feat: show data loss warning (resolve #38)

feat: add base_path environment variable

.env.example

@@ -1,10 +1,8 @@
-ENV=prod
-WAKAPI_DB_TYPE=mysql                    # mysql, postgres, sqlite3
-WAKAPI_DB_NAME=wakapi_db                # file path for sqlite, e.g. /tmp/wakapi.db
-WAKAPI_DB_USER=myuser
-WAKAPI_DB_PASSWORD=shhh
-WAKAPI_DB_HOST=localhost
-WAKAPI_DB_PORT=3306
-WAKAPI_PASSWORD_SALT=shhh
-WAKAPI_DEFAULT_USER_NAME=admin
-WAKAPI_DEFAULT_USER_PASSWORD=admin123   # CHANGE!
+ENV=dev
+WAKAPI_DB_TYPE=sqlite3                  # mysql, postgres, sqlite3
+WAKAPI_DB_NAME=wakapi_db.db             # database name for mysql / postgres or file path for sqlite (e.g. /tmp/wakapi.db)
+WAKAPI_DB_USER=myuser                   # ignored when using sqlite
+WAKAPI_DB_PASSWORD=shhh                 # ignored when using sqlite
+WAKAPI_DB_HOST=localhost                # ignored when using sqlite
+WAKAPI_DB_PORT=3306                     # ignored when using sqlite
+WAKAPI_PASSWORD_SALT=shhh               # CHANGE !

.github/workflows/linux-build-on-release.yml

@@ -0,0 +1,43 @@
+name: Build Wakapi on Linux
+
+on:
+  release:
+    types: 
+      - created
+
+jobs:
+  build-and-release:
+    name: Build and add to Release
+    runs-on: ubuntu-latest
+    steps:
+
+    - name: Set up Go 1.x
+      uses: actions/setup-go@v2
+      with:
+        go-version: ^1.13
+      id: go
+
+    - name: Check out code into the Go module directory
+      uses: actions/checkout@v2
+
+    - name: Get dependencies
+      run: |
+        go get -v -t -d ./...
+      
+    - name: Build
+      run: GO111MODULE=on go build -v .
+
+    - name: Zip Release
+      uses: TheDoctor0/zip-release@v0.3.0
+      with:
+        filename: release.zip
+
+    - name: Upload built executable to Release
+      uses: actions/upload-release-asset@v1.0.2
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      with:
+        upload_url: ${{ github.event.release.upload_url }}
+        asset_path: release.zip
+        asset_name: wakapi_linux_amd64.zip
+        asset_content_type: application/gzip

.github/workflows/win-build-on-release.yml

@@ -0,0 +1,44 @@
+name: Build Wakapi on Windows
+
+on:
+  release:
+    types: 
+      - created
+
+jobs:
+  build-and-release:
+    name: Build and add to release
+    runs-on: windows-latest
+    steps:
+
+    - name: Set up Go 1.x
+      uses: actions/setup-go@v2
+      with:
+        go-version: ^1.13
+      id: go
+
+    - name: Check out code into the Go module directory
+      uses: actions/checkout@v2
+
+    - name: Get dependencies
+      run: |
+        go get -v -t -d ./...
+
+    - name: Enable Go 1.11 modules
+      run: cmd /c "set GO111MODULE=on"
+      
+    - name: Build
+      run: go build -v .
+  
+    - name: Compress working folder
+      run: Compress-Archive -Path .\* -DestinationPath release.zip
+
+    - name: Upload built executable to Release
+      uses: actions/upload-release-asset@v1.0.2
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      with:
+        upload_url: ${{ github.event.release.upload_url }}
+        asset_path: release.zip
+        asset_name: wakapi_win_amd64.zip
+        asset_content_type: application/gzip

Dockerfile

@@ -9,15 +9,15 @@ RUN cd /src && go build -o wakapi
 
 # When running the application using `docker run`, you can pass environment variables
 # to override config values from .env using `-e` syntax.
-# Available options are: 
+# Available options are:
 # – WAKAPI_DB_TYPE
 # – WAKAPI_DB_USER
 # – WAKAPI_DB_PASSWORD
 # – WAKAPI_DB_HOST
 # – WAKAPI_DB_PORT
 # – WAKAPI_DB_NAME
-# – WAKAPI_DEFAULT_USER_NAME
-# – WAKAPI_DEFAULT_USER_PASSWORD
+# – WAKAPI_PASSWORD_SALT
+# – WAKAPI_BASE_PATH
 
 FROM debian
 WORKDIR /app
@@ -28,14 +28,15 @@ ENV WAKAPI_DB_USER ''
 ENV WAKAPI_DB_PASSWORD ''
 ENV WAKAPI_DB_HOST ''
 ENV WAKAPI_DB_NAME=/data/wakapi.db
-ENV WAKAPI_DEFAULT_USER_NAME admin
-ENV WAKAPI_DEFAULT_USER_PASSWORD admin
+ENV WAKAPI_PASSWORD_SALT ''
 
 COPY --from=build-env /src/wakapi /app/
 COPY --from=build-env /src/config.ini /app/
+COPY --from=build-env /src/version.txt /app/
 COPY --from=build-env /src/.env.example /app/.env
 
 RUN sed -i 's/listen = 127.0.0.1/listen = 0.0.0.0/g' /app/config.ini
+RUN sed -i 's/insecure_cookies = false/insecure_cookies = true/g' /app/config.ini
 
 ADD static /app/static
 ADD data /app/data

README.md

@@ -13,11 +13,20 @@
 
 ![Wakapi screenshot](https://anchr.io/i/bxQ69.png)
 
-If you like this project, please consider supporting it 🙂. You can donate either through [buying me a coffee](https://buymeacoff.ee/n1try) or becoming a GitHub sponor. Every little donation is highly appreciated and boosts the developers' motivation to keep improving Wakapi!
+If you like this project, please consider supporting it 🙂. You can donate either through [buying me a coffee](https://buymeacoff.ee/n1try) or becoming a GitHub sponsor. Every little donation is highly appreciated and boosts the developers' motivation to keep improving Wakapi!
+
+## Demo 
+🔥 **New:** There is hosted [demo version](https://apps.muetsch.io/wakapi) available now. Go check it out! Please use responsibly.
+
+To use the demo version set `api_url = https://apps.muetsch.io/wakapi/api/heartbeat`. However, this hosted instance might be taken down again in the future, so you might potentially lose your data ❕
 
 ## Prerequisites
 **On the server side:**
-* Go > 1.13 (with `$GOPATH` properly set)
+* Go >= 1.13 (with `$GOPATH` properly set)
+* gcc (to compile [go-sqlite3](https://github.com/mattn/go-sqlite3))
+    * Fedora / RHEL: `dnf install @development-tools`
+    * Ubuntu / Debian: `apt install build-essential`
+    * Windows: See [here](https://github.com/mattn/go-sqlite3/issues/214#issuecomment-253216476)
 * _Optional_: A MySQL- or Postgres database
 
 **On your local machine:**
@@ -25,25 +34,21 @@ If you like this project, please consider supporting it 🙂. You can donate eit
 
 ## Server Setup
 ### Run from source
-1. Enable Go module support: `export GO111MODULE=on`
-1. Get code: `go get github.com/muety/wakapi`
-1. Go to project root: `cd "$GOPATH/src/github.com/muety/wakapi"`
+1. Clone the project
 1. Copy `.env.example` to `.env` and set database credentials
 1. Adapt `config.ini` to your needs
-1. Build executable: `go build`
+1. Build executable: `GO111MODULE=on go build`
 1. Run server: `./wakapi`
 
+**As an alternative** to building from source you can also grab a pre-built [release](https://github.com/muety/wakapi/releases). Steps 2, 3 and 5 apply analogously.
+
+**Note:** By default, the application is running in dev mode. However, it is recommended to set `ENV=production` in `.env` for enhanced performance and security. To still be able to log in when using production mode, you either have to run Wakapi behind a reverse proxy, that enables for HTTPS encryption (see [best practices](i#best-practices)) or set `insecure_cookies = true` in `config.ini`. 
+
 ### Run with Docker
 ```
 docker run -d -p 3000:3000 --name wakapi n1try/wakapi
 ```
 
-To get your API key, take a look into the logs `docker logs wakapi | grep "API key"`
-
-In addition, you can specify several environment variables for configuration:
-* `-e WAKAPI_DEFAULT_USER_NAME=admin`
-* `-e WAKAPI_DEFAULT_USER_PASSWORD=admin`
-
 By default, SQLite is used as a database. To run Wakapi in Docker with MySQL or Postgres, see [Dockerfile](https://github.com/muety/wakapi/blob/master/Dockerfile) and [.env.example](https://github.com/muety/wakapi/blob/master/.env.example) for further options.
 
 ## Client Setup
@@ -51,27 +56,24 @@ Wakapi relies on the open-source [WakaTime](https://github.com/wakatime/wakatime
 
 1. **Set up WakaTime** for your specific IDE or editor. Please refer to the respective [plugin guide](https://wakatime.com/plugins)
 2. Make your local WakaTime client talk to Wakapi by **editing your local `~/.wakatime.cfg`** file as follows
+
 ```
 api_url = https://your.server:someport/api/heartbeat`
 api_key = the_api_key_printed_to_the_console_after_starting_the_server`
 ```
 
-## Customization
+You can view your API Key after logging in to the web interface.
 
-### User Accounts
-* When starting wakapi for the first time, a default user _**admin**_ with password _**admin**_ is created. The corresponding API key is printed to the console.
-* Additional users, at the moment, can be added only via SQL statements on your database, like this:
-    * Connect to your database server: `mysql -u yourusername -p -H your.hostname` (alternatively use GUI tools like _MySQL Workbench_)
-    * Select your database: `USE yourdatabasename;`
-    * Add the new user: `INSERT INTO users (id, password, api_key) VALUES ('your_nickname', MD5('your_password'), '728f084c-85e0-41de-aa2a-b6cc871200c1');` (the latter value should be a random [UUIDv4](https://tools.ietf.org/html/rfc4122), as can be found in your `~/.wakatime.cfg`)
+## Customization
 
 ### Aliases
 There is an option to add aliases for project names, editors, operating systems and languages. For instance, if you want to map two projects – `myapp-frontend` and `myapp-backend` – two a common project name – `myapp-web` – in your statistics, you can add project aliases.
 
