Merge branch 'devel'

Streamline config and make config file variable
Restructure hub.html to be mor organized
2024-09-08 13:36:22 +02:00 · 2024-09-08 13:35:30 +02:00 · 2024-09-08 11:00:44 +02:00 · 2024-09-08 11:00:12 +02:00 · 2024-09-01 21:14:05 +02:00 · 2024-09-01 21:13:52 +02:00
60 changed files with 3546 additions and 1401 deletions
--- a/.air.toml
+++ b/.air.toml
@ -0,0 +1,58 @@
 root = "."
 testdata_dir = "testdata"
 tmp_dir = "tmp"
 [build]
 args_bin = [
    "-articles tmp/articles",
    "-config tmp/config.toml",
    "-desc 'Freiheit, Gleichheit, Brüderlichkeit, Toleranz und Humanität'",
    "-domain localhost",
    "-firebase tmp/firebase.json",
    "-key tmp/key.gob",
    "-link https://distrikt-ni-st.de",
    "-log tmp/cpolis.log",
    "-pdfs tmp/pdfs",
    "-pics tmp/pics",
    "-rss tmp/orientexpress_alle.rss",
    "-title 'Freimaurer Distrikt Niedersachsen und Sachsen-Anhalt'",
    "-web web",
 ]
 bin = "./tmp/main"
 cmd = "go build -o ./tmp/main ./cmd/main.go"
 delay = 0
 exclude_dir = ["assets", "tmp", "vendor", "testdata"]
 exclude_file = []
 exclude_regex = ["_test.go"]
 exclude_unchanged = false
 follow_symlink = false
 full_bin = ""
 include_dir = []
 include_ext = ["go", "tpl", "tmpl", "html", "css"]
 include_file = []
 kill_delay = "0s"
 log = "build-errors.log"
 poll = false
 poll_interval = 0
 rerun = false
 rerun_delay = 500
 send_interrupt = false
 stop_on_error = false
 [color]
 app = ""
 build = "yellow"
 main = "magenta"
 runner = "green"
 watcher = "cyan"
 [log]
 main_only = false
 time = false
 [misc]
 clean_on_exit = false
 [screen]
 clear_on_rebuild = false
 keep_scroll = true
--- a/.gitignore
+++ b/.gitignore
@ -23,3 +23,4 @@ go.work
 # Custom stuff
 tmp/
 style.css
--- a/README.md
+++ b/README.md
@ -1,3 +1,18 @@
 # cpolis
-cpolis is an application written in Go to serve as the backend of the Orient Express magazine.
+cpolis is an application written in Go to serve as the backend of the Orient
 Express magazine.
 ## Installation
 You should have the following packages installed:
 - Go >= 1.22
 - MariaDB
 Enable and start the MariaDB service.
    sudo systemctl enable --now mariadb.service
 Set up a dedicated MariaDB user for cpolis.
--- a/cmd/backend/articles.go
+++ b/cmd/backend/articles.go
@ -1,4 +1,4 @@
-package model
+package backend
 import (
 	"context"
@ -12,12 +12,17 @@ type Article struct {
 	Title         string
 	Created       time.Time
 	Description   string
-	Content     string
+	Link          string
 	EncURL        string
 	EncLength     int
 	EncType       string
 	Published     bool
 	Rejected      bool
 	ID            int64
 	AuthorID      int64
 	IssueID       int64
 	IsInIssue     bool
 	AutoGenerated bool
 }
 func (db *DB) AddArticle(a *Article) (int64, error) {
@ -26,8 +31,8 @@ func (db *DB) AddArticle(a *Article) (int64, error) {
 	selectQuery := "SELECT id FROM issues WHERE published = false"
 	insertQuery := `
    INSERT INTO articles
-        (title, description, content, published, rejected, author_id, issue_id)
+        (title, description, link, enc_url, enc_length, enc_type, published, rejected, author_id, issue_id, is_in_issue, auto_generated)
-    VALUES (?, ?, ?, ?, ?, ?, ?)
+    VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
    `
 	for i := 0; i < TxMaxRetries; i++ {
@ -44,8 +49,9 @@ func (db *DB) AddArticle(a *Article) (int64, error) {
 				return 0, fmt.Errorf("error getting issue ID when adding article to DB: %v", err)
 			}
-			result, err := tx.Exec(insertQuery, a.Title, a.Description,
+			result, err := tx.Exec(insertQuery, a.Title, a.Description, a.Link,
-				a.Content, a.Published, a.Rejected, a.AuthorID, id)
+				a.EncURL, a.EncLength, a.EncType, a.Published, a.Rejected, a.AuthorID, id,
 				a.IsInIssue, a.AutoGenerated)
 			if err != nil {
 				if rollbackErr := tx.Rollback(); rollbackErr != nil {
 					log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
@ -79,7 +85,7 @@ func (db *DB) AddArticle(a *Article) (int64, error) {
 func (db *DB) GetArticle(id int64) (*Article, error) {
 	query := `
-    SELECT title, created, description, content, published, author_id
+    SELECT title, created, description, link, enc_url, enc_length, enc_type, published, author_id, issue_id, is_in_issue, auto_generated
    FROM articles
    WHERE id = ?
    `
@ -90,7 +96,9 @@ func (db *DB) GetArticle(id int64) (*Article, error) {
 	var err error
 	if err := row.Scan(&article.Title, &created, &article.Description,
-		&article.Content, &article.Published, &article.AuthorID); err != nil {
+		&article.Link, &article.EncURL, &article.EncLength, &article.EncType,
 		&article.Published, &article.AuthorID, &article.IssueID,
 		&article.IsInIssue, &article.AutoGenerated); err != nil {
 		return nil, fmt.Errorf("error scanning article row: %v", err)
 	}
@ -105,7 +113,7 @@ func (db *DB) GetArticle(id int64) (*Article, error) {
 func (db *DB) GetCertainArticles(published, rejected bool) ([]*Article, error) {
 	query := `
-    SELECT id, title, created, description, content, author_id, issue_id
+    SELECT id, title, created, description, link, enc_url, enc_length, enc_type, author_id, issue_id, is_in_issue, auto_generated
    FROM articles
    WHERE published = ?
    AND rejected = ?
@ -121,8 +129,9 @@ func (db *DB) GetCertainArticles(published, rejected bool) ([]*Article, error) {
 		var created []byte
 		if err = rows.Scan(&article.ID, &article.Title, &created,
-			&article.Description, &article.Content, &article.AuthorID,
+			&article.Description, &article.Link, &article.EncURL, &article.EncLength,
-			&article.IssueID); err != nil {
+			&article.EncType, &article.AuthorID, &article.IssueID,
 			&article.IsInIssue, &article.AutoGenerated); err != nil {
 			return nil, fmt.Errorf("error scanning article row: %v", err)
 		}
@ -143,9 +152,9 @@ func (db *DB) GetCurrentIssueArticles() ([]*Article, error) {
 	txOptions := &sql.TxOptions{Isolation: sql.LevelSerializable}
 	issueQuery := "SELECT id FROM issues WHERE published = false"
 	articlesQuery := `
-    SELECT id, title, created, description, content, author_id
+    SELECT id, title, created, description, link, enc_url, enc_length, enc_type, author_id, auto_generated
    FROM articles
-    WHERE issue_id = ? AND published = true
+    WHERE issue_id = ? AND published = true AND is_in_issue = true
    `
 	for i := 0; i < TxMaxRetries; i++ {
@ -177,7 +186,8 @@ func (db *DB) GetCurrentIssueArticles() ([]*Article, error) {
 				var created []byte
 				if err = rows.Scan(&article.ID, &article.Title, &created,
-					&article.Description, &article.Content, &article.AuthorID); err != nil {
+					&article.Description, &article.Link, &article.EncURL, &article.EncLength,
 					&article.EncType, &article.AuthorID, &article.AutoGenerated); err != nil {
 					if rollbackErr := tx.Rollback(); rollbackErr != nil {
 						log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
 					}
@ -256,3 +266,21 @@ func (db *DB) AddArticleToCurrentIssue(id int64) error {
 	return fmt.Errorf("error: %v unsuccessful retries for DB operation, aborting", TxMaxRetries)
 }
 func (db *DB) DeleteArticle(id int64) error {
 	articlesTagsQuery := "DELETE FROM articles_tags WHERE article_id = ?"
 	_, err := db.Exec(articlesTagsQuery, id)
 	if err != nil {
 		return fmt.Errorf("error deleting article %v from DB: %v", id, err)
 	}
 	articlesQuery := "DELETE FROM articles WHERE id = ?"
 	_, err = db.Exec(articlesQuery, id)
 	if err != nil {
 		return fmt.Errorf("error deleting article %v from DB: %v", id, err)
 	}
 	return nil
 }
--- a/cmd/backend/articles_tags.go
+++ b/cmd/backend/articles_tags.go
@ -1,4 +1,4 @@
-package model
+package backend
 import (
 	"fmt"
--- a/cmd/backend/config.go
+++ b/cmd/backend/config.go
@ -0,0 +1,247 @@
 package backend
 import (
 	"flag"
 	"fmt"
 	"io/fs"
 	"os"
 	"path/filepath"
 	"strings"
 	"github.com/BurntSushi/toml"
 )
 type Config struct {
 	ArticleDir  string
 	ConfigFile  string
 	DBName      string
 	Description string
 	Domain      string
 	FirebaseKey string
 	KeyFile     string
 	Link        string
 	LogFile     string
 	PDFDir      string
 	PicsDir     string
 	Port        string
 	RSSFile     string
 	Title       string
 	WebDir      string
 }
 func newConfig() *Config {
 	return &Config{
 		ArticleDir:  "/var/www/cpolis/articles",
 		ConfigFile:  "/etc/cpolis/config.toml",
 		DBName:      "cpolis",
 		FirebaseKey: "/var/www/cpolis/serviceAccountKey.json",
 		KeyFile:     "/var/www/cpolis/cpolis.key",
 		LogFile:     "/var/log/cpolis.log",
 		PDFDir:      "/var/www/cpolis/pdfs",
 		Port:        ":8080",
 		PicsDir:     "/var/www/cpolis/pics",
 		RSSFile:     "/var/www/cpolis/cpolis.rss",
 		WebDir:      "/var/www/cpolis/web",
 	}
 }
 func mkDir(path string, perm fs.FileMode) (string, error) {
 	var err error
 	stringSlice := strings.Split(path, "/")
 	name := stringSlice[len(stringSlice)-1]
 	path, err = filepath.Abs(path)
 	if err != nil {
 		return "", fmt.Errorf("error finding absolute path for %v directory: %v", name, err)
 	}
 	if err = os.MkdirAll(path, perm); err != nil {
 		return "", fmt.Errorf("error creating %v directory: %v", name, err)
 	}
 	return path, nil
 }
 func mkFile(path string, filePerm, dirPerm fs.FileMode) (string, error) {
 	var err error
 	path, err = filepath.Abs(path)
 	if err != nil {
 		return "", fmt.Errorf("error finding absolute path for %v: %v", path, err)
 	}
 	stringSlice := strings.Split(path, "/")
 	_, err = os.Stat(path)
 	if os.IsNotExist(err) {
 		dir := strings.Join(stringSlice[:len(stringSlice)-1], "/")
 		if err = os.MkdirAll(dir, dirPerm); err != nil {
 			return "", fmt.Errorf("error creating %v: %v", dir, err)
 		}
 		fileName := stringSlice[len(stringSlice)-1]
 		file, err := os.Create(dir + "/" + fileName)
 		if err != nil {
 			return "", fmt.Errorf("error creating %v: %v", fileName, err)
 		}
 		defer file.Close()
 		if err = file.Chmod(filePerm); err != nil {
 			return "", fmt.Errorf("error setting permissions for %v: %v", fileName, err)
 		}
 	}
 	return path, nil
 }
 func (c *Config) handleCliArgs() error {
 	var port int
 	var err error
 	flag.StringVar(&c.ArticleDir, "articles", c.ArticleDir, "articles directory")
 	flag.StringVar(&c.ConfigFile, "config", c.ConfigFile, "config file")
 	flag.StringVar(&c.DBName, "db", c.DBName, "DB name")
 	flag.StringVar(&c.Description, "desc", c.Description, "channel description")
 	flag.StringVar(&c.Domain, "domain", c.Domain, "domain name")
 	flag.StringVar(&c.FirebaseKey, "firebase", c.FirebaseKey, "Firebase service account key file")
 	flag.StringVar(&c.KeyFile, "key", c.KeyFile, "key file")
 	flag.StringVar(&c.Link, "link", c.Link, "channel Link")
 	flag.StringVar(&c.LogFile, "log", c.LogFile, "log file")
 	flag.StringVar(&c.PDFDir, "pdfs", c.PDFDir, "pdf directory")
 	flag.StringVar(&c.PicsDir, "pics", c.PicsDir, "pictures directory")
 	flag.StringVar(&c.RSSFile, "rss", c.RSSFile, "RSS file")
 	flag.StringVar(&c.Title, "title", c.Title, "channel title")
 	flag.StringVar(&c.WebDir, "web", c.WebDir, "web directory")
 	flag.IntVar(&port, "port", port, "port")
 	flag.Parse()
 	c.Port = fmt.Sprint(":", port)
 	c.ConfigFile, err = mkFile(c.ConfigFile, 0600, 0700)
 	if err != nil {
 		return fmt.Errorf("error setting up file: %v", err)
 	}
 	return nil
 }
 func (c *Config) handleFile(configFile string) error {
 	_, err := toml.DecodeFile(configFile, c)
 	if err != nil {
 		return fmt.Errorf("error reading config file: %v", err)
 	}
 	return nil
 }
 func (c *Config) setupConfig(cliConfig *Config) error {
 	var err error
 	defaultConfig := newConfig()
 	if cliConfig.ArticleDir != defaultConfig.ArticleDir {
 		c.ArticleDir = cliConfig.ArticleDir
 	}
 	c.ArticleDir, err = mkDir(c.ArticleDir, 0700)
 	if err != nil {
 		return fmt.Errorf("error setting up directory: %v", err)
 	}
 	if cliConfig.DBName != defaultConfig.DBName {
 		c.DBName = cliConfig.DBName
 	}
 	if cliConfig.Description != defaultConfig.Description {
 		c.Description = cliConfig.Description
 	}
 	if cliConfig.Domain != defaultConfig.Domain {
 		c.Domain = cliConfig.Domain
 	}
 	if cliConfig.FirebaseKey != defaultConfig.FirebaseKey {
 		c.FirebaseKey = cliConfig.FirebaseKey
 	}
 	c.FirebaseKey, err = mkFile(c.FirebaseKey, 0600, 0700)
 	if err != nil {
 		return fmt.Errorf("error setting up file: %v", err)
 	}
 	if cliConfig.KeyFile != defaultConfig.KeyFile {
 		c.KeyFile = cliConfig.KeyFile
 	}
 	c.KeyFile, err = mkFile(c.KeyFile, 0600, 0700)
 	if err != nil {
 		return fmt.Errorf("error setting up file: %v", err)
 	}
 	if cliConfig.Link != defaultConfig.Link {
 		c.Link = cliConfig.Link
 	}
 	if cliConfig.LogFile != defaultConfig.LogFile {
 		c.LogFile = cliConfig.LogFile
 	}
 	c.LogFile, err = mkFile(c.LogFile, 0600, 0700)
 	if err != nil {
 		return fmt.Errorf("error setting up file: %v", err)
 	}
 	if cliConfig.PDFDir != defaultConfig.PDFDir {
 		c.PDFDir = cliConfig.PDFDir
 	}
 	c.PDFDir, err = mkDir(c.PDFDir, 0700)
 	if err != nil {
 		return fmt.Errorf("error setting up directory: %v", err)
 	}
 	if cliConfig.PicsDir != defaultConfig.PicsDir {
 		c.PicsDir = cliConfig.PicsDir
 	}
 	c.PicsDir, err = mkDir(c.PicsDir, 0700)
 	if err != nil {
 		return fmt.Errorf("error setting up directory: %v", err)
 	}
 	if cliConfig.Port != defaultConfig.Port {
 		c.Port = cliConfig.Port
 	}
 	if cliConfig.RSSFile != defaultConfig.RSSFile {
 		c.RSSFile = cliConfig.RSSFile
 	}
 	c.RSSFile, err = mkFile(c.RSSFile, 0600, 0700)
 	if err != nil {
 		return fmt.Errorf("error setting up file: %v", err)
 	}
 	if cliConfig.Title != defaultConfig.Title {
 		c.Title = cliConfig.Title
 	}
 	if cliConfig.WebDir != defaultConfig.WebDir {
 		c.WebDir = cliConfig.WebDir
 	}
 	c.WebDir, err = mkDir(c.WebDir, 0700)
 	if err != nil {
 		return fmt.Errorf("error setting up directory: %v", err)
 	}
 	return nil
 }
 func HandleConfig() (*Config, error) {
 	config := newConfig()
 	cliConfig := newConfig()
 	if err := cliConfig.handleCliArgs(); err != nil {
 		return nil, fmt.Errorf("error handling cli arguments: %v", err)
 	}
 	err := config.handleFile(cliConfig.ConfigFile)
 	if err != nil {
 		return nil, fmt.Errorf("error reading configuration file: %v", err)
 	}
 	if err = config.setupConfig(cliConfig); err != nil {
 		return nil, fmt.Errorf("error setting up files: %v", err)
 	}
 	return config, nil
 }
--- a/cmd/backend/db.go
+++ b/cmd/backend/db.go
@ -1,4 +1,4 @@
-package model
+package backend
 import (
 	"bufio"
--- a/cmd/backend/firebase.go
+++ b/cmd/backend/firebase.go
@ -0,0 +1,44 @@
 package backend
 import (
 	"context"
 	firebase "firebase.google.com/go/v4"
 	"firebase.google.com/go/v4/auth"
 	"google.golang.org/api/option"
 )
 type Client struct {
 	*auth.Client
 }
 func NewClient(c *Config) (*Client, error) {
 	var err error
 	client := new(Client)
 	ctx := context.Background()
 	opt := option.WithCredentialsFile(c.FirebaseKey)
 	app, err := firebase.NewApp(ctx, nil, opt)
 	if err != nil {
 		return nil, err
 	}
 	client.Client, err = app.Auth(ctx)
 	if err != nil {
 		return nil, err
 	}
 	return client, nil
 }
 func (c *Client) Verify(idToken string) (*auth.Token, error) {
 	ctx := context.Background()
 	token, err := c.VerifyIDTokenAndCheckRevoked(ctx, idToken)
 	if err != nil {
 		return nil, err
 	}
 	return token, nil
 }
--- a/cmd/backend/issues.go
+++ b/cmd/backend/issues.go
@ -1,4 +1,4 @@
-package model
+package backend
 import (
 	"context"
--- a/cmd/backend/markdown.go
+++ b/cmd/backend/markdown.go
@ -1,4 +1,4 @@
-package control
+package backend
 import (
 	"bytes"
--- a/cmd/backend/rss.go
+++ b/cmd/backend/rss.go
@ -1,4 +1,4 @@
-package control
+package backend
 import (
 	"fmt"
@ -7,55 +7,13 @@ import (
 	"time"
 	"git.streifling.com/jason/rss"
 	"streifling.com/jason/cpolis/cmd/model"
 )
-func GetChannel(db *model.DB, title, link, description string) (*rss.Channel, error) {
+func GenerateRSS(c *Config, db *DB) (*string, error) {
 	channel := &rss.Channel{
-		Title:       title,
+		Title:       c.Title,
-		Link:        link,
+		Link:        c.Link,
-		Description: description,
+		Description: c.Description,
 		Items:       make([]*rss.Item, 0),
 	}
 	articles, err := db.GetCertainArticles(true, false)
 	if err != nil {
 		return nil, fmt.Errorf("error fetching published articles: %v", err)
 	}
 	for _, article := range articles {
 		tags, err := db.GetArticleTags(article.ID)
 		if err != nil {
 			return nil, fmt.Errorf("error fetching tags for article %v: %v", article.Title, err)
 		}
 		tagNames := make([]string, 0)
 		for _, tag := range tags {
 			tagNames = append(tagNames, tag.Name)
 		}
 		user, err := db.GetUser(article.AuthorID)
 		if err != nil {
 			return nil, fmt.Errorf("error finding user %v: %v", article.AuthorID, err)
 		}
 		channel.Items = append(channel.Items, &rss.Item{
 			Title:       article.Title,
 			Author:      user.FirstName + user.LastName,
 			PubDate:     article.Created.Format(time.RFC1123Z),
 			Description: article.Description,
 			Content:     &rss.Content{Value: article.Content},
 			Categories:  tagNames,
 		})
 	}
 	return channel, nil
 }
 func GenerateRSS(db *model.DB, title, link, desc string) (*string, error) {
 	channel := &rss.Channel{
 		Title:       title,
 		Link:        link,
 		Description: desc,
 		Items:       make([]*rss.Item, 0),
 	}
@ -73,7 +31,13 @@ func GenerateRSS(db *model.DB, title, link, desc string) (*string, error) {
 		for _, tag := range tags {
 			tagNames = append(tagNames, tag.Name)
 		}
 		if article.IsInIssue || article.AutoGenerated {
 			tagNames = append(tagNames, fmt.Sprint("Orient Express ", article.IssueID))
 		}
 		if article.AutoGenerated {
 			tagNames = append(tagNames, "autogenerated")
 		}
 		user, err := db.GetUser(article.AuthorID)
 		if err != nil {
@ -90,24 +54,30 @@ func GenerateRSS(db *model.DB, title, link, desc string) (*string, error) {
 			return nil, fmt.Errorf("error converting description to plain text for RSS feed: %v", err)
 		}
-		articleContent, err := ConvertToHTML(article.Content)
+		item := &rss.Item{
-		if err != nil {
+			Author:      fmt.Sprint(user.FirstName, " ", user.LastName),
-			return nil, fmt.Errorf("error converting content to HTML for RSS feed: %v", err)
+			Categories:  tagNames,
 			Description: articleDescription,
 			Guid:        string(article.ID),
 			Link:        article.Link,
 			PubDate:     article.Created.Format(time.RFC1123Z),
 			Title:       articleTitle,
 		}
-		channel.Items = append(channel.Items, &rss.Item{
+		if article.AutoGenerated {
-			Title:       articleTitle,
+			item.Enclosure = &rss.Enclosure{
-			Author:      user.FirstName + user.LastName,
+				Url:    article.EncURL,
-			PubDate:     article.Created.Format(time.RFC1123Z),
+				Lenght: article.EncLength,
-			Description: articleDescription,
+				Type:   article.EncType,
-			Content:     &rss.Content{Value: articleContent},
+			}
-			Categories:  tagNames,
+		}
-		})
+
 		channel.Items = append(channel.Items, item)
 	}
 	feed := rss.NewFeed()
 	feed.Channels = append(feed.Channels, channel)
-	rss, err := feed.ToXML()
+	rss, err := feed.ToXML("UTF-8")
 	if err != nil {
 		return nil, fmt.Errorf("error converting RSS feed to XML: %v", err)
 	}
@ -121,7 +91,9 @@ func SaveRSS(filename string, feed *string) error {
 		return fmt.Errorf("error creating file for RSS feed: %v", err)
 	}
 	defer file.Close()
-	file.Chmod(0644)
+	if err = file.Chmod(0644); err != nil {
 		return fmt.Errorf("error setting permissions for RSS file: %v", err)
 	}
 	if _, err = io.WriteString(file, *feed); err != nil {
 		return fmt.Errorf("error writing to RSS file: %v", err)
--- a/cmd/backend/sessions.go
+++ b/cmd/backend/sessions.go
@ -1,4 +1,4 @@
-package control
+package backend
 import (
 	"crypto/rand"
--- a/cmd/backend/tags.go
+++ b/cmd/backend/tags.go
@ -1,4 +1,4 @@
-package model
+package backend
 import "fmt"
--- a/cmd/backend/users.go
+++ b/cmd/backend/users.go
@ -0,0 +1,380 @@
 package backend
 import (
 	"context"
 	"database/sql"
 	"fmt"
 	"log"
 	"golang.org/x/crypto/bcrypt"
 )
 const (
 	Admin = iota
 	Publisher
 	Editor
 	Author
 	NonExistent
 )
 type User struct {
 	UserName  string
 	FirstName string
 	LastName  string
 	ID        int64
 	Role      int
 }
 func (db *DB) AddUser(u *User, pass string) (int64, error) {
 	hashedPass, err := bcrypt.GenerateFromPassword([]byte(pass), bcrypt.DefaultCost)
 	if err != nil {
 		return 0, fmt.Errorf("error creating password hash: %v", err)
 	}
 	query := `
    INSERT INTO users (username, password, first_name, last_name, role)
    VALUES (?, ?, ?, ?, ?)
