chore: minor code improvement

feat: add ability to reset api key (resolve #29 )
feat: add ability to change passwords (resolve #30 )
2023-08-10 21:12:56 +03:00 · 2020-06-07 20:01:31 +02:00 · 2020-06-07 19:58:06 +02:00 · 2020-06-07 19:28:32 +02:00 · 2020-05-31 10:29:15 +02:00 · 2020-05-31 10:28:55 +02:00
51 changed files with 1788 additions and 635 deletions
--- a/.env.example
+++ b/.env.example
@ -1,9 +1,8 @@
-ENV=prod
-WAKAPI_DB_TYPE=mysql                    # mysql, postgres, sqlite3
-WAKAPI_DB_NAME=wakapi_db                # file path for sqlite, e.g. /tmp/wakapi.db
-WAKAPI_DB_USER=myuser
-WAKAPI_DB_PASSWORD=shhh
-WAKAPI_DB_HOST=localhost
-WAKAPI_DB_PORT=3306
-WAKAPI_DEFAULT_USER_NAME=admin
-WAKAPI_DEFAULT_USER_PASSWORD=admin      # CHANGE!
+ENV=dev
+WAKAPI_DB_TYPE=sqlite3                  # mysql, postgres, sqlite3
+WAKAPI_DB_NAME=wakapi_db.db             # database name for mysql / postgres or file path for sqlite (e.g. /tmp/wakapi.db)
+WAKAPI_DB_USER=myuser                   # ignored when using sqlite
+WAKAPI_DB_PASSWORD=shhh                 # ignored when using sqlite
+WAKAPI_DB_HOST=localhost                # ignored when using sqlite
+WAKAPI_DB_PORT=3306                     # ignored when using sqlite
+WAKAPI_PASSWORD_SALT=shhh               # CHANGE !
--- a/.github/FUNDING.yml
+++ b/.github/FUNDING.yml
@ -1,2 +1,3 @@
 github: muety
+liberapay: muety
 custom: ['https://paypal.me/ferdinandmuetsch', 'https://www.buymeacoffee.com/n1try']
--- a/.github/workflows/linux-build-on-release.yml
+++ b/.github/workflows/linux-build-on-release.yml
@ -0,0 +1,43 @@
+name: Build Wakapi on Linux
+
+on:
+  release:
+    types: 
+      - created
+
+jobs:
+  build-and-release:
+    name: Build and add to Release
+    runs-on: ubuntu-latest
+    steps:
+
+    - name: Set up Go 1.x
+      uses: actions/setup-go@v2
+      with:
+        go-version: ^1.13
+      id: go
+
+    - name: Check out code into the Go module directory
+      uses: actions/checkout@v2
+
+    - name: Get dependencies
+      run: |
+        go get -v -t -d ./...
+      
+    - name: Build
+      run: GO111MODULE=on go build -v .
+
+    - name: Zip Release
+      uses: TheDoctor0/zip-release@v0.3.0
+      with:
+        filename: release.zip
+
+    - name: Upload built executable to Release
+      uses: actions/upload-release-asset@v1.0.2
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      with:
+        upload_url: ${{ github.event.release.upload_url }}
+        asset_path: release.zip
+        asset_name: wakapi_linux_amd64.zip
+        asset_content_type: application/gzip
--- a/.github/workflows/win-build-on-release.yml
+++ b/.github/workflows/win-build-on-release.yml
@ -0,0 +1,44 @@
+name: Build Wakapi on Windows
+
+on:
+  release:
+    types: 
+      - created
+
+jobs:
+  build-and-release:
+    name: Build and add to release
+    runs-on: windows-latest
+    steps:
+
+    - name: Set up Go 1.x
+      uses: actions/setup-go@v2
+      with:
+        go-version: ^1.13
+      id: go
+
+    - name: Check out code into the Go module directory
+      uses: actions/checkout@v2
+
+    - name: Get dependencies
+      run: |
+        go get -v -t -d ./...
+
+    - name: Enable Go 1.11 modules
+      run: cmd /c "set GO111MODULE=on"
+      
+    - name: Build
+      run: go build -v .
+  
+    - name: Compress working folder
+      run: Compress-Archive -Path .\* -DestinationPath release.zip
+
+    - name: Upload built executable to Release
+      uses: actions/upload-release-asset@v1.0.2
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      with:
+        upload_url: ${{ github.event.release.upload_url }}
+        asset_path: release.zip
+        asset_name: wakapi_win_amd64.zip
+        asset_content_type: application/gzip
--- a/17
+++ b/17
@ -1,8 +1,10 @@
 # Build Stage
+
 FROM golang:1.13 AS build-env
 ADD . /src
 RUN cd /src && go build -o wakapi

+
 # Final Stage

 # When running the application using `docker run`, you can pass environment variables
@ -14,17 +16,30 @@ RUN cd /src && go build -o wakapi
 # – WAKAPI_DB_HOST
 # – WAKAPI_DB_PORT
 # – WAKAPI_DB_NAME
+# – WAKAPI_PASSWORD_SALT
 # – WAKAPI_DEFAULT_USER_NAME
 # – WAKAPI_DEFAULT_USER_PASSWORD

 FROM debian
 WORKDIR /app

+ENV ENV prod
+ENV WAKAPI_DB_TYPE sqlite3
+ENV WAKAPI_DB_USER ''
+ENV WAKAPI_DB_PASSWORD ''
+ENV WAKAPI_DB_HOST ''
+ENV WAKAPI_DB_NAME=/data/wakapi.db
+ENV WAKAPI_PASSWORD_SALT ''
+ENV WAKAPI_DEFAULT_USER_NAME admin
+ENV WAKAPI_DEFAULT_USER_PASSWORD admin
+
 COPY --from=build-env /src/wakapi /app/
 COPY --from=build-env /src/config.ini /app/
+COPY --from=build-env /src/version.txt /app/
 COPY --from=build-env /src/.env.example /app/.env

 RUN sed -i 's/listen = 127.0.0.1/listen = 0.0.0.0/g' /app/config.ini
+RUN sed -i 's/insecure_cookies = false/insecure_cookies = true/g' /app/config.ini

 ADD static /app/static
 ADD data /app/data
@ -32,4 +47,6 @@ ADD migrations /app/migrations
 ADD views /app/views
 ADD wait-for-it.sh .

+VOLUME /data
+
 ENTRYPOINT ./wait-for-it.sh
--- a/README.md
+++ b/README.md
@ -1,54 +1,79 @@
 # 📈 wakapi
+
+[![](http://img.shields.io/liberapay/receives/muety.svg?logo=liberapay&style=flat-square)](https://liberapay.com/muety/)
+[![Say thanks](https://img.shields.io/badge/SayThanks.io-%E2%98%BC-1EAEDB.svg?style=flat-square)](https://saythanks.io/to/n1try)
+![](https://img.shields.io/github/license/muety/wakapi?style=flat-square)
+[![Go Report Card](https://goreportcard.com/badge/github.com/muety/wakapi?style=flat-square)](https://goreportcard.com/report/github.com/muety/wakapi)
+
+[![Buy me a coffee](https://www.buymeacoffee.com/assets/img/custom_images/orange_img.png)](https://buymeacoff.ee/n1try)
+
+---
+
 **A minimalist, self-hosted WakaTime-compatible backend for coding statistics**

 ![Wakapi screenshot](https://anchr.io/i/bxQ69.png)

-[![Buy me a coffee](https://www.buymeacoffee.com/assets/img/custom_images/orange_img.png)](https://buymeacoff.ee/n1try)
+If you like this project, please consider supporting it 🙂. You can donate either through [buying me a coffee](https://buymeacoff.ee/n1try) or becoming a GitHub sponsor. Every little donation is highly appreciated and boosts the developers' motivation to keep improving Wakapi!
+
+## Demo 
+🔥 **New:** There is hosted [demo version](https://apps.muetsch.io/wakapi) available now. Go check it out! Please use responsibly.
+
+To use the demo version set `api_url = https://apps.muetsch.io/wakapi/api/heartbeat`. However, this hosted instance might be taken down again in the future, so you might potentially lose your data ❕

 ## Prerequisites
-### Server
+**On the server side:**
 * Go >= 1.13 (with `$GOPATH` properly set)
-* An SQL database (MySQL, Postgres, Sqlite)
+* gcc (to compile [go-sqlite3](https://github.com/mattn/go-sqlite3))
+    * Fedora / RHEL: `dnf install @development-tools`
+    * Ubuntu / Debian: `apt install build-essential`
+    * Windows: See [here](https://github.com/mattn/go-sqlite3/issues/214#issuecomment-253216476)
+* _Optional_: A MySQL- or Postgres database

-### Client
+**On your local machine:**
 * [WakaTime plugin](https://wakatime.com/plugins) for your editor / IDE

-## Usage
-* Create an empty database 
-* Enable Go module support: `export GO111MODULE=on`
-* Get code: `go get github.com/muety/wakapi`
-* Go to project root: `cd "$GOPATH/src/github.com/muety/wakapi"`
-* Copy `.env.example` to `.env` and set database credentials
-* Set target port in `config.ini`
-* Build executable: `go build`
-* Run server: `./wakapi`
-* Edit your local `~/.wakatime.cfg` file
-  * `api_url = https://your.server:someport/api/heartbeat`
-  * `api_key = the_api_key_printed_to_the_console_after_starting_the_server`
-* Open [http://localhost:3000](http://localhost:3000) in your browser
+## Server Setup
+### Run from source
+1. Clone the project
+1. Copy `.env.example` to `.env` and set database credentials
+1. Adapt `config.ini` to your needs
+1. Build executable: `GO111MODULE=on go build`
+1. Run server: `./wakapi`

-**As an alternative** to building from source or using `go get` you can also download one of the existing [pre-compiled binaries](https://github.com/muety/wakapi/releases).
+**As an alternative** to building from source you can also grab a pre-built [release](https://github.com/muety/wakapi/releases). Steps 2, 3 and 5 apply analogously.
+
+**Note:** By default, the application is running in dev mode. However, it is recommended to set `ENV=production` in `.env` for enhanced performance and security. To still be able to log in when using production mode, you either have to run Wakapi behind a reverse proxy, that enables for HTTPS encryption (see [best practices](i#best-practices)) or set `insecure_cookies = true` in `config.ini`. 

 ### Run with Docker
-* Edit `docker-compose.yml` file and change passwords for the DB
-* Start the application `docker-compose up -d`
-* To get the api key look in the logs `docker-compose logs | grep "API key"`
-* The application should now be running on `localhost:3000`
+```
+docker run -d -p 3000:3000 --name wakapi n1try/wakapi
+```

-### User Accounts
-* When starting wakapi for the first time, a default user _**admin**_ with password _**admin**_ is created. The corresponding API key is printed to the console.
-* Additional users, at the moment, can be added only via SQL statements on your database, like this:
-    * Connect to your database server: `mysql -u yourusername -p -H your.hostname` (alternatively use GUI tools like _MySQL Workbench_)
-    * Select your database: `USE yourdatabasename;`
-    * Add the new user: `INSERT INTO users (id, password, api_key) VALUES ('your_nickname', MD5('your_password'), '728f084c-85e0-41de-aa2a-b6cc871200c1');` (the latter value should be a random [UUIDv4](https://tools.ietf.org/html/rfc4122), as can be found in your `~/.wakatime.cfg`)
+By default, SQLite is used as a database. To run Wakapi in Docker with MySQL or Postgres, see [Dockerfile](https://github.com/muety/wakapi/blob/master/Dockerfile) and [.env.example](https://github.com/muety/wakapi/blob/master/.env.example) for further options.
+
+## Client Setup
+Wakapi relies on the open-source [WakaTime](https://github.com/wakatime/wakatime) client tools. In order to collect statistics to Wakapi, you need to set them up.
+
+1. **Set up WakaTime** for your specific IDE or editor. Please refer to the respective [plugin guide](https://wakatime.com/plugins)
+2. Make your local WakaTime client talk to Wakapi by **editing your local `~/.wakatime.cfg`** file as follows
+
+```
+api_url = https://your.server:someport/api/heartbeat`
+api_key = the_api_key_printed_to_the_console_after_starting_the_server`
+```
+
+You can view your API Key after logging in to the web interface.
+
+## Customization

 ### Aliases
 There is an option to add aliases for project names, editors, operating systems and languages. For instance, if you want to map two projects – `myapp-frontend` and `myapp-backend` – two a common project name – `myapp-web` – in your statistics, you can add project aliases.

-At the moment, this can only be done via raw database queries. See [_User Accounts_](#user-accounts) section above on how to do such.
-For the above example, you would need to add two aliases, like this:
+At the moment, this can only be done via raw database queries. For the above example, you would need to add two aliases, like this:

-* `INSERT INTO aliases (type, user_id, key, value) VALUES (0, 'your_username', 'myapp-web', 'myapp-frontend')` (analogously for `myapp-backend`)
+```sql
+INSERT INTO aliases (`type`, `user_id`, `key`, `value`) VALUES (0, 'your_username', 'myapp-web', 'myapp-frontend');
+```

 #### Types
 * Project ~  type **0**
--- a/config.ini
+++ b/config.ini
@ -1,9 +1,11 @@
 [server]
 listen = 127.0.0.1
 port = 3000
+base_path = /
+insecure_cookies = false

 [app]
-cleanup = true
+cleanup = false

 [database]
 max_connections = 2
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -1,27 +0,0 @@
-version: "3.1"
-
-services:
-  wakapi:
-    image: wakapi:latest
-    build:
-      dockerfile: Dockerfile
-      context: .
-    container_name: wakapi
-    environment:
-      - WAKAPI_DB_TYPE=sqlite3
-      - WAKAPI_DB_USER=
-      - WAKAPI_DB_PASSWORD=
-      - WAKAPI_DB_HOST=
-      - WAKAPI_DB_NAME=/data/wakapi.db
-      - WAKAPI_DEFAULT_USER_NAME=admin
-      - WAKAPI_DEFAULT_USER_PASSWORD=admin
-    ports:
-      - "3000:3000"
-    volumes:
-      - wakapi_data:/data
-
-volumes:
-  wakapi_data:
-
-              
-      
--- a/go.mod
+++ b/go.mod
@ -3,17 +3,18 @@ module github.com/muety/wakapi
 go 1.13

