Incorporated issues

Corrected copyright
Disabled option to do transaction from view
2024-03-28 07:00:37 +01:00 · 2024-03-28 06:59:39 +01:00 · 2024-03-28 06:58:59 +01:00 · 2024-03-17 15:29:12 +01:00 · 2024-03-17 09:41:09 +01:00 · 2024-03-17 09:15:37 +01:00
60 changed files with 1180 additions and 3695 deletions
--- a/.air.toml
+++ b/.air.toml
@ -1,58 +0,0 @@
-root = "."
-testdata_dir = "testdata"
-tmp_dir = "tmp"
-
-[build]
-args_bin = [
-    "-articles tmp/articles",
-    "-config tmp/config.toml",
-    "-desc 'Freiheit, Gleichheit, Brüderlichkeit, Toleranz und Humanität'",
-    "-domain localhost",
-    "-firebase tmp/firebase.json",
-    "-key tmp/key.gob",
-    "-link https://distrikt-ni-st.de",
-    "-log tmp/cpolis.log",
-    "-pdfs tmp/pdfs",
-    "-pics tmp/pics",
-    "-rss tmp/orientexpress_alle.rss",
-    "-title 'Freimaurer Distrikt Niedersachsen und Sachsen-Anhalt'",
-    "-web web",
-]
-bin = "./tmp/main"
-cmd = "go build -o ./tmp/main ./cmd/main.go"
-delay = 0
-exclude_dir = ["assets", "tmp", "vendor", "testdata"]
-exclude_file = []
-exclude_regex = ["_test.go"]
-exclude_unchanged = false
-follow_symlink = false
-full_bin = ""
-include_dir = []
-include_ext = ["go", "tpl", "tmpl", "html", "css"]
-include_file = []
-kill_delay = "0s"
-log = "build-errors.log"
-poll = false
-poll_interval = 0
-rerun = false
-rerun_delay = 500
-send_interrupt = false
-stop_on_error = false
-
-[color]
-app = ""
-build = "yellow"
-main = "magenta"
-runner = "green"
-watcher = "cyan"
-
-[log]
-main_only = false
-time = false
-
-[misc]
-clean_on_exit = false
-
-[screen]
-clear_on_rebuild = false
-keep_scroll = true
--- a/.gitignore
+++ b/.gitignore
@ -23,4 +23,3 @@ go.work

 # Custom stuff
 tmp/
-style.css
--- a/README.md
+++ b/README.md
@ -1,18 +1,3 @@
 # cpolis

-cpolis is an application written in Go to serve as the backend of the Orient
-Express magazine.
-
-## Installation
-
-You should have the following packages installed:
-
- Go >= 1.22
- MariaDB
-
-Enable and start the MariaDB service.
-
-    sudo systemctl enable --now mariadb.service
-
-Set up a dedicated MariaDB user for cpolis.
-
+cpolis is an application written in Go to serve as the backend of the Orient Express magazine.
--- a/cmd/backend/config.go
+++ b/cmd/backend/config.go
@ -1,247 +0,0 @@
-package backend
-
-import (
-	"flag"
-	"fmt"
-	"io/fs"
-	"os"
-	"path/filepath"
-	"strings"
-
-	"github.com/BurntSushi/toml"
-)
-
-type Config struct {
-	ArticleDir  string
-	ConfigFile  string
-	DBName      string
-	Description string
-	Domain      string
-	FirebaseKey string
-	KeyFile     string
-	Link        string
-	LogFile     string
-	PDFDir      string
-	PicsDir     string
-	Port        string
-	RSSFile     string
-	Title       string
-	WebDir      string
-}
-
-func newConfig() *Config {
-	return &Config{
-		ArticleDir:  "/var/www/cpolis/articles",
-		ConfigFile:  "/etc/cpolis/config.toml",
-		DBName:      "cpolis",
-		FirebaseKey: "/var/www/cpolis/serviceAccountKey.json",
-		KeyFile:     "/var/www/cpolis/cpolis.key",
-		LogFile:     "/var/log/cpolis.log",
-		PDFDir:      "/var/www/cpolis/pdfs",
-		Port:        ":8080",
-		PicsDir:     "/var/www/cpolis/pics",
-		RSSFile:     "/var/www/cpolis/cpolis.rss",
-		WebDir:      "/var/www/cpolis/web",
-	}
-}
-
-func mkDir(path string, perm fs.FileMode) (string, error) {
-	var err error
-
-	stringSlice := strings.Split(path, "/")
-	name := stringSlice[len(stringSlice)-1]
-
-	path, err = filepath.Abs(path)
-	if err != nil {
-		return "", fmt.Errorf("error finding absolute path for %v directory: %v", name, err)
-	}
-	if err = os.MkdirAll(path, perm); err != nil {
-		return "", fmt.Errorf("error creating %v directory: %v", name, err)
-	}
-
-	return path, nil
-}
-
-func mkFile(path string, filePerm, dirPerm fs.FileMode) (string, error) {
-	var err error
-
-	path, err = filepath.Abs(path)
-	if err != nil {
-		return "", fmt.Errorf("error finding absolute path for %v: %v", path, err)
-	}
-
-	stringSlice := strings.Split(path, "/")
-	_, err = os.Stat(path)
-	if os.IsNotExist(err) {
-		dir := strings.Join(stringSlice[:len(stringSlice)-1], "/")
-		if err = os.MkdirAll(dir, dirPerm); err != nil {
-			return "", fmt.Errorf("error creating %v: %v", dir, err)
-		}
-
-		fileName := stringSlice[len(stringSlice)-1]
-		file, err := os.Create(dir + "/" + fileName)
-		if err != nil {
-			return "", fmt.Errorf("error creating %v: %v", fileName, err)
-		}
-		defer file.Close()
