added env config COUNTER_FILE, DEBUG

README.md

@@ -10,6 +10,8 @@ _a web based password generator, with an API endpoint_
 * copy to clipboard
 * very small docker container, that only contains the application and has minimum attack surface
 * supports DarkMode and LightMode, you can toggle
+* prepared to run behind a reverse-proxy, like traefik.
+* logs in combined log format
 
 ## Demo
 

main.go

@@ -1,15 +1,17 @@
 package main
 
 import (
+	"crypto/rand"
+	"encoding/json"
+	"html/template"
+	"log"
+	"net"
+	"net/http"
 	"os"
 	"strconv"
 	"strings"
 	"sync"
-	"crypto/rand"
+	"time"
-	"html/template"
-	"log"
-	"net/http"
-	"encoding/json"
 )
 
 const (
@@ -18,12 +20,87 @@ const (
 )
 
 var (
-	templates = make(map[string]*template.Template)
+	debug       = false
-	AppVersion = "development"
+	templates   = make(map[string]*template.Template)
+	AppVersion  = "development"
 	counterFile = "/data/counter.txt"
-	mu sync.Mutex
+	mu          sync.Mutex
 )
 
+func initConfig() {
+	// 1. Counter-Pfad auslesen
+	if envFile := os.Getenv("COUNTER_FILE"); envFile != "" {
+		counterFile = envFile
+		log.Printf("counterFile st to %s, by ENV\n", envFile)
+	}
+
+	// 2. Debug-Modus auslesen (String zu Bool)
+	envDebug := strings.ToLower(os.Getenv("DEBUG"))
+	if envDebug == "true" || envDebug == "1" {
+		debug = true
+		log.Println("DEBUG-Modus ist aktiviert")
+	}
+}
+
+type responseWriter struct {
+	http.ResponseWriter
+	statusCode int
+}
+
+func (rw *responseWriter) WriteHeader(code int) {
+	rw.statusCode = code
+	rw.ResponseWriter.WriteHeader(code)
+}
+
+func newResponseWriter(w http.ResponseWriter) *responseWriter {
+	return &responseWriter{w, http.StatusOK} // Default 200 OK
+}
+
+func LoggingMiddleware(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		start := time.Now()
+		rw := newResponseWriter(w)
+		next.ServeHTTP(rw, r)
+		duration := time.Since(start)
+		clientIP := getClientIP(r)
+		userAgent := r.UserAgent()
+		// Format: IP - - [Datum] "Method Path Proto" Status Duration User-Agent
+		// "Combined Log Format"
+		log.Printf("%s - - [%s] \"%s %s %s\" %d %v \"%s\"\n",
+			clientIP,
+			time.Now().Format("02/Jan/2006:15:04:05 -0700"),
+			r.Method,
+			r.URL.Path,
+			r.Proto,
+			rw.statusCode,
+			duration,
+			userAgent,
+		)
+	})
+}
+
+func getClientIP(r *http.Request) string {
+	// 1. Prüfe den X-Forwarded-For Header (Standard für Proxies)
+	xForwardedFor := r.Header.Get("X-Forwarded-For")
+	if xForwardedFor != "" {
+		// Der Header kann eine Liste von IPs sein (Client, Proxy1, Proxy2)
+		// Die erste IP in der Liste ist die echte Client-IP
+		ips := strings.Split(xForwardedFor, ",")
+		return strings.TrimSpace(ips[0])
+	}
+
+	// 2. Fallback auf X-Real-IP (oft von Traefik/Nginx gesetzt)
+	xRealIP := r.Header.Get("X-Real-IP")
+	if xRealIP != "" {
+		return xRealIP
+	}
+
+	// 3. Letzter Ausweg: Die direkte IP (wird in deinem Fall die Traefik-IP sein)
+	// RemoteAddr enthält oft auch den Port (z.B. "127.0.0.1:1234")
+	ip, _, _ := net.SplitHostPort(r.RemoteAddr)
+	return ip
+}
+
 // Diese Funktion wird nur intern aufgerufen, wenn der Mutex bereits gesperrt ist
 func getCount() int {
 	data, err := os.ReadFile(counterFile)
@@ -54,29 +131,31 @@ func IncrementPasswordCount() {
 }
 