 require (
-	github.com/codegangsta/negroni v1.0.0
-	github.com/gobuffalo/packr/v2 v2.8.0
+	github.com/gorilla/handlers v1.4.2
 	github.com/gorilla/mux v1.7.3
+	github.com/gorilla/schema v1.1.0
+	github.com/gorilla/securecookie v1.1.1
 	github.com/jasonlvhit/gocron v0.0.0-20191106203602-f82992d443f4
 	github.com/jinzhu/gorm v1.9.11
 	github.com/joho/godotenv v1.3.0
 	github.com/kr/pretty v0.2.0 // indirect
 	github.com/patrickmn/go-cache v2.1.0+incompatible
-	github.com/rs/cors v1.7.0
 	github.com/rubenv/sql-migrate v0.0.0-20200402132117-435005d389bc
 	github.com/satori/go.uuid v1.2.0
 	github.com/t-tiger/gorm-bulk-insert v0.0.0-20191014134946-beb77b81825f
+	golang.org/x/crypto v0.0.0-20191122220453-ac88ee75c92c
 	gopkg.in/ini.v1 v1.50.0
 )
--- a/go.sum
+++ b/go.sum
@ -3,7 +3,6 @@ cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMT
 cloud.google.com/go v0.37.4/go.mod h1:NHPJ89PdicEuT9hdPXMROBD91xc5uRDxsMtSB16k7hw=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible/go.mod h1:r7JcOSlj0wfOMncg0iLm8Leh48TZaKVeNIfJntJ2wa0=
-github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU=
 github.com/Shopify/sarama v1.19.0/go.mod h1:FVkBWblsNy7DGZRfXLU0O9RCGt5g3g3yEuWXgklEdEo=
 github.com/Shopify/toxiproxy v2.1.4+incompatible/go.mod h1:OXgGpZ6Cli1/URJOF1DMxUHB2q5Ap20/P/eIdh4G0pI=
 github.com/VividCortex/gohistogram v1.0.0/go.mod h1:Pf5mBqqDxYaXu3hDrrU+w6nw50o/4+TcAqDqk/vUH7g=
@ -29,25 +28,18 @@ github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kB
 github.com/casbin/casbin/v2 v2.1.2/go.mod h1:YcPU1XXisHhLzuxH9coDNf2FbKpjGlbCg3n9yuLkIJQ=
 github.com/cenkalti/backoff v2.2.1+incompatible/go.mod h1:90ReRw6GdpyfrHakVjL/QHaoyV4aDUVVkXQJJJ3NXXM=
 github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
-github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc=
 github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
 github.com/clbanning/x2j v0.0.0-20191024224557-825249438eec/go.mod h1:jMjuTZXRI4dUb/I5gc9Hdhagfvm9+RyrPryS/auMzxE=
 github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
 github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:zn76sxSg3SzpJ0PPJaLDCu+Bu0Lg3sKTORVIj19EIF8=
 github.com/codahale/hdrhistogram v0.0.0-20161010025455-3a0bb77429bd/go.mod h1:sE/e/2PUdi/liOCUjSTXgM1o87ZssimdTWN964YiIeI=
-github.com/codegangsta/negroni v1.0.0 h1:+aYywywx4bnKXWvoWtRfJ91vC59NbEhEY03sZjQhbVY=
-github.com/codegangsta/negroni v1.0.0/go.mod h1:v0y3T5G7Y1UlFfyxFn/QLRU4a2EuNau2iZY63YTKWo0=
-github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk=
 github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE=
 github.com/coreos/go-etcd v2.0.0+incompatible/go.mod h1:Jez6KQU2B/sWsbdaef3ED8NzMklzPG4d5KIOhIy30Tk=
 github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk=
 github.com/coreos/go-systemd v0.0.0-20180511133405-39ca1b05acc7/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
-github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
 github.com/coreos/pkg v0.0.0-20160727233714-3ac0863d7acf/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA=
-github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA=
 github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwcJI5acqYI6dE=
 github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
-github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
 github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
@ -56,7 +48,6 @@ github.com/denisenkom/go-mssqldb v0.0.0-20190515213511-eb9f6a1743f3/go.mod h1:zA
 github.com/denisenkom/go-mssqldb v0.0.0-20191001013358-cfbb681360f0 h1:epsH3lb7KVbXHYk7LYGN5EiE0MxcevHU85CKITJ0wUY=
 github.com/denisenkom/go-mssqldb v0.0.0-20191001013358-cfbb681360f0/go.mod h1:xbL0rPBG9cCiLr28tMa8zpbdarY27NDyej4t/EjAShU=
 github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
-github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no=
 github.com/dustin/go-humanize v0.0.0-20171111073723-bb3d318650d4/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
 github.com/eapache/go-resiliency v1.1.0/go.mod h1:kFI+JgMyC7bLPUVY133qvEBtVayf5mFgVsvEsIPBvNs=
 github.com/eapache/go-xerial-snappy v0.0.0-20180814174437-776d5712da21/go.mod h1:+020luEh2TKB4/GOp8oxxtq0Daoen/Cii55CzbTV6DU=
@ -84,16 +75,14 @@ github.com/go-sql-driver/mysql v1.4.1 h1:g24URVg0OFbNUTx9qqY1IRZ9D9z3iPyi5zKhQZp
 github.com/go-sql-driver/mysql v1.4.1/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w=
 github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
 github.com/gobuffalo/envy v1.7.0/go.mod h1:n7DRkBerg/aorDM8kbduw5dN3oXGswK5liaSCx4T5NI=
+github.com/gobuffalo/envy v1.7.1 h1:OQl5ys5MBea7OGCdvPbBJWRgnhC/fGona6QKfvFeau8=
 github.com/gobuffalo/envy v1.7.1/go.mod h1:FurDp9+EDPE4aIUS3ZLyD+7/9fpx7YRt/ukY6jIHf0w=
+github.com/gobuffalo/logger v1.0.1 h1:ZEgyRGgAm4ZAhAO45YXMs5Fp+bzGLESFewzAVBMKuTg=
 github.com/gobuffalo/logger v1.0.1/go.mod h1:2zbswyIUa45I+c+FLXuWl9zSWEiVuthsk8ze5s8JvPs=
-github.com/gobuffalo/logger v1.0.3 h1:YaXOTHNPCvkqqA7w05A4v0k2tCdpr+sgFlgINbQ6gqc=
-github.com/gobuffalo/logger v1.0.3/go.mod h1:SoeejUwldiS7ZsyCBphOGURmWdwUFXs0J7TCjEhjKxM=
+github.com/gobuffalo/packd v0.3.0 h1:eMwymTkA1uXsqxS0Tpoop3Lc0u3kTfiMBE6nKtQU4g4=
 github.com/gobuffalo/packd v0.3.0/go.mod h1:zC7QkmNkYVGKPw4tHpBQ+ml7W/3tIebgeo1b36chA3Q=
-github.com/gobuffalo/packd v1.0.0 h1:6ERZvJHfe24rfFmA9OaoKBdC7+c9sydrytMg8SdFGBM=
-github.com/gobuffalo/packd v1.0.0/go.mod h1:6VTc4htmJRFB7u1m/4LeMTWjFoYrUiBkU9Fdec9hrhI=
+github.com/gobuffalo/packr/v2 v2.7.1 h1:n3CIW5T17T8v4GGK5sWXLVWJhCz7b5aNLSxW6gYim4o=
 github.com/gobuffalo/packr/v2 v2.7.1/go.mod h1:qYEvAazPaVxy7Y7KR0W8qYEE+RymX74kETFqjFoFlOc=
-github.com/gobuffalo/packr/v2 v2.8.0 h1:IULGd15bQL59ijXLxEvA5wlMxsmx/ZkQv9T282zNVIY=
-github.com/gobuffalo/packr/v2 v2.8.0/go.mod h1:PDk2k3vGevNE3SwVyVRgQCCXETC9SaONCNSXT1Q8M1g=
 github.com/godror/godror v0.13.3/go.mod h1:2ouUT4kdhUBk7TAkHWD4SN0CdI0pgEQbo8FVHhbSKWg=
 github.com/gogo/googleapis v1.1.0/go.mod h1:gf4bu3Q80BeJ6H1S1vYPm8/ELATdvryBaNFGgqEef3s=
 github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
@ -103,7 +92,6 @@ github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe h1:lXe2qZdvpiX5WZ
 github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0=
 github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
 github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
-github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
 github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
@ -126,15 +114,18 @@ github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+
 github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 h1:EGx4pi6eqNxGaHF6qqu48+N2wcFQ5qg5FXgOdqsJ5d8=
 github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
 github.com/gorilla/context v1.1.1/go.mod h1:kBGZzfjB9CEq2AlWe17Uuf7NDRt0dE0s8S51q0aT7Yg=
+github.com/gorilla/handlers v1.4.2 h1:0QniY0USkHQ1RGCLfKxeNHK9bkDHGRYGNDFBCS+YARg=
+github.com/gorilla/handlers v1.4.2/go.mod h1:Qkdc/uu4tH4g6mTK6auzZ766c4CA0Ng8+o/OAirnOIQ=
 github.com/gorilla/mux v1.6.2/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs=
 github.com/gorilla/mux v1.7.3 h1:gnP5JzjVOuiZD07fKKToCAOjS0yOpj/qPETTXCCS6hw=
 github.com/gorilla/mux v1.7.3/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs=
+github.com/gorilla/schema v1.1.0 h1:CamqUDOFUBqzrvxuz2vEwo8+SUdwsluFh7IlzJh30LY=
+github.com/gorilla/schema v1.1.0/go.mod h1:kgLaKoK1FELgZqMAVxx/5cbj0kT+57qxUrAlIO2eleU=
+github.com/gorilla/securecookie v1.1.1 h1:miw7JPhV+b/lAHSXz4qd/nN9jRiAFV5FwjeKyCS8BvQ=
+github.com/gorilla/securecookie v1.1.1/go.mod h1:ra0sb63/xPlUeL+yeDciTfxMRAA+MP+HVt/4epWDjd4=
 github.com/gorilla/websocket v0.0.0-20170926233335-4201258b820c/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ=
-github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ=
-github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs=
 github.com/grpc-ecosystem/go-grpc-middleware v1.0.1-0.20190118093823-f849b5445de4/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs=
 github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk=
-github.com/grpc-ecosystem/grpc-gateway v1.9.0/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY=
 github.com/grpc-ecosystem/grpc-gateway v1.9.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY=
 github.com/hashicorp/consul/api v1.3.0/go.mod h1:MmDNSzIMUjNpY/mQ398R4bk2FnqQLoPndWW5VkKPlCE=
 github.com/hashicorp/consul/sdk v0.3.0/go.mod h1:VKf9jXwCTEY1QZP2MOLRhb5i/I/ssyNV1vwHyQBF0x8=
@ -180,8 +171,6 @@ github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1
 github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo=
 github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU=
 github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w=
-github.com/karrick/godirwalk v1.15.3 h1:0a2pXOgtB16CqIqXTiT7+K9L73f74n/aNQUnH6Ortew=
-github.com/karrick/godirwalk v1.15.3/go.mod h1:j4mkqPuvaLI8mp1DroR3P6ad7cyYd4c1qeJ3RV7ULlk=
 github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q=
 github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
 github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
@ -202,12 +191,6 @@ github.com/lightstep/lightstep-tracer-common/golang/gogo v0.0.0-20190605223551-b
 github.com/lightstep/lightstep-tracer-go v0.18.1/go.mod h1:jlF1pusYV4pidLvZ+XD0UBX0ZE6WURAspgAczcDHrL4=
 github.com/lyft/protoc-gen-validate v0.0.13/go.mod h1:XbGvPuh87YZc5TdIa2/I4pLk0QoUACkjt2znoq26NVQ=
 github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ=
-github.com/markbates/errx v1.1.0 h1:QDFeR+UP95dO12JgW+tgi2UVfo0V8YBHiUIOaeBPiEI=
-github.com/markbates/errx v1.1.0/go.mod h1:PLa46Oex9KNbVDZhKel8v1OT7hD5JZ2eI7AHhA0wswc=
-github.com/markbates/oncer v1.0.0 h1:E83IaVAHygyndzPimgUYJjbshhDTALZyXxvk9FOlQRY=
-github.com/markbates/oncer v1.0.0/go.mod h1:Z59JA581E9GP6w96jai+TGqafHPW+cPfRxz2aSZ0mcI=
-github.com/markbates/safe v1.0.1 h1:yjZkbvRM6IzKj9tlu/zMJLS0n/V351OZWRnF3QfaUxI=
-github.com/markbates/safe v1.0.1/go.mod h1:nAqgmRi7cY2nqMc92/bSEeQA+R4OheNU2T1kNSCBdG0=
 github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU=
 github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4=
 github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4=
@ -242,7 +225,6 @@ github.com/nats-io/nkeys v0.1.3/go.mod h1:xpnFELMwJABBLVhffcfd1MZx6VsNRFpEugbxzi
 github.com/nats-io/nuid v1.0.1/go.mod h1:19wcPz3Ph3q0Jbyiqsd0kePYG7A95tJPxeL+1OSON2c=
 github.com/oklog/oklog v0.3.2/go.mod h1:FCV+B7mhrz4o+ueLpx+KqkyXRGMWOYEvfiXtdGtbWGs=
 github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQA=
-github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U=
 github.com/olekukonko/tablewriter v0.0.0-20170122224234-a0225b3f23b5/go.mod h1:vsDQFd/mU46D+Z4whnwzcISnGGzXWMclvtLoiIKAKIo=
 github.com/olekukonko/tablewriter v0.0.1/go.mod h1:vsDQFd/mU46D+Z4whnwzcISnGGzXWMclvtLoiIKAKIo=
 github.com/olekukonko/tablewriter v0.0.2/go.mod h1:rSAaSIOAGT9odnlyGlUfAJaoc5w2fSBUmeGDbRWPxyQ=
@ -277,7 +259,6 @@ github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZN
 github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI=
 github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
 github.com/prometheus/client_golang v0.9.3-0.20190127221311-3c4408c8b829/go.mod h1:p2iRAGwDERtqlqzRXnrOVns+ignqQo//hLXqYxZYVNs=
-github.com/prometheus/client_golang v0.9.3/go.mod h1:/TN21ttK/J9q6uSwhBd54HahCDft0ttaMvbicHlPoso=
 github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo=
 github.com/prometheus/client_golang v1.3.0/go.mod h1:hJaj2vgQTGQmVCsAACORcieXFeDPbaTKGT+JTgUa3og=
 github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
@ -285,27 +266,20 @@ github.com/prometheus/client_model v0.0.0-20190115171406-56726106282f/go.mod h1:
 github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
 github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
 github.com/prometheus/client_model v0.1.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
-github.com/prometheus/common v0.0.0-20181113130724-41aa239b4cce/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro=
 github.com/prometheus/common v0.2.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
-github.com/prometheus/common v0.4.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
 github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
 github.com/prometheus/common v0.7.0/go.mod h1:DjGbpBbp5NYNiECxcL/VnbXCCaQpKd3tt26CguLLsqA=
 github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
 github.com/prometheus/procfs v0.0.0-20190117184657-bf6a532e95b1/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
-github.com/prometheus/procfs v0.0.0-20190507164030-5867b95ac084/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA=
 github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA=
 github.com/prometheus/procfs v0.0.8/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+GxbHq6oeK9A=
-github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU=
 github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4=
 github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg=
 github.com/rogpeppe/go-internal v1.1.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
 github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
 github.com/rogpeppe/go-internal v1.3.2/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
+github.com/rogpeppe/go-internal v1.4.0 h1:LUa41nrWTQNGhzdsZ5lTnkwbNjj6rXTdazA1cSdjkOY=
 github.com/rogpeppe/go-internal v1.4.0/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
-github.com/rogpeppe/go-internal v1.5.2 h1:qLvObTrvO/XRCqmkKxUlOBc48bI3efyDuAZe25QiF0w=
-github.com/rogpeppe/go-internal v1.5.2/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
-github.com/rs/cors v1.7.0 h1:+88SsELBHx5r+hZ8TCkggzSstaWNbDvThkVK8H6f9ik=
-github.com/rs/cors v1.7.0/go.mod h1:gFx+x8UowdsKA9AchylcLynDq+nNFfI8FkUZdN/jGCU=
 github.com/rubenv/sql-migrate v0.0.0-20200402132117-435005d389bc h1:+2DdDcxVYlarHjYcZTt8dZ4Ec8cXZirzL5ko0mkKPjU=
 github.com/rubenv/sql-migrate v0.0.0-20200402132117-435005d389bc/go.mod h1:DCgfY80j8GYL7MLEfvcpSFvjD0L5yZq/aZUJmhZklyg=
 github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g=
@ -325,17 +299,14 @@ github.com/smartystreets/goconvey v1.6.4 h1:fv0U8FUIMPNf1L9lnHLvLhgicrIVChEkdzIK
 github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA=
 github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM=
 github.com/sony/gobreaker v0.4.1/go.mod h1:ZKptC7FHNvhBz7dN2LGjPVBz2sZJmc0/PkyDJOjmxWY=
-github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA=
 github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ=
 github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE=
 github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ=
 github.com/spf13/cobra v0.0.5/go.mod h1:3K3wKZymM7VvHMDS9+Akkh4K60UwM26emMESw8tLCHU=
-github.com/spf13/cobra v0.0.6/go.mod h1:/6GTrnGXV9HjY+aR4k0oJ5tcvakLuG6EuKReYlHNrgE=
 github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo=
 github.com/spf13/pflag v1.0.1/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
 github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
 github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s=
-github.com/spf13/viper v1.4.0/go.mod h1:PTJ7Z/lr49W6bUbkmS1V3by4uWynFiR9p7+dSq/yZzE=
 github.com/streadway/amqp v0.0.0-20190404075320-75d898a42a94/go.mod h1:AZpEONHx3DKn8O/DFsRAY58/XVQiIPMTMB1SddzLXVw=
 github.com/streadway/amqp v0.0.0-20190827072141-edfb9018d271/go.mod h1:AZpEONHx3DKn8O/DFsRAY58/XVQiIPMTMB1SddzLXVw=
 github.com/streadway/handy v0.0.0-20190108123426-d5acb3125c2a/go.mod h1:qNTQ5P5JnDBl6z3cMAg/SywNDC5ABu5ApDIw6lUbRmI=
@ -343,14 +314,11 @@ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+
 github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
+github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk=
 github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
-github.com/stretchr/testify v1.5.1 h1:nOGnQDM7FYENwehXlg/kFVnos3rEvtKTjRvOWSzb6H4=
-github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
 github.com/t-tiger/gorm-bulk-insert v0.0.0-20191014134946-beb77b81825f h1:Op5lFYUNE7tPxu6gJfwkgY8HMIWpLqiLApBJfGs71U8=
 github.com/t-tiger/gorm-bulk-insert v0.0.0-20191014134946-beb77b81825f/go.mod h1:SK1RZT4TR1aMUNGtbk6YxTPgx2D/gfbxB571QGnAV+c=
 github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
-github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
-github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc=
 github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0=
 github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA=
 github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
@ -358,14 +326,12 @@ github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q
 github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q=
 github.com/ziutek/mymysql v1.5.4 h1:GB0qdRGsTwQSBVYuVShFBKaXSnSnYYC2d9knnE1LHFs=
 github.com/ziutek/mymysql v1.5.4/go.mod h1:LMSpPZ6DbqWFxNCHW77HeMg9I646SAhApZ/wKdgO/C0=
-go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU=
 go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU=
 go.etcd.io/etcd v0.0.0-20191023171146-3cf2f69b5738/go.mod h1:dnLIgRNXwCJa5e+c6mIZCrds/GIG4ncV9HhK5PX7jPg=
 go.opencensus.io v0.20.1/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk=
 go.opencensus.io v0.20.2/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk=
 go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
 go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
-go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
 go.uber.org/atomic v1.5.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ=
 go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0=
 go.uber.org/multierr v1.3.0/go.mod h1:VgVr7evmIr6uPjLBxg28wmKNXyqE9akIJ5XnfpiKl+4=
@ -391,7 +357,6 @@ golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHl
 golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
 golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc=
 golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
-golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@ -404,12 +369,10 @@ golang.org/x/net v0.0.0-20190125091013-d26f9f9a57f3/go.mod h1:mL1N/T3taQHkDXs73r
 golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
-golang.org/x/net v0.0.0-20190522155817-f3200d17e092/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
 golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
 golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@ -442,7 +405,6 @@ golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
 golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
-golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20180828015842-6cd1fcedba52/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
@ -457,9 +419,7 @@ golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgw
 golang.org/x/tools v0.0.0-20191004055002-72853e10c5a3/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20191029041327-9cc4af7d6b2c/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20191029190741-b9c20aec41a5/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
-golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20200103221440-774c71fcf114/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
-golang.org/x/tools v0.0.0-20200308013534-11ec41452d41/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
--- a/main.go
+++ b/main.go
@ -1,131 +1,51 @@
 package main

 import (
-	"crypto/md5"
-	"encoding/hex"
-	"encoding/json"
-	"io/ioutil"
+	"github.com/gorilla/handlers"
 	"log"
 	"net/http"
-	"os"
 	"strconv"
-	"strings"
 	"time"