    `
 	result, err := db.Exec(query, u.UserName, string(hashedPass), u.FirstName, u.LastName, u.Role)
 	if err != nil {
 		return 0, fmt.Errorf("error inserting new user %v into DB: %v", u.UserName, err)
 	}
 	id, err := result.LastInsertId()
 	if err != nil {
 		return 0, fmt.Errorf("error inserting user into DB: %v", err)
 	}
 	return id, nil
 }
 func (db *DB) GetID(userName string) (int64, bool) {
 	var id int64
 	query := `
    SELECT id
    FROM users
    WHERE username = ?
    `
 	row := db.QueryRow(query, userName)
 	if err := row.Scan(&id); err != nil {
 		return 0, false
 	}
 	return id, true
 }
 func (db *DB) CheckPassword(id int64, pass string) error {
 	var queriedPass string
 	query := `
    SELECT password
    FROM users
    WHERE id = ?
    `
 	row := db.QueryRow(query, id)
 	if err := row.Scan(&queriedPass); err != nil {
 		return fmt.Errorf("error reading password from DB: %v", err)
 	}
 	if err := bcrypt.CompareHashAndPassword([]byte(queriedPass), []byte(pass)); err != nil {
 		return fmt.Errorf("incorrect password: %v", err)
 	}
 	return nil
 }
 func (tx *Tx) ChangePassword(id int64, oldPass, newPass string) error {
 	var queriedPass string
 	getQuery := `
    SELECT password
    FROM users
    WHERE id = ?
    `
 	row := tx.QueryRow(getQuery, id)
 	if err := row.Scan(&queriedPass); err != nil {
 		if rollbackErr := tx.Rollback(); rollbackErr != nil {
 			log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
 		}
 		return fmt.Errorf("error reading password from DB: %v", err)
 	}
 	if err := bcrypt.CompareHashAndPassword([]byte(queriedPass), []byte(oldPass)); err != nil {
 		if rollbackErr := tx.Rollback(); rollbackErr != nil {
 			log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
 		}
 		return fmt.Errorf("incorrect password: %v", err)
 	}
 	newHashedPass, err := bcrypt.GenerateFromPassword([]byte(newPass), bcrypt.DefaultCost)
 	if err != nil {
 		if rollbackErr := tx.Rollback(); rollbackErr != nil {
 			log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
 		}
 		return fmt.Errorf("error creating password hash: %v", err)
 	}
 	setQuery := `
    UPDATE users
    SET password = ?
    WHERE id = ?
    `
 	if _, err = tx.Exec(setQuery, string(newHashedPass), id); err != nil {
 		if rollbackErr := tx.Rollback(); rollbackErr != nil {
 			log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
 		}
 		return fmt.Errorf("error updating password in DB: %v", err)
 	}
 	return nil
 }
 // TODO: No need for ID field in general
 func (db *DB) GetUser(id int64) (*User, error) {
 	user := new(User)
 	query := `
    SELECT id, username, first_name, last_name, role
    FROM users
    WHERE id = ?
    `
 	row := db.QueryRow(query, id)
 	if err := row.Scan(&user.ID, &user.UserName, &user.FirstName,
 		&user.LastName, &user.Role); err != nil {
 		return nil, fmt.Errorf("error reading user information: %v", err)
 	}
 	return user, nil
 }
 func (db *DB) UpdateOwnAttributes(id int64, user, first, last, oldPass, newPass, newPass2 string) error {
 	passwordEmpty := true
 	if len(newPass) > 0 || len(newPass2) > 0 {
 		if newPass != newPass2 {
 			return fmt.Errorf("error: passwords do not match")
 		}
 		passwordEmpty = false
 	}
 	tx := new(Tx)
 	var err error
 	for i := 0; i < TxMaxRetries; i++ {
 		err := func() error {
 			tx.Tx, err = db.Begin()
 			if err != nil {
 				return fmt.Errorf("error starting transaction: %v", err)
 			}
 			if !passwordEmpty {
 				if err = tx.ChangePassword(id, oldPass, newPass); err != nil {
 					if rollbackErr := tx.Rollback(); rollbackErr != nil {
 						log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
 					}
 					return fmt.Errorf("error changing password: %v", err)
 				}
 			}
 			if err = tx.UpdateAttributes(
 				&Attribute{Table: "users", ID: id, AttName: "username", Value: user},
 				&Attribute{Table: "users", ID: id, AttName: "first_name", Value: first},
 				&Attribute{Table: "users", ID: id, AttName: "last_name", Value: last},
 			); err != nil {
 				if rollbackErr := tx.Rollback(); rollbackErr != nil {
 					log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
 				}
 				return fmt.Errorf("error updating attributes in DB: %v", err)
 			}
 			if err = tx.Commit(); err != nil {
 				return fmt.Errorf("error committing transaction: %v", err)
 			}
 			return nil
 		}()
 		if err == nil {
 			return nil
 		}
 		log.Println(err)
 		wait(i)
 	}
 	return fmt.Errorf("error: %v unsuccessful retries for DB operation, aborting", TxMaxRetries)
 }
 func (db *DB) AddFirstUser(u *User, pass string) (int64, error) {
 	var numUsers int64
 	txOptions := &sql.TxOptions{Isolation: sql.LevelSerializable}
 	selectQuery := "SELECT COUNT(*) FROM users"
 	insertQuery := `
    INSERT INTO users (username, password, first_name, last_name, role)
    VALUES (?, ?, ?, ?, ?)
    `
 	for i := 0; i < TxMaxRetries; i++ {
 		id, err := func() (int64, error) {
 			tx, err := db.BeginTx(context.Background(), txOptions)
 			if err != nil {
 				return 0, fmt.Errorf("error starting transaction: %v", err)
 			}
 			if err := tx.QueryRow(selectQuery).Scan(&numUsers); err != nil {
 				if rollbackErr := tx.Rollback(); rollbackErr != nil {
 					log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
 				}
 				return 0, fmt.Errorf("error getting ID of %v: %v", u.UserName, err)
 			}
 			if numUsers != 0 {
 				if err = tx.Commit(); err != nil {
 					return 0, fmt.Errorf("error committing transaction: %v", err)
 				}
 				return 2, nil
 			}
 			hashedPass, err := bcrypt.GenerateFromPassword([]byte(pass), bcrypt.DefaultCost)
 			if err != nil {
 				if rollbackErr := tx.Rollback(); rollbackErr != nil {
 					log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
 				}
 				return 0, fmt.Errorf("error creating password hash: %v", err)
 			}
 			result, err := tx.Exec(insertQuery, u.UserName, string(hashedPass), u.FirstName, u.LastName, u.Role)
 			if err != nil {
 				if rollbackErr := tx.Rollback(); rollbackErr != nil {
 					log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
 				}
 				return 0, fmt.Errorf("error inserting new user %v into DB: %v", u.UserName, err)
 			}
 			id, err := result.LastInsertId()
 			if err != nil {
 				if rollbackErr := tx.Rollback(); rollbackErr != nil {
 					log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
 				}
 				return 0, fmt.Errorf("error inserting user into DB: %v", err)
 			}
 			if err = tx.Commit(); err != nil {
 				return 0, fmt.Errorf("error committing transaction: %v", err)
 			}
 			return id, nil
 		}()
 		if err == nil {
 			return id, nil
 		}
 		log.Println(err)
 		wait(i)
 	}
 	return 0, fmt.Errorf("error: %v unsuccessful retries for DB operation, aborting", TxMaxRetries)
 }
 func (db *DB) GetAllUsers() (map[int64]*User, error) {
 	query := "SELECT id, username, first_name, last_name, role FROM users"
 	rows, err := db.Query(query)
 	if err != nil {
 		return nil, fmt.Errorf("error getting all users from DB: %v", err)
 	}
 	users := make(map[int64]*User, 0)
 	for rows.Next() {
 		user := new(User)
 		if err = rows.Scan(&user.ID, &user.UserName, &user.FirstName,
 			&user.LastName, &user.Role); err != nil {
 			return nil, fmt.Errorf("error getting user info: %v", err)
 		}
 		users[user.ID] = user
 	}
 	return users, nil
 }
 func (tx *Tx) SetPassword(id int64, newPass string) error {
 	hashedPass, err := bcrypt.GenerateFromPassword([]byte(newPass), bcrypt.DefaultCost)
 	if err != nil {
 		if rollbackErr := tx.Rollback(); rollbackErr != nil {
 			log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
 		}
 		return fmt.Errorf("error creating password hash: %v", err)
 	}
 	setQuery := "UPDATE users SET password = ? WHERE id = ?"
 	if _, err = tx.Exec(setQuery, string(hashedPass), id); err != nil {
 		if rollbackErr := tx.Rollback(); rollbackErr != nil {
 			log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
 		}
 		return fmt.Errorf("error updating password in DB: %v", err)
 	}
 	return nil
 }
 func (db *DB) UpdateUserAttributes(id int64, user, first, last, newPass, newPass2 string, role int) error {
 	passwordEmpty := true
 	if len(newPass) > 0 || len(newPass2) > 0 {
 		if newPass != newPass2 {
 			return fmt.Errorf("error: passwords do not match")
 		}
 		passwordEmpty = false
 	}
 	tx := new(Tx)
 	var err error
 	for i := 0; i < TxMaxRetries; i++ {
 		err := func() error {
 			tx.Tx, err = db.Begin()
 			if err != nil {
 				return fmt.Errorf("error starting transaction: %v", err)
 			}
 			if !passwordEmpty {
 				if err = tx.SetPassword(id, newPass); err != nil {
 					if rollbackErr := tx.Rollback(); rollbackErr != nil {
 						log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
 					}
 					return fmt.Errorf("error changing password: %v", err)
 				}
 			}
 			if err = tx.UpdateAttributes(
 				&Attribute{Table: "users", ID: id, AttName: "username", Value: user},
 				&Attribute{Table: "users", ID: id, AttName: "first_name", Value: first},
 				&Attribute{Table: "users", ID: id, AttName: "last_name", Value: last},
 				&Attribute{Table: "users", ID: id, AttName: "role", Value: role},
 			); err != nil {
 				if rollbackErr := tx.Rollback(); rollbackErr != nil {
 					log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
 				}
 				return fmt.Errorf("error updating attributes in DB: %v", err)
 			}
 			if err = tx.Commit(); err != nil {
 				return fmt.Errorf("error committing transaction: %v", err)
 			}
 			return nil
 		}()
 		if err == nil {
 			return nil
 		}
 		log.Println(err)
 		wait(i)
 	}
 	return fmt.Errorf("error: %v unsuccessful retries for DB operation, aborting", TxMaxRetries)
 }
 func (db *DB) DeleteUser(id int64) error {
 	query := "DELETE FROM users WHERE id = ?"
 	_, err := db.Exec(query, id)
 	if err != nil {
 		return fmt.Errorf("error deleting user %v from DB: %v", id, err)
 	}
 	return nil
 }
--- a/cmd/calls/articles.go
+++ b/cmd/calls/articles.go
@ -0,0 +1,55 @@
 package calls
 import (
 	"fmt"
 	"log"
 	"net/http"
 	"os"
 	"strconv"
 	b "streifling.com/jason/cpolis/cmd/backend"
 )
 func ServeArticle(c *b.Config, db *b.DB) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		if !tokenIsVerified(w, r, c) {
 			return
 		}
 		idString := r.PathValue("id")
 		id, err := strconv.ParseInt(idString, 10, 64)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		article, err := db.GetArticle(id)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		if !article.Published {
 			return
 		}
 		articleAbsName := fmt.Sprint(c.ArticleDir, "/", article.ID, ".md")
 		contentBytes, err := os.ReadFile(articleAbsName)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		content, err := b.ConvertToHTML(string(contentBytes))
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		fmt.Fprint(w, content)
 	}
 }
--- a/cmd/calls/images.go
+++ b/cmd/calls/images.go
@ -0,0 +1,26 @@
 package calls
 import (
 	"log"
 	"net/http"
 	"path/filepath"
 	b "streifling.com/jason/cpolis/cmd/backend"
 )
 func ServeImage(c *b.Config, s *b.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		if !tokenIsVerified(w, r, c) {
 			return
 		}
 		absFilepath, err := filepath.Abs(c.PicsDir)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		http.ServeFile(w, r, absFilepath+"/"+r.PathValue("pic"))
 	}
 }
--- a/cmd/calls/pdf.go
+++ b/cmd/calls/pdf.go
@ -0,0 +1,48 @@
 package calls
 import (
 	"encoding/json"
 	"fmt"
 	"log"
 	"net/http"
 	"os"
 	b "streifling.com/jason/cpolis/cmd/backend"
 )
 func ServePDFList(c *b.Config) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		if !tokenIsVerified(w, r, c) {
 			return
 		}
 		files, err := os.ReadDir(c.PDFDir)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		fileNames := make([]string, 0)
 		for _, file := range files {
 			fileNames = append(fileNames, file.Name())
 		}
 		w.Header().Set("Content-Type", "application/json")
 		if err = json.NewEncoder(w).Encode(fileNames); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 	}
 }
 func ServePDF(c *b.Config) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		if !tokenIsVerified(w, r, c) {
 			return
 		}
 		http.ServeFile(w, r, fmt.Sprint(c.PDFDir, "/", r.PathValue("id")))
 	}
 }
--- a/cmd/calls/rss.go
+++ b/cmd/calls/rss.go
@ -0,0 +1,17 @@
 package calls
 import (
 	"net/http"
 	b "streifling.com/jason/cpolis/cmd/backend"
 )
 func ServeRSS(c *b.Config) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		if !tokenIsVerified(w, r, c) {
 			return
 		}
 		http.ServeFile(w, r, c.RSSFile)
 	}
 }
--- a/cmd/calls/verification.go
+++ b/cmd/calls/verification.go
@ -0,0 +1,34 @@
 package calls
 import (
 	"log"
 	"net/http"
 	b "streifling.com/jason/cpolis/cmd/backend"
 )
 // tokenIsVerified verifies that a request is authorized. It returns a bool.
 func tokenIsVerified(w http.ResponseWriter, r *http.Request, c *b.Config) bool {
 	idToken := r.Header.Get("Authorization")
 	if idToken == "" {
 		log.Println("Authorization header missing")
 		http.Error(w, "Authorization header missing", http.StatusUnauthorized)
 		return false
 	}
 	client, err := b.NewClient(c)
 	if err != nil {
 		log.Println(err)
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 		return false
 	}
 	_, err = client.Verify(idToken)
 	if err != nil {
 		log.Println(err)
 		http.Error(w, err.Error(), http.StatusUnauthorized)
 		return false
 	}
 	return true
 }
--- a/cmd/control/cli.go
+++ b/cmd/control/cli.go
@ -1,60 +0,0 @@
 package control
 import (
 	"flag"
 	"fmt"
 	"path/filepath"
 )
 type CliArgs struct {
 	DBName  string
 	KeyFile string
 	LogFile string
 	Port    string
 	PicsDir string
 	RSSFile string
 	WebDir  string
 }
 func HandleCliArgs() (*CliArgs, error) {
 	var err error
 	cliArgs := new(CliArgs)
 	keyFile := flag.String("key", "/var/www/cpolis/cpolis.key", "key file")
 	logFile := flag.String("log", "/var/log/cpolis.log", "log file")
 	picsDir := flag.String("pics", "/var/www/cpolis/pics", "pictures directory")
 	port := flag.Int("port", 8080, "port")
 	rssFile := flag.String("rss", "/var/www/cpolis/cpolis.rss", "RSS file")
 	webDir := flag.String("web", "/var/www/cpolis/web", "web directory")
 	flag.StringVar(&cliArgs.DBName, "db", "cpolis", "DB name")
 	flag.Parse()
 	cliArgs.KeyFile, err = filepath.Abs(*keyFile)
 	if err != nil {
 		return nil, fmt.Errorf("error finding absolute path for KeyFile: %v", err)
 	}
 	cliArgs.LogFile, err = filepath.Abs(*logFile)
 	if err != nil {
 		return nil, fmt.Errorf("error finding absolute path for LogFile: %v", err)
 	}
 	cliArgs.PicsDir, err = filepath.Abs(*picsDir)
 	if err != nil {
 		return nil, fmt.Errorf("error finding absolute path for PicsDir: %v", err)
 	}
 	cliArgs.Port = fmt.Sprint(":", *port)
 	cliArgs.RSSFile, err = filepath.Abs(*rssFile)
 	if err != nil {
 		return nil, fmt.Errorf("error finding absolute path for RSSFile: %v", err)
 	}
 	cliArgs.WebDir, err = filepath.Abs(*webDir)
 	if err != nil {
 		return nil, fmt.Errorf("error finding absolute path for WebDir: %v", err)
 	}
 	return cliArgs, nil
 }
--- a/cmd/frontend/articles.go
+++ b/cmd/frontend/articles.go
@ -0,0 +1,643 @@
 package frontend
 import (
 	"encoding/json"
 	"fmt"
 	"html/template"
 	"io"
 	"log"
 	"net/http"
 	"os"
 	"path/filepath"
 	"strconv"
 	"strings"
 	"time"
 	"github.com/google/uuid"
 	b "streifling.com/jason/cpolis/cmd/backend"
 )
 const (
 	EditMode = iota
 	PreviewMode
 )
 func WriteArticle(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		session, err := getSession(w, r, c, s)
 		if err != nil {
 			return
 		}
 		type editorHTMLData struct {
 			Title       string
 			Description string
 			Content     string
 			HTMLContent template.HTML
 			Tags        []*b.Tag
 			Mode        int
 		}
 		var data editorHTMLData
 		if session.Values["article"] == nil {
 			data = editorHTMLData{}
 		} else {
 			data = session.Values["article"].(editorHTMLData)
 		}
 		data.Mode = EditMode
 		data.Tags, err = db.GetTagList()
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/editor.html")
 		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", data)
 	}
 }
 func SubmitArticle(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		session, err := getSession(w, r, c, s)
 		if err != nil {
 			return
 		}
 		session.Values["article"] = nil
 		if err = session.Save(r, w); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		article := &b.Article{
 			Title:         r.PostFormValue("article-title"),
 			Description:   r.PostFormValue("article-description"),
 			Published:     false,
 			Rejected:      false,
 			AuthorID:      session.Values["id"].(int64),
 			IsInIssue:     r.PostFormValue("issue") == "on",
 			AutoGenerated: false,
 		}
 		article.ID, err = db.AddArticle(article)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		articleAbsName := fmt.Sprint(c.ArticleDir, "/", article.ID, ".md")
 		if err = os.WriteFile(articleAbsName, []byte(r.PostFormValue("article-content")), 0644); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		article.Link = fmt.Sprint(c.Domain, "/article/serve/", article.ID)
 		if err = db.UpdateAttributes(&b.Attribute{Table: "articles", ID: article.ID, AttName: "link", Value: article.Link}); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		r.ParseForm()
 		tags := make([]int64, 0)
 		for _, tag := range r.Form["tags"] {
 			tagID, err := strconv.ParseInt(tag, 10, 64)
 			if err != nil {
 				log.Println(err)
 				http.Error(w, err.Error(), http.StatusInternalServerError)
 				return
 			}
 			tags = append(tags, tagID)
 		}
 		if err = db.WriteArticleTags(article.ID, tags); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
 		tmpl = template.Must(tmpl, err)
 		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"])
 	}
 }
 func ResubmitArticle(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		session, err := getSession(w, r, c, s)
 		if err != nil {
 			return
 		}
 		id, err := strconv.ParseInt(r.PathValue("id"), 10, 64)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		title := r.PostFormValue("article-title")
 		description := r.PostFormValue("article-description")
 		content := r.PostFormValue("article-content")
 		link := fmt.Sprint(c.ArticleDir, "/", id, ".md")
 		if err = os.WriteFile(link, []byte(content), 0644); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		if err = db.UpdateAttributes(
 			&b.Attribute{Table: "articles", ID: id, AttName: "title", Value: title},
 			&b.Attribute{Table: "articles", ID: id, AttName: "description", Value: description},
 			&b.Attribute{Table: "articles", ID: id, AttName: "rejected", Value: false},
 			&b.Attribute{Table: "articles", ID: id, AttName: "is_in_issue", Value: r.PostFormValue("issue") == "on"},
 		); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		r.ParseForm()
 		tags := make([]int64, 0)
 		for _, tag := range r.Form["tags"] {
 			tagID, err := strconv.ParseInt(tag, 10, 64)
 			if err != nil {
 				log.Println(err)
 				http.Error(w, err.Error(), http.StatusInternalServerError)
 				return
 			}
 			tags = append(tags, tagID)
 		}
 		if err = db.UpdateArticleTags(id, tags); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
 		tmpl = template.Must(tmpl, err)
 		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"])
 	}
 }
 func ShowUnpublishedArticles(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		if _, err := getSession(w, r, c, s); err != nil {
 			return
 		}
 		unpublishedArticles, err := db.GetCertainArticles(false, false)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/unpublished-articles.html")
 		tmpl = template.Must(tmpl, err)
 		tmpl.ExecuteTemplate(w, "page-content", unpublishedArticles)
 	}
 }
 func ShowRejectedArticles(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		session, err := getSession(w, r, c, s)
 		if err != nil {
 			return
 		}
 		type htmlData struct {
 			MyIDs            map[int64]bool
 			RejectedArticles []*b.Article
 		}
 		data := new(htmlData)
 		data.RejectedArticles, err = db.GetCertainArticles(false, true)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		data.MyIDs = make(map[int64]bool)
 		for _, article := range data.RejectedArticles {
 			if article.AuthorID == session.Values["id"].(int64) {
 				data.MyIDs[article.ID] = true
 			}
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/rejected-articles.html")
 		tmpl = template.Must(tmpl, err)
 		tmpl.ExecuteTemplate(w, "page-content", data)
 	}
 }
 func ReviewUnpublishedArticle(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		if _, err := getSession(w, r, c, s); err != nil {
 			return
 		}
 		data := new(struct {
 			Article *b.Article
 			Content template.HTML
 			Tags    []*b.Tag
 		})
 		id, err := strconv.ParseInt(r.PathValue("id"), 10, 64)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		data.Article, err = db.GetArticle(id)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		articleAbsName := fmt.Sprint(c.ArticleDir, "/", data.Article.ID, ".md")
 		contentBytes, err := os.ReadFile(articleAbsName)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		content, err := b.ConvertToHTML(string(contentBytes))
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		data.Content = template.HTML(content)
 		data.Tags, err = db.GetArticleTags(data.Article.ID)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/to-be-published.html")
 		tmpl = template.Must(tmpl, err)
 		tmpl.ExecuteTemplate(w, "page-content", data)
 	}
 }
 func ReviewRejectedArticle(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		if _, err := getSession(w, r, c, s); err != nil {
 			return
 		}
 		data := new(struct {
 			Selected map[int64]bool
 			Article  *b.Article
 			Content  string
 			Tags     []*b.Tag
 		})
 		id, err := strconv.ParseInt(r.PathValue("id"), 10, 64)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		data.Article, err = db.GetArticle(id)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		articleAbsName := fmt.Sprint(c.ArticleDir, "/", data.Article.ID, ".md")
 		contentBytes, err := os.ReadFile(articleAbsName)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		data.Content = string(contentBytes)
 		data.Tags, err = db.GetTagList()
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		selectedTags, err := db.GetArticleTags(id)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		data.Selected = make(map[int64]bool)
 		for _, tag := range selectedTags {
 			data.Selected[tag.ID] = true
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/rework-article.html")
 		tmpl = template.Must(tmpl, err)
 		tmpl.ExecuteTemplate(w, "page-content", data)
 	}
 }
 func PublishArticle(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		session, err := getSession(w, r, c, s)
 		if err != nil {
 			return
 		}
 		id, err := strconv.ParseInt(r.PathValue("id"), 10, 64)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusBadRequest)
 			return
 		}
 		article, err := db.GetArticle(id)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		if err = db.AddArticleToCurrentIssue(article.ID); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		if err = db.UpdateAttributes(
 			&b.Attribute{Table: "articles", ID: id, AttName: "published", Value: true},
 			&b.Attribute{Table: "articles", ID: id, AttName: "rejected", Value: false},
 			&b.Attribute{Table: "articles", ID: id, AttName: "created", Value: time.Now().Format("2006-01-02 15:04:05")},
 		); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		feed, err := b.GenerateRSS(c, db)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		if err = b.SaveRSS(c.RSSFile, feed); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
 		tmpl = template.Must(tmpl, err)
 		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"])
 	}
 }
 func RejectArticle(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		session, err := getSession(w, r, c, s)
 		if err != nil {
 			return
 		}
 		id, err := strconv.ParseInt(r.PathValue("id"), 10, 64)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		if err = db.UpdateAttributes(
 			&b.Attribute{Table: "articles", ID: id, AttName: "rejected", Value: true},
 		); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
 		tmpl = template.Must(tmpl, err)
 		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"])
 	}
 }
 func ShowCurrentArticles(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		if _, err := getSession(w, r, c, s); err != nil {
 			return
 		}
 		articles, err := db.GetCurrentIssueArticles()
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/current-articles.html")
 		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", articles)
 	}
 }
 func UploadArticleImage(c *b.Config, s *b.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		if _, err := getSession(w, r, c, s); err != nil {
 			return
 		}
 		file, header, err := r.FormFile("article-image")
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusBadRequest)
 			return
 		}
 		defer file.Close()
 		nameStrings := strings.Split(header.Filename, ".")