-		if err = file.Chmod(filePerm); err != nil {
-			return "", fmt.Errorf("error setting permissions for %v: %v", fileName, err)
-		}
-	}
-
-	return path, nil
-}
-
-func (c *Config) handleCliArgs() error {
-	var port int
-	var err error
-
-	flag.StringVar(&c.ArticleDir, "articles", c.ArticleDir, "articles directory")
-	flag.StringVar(&c.ConfigFile, "config", c.ConfigFile, "config file")
-	flag.StringVar(&c.DBName, "db", c.DBName, "DB name")
-	flag.StringVar(&c.Description, "desc", c.Description, "channel description")
-	flag.StringVar(&c.Domain, "domain", c.Domain, "domain name")
-	flag.StringVar(&c.FirebaseKey, "firebase", c.FirebaseKey, "Firebase service account key file")
-	flag.StringVar(&c.KeyFile, "key", c.KeyFile, "key file")
-	flag.StringVar(&c.Link, "link", c.Link, "channel Link")
-	flag.StringVar(&c.LogFile, "log", c.LogFile, "log file")
-	flag.StringVar(&c.PDFDir, "pdfs", c.PDFDir, "pdf directory")
-	flag.StringVar(&c.PicsDir, "pics", c.PicsDir, "pictures directory")
-	flag.StringVar(&c.RSSFile, "rss", c.RSSFile, "RSS file")
-	flag.StringVar(&c.Title, "title", c.Title, "channel title")
-	flag.StringVar(&c.WebDir, "web", c.WebDir, "web directory")
-	flag.IntVar(&port, "port", port, "port")
-	flag.Parse()
-
-	c.Port = fmt.Sprint(":", port)
-	c.ConfigFile, err = mkFile(c.ConfigFile, 0600, 0700)
-	if err != nil {
-		return fmt.Errorf("error setting up file: %v", err)
-	}
-
-	return nil
-}
-
-func (c *Config) handleFile(configFile string) error {
-	_, err := toml.DecodeFile(configFile, c)
-	if err != nil {
-		return fmt.Errorf("error reading config file: %v", err)
-	}
-
-	return nil
-}
-
-func (c *Config) setupConfig(cliConfig *Config) error {
-	var err error
-	defaultConfig := newConfig()
-
-	if cliConfig.ArticleDir != defaultConfig.ArticleDir {
-		c.ArticleDir = cliConfig.ArticleDir
-	}
-	c.ArticleDir, err = mkDir(c.ArticleDir, 0700)
-	if err != nil {
-		return fmt.Errorf("error setting up directory: %v", err)
-	}
-
-	if cliConfig.DBName != defaultConfig.DBName {
-		c.DBName = cliConfig.DBName
-	}
-
-	if cliConfig.Description != defaultConfig.Description {
-		c.Description = cliConfig.Description
-	}
-
-	if cliConfig.Domain != defaultConfig.Domain {
-		c.Domain = cliConfig.Domain
-	}
-
-	if cliConfig.FirebaseKey != defaultConfig.FirebaseKey {
-		c.FirebaseKey = cliConfig.FirebaseKey
-	}
-	c.FirebaseKey, err = mkFile(c.FirebaseKey, 0600, 0700)
-	if err != nil {
-		return fmt.Errorf("error setting up file: %v", err)
-	}
-
-	if cliConfig.KeyFile != defaultConfig.KeyFile {
-		c.KeyFile = cliConfig.KeyFile
-	}
-	c.KeyFile, err = mkFile(c.KeyFile, 0600, 0700)
-	if err != nil {
-		return fmt.Errorf("error setting up file: %v", err)
-	}
-
-	if cliConfig.Link != defaultConfig.Link {
-		c.Link = cliConfig.Link
-	}
-
-	if cliConfig.LogFile != defaultConfig.LogFile {
-		c.LogFile = cliConfig.LogFile
-	}
-	c.LogFile, err = mkFile(c.LogFile, 0600, 0700)
-	if err != nil {
-		return fmt.Errorf("error setting up file: %v", err)
-	}
-
-	if cliConfig.PDFDir != defaultConfig.PDFDir {
-		c.PDFDir = cliConfig.PDFDir
-	}
-	c.PDFDir, err = mkDir(c.PDFDir, 0700)
-	if err != nil {
-		return fmt.Errorf("error setting up directory: %v", err)
-	}
-
-	if cliConfig.PicsDir != defaultConfig.PicsDir {
-		c.PicsDir = cliConfig.PicsDir
-	}
-	c.PicsDir, err = mkDir(c.PicsDir, 0700)
-	if err != nil {
-		return fmt.Errorf("error setting up directory: %v", err)
-	}
-
-	if cliConfig.Port != defaultConfig.Port {
-		c.Port = cliConfig.Port
-	}
-
-	if cliConfig.RSSFile != defaultConfig.RSSFile {
-		c.RSSFile = cliConfig.RSSFile
-	}
-	c.RSSFile, err = mkFile(c.RSSFile, 0600, 0700)
-	if err != nil {
-		return fmt.Errorf("error setting up file: %v", err)
-	}
-
-	if cliConfig.Title != defaultConfig.Title {
-		c.Title = cliConfig.Title
-	}
-
-	if cliConfig.WebDir != defaultConfig.WebDir {
-		c.WebDir = cliConfig.WebDir
-	}
-	c.WebDir, err = mkDir(c.WebDir, 0700)
-	if err != nil {
-		return fmt.Errorf("error setting up directory: %v", err)
-	}
-
-	return nil
-}
-
-func HandleConfig() (*Config, error) {
-	config := newConfig()
-	cliConfig := newConfig()
-
-	if err := cliConfig.handleCliArgs(); err != nil {
-		return nil, fmt.Errorf("error handling cli arguments: %v", err)
-	}
-
-	err := config.handleFile(cliConfig.ConfigFile)
-	if err != nil {
-		return nil, fmt.Errorf("error reading configuration file: %v", err)
-	}
-
-	if err = config.setupConfig(cliConfig); err != nil {