-At the moment, this can only be done via raw database queries. See [_User Accounts_](#user-accounts) section above on how to do such.
-For the above example, you would need to add two aliases, like this:
+At the moment, this can only be done via raw database queries. For the above example, you would need to add two aliases, like this:
 
-* `INSERT INTO aliases (type, user_id, key, value) VALUES (0, 'your_username', 'myapp-web', 'myapp-frontend')` (analogously for `myapp-backend`)
+```sql
+INSERT INTO aliases (`type`, `user_id`, `key`, `value`) VALUES (0, 'your_username', 'myapp-web', 'myapp-frontend');
+```
 
 #### Types
 * Project ~  type **0**

config.ini

@@ -2,6 +2,7 @@
 listen = 127.0.0.1
 port = 3000
 base_path = /
+insecure_cookies = false
 
 [app]
 cleanup = false

go.mod

@@ -3,7 +3,6 @@ module github.com/muety/wakapi
 go 1.13
 
 require (
-	github.com/gobuffalo/packr/v2 v2.8.0
 	github.com/gorilla/handlers v1.4.2
 	github.com/gorilla/mux v1.7.3
 	github.com/gorilla/schema v1.1.0

go.sum

@@ -3,7 +3,6 @@ cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMT
 cloud.google.com/go v0.37.4/go.mod h1:NHPJ89PdicEuT9hdPXMROBD91xc5uRDxsMtSB16k7hw=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible/go.mod h1:r7JcOSlj0wfOMncg0iLm8Leh48TZaKVeNIfJntJ2wa0=
-github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU=
 github.com/Shopify/sarama v1.19.0/go.mod h1:FVkBWblsNy7DGZRfXLU0O9RCGt5g3g3yEuWXgklEdEo=
 github.com/Shopify/toxiproxy v2.1.4+incompatible/go.mod h1:OXgGpZ6Cli1/URJOF1DMxUHB2q5Ap20/P/eIdh4G0pI=
 github.com/VividCortex/gohistogram v1.0.0/go.mod h1:Pf5mBqqDxYaXu3hDrrU+w6nw50o/4+TcAqDqk/vUH7g=
@@ -29,23 +28,18 @@ github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kB
 github.com/casbin/casbin/v2 v2.1.2/go.mod h1:YcPU1XXisHhLzuxH9coDNf2FbKpjGlbCg3n9yuLkIJQ=
 github.com/cenkalti/backoff v2.2.1+incompatible/go.mod h1:90ReRw6GdpyfrHakVjL/QHaoyV4aDUVVkXQJJJ3NXXM=
 github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
-github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc=
 github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
 github.com/clbanning/x2j v0.0.0-20191024224557-825249438eec/go.mod h1:jMjuTZXRI4dUb/I5gc9Hdhagfvm9+RyrPryS/auMzxE=
 github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
 github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:zn76sxSg3SzpJ0PPJaLDCu+Bu0Lg3sKTORVIj19EIF8=
 github.com/codahale/hdrhistogram v0.0.0-20161010025455-3a0bb77429bd/go.mod h1:sE/e/2PUdi/liOCUjSTXgM1o87ZssimdTWN964YiIeI=
-github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk=
 github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE=
 github.com/coreos/go-etcd v2.0.0+incompatible/go.mod h1:Jez6KQU2B/sWsbdaef3ED8NzMklzPG4d5KIOhIy30Tk=
 github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk=
 github.com/coreos/go-systemd v0.0.0-20180511133405-39ca1b05acc7/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
-github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
 github.com/coreos/pkg v0.0.0-20160727233714-3ac0863d7acf/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA=
-github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA=
 github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwcJI5acqYI6dE=
 github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
-github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
 github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
@@ -54,7 +48,6 @@ github.com/denisenkom/go-mssqldb v0.0.0-20190515213511-eb9f6a1743f3/go.mod h1:zA
 github.com/denisenkom/go-mssqldb v0.0.0-20191001013358-cfbb681360f0 h1:epsH3lb7KVbXHYk7LYGN5EiE0MxcevHU85CKITJ0wUY=
 github.com/denisenkom/go-mssqldb v0.0.0-20191001013358-cfbb681360f0/go.mod h1:xbL0rPBG9cCiLr28tMa8zpbdarY27NDyej4t/EjAShU=
 github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
-github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no=
 github.com/dustin/go-humanize v0.0.0-20171111073723-bb3d318650d4/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
 github.com/eapache/go-resiliency v1.1.0/go.mod h1:kFI+JgMyC7bLPUVY133qvEBtVayf5mFgVsvEsIPBvNs=
 github.com/eapache/go-xerial-snappy v0.0.0-20180814174437-776d5712da21/go.mod h1:+020luEh2TKB4/GOp8oxxtq0Daoen/Cii55CzbTV6DU=
@@ -82,16 +75,14 @@ github.com/go-sql-driver/mysql v1.4.1 h1:g24URVg0OFbNUTx9qqY1IRZ9D9z3iPyi5zKhQZp
 github.com/go-sql-driver/mysql v1.4.1/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w=
 github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
 github.com/gobuffalo/envy v1.7.0/go.mod h1:n7DRkBerg/aorDM8kbduw5dN3oXGswK5liaSCx4T5NI=
+github.com/gobuffalo/envy v1.7.1 h1:OQl5ys5MBea7OGCdvPbBJWRgnhC/fGona6QKfvFeau8=
 github.com/gobuffalo/envy v1.7.1/go.mod h1:FurDp9+EDPE4aIUS3ZLyD+7/9fpx7YRt/ukY6jIHf0w=
+github.com/gobuffalo/logger v1.0.1 h1:ZEgyRGgAm4ZAhAO45YXMs5Fp+bzGLESFewzAVBMKuTg=
 github.com/gobuffalo/logger v1.0.1/go.mod h1:2zbswyIUa45I+c+FLXuWl9zSWEiVuthsk8ze5s8JvPs=
-github.com/gobuffalo/logger v1.0.3 h1:YaXOTHNPCvkqqA7w05A4v0k2tCdpr+sgFlgINbQ6gqc=
-github.com/gobuffalo/logger v1.0.3/go.mod h1:SoeejUwldiS7ZsyCBphOGURmWdwUFXs0J7TCjEhjKxM=
+github.com/gobuffalo/packd v0.3.0 h1:eMwymTkA1uXsqxS0Tpoop3Lc0u3kTfiMBE6nKtQU4g4=
 github.com/gobuffalo/packd v0.3.0/go.mod h1:zC7QkmNkYVGKPw4tHpBQ+ml7W/3tIebgeo1b36chA3Q=
-github.com/gobuffalo/packd v1.0.0 h1:6ERZvJHfe24rfFmA9OaoKBdC7+c9sydrytMg8SdFGBM=
-github.com/gobuffalo/packd v1.0.0/go.mod h1:6VTc4htmJRFB7u1m/4LeMTWjFoYrUiBkU9Fdec9hrhI=
+github.com/gobuffalo/packr/v2 v2.7.1 h1:n3CIW5T17T8v4GGK5sWXLVWJhCz7b5aNLSxW6gYim4o=
 github.com/gobuffalo/packr/v2 v2.7.1/go.mod h1:qYEvAazPaVxy7Y7KR0W8qYEE+RymX74kETFqjFoFlOc=
-github.com/gobuffalo/packr/v2 v2.8.0 h1:IULGd15bQL59ijXLxEvA5wlMxsmx/ZkQv9T282zNVIY=
-github.com/gobuffalo/packr/v2 v2.8.0/go.mod h1:PDk2k3vGevNE3SwVyVRgQCCXETC9SaONCNSXT1Q8M1g=
 github.com/godror/godror v0.13.3/go.mod h1:2ouUT4kdhUBk7TAkHWD4SN0CdI0pgEQbo8FVHhbSKWg=
 github.com/gogo/googleapis v1.1.0/go.mod h1:gf4bu3Q80BeJ6H1S1vYPm8/ELATdvryBaNFGgqEef3s=
 github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
@@ -101,7 +92,6 @@ github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe h1:lXe2qZdvpiX5WZ
 github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0=
 github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
 github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
-github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
 github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
@@ -134,11 +124,8 @@ github.com/gorilla/schema v1.1.0/go.mod h1:kgLaKoK1FELgZqMAVxx/5cbj0kT+57qxUrAlI
 github.com/gorilla/securecookie v1.1.1 h1:miw7JPhV+b/lAHSXz4qd/nN9jRiAFV5FwjeKyCS8BvQ=
 github.com/gorilla/securecookie v1.1.1/go.mod h1:ra0sb63/xPlUeL+yeDciTfxMRAA+MP+HVt/4epWDjd4=
 github.com/gorilla/websocket v0.0.0-20170926233335-4201258b820c/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ=
-github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ=
-github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs=
 github.com/grpc-ecosystem/go-grpc-middleware v1.0.1-0.20190118093823-f849b5445de4/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs=
 github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk=
-github.com/grpc-ecosystem/grpc-gateway v1.9.0/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY=
 github.com/grpc-ecosystem/grpc-gateway v1.9.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY=
 github.com/hashicorp/consul/api v1.3.0/go.mod h1:MmDNSzIMUjNpY/mQ398R4bk2FnqQLoPndWW5VkKPlCE=
 github.com/hashicorp/consul/sdk v0.3.0/go.mod h1:VKf9jXwCTEY1QZP2MOLRhb5i/I/ssyNV1vwHyQBF0x8=
@@ -184,8 +171,6 @@ github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1
 github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo=
 github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU=
 github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w=
-github.com/karrick/godirwalk v1.15.3 h1:0a2pXOgtB16CqIqXTiT7+K9L73f74n/aNQUnH6Ortew=
-github.com/karrick/godirwalk v1.15.3/go.mod h1:j4mkqPuvaLI8mp1DroR3P6ad7cyYd4c1qeJ3RV7ULlk=
 github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q=
 github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
 github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
@@ -206,12 +191,6 @@ github.com/lightstep/lightstep-tracer-common/golang/gogo v0.0.0-20190605223551-b
 github.com/lightstep/lightstep-tracer-go v0.18.1/go.mod h1:jlF1pusYV4pidLvZ+XD0UBX0ZE6WURAspgAczcDHrL4=
 github.com/lyft/protoc-gen-validate v0.0.13/go.mod h1:XbGvPuh87YZc5TdIa2/I4pLk0QoUACkjt2znoq26NVQ=
 github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ=
-github.com/markbates/errx v1.1.0 h1:QDFeR+UP95dO12JgW+tgi2UVfo0V8YBHiUIOaeBPiEI=
-github.com/markbates/errx v1.1.0/go.mod h1:PLa46Oex9KNbVDZhKel8v1OT7hD5JZ2eI7AHhA0wswc=
-github.com/markbates/oncer v1.0.0 h1:E83IaVAHygyndzPimgUYJjbshhDTALZyXxvk9FOlQRY=
-github.com/markbates/oncer v1.0.0/go.mod h1:Z59JA581E9GP6w96jai+TGqafHPW+cPfRxz2aSZ0mcI=
-github.com/markbates/safe v1.0.1 h1:yjZkbvRM6IzKj9tlu/zMJLS0n/V351OZWRnF3QfaUxI=
-github.com/markbates/safe v1.0.1/go.mod h1:nAqgmRi7cY2nqMc92/bSEeQA+R4OheNU2T1kNSCBdG0=
 github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU=
 github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4=
 github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4=
@@ -246,7 +225,6 @@ github.com/nats-io/nkeys v0.1.3/go.mod h1:xpnFELMwJABBLVhffcfd1MZx6VsNRFpEugbxzi
 github.com/nats-io/nuid v1.0.1/go.mod h1:19wcPz3Ph3q0Jbyiqsd0kePYG7A95tJPxeL+1OSON2c=
 github.com/oklog/oklog v0.3.2/go.mod h1:FCV+B7mhrz4o+ueLpx+KqkyXRGMWOYEvfiXtdGtbWGs=
 github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQA=
-github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U=
 github.com/olekukonko/tablewriter v0.0.0-20170122224234-a0225b3f23b5/go.mod h1:vsDQFd/mU46D+Z4whnwzcISnGGzXWMclvtLoiIKAKIo=
 github.com/olekukonko/tablewriter v0.0.1/go.mod h1:vsDQFd/mU46D+Z4whnwzcISnGGzXWMclvtLoiIKAKIo=
 github.com/olekukonko/tablewriter v0.0.2/go.mod h1:rSAaSIOAGT9odnlyGlUfAJaoc5w2fSBUmeGDbRWPxyQ=
@@ -281,7 +259,6 @@ github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZN
 github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI=
 github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
 github.com/prometheus/client_golang v0.9.3-0.20190127221311-3c4408c8b829/go.mod h1:p2iRAGwDERtqlqzRXnrOVns+ignqQo//hLXqYxZYVNs=
-github.com/prometheus/client_golang v0.9.3/go.mod h1:/TN21ttK/J9q6uSwhBd54HahCDft0ttaMvbicHlPoso=
 github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo=
 github.com/prometheus/client_golang v1.3.0/go.mod h1:hJaj2vgQTGQmVCsAACORcieXFeDPbaTKGT+JTgUa3og=
 github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
@@ -289,25 +266,20 @@ github.com/prometheus/client_model v0.0.0-20190115171406-56726106282f/go.mod h1:
 github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
 github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
 github.com/prometheus/client_model v0.1.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
-github.com/prometheus/common v0.0.0-20181113130724-41aa239b4cce/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro=
 github.com/prometheus/common v0.2.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
-github.com/prometheus/common v0.4.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
 github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
 github.com/prometheus/common v0.7.0/go.mod h1:DjGbpBbp5NYNiECxcL/VnbXCCaQpKd3tt26CguLLsqA=
 github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
 github.com/prometheus/procfs v0.0.0-20190117184657-bf6a532e95b1/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
-github.com/prometheus/procfs v0.0.0-20190507164030-5867b95ac084/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA=
 github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA=
 github.com/prometheus/procfs v0.0.8/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+GxbHq6oeK9A=
-github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU=
 github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4=
 github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg=
 github.com/rogpeppe/go-internal v1.1.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
 github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
 github.com/rogpeppe/go-internal v1.3.2/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
+github.com/rogpeppe/go-internal v1.4.0 h1:LUa41nrWTQNGhzdsZ5lTnkwbNjj6rXTdazA1cSdjkOY=
 github.com/rogpeppe/go-internal v1.4.0/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
-github.com/rogpeppe/go-internal v1.5.2 h1:qLvObTrvO/XRCqmkKxUlOBc48bI3efyDuAZe25QiF0w=
-github.com/rogpeppe/go-internal v1.5.2/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
 github.com/rubenv/sql-migrate v0.0.0-20200402132117-435005d389bc h1:+2DdDcxVYlarHjYcZTt8dZ4Ec8cXZirzL5ko0mkKPjU=
 github.com/rubenv/sql-migrate v0.0.0-20200402132117-435005d389bc/go.mod h1:DCgfY80j8GYL7MLEfvcpSFvjD0L5yZq/aZUJmhZklyg=
 github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g=
@@ -327,17 +299,14 @@ github.com/smartystreets/goconvey v1.6.4 h1:fv0U8FUIMPNf1L9lnHLvLhgicrIVChEkdzIK
 github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA=
 github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM=
 github.com/sony/gobreaker v0.4.1/go.mod h1:ZKptC7FHNvhBz7dN2LGjPVBz2sZJmc0/PkyDJOjmxWY=
-github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA=
 github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ=
 github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE=
 github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ=
 github.com/spf13/cobra v0.0.5/go.mod h1:3K3wKZymM7VvHMDS9+Akkh4K60UwM26emMESw8tLCHU=
-github.com/spf13/cobra v0.0.6/go.mod h1:/6GTrnGXV9HjY+aR4k0oJ5tcvakLuG6EuKReYlHNrgE=
 github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo=
 github.com/spf13/pflag v1.0.1/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
 github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
 github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s=
-github.com/spf13/viper v1.4.0/go.mod h1:PTJ7Z/lr49W6bUbkmS1V3by4uWynFiR9p7+dSq/yZzE=
 github.com/streadway/amqp v0.0.0-20190404075320-75d898a42a94/go.mod h1:AZpEONHx3DKn8O/DFsRAY58/XVQiIPMTMB1SddzLXVw=
 github.com/streadway/amqp v0.0.0-20190827072141-edfb9018d271/go.mod h1:AZpEONHx3DKn8O/DFsRAY58/XVQiIPMTMB1SddzLXVw=
 github.com/streadway/handy v0.0.0-20190108123426-d5acb3125c2a/go.mod h1:qNTQ5P5JnDBl6z3cMAg/SywNDC5ABu5ApDIw6lUbRmI=
@@ -345,14 +314,11 @@ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+
 github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
+github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk=
 github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
-github.com/stretchr/testify v1.5.1 h1:nOGnQDM7FYENwehXlg/kFVnos3rEvtKTjRvOWSzb6H4=
-github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
 github.com/t-tiger/gorm-bulk-insert v0.0.0-20191014134946-beb77b81825f h1:Op5lFYUNE7tPxu6gJfwkgY8HMIWpLqiLApBJfGs71U8=
 github.com/t-tiger/gorm-bulk-insert v0.0.0-20191014134946-beb77b81825f/go.mod h1:SK1RZT4TR1aMUNGtbk6YxTPgx2D/gfbxB571QGnAV+c=
 github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
-github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
-github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc=
 github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0=
 github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA=
 github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
@@ -360,14 +326,12 @@ github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q
 github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q=
 github.com/ziutek/mymysql v1.5.4 h1:GB0qdRGsTwQSBVYuVShFBKaXSnSnYYC2d9knnE1LHFs=
 github.com/ziutek/mymysql v1.5.4/go.mod h1:LMSpPZ6DbqWFxNCHW77HeMg9I646SAhApZ/wKdgO/C0=
-go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU=
 go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU=
 go.etcd.io/etcd v0.0.0-20191023171146-3cf2f69b5738/go.mod h1:dnLIgRNXwCJa5e+c6mIZCrds/GIG4ncV9HhK5PX7jPg=
 go.opencensus.io v0.20.1/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk=
 go.opencensus.io v0.20.2/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk=
 go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
 go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
-go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
 go.uber.org/atomic v1.5.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ=
 go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0=
 go.uber.org/multierr v1.3.0/go.mod h1:VgVr7evmIr6uPjLBxg28wmKNXyqE9akIJ5XnfpiKl+4=
@@ -393,7 +357,6 @@ golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHl
 golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
 golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc=
 golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
-golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@@ -406,12 +369,10 @@ golang.org/x/net v0.0.0-20190125091013-d26f9f9a57f3/go.mod h1:mL1N/T3taQHkDXs73r
 golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
-golang.org/x/net v0.0.0-20190522155817-f3200d17e092/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
 golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
 golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -444,7 +405,6 @@ golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
 golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
-golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20180828015842-6cd1fcedba52/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
@@ -459,9 +419,7 @@ golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgw
 golang.org/x/tools v0.0.0-20191004055002-72853e10c5a3/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20191029041327-9cc4af7d6b2c/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20191029190741-b9c20aec41a5/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
-golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20200103221440-774c71fcf114/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
-golang.org/x/tools v0.0.0-20200308013534-11ec41452d41/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=