 		extension := "." + nameStrings[len(nameStrings)-1]
 		filename := fmt.Sprint(uuid.New(), extension)
 		absFilepath, err := filepath.Abs(fmt.Sprint(c.PicsDir, "/", filename))
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		img, err := os.Create(absFilepath)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		defer img.Close()
 		if _, err = io.Copy(img, file); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		url := fmt.Sprint(c.Domain, "/image/serve/", filename)
 		w.Header().Set("Content-Type", "application/json")
 		json.NewEncoder(w).Encode(url)
 	}
 }
 func ShowPublishedArticles(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		if _, err := getSession(w, r, c, s); err != nil {
 			return
 		}
 		publishedArticles, err := db.GetCertainArticles(true, false)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		filteredArticles := make([]*b.Article, 0)
 		for _, article := range publishedArticles {
 			if !article.AutoGenerated {
 				filteredArticles = append(filteredArticles, article)
 			}
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/published-articles.html")
 		tmpl = template.Must(tmpl, err)
 		tmpl.ExecuteTemplate(w, "page-content", filteredArticles)
 	}
 }
 func ReviewArticleForDeletion(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		if _, err := getSession(w, r, c, s); err != nil {
 			return
 		}
 		type htmlData struct {
 			Title       string
 			Description string
 			Content     template.HTML
 			Tags        []*b.Tag
 			ID          int64
 		}
 		var err error
 		data := new(htmlData)
 		data.ID, err = strconv.ParseInt(r.PathValue("id"), 10, 64)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		article, err := db.GetArticle(data.ID)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		data.Title, err = b.ConvertToPlain(article.Title)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		data.Description, err = b.ConvertToPlain(article.Description)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		articleAbsName := fmt.Sprint(c.ArticleDir, "/", article.ID, ".md")
 		contentBytes, err := os.ReadFile(articleAbsName)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		content, err := b.ConvertToHTML(string(contentBytes))
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		data.Content = template.HTML(content)
 		data.Tags, err = db.GetArticleTags(data.ID)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/to-be-deleted.html")
 		tmpl = template.Must(tmpl, err)
 		tmpl.ExecuteTemplate(w, "page-content", data)
 	}
 }
 func DeleteArticle(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		session, err := getSession(w, r, c, s)
 		if err != nil {
 			return
 		}
 		id, err := strconv.ParseInt(r.PathValue("id"), 10, 64)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		if err = db.DeleteArticle(id); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		if err = os.Remove(fmt.Sprint(c.ArticleDir, "/", id, ".md")); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		feed, err := b.GenerateRSS(c, db)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		if err = b.SaveRSS(c.RSSFile, feed); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
 		tmpl = template.Must(tmpl, err)
 		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"].(int))
 	}
 }
--- a/cmd/frontend/editor.go
+++ b/cmd/frontend/editor.go
@ -1,31 +1,32 @@
-package view
+package frontend
 import (
 	"html/template"
 	"net/http"
-	"streifling.com/jason/cpolis/cmd/control"
+	b "streifling.com/jason/cpolis/cmd/backend"
 	"streifling.com/jason/cpolis/cmd/model"
 )
-func CreateTag(c *control.CliArgs) http.HandlerFunc {
+func CreateTag(c *b.Config, s *b.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		if _, err := getSession(w, r, c, s); err != nil {
 			return
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/add-tag.html")
 		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", nil)
 	}
 }
-func AddTag(c *control.CliArgs, db *model.DB, s *control.CookieStore) http.HandlerFunc {
+func AddTag(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
-		db.AddTag(r.PostFormValue("tag"))
+		session, err := getSession(w, r, c, s)
 		session, err := s.Get(r, "cookie")
 		if err != nil {
-			tmpl, err := template.ParseFiles(c.WebDir + "/templates/login.html")
+			return
 			msg := "Session nicht mehr gültig. Bitte erneut anmelden."
 			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg)
 		}
 		db.AddTag(r.PostFormValue("tag"))
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
 		tmpl = template.Must(tmpl, err)
 		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"])
--- a/cmd/frontend/issues.go
+++ b/cmd/frontend/issues.go
@ -0,0 +1,191 @@
 package frontend
 import (
 	"fmt"
 	"html/template"
 	"io"
 	"log"
 	"mime"
 	"net/http"
 	"os"
 	"path/filepath"
 	"strings"
 	"time"
 	"github.com/google/uuid"
 	b "streifling.com/jason/cpolis/cmd/backend"
 )
 func PublishLatestIssue(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		session, err := getSession(w, r, c, s)
 		if err != nil {
 			return
 		}
 		session.Values["article"] = nil
 		if err = session.Save(r, w); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		if session.Values["issue-image"] == nil {
 			err := "error: Image required"
 			log.Println(err)
 			http.Error(w, err, http.StatusBadRequest)
 			return
 		}
 		imgFileName := session.Values["issue-image"].(string)
 		imgAbsName := fmt.Sprint(c.PicsDir, "/", imgFileName)
 		imgFile, err := os.Open(imgAbsName)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		defer imgFile.Close()
 		imgInfo, err := imgFile.Stat()
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		imgSize := imgInfo.Size()
 		mimeType := mime.TypeByExtension(filepath.Ext(imgAbsName))
 		article := &b.Article{
 			Title:         r.PostFormValue("issue-title"),
 			EncURL:        fmt.Sprint(c.Domain, "/image/serve/", imgFileName),
 			EncLength:     int(imgSize),
 			EncType:       mimeType,
 			Published:     true,
 			Rejected:      false,
 			Created:       time.Now(),
 			AuthorID:      session.Values["id"].(int64),
 			AutoGenerated: true,
 		}
 		article.ID, err = db.AddArticle(article)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		articleAbsName := fmt.Sprint(c.ArticleDir, "/", article.ID, ".md")
 		if err = os.WriteFile(articleAbsName, []byte(r.PostFormValue("article-content")), 0644); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		article.Link = fmt.Sprint(c.Domain, "/article/serve/", article.ID)
 		if err = db.UpdateAttributes(&b.Attribute{Table: "articles", ID: article.ID, AttName: "link", Value: article.Link}); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		if err = db.UpdateAttributes(&b.Attribute{Table: "articles", ID: article.ID, AttName: "link", Value: article.Link}); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		if err = db.AddArticleToCurrentIssue(article.ID); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		if err := db.PublishLatestIssue(); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		feed, err := b.GenerateRSS(c, db)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		if err = b.SaveRSS(c.RSSFile, feed); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		session.Values["issue-image"] = nil
 		if err = session.Save(r, w); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
 		tmpl = template.Must(tmpl, err)
 		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"])
 	}
 }
 func UploadIssueImage(c *b.Config, s *b.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		session, err := getSession(w, r, c, s)
 		if err != nil {
 			return
 		}
 		if err := r.ParseMultipartForm(10 << 20); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusBadRequest)
 			return
 		}
 		file, header, err := r.FormFile("issue-image")
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		defer file.Close()
 		nameStrings := strings.Split(header.Filename, ".")
 		extension := "." + nameStrings[len(nameStrings)-1]
 		filename := fmt.Sprint(uuid.New(), extension)
 		absFilepath, err := filepath.Abs(fmt.Sprint(c.PicsDir, "/", filename))
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		img, err := os.Create(absFilepath)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		defer img.Close()
 		if _, err = io.Copy(img, file); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		session.Values["issue-image"] = filename
 		if err = session.Save(r, w); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		w.WriteHeader(http.StatusOK)
 	}
 }
--- a/cmd/frontend/pdf.go
+++ b/cmd/frontend/pdf.go
@ -0,0 +1,59 @@
 package frontend
 import (
 	"fmt"
 	"io"
 	"log"
 	"net/http"
 	"os"
 	"path/filepath"
 	"github.com/google/uuid"
 	b "streifling.com/jason/cpolis/cmd/backend"
 )
 func UploadPDF(c *b.Config, s *b.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		if _, err := getSession(w, r, c, s); err != nil {
 			return
 		}
 		if err := r.ParseMultipartForm(10 << 20); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusBadRequest)
 			return
 		}
 		file, _, err := r.FormFile("pdf-upload")
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		defer file.Close()
 		filename := fmt.Sprint(uuid.New(), ".pdf")
 		absFilepath, err := filepath.Abs(fmt.Sprint(c.PDFDir, "/", filename))
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		pdf, err := os.Create(absFilepath)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		defer pdf.Close()
 		if _, err = io.Copy(pdf, file); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		w.WriteHeader(http.StatusOK)
 	}
 }
--- a/cmd/frontend/sessions.go
+++ b/cmd/frontend/sessions.go
@ -1,4 +1,4 @@
-package view
+package frontend
 import (
 	"fmt"
@ -6,11 +6,10 @@ import (
 	"log"
 	"net/http"
-	"streifling.com/jason/cpolis/cmd/control"
+	b "streifling.com/jason/cpolis/cmd/backend"
 	"streifling.com/jason/cpolis/cmd/model"
 )
-func saveSession(w http.ResponseWriter, r *http.Request, s *control.CookieStore, u *model.User) error {
+func saveSession(w http.ResponseWriter, r *http.Request, s *b.CookieStore, u *b.User) error {
 	session, err := s.Get(r, "cookie")
 	if err != nil {
 		return fmt.Errorf("error getting session: %v", err)
@ -27,7 +26,7 @@ func saveSession(w http.ResponseWriter, r *http.Request, s *control.CookieStore,
 	return nil
 }
-func HomePage(c *control.CliArgs, db *model.DB, s *control.CookieStore) http.HandlerFunc {
+func HomePage(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		numRows, err := db.CountEntries("users")
 		if err != nil {
@ -36,7 +35,7 @@ func HomePage(c *control.CliArgs, db *model.DB, s *control.CookieStore) http.Han
 		files := []string{c.WebDir + "/templates/index.html"}
 		if numRows == 0 {
-			files = append(files, c.WebDir+"/templates/add-user.html")
+			files = append(files, c.WebDir+"/templates/first-user.html")
 			tmpl, err := template.ParseFiles(files...)
 			template.Must(tmpl, err).Execute(w, nil)
 		} else {
@ -54,14 +53,14 @@ func HomePage(c *control.CliArgs, db *model.DB, s *control.CookieStore) http.Han
 	}
 }
-func Login(c *control.CliArgs, db *model.DB, s *control.CookieStore) http.HandlerFunc {
+func Login(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		userName := r.PostFormValue("username")
 		password := r.PostFormValue("password")
 		id, ok := db.GetID(userName)
 		if !ok {
-			http.Error(w, fmt.Sprintf("no such user: %v", userName), http.StatusInternalServerError)
+			http.Error(w, fmt.Sprintf("no such user: %v", userName), http.StatusBadRequest)
 			return
 		}
@ -89,17 +88,14 @@ func Login(c *control.CliArgs, db *model.DB, s *control.CookieStore) http.Handle
 	}
 }
-func Logout(c *control.CliArgs, s *control.CookieStore) http.HandlerFunc {
+func Logout(c *b.Config, s *b.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
-		session, err := s.Get(r, "cookie")
+		session, err := getSession(w, r, c, s)
 		if err != nil {
-			tmpl, err := template.ParseFiles(c.WebDir + "/templates/login.html")
+			return
 			msg := "Session nicht mehr gültig. Bitte erneut anmelden."
 			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg)
 		}
 		session.Options.MaxAge = -1
 		if err = session.Save(r, w); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
@ -110,3 +106,22 @@ func Logout(c *control.CliArgs, s *control.CookieStore) http.HandlerFunc {
 		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", nil)
 	}
 }
 func ShowHub(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		session, err := getSession(w, r, c, s)
 		if err != nil {
 			return
 		}
 		session.Values["article"] = nil
 		if err = session.Save(r, w); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
 		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", session.Values["role"].(int))
 	}
 }
--- a/cmd/frontend/users.go
+++ b/cmd/frontend/users.go
@ -0,0 +1,430 @@
 package frontend
 import (
 	"fmt"
 	"html/template"
 	"log"
 	"net/http"
 	"strconv"
 	b "streifling.com/jason/cpolis/cmd/backend"
 )
 type UserData struct {
 	*b.User
 	Msg string
 }
 func checkUserStrings(user *b.User) (string, int, bool) {
 	userLen := 15
 	nameLen := 50
 	if len(user.UserName) > userLen {
 		return "Benutzername", userLen, false
 	} else if len(user.FirstName) > nameLen {
 		return "Vorname", nameLen, false
 	} else if len(user.LastName) > nameLen {
 		return "Nachname", nameLen, false
 	} else {
 		return "", 0, true
 	}
 }
 func CreateUser(c *b.Config, s *b.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		if _, err := getSession(w, r, c, s); err != nil {
 			return
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/add-user.html")
 		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", nil)
 	}
 }
 func AddUser(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		session, err := getSession(w, r, c, s)
 		if err != nil {
 			return
 		}
 		role, err := strconv.Atoi(r.PostFormValue("role"))
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		htmlData := UserData{
 			User: &b.User{
 				UserName:  r.PostFormValue("username"),
 				FirstName: r.PostFormValue("first-name"),
 				LastName:  r.PostFormValue("last-name"),
 				Role:      role,
 			},
 		}
 		pass := r.PostFormValue("password")
 		pass2 := r.PostFormValue("password2")
 		if len(htmlData.UserName) == 0 || len(htmlData.FirstName) == 0 ||
 			len(htmlData.LastName) == 0 || len(pass) == 0 || len(pass2) == 0 {
 			htmlData.Msg = "Alle Felder müssen ausgefüllt werden."
 			tmpl, err := template.ParseFiles(c.WebDir + "/templates/add-user.html")
 			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", htmlData)
 			return
 		}
 		userString, stringLen, ok := checkUserStrings(htmlData.User)
 		if !ok {
 			htmlData.Msg = fmt.Sprint(userString, " ist zu lang. Maximal ",
 				stringLen, " Zeichen erlaubt.")
 			tmpl, err := template.ParseFiles(c.WebDir + "/templates/add-user.html")
 			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", htmlData)
 			return
 		}
 		id, _ := db.GetID(htmlData.UserName)
 		if id != 0 {
 			htmlData.Msg = fmt.Sprint(htmlData.UserName,
 				" ist bereits vergeben. Bitte anderen Benutzernamen wählen.")
 			tmpl, err := template.ParseFiles(c.WebDir + "/templates/add-user.html")
 			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", htmlData)
 			return
 		}
 		if pass != pass2 {
 			htmlData.Msg = "Die Passwörter stimmen nicht überein."
 			tmpl, err := template.ParseFiles(c.WebDir + "/templates/add-user.html")
 			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", htmlData)
 			return
 		}
 		_, err = db.AddUser(htmlData.User, pass)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
 		tmpl = template.Must(tmpl, err)
 		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"].(int))
 	}
 }
 func EditSelf(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		session, err := getSession(w, r, c, s)
 		if err != nil {
 			return
 		}
 		user, err := db.GetUser(session.Values["id"].(int64))
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/edit-self.html")
 		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", user)
 	}
 }
 func UpdateSelf(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		session, err := getSession(w, r, c, s)
 		if err != nil {
 			return
 		}
 		userData := UserData{
 			User: &b.User{
 				ID:        session.Values["id"].(int64),
 				UserName:  r.PostFormValue("username"),
 				FirstName: r.PostFormValue("first-name"),
 				LastName:  r.PostFormValue("last-name"),
 			},
 		}
 		oldPass := r.PostFormValue("old-password")
 		newPass := r.PostFormValue("password")
 		newPass2 := r.PostFormValue("password2")
 		if len(userData.UserName) == 0 || len(userData.FirstName) == 0 ||
 			len(userData.LastName) == 0 {
 			userData.Msg = "Alle Felder mit * müssen ausgefüllt sein."
 			tmpl, err := template.ParseFiles(c.WebDir + "/templates/edit-user.html")
 			tmpl = template.Must(tmpl, err)
 			tmpl.ExecuteTemplate(w, "page-content", userData.Msg)
 			return
 		}
 		userString, stringLen, ok := checkUserStrings(userData.User)
 		if !ok {
 			userData.Msg = fmt.Sprint(userString, " ist zu lang. Maximal ",
 				stringLen, " Zeichen erlaubt.")
 			tmpl, err := template.ParseFiles(c.WebDir + "/templates/edit-user.html")
 			tmpl = template.Must(tmpl, err)
 			tmpl.ExecuteTemplate(w, "page-content", userData)
 			return
 		}
 		if id, ok := db.GetID(userData.UserName); ok {
 			if id != userData.ID {
 				userData.Msg = "Benutzername bereits vergeben."
 				userData.UserName = ""
 				tmpl, err := template.ParseFiles(c.WebDir + "/templates/edit-user.html")
 				tmpl = template.Must(tmpl, err)
 				tmpl.ExecuteTemplate(w, "page-content", userData)
 				return
 			}
 		}
 		if err = db.UpdateOwnAttributes(
 			userData.ID,
 			userData.UserName,
 			userData.FirstName,
 			userData.LastName,
 			oldPass,
 			newPass,
 			newPass2); err != nil {
 			userData.Msg = "Aktualisierung der Benutzerdaten fehlgeschlagen."
 			tmpl, err := template.ParseFiles(c.WebDir + "/templates/edit-user.html")
 			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", userData)
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
 		tmpl = template.Must(tmpl, err)
 		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"].(int))
 	}
 }
 func AddFirstUser(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		var err error
 		htmlData := UserData{
 			User: &b.User{
 				UserName:  r.PostFormValue("username"),
 				FirstName: r.PostFormValue("first-name"),
 				LastName:  r.PostFormValue("last-name"),
 				Role:      b.Admin,
 			},
 		}
 		pass := r.PostFormValue("password")
 		pass2 := r.PostFormValue("password2")
 		if len(htmlData.UserName) == 0 || len(htmlData.FirstName) == 0 ||
 			len(htmlData.LastName) == 0 || len(pass) == 0 || len(pass2) == 0 {
 			htmlData.Msg = "Alle Felder müssen ausgefüllt werden."
 			tmpl, err := template.ParseFiles(c.WebDir + "/templates/add-user.html")
 			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", htmlData)
 			return
 		}
 		userString, stringLen, ok := checkUserStrings(htmlData.User)
 		if !ok {
 			htmlData.Msg = fmt.Sprint(userString, " ist zu lang. Maximal ",
 				stringLen, " Zeichen erlaubt.")
 			tmpl, err := template.ParseFiles(c.WebDir + "/templates/add-user.html")
 			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", htmlData)
 			return
 		}
 		id, _ := db.GetID(htmlData.UserName)
 		if id != 0 {
 			htmlData.Msg = fmt.Sprint(htmlData.UserName,
 				" ist bereits vergeben. Bitte anderen Benutzernamen wählen.")
 			tmpl, err := template.ParseFiles(c.WebDir + "/templates/add-user.html")
 			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", htmlData)
 			return
 		}
 		if pass != pass2 {
 			htmlData.Msg = "Die Passwörter stimmen nicht überein."