-		return nil, fmt.Errorf("error setting up files: %v", err)
-	}
-
-	return config, nil
-}
--- a/cmd/backend/firebase.go
+++ b/cmd/backend/firebase.go
@ -1,44 +0,0 @@
-package backend
-
-import (
-	"context"
-
-	firebase "firebase.google.com/go/v4"
-	"firebase.google.com/go/v4/auth"
-	"google.golang.org/api/option"
-)
-
-type Client struct {
-	*auth.Client
-}
-
-func NewClient(c *Config) (*Client, error) {
-	var err error
-
-	client := new(Client)
-	ctx := context.Background()
-	opt := option.WithCredentialsFile(c.FirebaseKey)
-
-	app, err := firebase.NewApp(ctx, nil, opt)
-	if err != nil {
-		return nil, err
-	}
-
-	client.Client, err = app.Auth(ctx)
-	if err != nil {
-		return nil, err
-	}
-
-	return client, nil
-}
-
-func (c *Client) Verify(idToken string) (*auth.Token, error) {
-	ctx := context.Background()
-
-	token, err := c.VerifyIDTokenAndCheckRevoked(ctx, idToken)
-	if err != nil {
-		return nil, err
-	}
-
-	return token, nil
-}
--- a/cmd/backend/rss.go
+++ b/cmd/backend/rss.go
@ -1,103 +0,0 @@
-package backend
-
-import (
-	"fmt"
-	"io"
-	"os"
-	"time"
-
-	"git.streifling.com/jason/rss"
-)
-
-func GenerateRSS(c *Config, db *DB) (*string, error) {
-	channel := &rss.Channel{
-		Title:       c.Title,
-		Link:        c.Link,
-		Description: c.Description,
-		Items:       make([]*rss.Item, 0),
-	}
-
-	articles, err := db.GetCertainArticles(true, false)
-	if err != nil {
-		return nil, fmt.Errorf("error getting published articles for RSS feed: %v", err)
-	}
-
-	for _, article := range articles {
-		tags, err := db.GetArticleTags(article.ID)
-		if err != nil {
-			return nil, fmt.Errorf("error getting tags for articles for RSS feed: %v", err)
-		}
-		tagNames := make([]string, 0)
-		for _, tag := range tags {
-			tagNames = append(tagNames, tag.Name)
-		}
-
-		if article.IsInIssue || article.AutoGenerated {
-			tagNames = append(tagNames, fmt.Sprint("Orient Express ", article.IssueID))
-		}
-		if article.AutoGenerated {
-			tagNames = append(tagNames, "autogenerated")
-		}
-
-		user, err := db.GetUser(article.AuthorID)
-		if err != nil {
-			return nil, fmt.Errorf("error getting user user info for RSS feed: %v", err)
-		}
-
-		articleTitle, err := ConvertToPlain(article.Title)
-		if err != nil {
-			return nil, fmt.Errorf("error converting title to plain text for RSS feed: %v", err)
-		}
-
-		articleDescription, err := ConvertToPlain(article.Description)
-		if err != nil {
-			return nil, fmt.Errorf("error converting description to plain text for RSS feed: %v", err)
-		}
-
-		item := &rss.Item{
-			Author:      fmt.Sprint(user.FirstName, " ", user.LastName),
-			Categories:  tagNames,
-			Description: articleDescription,
-			Guid:        string(article.ID),
-			Link:        article.Link,
-			PubDate:     article.Created.Format(time.RFC1123Z),
-			Title:       articleTitle,
-		}
-
-		if article.AutoGenerated {
-			item.Enclosure = &rss.Enclosure{
-				Url:    article.EncURL,
-				Lenght: article.EncLength,
-				Type:   article.EncType,
-			}
-		}
-
-		channel.Items = append(channel.Items, item)
-	}
-
-	feed := rss.NewFeed()
-	feed.Channels = append(feed.Channels, channel)
-	rss, err := feed.ToXML("UTF-8")
-	if err != nil {
-		return nil, fmt.Errorf("error converting RSS feed to XML: %v", err)
-	}
-
-	return &rss, nil
-}
-
-func SaveRSS(filename string, feed *string) error {
-	file, err := os.Create(filename)
-	if err != nil {
-		return fmt.Errorf("error creating file for RSS feed: %v", err)
-	}
-	defer file.Close()
-	if err = file.Chmod(0644); err != nil {
-		return fmt.Errorf("error setting permissions for RSS file: %v", err)
-	}
-
-	if _, err = io.WriteString(file, *feed); err != nil {
-		return fmt.Errorf("error writing to RSS file: %v", err)
-	}
-
-	return nil
-}
--- a/cmd/backend/users.go
+++ b/cmd/backend/users.go
@ -1,380 +0,0 @@
-package backend
-
-import (
-	"context"
-	"database/sql"
-	"fmt"
-	"log"
-
-	"golang.org/x/crypto/bcrypt"
-)
-
-const (
-	Admin = iota
-	Publisher
-	Editor
-	Author
-	NonExistent
-)
-
-type User struct {
-	UserName  string
-	FirstName string
-	LastName  string
-	ID        int64
-	Role      int
-}
-
-func (db *DB) AddUser(u *User, pass string) (int64, error) {
-	hashedPass, err := bcrypt.GenerateFromPassword([]byte(pass), bcrypt.DefaultCost)
-	if err != nil {
-		return 0, fmt.Errorf("error creating password hash: %v", err)
-	}
-
-	query := `
-    INSERT INTO users (username, password, first_name, last_name, role)
-    VALUES (?, ?, ?, ?, ?)