main.go

@@ -7,19 +7,16 @@ import (
 	"strconv"
 	"time"
 
-	"github.com/gobuffalo/packr/v2"
 	"github.com/gorilla/mux"
 	"github.com/jinzhu/gorm"
+	_ "github.com/jinzhu/gorm/dialects/mysql"
+	_ "github.com/jinzhu/gorm/dialects/postgres"
+	_ "github.com/jinzhu/gorm/dialects/sqlite"
 	"github.com/muety/wakapi/middlewares"
 	"github.com/muety/wakapi/models"
 	"github.com/muety/wakapi/routes"
 	"github.com/muety/wakapi/services"
 	"github.com/muety/wakapi/utils"
-	"github.com/rubenv/sql-migrate"
-
-	_ "github.com/jinzhu/gorm/dialects/mysql"
-	_ "github.com/jinzhu/gorm/dialects/postgres"
-	_ "github.com/jinzhu/gorm/dialects/sqlite"
 )
 
 var (
@@ -33,6 +30,7 @@ var (
 	userService        *services.UserService
 	summaryService     *services.SummaryService
 	aggregationService *services.AggregationService
+	keyValueService    *services.KeyValueService
 )
 
 // TODO: Refactor entire project to be structured after business domains
@@ -45,6 +43,11 @@ func main() {
 		log.SetFlags(log.LstdFlags | log.Lshortfile)
 	}
 
+	// Show data loss warning
+	if config.CleanUp {
+		promptAbort("`CLEANUP` is set to `true`, which may cause data loss. Are you sure to continue?", 5)
+	}
+
 	// Connect to database
 	var err error
 	db, err = gorm.Open(config.DbDialect, utils.MakeConnectionString(config))
@@ -62,8 +65,8 @@ func main() {
 	defer db.Close()
 
 	// Migrate database schema
-	migrateDo := databaseMigrateActions(config.DbDialect)
-	migrateDo(db)
+	runDatabaseMigrations()
+	applyFixtures()
 