 			tmpl, err := template.ParseFiles(c.WebDir + "/templates/add-user.html")
 			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", htmlData)
 			return
 		}
 		htmlData.ID, err = db.AddFirstUser(htmlData.User, pass)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		if htmlData.ID > 1 {
 			errString := "error: there is already a first user"
 			log.Println(errString)
 			http.Error(w, errString, http.StatusInternalServerError)
 			return
 		}
 		if err := saveSession(w, r, s, htmlData.User); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		if _, err := db.AddIssue(); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
 		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", 0)
 	}
 }
 func ShowAllUsers(c *b.Config, db *b.DB, s *b.CookieStore, action string) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		session, err := getSession(w, r, c, s)
 		if err != nil {
 			return
 		}
 		type htmlData struct {
 			Users  map[int64]*b.User
 			Action string
 		}
 		data := &htmlData{Action: action}
 		data.Users, err = db.GetAllUsers()
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		delete(data.Users, session.Values["id"].(int64))
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/show-all-users.html")
 		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", data)
 	}
 }
 func EditUser(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		if _, err := getSession(w, r, c, s); err != nil {
 			return
 		}
 		id, err := strconv.ParseInt(r.PathValue("id"), 10, 64)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		user, err := db.GetUser(id)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/edit-user.html")
 		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", user)
 	}
 }
 func UpdateUser(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		session, err := getSession(w, r, c, s)
 		if err != nil {
 			return
 		}
 		id, err := strconv.ParseInt(r.PathValue("id"), 10, 64)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		role, err := strconv.Atoi(r.PostFormValue("role"))
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		userData := UserData{
 			User: &b.User{
 				ID:        id,
 				UserName:  r.PostFormValue("username"),
 				FirstName: r.PostFormValue("first-name"),
 				LastName:  r.PostFormValue("last-name"),
 				Role:      role,
 			},
 		}
 		newPass := r.PostFormValue("password")
 		newPass2 := r.PostFormValue("password2")
 		if len(userData.UserName) == 0 || len(userData.FirstName) == 0 ||
 			len(userData.LastName) == 0 {
 			userData.Msg = "Alle Felder mit * müssen ausgefüllt sein."
 			tmpl, err := template.ParseFiles(c.WebDir + "/templates/edit-user.html")
 			tmpl = template.Must(tmpl, err)
 			tmpl.ExecuteTemplate(w, "page-content", userData.Msg)
 			return
 		}
 		userString, stringLen, ok := checkUserStrings(userData.User)
 		if !ok {
 			userData.Msg = fmt.Sprint(userString, " ist zu lang. Maximal ",
 				stringLen, " Zeichen erlaubt.")
 			tmpl, err := template.ParseFiles(c.WebDir + "/templates/edit-user.html")
 			tmpl = template.Must(tmpl, err)
 			tmpl.ExecuteTemplate(w, "page-content", userData)
 			return
 		}
 		if id, ok := db.GetID(userData.UserName); ok {
 			if id != userData.ID {
 				userData.Msg = "Benutzername bereits vergeben."
 				userData.UserName = ""
 				tmpl, err := template.ParseFiles(c.WebDir + "/templates/edit-user.html")
 				tmpl = template.Must(tmpl, err)
 				tmpl.ExecuteTemplate(w, "page-content", userData)
 				return
 			}
 		}
 		if err = db.UpdateUserAttributes(
 			userData.ID,
 			userData.UserName,
 			userData.FirstName,
 			userData.LastName,
 			newPass,
 			newPass2,
 			userData.Role); err != nil {
 			userData.Msg = "Aktualisierung der Benutzerdaten fehlgeschlagen."
 			tmpl, err := template.ParseFiles(c.WebDir + "/templates/edit-user.html")
 			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", userData)
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
 		tmpl = template.Must(tmpl, err)
 		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"].(int))
 	}
 }
 func DeleteUser(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		session, err := getSession(w, r, c, s)
 		if err != nil {
 			return
 		}
 		id, err := strconv.ParseInt(r.PathValue("id"), 10, 64)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		if err = db.DeleteUser(id); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
 		tmpl = template.Must(tmpl, err)
 		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"].(int))
 	}
 }
--- a/cmd/frontend/verification.go
+++ b/cmd/frontend/verification.go
@ -0,0 +1,29 @@
 package frontend
 import (
 	"errors"
 	"html/template"
 	"net/http"
 	"github.com/gorilla/sessions"
 	b "streifling.com/jason/cpolis/cmd/backend"
 )
 // getSession is used for verifying that the user is logged in and returns their session and an error.
 func getSession(w http.ResponseWriter, r *http.Request, c *b.Config, s *b.CookieStore) (*sessions.Session, error) {
 	msg := "Keine gültige Session. Bitte erneut anmelden."
 	tmpl, tmplErr := template.ParseFiles(c.WebDir+"/templates/index.html", c.WebDir+"/templates/login.html")
 	session, err := s.Get(r, "cookie")
 	if err != nil {
 		template.Must(tmpl, tmplErr).ExecuteTemplate(w, "page-content", msg)
 		return nil, err
 	}
 	if session.IsNew {
 		template.Must(tmpl, tmplErr).ExecuteTemplate(w, "page-content", msg)
 		return session, errors.New("error: no existing session")
 	}
 	return session, nil
 }
--- a/cmd/main.go
+++ b/cmd/main.go
@ -6,77 +6,87 @@ import (
 	"net/http"
 	"os"
-	"streifling.com/jason/cpolis/cmd/control"
+	b "streifling.com/jason/cpolis/cmd/backend"
-	"streifling.com/jason/cpolis/cmd/model"
+	c "streifling.com/jason/cpolis/cmd/calls"
-	"streifling.com/jason/cpolis/cmd/view"
+	f "streifling.com/jason/cpolis/cmd/frontend"
 )
 func init() {
-	gob.Register(model.User{})
+	gob.Register(b.User{})
 }
 func main() {
-	args, err := control.HandleCliArgs()
+	config, err := b.HandleConfig()
 	if err != nil {
 		log.Fatalln(err)
 	}
-	logFile, err := os.OpenFile(args.LogFile, os.O_WRONLY|os.O_CREATE|os.O_APPEND, 0644)
+	logFile, err := os.OpenFile(config.LogFile, os.O_WRONLY|os.O_CREATE|os.O_APPEND, 0644)
 	if err != nil {
 		log.Fatalln(err)
 	}
 	defer logFile.Close()
 	log.SetOutput(logFile)
-	db, err := model.OpenDB(args.DBName)
+	db, err := b.OpenDB(config.DBName)
 	if err != nil {
 		log.Fatalln(err)
 	}
 	defer db.Close()
-	key, err := control.LoadKey(args.KeyFile)
+	key, err := b.LoadKey(config.KeyFile)
 	if err != nil {
-		key, err = control.NewKey()
+		key, err = b.NewKey()
 		if err != nil {
 			log.Fatalln(err)
 		}
-		control.SaveKey(key, args.KeyFile)
+		b.SaveKey(key, config.KeyFile)
 	}
-	store := control.NewCookieStore(key)
+	store := b.NewCookieStore(key)
 	mux := http.NewServeMux()
 	mux.Handle("/web/static/", http.StripPrefix("/web/static/",
-		http.FileServer(http.Dir(args.WebDir+"/static/"))))
+		http.FileServer(http.Dir(config.WebDir+"/static/"))))
-	mux.HandleFunc("/", view.HomePage(args, db, store))
+	mux.HandleFunc("/", f.HomePage(config, db, store))
-	mux.HandleFunc("GET /create-tag/", view.CreateTag(args))
+	mux.HandleFunc("GET /article/all-published", f.ShowPublishedArticles(config, db, store))
-	mux.HandleFunc("GET /create-user/", view.CreateUser(args))
+	mux.HandleFunc("GET /article/all-rejected", f.ShowRejectedArticles(config, db, store))
-	mux.HandleFunc("GET /edit-user/", view.EditUser(args, db, store))
+	mux.HandleFunc("GET /article/all-unpublished", f.ShowUnpublishedArticles(config, db, store))
-	mux.HandleFunc("GET /hub/", view.ShowHub(args, db, store))
+	mux.HandleFunc("GET /article/delete/{id}", f.DeleteArticle(config, db, store))
-	mux.HandleFunc("GET /logout/", view.Logout(args, store))
+	mux.HandleFunc("GET /article/publish/{id}", f.PublishArticle(config, db, store))
-	mux.HandleFunc("GET /publish-issue/", view.PublishLatestIssue(args, db, store))
+	mux.HandleFunc("GET /article/reject/{id}", f.RejectArticle(config, db, store))
-	mux.HandleFunc("GET /rejected-articles/", view.ShowRejectedArticles(args, db, store))
+	mux.HandleFunc("GET /article/review-deletion/{id}", f.ReviewArticleForDeletion(config, db, store))
-	mux.HandleFunc("GET /rss/", view.ShowRSS(args,
+	mux.HandleFunc("GET /article/review-rejected/{id}", f.ReviewRejectedArticle(config, db, store))
-		db,
+	mux.HandleFunc("GET /article/review-unpublished/{id}", f.ReviewUnpublishedArticle(config, db, store))
-		"Freimaurer Distrikt Niedersachsen und Sachsen-Anhalt",
+	mux.HandleFunc("GET /article/serve/{id}", c.ServeArticle(config, db))
-		"https://distrikt-ni-st.de",
+	mux.HandleFunc("GET /article/write", f.WriteArticle(config, db, store))
-		"Freiheit, Gleichheit, Brüderlichkeit, Toleranz und Humanität",
+	mux.HandleFunc("GET /hub", f.ShowHub(config, db, store))
-	))
+	mux.HandleFunc("GET /image/serve/{pic}", c.ServeImage(config, store))
-	mux.HandleFunc("GET /this-issue/", view.ShowCurrentArticles(args, db))
+	mux.HandleFunc("GET /issue/this", f.ShowCurrentArticles(config, db, store))
-	mux.HandleFunc("GET /unpublished-articles/", view.ShowUnpublishedArticles(args, db))
+	mux.HandleFunc("GET /logout", f.Logout(config, store))
-	mux.HandleFunc("GET /write-article/", view.WriteArticle(args, db))
+	mux.HandleFunc("GET /pdf/get-list", c.ServePDFList(config))
 	mux.HandleFunc("GET /pdf/serve/{id}", c.ServePDF(config))
 	mux.HandleFunc("GET /rss/serve", c.ServeRSS(config))
 	mux.HandleFunc("GET /tag/create", f.CreateTag(config, store))
 	mux.HandleFunc("GET /user/create", f.CreateUser(config, store))
 	mux.HandleFunc("GET /user/delete/{id}", f.DeleteUser(config, db, store))
 	mux.HandleFunc("GET /user/edit/{id}", f.EditUser(config, db, store))
 	mux.HandleFunc("GET /user/edit/self", f.EditSelf(config, db, store))
 	mux.HandleFunc("GET /user/show-all/delete", f.ShowAllUsers(config, db, store, "delete"))
 	mux.HandleFunc("GET /user/show-all/edit", f.ShowAllUsers(config, db, store, "edit"))
-	mux.HandleFunc("POST /add-tag/", view.AddTag(args, db, store))
+	mux.HandleFunc("POST /article/resubmit/{id}", f.ResubmitArticle(config, db, store))
-	mux.HandleFunc("POST /add-user/", view.AddUser(args, db, store))
+	mux.HandleFunc("POST /article/submit", f.SubmitArticle(config, db, store))
-	mux.HandleFunc("POST /login/", view.Login(args, db, store))
+	mux.HandleFunc("POST /article/upload-image", f.UploadArticleImage(config, store))
-	mux.HandleFunc("POST /publish-article/", view.PublishArticle(args, db, store))
+	mux.HandleFunc("POST /issue/publish", f.PublishLatestIssue(config, db, store))
-	mux.HandleFunc("POST /reject-article/", view.RejectArticle(args, db, store))
+	mux.HandleFunc("POST /issue/upload-image", f.UploadIssueImage(config, store))
-	mux.HandleFunc("POST /resubmit-article/", view.ResubmitArticle(args, db, store))
+	mux.HandleFunc("POST /login", f.Login(config, db, store))
-	mux.HandleFunc("POST /review-rejected-article/", view.ReviewRejectedArticle(args, db, store))
+	mux.HandleFunc("POST /pdf/upload", f.UploadPDF(config, store))
-	mux.HandleFunc("POST /review-unpublished-article/", view.ReviewUnpublishedArticle(args, db, store))
+	mux.HandleFunc("POST /tag/add", f.AddTag(config, db, store))
-	mux.HandleFunc("POST /submit-article/", view.SubmitArticle(args, db, store))
+	mux.HandleFunc("POST /user/add", f.AddUser(config, db, store))
-	mux.HandleFunc("POST /update-user/", view.UpdateUser(args, db, store))
+	mux.HandleFunc("POST /user/add-first", f.AddFirstUser(config, db, store))
-	mux.HandleFunc("POST /upload-image/", view.UploadImage(args))
+	mux.HandleFunc("POST /user/update/{id}", f.UpdateUser(config, db, store))
 	mux.HandleFunc("POST /user/update/self", f.UpdateSelf(config, db, store))
-	log.Fatalln(http.ListenAndServe(args.Port, mux))
+	log.Fatalln(http.ListenAndServe(config.Port, mux))
 }
--- a/cmd/model/users.go
+++ b/cmd/model/users.go
@ -1,200 +0,0 @@
 package model
 import (
 	"fmt"
 	"log"
 	"golang.org/x/crypto/bcrypt"
 )
 const (
 	Admin = iota
 	Publisher
 	Editor
 	Author
 )
 type User struct {
 	UserName  string
 	FirstName string
 	LastName  string
 	ID        int64
 	Role      int
 }
 func (db *DB) AddUser(u *User, pass string) (int64, error) {
 	hashedPass, err := bcrypt.GenerateFromPassword([]byte(pass), bcrypt.DefaultCost)
 	if err != nil {
 		return 0, fmt.Errorf("error creating password hash: %v", err)
 	}
 	query := `
    INSERT INTO users (username, password, first_name, last_name, role)
    VALUES (?, ?, ?, ?, ?)
    `
 	result, err := db.Exec(query, u.UserName, string(hashedPass), u.FirstName, u.LastName, u.Role)
 	if err != nil {
 		return 0, fmt.Errorf("error inserting new user %v into DB: %v", u.UserName, err)
 	}
 	id, err := result.LastInsertId()
 	if err != nil {
 		return 0, fmt.Errorf("error inserting user into DB: %v", err)
 	}
 	return id, nil
 }
 func (db *DB) GetID(userName string) (int64, bool) {
 	var id int64
 	query := `
    SELECT id
    FROM users
    WHERE username = ?
    `
 	row := db.QueryRow(query, userName)
 	if err := row.Scan(&id); err != nil {
 		return 0, false
 	}
 	return id, true
 }
 func (db *DB) CheckPassword(id int64, pass string) error {
 	var queriedPass string
 	query := `
    SELECT password
    FROM users
    WHERE id = ?
    `
 	row := db.QueryRow(query, id)
 	if err := row.Scan(&queriedPass); err != nil {
 		return fmt.Errorf("error reading password from DB: %v", err)
 	}
 	if err := bcrypt.CompareHashAndPassword([]byte(queriedPass), []byte(pass)); err != nil {
 		return fmt.Errorf("incorrect password: %v", err)
 	}
 	return nil
 }
 func (tx *Tx) ChangePassword(id int64, oldPass, newPass string) error {
 	var queriedPass string
 	getQuery := `
    SELECT password
    FROM users
    WHERE id = ?
    `
 	row := tx.QueryRow(getQuery, id)
 	if err := row.Scan(&queriedPass); err != nil {
 		if rollbackErr := tx.Rollback(); rollbackErr != nil {
 			log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
 		}
 		return fmt.Errorf("error reading password from DB: %v", err)
 	}
 	if err := bcrypt.CompareHashAndPassword([]byte(queriedPass), []byte(oldPass)); err != nil {
 		if rollbackErr := tx.Rollback(); rollbackErr != nil {
 			log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
 		}
 		return fmt.Errorf("incorrect password: %v", err)
 	}
 	newHashedPass, err := bcrypt.GenerateFromPassword([]byte(newPass), bcrypt.DefaultCost)
 	if err != nil {
 		if rollbackErr := tx.Rollback(); rollbackErr != nil {
 			log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
 		}
 		return fmt.Errorf("error creating password hash: %v", err)
 	}
 	setQuery := `
    UPDATE users
    SET password = ?
    WHERE id = ?
    `
 	if _, err = tx.Exec(setQuery, string(newHashedPass), id); err != nil {
 		if rollbackErr := tx.Rollback(); rollbackErr != nil {
 			log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
 		}
 		return fmt.Errorf("error updating password in DB: %v", err)
 	}
 	return nil
 }
 // TODO: No need for ID field in general
 func (db *DB) GetUser(id int64) (*User, error) {
 	user := new(User)
 	query := `
    SELECT id, username, first_name, last_name, role
    FROM users
    WHERE id = ?
    `
 	row := db.QueryRow(query, id)
 	if err := row.Scan(&user.ID, &user.UserName, &user.FirstName,
 		&user.LastName, &user.Role); err != nil {
 		return nil, fmt.Errorf("error reading user information: %v", err)
 	}
 	return user, nil
 }
 func (db *DB) UpdateUserAttributes(id int64, user, first, last, oldPass, newPass, newPass2 string) error {
 	passwordEmpty := true
 	if len(newPass) > 0 || len(newPass2) > 0 {
 		if newPass != newPass2 {
 			return fmt.Errorf("error: passwords do not match")
 		}
 		passwordEmpty = false
 	}
 	tx := new(Tx)
 	var err error
 	for i := 0; i < TxMaxRetries; i++ {
 		err := func() error {
 			tx.Tx, err = db.Begin()
 			if err != nil {
 				return fmt.Errorf("error starting transaction: %v", err)
 			}
 			if !passwordEmpty {
 				if err = tx.ChangePassword(id, oldPass, newPass); err != nil {
 					if rollbackErr := tx.Rollback(); rollbackErr != nil {
 						log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
 					}
 					return fmt.Errorf("error changing password: %v", err)
 				}
 			}
 			if err = tx.UpdateAttributes(
 				&Attribute{Table: "users", ID: id, AttName: "username", Value: user},
 				&Attribute{Table: "users", ID: id, AttName: "first_name", Value: first},
 				&Attribute{Table: "users", ID: id, AttName: "last_name", Value: last},
 			); err != nil {
 				if rollbackErr := tx.Rollback(); rollbackErr != nil {
 					log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
 				}
 				return fmt.Errorf("error updating attributes in DB: %v", err)
 			}
 			if err = tx.Commit(); err != nil {
 				return fmt.Errorf("error committing transaction: %v", err)
 			}
 			return nil
 		}()
 		if err == nil {
 			return nil
 		}
 		log.Println(err)
 		wait(i)
 	}
 	return fmt.Errorf("error: %v unsuccessful retries for DB operation, aborting", TxMaxRetries)
 }
--- a/cmd/view/articles.go
+++ b/cmd/view/articles.go
@ -1,406 +0,0 @@
 package view
 import (
 	"fmt"
 	"html/template"
 	"io"
 	"log"
 	"net/http"
 	"os"
 	"strconv"
 	"time"
 	"streifling.com/jason/cpolis/cmd/control"
 	"streifling.com/jason/cpolis/cmd/model"
 )
 func ShowHub(c *control.CliArgs, db *model.DB, s *control.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		session, err := s.Get(r, "cookie")
 		if err != nil {
 			tmpl, err := template.ParseFiles(c.WebDir + "/templates/login.html")
 			msg := "Session nicht mehr gültig. Bitte erneut anmelden."
 			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg)
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
 		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", session.Values["role"].(int))
 	}
 }
 func WriteArticle(c *control.CliArgs, db *model.DB) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		tags, err := db.GetTagList()
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/editor.html")
 		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", tags)
 	}
 }
 func SubmitArticle(c *control.CliArgs, db *model.DB, s *control.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		session, err := s.Get(r, "cookie")
 		if err != nil {
 			tmpl, err := template.ParseFiles(c.WebDir + "/templates/login.html")
 			msg := "Session nicht mehr gültig. Bitte erneut anmelden."
 			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg)
 		}
 		article := &model.Article{
 			Title:       r.PostFormValue("article-title"),
 			Description: r.PostFormValue("article-description"),
 			Content:     r.PostFormValue("article-content"),
 			Published:   false,
 			Rejected:    false,
 			AuthorID:    session.Values["id"].(int64),
 		}
 		article.ID, err = db.AddArticle(article)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		r.ParseForm()
 		tags := make([]int64, 0)
 		for _, tag := range r.Form["tags"] {
 			tagID, err := strconv.ParseInt(tag, 10, 64)
 			if err != nil {
 				log.Println(err)
 				http.Error(w, err.Error(), http.StatusInternalServerError)
 				return
 			}
 			tags = append(tags, tagID)
 		}
 		if err = db.WriteArticleTags(article.ID, tags); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
 		tmpl = template.Must(tmpl, err)
 		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"])
 	}
 }
 func ResubmitArticle(c *control.CliArgs, db *model.DB, s *control.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		id, err := strconv.ParseInt(r.PostFormValue("article-id"), 10, 64)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		title := r.PostFormValue("article-title")
 		description := r.PostFormValue("article-description")
 		content := r.PostFormValue("article-content")
 		if err = db.UpdateAttributes(
 			&model.Attribute{Table: "articles", ID: id, AttName: "title", Value: title},
 			&model.Attribute{Table: "articles", ID: id, AttName: "description", Value: description},
 			&model.Attribute{Table: "articles", ID: id, AttName: "content", Value: content},
 			&model.Attribute{Table: "articles", ID: id, AttName: "rejected", Value: false},
 		); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		r.ParseForm()
 		tags := make([]int64, 0)
 		for _, tag := range r.Form["tags"] {
 			tagID, err := strconv.ParseInt(tag, 10, 64)
 			if err != nil {
 				log.Println(err)
 				http.Error(w, err.Error(), http.StatusInternalServerError)
 				return
 			}
 			tags = append(tags, tagID)
 		}
 		if err = db.UpdateArticleTags(id, tags); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		session, err := s.Get(r, "cookie")
 		if err != nil {
 			tmpl, err := template.ParseFiles(c.WebDir + "/templates/login.html")
 			msg := "Session nicht mehr gültig. Bitte erneut anmelden."