-	"github.com/codegangsta/negroni"
-	"github.com/gobuffalo/packr/v2"
 	"github.com/gorilla/mux"
 	"github.com/jinzhu/gorm"
-	"github.com/joho/godotenv"
-	"github.com/rs/cors"
-	"github.com/rubenv/sql-migrate"
-	uuid "github.com/satori/go.uuid"
-	ini "gopkg.in/ini.v1"
-
+	_ "github.com/jinzhu/gorm/dialects/mysql"
+	_ "github.com/jinzhu/gorm/dialects/postgres"
+	_ "github.com/jinzhu/gorm/dialects/sqlite"
 	"github.com/muety/wakapi/middlewares"
 	"github.com/muety/wakapi/models"
 	"github.com/muety/wakapi/routes"
 	"github.com/muety/wakapi/services"
 	"github.com/muety/wakapi/utils"
+)

-	_ "github.com/jinzhu/gorm/dialects/mysql"
-	_ "github.com/jinzhu/gorm/dialects/postgres"
-	_ "github.com/jinzhu/gorm/dialects/sqlite"
+var (
+	db     *gorm.DB
+	config *models.Config
+)
+
+var (
+	aliasService       *services.AliasService
+	heartbeatService   *services.HeartbeatService
+	userService        *services.UserService
+	summaryService     *services.SummaryService
+	aggregationService *services.AggregationService
+	keyValueService    *services.KeyValueService
 )

 // TODO: Refactor entire project to be structured after business domains

-func readConfig() *models.Config {
-	if err := godotenv.Load(); err != nil {
-		log.Fatal(err)
-	}
-
-	env := utils.LookupFatal("ENV")
-	dbType := utils.LookupFatal("WAKAPI_DB_TYPE")
-	dbUser := utils.LookupFatal("WAKAPI_DB_USER")
-	dbPassword := utils.LookupFatal("WAKAPI_DB_PASSWORD")
-	dbHost := utils.LookupFatal("WAKAPI_DB_HOST")
-	dbName := utils.LookupFatal("WAKAPI_DB_NAME")
-	dbPortStr := utils.LookupFatal("WAKAPI_DB_PORT")
-	defaultUserName := utils.LookupFatal("WAKAPI_DEFAULT_USER_NAME")
-	defaultUserPassword := utils.LookupFatal("WAKAPI_DEFAULT_USER_PASSWORD")
-	dbPort, err := strconv.Atoi(dbPortStr)
-
-	cfg, err := ini.Load("config.ini")
-	if err != nil {
-		log.Fatalf("Fail to read file: %v", err)
-	}
-
-	if dbType == "" {
-		dbType = "mysql"
-	}
-
-	dbMaxConn := cfg.Section("database").Key("max_connections").MustUint(1)
-	addr := cfg.Section("server").Key("listen").MustString("127.0.0.1")
-	port, err := strconv.Atoi(os.Getenv("PORT"))
-	if err != nil {
-		port = cfg.Section("server").Key("port").MustInt()
-	}
-
-	cleanUp := cfg.Section("app").Key("cleanup").MustBool(false)
-
-	// Read custom languages
-	customLangs := make(map[string]string)
-	languageKeys := cfg.Section("languages").Keys()
-	for _, k := range languageKeys {
-		customLangs[k.Name()] = k.MustString("unknown")
-	}
-
-	// Read language colors
-	// Source: https://raw.githubusercontent.com/ozh/github-colors/master/colors.json
-	var colors = make(map[string]string)
-	var rawColors map[string]struct {
-		Color string `json:"color"`
-		Url   string `json:"url"`
-	}
-
-	data, err := ioutil.ReadFile("data/colors.json")
-	if err != nil {
-		log.Fatal(err)
-	}
-
-	if err := json.Unmarshal(data, &rawColors); err != nil {
-		log.Fatal(err)
-	}
-
-	for k, v := range rawColors {
-		colors[strings.ToLower(k)] = v.Color
-	}
-
-	return &models.Config{
-		Env:                 env,
-		Port:                port,
-		Addr:                addr,
-		DbHost:              dbHost,
-		DbPort:              uint(dbPort),
-		DbUser:              dbUser,
-		DbPassword:          dbPassword,
-		DbName:              dbName,
-		DbDialect:           dbType,
-		DbMaxConn:           dbMaxConn,
-		CleanUp:             cleanUp,
-		DefaultUserName:     defaultUserName,
-		DefaultUserPassword: defaultUserPassword,
-		CustomLanguages:     customLangs,
-		LanguageColors:      colors,
-	}
-}
-
 func main() {
-	// Read Config
-	config := readConfig()
+	config = models.GetConfig()
+
 	// Enable line numbers in logging
 	if config.IsDev() {
 		log.SetFlags(log.LstdFlags | log.Lshortfile)
 	}

 	// Connect to database
-	db, err := gorm.Open(config.DbDialect, utils.MakeConnectionString(config))
+	var err error
+	db, err = gorm.Open(config.DbDialect, utils.MakeConnectionString(config))
 	if config.DbDialect == "sqlite3" {
 		db.DB().Exec("PRAGMA foreign_keys = ON;")
 	}
@ -134,62 +54,77 @@ func main() {
 	db.DB().SetMaxOpenConns(int(config.DbMaxConn))
 	if err != nil {
 		log.Println(err)
-		log.Fatal("Could not connect to database.")
+		log.Fatal("could not connect to database")
 	}
 	// TODO: Graceful shutdown
 	defer db.Close()

 	// Migrate database schema
-	migrateDo := databaseMigrateActions(config.DbDialect)
-	migrateDo(db)
-
-	// Custom migrations and initial data
-	addDefaultUser(db, config)
-	migrateLanguages(db, config)
+	runDatabaseMigrations()
+	applyFixtures()

 	// Services
-	aliasSrvc := &services.AliasService{Config: config, Db: db}
-	heartbeatSrvc := &services.HeartbeatService{Config: config, Db: db}
-	userSrvc := &services.UserService{Config: config, Db: db}
-	summarySrvc := &services.SummaryService{Config: config, Db: db, HeartbeatService: heartbeatSrvc, AliasService: aliasSrvc}
-	aggregationSrvc := &services.AggregationService{Config: config, Db: db, UserService: userSrvc, SummaryService: summarySrvc, HeartbeatService: heartbeatSrvc}
+	aliasService = services.NewAliasService(db)
+	heartbeatService = services.NewHeartbeatService(db)
+	userService = services.NewUserService(db)
+	summaryService = services.NewSummaryService(db, heartbeatService, aliasService)
+	aggregationService = services.NewAggregationService(db, userService, summaryService, heartbeatService)
+	keyValueService = services.NewKeyValueService(db)

-	services := []services.Initializable{aliasSrvc, heartbeatSrvc, summarySrvc, userSrvc, aggregationSrvc}
-	for _, s := range services {
-		s.Init()
-	}
+	// Custom migrations and initial data
+	migrateLanguages()

 	// Aggregate heartbeats to summaries and persist them
-	go aggregationSrvc.Schedule()
+	go aggregationService.Schedule()

 	if config.CleanUp {
-		go heartbeatSrvc.ScheduleCleanUp()
+		go heartbeatService.ScheduleCleanUp()
 	}

 	// Handlers
-	heartbeatHandler := &routes.HeartbeatHandler{HeartbeatSrvc: heartbeatSrvc}
-	summaryHandler := &routes.SummaryHandler{SummarySrvc: summarySrvc}
-	healthHandler := &routes.HealthHandler{Db: db}
+	heartbeatHandler := routes.NewHeartbeatHandler(heartbeatService)
+	summaryHandler := routes.NewSummaryHandler(summaryService)
+	healthHandler := routes.NewHealthHandler(db)
+	settingsHandler := routes.NewSettingsHandler(userService)
+	publicHandler := routes.NewIndexHandler(userService, keyValueService)
+
+	// Setup Routers
+	router := mux.NewRouter()
+	publicRouter := router.PathPrefix("/").Subrouter()
+	settingsRouter := publicRouter.PathPrefix("/settings").Subrouter()
+	summaryRouter := publicRouter.PathPrefix("/summary").Subrouter()
+	apiRouter := router.PathPrefix("/api").Subrouter()

 	// Middlewares
-	authenticateMiddleware := &middlewares.AuthenticateMiddleware{
-		UserSrvc:       userSrvc,
-		WhitelistPaths: []string{"/api/health"},
-	}
-	basicAuthMiddleware := &middlewares.RequireBasicAuthMiddleware{}
-	corsMiddleware := cors.New(cors.Options{
-		AllowedOrigins: []string{"*"},
-		AllowedHeaders: []string{"*"},
-		Debug:          false,
-	})
+	recoveryMiddleware := handlers.RecoveryHandler()
+	loggingMiddleware := middlewares.NewLoggingMiddleware().Handler
+	corsMiddleware := handlers.CORS()
+	authenticateMiddleware := middlewares.NewAuthenticateMiddleware(
+		userService,
+		[]string{"/api/health"},
+	).Handler

-	// Setup Routing
-	router := mux.NewRouter()
-	mainRouter := mux.NewRouter().PathPrefix("/").Subrouter()
-	apiRouter := mux.NewRouter().PathPrefix("/api").Subrouter()
+	// Router configs
+	router.Use(loggingMiddleware, recoveryMiddleware)
+	summaryRouter.Use(authenticateMiddleware)
+	settingsRouter.Use(authenticateMiddleware)
+	apiRouter.Use(corsMiddleware, authenticateMiddleware)

-	// Main Routes
-	mainRouter.Path("/").Methods(http.MethodGet).HandlerFunc(summaryHandler.Index)
+	// Public Routes
+	publicRouter.Path("/").Methods(http.MethodGet).HandlerFunc(publicHandler.GetIndex)
+	publicRouter.Path("/login").Methods(http.MethodPost).HandlerFunc(publicHandler.PostLogin)
+	publicRouter.Path("/logout").Methods(http.MethodPost).HandlerFunc(publicHandler.PostLogout)
+	publicRouter.Path("/signup").Methods(http.MethodGet).HandlerFunc(publicHandler.GetSignup)
+	publicRouter.Path("/signup").Methods(http.MethodPost).HandlerFunc(publicHandler.PostSignup)
+	publicRouter.Path("/imprint").Methods(http.MethodGet).HandlerFunc(publicHandler.GetImprint)
+
+	// Summary Routes
+	summaryRouter.Methods(http.MethodGet).HandlerFunc(summaryHandler.GetIndex)
+
+	// Settings Routes
+	settingsRouter.Methods(http.MethodGet).HandlerFunc(settingsHandler.GetIndex)
+	settingsRouter.Path("/credentials").Methods(http.MethodPost).HandlerFunc(settingsHandler.PostCredentials)
+	settingsRouter.Path("/reset").Methods(http.MethodPost).HandlerFunc(settingsHandler.PostResetApiKey)

 	// API Routes
 	apiRouter.Path("/heartbeat").Methods(http.MethodPost).HandlerFunc(heartbeatHandler.ApiPost)
@ -197,21 +132,7 @@ func main() {
 	apiRouter.Path("/health").Methods(http.MethodGet).HandlerFunc(healthHandler.ApiGet)

 	// Static Routes
-	router.PathPrefix("/assets").Handler(negroni.Classic().With(negroni.Wrap(http.FileServer(http.Dir("./static")))))
-
-	// Sub-Routes Setup
-	router.PathPrefix("/api").Handler(negroni.Classic().
-		With(corsMiddleware).
-		With(
-			negroni.HandlerFunc(authenticateMiddleware.Handle),
-			negroni.Wrap(apiRouter),
-		))
-
-	router.PathPrefix("/").Handler(negroni.Classic().With(
-		negroni.HandlerFunc(basicAuthMiddleware.Handle),
-		negroni.HandlerFunc(authenticateMiddleware.Handle),
-		negroni.Wrap(mainRouter),
-	))
+	router.PathPrefix("/assets").Handler(http.FileServer(http.Dir("./static")))

 	// Listen HTTP
 	portString := config.Addr + ":" + strconv.Itoa(config.Port)
@ -225,34 +146,20 @@ func main() {
 	s.ListenAndServe()
 }

-func databaseMigrateActions(dbDialect string) func(db *gorm.DB) {
-	var migrateDo func(db *gorm.DB)
-	if dbDialect == "sqlite3" {
-		migrations := &migrate.PackrMigrationSource{
-			Box: packr.New("migrations", "./migrations/sqlite3"),
-		}
-		migrateDo = func(db *gorm.DB) {
-			n, err := migrate.Exec(db.DB(), "sqlite3", migrations, migrate.Up)
-			if err != nil {
-				log.Fatal(err)
-			}
-			log.Printf("Applied %d migrations!\n", n)
-		}
-	} else {
-		migrateDo = func(db *gorm.DB) {
-			db.AutoMigrate(&models.Alias{})
-			db.AutoMigrate(&models.Summary{})
-			db.AutoMigrate(&models.SummaryItem{})
-			db.AutoMigrate(&models.User{})
-			db.AutoMigrate(&models.Heartbeat{}).AddForeignKey("user_id", "users(id)", "RESTRICT", "RESTRICT")
-			db.AutoMigrate(&models.SummaryItem{}).AddForeignKey("summary_id", "summaries(id)", "CASCADE", "CASCADE")
-		}
+func runDatabaseMigrations() {
+	if err := config.GetMigrationFunc(config.DbDialect)(db); err != nil {
+		log.Fatal(err)
 	}
-	return migrateDo
 }

-func migrateLanguages(db *gorm.DB, cfg *models.Config) {
-	for k, v := range cfg.CustomLanguages {
+func applyFixtures() {
+	if err := config.GetFixturesFunc(config.DbDialect)(db); err != nil {
+		log.Fatal(err)
+	}
+}
+
+func migrateLanguages() {
+	for k, v := range config.CustomLanguages {
 		result := db.Model(models.Heartbeat{}).
 			Where("language = ?", "").
 			Where("entity LIKE ?", "%."+k).
@ -265,18 +172,3 @@ func migrateLanguages(db *gorm.DB, cfg *models.Config) {
 		}
 	}
 }
-
-func addDefaultUser(db *gorm.DB, cfg *models.Config) {
-	pw := md5.Sum([]byte(cfg.DefaultUserPassword))
-	pwString := hex.EncodeToString(pw[:])
-	apiKey := uuid.NewV4().String()
-	u := &models.User{ID: cfg.DefaultUserName, Password: pwString, ApiKey: apiKey}
-	result := db.FirstOrCreate(u, &models.User{ID: u.ID})
-	if result.Error != nil {
-		log.Println("Unable to create default user.")
-		log.Fatal(result.Error)
-	}
-	if result.RowsAffected > 0 {
-		log.Printf("Created default user '%s' with password '%s' and API key '%s'.\n", u.ID, cfg.DefaultUserPassword, u.ApiKey)
-	}
-}
--- a/middlewares/authenticate.go
+++ b/middlewares/authenticate.go
@ -2,12 +2,11 @@ package middlewares

 import (
 	"context"
-	"crypto/md5"
-	"encoding/base64"
-	"encoding/hex"
 	"errors"
+	"fmt"
+	"github.com/muety/wakapi/utils"
+	"log"
 	"net/http"
-	"regexp"
 	"strings"
 	"time"