 	// Services
 	aliasService = services.NewAliasService(db)
@@ -71,9 +74,9 @@ func main() {
 	userService = services.NewUserService(db)
 	summaryService = services.NewSummaryService(db, heartbeatService, aliasService)
 	aggregationService = services.NewAggregationService(db, userService, summaryService, heartbeatService)
+	keyValueService = services.NewKeyValueService(db)
 
 	// Custom migrations and initial data
-	addDefaultUser()
 	migrateLanguages()
 
 	// Aggregate heartbeats to summaries and persist them
@@ -87,11 +90,13 @@ func main() {
 	heartbeatHandler := routes.NewHeartbeatHandler(heartbeatService)
 	summaryHandler := routes.NewSummaryHandler(summaryService)
 	healthHandler := routes.NewHealthHandler(db)
-	publicHandler := routes.NewIndexHandler(userService)
+	settingsHandler := routes.NewSettingsHandler(userService)
+	publicHandler := routes.NewIndexHandler(userService, keyValueService)
 
 	// Setup Routers
 	router := mux.NewRouter()
 	publicRouter := router.PathPrefix("/").Subrouter()
+	settingsRouter := publicRouter.PathPrefix("/settings").Subrouter()
 	summaryRouter := publicRouter.PathPrefix("/summary").Subrouter()
 	apiRouter := router.PathPrefix("/api").Subrouter()
 
@@ -107,16 +112,24 @@ func main() {
 	// Router configs
 	router.Use(loggingMiddleware, recoveryMiddleware)
 	summaryRouter.Use(authenticateMiddleware)
+	settingsRouter.Use(authenticateMiddleware)
 	apiRouter.Use(corsMiddleware, authenticateMiddleware)
 
 	// Public Routes
-	publicRouter.Path("/").Methods(http.MethodGet).HandlerFunc(publicHandler.Index)
-	publicRouter.Path("/login").Methods(http.MethodPost).HandlerFunc(publicHandler.Login)
-	publicRouter.Path("/logout").Methods(http.MethodPost).HandlerFunc(publicHandler.Logout)
-	publicRouter.Path("/signup").Methods(http.MethodGet, http.MethodPost).HandlerFunc(publicHandler.Signup)
+	publicRouter.Path("/").Methods(http.MethodGet).HandlerFunc(publicHandler.GetIndex)
+	publicRouter.Path("/login").Methods(http.MethodPost).HandlerFunc(publicHandler.PostLogin)
+	publicRouter.Path("/logout").Methods(http.MethodPost).HandlerFunc(publicHandler.PostLogout)
+	publicRouter.Path("/signup").Methods(http.MethodGet).HandlerFunc(publicHandler.GetSignup)
+	publicRouter.Path("/signup").Methods(http.MethodPost).HandlerFunc(publicHandler.PostSignup)
+	publicRouter.Path("/imprint").Methods(http.MethodGet).HandlerFunc(publicHandler.GetImprint)
 
 	// Summary Routes
-	summaryRouter.Methods(http.MethodGet).HandlerFunc(summaryHandler.Index)
+	summaryRouter.Methods(http.MethodGet).HandlerFunc(summaryHandler.GetIndex)
+
+	// Settings Routes
+	settingsRouter.Methods(http.MethodGet).HandlerFunc(settingsHandler.GetIndex)
+	settingsRouter.Path("/credentials").Methods(http.MethodPost).HandlerFunc(settingsHandler.PostCredentials)
+	settingsRouter.Path("/reset").Methods(http.MethodPost).HandlerFunc(settingsHandler.PostResetApiKey)
 
 	// API Routes
 	apiRouter.Path("/heartbeat").Methods(http.MethodPost).HandlerFunc(heartbeatHandler.ApiPost)
@@ -138,30 +151,16 @@ func main() {
 	s.ListenAndServe()
 }
 
-func databaseMigrateActions(dbDialect string) func(db *gorm.DB) {
-	var migrateDo func(db *gorm.DB)
-	if dbDialect == "sqlite3" {
-		migrations := &migrate.PackrMigrationSource{
-			Box: packr.New("migrations", "./migrations/sqlite3"),
-		}
-		migrateDo = func(db *gorm.DB) {
-			n, err := migrate.Exec(db.DB(), "sqlite3", migrations, migrate.Up)
-			if err != nil {
-				log.Fatal(err)
-			}
-			log.Printf("Applied %d migrations!\n", n)
-		}
-	} else {
-		migrateDo = func(db *gorm.DB) {
-			db.AutoMigrate(&models.Alias{})
-			db.AutoMigrate(&models.Summary{})
-			db.AutoMigrate(&models.SummaryItem{})
-			db.AutoMigrate(&models.User{})
-			db.AutoMigrate(&models.Heartbeat{}).AddForeignKey("user_id", "users(id)", "RESTRICT", "RESTRICT")
-			db.AutoMigrate(&models.SummaryItem{}).AddForeignKey("summary_id", "summaries(id)", "CASCADE", "CASCADE")
-		}
+func runDatabaseMigrations() {
+	if err := config.GetMigrationFunc(config.DbDialect)(db); err != nil {
+		log.Fatal(err)
+	}
+}
+
+func applyFixtures() {
+	if err := config.GetFixturesFunc(config.DbDialect)(db); err != nil {
+		log.Fatal(err)
 	}
-	return migrateDo
 }
 
 func migrateLanguages() {
@@ -179,18 +178,10 @@ func migrateLanguages() {
 	}
 }
 
-func addDefaultUser() {
-	u, created, err := userService.CreateOrGet(&models.Signup{
-		Username: config.DefaultUserName,
-		Password: config.DefaultUserPassword,
-	})
-
-	if err != nil {
-		log.Println("unable to create default user")
-		log.Fatal(err)
-	} else if created {
-		log.Printf("created default user '%s' with password '%s' and API key '%s'\n", u.ID, config.DefaultUserPassword, u.ApiKey)
-	} else {
-		log.Printf("default user '%s' already existing\n", u.ID)
+func promptAbort(message string, timeoutSec int) {
+	log.Printf("[WARNING] %s.\nTo abort server startup, press Ctrl+C.\n", message)
+	for i := timeoutSec; i > 0; i-- {
+		log.Printf("Starting in %d seconds ...\n", i)
+		time.Sleep(1 * time.Second)
 	}
 }

middlewares/authenticate.go

@@ -57,7 +57,7 @@ func (m *AuthenticateMiddleware) ServeHTTP(w http.ResponseWriter, r *http.Reques
 		if strings.HasPrefix(r.URL.Path, "/api") {
 			w.WriteHeader(http.StatusUnauthorized)
 		} else {
-			utils.ClearCookie(w, models.AuthCookieKey)
+			utils.ClearCookie(w, models.AuthCookieKey, !m.config.InsecureCookies)
 			http.Redirect(w, r, fmt.Sprintf("%s/?error=unauthorized", m.config.BasePath), http.StatusFound)
 		}
 		return

migrations/common/fixtures/1_imprint_content.sql

@@ -0,0 +1,7 @@
+-- +migrate Up
+-- SQL in section 'Up' is executed when this migration is applied
+insert into key_string_values (`key`, `value`) values ('imprint', 'no content here');
+
+-- +migrate Down
+-- SQL section 'Down' is executed when this migration is rolled back
+delete from key_string_values where `key` = 'imprint';

migrations/sqlite3/2_key_value_table.sql

@@ -0,0 +1,11 @@
+-- +migrate Up
+-- SQL in section 'Up' is executed when this migration is applied
+create table key_string_values
+(
+    key      varchar(255) primary key,
+    value    text
+);
+
+-- +migrate Down
+-- SQL section 'Down' is executed when this migration is rolled back
+drop table key_string_value;

migrations/sqlite3/3_user_creation_date.sql

@@ -0,0 +1,20 @@
+-- +migrate Up
+-- SQL in section 'Up' is executed when this migration is applied
+
+-- SQLite does not allow altering a table to add a new column with default of CURRENT_TIMESTAMP
+-- See https://www.sqlite.org/lang_altertable.html
+
+alter table users
+    add `created_at` timestamp default '2020-01-01T00:00:00.000' not null;
+
+alter table users
+    add `last_logged_in_at` timestamp default '2020-01-01T00:00:00.000' not null;
+
+-- +migrate Down
+-- SQL section 'Down' is executed when this migration is rolled back
+
+alter table users
+    drop column `created_at`;
+
+alter table users
+    drop column `last_logged_in_at`;

models/config.go

@@ -3,7 +3,9 @@ package models
 import (
 	"encoding/json"
 	"github.com/gorilla/securecookie"
+	"github.com/jinzhu/gorm"
 	"github.com/joho/godotenv"
+	migrate "github.com/rubenv/sql-migrate"
 	"gopkg.in/ini.v1"
 	"io/ioutil"
 	"log"
@@ -15,31 +17,83 @@ import (
 var cfg *Config
 
 type Config struct {
-	Env                  string
-	Version              string
-	Port                 int
-	Addr                 string
-	BasePath             string
-	DbHost               string
-	DbPort               uint
-	DbUser               string
-	DbPassword           string
-	DbName               string
-	DbDialect            string
-	DbMaxConn            uint
-	CleanUp              bool
-	DefaultUserName      string
-	DefaultUserPassword  string
+	Env        string
+	Version    string
+	Port       int
+	Addr       string
+	BasePath   string
+	DbHost     string
+	DbPort     uint
+	DbUser     string
+	DbPassword string
+	DbName     string
+	DbDialect  string
+	DbMaxConn  uint
+	CleanUp    bool
+	// this is actually a pepper (https://en.wikipedia.org/wiki/Pepper_(cryptography))
 	PasswordSalt         string
 	SecureCookieHashKey  string
 	SecureCookieBlockKey string
+	InsecureCookies      bool
 	CustomLanguages      map[string]string
 	LanguageColors       map[string]string
 	SecureCookie         *securecookie.SecureCookie
 }
 