 			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg)
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
 		tmpl = template.Must(tmpl, err)
 		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"])
 	}
 }
 func ShowUnpublishedArticles(c *control.CliArgs, db *model.DB) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		unpublishedArticles, err := db.GetCertainArticles(false, false)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/unpublished-articles.html")
 		tmpl = template.Must(tmpl, err)
 		tmpl.ExecuteTemplate(w, "page-content", unpublishedArticles)
 	}
 }
 func ShowRejectedArticles(c *control.CliArgs, db *model.DB, s *control.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		type htmlData struct {
 			MyIDs            map[int64]bool
 			RejectedArticles []*model.Article
 		}
 		data := new(htmlData)
 		session, err := s.Get(r, "cookie")
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		data.RejectedArticles, err = db.GetCertainArticles(false, true)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		data.MyIDs = make(map[int64]bool)
 		for _, article := range data.RejectedArticles {
 			if article.AuthorID == session.Values["id"].(int64) {
 				data.MyIDs[article.ID] = true
 			}
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/rejected-articles.html")
 		tmpl = template.Must(tmpl, err)
 		tmpl.ExecuteTemplate(w, "page-content", data)
 	}
 }
 func ReviewUnpublishedArticle(c *control.CliArgs, db *model.DB, s *control.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		type htmlData struct {
 			Article *model.Article
 			Tags    []*model.Tag
 		}
 		data := new(htmlData)
 		id, err := strconv.ParseInt(r.PostFormValue("id"), 10, 64)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		data.Article, err = db.GetArticle(id)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		data.Tags, err = db.GetArticleTags(id)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/to-be-published.html")
 		tmpl = template.Must(tmpl, err)
 		tmpl.ExecuteTemplate(w, "page-content", data)
 	}
 }
 func ReviewRejectedArticle(c *control.CliArgs, db *model.DB, s *control.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		type htmlData struct {
 			Selected map[int64]bool
 			Article  *model.Article
 			Tags     []*model.Tag
 		}
 		data := new(htmlData)
 		id, err := strconv.ParseInt(r.PostFormValue("id"), 10, 64)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		data.Article, err = db.GetArticle(id)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		data.Tags, err = db.GetTagList()
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		selectedTags, err := db.GetArticleTags(id)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		data.Selected = make(map[int64]bool)
 		for _, tag := range selectedTags {
 			data.Selected[tag.ID] = true
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/rework-article.html")
 		tmpl = template.Must(tmpl, err)
 		tmpl.ExecuteTemplate(w, "page-content", data)
 	}
 }
 func PublishArticle(c *control.CliArgs, db *model.DB, s *control.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		id, err := strconv.ParseInt(r.PostFormValue("id"), 10, 64)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		session, err := s.Get(r, "cookie")
 		if err != nil {
 			tmpl, err := template.ParseFiles(c.WebDir + "/templates/login.html")
 			msg := "Session nicht mehr gültig. Bitte erneut anmelden."
 			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg)
 		}
 		if err = db.AddArticleToCurrentIssue(id); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		if err = db.UpdateAttributes(
 			&model.Attribute{Table: "articles", ID: id, AttName: "published", Value: true},
 			&model.Attribute{Table: "articles", ID: id, AttName: "rejected", Value: false},
 			&model.Attribute{Table: "articles", ID: id, AttName: "created", Value: time.Now().Format("2006-01-02 15:04:05")},
 		); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		feed, err := control.GenerateRSS(
 			db,
 			"Freimaurer Distrikt Niedersachsen und Sachsen-Anhalt",
 			"https://distrikt-ni-st.de",
 			"Freiheit, Gleichheit, Brüderlichkeit, Toleranz und Humanität",
 		)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		if err = control.SaveRSS(c.RSSFile, feed); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
 		tmpl = template.Must(tmpl, err)
 		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"])
 	}
 }
 func RejectArticle(c *control.CliArgs, db *model.DB, s *control.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		id, err := strconv.ParseInt(r.PostFormValue("id"), 10, 64)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		session, err := s.Get(r, "cookie")
 		if err != nil {
 			tmpl, err := template.ParseFiles(c.WebDir + "/templates/login.html")
 			msg := "Session nicht mehr gültig. Bitte erneut anmelden."
 			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg)
 		}
 		if err = db.UpdateAttributes(
 			&model.Attribute{Table: "articles", ID: id, AttName: "rejected", Value: true},
 		); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
 		tmpl = template.Must(tmpl, err)
 		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"])
 	}
 }
 func ShowCurrentArticles(c *control.CliArgs, db *model.DB) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		articles, err := db.GetCurrentIssueArticles()
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/current-articles.html")
 		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", articles)
 	}
 }
 func UploadImage(c *control.CliArgs) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		file, header, err := r.FormFile("article-image")
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		defer file.Close()
 		filename := fmt.Sprint(c.PicsDir, time.Now().Format("2006-01-02_15:04:05"), "-", header.Filename)
 		img, err := os.Create(filename)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		defer img.Close()
 		if _, err = io.Copy(img, file); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/editor.html")
 		template.Must(tmpl, err).ExecuteTemplate(w, "editor-images", fmt.Sprint("![", header.Filename, "](", filename, ")"))
 	}
 }
--- a/cmd/view/issues.go
+++ b/cmd/view/issues.go
@ -1,31 +0,0 @@
 package view
 import (
 	"html/template"
 	"log"
 	"net/http"
 	"streifling.com/jason/cpolis/cmd/control"
 	"streifling.com/jason/cpolis/cmd/model"
 )
 func PublishLatestIssue(c *control.CliArgs, db *model.DB, s *control.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		if err := db.PublishLatestIssue(); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		session, err := s.Get(r, "cookie")
 		if err != nil {
 			tmpl, err := template.ParseFiles(c.WebDir + "/templates/login.html")
 			msg := "Session nicht mehr gültig. Bitte erneut anmelden."
 			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg)
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
 		tmpl = template.Must(tmpl, err)
 		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"])
 	}
 }
--- a/cmd/view/rss.go
+++ b/cmd/view/rss.go
@ -1,95 +0,0 @@
 package view
 import (
 	"fmt"
 	"html/template"
 	"log"
 	"net/http"
 	"time"
 	"git.streifling.com/jason/rss"
 	"streifling.com/jason/cpolis/cmd/control"
 	"streifling.com/jason/cpolis/cmd/model"
 )
 func ShowRSS(c *control.CliArgs, db *model.DB, title, link, desc string) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		channel := &rss.Channel{
 			Title:       title,
 			Link:        link,
 			Description: desc,
 			Items:       make([]*rss.Item, 0),
 		}
 		articles, err := db.GetCertainArticles(true, false)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		for _, article := range articles {
 			tags, err := db.GetArticleTags(article.ID)
 			if err != nil {
 				log.Println(err)
 				http.Error(w, err.Error(), http.StatusInternalServerError)
 				return
 			}
 			tagNames := make([]string, 0)
 			for _, tag := range tags {
 				tagNames = append(tagNames, tag.Name)
 			}
 			tagNames = append(tagNames, fmt.Sprint("Orient Express ", article.IssueID))
 			user, err := db.GetUser(article.AuthorID)
 			if err != nil {
 				log.Println(err)
 				http.Error(w, err.Error(), http.StatusInternalServerError)
 				return
 			}
 			articleTitle, err := control.ConvertToPlain(article.Title)
 			if err != nil {
 				log.Println(err)
 				http.Error(w, err.Error(), http.StatusInternalServerError)
 				return
 			}
 			articleDescription, err := control.ConvertToPlain(article.Description)
 			if err != nil {
 				log.Println(err)
 				http.Error(w, err.Error(), http.StatusInternalServerError)
 				return
 			}
 			articleContent, err := control.ConvertToHTML(article.Content)
 			if err != nil {
 				log.Println(err)
 				http.Error(w, err.Error(), http.StatusInternalServerError)
 				return
 			}
 			channel.Items = append(channel.Items, &rss.Item{
 				Title:       articleTitle,
 				Author:      user.FirstName + user.LastName,
 				PubDate:     article.Created.Format(time.RFC1123Z),
 				Description: articleDescription,
 				Content:     &rss.Content{Value: articleContent},
 				Categories:  tagNames,
 			})
 		}
 		feed := rss.NewFeed()
 		feed.Channels = append(feed.Channels, channel)
 		rss, err := feed.ToXML()
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		files := []string{c.WebDir + "/templates/index.html", c.WebDir + "/templates/feed.rss"}
 		tmpl, err := template.ParseFiles(files...)
 		template.Must(tmpl, err).Execute(w, rss)
 	}
 }
--- a/cmd/view/users.go
+++ b/cmd/view/users.go
@ -1,216 +0,0 @@
 package view
 import (
 	"fmt"
 	"html/template"
 	"log"
 	"net/http"
 	"strconv"
 	"streifling.com/jason/cpolis/cmd/control"
 	"streifling.com/jason/cpolis/cmd/model"
 )
 type UserData struct {
 	*model.User
 	Msg string
 }
 func checkUserStrings(user *model.User) (string, int, bool) {
 	userLen := 15
 	nameLen := 50
 	if len(user.UserName) > userLen {
 		return "Benutzername", userLen, false
 	} else if len(user.FirstName) > nameLen {
 		return "Vorname", nameLen, false
 	} else if len(user.LastName) > nameLen {
 		return "Nachname", nameLen, false
 	} else {
 		return "", 0, true
 	}
 }
 func CreateUser(c *control.CliArgs) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/add-user.html")
 		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", nil)
 	}
 }
 func AddUser(c *control.CliArgs, db *model.DB, s *control.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		role, err := strconv.Atoi(r.PostFormValue("role"))
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		htmlData := UserData{
 			User: &model.User{
 				UserName:  r.PostFormValue("username"),
 				FirstName: r.PostFormValue("first-name"),
 				LastName:  r.PostFormValue("last-name"),
 				Role:      role,
 			},
 		}
 		pass := r.PostFormValue("password")
 		pass2 := r.PostFormValue("password2")
 		if len(htmlData.UserName) == 0 || len(htmlData.FirstName) == 0 ||
 			len(htmlData.LastName) == 0 || len(pass) == 0 || len(pass2) == 0 {
 			htmlData.Msg = "Alle Felder müssen ausgefüllt werden."
 			tmpl, err := template.ParseFiles(c.WebDir + "/templates/add-user.html")
 			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", htmlData)
 			return
 		}
 		userString, stringLen, ok := checkUserStrings(htmlData.User)
 		if !ok {
 			htmlData.Msg = fmt.Sprint(userString, " ist zu lang. Maximal ",
 				stringLen, " Zeichen erlaubt.")
 			tmpl, err := template.ParseFiles(c.WebDir + "/templates/add-user.html")
 			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", htmlData)
 			return
 		}
 		id, _ := db.GetID(htmlData.UserName)
 		if id != 0 {
 			htmlData.Msg = fmt.Sprint(htmlData.UserName,
 				" ist bereits vergeben. Bitte anderen Benutzernamen wählen.")
 			tmpl, err := template.ParseFiles(c.WebDir + "/templates/add-user.html")
 			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", htmlData)
 			return
 		}
 		if pass != pass2 {
 			htmlData.Msg = "Die Passwörter stimmen nicht überein."
 			tmpl, err := template.ParseFiles(c.WebDir + "/templates/add-user.html")
 			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", htmlData)
 			return
 		}
 		htmlData.ID, err = db.AddUser(htmlData.User, pass)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		if htmlData.ID == 1 {
 			htmlData.Role = model.Admin
 			if err = db.UpdateAttributes(
 				&model.Attribute{Table: "users", ID: id, AttName: "role", Value: htmlData.Role},
 			); err != nil {
 				log.Println(err)
 				http.Error(w, err.Error(), http.StatusInternalServerError)
 				return
 			}
 			if err := saveSession(w, r, s, htmlData.User); err != nil {
 				log.Println(err)
 				http.Error(w, err.Error(), http.StatusInternalServerError)
 				return
 			}
 			if _, err := db.AddIssue(); err != nil {
 				log.Println(err)
 				http.Error(w, err.Error(), http.StatusInternalServerError)
 				return
 			}
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
 		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", 0)
 	}
 }
 func EditUser(c *control.CliArgs, db *model.DB, s *control.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		session, err := s.Get(r, "cookie")
 		if err != nil {
 			tmpl, err := template.ParseFiles(c.WebDir + "/templates/login.html")
 			msg := "Session nicht mehr gültig. Bitte erneut anmelden."
 			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg)
 		}
 		user, err := db.GetUser(session.Values["id"].(int64))
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/edit-user.html")
 		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", user)
 	}
 }
 func UpdateUser(c *control.CliArgs, db *model.DB, s *control.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		session, err := s.Get(r, "cookie")
 		if err != nil {
 			tmpl, err := template.ParseFiles(c.WebDir + "/templates/login.html")
 			msg := "Session nicht mehr gültig. Bitte erneut anmelden."
 			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg)
 		}
 		userData := UserData{
 			User: &model.User{
 				ID:        session.Values["id"].(int64),
 				UserName:  r.PostFormValue("username"),
 				FirstName: r.PostFormValue("first-name"),
 				LastName:  r.PostFormValue("last-name"),
 			},
 		}
 		oldPass := r.PostFormValue("old-password")
 		newPass := r.PostFormValue("password")
 		newPass2 := r.PostFormValue("password2")
 		if len(userData.UserName) == 0 || len(userData.FirstName) == 0 ||
 			len(userData.LastName) == 0 {
 			userData.Msg = "Alle Felder mit * müssen ausgefüllt sein."
 			tmpl, err := template.ParseFiles(c.WebDir + "/templates/edit-user.html")
 			tmpl = template.Must(tmpl, err)
 			tmpl.ExecuteTemplate(w, "page-content", userData.Msg)
 			return
 		}
 		userString, stringLen, ok := checkUserStrings(userData.User)
 		if !ok {
 			userData.Msg = fmt.Sprint(userString, " ist zu lang. Maximal ",
 				stringLen, " Zeichen erlaubt.")
 			tmpl, err := template.ParseFiles(c.WebDir + "/templates/edit-user.html")
 			tmpl = template.Must(tmpl, err)
 			tmpl.ExecuteTemplate(w, "page-content", userData)
 			return
 		}
 		if id, ok := db.GetID(userData.UserName); ok {
 			if id != userData.ID {
 				userData.Msg = "Benutzername bereits vergeben."
 				userData.UserName = ""
 				tmpl, err := template.ParseFiles(c.WebDir + "/templates/edit-user.html")
 				tmpl = template.Must(tmpl, err)
 				tmpl.ExecuteTemplate(w, "page-content", userData)
 				return
 			}
 		}
 		if err = db.UpdateUserAttributes(
 			userData.ID,
 			userData.UserName,
 			userData.FirstName,
 			userData.LastName,
 			oldPass,
 			newPass,
 			newPass2); err != nil {
 			userData.Msg = "Aktualisierung der Benutzerdaten fehlgeschlagen."
 			tmpl, err := template.ParseFiles(c.WebDir + "/templates/edit-user.html")
 			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", userData)
 		}
 		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
 		tmpl = template.Must(tmpl, err)
 		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"].(int))
 	}
 }
--- a/cpolis.service
+++ b/cpolis.service
@ -0,0 +1,9 @@
 [Unit]
 Description=cpolis
 [Service]
 ExecStart=/usr/local/bin/cpolis
 Restart=on-failure
 [Install]
 WantedBy=default.target
--- a/create_db.sql
+++ b/create_db.sql
@ -0,0 +1,55 @@
 DROP TABLE IF EXISTS articles_tags;
 DROP TABLE IF EXISTS tags;
 DROP TABLE IF EXISTS articles;
 DROP TABLE IF EXISTS issues;
 DROP TABLE IF EXISTS users;
 CREATE TABLE users (
    id          INT         AUTO_INCREMENT,
    username    VARCHAR(15) NOT NULL UNIQUE,
    password    VARCHAR(60) NOT NULL,
    first_name  VARCHAR(50) NOT NULL,
    last_name   VARCHAR(50) NOT NULL,
    role        INT         NOT NULL,
    PRIMARY KEY (id)
 );
 CREATE TABLE issues (
    id          INT     AUTO_INCREMENT,
    published   BOOL    NOT NULL,
    PRIMARY KEY (id)
 );
 CREATE TABLE articles (
    id              INT             AUTO_INCREMENT,
    title           VARCHAR(255)    NOT NULL,
    created         TIMESTAMP       DEFAULT CURRENT_TIMESTAMP,
    description     TEXT            NOT NULL,
    link            VARCHAR(255),
    enc_url         VARCHAR(255),
    enc_length      INT,
    enc_type        VARCHAR(255),
    published       BOOL            NOT NULL,
    rejected        BOOL            NOT NULL,
    author_id       INT             NOT NULL,
    issue_id        INT             NOT NULL,
    is_in_issue     BOOL            NOT NULL,
    auto_generated  BOOL            NOT NULL,
    PRIMARY KEY (id),
    FOREIGN KEY (author_id) REFERENCES users (id),
    FOREIGN KEY (issue_id) REFERENCES issues (id)
 );
 CREATE TABLE tags (
    id      INT         AUTO_INCREMENT,
    name    VARCHAR(50) NOT NULL UNIQUE,
    PRIMARY KEY (id)
 );
 CREATE TABLE articles_tags (
    article_id  INT,
    tag_id      INT,
    PRIMARY KEY (article_id, tag_id),
    FOREIGN KEY (article_id) REFERENCES articles (id),
    FOREIGN KEY (tag_id) REFERENCES tags (id)
 );
--- a/go.mod
+++ b/go.mod
@ -1,21 +1,62 @@
 module streifling.com/jason/cpolis
-go 1.22.0
+go 1.23
 toolchain go1.23.0
 require (
-	git.streifling.com/jason/rss v0.0.0-20240305164907-524bf9676188
+	firebase.google.com/go/v4 v4.14.1
-	github.com/go-sql-driver/mysql v1.7.1
+	git.streifling.com/jason/rss v0.1.3
-	github.com/gorilla/sessions v1.2.2
+	github.com/BurntSushi/toml v1.4.0
-	github.com/microcosm-cc/bluemonday v1.0.26
+	github.com/go-sql-driver/mysql v1.8.1
-	github.com/yuin/goldmark v1.7.0
+	github.com/google/uuid v1.6.0
-	golang.org/x/crypto v0.14.0
+	github.com/gorilla/sessions v1.4.0
-	golang.org/x/term v0.17.0
+	github.com/microcosm-cc/bluemonday v1.0.27
 	github.com/yuin/goldmark v1.7.4
 	golang.org/x/crypto v0.26.0
 	golang.org/x/term v0.23.0
 	google.golang.org/api v0.195.0
 )
 require (
 	cloud.google.com/go v0.115.1 // indirect
 	cloud.google.com/go/auth v0.9.2 // indirect
 	cloud.google.com/go/auth/oauth2adapt v0.2.4 // indirect
 	cloud.google.com/go/compute/metadata v0.5.0 // indirect
 	cloud.google.com/go/firestore v1.16.0 // indirect
 	cloud.google.com/go/iam v1.2.0 // indirect
 	cloud.google.com/go/longrunning v0.6.0 // indirect
 	cloud.google.com/go/storage v1.43.0 // indirect
 	filippo.io/edwards25519 v1.1.0 // indirect
 	github.com/MicahParks/keyfunc v1.9.0 // indirect
 	github.com/aymerick/douceur v0.2.0 // indirect
-	github.com/gorilla/css v1.0.0 // indirect
+	github.com/felixge/httpsnoop v1.0.4 // indirect
 	github.com/go-logr/logr v1.4.2 // indirect
 	github.com/go-logr/stdr v1.2.2 // indirect
 	github.com/golang-jwt/jwt/v4 v4.5.0 // indirect
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
 	github.com/golang/protobuf v1.5.4 // indirect
 	github.com/google/s2a-go v0.1.8 // indirect
 	github.com/googleapis/enterprise-certificate-proxy v0.3.3 // indirect
 	github.com/googleapis/gax-go/v2 v2.13.0 // indirect
 	github.com/gorilla/css v1.0.1 // indirect
 	github.com/gorilla/securecookie v1.1.2 // indirect
-	golang.org/x/net v0.17.0 // indirect
+	go.opencensus.io v0.24.0 // indirect
-	golang.org/x/sys v0.17.0 // indirect
+	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.54.0 // indirect
 	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.54.0 // indirect
 	go.opentelemetry.io/otel v1.29.0 // indirect
 	go.opentelemetry.io/otel/metric v1.29.0 // indirect
 	go.opentelemetry.io/otel/trace v1.29.0 // indirect