@ -18,25 +17,29 @@ import (
 )

 type AuthenticateMiddleware struct {
-	UserSrvc       *services.UserService
-	Cache          *cache.Cache
-	WhitelistPaths []string
-	Initialized    bool
+	config         *models.Config
+	userSrvc       *services.UserService
+	cache          *cache.Cache
+	whitelistPaths []string
 }

-func (m *AuthenticateMiddleware) Init() {
-	if m.Cache == nil {
-		m.Cache = cache.New(1*time.Hour, 2*time.Hour)
+func NewAuthenticateMiddleware(userService *services.UserService, whitelistPaths []string) *AuthenticateMiddleware {
+	return &AuthenticateMiddleware{
+		config:         models.GetConfig(),
+		userSrvc:       userService,
+		cache:          cache.New(1*time.Hour, 2*time.Hour),
+		whitelistPaths: whitelistPaths,
 	}
-	m.Initialized = true
 }

-func (m *AuthenticateMiddleware) Handle(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
-	if !m.Initialized {
-		m.Init()
-	}
+func (m *AuthenticateMiddleware) Handler(h http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		m.ServeHTTP(w, r, h.ServeHTTP)
+	})
+}

-	for _, p := range m.WhitelistPaths {
+func (m *AuthenticateMiddleware) ServeHTTP(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
+	for _, p := range m.whitelistPaths {
 		if strings.HasPrefix(r.URL.Path, p) || r.URL.Path == p {
 			next(w, r)
 			return
@ -44,81 +47,81 @@ func (m *AuthenticateMiddleware) Handle(w http.ResponseWriter, r *http.Request,
 	}

 	var user *models.User
-	var userKey string
-	user, userKey, err := m.tryGetUserByPassword(r)
+	user, err := m.tryGetUserByCookie(r)

 	if err != nil {
-		user, userKey, err = m.tryGetUserByApiKey(r)
+		user, err = m.tryGetUserByApiKey(r)
 	}

 	if err != nil {
-		w.WriteHeader(http.StatusUnauthorized)
+		if strings.HasPrefix(r.URL.Path, "/api") {
+			w.WriteHeader(http.StatusUnauthorized)
+		} else {
+			utils.ClearCookie(w, models.AuthCookieKey, !m.config.InsecureCookies)
+			http.Redirect(w, r, fmt.Sprintf("%s/?error=unauthorized", m.config.BasePath), http.StatusFound)
+		}
 		return
 	}

-	m.Cache.Set(userKey, user, cache.DefaultExpiration)
+	m.cache.Set(user.ID, user, cache.DefaultExpiration)

 	ctx := context.WithValue(r.Context(), models.UserKey, user)
 	next(w, r.WithContext(ctx))
 }

-func (m *AuthenticateMiddleware) tryGetUserByApiKey(r *http.Request) (*models.User, string, error) {
-	authHeader := strings.Split(r.Header.Get("Authorization"), " ")
-	if len(authHeader) != 2 || authHeader[0] != "Basic" {
-		return nil, "", errors.New("failed to extract API key")
-	}
-
-	key, err := base64.StdEncoding.DecodeString(authHeader[1])
+func (m *AuthenticateMiddleware) tryGetUserByApiKey(r *http.Request) (*models.User, error) {
+	key, err := utils.ExtractBearerAuth(r)
 	if err != nil {
-		return nil, "", err
+		return nil, err
 	}

 	var user *models.User
-	userKey := strings.TrimSpace(string(key))
-	cachedUser, ok := m.Cache.Get(userKey)
+	userKey := strings.TrimSpace(key)
+	cachedUser, ok := m.cache.Get(userKey)
 	if !ok {
-		user, err = m.UserSrvc.GetUserByKey(userKey)
+		user, err = m.userSrvc.GetUserByKey(userKey)
 		if err != nil {
-			return nil, "", err
+			return nil, err
 		}
 	} else {
 		user = cachedUser.(*models.User)
 	}
-	return user, userKey, nil
+	return user, nil
 }

-func (m *AuthenticateMiddleware) tryGetUserByPassword(r *http.Request) (*models.User, string, error) {
-	authHeader := strings.Split(r.Header.Get("Authorization"), " ")
-	if len(authHeader) != 2 || authHeader[0] != "Basic" {
-		return nil, "", errors.New("failed to extract API key")
-	}
-
-	hash, err := base64.StdEncoding.DecodeString(authHeader[1])
-	userKey := strings.TrimSpace(string(hash))
+func (m *AuthenticateMiddleware) tryGetUserByCookie(r *http.Request) (*models.User, error) {
+	login, err := utils.ExtractCookieAuth(r, m.config)
 	if err != nil {
-		return nil, "", err
+		return nil, err
 	}

-	var user *models.User
-	cachedUser, ok := m.Cache.Get(userKey)
-	if !ok {
-		re := regexp.MustCompile(`^(.+):(.+)$`)
-		groups := re.FindAllStringSubmatch(userKey, -1)
-		if len(groups) == 0 || len(groups[0]) != 3 {
-			return nil, "", errors.New("failed to parse user agent string")
-		}
-		userId, password := groups[0][1], groups[0][2]
-		user, err = m.UserSrvc.GetUserById(userId)
-		if err != nil {
-			return nil, "", err
-		}
-		passwordHash := md5.Sum([]byte(password))
-		passwordHashString := hex.EncodeToString(passwordHash[:])
-		if passwordHashString != user.Password {
-			return nil, "", errors.New("invalid password")
-		}
-	} else {
-		user = cachedUser.(*models.User)
+	cachedUser, ok := m.cache.Get(login.Username)
+
+	if ok {
+		return cachedUser.(*models.User), nil
 	}
-	return user, userKey, nil
+
+	user, err := m.userSrvc.GetUserById(login.Username)
+	if err != nil {
+		return nil, err
+	}
+
+	if !CheckAndMigratePassword(user, login, m.config.PasswordSalt, m.userSrvc) {
+		return nil, errors.New("invalid password")
+	}
+
+	return user, nil
+}
+
+// migrate old md5-hashed passwords to new salted bcrypt hashes for backwards compatibility
+func CheckAndMigratePassword(user *models.User, login *models.Login, salt string, userServiceRef *services.UserService) bool {
+	if utils.IsMd5(user.Password) {
+		if utils.CheckPasswordMd5(user, login.Password) {
+			log.Printf("migrating old md5 password to new bcrypt format for user '%s'", user.ID)
+			userServiceRef.MigrateMd5Password(user, login)
+			return true
+		}
+		return false
+	}
+	return utils.CheckPasswordBcrypt(user, login.Password, salt)
 }
--- a/middlewares/basicauth.go
+++ b/middlewares/basicauth.go
@ -1,14 +0,0 @@
-package middlewares
-
-import (
-	"net/http"
-)
-
-type RequireBasicAuthMiddleware struct{}
-
-func (m *RequireBasicAuthMiddleware) Init() {}
-
-func (m *RequireBasicAuthMiddleware) Handle(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
-	w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`)
-	next(w, r)
-}
--- a/middlewares/logging.go
+++ b/middlewares/logging.go
@ -0,0 +1,17 @@
+package middlewares
+
+import (
+	"github.com/gorilla/handlers"
+	"net/http"
+	"os"
+)
+
+type LoggingMiddleware struct{}
+
+func NewLoggingMiddleware() *LoggingMiddleware {
+	return &LoggingMiddleware{}
+}
+
+func (m *LoggingMiddleware) Handler(h http.Handler) http.Handler {
+	return handlers.LoggingHandler(os.Stdout, h)
+}
--- a/migrations/common/fixtures/1_imprint_content.sql
+++ b/migrations/common/fixtures/1_imprint_content.sql
@ -0,0 +1,7 @@
+-- +migrate Up
+-- SQL in section 'Up' is executed when this migration is applied
+insert into key_string_values (`key`, `value`) values ('imprint', 'no content here');
+
+-- +migrate Down
+-- SQL section 'Down' is executed when this migration is rolled back
+delete from key_string_values where `key` = 'imprint';
--- a/migrations/sqlite3/2_key_value_table.sql
+++ b/migrations/sqlite3/2_key_value_table.sql
@ -0,0 +1,11 @@
+-- +migrate Up
+-- SQL in section 'Up' is executed when this migration is applied
+create table key_string_values
+(
+    key      varchar(255) primary key,
+    value    text
+);
+
+-- +migrate Down
+-- SQL section 'Down' is executed when this migration is rolled back
+drop table key_string_value;
--- a/migrations/sqlite3/3_user_creation_date.sql
+++ b/migrations/sqlite3/3_user_creation_date.sql
@ -0,0 +1,20 @@
+-- +migrate Up
+-- SQL in section 'Up' is executed when this migration is applied
+
+-- SQLite does not allow altering a table to add a new column with default of CURRENT_TIMESTAMP
+-- See https://www.sqlite.org/lang_altertable.html
+
+alter table users
+    add `created_at` timestamp default '2020-01-01T00:00:00.000' not null;
+
+alter table users
+    add `last_logged_in_at` timestamp default '2020-01-01T00:00:00.000' not null;
+
+-- +migrate Down
+-- SQL section 'Down' is executed when this migration is rolled back
+
+alter table users
+    drop column `created_at`;
+
+alter table users
+    drop column `last_logged_in_at`;
--- a/models/config.go
+++ b/models/config.go
@ -1,23 +1,225 @@
 package models

+import (
+	"encoding/json"
+	"github.com/gorilla/securecookie"
+	"github.com/jinzhu/gorm"
+	"github.com/joho/godotenv"
+	migrate "github.com/rubenv/sql-migrate"
+	"gopkg.in/ini.v1"
+	"io/ioutil"
+	"log"
+	"os"
+	"strconv"
+	"strings"
+)
+
+var cfg *Config
+
 type Config struct {
-	Env                 string
-	Port                int
-	Addr                string
-	DbHost              string
-	DbPort              uint
-	DbUser              string
-	DbPassword          string
-	DbName              string
-	DbDialect           string
-	DbMaxConn           uint
-	CleanUp             bool
-	DefaultUserName     string
-	DefaultUserPassword string
-	CustomLanguages     map[string]string
-	LanguageColors      map[string]string
+	Env        string
+	Version    string
+	Port       int
+	Addr       string
+	BasePath   string
+	DbHost     string
+	DbPort     uint
+	DbUser     string
+	DbPassword string
+	DbName     string
+	DbDialect  string
+	DbMaxConn  uint
+	CleanUp    bool
+	// this is actually a pepper (https://en.wikipedia.org/wiki/Pepper_(cryptography))
+	PasswordSalt         string
+	SecureCookieHashKey  string
+	SecureCookieBlockKey string
+	InsecureCookies      bool
+	CustomLanguages      map[string]string
+	LanguageColors       map[string]string
+	SecureCookie         *securecookie.SecureCookie
 }

 func (c *Config) IsDev() bool {
-	return c.Env == "dev"
+	return IsDev(c.Env)
+}
+
+func (c *Config) GetMigrationFunc(dbDialect string) MigrationFunc {
+	switch dbDialect {
+	case "sqlite3":
+		return func(db *gorm.DB) error {
+			migrations := &migrate.FileMigrationSource{
+				Dir: "migrations/sqlite3",
+			}
+
+			migrate.SetIgnoreUnknown(true)
+			n, err := migrate.Exec(db.DB(), "sqlite3", migrations, migrate.Up)
+			if err != nil {
+				return err
+			}
+
+			log.Printf("applied %d migrations\n", n)
+			return nil
+		}
+	default:
+		return func(db *gorm.DB) error {
+			db.AutoMigrate(&Alias{})
+			db.AutoMigrate(&Summary{})
+			db.AutoMigrate(&SummaryItem{})
+			db.AutoMigrate(&User{})
+			db.AutoMigrate(&Heartbeat{}).AddForeignKey("user_id", "users(id)", "RESTRICT", "RESTRICT")
+			db.AutoMigrate(&SummaryItem{}).AddForeignKey("summary_id", "summaries(id)", "CASCADE", "CASCADE")
+			db.AutoMigrate(&KeyStringValue{})
+			return nil
+		}
+	}
+}
+
+func (c *Config) GetFixturesFunc(dbDialect string) MigrationFunc {
+	return func(db *gorm.DB) error {
+		migrations := &migrate.FileMigrationSource{
+			Dir: "migrations/common/fixtures",
+		}
+
+		migrate.SetIgnoreUnknown(true)
+		n, err := migrate.Exec(db.DB(), dbDialect, migrations, migrate.Up)
+		if err != nil {
+			return err
+		}
+
+		log.Printf("applied %d fixtures\n", n)
+		return nil
+	}
+}
+
+func IsDev(env string) bool {
+	return env == "dev" || env == "development"
+}
+
+func SetConfig(config *Config) {
+	cfg = config
+}
+
+func GetConfig() *Config {
+	return cfg
+}
+
+func LookupFatal(key string) string {
+	v, ok := os.LookupEnv(key)
+	if !ok {
+		log.Fatalf("missing env variable '%s'", key)
+	}
+	return v
+}
+
+func readVersion() string {
+	file, err := os.Open("version.txt")
+	if err != nil {
+		log.Fatal(err)
+	}
+	defer file.Close()
+
+	bytes, err := ioutil.ReadAll(file)
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	return string(bytes)
+}
+
+func readConfig() *Config {
+	if err := godotenv.Load(); err != nil {
+		log.Fatal(err)
+	}
+
+	version := readVersion()
+
+	env := LookupFatal("ENV")
+	dbType := LookupFatal("WAKAPI_DB_TYPE")
+	dbUser := LookupFatal("WAKAPI_DB_USER")
+	dbPassword := LookupFatal("WAKAPI_DB_PASSWORD")
+	dbHost := LookupFatal("WAKAPI_DB_HOST")
+	dbName := LookupFatal("WAKAPI_DB_NAME")
+	dbPortStr := LookupFatal("WAKAPI_DB_PORT")
+	passwordSalt := LookupFatal("WAKAPI_PASSWORD_SALT")
+	dbPort, err := strconv.Atoi(dbPortStr)
+
+	cfg, err := ini.Load("config.ini")
+	if err != nil {
+		log.Fatalf("Fail to read file: %v", err)
+	}
+
+	if dbType == "" {
+		dbType = "mysql"
+	}
+
+	dbMaxConn := cfg.Section("database").Key("max_connections").MustUint(1)
+	addr := cfg.Section("server").Key("listen").MustString("127.0.0.1")
+	insecureCookies := IsDev(env) || cfg.Section("server").Key("insecure_cookies").MustBool(false)
+	port, err := strconv.Atoi(os.Getenv("PORT"))
+	if err != nil {
+		port = cfg.Section("server").Key("port").MustInt()
+	}
+
+	basePath := cfg.Section("server").Key("base_path").MustString("/")
+	if strings.HasSuffix(basePath, "/") {
+		basePath = basePath[:len(basePath)-1]
+	}
+
+	cleanUp := cfg.Section("app").Key("cleanup").MustBool(false)
+
+	// Read custom languages
+	customLangs := make(map[string]string)
+	languageKeys := cfg.Section("languages").Keys()
+	for _, k := range languageKeys {
+		customLangs[k.Name()] = k.MustString("unknown")
+	}
+
+	// Read language colors
+	// Source: https://raw.githubusercontent.com/ozh/github-colors/master/colors.json
+	var colors = make(map[string]string)
+	var rawColors map[string]struct {
+		Color string `json:"color"`
+		Url   string `json:"url"`
+	}
+
+	data, err := ioutil.ReadFile("data/colors.json")
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	if err := json.Unmarshal(data, &rawColors); err != nil {
+		log.Fatal(err)
+	}
+
+	for k, v := range rawColors {
+		colors[strings.ToLower(k)] = v.Color
+	}
+
+	// TODO: Read keys from env, so that users are not logged out every time the server is restarted
+	secureCookie := securecookie.New(
+		securecookie.GenerateRandomKey(64),
+		securecookie.GenerateRandomKey(32),
+	)
+
+	return &Config{
+		Env:             env,
+		Version:         version,
+		Port:            port,
+		Addr:            addr,
+		BasePath:        basePath,
+		DbHost:          dbHost,
+		DbPort:          uint(dbPort),
+		DbUser:          dbUser,
+		DbPassword:      dbPassword,
+		DbName:          dbName,
+		DbDialect:       dbType,
+		DbMaxConn:       dbMaxConn,
+		CleanUp:         cleanUp,
+		InsecureCookies: insecureCookies,
+		SecureCookie:    secureCookie,
+		PasswordSalt:    passwordSalt,
+		CustomLanguages: customLangs,
+		LanguageColors:  colors,
+	}
 }
--- a/models/heartbeat.go
+++ b/models/heartbeat.go
@ -1,36 +1,31 @@
 package models

 import (
-	"database/sql/driver"
-	"errors"
-	"fmt"
 	"regexp"
-	"strconv"
-	"strings"
 	"time"
 )