 func (c *Config) IsDev() bool {
-	return c.Env == "dev"
+	return IsDev(c.Env)
+}
+
+func (c *Config) GetMigrationFunc(dbDialect string) MigrationFunc {
+	switch dbDialect {
+	case "sqlite3":
+		return func(db *gorm.DB) error {
+			migrations := &migrate.FileMigrationSource{
+				Dir: "migrations/sqlite3",
+			}
+
+			migrate.SetIgnoreUnknown(true)
+			n, err := migrate.Exec(db.DB(), "sqlite3", migrations, migrate.Up)
+			if err != nil {
+				return err
+			}
+
+			log.Printf("applied %d migrations\n", n)
+			return nil
+		}
+	default:
+		return func(db *gorm.DB) error {
+			db.AutoMigrate(&Alias{})
+			db.AutoMigrate(&Summary{})
+			db.AutoMigrate(&SummaryItem{})
+			db.AutoMigrate(&User{})
+			db.AutoMigrate(&Heartbeat{}).AddForeignKey("user_id", "users(id)", "RESTRICT", "RESTRICT")
+			db.AutoMigrate(&SummaryItem{}).AddForeignKey("summary_id", "summaries(id)", "CASCADE", "CASCADE")
+			db.AutoMigrate(&KeyStringValue{})
+			return nil
+		}
+	}
+}
+
+func (c *Config) GetFixturesFunc(dbDialect string) MigrationFunc {
+	return func(db *gorm.DB) error {
+		migrations := &migrate.FileMigrationSource{
+			Dir: "migrations/common/fixtures",
+		}
+
+		migrate.SetIgnoreUnknown(true)
+		n, err := migrate.Exec(db.DB(), dbDialect, migrations, migrate.Up)
+		if err != nil {
+			return err
+		}
+
+		log.Printf("applied %d fixtures\n", n)
+		return nil
+	}
+}
+
+func IsDev(env string) bool {
+	return env == "dev" || env == "development"
 }
 
 func SetConfig(config *Config) {
@@ -88,8 +142,6 @@ func readConfig() *Config {
 	dbName := LookupFatal("WAKAPI_DB_NAME")
 	dbPortStr := LookupFatal("WAKAPI_DB_PORT")
 	passwordSalt := LookupFatal("WAKAPI_PASSWORD_SALT")
-	defaultUserName := LookupFatal("WAKAPI_DEFAULT_USER_NAME")
-	defaultUserPassword := LookupFatal("WAKAPI_DEFAULT_USER_PASSWORD")
 	dbPort, err := strconv.Atoi(dbPortStr)
 
 	cfg, err := ini.Load("config.ini")
@@ -103,12 +155,17 @@ func readConfig() *Config {
 
 	dbMaxConn := cfg.Section("database").Key("max_connections").MustUint(1)
 	addr := cfg.Section("server").Key("listen").MustString("127.0.0.1")
+	insecureCookies := IsDev(env) || cfg.Section("server").Key("insecure_cookies").MustBool(false)
 	port, err := strconv.Atoi(os.Getenv("PORT"))
 	if err != nil {
 		port = cfg.Section("server").Key("port").MustInt()
 	}
 
+	basePathEnv, basePathEnvExists := os.LookupEnv("WAKAPI_BASE_PATH")
 	basePath := cfg.Section("server").Key("base_path").MustString("/")
+	if basePathEnvExists {
+		basePath = basePathEnv
+	}
 	if strings.HasSuffix(basePath, "/") {
 		basePath = basePath[:len(basePath)-1]
 	}
@@ -150,24 +207,23 @@ func readConfig() *Config {
 	)
 
 	return &Config{
-		Env:                 env,
-		Version:             version,
-		Port:                port,
-		Addr:                addr,
-		BasePath:            basePath,
-		DbHost:              dbHost,
-		DbPort:              uint(dbPort),
-		DbUser:              dbUser,
-		DbPassword:          dbPassword,
-		DbName:              dbName,
-		DbDialect:           dbType,
-		DbMaxConn:           dbMaxConn,
-		CleanUp:             cleanUp,
-		SecureCookie:        secureCookie,
-		PasswordSalt:        passwordSalt,
-		DefaultUserName:     defaultUserName,
-		DefaultUserPassword: defaultUserPassword,
-		CustomLanguages:     customLangs,
-		LanguageColors:      colors,
+		Env:             env,
+		Version:         version,
+		Port:            port,
+		Addr:            addr,
+		BasePath:        basePath,
+		DbHost:          dbHost,
+		DbPort:          uint(dbPort),
+		DbUser:          dbUser,
+		DbPassword:      dbPassword,
+		DbName:          dbName,
+		DbDialect:       dbType,
+		DbMaxConn:       dbMaxConn,
+		CleanUp:         cleanUp,
+		InsecureCookies: insecureCookies,
+		SecureCookie:    secureCookie,
+		PasswordSalt:    passwordSalt,
+		CustomLanguages: customLangs,
+		LanguageColors:  colors,
 	}
 }

models/heartbeat.go

@@ -1,36 +1,31 @@
 package models
 
 import (
-	"database/sql/driver"
-	"errors"
-	"fmt"
 	"regexp"
-	"strconv"
-	"strings"
 	"time"
 )
 
-type HeartbeatReqTime time.Time
+type CustomTime time.Time
 
 type Heartbeat struct {
-	ID              uint             `gorm:"primary_key"`
-	User            *User            `json:"-" gorm:"not null"`
-	UserID          string           `json:"-" gorm:"not null; index:idx_time_user"`
-	Entity          string           `json:"entity" gorm:"not null; index:idx_entity"`
-	Type            string           `json:"type"`
-	Category        string           `json:"category"`
-	Project         string           `json:"project"`
-	Branch          string           `json:"branch"`
-	Language        string           `json:"language" gorm:"index:idx_language"`
-	IsWrite         bool             `json:"is_write"`
-	Editor          string           `json:"editor"`
-	OperatingSystem string           `json:"operating_system"`
-	Time            HeartbeatReqTime `json:"time" gorm:"type:timestamp; default:CURRENT_TIMESTAMP; index:idx_time,idx_time_user"`
+	ID              uint       `gorm:"primary_key"`
+	User            *User      `json:"-" gorm:"not null"`
+	UserID          string     `json:"-" gorm:"not null; index:idx_time_user"`
+	Entity          string     `json:"entity" gorm:"not null; index:idx_entity"`
+	Type            string     `json:"type"`
+	Category        string     `json:"category"`
+	Project         string     `json:"project"`
+	Branch          string     `json:"branch"`
+	Language        string     `json:"language" gorm:"index:idx_language"`
+	IsWrite         bool       `json:"is_write"`
+	Editor          string     `json:"editor"`
+	OperatingSystem string     `json:"operating_system"`
+	Time            CustomTime `json:"time" gorm:"type:timestamp; default:CURRENT_TIMESTAMP; index:idx_time,idx_time_user"`
 	languageRegex   *regexp.Regexp
 }
 
 func (h *Heartbeat) Valid() bool {
-	return h.User != nil && h.UserID != "" && h.Time != HeartbeatReqTime(time.Time{})
+	return h.User != nil && h.UserID != "" && h.Time != CustomTime(time.Time{})
 }
 
 func (h *Heartbeat) Augment(customLangs map[string]string) {
@@ -49,47 +44,3 @@ func (h *Heartbeat) Augment(customLangs map[string]string) {
 		h.Language, _ = customLangs[ending]
 	}
 }
-
-func (j *HeartbeatReqTime) UnmarshalJSON(b []byte) error {
-	s := strings.Split(strings.Trim(string(b), "\""), ".")[0]
-	i, err := strconv.ParseInt(s, 10, 64)
-	if err != nil {
-		return err
-	}
-	t := time.Unix(i, 0)
-	*j = HeartbeatReqTime(t)
-	return nil
-}
-
-func (j *HeartbeatReqTime) Scan(value interface{}) error {
-	switch value.(type) {
-	case string:
-		t, err := time.Parse("2006-01-02 15:04:05-07:00", value.(string))
-		if err != nil {
-			return errors.New(fmt.Sprintf("unsupported date time format: %s", value))
-		}
-		*j = HeartbeatReqTime(t)
-	case int64:
-		*j = HeartbeatReqTime(time.Unix(value.(int64), 0))
-		break
-	case time.Time:
-		*j = HeartbeatReqTime(value.(time.Time))
-		break
-	default:
-		return errors.New(fmt.Sprintf("unsupported type: %T", value))
-	}
-	return nil
-}
-
-func (j HeartbeatReqTime) Value() (driver.Value, error) {
-	return time.Time(j), nil
-}
-
-func (j HeartbeatReqTime) String() string {
-	t := time.Time(j)
-	return t.Format("2006-01-02 15:04:05")
-}
-
-func (j HeartbeatReqTime) Time() time.Time {
-	return time.Time(j)
-}

models/shared.go

@@ -1,6 +1,68 @@
 package models
 
+import (
+	"database/sql/driver"
+	"errors"
+	"fmt"
+	"github.com/jinzhu/gorm"
+	"strconv"
+	"strings"
+	"time"
+)
+
 const (
 	UserKey       = "user"
+	ImprintKey    = "imprint"
 	AuthCookieKey = "wakapi_auth"
 )
+
+type MigrationFunc func(db *gorm.DB) error
+
+type KeyStringValue struct {
+	Key   string `gorm:"primary_key"`
+	Value string `gorm:"type:text"`
+}
+
+func (j *CustomTime) UnmarshalJSON(b []byte) error {
+	s := strings.Split(strings.Trim(string(b), "\""), ".")[0]
+	i, err := strconv.ParseInt(s, 10, 64)
+	if err != nil {
+		return err
+	}
+	t := time.Unix(i, 0)
+	*j = CustomTime(t)
+	return nil
+}
+
+func (j *CustomTime) Scan(value interface{}) error {
+	switch value.(type) {
+	case string:
+		t, err := time.Parse("2006-01-02 15:04:05-07:00", value.(string))
+		if err != nil {
+			return errors.New(fmt.Sprintf("unsupported date time format: %s", value))
+		}
+		*j = CustomTime(t)
+	case int64:
+		*j = CustomTime(time.Unix(value.(int64), 0))
+		break
+	case time.Time:
+		*j = CustomTime(value.(time.Time))
+		break
+	default:
+		return errors.New(fmt.Sprintf("unsupported type: %T", value))
+	}
+	return nil
+}
+
+func (j CustomTime) Value() (driver.Value, error) {
+	return time.Time(j), nil
+}
+
+func (j CustomTime) String() string {
+	t := time.Time(j)
+	return t.Format("2006-01-02 15:04:05")
+}
+
+func (j CustomTime) Time() time.Time {
+	return time.Time(j)
+}

models/user.go

@@ -1,9 +1,11 @@
 package models
 
 type User struct {
-	ID       string `json:"id" gorm:"primary_key"`
-	ApiKey   string `json:"api_key" gorm:"unique"`
-	Password string `json:"-"`
+	ID             string     `json:"id" gorm:"primary_key"`
+	ApiKey         string     `json:"api_key" gorm:"unique"`
+	Password       string     `json:"-"`
+	CreatedAt      CustomTime `gorm:"type:timestamp; default:CURRENT_TIMESTAMP"`
+	LastLoggedInAt CustomTime `gorm:"type:timestamp; default:CURRENT_TIMESTAMP"`
 }
 
 type Login struct {
@@ -17,8 +19,27 @@ type Signup struct {
 	PasswordRepeat string `schema:"password_repeat"`
 }
 