 	golang.org/x/net v0.28.0 // indirect
 	golang.org/x/oauth2 v0.22.0 // indirect
 	golang.org/x/sync v0.8.0 // indirect
 	golang.org/x/sys v0.24.0 // indirect
 	golang.org/x/text v0.17.0 // indirect
 	golang.org/x/time v0.6.0 // indirect
 	google.golang.org/appengine/v2 v2.0.6 // indirect
 	google.golang.org/genproto v0.0.0-20240827150818-7e3bb234dfed // indirect
 	google.golang.org/genproto/googleapis/api v0.0.0-20240827150818-7e3bb234dfed // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20240827150818-7e3bb234dfed // indirect
 	google.golang.org/grpc v1.66.0 // indirect
 	google.golang.org/protobuf v1.34.2 // indirect
 )
--- a/go.sum
+++ b/go.sum
@ -1,26 +1,229 @@
-git.streifling.com/jason/rss v0.0.0-20240305164907-524bf9676188 h1:C8M/j3f+cl5Y7YfGpU/ynb/SC/4tTYMDsyGFt3rswM8=
+cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
-git.streifling.com/jason/rss v0.0.0-20240305164907-524bf9676188/go.mod h1:gpZF0nZbQSstMpyHD9DTAvlQEG7v4pjO5c7aIMWM4Jg=
+cloud.google.com/go v0.115.1 h1:Jo0SM9cQnSkYfp44+v+NQXHpcHqlnRJk2qxh6yvxxxQ=
 cloud.google.com/go v0.115.1/go.mod h1:DuujITeaufu3gL68/lOFIirVNJwQeyf5UXyi+Wbgknc=
 cloud.google.com/go/auth v0.9.2 h1:I+Rq388FYU8QdbVB1IiPd+6KNdrqtAPE/asiKHShBLM=
 cloud.google.com/go/auth v0.9.2/go.mod h1:7z6VY+7h3KUdRov5F1i8NDP5ZzWKYmEPO842BgCsmTk=
 cloud.google.com/go/auth/oauth2adapt v0.2.4 h1:0GWE/FUsXhf6C+jAkWgYm7X9tK8cuEIfy19DBn6B6bY=
 cloud.google.com/go/auth/oauth2adapt v0.2.4/go.mod h1:jC/jOpwFP6JBxhB3P5Rr0a9HLMC/Pe3eaL4NmdvqPtc=
 cloud.google.com/go/compute/metadata v0.5.0 h1:Zr0eK8JbFv6+Wi4ilXAR8FJ3wyNdpxHKJNPos6LTZOY=
 cloud.google.com/go/compute/metadata v0.5.0/go.mod h1:aHnloV2TPI38yx4s9+wAZhHykWvVCfu7hQbF+9CWoiY=
 cloud.google.com/go/firestore v1.16.0 h1:YwmDHcyrxVRErWcgxunzEaZxtNbc8QoFYA/JOEwDPgc=
 cloud.google.com/go/firestore v1.16.0/go.mod h1:+22v/7p+WNBSQwdSwP57vz47aZiY+HrDkrOsJNhk7rg=
 cloud.google.com/go/iam v1.2.0 h1:kZKMKVNk/IsSSc/udOb83K0hL/Yh/Gcqpz+oAkoIFN8=
 cloud.google.com/go/iam v1.2.0/go.mod h1:zITGuWgsLZxd8OwAlX+eMFgZDXzBm7icj1PVTYG766Q=
 cloud.google.com/go/longrunning v0.6.0 h1:mM1ZmaNsQsnb+5n1DNPeL0KwQd9jQRqSqSDEkBZr+aI=
 cloud.google.com/go/longrunning v0.6.0/go.mod h1:uHzSZqW89h7/pasCWNYdUpwGz3PcVWhrWupreVPYLts=
 cloud.google.com/go/storage v1.43.0 h1:CcxnSohZwizt4LCzQHWvBf1/kvtHUn7gk9QERXPyXFs=
 cloud.google.com/go/storage v1.43.0/go.mod h1:ajvxEa7WmZS1PxvKRq4bq0tFT3vMd502JwstCcYv0Q0=
 filippo.io/edwards25519 v1.1.0 h1:FNf4tywRC1HmFuKW5xopWpigGjJKiJSV0Cqo0cJWDaA=
 filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4VDT4=
 firebase.google.com/go/v4 v4.14.1 h1:4qiUETaFRWoFGE1XP5VbcEdtPX93Qs+8B/7KvP2825g=
 firebase.google.com/go/v4 v4.14.1/go.mod h1:fgk2XshgNDEKaioKco+AouiegSI9oTWVqRaBdTTGBoM=
 git.streifling.com/jason/rss v0.1.3 h1:fd3j4ZtcLehapcmmroo3AP3X34gRHC4xzpfV6bDV1ZU=
 git.streifling.com/jason/rss v0.1.3/go.mod h1:gpZF0nZbQSstMpyHD9DTAvlQEG7v4pjO5c7aIMWM4Jg=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/BurntSushi/toml v1.4.0 h1:kuoIxZQy2WRRk1pttg9asf+WVv6tWQuBNVmK8+nqPr0=
 github.com/BurntSushi/toml v1.4.0/go.mod h1:ukJfTF/6rtPPRCnwkur4qwRxa8vTRFBF0uk2lLoLwho=
 github.com/MicahParks/keyfunc v1.9.0 h1:lhKd5xrFHLNOWrDc4Tyb/Q1AJ4LCzQ48GVJyVIID3+o=
 github.com/MicahParks/keyfunc v1.9.0/go.mod h1:IdnCilugA0O/99dW+/MkvlyrsX8+L8+x95xuVNtM5jw=
 github.com/aymerick/douceur v0.2.0 h1:Mv+mAeH1Q+n9Fr+oyamOlAkUNPWPlA8PPGR0QAaYuPk=
 github.com/aymerick/douceur v0.2.0/go.mod h1:wlT5vV2O3h55X9m7iVYN0TBM0NH/MmbLnd30/FjWUq4=
-github.com/go-sql-driver/mysql v1.7.1 h1:lUIinVbN1DY0xBg0eMOzmmtGoHwWBbvnWubQUrtU8EI=
+github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
-github.com/go-sql-driver/mysql v1.7.1/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI=
+github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
 github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
 github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
 github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
 github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
 github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg=
 github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
 github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
 github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY=
 github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
 github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
 github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE=
 github.com/go-sql-driver/mysql v1.8.1 h1:LedoTUt/eveggdHS9qUFC1EFSa8bU2+1pZjSRpvNJ1Y=
 github.com/go-sql-driver/mysql v1.8.1/go.mod h1:wEBSXgmK//2ZFJyE+qWnIsVGmvmEKlqwuVSjsCm7DZg=
 github.com/golang-jwt/jwt/v4 v4.4.2/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
 github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg=
 github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
 github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
 github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE=
 github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
 github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
 github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
 github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs=
 github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w=
 github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0=
 github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8=
 github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
 github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
 github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
 github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps=
 github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
 github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
 github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
 github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
 github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0=
 github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
-github.com/gorilla/css v1.0.0 h1:BQqNyPTi50JCFMTw/b67hByjMVXZRwGha6wxVGkeihY=
+github.com/google/martian/v3 v3.3.3 h1:DIhPTQrbPkgs2yJYdXU/eNACCG5DVQjySNRNlflZ9Fc=
-github.com/gorilla/css v1.0.0/go.mod h1:Dn721qIggHpt4+EFCcTLTU/vk5ySda2ReITrtgBl60c=
+github.com/google/martian/v3 v3.3.3/go.mod h1:iEPrYcgCF7jA9OtScMFQyAlZZ4YXTKEtJ1E6RWzmBA0=
 github.com/google/s2a-go v0.1.8 h1:zZDs9gcbt9ZPLV0ndSyQk6Kacx2g/X+SKYovpnz3SMM=
 github.com/google/s2a-go v0.1.8/go.mod h1:6iNWHTpQ+nfNRN5E00MSdfDwVesa8hhS32PhPO8deJA=
 github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
 github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/googleapis/enterprise-certificate-proxy v0.3.3 h1:QRje2j5GZimBzlbhGA2V2QlGNgL8G6e+wGo/+/2bWI0=
 github.com/googleapis/enterprise-certificate-proxy v0.3.3/go.mod h1:YKe7cfqYXjKGpGvmSg28/fFvhNzinZQm8DGnaburhGA=
 github.com/googleapis/gax-go/v2 v2.13.0 h1:yitjD5f7jQHhyDsnhKEBU52NdvvdSeGzlAnDPT0hH1s=
 github.com/googleapis/gax-go/v2 v2.13.0/go.mod h1:Z/fvTZXF8/uw7Xu5GuslPw+bplx6SS338j1Is2S+B7A=
 github.com/gorilla/css v1.0.1 h1:ntNaBIghp6JmvWnxbZKANoLyuXTPZ4cAMlo6RyhlbO8=
 github.com/gorilla/css v1.0.1/go.mod h1:BvnYkspnSzMmwRK+b8/xgNPLiIuNZr6vbZBTPQ2A3b0=
 github.com/gorilla/securecookie v1.1.2 h1:YCIWL56dvtr73r6715mJs5ZvhtnY73hBvEF8kXD8ePA=
 github.com/gorilla/securecookie v1.1.2/go.mod h1:NfCASbcHqRSY+3a8tlWJwsQap2VX5pwzwo4h3eOamfo=
-github.com/gorilla/sessions v1.2.2 h1:lqzMYz6bOfvn2WriPUjNByzeXIlVzURcPmgMczkmTjY=
+github.com/gorilla/sessions v1.4.0 h1:kpIYOp/oi6MG/p5PgxApU8srsSw9tuFbt46Lt7auzqQ=
-github.com/gorilla/sessions v1.2.2/go.mod h1:ePLdVu+jbEgHH+KWw8I1z2wqd0BAdAQh/8LRvBeoNcQ=
+github.com/gorilla/sessions v1.4.0/go.mod h1:FLWm50oby91+hl7p/wRxDth9bWSuk0qVL2emc7lT5ik=
-github.com/microcosm-cc/bluemonday v1.0.26 h1:xbqSvqzQMeEHCqMi64VAs4d8uy6Mequs3rQ0k/Khz58=
+github.com/microcosm-cc/bluemonday v1.0.27 h1:MpEUotklkwCSLeH+Qdx1VJgNqLlpY2KXwXFM08ygZfk=
-github.com/microcosm-cc/bluemonday v1.0.26/go.mod h1:JyzOCs9gkyQyjs+6h10UEVSe02CGwkhd72Xdqh78TWs=
+github.com/microcosm-cc/bluemonday v1.0.27/go.mod h1:jFi9vgW+H7c3V0lb6nR74Ib/DIB5OBs92Dimizgw2cA=
-github.com/yuin/goldmark v1.7.0 h1:EfOIvIMZIzHdB/R/zVrikYLPPwJlfMcNczJFMs1m6sA=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
-github.com/yuin/goldmark v1.7.0/go.mod h1:uzxRWxtg69N339t3louHJ7+O03ezfj6PlliRlaOzY1E=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc=
+github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
-golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
-golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM=
+github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
-golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
+github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
-golang.org/x/sys v0.17.0 h1:25cE3gD+tdBA7lp7QfhuV+rJiE9YXTcS3VG1SqssI/Y=
+github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
-golang.org/x/term v0.17.0 h1:mkTF7LCd6WGJNL3K1Ad7kwxNfYAW6a8a8QqtMblp/4U=
+github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
-golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
+github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
 github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
 github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
 github.com/yuin/goldmark v1.7.4 h1:BDXOHExt+A7gwPCJgPIIq7ENvceR7we7rOS9TNoLZeg=
 github.com/yuin/goldmark v1.7.4/go.mod h1:uzxRWxtg69N339t3louHJ7+O03ezfj6PlliRlaOzY1E=
 go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0=
 go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo=
 go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.54.0 h1:r6I7RJCN86bpD/FQwedZ0vSixDpwuWREjW9oRMsmqDc=
 go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.54.0/go.mod h1:B9yO6b04uB80CzjedvewuqDhxJxi11s7/GtiGa8bAjI=
 go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.54.0 h1:TT4fX+nBOA/+LUkobKGW1ydGcn+G3vRw9+g5HwCphpk=
 go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.54.0/go.mod h1:L7UH0GbB0p47T4Rri3uHjbpCFYrVrwc1I25QhNPiGK8=
 go.opentelemetry.io/otel v1.29.0 h1:PdomN/Al4q/lN6iBJEN3AwPvUiHPMlt93c8bqTG5Llw=
 go.opentelemetry.io/otel v1.29.0/go.mod h1:N/WtXPs1CNCUEx+Agz5uouwCba+i+bJGFicT8SR4NP8=
 go.opentelemetry.io/otel/metric v1.29.0 h1:vPf/HFWTNkPu1aYeIsc98l4ktOQaL6LeSoeV2g+8YLc=
 go.opentelemetry.io/otel/metric v1.29.0/go.mod h1:auu/QWieFVWx+DmQOUMgj0F8LHWdgalxXqvp7BII/W8=
 go.opentelemetry.io/otel/sdk v1.28.0 h1:b9d7hIry8yZsgtbmM0DKyPWMMUMlK9NEKuIG4aBqWyE=
 go.opentelemetry.io/otel/sdk v1.28.0/go.mod h1:oYj7ClPUA7Iw3m+r7GeEjz0qckQRJK2B8zjcZEfu7Pg=
 go.opentelemetry.io/otel/trace v1.29.0 h1:J/8ZNK4XgR7a21DZUAsbF8pZ5Jcw1VhACmnYt39JTi4=
 go.opentelemetry.io/otel/trace v1.29.0/go.mod h1:eHl3w0sp3paPkYstJOmAimxhiFXPg+MMTlEh3nsQgWQ=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.26.0 h1:RrRspgV4mU+YwB4FYnuBoKsUapNIL5cohGAmSH3azsw=
 golang.org/x/crypto v0.26.0/go.mod h1:GY7jblb9wI+FOo5y8/S2oY4zWP07AkOJ4+jxCqdqn54=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
 golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
 golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
 golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
 golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
 golang.org/x/net v0.28.0 h1:a9JDOJc5GMUJ0+UDqmLT86WiEy7iWyIhz8gz8E4e5hE=
 golang.org/x/net v0.28.0/go.mod h1:yqtgsTWOOnlGLG9GFRrK3++bGOUEkNBoHZc8MEDWPNg=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.22.0 h1:BzDx2FehcG7jJwgWLELCdmLuxk2i+x9UDpSiss2u0ZA=
 golang.org/x/oauth2 v0.22.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ=
 golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
 golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.24.0 h1:Twjiwq9dn6R1fQcyiK+wQyHWfaz/BJB+YIpzU/Cv3Xg=
 golang.org/x/sys v0.24.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.23.0 h1:F6D4vR+EHoL9/sWAWgAR1H2DcHr4PareCbAaCo1RpuU=
 golang.org/x/term v0.23.0/go.mod h1:DgV24QBUrK6jhZXl+20l6UWznPlwAHm1Q1mGHtydmSk=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
 golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ=
 golang.org/x/text v0.17.0 h1:XtiM5bkSOt+ewxlOE/aE/AKEHibwj/6gvWMl9Rsh0Qc=
 golang.org/x/text v0.17.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
 golang.org/x/time v0.6.0 h1:eTDhh4ZXt5Qf0augr54TN6suAUudPcawVZeIAPU7D4U=
 golang.org/x/time v0.6.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
 golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
 golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 google.golang.org/api v0.195.0 h1:Ude4N8FvTKnnQJHU48RFI40jOBgIrL8Zqr3/QeST6yU=
 google.golang.org/api v0.195.0/go.mod h1:DOGRWuv3P8TU8Lnz7uQc4hyNqrBpMtD9ppW3wBJurgc=
 google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
 google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
 google.golang.org/appengine/v2 v2.0.6 h1:LvPZLGuchSBslPBp+LAhihBeGSiRh1myRoYK4NtuBIw=
 google.golang.org/appengine/v2 v2.0.6/go.mod h1:WoEXGoXNfa0mLvaH5sV3ZSGXwVmy8yf7Z1JKf3J3wLI=
 google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
 google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
 google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo=
 google.golang.org/genproto v0.0.0-20240827150818-7e3bb234dfed h1:4C4dbrVFtfIp3GXJdMX1Sj25mahfn5DywOo65/2ISQ8=
 google.golang.org/genproto v0.0.0-20240827150818-7e3bb234dfed/go.mod h1:ICjniACoWvcDz8c8bOsHVKuuSGDJy1z5M4G0DM3HzTc=
 google.golang.org/genproto/googleapis/api v0.0.0-20240827150818-7e3bb234dfed h1:3RgNmBoI9MZhsj3QxC+AP/qQhNwpCLOvYDYYsFrhFt0=
 google.golang.org/genproto/googleapis/api v0.0.0-20240827150818-7e3bb234dfed/go.mod h1:OCdP9MfskevB/rbYvHTsXTtKC+3bHWajPdoKgjcYkfo=
 google.golang.org/genproto/googleapis/rpc v0.0.0-20240827150818-7e3bb234dfed h1:J6izYgfBXAI3xTKLgxzTmUltdYaLsuBxFCgDHWJ/eXg=
 google.golang.org/genproto/googleapis/rpc v0.0.0-20240827150818-7e3bb234dfed/go.mod h1:UqMtugtsSgubUsoxbuAoiCXvqvErP7Gf0so0mK9tHxU=
 google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
 google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
 google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY=
 google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
 google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc=
 google.golang.org/grpc v1.66.0 h1:DibZuoBznOxbDQxRINckZcUvnCEvrW9pcWIE2yF9r1c=
 google.golang.org/grpc v1.66.0/go.mod h1:s3/l6xSSCURdVfAnL+TqCNMyTDAGN6+lZeVxnZR128Y=
 google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
 google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
 google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
 google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
 google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
 google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
 google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
 google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
 google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
 google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
 google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
 google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg=
 google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
--- a/tailwind.config.js
+++ b/tailwind.config.js
@ -0,0 +1,11 @@
 /** @type {import('tailwindcss').Config} */
 module.exports = {
    content: ["./web/templates/*.html"],
    theme: {
        extend: {}
    },
    plugins: [
        require('@tailwindcss/typography')
    ],
    darkMode: 'selector',
 }
--- a/update.sh
+++ b/update.sh
@ -0,0 +1,58 @@
 #! /bin/sh -
 CPOLIS_REPO_URL="https://git.streifling.com/api/v1/repos/jason/cpolis/releases"
 EXTRACTION_DIR=$HOME
 CPOLIS_DIR=$EXTRACTION_DIR/cpolis
 TAILWINDCSS_REPO_URL=https://api.github.com/repos/tailwindlabs/tailwindcss/releases/latest
 TMP_DIR=/tmp
 BIN_DIR=/usr/local/bin
 SYSTEMD_DIR=/etc/systemd/system
 check_dependency() {
    if ! which $1 >/dev/null 2>&1; then
        echo "$1 needs to be installed" >&2
        exit 1
    fi
 }
 if ! groups | grep -E 'root|wheel|sudo' >/dev/null; then
    echo "You need administrative privileges for this script" >&2
    exit 1
 fi
 check_dependency curl
 check_dependency go
 check_dependency jq
 check_dependency tar
 check_dependency xargs
 echo '\nDownloading cpolis...' >&2
 rm -fr $CPOLIS_DIR/*
 latest_release=$(curl -s $CPOLIS_REPO_URL | jq -r '.[0].tag_name')
 curl -Lo $TMP_DIR/cpolis.tar.gz https://git.streifling.com/jason/cpolis/archive/$latest_release.tar.gz
 tar -xzf $TMP_DIR/cpolis.tar.gz -C $EXTRACTION_DIR
 rm $TMP_DIR/cpolis.tar.gz
 echo '\nDownloading TailwindCSS...' >&2
 curl -s $TAILWINDCSS_REPO_URL |
    grep -F browser_download_url |
    grep -F linux-x64 |
    cut -d'"' -f4 |
    xargs -r curl -Lo $CPOLIS_DIR/tailwindcss
 chmod +x $CPOLIS_DIR/tailwindcss
 $CPOLIS_DIR/tailwindcss -i $CPOLIS_DIR/web/static/css/input.css -o $CPOLIS_DIR/web/static/css/style.css
 echo '\nBuilding cpolis...' >&2
 cd $CPOLIS_DIR
 go build -o $BIN_DIR/cpolis cmd/main.go
 cd
 echo '\nSetting up system files...' >&2
 sudo chown root:root $BIN_DIR/cpolis
 chmod +x $BIN_DIR/cpolis
 echo '\nSetting up service...' >&2
 sudo mv $CPOLIS_DIR/cpolis.service $SYSTEMD_DIR
 sudo chown root:root $SYSTEMD_DIR/cpolis.service
 sudo systemctl daemon-reload
 sudo systemctl is-active --quiet cpolis.service && sudo systemctl restart cpolis.service
--- a/web/static/css/input.css
+++ b/web/static/css/input.css
@ -0,0 +1,64 @@
@tailwind base;
@tailwind components;
@tailwind utilities;
 h2 {
    @apply font-bold mb-2 text-2xl;
 }
 h3 {
    @apply font-bold mb-2 text-xl;
 }
 input[type="password"],
 input[type="text"] {
    @apply bg-slate-50 dark:bg-slate-950 border border-slate-200 dark:border-slate-800 h-8 rounded-md;
 }
 textarea {
    @apply bg-slate-50 dark:bg-slate-950 border border-slate-200 dark:border-slate-800 h-32 rounded-md;
 }
 .btn-area {
    @apply flex gap-4 mt-4;
 }
 .btn {
    @apply bg-slate-200 dark:bg-slate-800 hover:bg-slate-100 dark:hover:bg-slate-900 border border-slate-200 dark:border-slate-800 my-2 px-3 py-2 rounded-md w-full;
 }
 .action-btn {
    @apply bg-slate-800 dark:bg-slate-200 hover:bg-slate-700 dark:hover:bg-slate-300 my-2 px-3 py-2 rounded-md text-slate-50 dark:text-slate-950 w-full;
 }
 .EasyMDEContainer .CodeMirror {
    @apply bg-slate-50 dark:bg-slate-950 border-slate-200 dark:border-slate-800 text-slate-900 dark:text-slate-100
 }
 .EasyMDEContainer .cm-s-easymde .CodeMirror-cursor {
    @apply border-slate-900 dark:border-slate-100
 }
 .EasyMDEContainer .editor-toolbar > * {
    @apply text-slate-900 dark:text-slate-100
 }
 .EasyMDEContainer .editor-toolbar > .active, .editor-toolbar > button:hover, .editor-preview pre, .cm-s-easymde .cm-comment {
    @apply bg-slate-100 dark:bg-slate-900
 }
 .EasyMDEContainer .CodeMirror-fullscreen {
    @apply bg-slate-50 dark:bg-slate-950
 }
 .editor-toolbar {
    @apply border border-slate-200
 }
 .editor-toolbar.fullscreen {
    @apply bg-slate-50 dark:bg-slate-950
 }
 .editor-preview {
    @apply bg-slate-50 dark:bg-slate-950
 }
--- a/web/static/css/style.css
+++ b/web/static/css/style.css
--- a/web/static/js/htmx.min.js
+++ b/web/static/js/htmx.min.js
--- a/web/templates/add-tag.html
+++ b/web/templates/add-tag.html
@ -1,10 +1,12 @@
 {{define "page-content"}}
-<h2>Neuer Benutzer</h2>
+<h2>Neuer Tag</h2>
 <form>
-    <input required name="tag" placeholder="Tag" type="text" />
+    <input required name="tag" placeholder="Tag eingeben" type="text" />
-    <input type="submit" value="Anlegen" hx-post="/add-tag/" hx-target="#page-content" />
+    <div class="btn-area">
        <input class="action-btn" type="submit" value="Anlegen" hx-post="/tag/add" hx-target="#page-content" />
        <button class="btn" hx-get="/hub" hx-target="#page-content">Abbrechen</button>
    </div>
 </form>
 <button hx-get="/hub/" hx-target="#page-content">Abbrechen</button>
 {{end}}
--- a/web/templates/add-user.html
+++ b/web/templates/add-user.html
@ -1,33 +1,55 @@
 {{define "page-content"}}
 <h2>Neuer Benutzer</h2>
 <form>
    <div class="grid grid-cols-3 gap-4">
        <div>
-        <input required name="username" placeholder="Benutzername" type="text" value="{{.UserName}}" />