-    `
-	result, err := db.Exec(query, u.UserName, string(hashedPass), u.FirstName, u.LastName, u.Role)
-	if err != nil {
-		return 0, fmt.Errorf("error inserting new user %v into DB: %v", u.UserName, err)
-	}
-	id, err := result.LastInsertId()
-	if err != nil {
-		return 0, fmt.Errorf("error inserting user into DB: %v", err)
-	}
-
-	return id, nil
-}
-
-func (db *DB) GetID(userName string) (int64, bool) {
-	var id int64
-
-	query := `
-    SELECT id
-    FROM users
-    WHERE username = ?
-    `
-	row := db.QueryRow(query, userName)
-	if err := row.Scan(&id); err != nil {
-		return 0, false
-	}
-
-	return id, true
-}
-
-func (db *DB) CheckPassword(id int64, pass string) error {
-	var queriedPass string
-
-	query := `
-    SELECT password
-    FROM users
-    WHERE id = ?
-    `
-	row := db.QueryRow(query, id)
-	if err := row.Scan(&queriedPass); err != nil {
-		return fmt.Errorf("error reading password from DB: %v", err)
-	}
-
-	if err := bcrypt.CompareHashAndPassword([]byte(queriedPass), []byte(pass)); err != nil {
-		return fmt.Errorf("incorrect password: %v", err)
-	}
-
-	return nil
-}
-
-func (tx *Tx) ChangePassword(id int64, oldPass, newPass string) error {
-	var queriedPass string
-	getQuery := `
-    SELECT password
-    FROM users
-    WHERE id = ?
-    `
-	row := tx.QueryRow(getQuery, id)
-	if err := row.Scan(&queriedPass); err != nil {
-		if rollbackErr := tx.Rollback(); rollbackErr != nil {
-			log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
-		}
-		return fmt.Errorf("error reading password from DB: %v", err)
-	}
-
-	if err := bcrypt.CompareHashAndPassword([]byte(queriedPass), []byte(oldPass)); err != nil {
-		if rollbackErr := tx.Rollback(); rollbackErr != nil {
-			log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
-		}
-		return fmt.Errorf("incorrect password: %v", err)
-	}
-
-	newHashedPass, err := bcrypt.GenerateFromPassword([]byte(newPass), bcrypt.DefaultCost)
-	if err != nil {
-		if rollbackErr := tx.Rollback(); rollbackErr != nil {
-			log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
-		}
-		return fmt.Errorf("error creating password hash: %v", err)
-	}
-
-	setQuery := `
-    UPDATE users
-    SET password = ?
-    WHERE id = ?
-    `
-	if _, err = tx.Exec(setQuery, string(newHashedPass), id); err != nil {
-		if rollbackErr := tx.Rollback(); rollbackErr != nil {
-			log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
-		}
-		return fmt.Errorf("error updating password in DB: %v", err)
-	}
-
-	return nil
-}
-
-// TODO: No need for ID field in general
-func (db *DB) GetUser(id int64) (*User, error) {
-	user := new(User)
-	query := `
-    SELECT id, username, first_name, last_name, role
-    FROM users
-    WHERE id = ?
-    `
-
-	row := db.QueryRow(query, id)
-	if err := row.Scan(&user.ID, &user.UserName, &user.FirstName,
-		&user.LastName, &user.Role); err != nil {
-		return nil, fmt.Errorf("error reading user information: %v", err)
-	}
-
-	return user, nil
-}
-
-func (db *DB) UpdateOwnAttributes(id int64, user, first, last, oldPass, newPass, newPass2 string) error {
-	passwordEmpty := true
-	if len(newPass) > 0 || len(newPass2) > 0 {
-		if newPass != newPass2 {
-			return fmt.Errorf("error: passwords do not match")
-		}
-		passwordEmpty = false
-	}
-
-	tx := new(Tx)
-	var err error
-
-	for i := 0; i < TxMaxRetries; i++ {
-		err := func() error {
-			tx.Tx, err = db.Begin()
-			if err != nil {
-				return fmt.Errorf("error starting transaction: %v", err)
-			}
-
-			if !passwordEmpty {
-				if err = tx.ChangePassword(id, oldPass, newPass); err != nil {
-					if rollbackErr := tx.Rollback(); rollbackErr != nil {
-						log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
-					}
-					return fmt.Errorf("error changing password: %v", err)
-				}
-			}
-
-			if err = tx.UpdateAttributes(
-				&Attribute{Table: "users", ID: id, AttName: "username", Value: user},
-				&Attribute{Table: "users", ID: id, AttName: "first_name", Value: first},
-				&Attribute{Table: "users", ID: id, AttName: "last_name", Value: last},
-			); err != nil {
-				if rollbackErr := tx.Rollback(); rollbackErr != nil {
-					log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
-				}
-				return fmt.Errorf("error updating attributes in DB: %v", err)
-			}
-
-			if err = tx.Commit(); err != nil {
-				return fmt.Errorf("error committing transaction: %v", err)
-			}
-
-			return nil
-		}()
-		if err == nil {
-			return nil
-		}
-
-		log.Println(err)
-		wait(i)
-	}
-
-	return fmt.Errorf("error: %v unsuccessful retries for DB operation, aborting", TxMaxRetries)
-}
-
-func (db *DB) AddFirstUser(u *User, pass string) (int64, error) {
-	var numUsers int64
-	txOptions := &sql.TxOptions{Isolation: sql.LevelSerializable}
-	selectQuery := "SELECT COUNT(*) FROM users"
-	insertQuery := `
-    INSERT INTO users (username, password, first_name, last_name, role)
-    VALUES (?, ?, ?, ?, ?)
