DELETE("/oldlist", handleClearOldListItems)
 	router.DELETE("/listitem", deleteListItem)
 
-	router.Run(host + ":" + port)
+	if TLS {
+		http.ListenAndServeTLS(host+":"+port, crt_path, key_path, router)
+	} else {
+		router.Run(host + ":" + port)
+	}
 }
 
 func loadTemplates(list ...string) multitemplate.Render {
diff --git a/main.go b/main.go
index 214bb9a..5a0d0fc 100755
--- a/main.go
+++ b/main.go
@@ -24,11 +24,22 @@ func main() {
 		pathToData = c.GlobalString("data")
 		os.MkdirAll(pathToData, 0755)
 		host := c.GlobalString("host")
+		crt_f := c.GlobalString("cert") // crt flag
+		key_f := c.GlobalString("key")  // key flag
 		if host == "" {
 			host = GetLocalIP()
 		}
-		fmt.Printf("\nRunning cowyo server (version %s) at http://%s:%s\n\n", version, host, c.GlobalString("port"))
-		serve(c.GlobalString("host"), c.GlobalString("port"))
+		TLS := false
+		if crt_f != "" && key_f != "" {
+			TLS = true
+		}
+		if TLS {
+			fmt.Printf("\nRunning cowyo server (version %s) at https://%s:%s\n\n", version, host, c.GlobalString("port"))
+		} else {
+			fmt.Printf("\nRunning cowyo server (version %s) at http://%s:%s\n\n", version, host, c.GlobalString("port"))
+		}
+		fmt.Println(TLS)
+		serve(c.GlobalString("host"), c.GlobalString("port"), c.GlobalString("cert"), c.GlobalString("key"), TLS)
 		return nil
 	}
 	app.Flags = []cli.Flag{
@@ -52,6 +63,16 @@ func main() {
 			Value: "8050",
 			Usage: "port to use",
 		},
+		cli.StringFlag{
+			Name:  "cert",
+			Value: "",
+			Usage: "Absolute Path to SSL Public Cert",
+		},
+		cli.StringFlag{
+			Name:  "key",
+			Value: "",
+			Usage: "Aboslute Path to corresponding private key",
+		},
 		cli.BoolFlag{
 			Name:  "debug, d",
 			Usage: "turn on debugging",