-type HeartbeatReqTime time.Time
+type CustomTime time.Time

 type Heartbeat struct {
-	ID              uint             `gorm:"primary_key"`
-	User            *User            `json:"-" gorm:"not null"`
-	UserID          string           `json:"-" gorm:"not null; index:idx_time_user"`
-	Entity          string           `json:"entity" gorm:"not null; index:idx_entity"`
-	Type            string           `json:"type"`
-	Category        string           `json:"category"`
-	Project         string           `json:"project"`
-	Branch          string           `json:"branch"`
-	Language        string           `json:"language" gorm:"index:idx_language"`
-	IsWrite         bool             `json:"is_write"`
-	Editor          string           `json:"editor"`
-	OperatingSystem string           `json:"operating_system"`
-	Time            HeartbeatReqTime `json:"time" gorm:"type:timestamp; default:CURRENT_TIMESTAMP; index:idx_time,idx_time_user"`
+	ID              uint       `gorm:"primary_key"`
+	User            *User      `json:"-" gorm:"not null"`
+	UserID          string     `json:"-" gorm:"not null; index:idx_time_user"`
+	Entity          string     `json:"entity" gorm:"not null; index:idx_entity"`
+	Type            string     `json:"type"`
+	Category        string     `json:"category"`
+	Project         string     `json:"project"`
+	Branch          string     `json:"branch"`
+	Language        string     `json:"language" gorm:"index:idx_language"`
+	IsWrite         bool       `json:"is_write"`
+	Editor          string     `json:"editor"`
+	OperatingSystem string     `json:"operating_system"`
+	Time            CustomTime `json:"time" gorm:"type:timestamp; default:CURRENT_TIMESTAMP; index:idx_time,idx_time_user"`
 	languageRegex   *regexp.Regexp
 }

 func (h *Heartbeat) Valid() bool {
-	return h.User != nil && h.UserID != "" && h.Time != HeartbeatReqTime(time.Time{})
+	return h.User != nil && h.UserID != "" && h.Time != CustomTime(time.Time{})
 }

 func (h *Heartbeat) Augment(customLangs map[string]string) {
@ -49,47 +44,3 @@ func (h *Heartbeat) Augment(customLangs map[string]string) {
 		h.Language, _ = customLangs[ending]
 	}
 }
-
-func (j *HeartbeatReqTime) UnmarshalJSON(b []byte) error {
-	s := strings.Split(strings.Trim(string(b), "\""), ".")[0]
-	i, err := strconv.ParseInt(s, 10, 64)
-	if err != nil {
-		return err
-	}
-	t := time.Unix(i, 0)
-	*j = HeartbeatReqTime(t)
-	return nil
-}
-
-func (j *HeartbeatReqTime) Scan(value interface{}) error {
-	switch value.(type) {
-	case string:
-		t, err := time.Parse("2006-01-02 15:04:05-07:00", value.(string))
-		if err != nil {
-			return errors.New(fmt.Sprintf("unsupported date time format: %s", value))
-		}
-		*j = HeartbeatReqTime(t)
-	case int64:
-		*j = HeartbeatReqTime(time.Unix(value.(int64), 0))
-		break
-	case time.Time:
-		*j = HeartbeatReqTime(value.(time.Time))
-		break
-	default:
-		return errors.New(fmt.Sprintf("unsupported type: %T", value))
-	}
-	return nil
-}
-
-func (j HeartbeatReqTime) Value() (driver.Value, error) {
-	return time.Time(j), nil
-}
-
-func (j HeartbeatReqTime) String() string {
-	t := time.Time(j)
-	return t.Format("2006-01-02 15:04:05")
-}
-
-func (j HeartbeatReqTime) Time() time.Time {
-	return time.Time(j)
-}
--- a/models/models.go
+++ b/models/models.go
@ -0,0 +1,5 @@
+package models
+
+func init() {
+	SetConfig(readConfig())
+}
--- a/models/shared.go
+++ b/models/shared.go
@ -1,5 +1,68 @@
 package models

-const (
-	UserKey = "user"
+import (
+	"database/sql/driver"
+	"errors"
+	"fmt"
+	"github.com/jinzhu/gorm"
+	"strconv"
+	"strings"
+	"time"
 )
+
+const (
+	UserKey       = "user"
+	ImprintKey    = "imprint"
+	AuthCookieKey = "wakapi_auth"
+)
+
+type MigrationFunc func(db *gorm.DB) error
+
+type KeyStringValue struct {
+	Key   string `gorm:"primary_key"`
+	Value string `gorm:"type:text"`
+}
+
+func (j *CustomTime) UnmarshalJSON(b []byte) error {
+	s := strings.Split(strings.Trim(string(b), "\""), ".")[0]
+	i, err := strconv.ParseInt(s, 10, 64)
+	if err != nil {
+		return err
+	}
+	t := time.Unix(i, 0)
+	*j = CustomTime(t)
+	return nil
+}
+
+func (j *CustomTime) Scan(value interface{}) error {
+	switch value.(type) {
+	case string:
+		t, err := time.Parse("2006-01-02 15:04:05-07:00", value.(string))
+		if err != nil {
+			return errors.New(fmt.Sprintf("unsupported date time format: %s", value))
+		}
+		*j = CustomTime(t)
+	case int64:
+		*j = CustomTime(time.Unix(value.(int64), 0))
+		break
+	case time.Time:
+		*j = CustomTime(value.(time.Time))
+		break
+	default:
+		return errors.New(fmt.Sprintf("unsupported type: %T", value))
+	}
+	return nil
+}
+
+func (j CustomTime) Value() (driver.Value, error) {
+	return time.Time(j), nil
+}
+
+func (j CustomTime) String() string {
+	t := time.Time(j)
+	return t.Format("2006-01-02 15:04:05")
+}
+
+func (j CustomTime) Time() time.Time {
+	return time.Time(j)
+}
--- a/models/summary.go
+++ b/models/summary.go
@ -39,4 +39,7 @@ type SummaryItemContainer struct {
 type SummaryViewModel struct {
 	*Summary
 	LanguageColors map[string]string
+	Error          string
+	Success        string
+	ApiKey         string
 }
--- a/models/user.go
+++ b/models/user.go
@ -1,7 +1,45 @@
 package models

 type User struct {
-	ID       string `json:"id" gorm:"primary_key"`
-	ApiKey   string `json:"api_key" gorm:"unique"`
-	Password string `json:"-"`
+	ID             string     `json:"id" gorm:"primary_key"`
+	ApiKey         string     `json:"api_key" gorm:"unique"`
+	Password       string     `json:"-"`
+	CreatedAt      CustomTime `gorm:"type:timestamp; default:CURRENT_TIMESTAMP"`
+	LastLoggedInAt CustomTime `gorm:"type:timestamp; default:CURRENT_TIMESTAMP"`
+}
+
+type Login struct {
+	Username string `schema:"username"`
+	Password string `schema:"password"`
+}
+
+type Signup struct {
+	Username       string `schema:"username"`
+	Password       string `schema:"password"`
+	PasswordRepeat string `schema:"password_repeat"`
+}
+
+type CredentialsReset struct {
+	PasswordOld    string `schema:"password_old"`
+	PasswordNew    string `schema:"password_new"`
+	PasswordRepeat string `schema:"password_repeat"`
+}
+
+func (c *CredentialsReset) IsValid() bool {
+	return validatePassword(c.PasswordNew) &&
+		c.PasswordNew == c.PasswordRepeat
+}
+
+func (s *Signup) IsValid() bool {
+	return validateUsername(s.Username) &&
+		validatePassword(s.Password) &&
+		s.Password == s.PasswordRepeat
+}
+
+func validateUsername(username string) bool {
+	return len(username) >= 3
+}
+
+func validatePassword(password string) bool {
+	return len(password) >= 6
 }
--- a/routes/health.go
+++ b/routes/health.go
@ -7,12 +7,16 @@ import (
 )

 type HealthHandler struct {
-	Db *gorm.DB
+	db *gorm.DB
+}
+
+func NewHealthHandler(db *gorm.DB) *HealthHandler {
+	return &HealthHandler{db: db}
 }

 func (h *HealthHandler) ApiGet(w http.ResponseWriter, r *http.Request) {
 	var dbStatus int
-	if err := h.Db.DB().Ping(); err == nil {
+	if err := h.db.DB().Ping(); err == nil {
 		dbStatus = 1
 	}

--- a/routes/heartbeat.go
+++ b/routes/heartbeat.go
@ -12,15 +12,18 @@ import (
 )

 type HeartbeatHandler struct {
-	HeartbeatSrvc *services.HeartbeatService
+	config        *models.Config
+	heartbeatSrvc *services.HeartbeatService
+}
+
+func NewHeartbeatHandler(heartbeatService *services.HeartbeatService) *HeartbeatHandler {
+	return &HeartbeatHandler{
+		config:        models.GetConfig(),
+		heartbeatSrvc: heartbeatService,
+	}
 }

 func (h *HeartbeatHandler) ApiPost(w http.ResponseWriter, r *http.Request) {
-	if r.Method != http.MethodPost {
-		w.WriteHeader(http.StatusMethodNotAllowed)
-		return
-	}
-
 	var heartbeats []*models.Heartbeat
 	user := r.Context().Value(models.UserKey).(*models.User)
 	opSys, editor, _ := utils.ParseUserAgent(r.Header.Get("User-Agent"))
@ -37,7 +40,7 @@ func (h *HeartbeatHandler) ApiPost(w http.ResponseWriter, r *http.Request) {
 		hb.Editor = editor
 		hb.User = user
 		hb.UserID = user.ID
-		hb.Augment(h.HeartbeatSrvc.Config.CustomLanguages)
+		hb.Augment(h.config.CustomLanguages)

 		if !hb.Valid() {
 			w.WriteHeader(http.StatusBadRequest)
@ -46,7 +49,7 @@ func (h *HeartbeatHandler) ApiPost(w http.ResponseWriter, r *http.Request) {
 		}
 	}

-	if err := h.HeartbeatSrvc.InsertBatch(heartbeats); err != nil {
+	if err := h.heartbeatSrvc.InsertBatch(heartbeats); err != nil {
 		w.WriteHeader(http.StatusInternalServerError)
 		os.Stderr.WriteString(err.Error())
 		return
--- a/routes/public.go
+++ b/routes/public.go
@ -0,0 +1,179 @@
+package routes
+
+import (
+	"fmt"
+	"github.com/gorilla/schema"
+	"github.com/muety/wakapi/middlewares"
+	"github.com/muety/wakapi/models"
+	"github.com/muety/wakapi/services"
+	"github.com/muety/wakapi/utils"
+	"net/http"
+	"net/url"
+	"time"
+)
+
+type IndexHandler struct {
+	config       *models.Config
+	userSrvc     *services.UserService
+	keyValueSrvc *services.KeyValueService
+}
+
+var loginDecoder = schema.NewDecoder()
+var signupDecoder = schema.NewDecoder()
+
+func NewIndexHandler(userService *services.UserService, keyValueService *services.KeyValueService) *IndexHandler {
+	return &IndexHandler{
+		config:       models.GetConfig(),
+		userSrvc:     userService,
+		keyValueSrvc: keyValueService,
+	}
+}
+
+func (h *IndexHandler) GetIndex(w http.ResponseWriter, r *http.Request) {
+	if h.config.IsDev() {
+		loadTemplates()
+	}
+
+	if cookie, err := r.Cookie(models.AuthCookieKey); err == nil && cookie.Value != "" {
+		http.Redirect(w, r, fmt.Sprintf("%s/summary", h.config.BasePath), http.StatusFound)
+		return
+	}
+
+	if handleAlerts(w, r, "") {
+		return
+	}
+
+	templates["index.tpl.html"].Execute(w, nil)
+}
+
+func (h *IndexHandler) GetImprint(w http.ResponseWriter, r *http.Request) {
+	if h.config.IsDev() {
+		loadTemplates()
+	}
+
+	text := "failed to load content"
+	if data, err := h.keyValueSrvc.GetString(models.ImprintKey); err == nil {
+		text = data.Value
+	}
+
+	templates["imprint.tpl.html"].Execute(w, &struct {
+		HtmlText string
+	}{HtmlText: text})
+}
+
+func (h *IndexHandler) PostLogin(w http.ResponseWriter, r *http.Request) {
+	if h.config.IsDev() {
+		loadTemplates()
+	}
+
+	if cookie, err := r.Cookie(models.AuthCookieKey); err == nil && cookie.Value != "" {
+		http.Redirect(w, r, fmt.Sprintf("%s/summary", h.config.BasePath), http.StatusFound)
+		return
+	}
+
+	var login models.Login
+	if err := r.ParseForm(); err != nil {
+		respondAlert(w, "missing parameters", "", "", http.StatusBadRequest)
+		return
+	}
+	if err := loginDecoder.Decode(&login, r.PostForm); err != nil {
+		respondAlert(w, "missing parameters", "", "", http.StatusBadRequest)
+		return
+	}
+
+	user, err := h.userSrvc.GetUserById(login.Username)
+	if err != nil {
+		respondAlert(w, "resource not found", "", "", http.StatusNotFound)
+		return
+	}
+
+	// TODO: depending on middleware package here is a hack
+	if !middlewares.CheckAndMigratePassword(user, &login, h.config.PasswordSalt, h.userSrvc) {
+		respondAlert(w, "invalid credentials", "", "", http.StatusUnauthorized)
+		return
+	}
+
+	encoded, err := h.config.SecureCookie.Encode(models.AuthCookieKey, login)
+	if err != nil {
+		respondAlert(w, "internal server error", "", "", http.StatusInternalServerError)
+		return
+	}
+
+	user.LastLoggedInAt = models.CustomTime(time.Now())
+	h.userSrvc.Update(user)
+
+	cookie := &http.Cookie{
+		Name:     models.AuthCookieKey,
+		Value:    encoded,
+		Path:     "/",
+		Secure:   !h.config.InsecureCookies,
+		HttpOnly: true,
+	}
+	http.SetCookie(w, cookie)
+	http.Redirect(w, r, fmt.Sprintf("%s/summary", h.config.BasePath), http.StatusFound)
+}
+
+func (h *IndexHandler) PostLogout(w http.ResponseWriter, r *http.Request) {
+	if h.config.IsDev() {
+		loadTemplates()
+	}
+
+	utils.ClearCookie(w, models.AuthCookieKey, !h.config.InsecureCookies)
+	http.Redirect(w, r, fmt.Sprintf("%s/", h.config.BasePath), http.StatusFound)
+}
+
+func (h *IndexHandler) GetSignup(w http.ResponseWriter, r *http.Request) {
+	if h.config.IsDev() {
+		loadTemplates()
+	}
+
+	if cookie, err := r.Cookie(models.AuthCookieKey); err == nil && cookie.Value != "" {
+		http.Redirect(w, r, fmt.Sprintf("%s/summary", h.config.BasePath), http.StatusFound)
+		return
+	}
+
+	if handleAlerts(w, r, "signup.tpl.html") {
+		return
+	}
+
+	templates["signup.tpl.html"].Execute(w, nil)
+}
+
+func (h *IndexHandler) PostSignup(w http.ResponseWriter, r *http.Request) {
+	if h.config.IsDev() {
+		loadTemplates()
+	}
+
+	if cookie, err := r.Cookie(models.AuthCookieKey); err == nil && cookie.Value != "" {
+		http.Redirect(w, r, fmt.Sprintf("%s/summary", h.config.BasePath), http.StatusFound)
+		return
+	}
+
+	var signup models.Signup
+	if err := r.ParseForm(); err != nil {
+		respondAlert(w, "missing parameters", "", "signup.tpl.html", http.StatusBadRequest)
+		return
+	}
+	if err := signupDecoder.Decode(&signup, r.PostForm); err != nil {
+		respondAlert(w, "missing parameters", "", "signup.tpl.html", http.StatusBadRequest)
+		return
+	}
+
+	if !signup.IsValid() {
+		respondAlert(w, "invalid parameters", "", "signup.tpl.html", http.StatusBadRequest)
+		return
+	}
+
+	_, created, err := h.userSrvc.CreateOrGet(&signup)
+	if err != nil {
+		respondAlert(w, "failed to create new user", "", "signup.tpl.html", http.StatusInternalServerError)
+		return
+	}
+	if !created {
+		respondAlert(w, "user already existing", "", "signup.tpl.html", http.StatusConflict)
+		return
+	}
+
+	msg := url.QueryEscape("account created successfully")
+	http.Redirect(w, r, fmt.Sprintf("%s/?success=%s", h.config.BasePath, msg), http.StatusFound)
+}
--- a/routes/routes.go
+++ b/routes/routes.go
@ -0,0 +1,87 @@
+package routes
+
+import (
+	"fmt"
+	"github.com/muety/wakapi/models"
+	"github.com/muety/wakapi/utils"
+	"html/template"
+	"io/ioutil"
+	"net/http"
+	"path"
+	"strings"
+)
+
+func init() {
+	loadTemplates()
+}
+
+var templates map[string]*template.Template
+
+func loadTemplates() {
+	tplPath := "views"
+	tpls := template.New("").Funcs(template.FuncMap{
+		"json":       utils.Json,
+		"date":       utils.FormatDateHuman,
+		"title":      strings.Title,
+		"capitalize": utils.Capitalize,
+		"getBasePath": func() string {
+			return models.GetConfig().BasePath
+		},
+		"getVersion": func() string {
+			return models.GetConfig().Version
+		},
+		"htmlSafe": func(html string) template.HTML {
+			return template.HTML(html)
+		},
+	})
+	templates = make(map[string]*template.Template)
+
+	files, err := ioutil.ReadDir(tplPath)
+	if err != nil {
+		panic(err)
+	}
+
+	for _, file := range files {
+		tplName := file.Name()
+		if file.IsDir() || path.Ext(tplName) != ".html" {
+			continue
+		}
+
+		tpl, err := tpls.New(tplName).ParseFiles(fmt.Sprintf("%s/%s", tplPath, tplName))
+		if err != nil {
+			panic(err)
+		}
+
+		templates[tplName] = tpl
+	}
+}
+
+func respondAlert(w http.ResponseWriter, error, success, tplName string, status int) {
+	w.WriteHeader(status)
+	if tplName == "" {
+		tplName = "index.tpl.html"
+	}
+	templates[tplName].Execute(w, struct {
+		Error   string
+		Success string
+	}{Error: error, Success: success})
+}
+
+// TODO: do better
+func handleAlerts(w http.ResponseWriter, r *http.Request, tplName string) bool {
+	if err := r.URL.Query().Get("error"); err != "" {
+		if err == "unauthorized" {
+			respondAlert(w, err, "", tplName, http.StatusUnauthorized)
+		} else {
+			respondAlert(w, err, "", tplName, http.StatusInternalServerError)
+		}
+		return true
+	}
+
+	if success := r.URL.Query().Get("success"); success != "" {
+		respondAlert(w, "", success, tplName, http.StatusOK)
+		return true
+	}
+
+	return false
+}
--- a/routes/settings.go
+++ b/routes/settings.go
@ -0,0 +1,112 @@
+package routes
+
+import (
+	"fmt"
+	"github.com/gorilla/schema"
+	"github.com/muety/wakapi/models"
+	"github.com/muety/wakapi/services"
+	"github.com/muety/wakapi/utils"
+	"net/http"
+	"net/url"
+)
+
+type SettingsHandler struct {
+	config   *models.Config
+	userSrvc *services.UserService
+}
+
+var credentialsDecoder = schema.NewDecoder()
+
+func NewSettingsHandler(userService *services.UserService) *SettingsHandler {
+	return &SettingsHandler{
+		config:   models.GetConfig(),
+		userSrvc: userService,
+	}
+}
+
+func (h *SettingsHandler) GetIndex(w http.ResponseWriter, r *http.Request) {
+	if h.config.IsDev() {
+		loadTemplates()
+	}
+
+	if handleAlerts(w, r, "settings.tpl.html") {
+		return
+	}
+	templates["settings.tpl.html"].Execute(w, nil)
+}
+
+func (h *SettingsHandler) PostCredentials(w http.ResponseWriter, r *http.Request) {
+	if h.config.IsDev() {
+		loadTemplates()
+	}
+
+	user := r.Context().Value(models.UserKey).(*models.User)
+
+	var credentials models.CredentialsReset
+	if err := r.ParseForm(); err != nil {
+		respondAlert(w, "missing parameters", "", "settings.tpl.html", http.StatusBadRequest)
+		return
+	}
+	if err := credentialsDecoder.Decode(&credentials, r.PostForm); err != nil {
+		respondAlert(w, "missing parameters", "", "settings.tpl.html", http.StatusBadRequest)
+		return
+	}
+
+	if !utils.CheckPasswordBcrypt(user, credentials.PasswordOld, h.config.PasswordSalt) {
+		respondAlert(w, "invalid credentials", "", "settings.tpl.html", http.StatusUnauthorized)
+		return
+	}
+
+	if !credentials.IsValid() {
+		respondAlert(w, "invalid parameters", "", "settings.tpl.html", http.StatusBadRequest)
+		return
+	}
+
+	user.Password = credentials.PasswordNew
+	if err := utils.HashPassword(user, h.config.PasswordSalt); err != nil {
+		respondAlert(w, "internal server error", "", "settings.tpl.html", http.StatusInternalServerError)
+		return
+	}
+
+	if _, err := h.userSrvc.Update(user); err != nil {
+		respondAlert(w, "internal server error", "", "settings.tpl.html", http.StatusInternalServerError)
+		return
+	}
+
+	login := &models.Login{
+		Username: user.ID,
+		Password: user.Password,
+	}
+	encoded, err := h.config.SecureCookie.Encode(models.AuthCookieKey, login)
+	if err != nil {
+		respondAlert(w, "internal server error", "", "settings.tpl.html", http.StatusInternalServerError)
+		return
+	}
+
+	cookie := &http.Cookie{
+		Name:     models.AuthCookieKey,
+		Value:    encoded,
+		Path:     "/",
+		Secure:   !h.config.InsecureCookies,
+		HttpOnly: true,
+	}
+	http.SetCookie(w, cookie)
+
+	msg := url.QueryEscape("password was updated successfully")
+	http.Redirect(w, r, fmt.Sprintf("%s/settings?success=%s", h.config.BasePath, msg), http.StatusFound)
+}
+
+func (h *SettingsHandler) PostResetApiKey(w http.ResponseWriter, r *http.Request) {
+	if h.config.IsDev() {
+		loadTemplates()
+	}
+
+	user := r.Context().Value(models.UserKey).(*models.User)
+	if _, err := h.userSrvc.ResetApiKey(user); err != nil {
+		respondAlert(w, "internal server error", "", "settings.tpl.html", http.StatusInternalServerError)
+		return
+	}
+
+	msg := url.QueryEscape(fmt.Sprintf("your new api key is: %s", user.ApiKey))
+	http.Redirect(w, r, fmt.Sprintf("%s/settings?success=%s", h.config.BasePath, msg), http.StatusFound)
+}
--- a/routes/summary.go
+++ b/routes/summary.go
@ -2,9 +2,7 @@ package routes

