add hire/resume pages, contact form, security middleware, and admin improvements

2026-03-08 21:36:47 -05:00
parent c916186d78
commit 261745a5b7
22 changed files with 1237 additions and 72 deletions
--- a/internal/handler/admin.go
+++ b/internal/handler/admin.go
@@ -60,6 +60,9 @@ func (h *Handler) AdminRouter(w http.ResponseWriter, r *http.Request) {
 	case path == "/admin/upload":
 		h.requireAuth(h.adminUpload)(w, r)

+	case path == "/admin/uploads":
+		h.requireAuth(h.adminUploads)(w, r)
+
 	default:
 		h.renderErr(w, http.StatusNotFound, "Admin page not found.")
 	}
@@ -337,6 +340,40 @@ func (h *Handler) adminUpload(w http.ResponseWriter, r *http.Request) {
 	fmt.Fprintf(w, `{"url":"%s","markdown":"![image](%s)"}`, url, url)
 }

+// --- Uploads browser ---
+
+type uploadFile struct {
+	Name     string
+	URL      string
+	Markdown string
+}
+
+type uploadsData struct {
+	Files []uploadFile
+	Flash string
+}
+
+func (h *Handler) adminUploads(w http.ResponseWriter, r *http.Request) {
+	const dir = "static/uploads"
+	entries, err := os.ReadDir(dir)
+	var files []uploadFile
+	if err == nil {
+		for _, e := range entries {
+			if e.IsDir() {
+				continue
+			}
+			name := e.Name()
+			url := "/static/uploads/" + name
+			files = append(files, uploadFile{
+				Name:     name,
+				URL:      url,
+				Markdown: "![image](" + url + ")",
+			})
+		}
+	}
+	h.render(w, "admin-uploads", uploadsData{Files: files, Flash: r.URL.Query().Get("flash")})
+}
+
 // sanitizeSlug ensures a slug is filesystem-safe.
 func sanitizeSlug(s string) string {
 	s = strings.ToLower(strings.TrimSpace(s))