-    `
-
-	for i := 0; i < TxMaxRetries; i++ {
-		id, err := func() (int64, error) {
-			tx, err := db.BeginTx(context.Background(), txOptions)
-			if err != nil {
-				return 0, fmt.Errorf("error starting transaction: %v", err)
-			}
-
-			if err := tx.QueryRow(selectQuery).Scan(&numUsers); err != nil {
-				if rollbackErr := tx.Rollback(); rollbackErr != nil {
-					log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
-				}
-				return 0, fmt.Errorf("error getting ID of %v: %v", u.UserName, err)
-			}
-			if numUsers != 0 {
-				if err = tx.Commit(); err != nil {
-					return 0, fmt.Errorf("error committing transaction: %v", err)
-				}
-				return 2, nil
-			}
-
-			hashedPass, err := bcrypt.GenerateFromPassword([]byte(pass), bcrypt.DefaultCost)
-			if err != nil {
-				if rollbackErr := tx.Rollback(); rollbackErr != nil {
-					log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
-				}
-				return 0, fmt.Errorf("error creating password hash: %v", err)
-			}
-
-			result, err := tx.Exec(insertQuery, u.UserName, string(hashedPass), u.FirstName, u.LastName, u.Role)
-			if err != nil {
-				if rollbackErr := tx.Rollback(); rollbackErr != nil {
-					log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
-				}
-				return 0, fmt.Errorf("error inserting new user %v into DB: %v", u.UserName, err)
-			}
-
-			id, err := result.LastInsertId()
-			if err != nil {
-				if rollbackErr := tx.Rollback(); rollbackErr != nil {
-					log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
-				}
-				return 0, fmt.Errorf("error inserting user into DB: %v", err)
-			}
-
-			if err = tx.Commit(); err != nil {
-				return 0, fmt.Errorf("error committing transaction: %v", err)
-			}
-			return id, nil
-		}()
-		if err == nil {
-			return id, nil
-		}
-
-		log.Println(err)
-		wait(i)
-	}
-	return 0, fmt.Errorf("error: %v unsuccessful retries for DB operation, aborting", TxMaxRetries)
-}
-
-func (db *DB) GetAllUsers() (map[int64]*User, error) {
-	query := "SELECT id, username, first_name, last_name, role FROM users"
-
-	rows, err := db.Query(query)
-	if err != nil {
-		return nil, fmt.Errorf("error getting all users from DB: %v", err)
-	}
-
-	users := make(map[int64]*User, 0)
-	for rows.Next() {
-		user := new(User)
-		if err = rows.Scan(&user.ID, &user.UserName, &user.FirstName,
-			&user.LastName, &user.Role); err != nil {
-			return nil, fmt.Errorf("error getting user info: %v", err)
-		}
-		users[user.ID] = user
-	}
-
-	return users, nil
-}
-
-func (tx *Tx) SetPassword(id int64, newPass string) error {
-	hashedPass, err := bcrypt.GenerateFromPassword([]byte(newPass), bcrypt.DefaultCost)
-	if err != nil {
-		if rollbackErr := tx.Rollback(); rollbackErr != nil {
-			log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
-		}
-		return fmt.Errorf("error creating password hash: %v", err)
-	}
-
-	setQuery := "UPDATE users SET password = ? WHERE id = ?"
-	if _, err = tx.Exec(setQuery, string(hashedPass), id); err != nil {
-		if rollbackErr := tx.Rollback(); rollbackErr != nil {
-			log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
-		}
-		return fmt.Errorf("error updating password in DB: %v", err)
-	}
-
-	return nil
-}
-
-func (db *DB) UpdateUserAttributes(id int64, user, first, last, newPass, newPass2 string, role int) error {
-	passwordEmpty := true
-	if len(newPass) > 0 || len(newPass2) > 0 {
-		if newPass != newPass2 {
-			return fmt.Errorf("error: passwords do not match")
-		}
-		passwordEmpty = false
-	}
-
-	tx := new(Tx)
-	var err error
-
-	for i := 0; i < TxMaxRetries; i++ {
-		err := func() error {
-			tx.Tx, err = db.Begin()
-			if err != nil {
-				return fmt.Errorf("error starting transaction: %v", err)
-			}
-
-			if !passwordEmpty {
-				if err = tx.SetPassword(id, newPass); err != nil {
-					if rollbackErr := tx.Rollback(); rollbackErr != nil {
-						log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
-					}
-					return fmt.Errorf("error changing password: %v", err)
-				}
-			}
-
-			if err = tx.UpdateAttributes(
-				&Attribute{Table: "users", ID: id, AttName: "username", Value: user},
-				&Attribute{Table: "users", ID: id, AttName: "first_name", Value: first},
-				&Attribute{Table: "users", ID: id, AttName: "last_name", Value: last},
-				&Attribute{Table: "users", ID: id, AttName: "role", Value: role},
-			); err != nil {
-				if rollbackErr := tx.Rollback(); rollbackErr != nil {
-					log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
-				}
-				return fmt.Errorf("error updating attributes in DB: %v", err)
-			}
-
-			if err = tx.Commit(); err != nil {
-				return fmt.Errorf("error committing transaction: %v", err)
-			}
-
-			return nil
-		}()
-		if err == nil {
-			return nil
-		}
-
-		log.Println(err)
-		wait(i)
-	}
-
-	return fmt.Errorf("error: %v unsuccessful retries for DB operation, aborting", TxMaxRetries)
-}
-
-func (db *DB) DeleteUser(id int64) error {
-	query := "DELETE FROM users WHERE id = ?"