+type CredentialsReset struct {
+	PasswordOld    string `schema:"password_old"`
+	PasswordNew    string `schema:"password_new"`
+	PasswordRepeat string `schema:"password_repeat"`
+}
+
+func (c *CredentialsReset) IsValid() bool {
+	return validatePassword(c.PasswordNew) &&
+		c.PasswordNew == c.PasswordRepeat
+}
+
 func (s *Signup) IsValid() bool {
-	return len(s.Username) >= 3 &&
-		len(s.Password) >= 6 &&
+	return validateUsername(s.Username) &&
+		validatePassword(s.Password) &&
 		s.Password == s.PasswordRepeat
 }
+
+func validateUsername(username string) bool {
+	return len(username) >= 3
+}
+
+func validatePassword(password string) bool {
+	return len(password) >= 6
+}

routes/heartbeat.go

@@ -55,5 +55,5 @@ func (h *HeartbeatHandler) ApiPost(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	w.WriteHeader(http.StatusOK)
+	w.WriteHeader(http.StatusCreated)
 }

routes/public.go

@@ -9,24 +9,27 @@ import (
 	"github.com/muety/wakapi/utils"
 	"net/http"
 	"net/url"
+	"time"
 )
 
 type IndexHandler struct {
-	config   *models.Config
-	userSrvc *services.UserService
+	config       *models.Config
+	userSrvc     *services.UserService
+	keyValueSrvc *services.KeyValueService
 }
 
 var loginDecoder = schema.NewDecoder()
 var signupDecoder = schema.NewDecoder()
 
-func NewIndexHandler(userService *services.UserService) *IndexHandler {
+func NewIndexHandler(userService *services.UserService, keyValueService *services.KeyValueService) *IndexHandler {
 	return &IndexHandler{
-		config:   models.GetConfig(),
-		userSrvc: userService,
+		config:       models.GetConfig(),
+		userSrvc:     userService,
+		keyValueSrvc: keyValueService,
 	}
 }
 
-func (h *IndexHandler) Index(w http.ResponseWriter, r *http.Request) {
+func (h *IndexHandler) GetIndex(w http.ResponseWriter, r *http.Request) {
 	if h.config.IsDev() {
 		loadTemplates()
 	}
@@ -40,18 +43,25 @@ func (h *IndexHandler) Index(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	// TODO: make this more generic and reusable
-	if success := r.URL.Query().Get("success"); success != "" {
-		templates["index.tpl.html"].Execute(w, struct {
-			Success string
-			Error   string
-		}{Success: success})
-		return
-	}
 	templates["index.tpl.html"].Execute(w, nil)
 }
 
-func (h *IndexHandler) Login(w http.ResponseWriter, r *http.Request) {
+func (h *IndexHandler) GetImprint(w http.ResponseWriter, r *http.Request) {
+	if h.config.IsDev() {
+		loadTemplates()
+	}
+
+	text := "failed to load content"
+	if data, err := h.keyValueSrvc.GetString(models.ImprintKey); err == nil {
+		text = data.Value
+	}
+
+	templates["imprint.tpl.html"].Execute(w, &struct {
+		HtmlText string
+	}{HtmlText: text})
+}
+
+func (h *IndexHandler) PostLogin(w http.ResponseWriter, r *http.Request) {
 	if h.config.IsDev() {
 		loadTemplates()
 	}
@@ -89,47 +99,30 @@ func (h *IndexHandler) Login(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	user.LastLoggedInAt = models.CustomTime(time.Now())
+	h.userSrvc.Update(user)
+
 	cookie := &http.Cookie{
 		Name:     models.AuthCookieKey,
 		Value:    encoded,
 		Path:     "/",
-		Secure:   true,
+		Secure:   !h.config.InsecureCookies,
 		HttpOnly: true,
 	}
 	http.SetCookie(w, cookie)
 	http.Redirect(w, r, fmt.Sprintf("%s/summary", h.config.BasePath), http.StatusFound)
 }
 
-func (h *IndexHandler) Logout(w http.ResponseWriter, r *http.Request) {
+func (h *IndexHandler) PostLogout(w http.ResponseWriter, r *http.Request) {
 	if h.config.IsDev() {
 		loadTemplates()
 	}
 
-	utils.ClearCookie(w, models.AuthCookieKey)
+	utils.ClearCookie(w, models.AuthCookieKey, !h.config.InsecureCookies)
 	http.Redirect(w, r, fmt.Sprintf("%s/", h.config.BasePath), http.StatusFound)
 }
 
-func (h *IndexHandler) Signup(w http.ResponseWriter, r *http.Request) {
-	if h.config.IsDev() {
-		loadTemplates()
-	}
-
-	if cookie, err := r.Cookie(models.AuthCookieKey); err == nil && cookie.Value != "" {
-		http.Redirect(w, r, fmt.Sprintf("%s/summary", h.config.BasePath), http.StatusFound)
-		return
-	}
-
-	switch r.Method {
-	case http.MethodPost:
-		h.handlePostSignup(w, r)
-		return
-	default:
-		h.handleGetSignup(w, r)
-		return
-	}
-}
-
-func (h *IndexHandler) handleGetSignup(w http.ResponseWriter, r *http.Request) {
+func (h *IndexHandler) GetSignup(w http.ResponseWriter, r *http.Request) {
 	if h.config.IsDev() {
 		loadTemplates()
 	}
@@ -146,7 +139,7 @@ func (h *IndexHandler) handleGetSignup(w http.ResponseWriter, r *http.Request) {
 	templates["signup.tpl.html"].Execute(w, nil)
 }
 
-func (h *IndexHandler) handlePostSignup(w http.ResponseWriter, r *http.Request) {
+func (h *IndexHandler) PostSignup(w http.ResponseWriter, r *http.Request) {
 	if h.config.IsDev() {
 		loadTemplates()
 	}

routes/routes.go

@@ -30,6 +30,9 @@ func loadTemplates() {
 		"getVersion": func() string {
 			return models.GetConfig().Version
 		},
+		"htmlSafe": func(html string) template.HTML {
+			return template.HTML(html)
+		},
 	})
 	templates = make(map[string]*template.Template)
 
@@ -61,7 +64,7 @@ func respondAlert(w http.ResponseWriter, error, success, tplName string, status
 	templates[tplName].Execute(w, struct {
 		Error   string
 		Success string
-	}{Error: error})
+	}{Error: error, Success: success})
 }
 
 // TODO: do better

routes/settings.go

@@ -0,0 +1,112 @@
+package routes
+
+import (
+	"fmt"
+	"github.com/gorilla/schema"
+	"github.com/muety/wakapi/models"
+	"github.com/muety/wakapi/services"
+	"github.com/muety/wakapi/utils"
+	"net/http"
+	"net/url"
+)
+
+type SettingsHandler struct {
+	config   *models.Config
+	userSrvc *services.UserService
+}
+
+var credentialsDecoder = schema.NewDecoder()
+
+func NewSettingsHandler(userService *services.UserService) *SettingsHandler {
+	return &SettingsHandler{
+		config:   models.GetConfig(),
+		userSrvc: userService,
+	}
+}
+
+func (h *SettingsHandler) GetIndex(w http.ResponseWriter, r *http.Request) {
+	if h.config.IsDev() {
+		loadTemplates()
+	}
+
+	if handleAlerts(w, r, "settings.tpl.html") {
+		return
+	}
+	templates["settings.tpl.html"].Execute(w, nil)
+}
+
+func (h *SettingsHandler) PostCredentials(w http.ResponseWriter, r *http.Request) {
+	if h.config.IsDev() {
+		loadTemplates()
+	}
+
+	user := r.Context().Value(models.UserKey).(*models.User)
+
+	var credentials models.CredentialsReset
+	if err := r.ParseForm(); err != nil {
+		respondAlert(w, "missing parameters", "", "settings.tpl.html", http.StatusBadRequest)
+		return
+	}
+	if err := credentialsDecoder.Decode(&credentials, r.PostForm); err != nil {
+		respondAlert(w, "missing parameters", "", "settings.tpl.html", http.StatusBadRequest)
+		return
+	}
+
+	if !utils.CheckPasswordBcrypt(user, credentials.PasswordOld, h.config.PasswordSalt) {
+		respondAlert(w, "invalid credentials", "", "settings.tpl.html", http.StatusUnauthorized)
+		return
+	}
+
+	if !credentials.IsValid() {
+		respondAlert(w, "invalid parameters", "", "settings.tpl.html", http.StatusBadRequest)
+		return
+	}
+
+	user.Password = credentials.PasswordNew
+	if err := utils.HashPassword(user, h.config.PasswordSalt); err != nil {
+		respondAlert(w, "internal server error", "", "settings.tpl.html", http.StatusInternalServerError)
+		return
+	}
+
+	if _, err := h.userSrvc.Update(user); err != nil {
+		respondAlert(w, "internal server error", "", "settings.tpl.html", http.StatusInternalServerError)
+		return
+	}
+
+	login := &models.Login{
+		Username: user.ID,
+		Password: user.Password,
+	}
+	encoded, err := h.config.SecureCookie.Encode(models.AuthCookieKey, login)
+	if err != nil {
+		respondAlert(w, "internal server error", "", "settings.tpl.html", http.StatusInternalServerError)
+		return
+	}
+
+	cookie := &http.Cookie{
+		Name:     models.AuthCookieKey,
+		Value:    encoded,
+		Path:     "/",
+		Secure:   !h.config.InsecureCookies,
+		HttpOnly: true,
+	}
+	http.SetCookie(w, cookie)
+
+	msg := url.QueryEscape("password was updated successfully")
+	http.Redirect(w, r, fmt.Sprintf("%s/settings?success=%s", h.config.BasePath, msg), http.StatusFound)
+}
+
+func (h *SettingsHandler) PostResetApiKey(w http.ResponseWriter, r *http.Request) {
+	if h.config.IsDev() {
+		loadTemplates()
+	}
+
+	user := r.Context().Value(models.UserKey).(*models.User)
+	if _, err := h.userSrvc.ResetApiKey(user); err != nil {
+		respondAlert(w, "internal server error", "", "settings.tpl.html", http.StatusInternalServerError)
+		return
+	}
+
+	msg := url.QueryEscape(fmt.Sprintf("your new api key is: %s", user.ApiKey))
+	http.Redirect(w, r, fmt.Sprintf("%s/settings?success=%s", h.config.BasePath, msg), http.StatusFound)
+}

routes/summary.go

@@ -42,7 +42,7 @@ func (h *SummaryHandler) ApiGet(w http.ResponseWriter, r *http.Request) {
 	utils.RespondJSON(w, http.StatusOK, summary)
 }
 