+            <label for="username">Benutzername</label>
-        <input required name="password" placeholder="Passwort" type="password" />
+            <input class="w-full" required name="username" type="text" value="{{.UserName}}" />
-        <input required name="password2" placeholder="Passwort wiederholen" type="password" />
+        </div>
-    </div>
+        <div>
-
+            <label for="password">Passwort</label>
-    <div>
+            <input class="w-full" required name="password" placeholder="***" type="password" />
-        <input required name="first-name" placeholder="Vorname" type="text" value="{{.FirstName}}" />
+        </div>
-        <input required name="last-name" placeholder="Nachname" type="text" value="{{.LastName}}" />
+        <div>
            <label for="password2">Passwort wiederholen</label>
            <input class="w-full" required name="password2" placeholder="***" type="password" />
        </div>
        <div>
            <label for="first-name">Vorname</label>
            <input class="w-full" required name="first-name" type="text" value="{{.FirstName}}" />
        </div>
        <div>
            <label for="last-name">Nachname</label>
            <input class="w-full" required name="last-name" type="text" value="{{.LastName}}" />
        </div>
    </div>
    <div class="flex gap-4">
        <div>
            <input required id="author" name="role" type="radio" value="3" {{if eq .Role 3 }}checked{{end}} />
            <label for="author">Autor</label>
        </div>
        <div>
            <input required id="editor" name="role" type="radio" value="2" {{if eq .Role 2 }}checked{{end}} />
            <label for="editor">Redakteur</label>
        </div>
        <div>
            <input required id="publisher" name="role" type="radio" value="1" {{if eq .Role 1 }}checked{{end}} />
            <label for="publisher">Herausgeber</label>
        </div>
        <div>
            <input required id="admin" name="role" type="radio" value="0" {{if eq .Role 0 }}checked{{end}} />
-        <label for="admin">Admin</label>
+            <label for="admin">Administrator</label>
        </div>
    </div>
-    <input type="submit" value="Anlegen" hx-post="/add-user/" hx-target="#page-content" />
+    <div class="btn-area">
        <input class="action-btn" type="submit" value="Anlegen" hx-post="/user/add" hx-target="#page-content" />
        <button class="btn" hx-get="/hub" hx-target="#page-content">Abbrechen</button>
    </div>
 </form>
 <button hx-get="/hub/" hx-target="#page-content">Abbrechen</button>
 <script>
    var msg = "{{.Msg}}";
    if (msg != "") {
--- a/web/templates/current-articles.html
+++ b/web/templates/current-articles.html
@ -1,13 +1,79 @@
 {{define "page-content"}}
-<div>
+<h2>Diese Ausgabe</h2>
-    {{range .}}
+
 <form hx-encoding="multipart/form-data">
    <div class="flex flex-col gap-4">
        <div>
-        <h1>{{.Title}}</h1>
+            <h3>Aktuelle Artikel</h3>
            <div class="flex flex-col gap-4">
                {{range .}}
                <div class="border px-2 py-1 rounded-md">
                    <h1 class="font-bold text-2xl">{{.Title}}</h1>
                    <p>{{.Description}}</p>
                </div>
                {{end}}
-</div>
+            </div>
        </div>
-<button hx-get="/publish-issue/" hx-target="#page-content">Ausgabe publizieren</button>
+        <div>
-<button hx-get="/hub/" hx-target="#page-content">Abbrechen</button>
+            <h3>Cover</h3>
            <div class="flex">
                <label class="btn text-center" for="image-upload">Bild hochladen</label>
                <input class="hidden" id="image-upload" name="issue-image" type="file" required
                    hx-post="/issue/upload-image" />
            </div>
        </div>
        <div>
            <h3>Titel</h3>
            <div class="flex flex-col gap-y-1">
                <input name="issue-title" type="text" />
            </div>
        </div>
        <div>
            <h3>Über diese Ausgabe</h3>
            <div>
                <textarea id="easyMDE" placeholder="Beschreibung dieser Ausgabe"></textarea>
                <input id="issue-content" name="issue-content" type="hidden" />
            </div>
        </div>
    </div>
    <div class="btn-area">
        <button class="action-btn" hx-post="/issue/publish" hx-target="#page-content">Ausgabe publizieren</button>
        <button class="btn" hx-get="/hub" hx-target="#page-content">Abbrechen</button>
    </div>
 </form>
 <script>
    var easyMDE = new EasyMDE({
        element: document.getElementById('easyMDE'),
        hideIcons: ['image'],
        imageTexts: {sbInit: ''},
        showIcons: ["code", "table", "upload-image"],
        uploadImage: true,
        imageUploadFunction: function (file, onSuccess, onError) {
            var formData = new FormData();
            formData.append('article-image', file);
            fetch('/article/upload-image', {
                method: 'POST',
                body: formData
            })
                .then(response => response.json())
                .then(data => {
                    onSuccess(data);
                })
                .catch(error => {
                    onError(error);
                });
        },
    });
    easyMDE.codemirror.on("change", () => {
        document.getElementById('issue-content').value = easyMDE.value();
    });
 </script>
 {{end}}
--- a/web/templates/edit-self.html
+++ b/web/templates/edit-self.html
@ -0,0 +1,43 @@
 {{define "page-content"}}
 <h2>Profil bearbeiten</h2>
 <form>
    <div class="grid grid-cols-3 gap-4">
        <div>
            <label for="username">Benutzername</label>
            <input class="w-full" name="username" type="text" value="{{.UserName}}" />
        </div>
        <div>
            <label for="first-name">Vorname</label>
            <input class="w-full" name="first-name" type="text" value="{{.FirstName}}" />
        </div>
        <div>
            <label for="last-name">Nachname</label>
            <input class="w-full" name="last-name" type="text" value="{{.LastName}}" />
        </div>
        <div>
            <label for="old-password">Altes Passwort</label>
            <input class="w-full" name="old-password" placeholder="***" type="password" />
        </div>
        <div>
            <label for="password">Passwort</label>
            <input class="w-full" name="password" placeholder="***" type="password" />
        </div>
        <div>
            <label for="password2">Passwort wiederholen</label>
            <input class="w-full" name="password2" placeholder="***" type="password" />
        </div>
    </div>
    <div class="btn-area">
        <input class="action-btn" type="submit" value="Aktualisieren" hx-post="/user/update/self"
            hx-target="#page-content" />
        <button class="btn" hx-get="/hub" hx-target="#page-content">Abbrechen</button>
    </div>
 </form>
 {{end}}
--- a/web/templates/edit-user.html
+++ b/web/templates/edit-user.html
@ -1,19 +1,57 @@
 {{define "page-content"}}
 <h2>Profil von {{.FirstName}} {{.LastName}} bearbeiten</h2>
 <form>
    <div class="grid grid-cols-3 gap-4">
        <div>
-        <input name="username" type="text" value="{{.UserName}}" />
+            <label for="username">Benutzername</label>
-        <input name="first-name" type="text" value="{{.FirstName}}" />
+            <input class="w-full" name="username" type="text" value="{{.UserName}}" />
        <input name="last-name" type="text" value="{{.LastName}}" />
        </div>
        <div>
-        <input name="old-password" placeholder="Altes Passwort" type="password" />
+            <label for="first-name">Vorname</label>
-        <input name="password" placeholder="Neues Passwort" type="password" />
+            <input class="w-full" name="first-name" type="text" value="{{.FirstName}}" />
        <input name="password2" placeholder="Wiederholen" type="password" />
        </div>
-    <input type="submit" value="Aktualisieren" hx-post="/update-user/" hx-target="#page-content" />
+        <div>
            <label for="last-name">Nachname</label>
            <input class="w-full" name="last-name" type="text" value="{{.LastName}}" />
        </div>
        <div>
            <label for="password">Passwort</label>
            <input class="w-full" name="password" placeholder="***" type="password" />
        </div>
        <div>
            <label for="password2">Passwort wiederholen</label>
            <input class="w-full" name="password2" placeholder="***" type="password" />
        </div>
    </div>
    <div class="flex gap-4">
        <div>
            <input required id="author" name="role" type="radio" value="3" {{if eq .Role 3 }}checked{{end}} />
            <label for="author">Autor</label>
        </div>
        <div>
            <input required id="editor" name="role" type="radio" value="2" {{if eq .Role 2 }}checked{{end}} />
            <label for="editor">Redakteur</label>
        </div>
        <div>
            <input required id="publisher" name="role" type="radio" value="1" {{if eq .Role 1 }}checked{{end}} />
            <label for="publisher">Herausgeber</label>
        </div>
        <div>
            <input required id="admin" name="role" type="radio" value="0" {{if eq .Role 0 }}checked{{end}} />
            <label for="admin">Administrator</label>
        </div>
    </div>
    <div class="btn-area">
        <input class="action-btn" type="submit" value="Aktualisieren" hx-post="/user/update/{{.ID}}"
            hx-target="#page-content" />
        <button class="btn" hx-get="/hub" hx-target="#page-content">Abbrechen</button>
    </div>
 </form>
 <button hx-get="/hub/" hx-target="#page-content">Abbrechen</button>
 {{end}}
--- a/web/templates/editor.html
+++ b/web/templates/editor.html
@ -1,57 +1,74 @@
 {{define "page-content"}}
 <h2>Editor</h2>
-<form>
+
-    <div>
+<form id="edit-area">
-        <input name="article-title" placeholder="Titel" type="text" />
+    <div class="flex flex-col gap-y-1">
-        <textarea name="article-description" placeholder="Beschreibung"></textarea>
+        <label for="article-title">Titel</label>
-        <textarea name="article-content" placeholder="Artikel"></textarea>
+        <input name="article-title" type="text" value="{{.Title}}" />
    </div>
    <div class="flex flex-col gap-y-1">
        <label for="article-description">Beschreibung</label>
        <textarea name="article-description">{{.Description}}</textarea>
    </div>
    <div class="flex flex-col gap-y-1">
        <label for="easyMDE">Artikel</label>
        <textarea id="easyMDE">{{.Content}}</textarea>
        <input id="article-content" name="article-content" type="hidden" />
    </div>
    <div>
-        {{range .}}
+        <span>Tags</span>
        <div class="flex flex-wrap gap-x-4">
            <div>
                <input id="issue" name="issue" type="checkbox" />
                <label for="issue">Orient Express</label>
            </div>
            {{range .Tags}}
            <div>
                <input id="{{.Name}}" name="tags" type="checkbox" value="{{.ID}}" />
                <label for="{{.Name}}">{{.Name}}</label>
            </div>
            {{end}}
        </div>
    <div id="editor-images">
        <input name="article-image" type="file" hx-encoding="multipart/form-data" hx-post="/upload-image/"
            hx-swap="beforeend" hx-target="#editor-images" />
    </div>
-    <input type="submit" value="Senden" hx-post="/submit-article/" hx-target="#page-content" />
+    <div class="btn-area">
        <input class="action-btn" type="submit" value="Senden" hx-post="/article/submit" hx-target="#page-content" />
        <button class="btn" hx-get="/hub" hx-target="#page-content">Abbrechen</button>
    </div>
 </form>
 <button hx-get="/hub/" hx-target="#page-content">Abbrechen</button>
 <script>
-    function copyToClipboard(text) {
+    var easyMDE = new EasyMDE({
-        event.preventDefault(); // Get-Request verhindern
+        element: document.getElementById('easyMDE'),
        hideIcons: ['image'],
        imageTexts: {sbInit: ''},
        showIcons: ["code", "table", "upload-image"],
        uploadImage: true,
-        var textarea = document.createElement("textarea");
+        imageUploadFunction: function (file, onSuccess, onError) {
-        textarea.textContent = text;
+            var formData = new FormData();
-        document.body.appendChild(textarea);
+            formData.append('article-image', file);
-        textarea.select();
+            fetch('/article/upload-image', {
-        try {
+                method: 'POST',
-            document.execCommand('copy');
+                body: formData
-        } catch (err) {
+            })
-            console.warn('Fehler beim Kopieren', err);
+                .then(response => response.json())
-        }
+                .then(data => {
-
+                    onSuccess(data);
-        document.body.removeChild(textarea);
+                })
-    }
+                .catch(error => {
                    onError(error);
                });
        },
    });
    easyMDE.codemirror.on("change", () => {
        document.getElementById('article-content').value = easyMDE.value();
    });
 </script>
 {{end}}
 {{define "editor-images"}}
 {{if gt (len .) 0}}
 <div>
    {{.}}
    <button onclick="copyToClipboard('{{.}}')">Kopieren</button>
 </div>
 {{end}}
 {{end}}
--- a/web/templates/feed.rss
+++ b/web/templates/feed.rss
@ -1,3 +0,0 @@
 {{define "page-content"}}
 {{.}}
 {{end}}
--- a/web/templates/first-user.html
+++ b/web/templates/first-user.html
@ -0,0 +1,39 @@
 {{define "page-content"}}
 <h2>Erster Benutzer (Administrator)</h2>
 <form>
    <div class="grid grid-cols-3 gap-4">
        <div>
            <label for="username">Benutzername</label>
            <input class="w-full" required name="username" type="text" value="{{.UserName}}" />
        </div>
        <div>
            <label for="password">Passwort</label>
            <input class="w-full" required name="password" placeholder="***" type="password" />
        </div>
        <div>
            <label for="password2">Passwort wiederholen</label>
            <input class="w-full" required name="password2" placeholder="***" type="password" />
        </div>
        <div>
            <label for="first-name">Vorname</label>
            <input class="w-full" required name="first-name" type="text" value="{{.FirstName}}" />
        </div>
        <div>
            <label for="last-name">Nachname</label>
            <input class="w-full" required name="last-name" type="text" value="{{.LastName}}" />
        </div>
    </div>
    <div class="btn-area">
        <input class="action-btn" type="submit" value="Anlegen" hx-post="/user/add-first" hx-target="#page-content" />
    </div>
 </form>
 <script>
    var msg = "{{.Msg}}";
    if (msg != "") {
        alert(msg);
    }
 </script>
 {{end}}
--- a/web/templates/hub.html
+++ b/web/templates/hub.html
@ -1,25 +1,54 @@
 {{define "page-content"}}
-<h2>Hub</h2>
+<div class="flex flex-col gap-4">
-<div>
+    <button class="btn" hx-get="/logout" hx-target="#page-content">Abmelden</button>
-    <button hx-get="/write-article/" hx-target="#page-content">Artikel schreiben</button>
+
-    <button hx-get="/rejected-articles/" hx-target="#page-content">Abgelehnte Artikel</button>
+    {{if lt . 4}}
-    <button hx-get="/rss/" hx-target="#page-content">RSS Feed</button>
+    <div class="mb-3">
-    <button hx-get="/edit-user/" hx-target="#page-content">Benutzer bearbeiten</button>
+        <h2>Artikel</h2>
-</div>
+        <div class="grid grid-cols-2 gap-x-4 gap-y-2">
-{{if lt . 3}}
+            <button class="btn" hx-get="/article/write" hx-target="#page-content">Artikel schreiben</button>
-<div>
+            <button class="btn" hx-get="/article/all-rejected" hx-target="#page-content">Abgelehnte Artikel</button>
-    <button hx-get="/unpublished-articles/" hx-target="#page-content">Unveröffentlichte Artikel</button>
+            {{if lt . 3}}<button class="btn" hx-get="/article/all-unpublished" hx-target="#page-content">
-    <button hx-get="/create-tag/" hx-target="#page-content">Neuer Tag</button>
+                Unveröffentlichte Artikel
            </button>{{end}}
            {{if lt . 2}}<button class="btn" hx-get="/article/all-published" hx-target="#page-content">
                Artikel löschen
            </button>{{end}}
            {{if lt . 3}}<button class="btn" hx-get="/tag/create" hx-target="#page-content">Neuer Tag</button>{{end}}
        </div>
    </div>
    {{end}}
    {{if lt . 2}}
    <div class="mb-3">
        <h2>Ausgabe</h2>
        <div class="grid grid-cols-2 gap-x-4 gap-y-2">
            <button class="btn" hx-get="/issue/this" hx-target="#page-content">Diese Ausgabe</button>
            <form class="flex" hx-encoding="multipart/form-data">
                <label class="btn text-center" for="pdf-upload">PDF hochladen</label>
                <input accept=".pdf" class="hidden" id="pdf-upload" name="pdf-upload" type="file"
                    hx-post="/pdf/upload" />
            </form>
        </div>
        {{end}}
    </div>
    {{if lt . 4}}
    <div class="mb-3">
        <h2>Benutzer</h2>
        <div class="grid grid-cols-2 gap-x-4 gap-y-2">
            <button class="btn" hx-get="/user/edit/self" hx-target="#page-content">Mein Profil bearbeiten</button>
            {{if eq . 0}}<button class="btn" hx-get="/user/create" hx-target="#page-content">
                Benutzer hinzufügen
            </button>{{end}}
            {{if eq . 0}}<button class="btn" hx-get="/user/show-all/edit" hx-target="#page-content">
                Benutzer bearbeiten
            </button>{{end}}
            {{if eq . 0}}<button class="btn" hx-get="/user/show-all/delete" hx-target="#page-content">
                Benutzer löschen
            </button>{{end}}
        </div>
    </div>
    {{end}}
 </div>
 {{end}}
 {{if lt . 2}}
 <div>
    <button hx-get="/this-issue/" hx-target="#page-content">Diese Ausgabe</button>
 </div>
 {{end}}
 {{if eq . 0}}
 <div>
    <button hx-get="/create-user/" hx-target="#page-content">Benutzer hinzufügen</button>
 </div>
 {{end}}
 {{end}}
--- a/web/templates/index.html
+++ b/web/templates/index.html
@ -5,26 +5,72 @@
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <title>Orient Editor</title>
-    <link href="web/static/css/style.css" rel="stylesheet">
+
    <link href="/web/static/css/style.css" rel="stylesheet">
    <link rel="stylesheet" href="https://unpkg.com/easymde/dist/easymde.min.css">
 </head>
-<body>
+<body style="width: 800px;"
-    <header>
+    class="bg-slate-50 dark:bg-slate-950 flex flex-col justify-between min-h-screen mx-auto text-slate-900 dark:text-slate-100">
-        <h1>Orient Editor</h1>
+    <header class="my-8">
-        <button hx-get="logout" hx-target="#page-content">Abmelden</button>
+        <h1 class="font-bold text-4xl text-center">Orient Editor</h1>
        <div class="ml-4">
            <label class="cursor-pointer flex items-center relative" for="theme-toggle">
                <div class="bg-slate-200 dark:bg-slate-800 block h-6 w-12 rounded-full"></div>
                <div
                    class="absolute bg-slate-800 dark:bg-slate-50 dot left-1 top-1 h-4 w-4 rounded-full transform transition">
                </div>
                <span class="ml-2">Dunkel</span>
            </label>
            <input type="checkbox" id="theme-toggle" class="sr-only">
        </div>
    </header>
-    <main>
+    <main class="mx-4">
        <div id="page-content">
            {{template "page-content" .}}
        </div>
        <script src="web/static/js/htmx.min.js"></script>
    </main>
-    <footer>
+    <footer class="text-center text-gray-500 my-8">
-        <p>&copy; 2024 Jason Streifling. Alle Rechte vorbehalten.</p>
+        <p>
            &copy; 2024 Jason Streifling. Alle Rechte vorbehalten.
        </p>
        <p>
            v0.9.0 - <strong>Hinweis:</strong> Diese Software befindet sich noch in der Entwicklung und kann Fehler
            enthalten.