-
-	_, err := db.Exec(query, id)
-	if err != nil {
-		return fmt.Errorf("error deleting user %v from DB: %v", id, err)
-	}
-
-	return nil
-}
--- a/cmd/calls/articles.go
+++ b/cmd/calls/articles.go
@ -1,55 +0,0 @@
-package calls
-
-import (
-	"fmt"
-	"log"
-	"net/http"
-	"os"
-	"strconv"
-
-	b "streifling.com/jason/cpolis/cmd/backend"
-)
-
-func ServeArticle(c *b.Config, db *b.DB) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		if !tokenIsVerified(w, r, c) {
-			return
-		}
-
-		idString := r.PathValue("id")
-		id, err := strconv.ParseInt(idString, 10, 64)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		article, err := db.GetArticle(id)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		if !article.Published {
-			return
-		}
-
-		articleAbsName := fmt.Sprint(c.ArticleDir, "/", article.ID, ".md")
-		contentBytes, err := os.ReadFile(articleAbsName)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		content, err := b.ConvertToHTML(string(contentBytes))
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		fmt.Fprint(w, content)
-	}
-}
--- a/cmd/calls/images.go
+++ b/cmd/calls/images.go
@ -1,26 +0,0 @@
-package calls
-
-import (
-	"log"
-	"net/http"
-	"path/filepath"
-
-	b "streifling.com/jason/cpolis/cmd/backend"
-)
-
-func ServeImage(c *b.Config, s *b.CookieStore) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		if !tokenIsVerified(w, r, c) {
-			return
-		}
-
-		absFilepath, err := filepath.Abs(c.PicsDir)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		http.ServeFile(w, r, absFilepath+"/"+r.PathValue("pic"))
-	}
-}
--- a/cmd/calls/pdf.go
+++ b/cmd/calls/pdf.go
@ -1,48 +0,0 @@
-package calls
-
-import (
-	"encoding/json"
-	"fmt"
-	"log"
-	"net/http"
-	"os"
-
-	b "streifling.com/jason/cpolis/cmd/backend"
-)
-
-func ServePDFList(c *b.Config) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		if !tokenIsVerified(w, r, c) {
-			return
-		}
-
-		files, err := os.ReadDir(c.PDFDir)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		fileNames := make([]string, 0)
-		for _, file := range files {
-			fileNames = append(fileNames, file.Name())
-		}
-
-		w.Header().Set("Content-Type", "application/json")
-		if err = json.NewEncoder(w).Encode(fileNames); err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-	}
-}
-
-func ServePDF(c *b.Config) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		if !tokenIsVerified(w, r, c) {
-			return
-		}
-
-		http.ServeFile(w, r, fmt.Sprint(c.PDFDir, "/", r.PathValue("id")))
-	}
-}
--- a/cmd/calls/rss.go
+++ b/cmd/calls/rss.go
@ -1,17 +0,0 @@
-package calls
-
-import (
-	"net/http"
-
-	b "streifling.com/jason/cpolis/cmd/backend"
-)
-
-func ServeRSS(c *b.Config) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		if !tokenIsVerified(w, r, c) {
-			return
-		}
-
-		http.ServeFile(w, r, c.RSSFile)
-	}
-}
--- a/cmd/calls/verification.go
+++ b/cmd/calls/verification.go
@ -1,34 +0,0 @@
-package calls
-
-import (
-	"log"
-	"net/http"
-
-	b "streifling.com/jason/cpolis/cmd/backend"
-)
-
-// tokenIsVerified verifies that a request is authorized. It returns a bool.
-func tokenIsVerified(w http.ResponseWriter, r *http.Request, c *b.Config) bool {
-	idToken := r.Header.Get("Authorization")
-	if idToken == "" {
-		log.Println("Authorization header missing")
-		http.Error(w, "Authorization header missing", http.StatusUnauthorized)
-		return false
-	}
-
-	client, err := b.NewClient(c)
-	if err != nil {
-		log.Println(err)
-		http.Error(w, err.Error(), http.StatusInternalServerError)
-		return false
-	}
-
-	_, err = client.Verify(idToken)
-	if err != nil {
-		log.Println(err)
-		http.Error(w, err.Error(), http.StatusUnauthorized)
-		return false
-	}
-
-	return true
-}
--- a/cmd/control/markdown.go
+++ b/cmd/control/markdown.go
@ -1,4 +1,4 @@
-package backend
+package control

 import (
 	"bytes"
--- a/cmd/control/rss.go
+++ b/cmd/control/rss.go
@ -0,0 +1,50 @@
+package control
+
+import (
+	"fmt"
+	"time"
+
+	"git.streifling.com/jason/rss"
+	"streifling.com/jason/cpolis/cmd/model"
+)
+
+func GetChannel(db *model.DB, title, link, description string) (*rss.Channel, error) {
+	channel := &rss.Channel{
+		Title:       title,
+		Link:        link,
+		Description: description,
+		Items:       make([]*rss.Item, 0),
+	}
+
+	articles, err := db.GetCertainArticles(true, false)
+	if err != nil {
+		return nil, fmt.Errorf("error fetching published articles: %v", err)
+	}
+
+	for _, article := range articles {
+		tags, err := db.GetArticleTags(article.ID)
+		if err != nil {
+			return nil, fmt.Errorf("error fetching tags for article %v: %v", article.Title, err)
+		}
+		tagNames := make([]string, 0)
+		for _, tag := range tags {
+			tagNames = append(tagNames, tag.Name)
+		}
+
+		user, err := db.GetUser(article.AuthorID)
+		if err != nil {
+			return nil, fmt.Errorf("error finding user %v: %v", article.AuthorID, err)
+		}
+
+		channel.Items = append(channel.Items, &rss.Item{
+			Title:       article.Title,
+			Author:      user.FirstName + user.LastName,
+			PubDate:     article.Created.Format(time.RFC1123Z),
+			Description: article.Description,
+			Content:     &rss.Content{Value: article.Content},
+			Categories:  tagNames,
+		})
+	}
+
+	return channel, nil
+}
--- a/cmd/control/sessions.go
+++ b/cmd/control/sessions.go
@ -1,4 +1,4 @@
-package backend
+package control

 import (
 	"crypto/rand"
--- a/cmd/frontend/articles.go
+++ b/cmd/frontend/articles.go
@ -1,643 +0,0 @@
-package frontend
-
-import (
-	"encoding/json"
-	"fmt"
-	"html/template"
-	"io"
-	"log"
-	"net/http"
-	"os"
-	"path/filepath"
-	"strconv"
-	"strings"
-	"time"
-
-	"github.com/google/uuid"
-	b "streifling.com/jason/cpolis/cmd/backend"
-)
-
-const (
-	EditMode = iota
-	PreviewMode
-)
-
-func WriteArticle(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		session, err := getSession(w, r, c, s)
-		if err != nil {