-func (h *SummaryHandler) Index(w http.ResponseWriter, r *http.Request) {
+func (h *SummaryHandler) GetIndex(w http.ResponseWriter, r *http.Request) {
 	if h.config.IsDev() {
 		loadTemplates()
 	}

services/alias.go

@@ -46,7 +46,7 @@ func (srv *AliasService) GetAliasOrDefault(userId string, summaryType uint8, val
 	return "", errors.New("user aliases not initialized")
 }
 
-func (src *AliasService) IsInitialized(userId string) bool {
+func (srv *AliasService) IsInitialized(userId string) bool {
 	if _, ok := userAliases.Load(userId); ok {
 		return true
 	}

services/key_value.go

@@ -0,0 +1,62 @@
+package services
+
+import (
+	"errors"
+	"github.com/jinzhu/gorm"
+	"github.com/muety/wakapi/models"
+)
+
+type KeyValueService struct {
+	Config *models.Config
+	Db     *gorm.DB
+}
+
+func NewKeyValueService(db *gorm.DB) *KeyValueService {
+	return &KeyValueService{
+		Config: models.GetConfig(),
+		Db:     db,
+	}
+}
+
+func (srv *KeyValueService) GetString(key string) (*models.KeyStringValue, error) {
+	kv := &models.KeyStringValue{}
+	if err := srv.Db.
+		Where(&models.KeyStringValue{Key: key}).
+		First(&kv).Error; err != nil {
+		return nil, err
+	}
+
+	return kv, nil
+}
+
+func (srv *KeyValueService) PutString(kv *models.KeyStringValue) error {
+	result := srv.Db.
+		Where(&models.KeyStringValue{Key: kv.Key}).
+		Assign(kv).
+		FirstOrCreate(kv)
+
+	if err := result.Error; err != nil {
+		return err
+	}
+
+	if result.RowsAffected != 1 {
+		return errors.New("nothing updated")
+	}
+
+	return nil
+}
+
+func (srv *KeyValueService) DeleteString(key string) error {
+	result := srv.Db.
+		Delete(&models.KeyStringValue{}, &models.KeyStringValue{Key: key})
+
+	if err := result.Error; err != nil {
+		return err
+	}
+
+	if result.RowsAffected != 1 {
+		return errors.New("nothing deleted")
+	}
+
+	return nil
+}

services/summary.go

@@ -96,10 +96,25 @@ func (srv *SummaryService) Construct(from, to time.Time, user *models.User, reco
 	}
 	close(c)
 
+	realFrom, realTo := from, to
+	if len(existingSummaries) > 0 {
+		realFrom = existingSummaries[0].FromTime
+		realTo = existingSummaries[len(existingSummaries)-1].ToTime
+	}
+	if len(heartbeats) > 0 {
+		t1, t2 := time.Time(heartbeats[0].Time), time.Time(heartbeats[len(heartbeats)-1].Time)
+		if t1.After(realFrom) && t1.Before(time.Date(realFrom.Year(), realFrom.Month(), realFrom.Day()+1, 0, 0, 0, 0, realFrom.Location())) {
+			realFrom = t1
+		}
+		if t2.Before(realTo) && t2.After(time.Date(realTo.Year(), realTo.Month(), realTo.Day()-1, 0, 0, 0, 0, realTo.Location())) {
+			realTo = t2
+		}
+	}
+
 	aggregatedSummary := &models.Summary{
 		UserID:           user.ID,
-		FromTime:         from,
-		ToTime:           to,
+		FromTime:         realFrom,
+		ToTime:           realTo,
 		Projects:         projectItems,
 		Languages:        languageItems,
 		Editors:          editorItems,
@@ -134,6 +149,7 @@ func (srv *SummaryService) GetByUserWithin(user *models.User, from, to time.Time
 		Where(&models.Summary{UserID: user.ID}).
 		Where("from_time >= ?", from).
 		Where("to_time <= ?", to).
+		Order("from_time asc").
 		Preload("Projects", "type = ?", models.SummaryProject).
 		Preload("Languages", "type = ?", models.SummaryLanguage).
 		Preload("Editors", "type = ?", models.SummaryEditor).
@@ -224,7 +240,16 @@ func getMissingIntervals(from, to time.Time, existingSummaries []*models.Summary
 
 	// Between
 	for i := 0; i < len(existingSummaries)-1; i++ {
-		if existingSummaries[i].ToTime.Before(existingSummaries[i+1].FromTime) {
+		t1, t2 := existingSummaries[i].ToTime, existingSummaries[i+1].FromTime
+		if t1.Equal(t2) {
+			continue
+		}
+
+		// round to end of day / start of day, assuming that summaries are always generated on a per-day basis
+		td1 := time.Date(t1.Year(), t1.Month(), t1.Day()+1, 0, 0, 0, 0, t1.Location())
+		td2 := time.Date(t2.Year(), t2.Month(), t2.Day(), 0, 0, 0, 0, t2.Location())
+		// one or more day missing in between?
+		if td1.Before(td2) {
 			intervals = append(intervals, &Interval{existingSummaries[i].ToTime, existingSummaries[i+1].FromTime})
 		}
 	}

services/user.go

@@ -69,6 +69,24 @@ func (srv *UserService) CreateOrGet(signup *models.Signup) (*models.User, bool,
 	return u, false, nil
 }
 
+func (srv *UserService) Update(user *models.User) (*models.User, error) {
+	result := srv.Db.Model(&models.User{}).Updates(user)
+	if err := result.Error; err != nil {
+		return nil, err
+	}
+
+	if result.RowsAffected != 1 {
+		return nil, errors.New("nothing updated")
+	}
+
+	return user, nil
+}
+
+func (srv *UserService) ResetApiKey(user *models.User) (*models.User, error) {
+	user.ApiKey = uuid.NewV4().String()
+	return srv.Update(user)
+}
+
 func (srv *UserService) MigrateMd5Password(user *models.User, login *models.Login) (*models.User, error) {
 	user.Password = login.Password
 	if err := utils.HashPassword(user, srv.Config.PasswordSalt); err != nil {

utils/auth.go

@@ -63,7 +63,8 @@ func IsMd5(hash string) bool {
 }
 
 func CheckPasswordBcrypt(user *models.User, password, salt string) bool {
-	err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password+salt))
+	plainPassword := []byte(strings.TrimSpace(password) + salt)
+	err := bcrypt.CompareHashAndPassword([]byte(user.Password), plainPassword)
 	return err == nil
 }
 
@@ -79,7 +80,8 @@ func CheckPasswordMd5(user *models.User, password string) bool {
 
 // inplace
 func HashPassword(u *models.User, salt string) error {
-	bytes, err := bcrypt.GenerateFromPassword([]byte(u.Password+salt), bcrypt.DefaultCost)
+	plainSaltedPassword := []byte(strings.TrimSpace(u.Password) + salt)
+	bytes, err := bcrypt.GenerateFromPassword(plainSaltedPassword, bcrypt.DefaultCost)
 	if err == nil {
 		u.Password = string(bytes)
 	}

utils/date.go

@@ -15,12 +15,12 @@ func StartOfWeek() time.Time {
 
 func StartOfMonth() time.Time {
 	ref := time.Now()
-	return time.Date(ref.Year(), ref.Month(), 0, 0, 0, 0, 0, ref.Location())
+	return time.Date(ref.Year(), ref.Month(), 1, 0, 0, 0, 0, ref.Location())
 }
 
 func StartOfYear() time.Time {
 	ref := time.Now()
-	return time.Date(ref.Year(), time.January, 0, 0, 0, 0, 0, ref.Location())
+	return time.Date(ref.Year(), time.January, 1, 0, 0, 0, 0, ref.Location())
 }
 
 // https://stackoverflow.com/a/18632496

utils/http.go

@@ -13,12 +13,12 @@ func RespondJSON(w http.ResponseWriter, status int, object interface{}) {
 	}
 }
 
-func ClearCookie(w http.ResponseWriter, name string) {
+func ClearCookie(w http.ResponseWriter, name string, secure bool) {
 	http.SetCookie(w, &http.Cookie{
 		Name:     name,
 		Value:    "",
 		Path:     "/",
-		Secure:   true,
+		Secure:   secure,
 		HttpOnly: true,
 	})
 }

version.txt

@@ -1 +1 @@
-1.5.1
+1.7.4

views/footer.tpl.html

@@ -7,5 +7,6 @@
                 href="https://github.com/muety/wakapi" class="border-b border-green-700">open-source</a> software
     </div>
     <div>
+        <a href="imprint" class="border-b border-green-700">Imprint, Cookies & Data Privacy</a>
     </div>
 </footer>

views/imprint.tpl.html

@@ -0,0 +1,24 @@
+<html>
+
+{{ template "head.tpl.html" . }}
+
+<body class="bg-gray-800 text-gray-700 p-4 pt-10 flex flex-col min-h-screen max-w-screen-xl mx-auto justify-center">
+<div class="w-full flex justify-center">
+    <div class="flex items-center justify-between max-w-4xl flex-grow">
+        <div><a href="" class="text-gray-500 text-sm">&larr Go back</a></div>
+        <div><h1 class="font-semibold text-2xl text-white m-0 border-b-4 border-green-700">Imprint & Data Privacy</h1>
+        </div>
+        <div></div>
+    </div>
+</div>
+
+<main class="mt-10 flex-grow flex justify-center w-full">
+    {{ htmlSafe .HtmlText }}
+</main>
+
+{{ template "footer.tpl.html" . }}
+
+{{ template "foot.tpl.html" . }}
+</body>
+
+</html>

views/index.tpl.html

@@ -9,7 +9,7 @@
 
 {{ template "alerts.tpl.html" . }}
 
-<main class="mt-10 flex-grow flex justify-center w-full" id="grid-container">
+<main class="mt-10 flex-grow flex justify-center w-full">
     <div class="flex-grow max-w-lg mt-12">
         <form action="login" method="post">
             <div class="mb-8">