 func loadTemplates() {
-    // 1. FuncMap definieren
+	// 1. FuncMap definieren
-    funcMap := template.FuncMap{
+	funcMap := template.FuncMap{
-        "getAppVersion": func() string { return AppVersion },
+		"getAppVersion": func() string { return AppVersion },
-        "getPassCount": func() int { return GetPasswordCount() },
+		"getPassCount":  func() int { return GetPasswordCount() },
-    }
+	}
 
-    // 2. Templates mit FuncMap laden
+	// 2. Templates mit FuncMap laden
-    // Wir nutzen New("base.html"), da base.html meist das Haupt-Layout definiert
+	// Wir nutzen New("base.html"), da base.html meist das Haupt-Layout definiert
-    templates["index.html"] = template.Must(template.New("base.html").Funcs(funcMap).ParseFiles(
+	templates["index.html"] = template.Must(template.New("base.html").Funcs(funcMap).ParseFiles(
-        "templates/base.html", 
+		"templates/base.html",
-        "templates/index.html",
+		"templates/index.html",
-    ))
+	))
 
-    templates["help.html"] = template.Must(template.New("base.html").Funcs(funcMap).ParseFiles(
+	templates["help.html"] = template.Must(template.New("base.html").Funcs(funcMap).ParseFiles(
-        "templates/base.html", 
+		"templates/base.html",
-        "templates/help.html",
+		"templates/help.html",
-    ))
+	))
 
-    log.Printf("Alle Templates erfolgreich geladen")
+	log.Printf("Alle Templates erfolgreich geladen")
 }
 
 func generatePassword() string {
-	log.Printf("called generatePassword\n")
+	if debug {
+		log.Printf("called generatePassword\n")
+	}
 	password := make([]byte, passwordLength)
 	_, err := rand.Read(password)
 	if err != nil {
@@ -90,31 +169,37 @@ func generatePassword() string {
 }
 
 func passwordHandler(w http.ResponseWriter, r *http.Request) {
-    log.Printf("called passwordHandler\n")
+	if debug {
-    password := generatePassword()
+		log.Printf("called passwordHandler\n")
-    currentCount := GetPasswordCount()
+	}
-    response := map[string]interface{}{
+	password := generatePassword()
-        "password": password,
+	currentCount := GetPasswordCount()
-        "count":    currentCount,
+	response := map[string]interface{}{
-    }
+		"password": password,
-    w.Header().Set("Content-Type", "application/json")
+		"count":    currentCount,
-    err := json.NewEncoder(w).Encode(response)
+	}
-    if err != nil {
+	w.Header().Set("Content-Type", "application/json")
-        log.Printf("Fehler beim Senden des JSON: %v", err)
+	err := json.NewEncoder(w).Encode(response)
-        http.Error(w, "Interner Fehler", http.StatusInternalServerError)
+	if err != nil {
-        return
+		log.Printf("Fehler beim Senden des JSON: %v", err)
-    }
+		http.Error(w, "Interner Fehler", http.StatusInternalServerError)
+		return
+	}
 }
 
 func passwordAPIHandler(w http.ResponseWriter, r *http.Request) {
-	log.Printf("called passwordHandler\n")
+	if debug {
+		log.Printf("called passwordHandler\n")
+	}
 	password := generatePassword()
 	w.Header().Set("Content-Type", "text/plain")
 	w.Write([]byte(password))
 }
 