 import (
 	"errors"
-	"html/template"
 	"net/http"
-	"path"
 	"time"

 	"github.com/muety/wakapi/models"
@ -22,39 +20,19 @@ const (
 )

 type SummaryHandler struct {
-	SummarySrvc   *services.SummaryService
-	Initialized   bool
-	indexTemplate *template.Template
+	summarySrvc *services.SummaryService
+	config      *models.Config
 }

-func (m *SummaryHandler) Init() {
-	m.loadTemplates()
-	m.Initialized = true
-}
-
-func (m *SummaryHandler) loadTemplates() {
-	indexTplPath := "views/index.tpl.html"
-	indexTpl, err := template.New(path.Base(indexTplPath)).Funcs(template.FuncMap{
-		"json": utils.Json,
-		"date": utils.FormatDateHuman,
-	}).ParseFiles(indexTplPath)
-	if err != nil {
-		panic(err)
+func NewSummaryHandler(summaryService *services.SummaryService) *SummaryHandler {
+	return &SummaryHandler{
+		summarySrvc: summaryService,
+		config:      models.GetConfig(),
 	}
-	m.indexTemplate = indexTpl
 }

 func (h *SummaryHandler) ApiGet(w http.ResponseWriter, r *http.Request) {
-	if r.Method != http.MethodGet {
-		w.WriteHeader(http.StatusMethodNotAllowed)
-		return
-	}
-
-	if !h.Initialized {
-		h.Init()
-	}
-
-	summary, err, status := loadUserSummary(r, h.SummarySrvc)
+	summary, err, status := loadUserSummary(r, h.summarySrvc)
 	if err != nil {
 		w.WriteHeader(status)
 		w.Write([]byte(err.Error()))
@ -64,18 +42,9 @@ func (h *SummaryHandler) ApiGet(w http.ResponseWriter, r *http.Request) {
 	utils.RespondJSON(w, http.StatusOK, summary)
 }

-func (h *SummaryHandler) Index(w http.ResponseWriter, r *http.Request) {
-	if r.Method != http.MethodGet {
-		w.WriteHeader(http.StatusMethodNotAllowed)
-		return
-	}
-
-	if !h.Initialized {
-		h.Init()
-	}
-
-	if h.SummarySrvc.Config.IsDev() {
-		h.loadTemplates()
+func (h *SummaryHandler) GetIndex(w http.ResponseWriter, r *http.Request) {
+	if h.config.IsDev() {
+		loadTemplates()
 	}

 	q := r.URL.Query()
@ -84,19 +53,25 @@ func (h *SummaryHandler) Index(w http.ResponseWriter, r *http.Request) {
 		r.URL.RawQuery = q.Encode()
 	}

-	summary, err, status := loadUserSummary(r, h.SummarySrvc)
+	summary, err, status := loadUserSummary(r, h.summarySrvc)
 	if err != nil {
-		w.WriteHeader(status)
-		w.Write([]byte(err.Error()))
+		respondAlert(w, err.Error(), "", "summary.tpl.html", status)
+		return
+	}
+
+	user := r.Context().Value(models.UserKey).(*models.User)
+	if user == nil {
+		respondAlert(w, "unauthorized", "", "summary.tpl.html", http.StatusUnauthorized)
 		return
 	}

 	vm := models.SummaryViewModel{
 		Summary:        summary,
-		LanguageColors: utils.FilterLanguageColors(h.SummarySrvc.Config.LanguageColors, summary),
+		LanguageColors: utils.FilterLanguageColors(h.config.LanguageColors, summary),
+		ApiKey:         user.ApiKey,
 	}

-	h.indexTemplate.Execute(w, vm)
+	templates["summary.tpl.html"].Execute(w, vm)
 }

 func loadUserSummary(r *http.Request, summaryService *services.SummaryService) (*models.Summary, error, int) {
--- a/services/aggregation.go
+++ b/services/aggregation.go
@ -22,14 +22,22 @@ type AggregationService struct {
 	HeartbeatService *HeartbeatService
 }

+func NewAggregationService(db *gorm.DB, userService *UserService, summaryService *SummaryService, heartbeatService *HeartbeatService) *AggregationService {
+	return &AggregationService{
+		Config:           models.GetConfig(),
+		Db:               db,
+		UserService:      userService,
+		SummaryService:   summaryService,
+		HeartbeatService: heartbeatService,
+	}
+}
+
 type AggregationJob struct {
 	UserID string
 	From   time.Time
 	To     time.Time
 }

-func (srv *AggregationService) Init() {}
-
 // Schedule a job to (re-)generate summaries every day shortly after midnight
 // TODO: Make configurable
 func (srv *AggregationService) Schedule() {
--- a/services/alias.go
+++ b/services/alias.go
@ -13,9 +13,14 @@ type AliasService struct {
 	Db     *gorm.DB
 }

-var userAliases sync.Map
+func NewAliasService(db *gorm.DB) *AliasService {
+	return &AliasService{
+		Config: models.GetConfig(),
+		Db:     db,
+	}
+}

-func (srv *AliasService) Init() {}
+var userAliases sync.Map

 func (srv *AliasService) LoadUserAliases(userId string) error {
 	var aliases []*models.Alias
@ -41,7 +46,7 @@ func (srv *AliasService) GetAliasOrDefault(userId string, summaryType uint8, val
 	return "", errors.New("user aliases not initialized")
 }

-func (src *AliasService) IsInitialized(userId string) bool {
+func (srv *AliasService) IsInitialized(userId string) bool {
 	if _, ok := userAliases.Load(userId); ok {
 		return true
 	}
--- a/services/common.go
+++ b/services/common.go
@ -1,5 +0,0 @@
-package services
-
-type Initializable interface {
-	Init()
-}
--- a/services/heartbeat.go
+++ b/services/heartbeat.go
@ -21,7 +21,12 @@ type HeartbeatService struct {
 	Db     *gorm.DB
 }

-func (srv *HeartbeatService) Init() {}
+func NewHeartbeatService(db *gorm.DB) *HeartbeatService {
+	return &HeartbeatService{
+		Config: models.GetConfig(),
+		Db:     db,
+	}
+}

 func (srv *HeartbeatService) InsertBatch(heartbeats []*models.Heartbeat) error {
 	var batch []interface{}
--- a/services/key_value.go
+++ b/services/key_value.go
@ -0,0 +1,62 @@
+package services
+
+import (
+	"errors"
+	"github.com/jinzhu/gorm"
+	"github.com/muety/wakapi/models"
+)
+
+type KeyValueService struct {
+	Config *models.Config
+	Db     *gorm.DB
+}
+
+func NewKeyValueService(db *gorm.DB) *KeyValueService {
+	return &KeyValueService{
+		Config: models.GetConfig(),
+		Db:     db,
+	}
+}
+
+func (srv *KeyValueService) GetString(key string) (*models.KeyStringValue, error) {
+	kv := &models.KeyStringValue{}
+	if err := srv.Db.
+		Where(&models.KeyStringValue{Key: key}).
+		First(&kv).Error; err != nil {
+		return nil, err
+	}
+
+	return kv, nil
+}
+
+func (srv *KeyValueService) PutString(kv *models.KeyStringValue) error {
+	result := srv.Db.
+		Where(&models.KeyStringValue{Key: kv.Key}).
+		Assign(kv).
+		FirstOrCreate(kv)
+
+	if err := result.Error; err != nil {
+		return err
+	}
+
+	if result.RowsAffected != 1 {
+		return errors.New("nothing updated")
+	}
+
+	return nil
+}
+
+func (srv *KeyValueService) DeleteString(key string) error {
+	result := srv.Db.
+		Delete(&models.KeyStringValue{}, &models.KeyStringValue{Key: key})
+
+	if err := result.Error; err != nil {
+		return err
+	}
+
+	if result.RowsAffected != 1 {
+		return errors.New("nothing deleted")
+	}
+
+	return nil
+}
--- a/services/summary.go
+++ b/services/summary.go
@ -21,15 +21,21 @@ type SummaryService struct {
 	AliasService     *AliasService
 }

+func NewSummaryService(db *gorm.DB, heartbeatService *HeartbeatService, aliasService *AliasService) *SummaryService {
+	return &SummaryService{
+		Config:           models.GetConfig(),
+		Cache:            cache.New(24*time.Hour, 24*time.Hour),
+		Db:               db,
+		HeartbeatService: heartbeatService,
+		AliasService:     aliasService,
+	}
+}
+
 type Interval struct {
 	Start time.Time
 	End   time.Time
 }

-func (srv *SummaryService) Init() {
-	srv.Cache = cache.New(24*time.Hour, 24*time.Hour)
-}
-
 func (srv *SummaryService) Construct(from, to time.Time, user *models.User, recompute bool) (*models.Summary, error) {
 	var existingSummaries []*models.Summary
 	var cacheKey string
@ -138,7 +144,7 @@ func (srv *SummaryService) GetByUserWithin(user *models.User, from, to time.Time
 	return summaries, nil
 }

-// Will return *models.Summary objects with only user_id and to_time filled
+// Will return *models.Index objects with only user_id and to_time filled
 func (srv *SummaryService) GetLatestByUser() ([]*models.Summary, error) {
 	var summaries []*models.Summary
 	if err := srv.Db.
--- a/services/user.go
+++ b/services/user.go
@ -1,8 +1,11 @@
 package services

 import (
+	"errors"
 	"github.com/jinzhu/gorm"
 	"github.com/muety/wakapi/models"
+	"github.com/muety/wakapi/utils"
+	uuid "github.com/satori/go.uuid"
 )

 type UserService struct {
@ -10,7 +13,12 @@ type UserService struct {
 	Db     *gorm.DB
 }

-func (srv *UserService) Init() {}
+func NewUserService(db *gorm.DB) *UserService {
+	return &UserService{
+		Config: models.GetConfig(),
+		Db:     db,
+	}
+}

 func (srv *UserService) GetUserById(userId string) (*models.User, error) {
 	u := &models.User{}
@ -37,3 +45,60 @@ func (srv *UserService) GetAll() ([]*models.User, error) {
 	}
 	return users, nil
 }
+
+func (srv *UserService) CreateOrGet(signup *models.Signup) (*models.User, bool, error) {
+	u := &models.User{
+		ID:       signup.Username,
+		ApiKey:   uuid.NewV4().String(),
+		Password: signup.Password,
+	}
+
+	if err := utils.HashPassword(u, srv.Config.PasswordSalt); err != nil {
+		return nil, false, err
+	}
+
+	result := srv.Db.FirstOrCreate(u, &models.User{ID: u.ID})
+	if err := result.Error; err != nil {
+		return nil, false, err
+	}
+
+	if result.RowsAffected == 1 {
+		return u, true, nil
+	}
+
+	return u, false, nil
+}
+
+func (srv *UserService) Update(user *models.User) (*models.User, error) {
+	result := srv.Db.Model(&models.User{}).Updates(user)
+	if err := result.Error; err != nil {
+		return nil, err
+	}
+
+	if result.RowsAffected != 1 {
+		return nil, errors.New("nothing updated")
+	}
+
+	return user, nil
+}
+
+func (srv *UserService) ResetApiKey(user *models.User) (*models.User, error) {
+	user.ApiKey = uuid.NewV4().String()
+	return srv.Update(user)
+}
+
+func (srv *UserService) MigrateMd5Password(user *models.User, login *models.Login) (*models.User, error) {
+	user.Password = login.Password
+	if err := utils.HashPassword(user, srv.Config.PasswordSalt); err != nil {
+		return nil, err
+	}
+
+	result := srv.Db.Model(user).Update("password", user.Password)
+	if err := result.Error; err != nil {
+		return nil, err
+	} else if result.RowsAffected < 1 {
+		return nil, errors.New("nothing changes")
+	}
+
+	return user, nil
+}
--- a/static/assets/app.js
+++ b/static/assets/app.js
@ -196,6 +196,21 @@ function getRandomColor(seed) {
    return color
 }