views/settings.tpl.html

@@ -0,0 +1,75 @@
+<html>
+
+{{ template "head.tpl.html" . }}
+
+<body class="bg-gray-800 text-gray-700 p-4 pt-10 flex flex-col min-h-screen max-w-screen-xl mx-auto justify-center">
+<div class="w-full flex justify-center">
+    <div class="flex items-center justify-between max-w-4xl flex-grow">
+        <div><a href="" class="text-gray-500 text-sm">&larr; Go back</a></div>
+        <div><h1 class="font-semibold text-2xl text-white m-0 border-b-4 border-green-700">Settings</h1></div>
+        <div></div>
+    </div>
+</div>
+
+{{ template "alerts.tpl.html" . }}
+
+<main class="mt-4 flex-grow flex justify-center w-full">
+    <div class="flex flex-col flex-grow max-w-lg mt-8">
+        <div class="w-full my-8 pb-8 border-b border-gray-700">
+            <div class="font-semibold text-lg text-white m-0 border-b-2 border-green-700 inline-block">
+                Change Password
+            </div>
+
+            <form class="mt-10" action="settings/credentials" method="post">
+                <div class="mb-8">
+                    <label class="inline-block text-sm mb-1 text-gray-500" for="password_old">Current Password</label>
+                    <input class="shadow appearance-none bg-gray-800 focus:bg-gray-700 text-gray-300 border-green-700 focus:border-gray-500 border rounded w-full py-1 px-3"
+                           type="password" id="password_old"
+                           name="password_old" placeholder="Enter your old password" minlength="6" required>
+                </div>
+                <div class="mb-8">
+                    <label class="inline-block text-sm mb-1 text-gray-500" for="password_new">New Password</label>
+                    <input class="shadow appearance-none bg-gray-800 focus:bg-gray-700 text-gray-300 border-green-700 focus:border-gray-500 border rounded w-full py-1 px-3"
+                           type="password" id="password_new"
+                           name="password_new" placeholder="Choose a password" minlength="6" required>
+                </div>
+                <div class="mb-8">
+                    <label class="inline-block text-sm mb-1 text-gray-500" for="password_repeat">And again ...</label>
+                    <input class="shadow appearance-none bg-gray-800 focus:bg-gray-700 text-gray-300 border-green-700 focus:border-gray-500 border rounded w-full py-1 px-3"
+                           type="password" id="password_repeat"
+                           name="password_repeat" placeholder="Repeat your password" minlength="6" required>
+                </div>
+                <div class="flex justify-between float-right">
+                    <button type="submit" class="py-1 px-3 rounded bg-green-700 hover:bg-green-800 text-white text-sm">
+                        Save
+                    </button>
+                </div>
+            </form>
+        </div>
+
+        <div class="w-full mt-4 mb-8 pb-8">
+            <div class="font-semibold text-lg text-white m-0 border-b-2 border-green-700 inline-block">
+                Reset API Key
+            </div>
+
+            <form class="mt-6" action="settings/reset" method="post">
+                <div class="text-gray-300 text-sm mb-4">
+                    <strong>⚠️ Caution:</strong> Resetting your API key requires you to update your <span class="font-mono">.wakatime.cfg</span> files on all of your computers to make the WakaTime client send heartbeats again.
+                </div>
+
+                <div class="flex justify-between float-right">
+                    <button type="submit" class="py-1 px-3 rounded bg-red-500 hover:bg-red-600 text-white text-sm">
+                        Reset
+                    </button>
+                </div>
+            </form>
+        </div>
+    </div>
+</main>
+
+{{ template "footer.tpl.html" . }}
+
+{{ template "foot.tpl.html" . }}
+</body>
+
+</html>

views/signup.tpl.html

@@ -3,19 +3,26 @@
 {{ template "head.tpl.html" . }}
 
 <body class="bg-gray-800 text-gray-700 p-4 pt-10 flex flex-col min-h-screen max-w-screen-xl mx-auto justify-center">
-<div class="flex items-center justify-center">
-    <h1 class="font-semibold text-2xl text-white m-0 border-b-4 border-green-700">Sign Up</h1>
+<div class="w-full flex justify-center">
+    <div class="flex items-center justify-between max-w-4xl flex-grow">
+        <div><a href="" class="text-gray-500 text-sm">&larr Go back</a></div>
+        <div><h1 class="font-semibold text-2xl text-white m-0 border-b-4 border-green-700">Sign Up</h1></div>
+        <div></div>
+    </div>
 </div>
 
 {{ template "alerts.tpl.html" . }}
 
-<main class="mt-10 flex-grow flex justify-center w-full" id="grid-container">
+<main class="mt-10 flex-grow flex justify-center w-full">
     <div class="flex-grow max-w-lg mt-8">
         <div>
             <p class="text-sm text-gray-300">
                 💡 In order to use Wakapi, you need to create an account.
-                After successful signup, you still need to set up the <a href="https://wakatime.com" target="_blank" class="border-b border-green-700">WakaTime</a> client tools.
-                Please refer to <a href="https://github.com/muety/wakapi#client-setup" target="_blank" class="border-b border-green-700">this readme section</a> for instructions.
+                After successful signup, you still need to set up the <a href="https://wakatime.com" target="_blank"
+                                                                         class="border-b border-green-700">WakaTime</a>
+                client tools.
+                Please refer to <a href="https://github.com/muety/wakapi#client-setup" target="_blank"
+                                   class="border-b border-green-700">this readme section</a> for instructions.
                 You will be able to view you <strong>API Key</strong> once you log in.
             </p>
         </div>
@@ -23,21 +30,26 @@
         <form class="mt-10" action="signup" method="post">
             <div class="mb-8">
                 <label class="inline-block text-sm mb-1 text-gray-500" for="username">Username</label>
-                <input class="shadow appearance-none bg-gray-800 focus:bg-gray-700 text-gray-300 border-green-700 focus:border-gray-500 border rounded w-full py-1 px-3" type="text" id="username"
+                <input class="shadow appearance-none bg-gray-800 focus:bg-gray-700 text-gray-300 border-green-700 focus:border-gray-500 border rounded w-full py-1 px-3"
+                       type="text" id="username"
                        name="username" placeholder="Choose a username" minlength="3" required autofocus>
             </div>
             <div class="mb-8">
                 <label class="inline-block text-sm mb-1 text-gray-500" for="password">Password</label>
-                <input class="shadow appearance-none bg-gray-800 focus:bg-gray-700 text-gray-300 border-green-700 focus:border-gray-500 border rounded w-full py-1 px-3" type="password" id="password"
+                <input class="shadow appearance-none bg-gray-800 focus:bg-gray-700 text-gray-300 border-green-700 focus:border-gray-500 border rounded w-full py-1 px-3"
+                       type="password" id="password"
                        name="password" placeholder="Choose a password" minlength="6" required>
             </div>
             <div class="mb-8">
-                <label class="inline-block text-sm mb-1 text-gray-500" for="password">And again ...</label>
-                <input class="shadow appearance-none bg-gray-800 focus:bg-gray-700 text-gray-300 border-green-700 focus:border-gray-500 border rounded w-full py-1 px-3" type="password" id="password_repeat"
+                <label class="inline-block text-sm mb-1 text-gray-500" for="password_repeat">And again ...</label>
+                <input class="shadow appearance-none bg-gray-800 focus:bg-gray-700 text-gray-300 border-green-700 focus:border-gray-500 border rounded w-full py-1 px-3"
+                       type="password" id="password_repeat"
                        name="password_repeat" placeholder="Repeat your password" minlength="6" required>
             </div>
             <div class="flex justify-between float-right">
-                <button type="submit" class="py-1 px-3 rounded bg-green-700 hover:bg-green-800 text-white text-sm">Create Account</button>
+                <button type="submit" class="py-1 px-3 rounded bg-green-700 hover:bg-green-800 text-white text-sm">
+                    Create Account
+                </button>
             </div>
         </form>
     </div>

views/summary.tpl.html

@@ -4,21 +4,32 @@
 
 <body class="relative bg-gray-800 text-gray-700 p-4 pt-10 flex flex-col min-h-screen max-w-screen-xl mx-auto justify-center">
 
-<div class="hidden flex bg-gray-800 shadow-md z-10 p-2 absolute top-0 right-0 mt-10 mr-8 border border-green-700 rounded popup" id="api-key-popup">
+<div class="hidden flex bg-gray-800 shadow-md z-10 p-2 absolute top-0 right-0 mt-10 mr-8 border border-green-700 rounded popup"
+     id="api-key-popup">
     <div class="flex-grow flex flex-col px-2">
         <span class="text-xs text-gray-500 mx-1">API Key</span>
-        <input type="text" class="bg-transparent text-sm text-white mx-1 font-mono" id="api-key-container" readonly value="{{ .ApiKey }}" style="min-width: 330px">
+        <input type="text" class="bg-transparent text-sm text-white mx-1 font-mono" id="api-key-container" readonly
+               value="{{ .ApiKey }}" style="min-width: 330px">
     </div>
     <div class="flex items-center px-2 border-l border-gray-700">
         <button title="Copy to clipboard" onclick="copyApiKey(event)">📋</button>
     </div>
 </div>
 
-<div class="absolute top-0 right-0 mr-8 mt-10 py-2">
-    <form action="logout" method="post">
-        <button type="button" class="mx-1 py-1 px-3 rounded border border-green-700 text-white text-sm" onclick="showApiKeyPopup(event)">🔐</button>
-        <button type="submit" class="mx-1 py-1 px-3 rounded border border-green-700 text-white text-sm">Logout</button>
-    </form>
+<div class="absolute flex top-0 right-0 mr-8 mt-10 py-2">
+    <div class="mx-1">
+        <button type="button" class="py-1 px-3 h-8 rounded border border-green-700 text-white text-sm"
+                onclick="showApiKeyPopup(event)">🔐
+        </button>
+    </div>
+    <div class="mx-1">
+        <a href="settings" class="py-1 px-3 h-8 block rounded border border-green-700 text-white text-sm">⚙️</a>
+    </div>
+    <div class="mx-1">
+        <form action="logout" method="post">
+            <button type="submit" class="py-1 px-3 h-8 rounded border border-green-700 text-white text-sm">Logout</button>
+        </form>
+    </div>
 </div>
 
 <div class="flex items-center justify-center">
@@ -36,7 +47,7 @@
 
 {{ template "alerts.tpl.html" . }}
 
-<main class="mt-10 flex-grow" id="grid-container">
+<main class="mt-10 flex-grow">
     <div class="flex justify-center">
         <div class="p-1">
             <div class="flex justify-center p-4 bg-white rounded shadow">