-			return
-		}
-
-		type editorHTMLData struct {
-			Title       string
-			Description string
-			Content     string
-			HTMLContent template.HTML
-			Tags        []*b.Tag
-			Mode        int
-		}
-
-		var data editorHTMLData
-		if session.Values["article"] == nil {
-			data = editorHTMLData{}
-		} else {
-			data = session.Values["article"].(editorHTMLData)
-		}
-		data.Mode = EditMode
-
-		data.Tags, err = db.GetTagList()
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		tmpl, err := template.ParseFiles(c.WebDir + "/templates/editor.html")
-		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", data)
-	}
-}
-
-func SubmitArticle(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		session, err := getSession(w, r, c, s)
-		if err != nil {
-			return
-		}
-
-		session.Values["article"] = nil
-		if err = session.Save(r, w); err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		article := &b.Article{
-			Title:         r.PostFormValue("article-title"),
-			Description:   r.PostFormValue("article-description"),
-			Published:     false,
-			Rejected:      false,
-			AuthorID:      session.Values["id"].(int64),
-			IsInIssue:     r.PostFormValue("issue") == "on",
-			AutoGenerated: false,
-		}
-
-		article.ID, err = db.AddArticle(article)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		articleAbsName := fmt.Sprint(c.ArticleDir, "/", article.ID, ".md")
-		if err = os.WriteFile(articleAbsName, []byte(r.PostFormValue("article-content")), 0644); err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		article.Link = fmt.Sprint(c.Domain, "/article/serve/", article.ID)
-		if err = db.UpdateAttributes(&b.Attribute{Table: "articles", ID: article.ID, AttName: "link", Value: article.Link}); err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		r.ParseForm()
-		tags := make([]int64, 0)
-		for _, tag := range r.Form["tags"] {
-			tagID, err := strconv.ParseInt(tag, 10, 64)
-			if err != nil {
-				log.Println(err)
-				http.Error(w, err.Error(), http.StatusInternalServerError)
-				return
-			}
-			tags = append(tags, tagID)
-		}
-		if err = db.WriteArticleTags(article.ID, tags); err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
-		tmpl = template.Must(tmpl, err)
-		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"])
-	}
-}
-
-func ResubmitArticle(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		session, err := getSession(w, r, c, s)
-		if err != nil {
-			return
-		}
-
-		id, err := strconv.ParseInt(r.PathValue("id"), 10, 64)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		title := r.PostFormValue("article-title")
-		description := r.PostFormValue("article-description")
-		content := r.PostFormValue("article-content")
-
-		link := fmt.Sprint(c.ArticleDir, "/", id, ".md")
-		if err = os.WriteFile(link, []byte(content), 0644); err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		if err = db.UpdateAttributes(
-			&b.Attribute{Table: "articles", ID: id, AttName: "title", Value: title},
-			&b.Attribute{Table: "articles", ID: id, AttName: "description", Value: description},
-			&b.Attribute{Table: "articles", ID: id, AttName: "rejected", Value: false},
-			&b.Attribute{Table: "articles", ID: id, AttName: "is_in_issue", Value: r.PostFormValue("issue") == "on"},
-		); err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		r.ParseForm()
-		tags := make([]int64, 0)
-		for _, tag := range r.Form["tags"] {
-			tagID, err := strconv.ParseInt(tag, 10, 64)
-			if err != nil {
-				log.Println(err)
-				http.Error(w, err.Error(), http.StatusInternalServerError)
-				return
-			}
-			tags = append(tags, tagID)
-		}
-		if err = db.UpdateArticleTags(id, tags); err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
-		tmpl = template.Must(tmpl, err)
-		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"])
-	}
-}
-
-func ShowUnpublishedArticles(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		if _, err := getSession(w, r, c, s); err != nil {
-			return
-		}
-
-		unpublishedArticles, err := db.GetCertainArticles(false, false)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		tmpl, err := template.ParseFiles(c.WebDir + "/templates/unpublished-articles.html")
-		tmpl = template.Must(tmpl, err)
-		tmpl.ExecuteTemplate(w, "page-content", unpublishedArticles)
-	}
-}
-
-func ShowRejectedArticles(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		session, err := getSession(w, r, c, s)
-		if err != nil {
-			return
-		}
-
-		type htmlData struct {
-			MyIDs            map[int64]bool
-			RejectedArticles []*b.Article
-		}
-		data := new(htmlData)
-
-		data.RejectedArticles, err = db.GetCertainArticles(false, true)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		data.MyIDs = make(map[int64]bool)
-		for _, article := range data.RejectedArticles {
-			if article.AuthorID == session.Values["id"].(int64) {
-				data.MyIDs[article.ID] = true
-			}
-		}
-
-		tmpl, err := template.ParseFiles(c.WebDir + "/templates/rejected-articles.html")
-		tmpl = template.Must(tmpl, err)
-		tmpl.ExecuteTemplate(w, "page-content", data)
-	}
-}
-
-func ReviewUnpublishedArticle(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		if _, err := getSession(w, r, c, s); err != nil {
-			return
-		}
-
-		data := new(struct {
-			Article *b.Article
-			Content template.HTML
-			Tags    []*b.Tag
-		})
-
-		id, err := strconv.ParseInt(r.PathValue("id"), 10, 64)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		data.Article, err = db.GetArticle(id)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		articleAbsName := fmt.Sprint(c.ArticleDir, "/", data.Article.ID, ".md")
-		contentBytes, err := os.ReadFile(articleAbsName)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		content, err := b.ConvertToHTML(string(contentBytes))
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-		data.Content = template.HTML(content)