+function showApiKeyPopup(event) {
+    const el = document.getElementById('api-key-popup')
+    el.classList.remove('hidden')
+    el.classList.add('block')
+    event.stopPropagation()
+}
+
+function copyApiKey(event) {
+    const el = document.getElementById('api-key-container')
+    el.select()
+    el.setSelectionRange(0, 9999)
+    document.execCommand('copy')
+    event.stopPropagation()
+}
+
 // https://koddsson.com/posts/emoji-favicon/
 const favicon = document.querySelector('link[rel=icon]')
 if (favicon) {
@ -211,6 +226,17 @@ if (favicon) {
    }
 }

+// Click outside
+window.addEventListener('click', function(event) {
+    if (event.target.classList.contains('popup')) {
+        return
+    }
+    document.querySelectorAll('.popup').forEach(el => {
+        el.classList.remove('block')
+        el.classList.add('hidden')
+    })
+})
+
 window.addEventListener('load', function () {
    draw()
 })
--- a/utils/auth.go
+++ b/utils/auth.go
@ -0,0 +1,89 @@
+package utils
+
+import (
+	"crypto/md5"
+	"encoding/base64"
+	"encoding/hex"
+	"errors"
+	"github.com/muety/wakapi/models"
+	"golang.org/x/crypto/bcrypt"
+	"net/http"
+	"regexp"
+	"strings"
+)
+
+var md5Regex = regexp.MustCompile(`^[a-f0-9]{32}$`)
+
+func ExtractBasicAuth(r *http.Request) (username, password string, err error) {
+	authHeader := strings.Split(r.Header.Get("Authorization"), " ")
+	if len(authHeader) != 2 || authHeader[0] != "Basic" {
+		return username, password, errors.New("failed to extract API key")
+	}
+
+	hash, err := base64.StdEncoding.DecodeString(authHeader[1])
+	userKey := strings.TrimSpace(string(hash))
+	if err != nil {
+		return username, password, err
+	}
+
+	re := regexp.MustCompile(`^(.+):(.+)$`)
+	groups := re.FindAllStringSubmatch(userKey, -1)
+	if len(groups) == 0 || len(groups[0]) != 3 {
+		return username, password, errors.New("failed to parse user agent string")
+	}
+	username, password = groups[0][1], groups[0][2]
+	return username, password, err
+}
+
+func ExtractBearerAuth(r *http.Request) (key string, err error) {
+	authHeader := strings.Split(r.Header.Get("Authorization"), " ")
+	if len(authHeader) != 2 || authHeader[0] != "Basic" {
+		return key, errors.New("failed to extract API key")
+	}
+
+	keyBytes, err := base64.StdEncoding.DecodeString(authHeader[1])
+	return string(keyBytes), err
+}
+
+func ExtractCookieAuth(r *http.Request, config *models.Config) (login *models.Login, err error) {
+	cookie, err := r.Cookie(models.AuthCookieKey)
+	if err != nil {
+		return nil, errors.New("missing authentication")
+	}
+
+	if err := config.SecureCookie.Decode(models.AuthCookieKey, cookie.Value, &login); err != nil {
+		return nil, errors.New("invalid parameters")
+	}
+
+	return login, nil
+}
+
+func IsMd5(hash string) bool {
+	return md5Regex.Match([]byte(hash))
+}
+
+func CheckPasswordBcrypt(user *models.User, password, salt string) bool {
+	plainPassword := []byte(strings.TrimSpace(password) + salt)
+	err := bcrypt.CompareHashAndPassword([]byte(user.Password), plainPassword)
+	return err == nil
+}
+
+// deprecated, only here for backwards compatibility
+func CheckPasswordMd5(user *models.User, password string) bool {
+	hash := md5.Sum([]byte(password))
+	hashStr := hex.EncodeToString(hash[:])
+	if hashStr == user.Password {
+		return true
+	}
+	return false
+}
+
+// inplace
+func HashPassword(u *models.User, salt string) error {
+	plainSaltedPassword := []byte(strings.TrimSpace(u.Password) + salt)
+	bytes, err := bcrypt.GenerateFromPassword(plainSaltedPassword, bcrypt.DefaultCost)
+	if err == nil {
+		u.Password = string(bytes)
+	}
+	return err
+}
--- a/utils/environment.go
+++ b/utils/environment.go
@ -1,14 +0,0 @@
-package utils
-
-import (
-	"log"
-	"os"
-)
-
-func LookupFatal(key string) string {
-	v, ok := os.LookupEnv(key)
-	if !ok {
-		log.Fatalf("missing env variable '%s'", key)
-	}
-	return v
-}
--- a/utils/http.go
+++ b/utils/http.go
@ -12,3 +12,13 @@ func RespondJSON(w http.ResponseWriter, status int, object interface{}) {
 		w.WriteHeader(http.StatusInternalServerError)
 	}
 }
+
+func ClearCookie(w http.ResponseWriter, name string, secure bool) {
+	http.SetCookie(w, &http.Cookie{
+		Name:     name,
+		Value:    "",
+		Path:     "/",
+		Secure:   secure,
+		HttpOnly: true,
+	})
+}
--- a/utils/strings.go
+++ b/utils/strings.go
@ -0,0 +1,10 @@
+package utils
+
+import (
+	"fmt"
+	"strings"
+)
+
+func Capitalize(s string) string {
+	return fmt.Sprintf("%s%s", strings.ToUpper(s[:1]), s[1:])
+}
--- a/version.txt
+++ b/version.txt
@ -1 +1 @@
-1.2.2
+1.7.1
--- a/views/alerts.tpl.html
+++ b/views/alerts.tpl.html
@ -0,0 +1,13 @@
+{{ if .Error }}
+<div class="flex justify-center w-full">
+    <div class="p-4 text-white text-sm bg-red-500 rounded mt-16 shadow flex-grow max-w-lg">
+        Error: {{ .Error | capitalize }}
+    </div>
+</div>
+{{ else if .Success }}
+    <div class="flex justify-center w-full">
+        <div class="p-4 text-white text-sm bg-green-500 rounded mt-16 shadow flex-grow max-w-lg">
+            {{ .Success | capitalize }}
+        </div>
+    </div>
+{{ end }}
--- a/views/foot.tpl.html
+++ b/views/foot.tpl.html
@ -0,0 +1,12 @@
+<script src="https://cdnjs.cloudflare.com/ajax/libs/seedrandom/2.4.4/seedrandom.min.js"></script>
+<script src="https://cdnjs.cloudflare.com/ajax/libs/Chart.js/2.7.3/Chart.bundle.min.js"></script>
+
+<script>
+    let wakapiData = {}
+    let languageColors = {{ .LanguageColors | json }}
+        wakapiData.projects = {{ .Projects | json }}
+            wakapiData.operatingSystems = {{ .OperatingSystems | json }}
+                wakapiData.editors = {{ .Editors | json }}
+                    wakapiData.languages = {{ .Languages | json }}
+</script>
+<script src="assets/app.js"></script>
--- a/views/footer.tpl.html
+++ b/views/footer.tpl.html
@ -0,0 +1,12 @@
+<footer class="flex justify-between w-full text-center text-gray-500 text-xs mt-12">
+    <div class="text-xs font-mono">
+        v{{ getVersion }}
+    </div>
+    <div>
+        Made with &nbsp; 🤍 &nbsp; by <a href="https://muetsch.io" class="border-b border-green-700">Ferdinand Mütsch</a> as <a
+                href="https://github.com/muety/wakapi" class="border-b border-green-700">open-source</a> software
+    </div>
+    <div>
+        <a href="imprint" class="border-b border-green-700">Imprint, Cookies & Data Privacy</a>
+    </div>
+</footer>
--- a/views/head.tpl.html
+++ b/views/head.tpl.html
@ -0,0 +1,9 @@
+<head>
+    <title>Wakapi – Coding Statistics</title>
+    <base href="{{ getBasePath }}/">
+    <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1"/>
+    <link rel="icon" data-emoji="📊" type="image/png">
+    <link href="https://fonts.googleapis.com/css?family=Roboto&display=swap" rel="stylesheet">
+    <link href="https://unpkg.com/tailwindcss@^1.4.6/dist/tailwind.min.css" rel="stylesheet">
+    <link href="assets/app.css" rel="stylesheet">
+</head>
--- a/views/imprint.tpl.html
+++ b/views/imprint.tpl.html
@ -0,0 +1,24 @@
+<html>
+
+{{ template "head.tpl.html" . }}
+
+<body class="bg-gray-800 text-gray-700 p-4 pt-10 flex flex-col min-h-screen max-w-screen-xl mx-auto justify-center">
+<div class="w-full flex justify-center">
+    <div class="flex items-center justify-between max-w-4xl flex-grow">
+        <div><a href="" class="text-gray-500 text-sm">&larr Go back</a></div>
+        <div><h1 class="font-semibold text-2xl text-white m-0 border-b-4 border-green-700">Imprint & Data Privacy</h1>
+        </div>
+        <div></div>
+    </div>
+</div>
+
+<main class="mt-10 flex-grow flex justify-center w-full">
+    {{ htmlSafe .HtmlText }}
+</main>
+
+{{ template "footer.tpl.html" . }}
+
+{{ template "foot.tpl.html" . }}
+</body>
+
+</html>
--- a/views/index.tpl.html
+++ b/views/index.tpl.html
@ -1,76 +1,42 @@
 <html>

-<head>
-    <title>Wakapi – Coding Statistics</title>
-    <base href="/">
-    <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1"/>
-    <link rel="icon" data-emoji="📊" type="image/png">
-    <link href="https://fonts.googleapis.com/css?family=Roboto&display=swap" rel="stylesheet">
-    <link href="https://unpkg.com/tailwindcss@^1.0/dist/tailwind.min.css" rel="stylesheet">
-    <link href="assets/app.css" rel="stylesheet">
-</head>
+{{ template "head.tpl.html" . }}

 <body class="bg-gray-800 text-gray-700 p-4 pt-10 flex flex-col min-h-screen max-w-screen-xl mx-auto justify-center">
-    <div class="flex items-center justify-center">
-        <h1 class="font-semibold text-2xl text-white m-0 border-b-4 border-green-700">Your Coding Statistics 🤓</h1>
-    </div>
-    <div class="text-white text-sm flex items-center justify-center mt-4">
-        <a href="?interval=today" class="m-1 border-b border-green-700">Today (live)</a>
-        <a href="?interval=day" class="m-1 border-b border-green-700">Yesterday</a>
-        <a href="?interval=week" class="m-1 border-b border-green-700">This Week</a>
-        <a href="?interval=month" class="m-1 border-b border-green-700">This Month</a>
-        <a href="?interval=year" class="m-1 border-b border-green-700">This Year</a>
-        <a href="?interval=any" class="m-1 border-b border-green-700">All Time</a>
-    </div>
-    <main class="mt-10 flex-grow" id="grid-container">
-        <div class="flex justify-center">
-            <div class="p-1">
-                <div class="flex justify-center p-4 bg-white rounded shadow">
-                    <p class="mx-2"><strong>▶️</strong> <span title="Start Time">{{ .FromTime | date }}</span></p>
-                    <p class="mx-2"><strong>⏹</strong> <span title="End Time">{{ .ToTime | date }}</span></p>
-                    <p class="mx-2"><strong>⏱</strong> <span id="total-span" title="Total Hours"></span></p>
-                </div>
-            </div>
-        </div>
-        <div class="flex flex-wrap justify-center">
-            <div class="w-full lg:w-1/2 p-1">
-                <div class="p-4 bg-white rounded shadow m-2" id="projects-container" style="height: 300px">
-                    <canvas id="chart-projects"></canvas>
-                </div>
-            </div>
-            <div class="w-full lg:w-1/2 p-1">
-                <div class="p-4 bg-white rounded shadow m-2" id="os-container" style="height: 300px">
-                    <canvas id="chart-os"></canvas>
-                </div>
-            </div>
-            <div class="w-full lg:w-1/2 p-1">
-                <div class="p-4 bg-white rounded shadow m-2 relative" id="language-container" style="height: 300px">
-                    <canvas id="chart-language"></canvas>
-                </div>
-            </div>
-            <div class="w-full lg:w-1/2 p-1">
-                <div class="p-4 bg-white rounded shadow m-2" id="editor-container" style="height: 300px">
-                    <canvas id="chart-editor"></canvas>
-                </div>
-            </div>
-        </div>
-    </main>
-    <footer class="w-full text-center text-gray-300 text-xs mt-12">
-        Made by <a href="https://muetsch.io" class="border-b border-green-700">Ferdinand Mütsch</a> as <a href="https://github.com/muety/wakapi" class="border-b border-green-700">open-source</a>.
-    </footer>
+<div class="flex items-center justify-center">
+    <h1 class="font-semibold text-2xl text-white m-0 border-b-4 border-green-700">Login</h1>
+</div>

-    <script src="https://cdnjs.cloudflare.com/ajax/libs/seedrandom/2.4.4/seedrandom.min.js"></script>
-    <script src="https://cdnjs.cloudflare.com/ajax/libs/Chart.js/2.7.3/Chart.bundle.min.js"></script>
+{{ template "alerts.tpl.html" . }}

-    <script>
-        let wakapiData = {}
-        let languageColors = {{ .LanguageColors | json }}
-        wakapiData.projects = {{ .Projects | json }}
-        wakapiData.operatingSystems = {{ .OperatingSystems | json }}
-        wakapiData.editors = {{ .Editors | json }}
-        wakapiData.languages = {{ .Languages | json }}
-    </script>
-    <script src="assets/app.js"></script>
+<main class="mt-10 flex-grow flex justify-center w-full">
+    <div class="flex-grow max-w-lg mt-12">
+        <form action="login" method="post">
+            <div class="mb-8">
+                <label class="inline-block text-sm mb-1 text-gray-500" for="username">Username</label>
+                <input class="shadow appearance-none bg-gray-800 focus:bg-gray-700 text-gray-300 border-green-700 focus:border-gray-500 border rounded w-full py-1 px-3"
+                       type="text" id="username"
+                       name="username" placeholder="Enter your username" minlength="3" required autofocus>
+            </div>
+            <div class="mb-8">
+                <label class="inline-block text-sm mb-1 text-gray-500" for="password">Password</label>
+                <input class="shadow appearance-none bg-gray-800 focus:bg-gray-700 text-gray-300 border-green-700 focus:border-gray-500 border rounded w-full py-1 px-3"
+                       type="password" id="password"
+                       name="password" placeholder="******" minlength="6" required>
+            </div>
+            <div class="flex justify-between">
+                <a href="signup">
+                    <button type="button" class="py-1 px-3 rounded border border-green-700 text-white text-sm">Sign up</button>
+                </a>
+                <button type="submit" class="py-1 px-3 rounded bg-green-700 hover:bg-green-800 text-white text-sm">Log in</button>
+            </div>
+        </form>
+    </div>
+</main>
+
+{{ template "footer.tpl.html" . }}
+
+{{ template "foot.tpl.html" . }}
 </body>