        </p>
    </footer>
    <script src="https://unpkg.com/htmx.org@2.0.2"></script>
    <script src="https://unpkg.com/easymde/dist/easymde.min.js"></script>
    <script>
        document.addEventListener('DOMContentLoaded', () => {
            const toggleSwitch = document.getElementById('theme-toggle');
            const dot = document.querySelector('.dot');
            if (localStorage.theme === 'dark' || (!('theme' in localStorage) && window.matchMedia('(prefers-color-scheme: dark)').matches)) {
                document.documentElement.classList.add('dark')
                toggleSwitch.checked = true;
                dot.classList.add('translate-x-6');
            } else {
                document.documentElement.classList.remove('dark')
            }
            toggleSwitch.addEventListener('change', () => {
                if (toggleSwitch.checked) {
                    document.documentElement.classList.add('dark');
                    localStorage.theme = 'dark';
                    dot.classList.add('translate-x-6');
                } else {
                    document.documentElement.classList.remove('dark');
                    localStorage.theme = 'light';
                    dot.classList.remove('translate-x-6');
                }
            });
        });
    </script>
 </body>
 </html>
--- a/web/templates/login.html
+++ b/web/templates/login.html
@ -1,11 +1,12 @@
 {{define "page-content"}}
 <h2>Anmeldung</h2>
 <form>
-    <div>
+    <div class="btn-area">
-        <input name="username" placeholder="Benutzername" type="text" />
+        <input class="w-full" name="username" placeholder="Benutzername" type="text" />
-        <input name="password" placeholder="Passwort" type="password" />
+        <input class="w-full" name="password" placeholder="Passwort" type="password" />
    </div>
-    <input type="submit" value="Anmelden" hx-post="/login/" hx-target="#page-content" />
+    <input class="action-btn" type="submit" value="Anmelden" hx-post="/login" hx-target="#page-content" />
 </form>
 {{end}}
--- a/web/templates/published-articles.html
+++ b/web/templates/published-articles.html
@ -0,0 +1,13 @@
 {{define "page-content"}}
 <h2>Artikel löschen</h2>
 <div class="flex flex-col gap-4">
    {{range .}}
    <button class="btn" hx-get="/article/review-deletion/{{.ID}}" hx-target="#page-content">
        <h1 class="font-bold text-2xl">{{.Title}}</h1>
        <p>{{.Description}}</p>
    </button>
    {{end}}
    <button class="action-btn" hx-get="/hub" hx-target="#page-content">Zurück</button>
 </div>
 {{end}}
--- a/web/templates/rejected-articles.html
+++ b/web/templates/rejected-articles.html
@ -1,18 +1,16 @@
 {{define "page-content"}}
-<form>
+<h2>Abgelehnte Artikel</h2>
-    <div>
+
 <div class="flex flex-col gap-4">
    {{range .RejectedArticles}}
        <div>
    {{if index $.MyIDs .ID}}
-            <input required id="{{.ID}}" name="id" type="radio" value="{{.ID}}" />
+    <button class="btn" hx-get="/article/review-rejected/{{.ID}}" hx-target="#page-content">
-            <label for="{{.ID}}">{{.Title}}</label>
+        <h1 class="font-bold text-2xl">{{.Title}}</h1>
        <p>{{.Description}}</p>
    </button>
    {{end}}
        </div>
    {{end}}
    </div>
-    <input type="submit" value="Auswählen" hx-post="/review-rejected-article/" hx-target="#page-content" />
+    <button class="action-btn" hx-get="/hub" hx-target="#page-content">Zurück</button>
-</form>
+</div>
 <button hx-get="/hub/" hx-target="#page-content">Zurück</button>
 {{end}}
--- a/web/templates/rework-article.html
+++ b/web/templates/rework-article.html
@ -1,14 +1,31 @@
 {{define "page-content"}}
 <h2>Editor</h2>
 <form>
-    <div>
+    <div class="flex flex-col gap-y-1">
-        <input name="article-title" placeholder="Titel" type="text" value="{{.Article.Title}}" />
+        <label for="article-title">Titel</label>
-        <textarea name="article-description" placeholder="Beschreibung">{{.Article.Description}}</textarea>
+        <input name="article-title" type="text" value="{{.Article.Title}}" />
-        <textarea name="article-content" placeholder="Artikel">{{.Article.Content}}</textarea>
+    </div>
-        <input name="article-id" type="hidden" value="{{.Article.ID}}" />
+
    <div class="flex flex-col gap-y-1">
        <label for="article-description">Beschreibung</label>
        <textarea name="article-description">{{.Article.Description}}</textarea>
    </div>
    <div class="flex flex-col gap-y-1">
        <label for="easyMDE">Artikel</label>
        <textarea id="easyMDE">{{.Content}}</textarea>
        <input id="article-content" name="article-content" type="hidden" />
    </div>
    <div>
        <span>Tags</span>
        <div class="flex flex-wrap gap-x-4">
            <div>
                <input id="issue" name="issue" type="checkbox" {{if .Article.IsInIssue}}checked{{end}} />
                <label for="issue">Orient Express</label>
            </div>
            {{range .Tags}}
            <div>
                <input id="tag-{{.Name}}" name="tags" type="checkbox" value="{{.ID}}" {{if index $.Selected
@ -17,43 +34,45 @@
            </div>
            {{end}}
        </div>
    <div id="editor-images">
        <input name="article-image" type="file" hx-encoding="multipart/form-data" hx-post="/upload-image/"
            hx-swap="beforeend" hx-target="#editor-images" />
    </div>
-    <input type="submit" value="Senden" hx-post="/resubmit-article/" hx-target="#page-content" />
+    <div class="btn-area">
        <input class="action-btn" type="submit" value="Senden" hx-post="/article/resubmit/{{.Article.ID}}"
            hx-target="#page-content" />
        <button class="btn" hx-get="/hub" hx-target="#page-content">Zurück</button>
    </div>
 </form>
 <button hx-get="/hub/" hx-target="#page-content">Zurück</button>
 <script>
-    function copyToClipboard(text) {
+    document.getElementById('article-content').value = easyMDE.value();
        event.preventDefault(); // Get-Request verhindern
-        var textarea = document.createElement("textarea");
+    var easyMDE = new EasyMDE({
-        textarea.textContent = text;
+        element: document.getElementById('easyMDE'),
-        document.body.appendChild(textarea);
+        hideIcons: ['image'],
        imageTexts: {sbInit: ''},
        showIcons: ["code", "table", "upload-image"],
        uploadImage: true,
-        textarea.select();
+        imageUploadFunction: function (file, onSuccess, onError) {
-        try {
+            var formData = new FormData();
-            document.execCommand('copy');
+            formData.append('article-image', file);
        } catch (err) {
            console.warn('Fehler beim Kopieren', err);
        }
-        document.body.removeChild(textarea);
+            fetch('/article/upload-image', {
-    }
+                method: 'POST',
                body: formData
            })
                .then(response => response.json())
                .then(data => {
                    onSuccess(data);
                })
                .catch(error => {
                    onError(error);
                });
        },
    });
    easyMDE.codemirror.on("change", () => {
        document.getElementById('article-content').value = easyMDE.value();
    });
 </script>
 {{end}}
 {{define "editor-images"}}
 {{if gt (len .) 0}}
 <div>
    {{.}}
    <button onclick="copyToClipboard('{{.}}')">Kopieren</button>
 </div>
 {{end}}
 {{end}}
--- a/web/templates/show-all-users.html
+++ b/web/templates/show-all-users.html
@ -0,0 +1,24 @@
 {{define "page-content"}}
 <h2>Alle Benutzer</h2>
 <div class="flex flex-col gap-4">
    {{range .Users}}
    <button class="btn" hx-get="/user/{{$.Action}}/{{.ID}}" hx-target="#page-content">
        <h1 class="font-bold text-2xl">
            {{.UserName}}
            ({{if eq .Role 0}}
            Administrator
            {{else if eq .Role 1}}
            Herausgeber
            {{else if eq .Role 2}}
            Redakteur
            {{else}}
            Autor
            {{end}})
        </h1>
        <p>{{.FirstName}} {{.LastName}}</p>
    </button>
    {{end}}
    <button class="action-btn" hx-get="/hub" hx-target="#page-content">Zurück</button>
 </div>
 {{end}}
--- a/web/templates/to-be-deleted.html
+++ b/web/templates/to-be-deleted.html
@ -0,0 +1,36 @@
 {{define "page-content"}}
 <h2>Artikel löschen</h2>
 <div>
    <span>Titel</span>
    <div class="bg-white border mb-3 px-2 py-2 rounded-md w-full">
        {{.Title}}
    </div>
    <span>Beschreibung</span>
    <div class="bg-white border mb-3 px-2 py-2 rounded-md w-full">
        {{.Description}}
    </div>
    <span>Artikel</span>
    <div class="bg-white border mb-3 px-2 py-2 rounded-md w-full">
        <div class="prose">
            {{.Content}}
        </div>
    </div>
    <span>Tags</span>
    <div class="bg-white border mb-3 px-2 py-2 rounded-md w-full">
        {{range .Tags}}
        {{.Name}}
        <br>
        {{end}}
    </div>
    <div class="btn-area">
        <input class="action-btn" type="submit" value="Löschen" hx-get="/article/delete/{{.ID}}"
            hx-target="#page-content" />
        <button class="btn" hx-get="/hub" hx-target="#page-content">Zurück</button>
    </div>
 </div>
 {{end}}
--- a/web/templates/to-be-published.html
+++ b/web/templates/to-be-published.html
@ -1,19 +1,42 @@
 {{define "page-content"}}
-<form>
+<h2>Artikel veröffentlichen</h2>
    <h2>{{.Article.Title}}</h2>
    <p>{{.Article.Description}}</p>
    {{.Article.Content}}
-    <p>
+<div>
-        {{range .Tags}}
+    <span>Titel</span>
-        {{.Name}}
+    <div class="bg-white border mb-3 px-2 py-2 rounded-md w-full">
        {{.Article.Title}}
    </div>
    <span>Beschreibung</span>
    <div class="bg-white border mb-3 px-2 py-2 rounded-md w-full">
        {{.Article.Description}}
    </div>
    <span>Artikel</span>
    <div class="bg-white border mb-3 px-2 py-2 rounded-md w-full">
        <div class="prose">
            {{.Content}}
        </div>
    </div>
    <span>Tags</span>
    <div class="bg-white border mb-3 px-2 py-2 rounded-md w-full">
        {{if .Article.IsInIssue}}
        <span>Orient Express</span>
        <br>
        {{end}}
-    </p>
+        {{range .Tags}}
        <span>{{.Name}}</span>
        <br>
        {{end}}
    </div>
-    <input name="id" type="hidden" value="{{.Article.ID}}" />
+    <div class="btn-area">
-    <input type="submit" value="Veröffentlichen" hx-post="/publish-article/" hx-target="#page-content" />
+        <input class="action-btn" type="submit" value="Veröffentlichen" hx-get="/article/publish/{{.Article.ID}}"
-    <input type="submit" value="Ablehnen" hx-post="/reject-article/" hx-target="#page-content" />
+            hx-target="#page-content" />
-</form>
+        <input class="btn" type="submit" value="Ablehnen" hx-get="/article/reject/{{.Article.ID}}"
-
+            hx-target="#page-content" />
-<button hx-get="/hub/" hx-target="#page-content">Zurück</button>
+        <button class="btn" hx-get="/hub" hx-target="#page-content">Zurück</button>
    </div>
 </div>
 {{end}}
--- a/web/templates/unpublished-articles.html
+++ b/web/templates/unpublished-articles.html
@ -1,16 +1,13 @@
 {{define "page-content"}}
-<form>
+<h2>Unveröffentlichte Artikel</h2>
-    <div>
+
 <div class="flex flex-col gap-4">
    {{range .}}
-        <div>
+    <button class="btn" hx-get="/article/review-unpublished/{{.ID}}" hx-target="#page-content">
-            <input required id="{{.ID}}" name="id" type="radio" value="{{.ID}}" />
+        <h1 class="font-bold text-2xl">{{.Title}}</h1>
-            <label for="{{.ID}}">{{.Title}}</label>
+        <p>{{.Description}}</p>
-        </div>
+    </button>
    {{end}}
-    </div>
+    <button class="action-btn" hx-get="/hub" hx-target="#page-content">Zurück</button>
-
+</div>
    <input type="submit" value="Auswählen" hx-post="/review-unpublished-article/" hx-target="#page-content" />
 </form>
 <button hx-get="/hub/" hx-target="#page-content">Zurück</button>
 {{end}}
Author	SHA1	Message	Date
Jason Streifling	5b1f20c5bc	Merge branch 'devel'	2024-09-08 13:36:22 +02:00
Jason Streifling	013cddc157	Streamline config and make config file variable	2024-09-08 13:35:30 +02:00
Jason Streifling	523ff9d2db	Restructure hub.html to be mor organized	2024-09-08 11:00:44 +02:00
Jason Streifling	84960fdd44	Implement dark mode	2024-09-08 11:00:12 +02:00
Jason Streifling	d0c566f8df	Merge branch 'devel'	2024-09-01 21:14:05 +02:00
Jason Streifling	0a387c1087	Remove unnecessery fmt.Println that was used for debugging	2024-09-01 21:13:52 +02:00
Jason Streifling	38caf02b2c	Upgrade all dependencies	2024-09-01 20:56:30 +02:00
Jason Streifling	435157a42f	Upgrade htmx version	2024-09-01 20:52:50 +02:00
Jason Streifling	4163afb0b7	Change footer in index.html to have version number on same line as warning	2024-09-01 20:51:35 +02:00
Jason Streifling	5e586aa49a	Merge branch 'devel'	2024-09-01 18:51:33 +02:00
Jason Streifling	6cc0fb40d7	Add version number to index.html	2024-09-01 18:51:14 +02:00
Jason Streifling	66b2743d3d	Merge branch 'devel'	2024-09-01 18:48:26 +02:00
Jason Streifling	18617f1dbc	Give autogenerated articles tags as well	2024-09-01 18:48:18 +02:00
Jason Streifling	3723b2b5e6	Merge branch 'devel'	2024-09-01 18:18:18 +02:00
Jason Streifling	79ee20a50e	Allow articles to be independent of an issue and allow a title for an issue	2024-09-01 18:18:07 +02:00
Jason Streifling	e05521591b	Add route for PDF uploads	2024-09-01 18:16:26 +02:00
Jason Streifling	0c9a79e24a	Allow for PDF uploads from hub	2024-09-01 18:16:09 +02:00
Jason Streifling	ce788bfd50	Merge branch 'devel'	2024-09-01 12:54:12 +02:00
Jason Streifling	8147d9bef6	Small bug fix in build process	2024-09-01 12:54:05 +02:00
Jason Streifling	230a6278cc	Merge branch 'devel'	2024-09-01 12:49:30 +02:00
Jason Streifling	da0d65d40b	Fixed bug where no RSS feed is being generated	2024-09-01 12:27:30 +02:00
Jason Streifling	42d6e0c198	Merge branch 'devel'	2024-08-31 12:17:41 +02:00
Jason Streifling	a2d219b2c0	Don't show autogenerated articles in list for deletion	2024-08-31 12:17:30 +02:00
Jason Streifling	e1af2979af	Merge branch 'devel'	2024-08-31 11:27:15 +02:00
Jason Streifling	b02a882ed7	Fixed small bug that used article.Link instead of correct path for article deletion	2024-08-31 11:27:03 +02:00
Jason Streifling	f6dedc6f10	Merge branch 'devel'	2024-08-31 01:43:53 +02:00
Jason Streifling	edb448413b	Remove deleted article file when deleting article	2024-08-31 01:42:37 +02:00
Jason Streifling	cdf0a49550	Merge branch 'devel'	2024-08-31 01:38:28 +02:00
Jason Streifling	222b791e90	Delete Ports from article links in articles.go and issues.go	2024-08-31 01:35:39 +02:00
Jason Streifling	c3c0650210	Merge branch 'devel'	2024-08-31 01:00:55 +02:00
Jason Streifling	bc58b1be44	Fixed small bug in ServeArticle where it was looking at the link to read the file	2024-08-31 01:00:39 +02:00
Jason Streifling	ab6b9b9a4f	Add port to url of UploadArticleImage()	2024-08-31 00:52:10 +02:00
Jason Streifling	91ef195a56	Check if article has been published before adding it to RSS feed	2024-08-31 00:49:35 +02:00
Jason Streifling	d077f700d8	Merge branch 'devel'	2024-08-31 00:36:48 +02:00
Jason Streifling	e4589f3b84	Remove unnecessary mv from update.sh	2024-08-31 00:35:07 +02:00
Jason Streifling	cd67fe6df3	Delete unnecessary http:// from articles.go and issues.go	2024-08-31 00:22:32 +02:00
Jason Streifling	ec752b1c66	Merge branch 'devel'	2024-08-30 23:43:12 +02:00
Jason Streifling	4663cedec5	Store article content outside of DB and convert and serve on request from respective file	2024-08-30 23:43:01 +02:00
Jason Streifling	3f1b18c29f	Instead of having entire articles in the RSS feed, items now contain just a link	2024-08-30 21:20:29 +02:00
Jason Streifling	4a11e1a497	Add warning text to index.html	2024-08-30 18:34:40 +02:00
Jason Streifling	a33e7f9896	Move images.go from frontend to calls	2024-08-30 16:06:19 +02:00
Jason Streifling	2b2ab0d428	small bug fixes	2024-08-30 15:58:09 +02:00
Jason Streifling	c52e35bf0b	delete RSS button from hub	2024-08-30 15:44:12 +02:00
Jason Streifling	cddd88d2f6	restructure routes	2024-08-30 15:42:53 +02:00
Jason Streifling	be467521d9	Only provide link in item instead of the entire article via content	2024-08-30 15:17:14 +02:00
Jason Streifling	10d8fceb77	Fixed formatting errors in create_db.sql	2024-08-25 11:24:03 +02:00
Jason Streifling	46aef4f12f	Merge branch 'devel'	2024-08-25 10:51:35 +02:00
Jason Streifling	714cdd9aaf	Also delete article from RSS feed	2024-08-25 10:51:09 +02:00
Jason Streifling	1b29e328cf	Merge branch 'devel'	2024-08-25 06:38:55 +02:00
Jason Streifling	5474b17ce5	Added ability to delete articles	2024-08-25 06:35:15 +02:00
Jason Streifling	a318a265d4	Cleanup	2024-08-25 06:34:13 +02:00
Jason Streifling	e50cb819f3	Merge branch 'devel'	2024-08-23 21:45:30 +02:00
Jason Streifling	365d5a68a1	Added config for Firebase key	2024-08-23 21:45:10 +02:00
Jason Streifling	b451da7e8e	Fixed echo commands	2024-08-23 21:23:05 +02:00
Jason Streifling	6a4a592714	Fixed bug where tailwindcss was using a relative path	2024-08-23 21:14:25 +02:00
Jason Streifling	806cfb01bd	Fixed bug where SYSTEMD_DIR is not defined	2024-08-23 21:09:36 +02:00
Jason Streifling	c32e38ca10	Merge branch 'devel'	2024-08-23 20:57:11 +02:00
Jason Streifling	c2cadd1542	Add messages for user	2024-08-23 20:56:44 +02:00
Jason Streifling	4cb2831e9a	Minor changes	2024-08-23 20:51:33 +02:00
Jason Streifling	ee31a9f8e2	create check_dependency function	2024-08-23 20:36:01 +02:00
Jason Streifling	beec20cdda	Make sure bin and service are owned by root	2024-08-23 20:34:13 +02:00
Jason Streifling	7ef957c2d7	Added comments for during the update for more context	2024-08-18 17:41:54 +02:00
Jason Streifling	d7c8c7a43a	Merge branch 'devel'	2024-08-18 17:31:00 +02:00
Jason Streifling	d56cdc78eb	Use directories that require administrative privileges	2024-08-18 17:30:43 +02:00
Jason Streifling	151d89d9f0	Create $EXTRACTION_PATH	2024-08-18 17:10:10 +02:00
Jason Streifling	8d2944d00c	Only delete contents of $CPOLIS_PATH	2024-08-18 17:06:49 +02:00
Jason Streifling	9ddd8198ee	Use /tmp directory for downloading .tar.gz archive	2024-08-18 17:03:31 +02:00
Jason Streifling	ff6c7a66d7	Fixed a typo	2024-08-18 16:59:49 +02:00
Jason Streifling	129c85929c	Small cleanup	2024-08-18 13:56:41 +02:00
Jason Streifling	b1a6359473	Exit update script if any requirement is not met	2024-08-18 13:53:37 +02:00
Jason Streifling	b5d979dbf8	Created update script and systemd service	2024-08-18 13:49:31 +02:00
Jason Streifling	1cd3edc90c	Merge branch 'devel'	2024-08-18 12:06:29 +02:00
Jason Streifling	77e8edbe16	Relocated ShowHub from articles.go to sessions.go because it has even less to do with articles than with sessions	2024-08-18 11:46:23 +02:00
Jason Streifling	8115c50974	Fixed a bug that let users get around verification.	2024-08-18 11:40:03 +02:00
Jason Streifling	61bfa85b13	Some cleaning up	2024-08-18 11:21:42 +02:00
Jason Streifling	cd27349d04	Created package "calls" and verification for frontend and calls	2024-08-18 11:20:06 +02:00
Jason Streifling	5b41892dff	Renamed frontend/firebase.go to frontend/pdf.go	2024-08-17 21:00:00 +02:00
Jason Streifling	c7add76a12	Deleted ServePDFs() and added ServePDF()	2024-08-17 20:56:45 +02:00
Jason Streifling	f4ae2f9c04	Added rout for pdf list	2024-08-17 20:41:39 +02:00
Jason Streifling	64f85a34cb	Added pdf directory to air config	2024-08-17 20:20:16 +02:00
Jason Streifling	0c87d91df1	Small error correction	2024-08-17 20:18:53 +02:00
Jason Streifling	472f00a107	Extracted verification logic for frontend into seperate function tokenIsVerified() and created ServePDFListe()	2024-08-17 20:15:35 +02:00
Jason Streifling	bebfe994ae	First implementation of firebase auth	2024-08-17 18:21:56 +02:00
Jason Streifling	46bfd23b2a	A bit of testing with firebase	2024-08-09 17:07:27 +02:00
Jason Streifling	0afbdde077	Change to remote htmx	2024-08-09 16:20:57 +02:00
Jason Streifling	0e768c9f61	Merge branch 'devel'	2024-08-08 21:27:07 +02:00
Jason Streifling	ce43e45a6c	Deleted hints of custom preview function	2024-08-08 21:26:59 +02:00
Jason Streifling	1fcd775cc5	Merge branch 'devel'	2024-08-08 21:14:24 +02:00
Jason Streifling	203a1ed147	Implemented EasyMDE	2024-08-08 21:13:25 +02:00
Jason Streifling	ef1914ee5c	Implemented article preview	2024-08-08 21:13:25 +02:00
Jason Streifling	084b101e31	Register f.ArticlePreviewHtmlData in init()	2024-08-08 21:13:25 +02:00
Jason Streifling	b2db128aa9	Shorten lines by referencing frontend as f and backend as b	2024-08-08 21:13:25 +02:00
Jason Streifling	081e880fb6	Change structure of code tor frontend and backend one	2024-08-08 21:13:25 +02:00
Jason Streifling	32f11f57b5	Implemented EasyMDE	2024-08-08 21:09:38 +02:00
Jason Streifling	46a0cec6df	Implemented article preview	2024-07-17 23:25:57 +02:00
Jason Streifling	4e0bce37a2	Register f.ArticlePreviewHtmlData in init()	2024-07-13 14:17:40 +02:00
Jason Streifling	85e2f8b4ad	Shorten lines by referencing frontend as f and backend as b	2024-07-13 14:09:11 +02:00
Jason Streifling	d0c1e525d2	Change structure of code tor frontend and backend one	2024-07-13 13:58:36 +02:00
Jason Streifling	21fd3403b2	Added ability to delete other users	2024-04-12 08:46:34 +02:00
Jason Streifling	0f0471b84c	Read config file in addition to cli arguments	2024-04-12 07:17:13 +02:00
Jason Streifling	4b90ec9652	Let admins edit other user's profiles	2024-04-09 19:06:29 +02:00
Jason Streifling	783d59805b	Fixed small bug	2024-04-07 19:33:51 +02:00
Jason Streifling	b5f0fe8985	Added title, link and description to cli args.	2024-04-07 19:29:35 +02:00
Jason Streifling	d9bf79d5f8	Add space between first and last name	2024-04-07 19:01:21 +02:00
Jason Streifling	f98ab149a2	Added headings to all templates	2024-04-07 18:57:03 +02:00
Jason Streifling	822ca2b8ab	Use UUID as filename and strip alt off of extension	2024-04-07 18:43:09 +02:00
Jason Streifling	af65180893	Reflect new cli arg in .air.toml	2024-04-07 11:36:34 +02:00
Jason Streifling	5615210be5	Add cli arg for domain	2024-04-07 11:32:38 +02:00
Jason Streifling	b88fb1643c	Fixed bug	2024-04-07 11:12:07 +02:00
Jason Streifling	92189a4a51	Pictures are now handeled correctly	2024-04-07 10:58:07 +02:00
Jason Streifling	8dc8f02504	Changed rss package to tagged version	2024-04-04 17:17:55 +02:00
Jason Streifling	e3ce1d7b55	Simply provide RSS feed when GET request is received	2024-04-04 17:13:42 +02:00
Jason Streifling	532bc6490a	Added XML encoding	2024-04-04 17:09:29 +02:00
Jason Streifling	84fa828b38	Provide RSS feed as file when pressing the button or typing the URL	2024-04-03 21:05:12 +02:00
Jason Streifling	a3c53b1b20	Changed URL patterns to be more specific	2024-04-03 20:24:54 +02:00
Jason Streifling	ca70fa6d4d	Applied changes also to rework-article.html	2024-04-03 19:52:16 +02:00
Jason Streifling	972b8cac19	Corrected vertical gap size for tags when wrapping onto the next line	2024-04-03 19:51:27 +02:00
Jason Streifling	d0605660f7	Made tags wrap onto the next line when overflowing parent container	2024-04-03 19:48:42 +02:00
Jason Streifling	5d2d841aba	Changed tag length to 50 characters	2024-04-03 19:47:27 +02:00
Jason Streifling	d62c5a4078	Changed visual layout for to-be-published articles	2024-04-03 18:12:28 +02:00
Jason Streifling	803c5bbdbd	Slightly changed button color and changed body height to be min-100vh	2024-04-03 04:50:25 +02:00
Jason Streifling	c74bdeba72	Only show logout button in hub	2024-04-02 21:35:34 +02:00
Jason Streifling	717f1c813b	Add setup script for DB	2024-04-02 19:38:16 +02:00
Jason Streifling	52797760bb	Also, handle first user differently under the hood	2024-04-02 19:37:53 +02:00
Jason Streifling	8711ba0629	Handle first user differently from the rest	2024-04-01 19:26:18 +02:00
Jason Streifling	ed51d28c65	Corrected back button class for unpublished articles	2024-04-01 15:58:36 +02:00
Jason Streifling	7e7de28b14	Streamlined selection of rejected and unpublished articles	2024-04-01 15:42:51 +02:00
Jason Streifling	0139f7ab9a	Use ID in path rather than an invisible input when publishing, rejecting or resubmitting an article	2024-04-01 15:30:24 +02:00
Jason Streifling	7fc115bcc3	Refined look of rejected and unpublished articles	2024-04-01 14:38:31 +02:00
Jason Streifling	ae90f693f6	no more style.css	2024-04-01 14:27:42 +02:00
Jason Streifling	a730e11b4a	Styled with tailwind css	2024-04-01 14:22:59 +02:00
Jason Streifling	959e1e96b3	Fix typo	2024-03-31 05:00:57 +02:00
`@ -1,4 +1,4 @@`
	`package model`	`package backend`

	`import "fmt"`	`import "fmt"`