 func indexHandler(w http.ResponseWriter, r *http.Request) {
-	log.Printf("call indexHandler: Request %s %s\n", r.Method, r.URL)
+	if debug {
+		log.Printf("call indexHandler: Request %s %s\n", r.Method, r.URL)
+	}
 	password := generatePassword()
 	//password := "load..."
 	data := struct {
@@ -122,7 +207,9 @@ func indexHandler(w http.ResponseWriter, r *http.Request) {
 	}{
 		Password: password,
 	}
-	log.Printf("prepare template for index\n")
+	if debug {
+		log.Printf("prepare template for index\n")
+	}
 	err := templates["index.html"].ExecuteTemplate(w, "base.html", data)
 	if err != nil {
 		log.Printf("Fehler beim Rendern des Templates: %v", err)
@@ -131,7 +218,9 @@ func indexHandler(w http.ResponseWriter, r *http.Request) {
 }
 
 func helpHandler(w http.ResponseWriter, r *http.Request) {
-	log.Printf("call helpHandler\n")
+	if debug {
+		log.Printf("call helpHandler\n")
+	}
 	err := templates["help.html"].ExecuteTemplate(w, "base.html", nil)
 	if err != nil {
 		log.Printf("Fehler beim Rendern des Templates: %v", err)
@@ -140,15 +229,21 @@ func helpHandler(w http.ResponseWriter, r *http.Request) {
 }
 
 func main() {
+	initConfig()
 	loadTemplates()
-	fs := http.FileServer(http.Dir("static"))
+	mux := http.NewServeMux()
-	http.Handle("/static/", http.StripPrefix("/static/", fs))
 
-	http.HandleFunc("/", indexHandler)
+	fs := http.FileServer(http.Dir("static"))
-	http.HandleFunc("/api/password", passwordAPIHandler)
+	mux.Handle("/static/", http.StripPrefix("/static/", fs))
-	http.HandleFunc("/json/password", passwordHandler)
+
-	http.HandleFunc("/help", helpHandler)
+	mux.HandleFunc("/", indexHandler)
+	mux.HandleFunc("/api/password", passwordAPIHandler)
+	mux.HandleFunc("/json/password", passwordHandler)
+	mux.HandleFunc("/help", helpHandler)
+
+	loggingRouter := LoggingMiddleware(mux)
 
 	log.Println("Server läuft auf http://localhost:8080")
-	log.Fatal(http.ListenAndServe(":8080", nil))
+
+	log.Fatal(http.ListenAndServe(":8080", loggingRouter))
 }

misc/MoreUsage.md

@@ -25,21 +25,32 @@ for i in {1..10}; do echo $(curl -s https://passwd.scu.si/api/password); done
 you can build the app yourself like this:
 
 ```
-go build -o password-generator ./
+go build ./
 ```
 
+NOTE: If you build the app manually in go, like shown in this example, it will probably not run, since it misses a writeable `/data` directory.
+You can set the counterFile by environment variable `COUNTER_FILE`, like this:
+```
+COUNTER_FILE=./counter.txt ./Web-Password
+```
 
+## debuging the app
+
+You can turn on debug mode via environment variable `DEBUG`
+```
+DEBUG=true ./Web-Password
+```
 
 # build a docker container
 
 ```
-docker build -t password-generator .
+docker build -t web-password:dev .
 ```
 
 # start the docker container
 
 ```
-docker run -p 8080:8080 password-generator
+docker run -p 8080:8080 -v app_data:/data web-password:dev
 ```
 
 ## docker-compose

templates/index.html

@@ -43,7 +43,7 @@
 <div class="container">
     <a href="/help" class="help-link">?</a>
     <a href="https://gitea.scu.si/Florian.Walther/Web-Password" class="code-link">Sourcecode</a>
-    <h1>Generiertes Passwort</h1>
+    <h1>Passwort Generator</h1>
     <div id="password">{{ .Password }}</div>
     <div class="buttons">
         <button class="copy-button" onclick="copyToClipboard()">In Zwischenablage kopieren</button>