 </html>
--- a/views/settings.tpl.html
+++ b/views/settings.tpl.html
@ -0,0 +1,75 @@
+<html>
+
+{{ template "head.tpl.html" . }}
+
+<body class="bg-gray-800 text-gray-700 p-4 pt-10 flex flex-col min-h-screen max-w-screen-xl mx-auto justify-center">
+<div class="w-full flex justify-center">
+    <div class="flex items-center justify-between max-w-4xl flex-grow">
+        <div><a href="" class="text-gray-500 text-sm">&larr; Go back</a></div>
+        <div><h1 class="font-semibold text-2xl text-white m-0 border-b-4 border-green-700">Settings</h1></div>
+        <div></div>
+    </div>
+</div>
+
+{{ template "alerts.tpl.html" . }}
+
+<main class="mt-4 flex-grow flex justify-center w-full">
+    <div class="flex flex-col flex-grow max-w-lg mt-8">
+        <div class="w-full my-8 pb-8 border-b border-gray-700">
+            <div class="font-semibold text-lg text-white m-0 border-b-2 border-green-700 inline-block">
+                Change Password
+            </div>
+
+            <form class="mt-10" action="settings/credentials" method="post">
+                <div class="mb-8">
+                    <label class="inline-block text-sm mb-1 text-gray-500" for="password_old">Current Password</label>
+                    <input class="shadow appearance-none bg-gray-800 focus:bg-gray-700 text-gray-300 border-green-700 focus:border-gray-500 border rounded w-full py-1 px-3"
+                           type="password" id="password_old"
+                           name="password_old" placeholder="Enter your old password" minlength="6" required>
+                </div>
+                <div class="mb-8">
+                    <label class="inline-block text-sm mb-1 text-gray-500" for="password_new">New Password</label>
+                    <input class="shadow appearance-none bg-gray-800 focus:bg-gray-700 text-gray-300 border-green-700 focus:border-gray-500 border rounded w-full py-1 px-3"
+                           type="password" id="password_new"
+                           name="password_new" placeholder="Choose a password" minlength="6" required>
+                </div>
+                <div class="mb-8">
+                    <label class="inline-block text-sm mb-1 text-gray-500" for="password_repeat">And again ...</label>
+                    <input class="shadow appearance-none bg-gray-800 focus:bg-gray-700 text-gray-300 border-green-700 focus:border-gray-500 border rounded w-full py-1 px-3"
+                           type="password" id="password_repeat"
+                           name="password_repeat" placeholder="Repeat your password" minlength="6" required>
+                </div>
+                <div class="flex justify-between float-right">
+                    <button type="submit" class="py-1 px-3 rounded bg-green-700 hover:bg-green-800 text-white text-sm">
+                        Save
+                    </button>
+                </div>
+            </form>
+        </div>
+
+        <div class="w-full mt-4 mb-8 pb-8">
+            <div class="font-semibold text-lg text-white m-0 border-b-2 border-green-700 inline-block">
+                Reset API Key
+            </div>
+
+            <form class="mt-6" action="settings/reset" method="post">
+                <div class="text-gray-300 text-sm mb-4">
+                    <strong>⚠️ Caution:</strong> Resetting your API key requires you to update your <span class="font-mono">.wakatime.cfg</span> files on all of your computers to make the WakaTime client send heartbeats again.
+                </div>
+
+                <div class="flex justify-between float-right">
+                    <button type="submit" class="py-1 px-3 rounded bg-red-500 hover:bg-red-600 text-white text-sm">
+                        Reset
+                    </button>
+                </div>
+            </form>
+        </div>
+    </div>
+</main>
+
+{{ template "footer.tpl.html" . }}
+
+{{ template "foot.tpl.html" . }}
+</body>
+
+</html>
--- a/views/signup.tpl.html
+++ b/views/signup.tpl.html
@ -0,0 +1,63 @@
+<html>
+
+{{ template "head.tpl.html" . }}
+
+<body class="bg-gray-800 text-gray-700 p-4 pt-10 flex flex-col min-h-screen max-w-screen-xl mx-auto justify-center">
+<div class="w-full flex justify-center">
+    <div class="flex items-center justify-between max-w-4xl flex-grow">
+        <div><a href="" class="text-gray-500 text-sm">&larr Go back</a></div>
+        <div><h1 class="font-semibold text-2xl text-white m-0 border-b-4 border-green-700">Sign Up</h1></div>
+        <div></div>
+    </div>
+</div>
+
+{{ template "alerts.tpl.html" . }}
+
+<main class="mt-10 flex-grow flex justify-center w-full">
+    <div class="flex-grow max-w-lg mt-8">
+        <div>
+            <p class="text-sm text-gray-300">
+                💡 In order to use Wakapi, you need to create an account.
+                After successful signup, you still need to set up the <a href="https://wakatime.com" target="_blank"
+                                                                         class="border-b border-green-700">WakaTime</a>
+                client tools.
+                Please refer to <a href="https://github.com/muety/wakapi#client-setup" target="_blank"
+                                   class="border-b border-green-700">this readme section</a> for instructions.
+                You will be able to view you <strong>API Key</strong> once you log in.
+            </p>
+        </div>
+
+        <form class="mt-10" action="signup" method="post">
+            <div class="mb-8">
+                <label class="inline-block text-sm mb-1 text-gray-500" for="username">Username</label>
+                <input class="shadow appearance-none bg-gray-800 focus:bg-gray-700 text-gray-300 border-green-700 focus:border-gray-500 border rounded w-full py-1 px-3"
+                       type="text" id="username"
+                       name="username" placeholder="Choose a username" minlength="3" required autofocus>
+            </div>
+            <div class="mb-8">
+                <label class="inline-block text-sm mb-1 text-gray-500" for="password">Password</label>
+                <input class="shadow appearance-none bg-gray-800 focus:bg-gray-700 text-gray-300 border-green-700 focus:border-gray-500 border rounded w-full py-1 px-3"
+                       type="password" id="password"
+                       name="password" placeholder="Choose a password" minlength="6" required>
+            </div>
+            <div class="mb-8">
+                <label class="inline-block text-sm mb-1 text-gray-500" for="password_repeat">And again ...</label>
+                <input class="shadow appearance-none bg-gray-800 focus:bg-gray-700 text-gray-300 border-green-700 focus:border-gray-500 border rounded w-full py-1 px-3"
+                       type="password" id="password_repeat"
+                       name="password_repeat" placeholder="Repeat your password" minlength="6" required>
+            </div>
+            <div class="flex justify-between float-right">
+                <button type="submit" class="py-1 px-3 rounded bg-green-700 hover:bg-green-800 text-white text-sm">
+                    Create Account
+                </button>
+            </div>
+        </form>
+    </div>
+</main>
+
+{{ template "footer.tpl.html" . }}
+
+{{ template "foot.tpl.html" . }}
+</body>
+
+</html>
--- a/views/summary.tpl.html
+++ b/views/summary.tpl.html
@ -0,0 +1,89 @@
+<html>
+
+{{ template "head.tpl.html" . }}
+
+<body class="relative bg-gray-800 text-gray-700 p-4 pt-10 flex flex-col min-h-screen max-w-screen-xl mx-auto justify-center">
+
+<div class="hidden flex bg-gray-800 shadow-md z-10 p-2 absolute top-0 right-0 mt-10 mr-8 border border-green-700 rounded popup"
+     id="api-key-popup">
+    <div class="flex-grow flex flex-col px-2">
+        <span class="text-xs text-gray-500 mx-1">API Key</span>
+        <input type="text" class="bg-transparent text-sm text-white mx-1 font-mono" id="api-key-container" readonly
+               value="{{ .ApiKey }}" style="min-width: 330px">
+    </div>
+    <div class="flex items-center px-2 border-l border-gray-700">
+        <button title="Copy to clipboard" onclick="copyApiKey(event)">📋</button>
+    </div>
+</div>
+
+<div class="absolute flex top-0 right-0 mr-8 mt-10 py-2">
+    <div class="mx-1">
+        <button type="button" class="py-1 px-3 h-8 rounded border border-green-700 text-white text-sm"
+                onclick="showApiKeyPopup(event)">🔐
+        </button>
+    </div>
+    <div class="mx-1">
+        <a href="settings" class="py-1 px-3 h-8 block rounded border border-green-700 text-white text-sm">⚙️</a>
+    </div>
+    <div class="mx-1">
+        <form action="logout" method="post">
+            <button type="submit" class="py-1 px-3 h-8 rounded border border-green-700 text-white text-sm">Logout</button>
+        </form>
+    </div>
+</div>
+
+<div class="flex items-center justify-center">
+    <h1 class="font-semibold text-2xl text-white m-0 border-b-4 border-green-700">Your Coding Statistics 🤓</h1>
+</div>
+
+<div class="text-white text-sm flex items-center justify-center mt-4">
+    <a href="summary?interval=today" class="m-1 border-b border-green-700">Today (live)</a>
+    <a href="summary?interval=day" class="m-1 border-b border-green-700">Yesterday</a>
+    <a href="summary?interval=week" class="m-1 border-b border-green-700">This Week</a>
+    <a href="summary?interval=month" class="m-1 border-b border-green-700">This Month</a>
+    <a href="summary?interval=year" class="m-1 border-b border-green-700">This Year</a>
+    <a href="summary?interval=any" class="m-1 border-b border-green-700">All Time</a>
+</div>
+
+{{ template "alerts.tpl.html" . }}
+
+<main class="mt-10 flex-grow">
+    <div class="flex justify-center">
+        <div class="p-1">
+            <div class="flex justify-center p-4 bg-white rounded shadow">
+                <p class="mx-2"><strong>▶️</strong> <span title="Start Time">{{ .FromTime | date }}</span></p>
+                <p class="mx-2"><strong>⏹</strong> <span title="End Time">{{ .ToTime | date }}</span></p>
+                <p class="mx-2"><strong>⏱</strong> <span id="total-span" title="Total Hours"></span></p>
+            </div>
+        </div>
+    </div>
+    <div class="flex flex-wrap justify-center">
+        <div class="w-full lg:w-1/2 p-1">
+            <div class="p-4 bg-white rounded shadow m-2" id="projects-container" style="height: 300px">
+                <canvas id="chart-projects"></canvas>
+            </div>
+        </div>
+        <div class="w-full lg:w-1/2 p-1">
+            <div class="p-4 bg-white rounded shadow m-2" id="os-container" style="height: 300px">
+                <canvas id="chart-os"></canvas>
+            </div>
+        </div>
+        <div class="w-full lg:w-1/2 p-1">
+            <div class="p-4 bg-white rounded shadow m-2 relative" id="language-container" style="height: 300px">
+                <canvas id="chart-language"></canvas>
+            </div>
+        </div>
+        <div class="w-full lg:w-1/2 p-1">
+            <div class="p-4 bg-white rounded shadow m-2" id="editor-container" style="height: 300px">
+                <canvas id="chart-editor"></canvas>
+            </div>
+        </div>
+    </div>
+</main>
+
+{{ template "footer.tpl.html" . }}
+
+{{ template "foot.tpl.html" . }}
+</body>
+
+</html>
Author	SHA1	Message	Date
Ferdinand Mütsch	4f035b3a63	chore: minor code improvement	2020-06-07 20:01:31 +02:00
Ferdinand Mütsch	0eac9a8854	feat: add ability to reset api key (resolve #29 )	2020-06-07 19:58:06 +02:00
Ferdinand Mütsch	0294425de0	feat: add ability to change passwords (resolve #30 )	2020-06-07 19:28:32 +02:00
Ferdinand Mütsch	a7c83252ef	debug: re-add workflows again	2020-05-31 10:29:15 +02:00
Ferdinand Mütsch	07a03ce3ac	debug: remove workflows	2020-05-31 10:28:55 +02:00
Ferdinand Mütsch	160c2f713e	chore: update version count	2020-05-31 09:54:02 +02:00
Ferdinand Mütsch	05b740c87d	chore: minor changes to the github actions	2020-05-31 09:52:13 +02:00
Ferdinand Mütsch	274be6caf8	chore: run in dev mode by default	2020-05-31 09:51:55 +02:00
Ferdinand Mütsch	58fef96f22	Merge branch 'LightPOS-win-gh-actions-build'	2020-05-31 09:38:38 +02:00
Ferdinand Mütsch	629a3212c7	feat: persist user creation date (resolve #31 )	2020-05-31 09:38:26 +02:00
NickAc	0a513e959b	Automatically build the project for Linux users Add a GitHub Action to build on Linux when a release is created	2020-05-30 21:50:16 +01:00
Ferdinand Mütsch	c1e6a3e265	feat: persist user creation date (resolve #31 )	2020-05-30 22:19:05 +02:00
NickAc	c68ee0a81e	Remove upload of artifact to Actions' artifacts There is no need to upload the artifact to the Action itself since it will be uploaded to the release.	2020-05-30 21:04:22 +01:00
NickAc	e4a2fbd51a	Automatically build the project for Windows users This change makes it simpler for Windows users to use the project by automatically building the project with GitHub Actions on every release. This allows for an easier way to use the project by automatically adding a zip file with the built executables to new releases.	2020-05-30 21:01:54 +01:00
Ferdinand Mütsch	1872bf4b4c	fix: set string key value data type to text	2020-05-30 21:10:44 +02:00
Ferdinand Mütsch	5e7e32ddb0	docs: update readme	2020-05-30 21:01:46 +02:00
Ferdinand Mütsch	d12ccc4566	docs: update readme	2020-05-30 20:54:56 +02:00
Ferdinand Mütsch	3c2dc78c93	refactor: refactor migrations and add fixtures feat: introduce key-value store feat: imprint page (resolve #23) chore: remove default user chore: remove packr	2020-05-30 20:41:27 +02:00
Ferdinand Mütsch	25b32e2fec	chore: update dockerfile	2020-05-30 12:27:10 +02:00
Ferdinand Mütsch	128f2965cc	docs: update readme	2020-05-30 12:14:37 +02:00
Ferdinand Mütsch	9dae5a1f77	feat: allow insecure cookies (resolve #27 )	2020-05-30 12:11:25 +02:00
Ferdinand Mütsch	002003a957	chore: make sqlite the default database to easily get started	2020-05-30 12:07:29 +02:00
Ferdinand Mütsch	50eba49547	fix: don't trim hash	2020-05-29 00:04:48 +02:00
Ferdinand Mütsch	75dd070b3d	chore: trim white spaces from passwords before hashing them	2020-05-28 23:29:55 +02:00
Ferdinand Mütsch	98d7d02935	docs: update readme	2020-05-28 22:36:00 +02:00
Ferdinand Mütsch	6c2f0cb1ec	feat: add auto-migrations for old md5 password to maintain backwards compatibility	2020-05-25 22:24:29 +02:00
Ferdinand Mütsch	08675bd99f	feat: use bcrypt with salts instead of md5 for hashing password (resolve #21 )	2020-05-25 21:42:45 +02:00
Ferdinand Mütsch	625994d1e9	feat: add basic sign up instructions	2020-05-24 21:42:15 +02:00
Ferdinand Mütsch	2cca2cb0bb	feat: display api key on user interface (resolve #24 )	2020-05-24 21:19:05 +02:00
Ferdinand Mütsch	b92a064eb1	chore: update version chore: update tailwind	2020-05-24 20:38:49 +02:00
Ferdinand Mütsch	f0b17e77b2	docs: update readme	2020-05-24 20:28:12 +02:00
Ferdinand Mütsch	2eabc3953f	Merge pull request #20 from muety/2-user-signup-and-login User signup and login	2020-05-24 20:17:21 +02:00
Ferdinand Mütsch	6614c86395	fix: base path for error redirects	2020-05-24 17:39:19 +02:00
Ferdinand Mütsch	fad91725b0	fix: quick summary paths	2020-05-24 17:36:45 +02:00
Ferdinand Mütsch	f341ae4707	fix: html base href trailing slash	2020-05-24 17:35:44 +02:00
Ferdinand Mütsch	c171d31f30	feat: set html base path from server base path refactor: services	2020-05-24 17:32:26 +02:00
Ferdinand Mütsch	d6e9f0295a	feat: introduce base path config option to better support redirections behind a proxy	2020-05-24 17:08:44 +02:00
Ferdinand Mütsch	411ae49206	fix: use relative urls	2020-05-24 16:55:44 +02:00
Ferdinand Mütsch	abfaa9d768	feat: user signup	2020-05-24 16:34:32 +02:00
Ferdinand Mütsch	a317dc6942	refactor: middlewares and get rid of negroni	2020-05-24 14:50:04 +02:00
Ferdinand Mütsch	041a49ede4	fix: forgot to check in alerts template partial	2020-05-24 13:43:28 +02:00
Ferdinand Mütsch	a7b4b01b04	chore: remove unused dependencies	2020-05-24 13:43:08 +02:00
Ferdinand Mütsch	9697bb5fd5	refactor: use cookie-based login feat: add login page	2020-05-24 13:41:19 +02:00
Ferdinand Mütsch	d3ab54f6dc	chore: enable templates to consist of partials	2020-05-24 10:37:31 +02:00
Ferdinand Mütsch	bbd2c24f9a	Update FUNDING.yml	2020-05-23 21:02:12 +02:00
Ferdinand Mütsch	4c39222193	docs: update badges	2020-05-23 20:11:09 +02:00
Ferdinand Mütsch	ef10f8b589	Merge branch 'master' of github.com:n1try/wakapi Conflicts: README.md	2020-05-23 20:05:40 +02:00
Ferdinand Mütsch	7f3c8dacba	docs: add badges	2020-05-23 20:04:48 +02:00
Ferdinand Mütsch	7bf6f353a9	docs: add badges	2020-05-23 20:02:40 +02:00
Ferdinand Mütsch	a77f37da02	Update README.md	2020-05-12 11:16:55 +02:00
Ferdinand Mütsch	94e1de772c	doc: update readme	2020-04-26 15:40:46 +02:00
Ferdinand Mütsch	f399f3bf8d	chore: remove docker compose file	2020-04-26 15:21:50 +02:00
Ferdinand Mütsch	f264ede147	fix: update docekr file to include env vars and volume	2020-04-26 15:18:47 +02:00
 @ -1 +1 @@
 .2.2
 .7.1