-
-		data.Tags, err = db.GetArticleTags(data.Article.ID)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		tmpl, err := template.ParseFiles(c.WebDir + "/templates/to-be-published.html")
-		tmpl = template.Must(tmpl, err)
-		tmpl.ExecuteTemplate(w, "page-content", data)
-	}
-}
-
-func ReviewRejectedArticle(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		if _, err := getSession(w, r, c, s); err != nil {
-			return
-		}
-
-		data := new(struct {
-			Selected map[int64]bool
-			Article  *b.Article
-			Content  string
-			Tags     []*b.Tag
-		})
-
-		id, err := strconv.ParseInt(r.PathValue("id"), 10, 64)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		data.Article, err = db.GetArticle(id)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		articleAbsName := fmt.Sprint(c.ArticleDir, "/", data.Article.ID, ".md")
-		contentBytes, err := os.ReadFile(articleAbsName)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		data.Content = string(contentBytes)
-
-		data.Tags, err = db.GetTagList()
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		selectedTags, err := db.GetArticleTags(id)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-		data.Selected = make(map[int64]bool)
-		for _, tag := range selectedTags {
-			data.Selected[tag.ID] = true
-		}
-
-		tmpl, err := template.ParseFiles(c.WebDir + "/templates/rework-article.html")
-		tmpl = template.Must(tmpl, err)
-		tmpl.ExecuteTemplate(w, "page-content", data)
-	}
-}
-
-func PublishArticle(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		session, err := getSession(w, r, c, s)
-		if err != nil {
-			return
-		}
-
-		id, err := strconv.ParseInt(r.PathValue("id"), 10, 64)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusBadRequest)
-			return
-		}
-
-		article, err := db.GetArticle(id)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		if err = db.AddArticleToCurrentIssue(article.ID); err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		if err = db.UpdateAttributes(
-			&b.Attribute{Table: "articles", ID: id, AttName: "published", Value: true},
-			&b.Attribute{Table: "articles", ID: id, AttName: "rejected", Value: false},
-			&b.Attribute{Table: "articles", ID: id, AttName: "created", Value: time.Now().Format("2006-01-02 15:04:05")},
-		); err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		feed, err := b.GenerateRSS(c, db)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-		if err = b.SaveRSS(c.RSSFile, feed); err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
-		tmpl = template.Must(tmpl, err)
-		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"])
-	}
-}
-
-func RejectArticle(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		session, err := getSession(w, r, c, s)
-		if err != nil {
-			return
-		}
-
-		id, err := strconv.ParseInt(r.PathValue("id"), 10, 64)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		if err = db.UpdateAttributes(
-			&b.Attribute{Table: "articles", ID: id, AttName: "rejected", Value: true},
-		); err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
-		tmpl = template.Must(tmpl, err)
-		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"])
-	}
-}
-
-func ShowCurrentArticles(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		if _, err := getSession(w, r, c, s); err != nil {
-			return
-		}
-
-		articles, err := db.GetCurrentIssueArticles()
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		tmpl, err := template.ParseFiles(c.WebDir + "/templates/current-articles.html")
-		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", articles)
-	}
-}
-
-func UploadArticleImage(c *b.Config, s *b.CookieStore) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		if _, err := getSession(w, r, c, s); err != nil {
-			return
-		}
-
-		file, header, err := r.FormFile("article-image")
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusBadRequest)
-			return
-		}
-		defer file.Close()
-
-		nameStrings := strings.Split(header.Filename, ".")
-		extension := "." + nameStrings[len(nameStrings)-1]
-		filename := fmt.Sprint(uuid.New(), extension)
-		absFilepath, err := filepath.Abs(fmt.Sprint(c.PicsDir, "/", filename))
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		img, err := os.Create(absFilepath)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-		defer img.Close()
-
-		if _, err = io.Copy(img, file); err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		url := fmt.Sprint(c.Domain, "/image/serve/", filename)
-		w.Header().Set("Content-Type", "application/json")
-		json.NewEncoder(w).Encode(url)
-	}
-}
-
-func ShowPublishedArticles(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		if _, err := getSession(w, r, c, s); err != nil {
-			return
-		}
-
-		publishedArticles, err := db.GetCertainArticles(true, false)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		filteredArticles := make([]*b.Article, 0)
-		for _, article := range publishedArticles {
-			if !article.AutoGenerated {
-				filteredArticles = append(filteredArticles, article)
-			}
-		}
-
-		tmpl, err := template.ParseFiles(c.WebDir + "/templates/published-articles.html")
-		tmpl = template.Must(tmpl, err)
-		tmpl.ExecuteTemplate(w, "page-content", filteredArticles)
-	}
-}
-
-func ReviewArticleForDeletion(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		if _, err := getSession(w, r, c, s); err != nil {
-			return
-		}
-
-		type htmlData struct {
-			Title       string
-			Description string
-			Content     template.HTML
-			Tags        []*b.Tag
-			ID          int64
-		}
-
-		var err error
-		data := new(htmlData)
-
-		data.ID, err = strconv.ParseInt(r.PathValue("id"), 10, 64)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		article, err := db.GetArticle(data.ID)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		data.Title, err = b.ConvertToPlain(article.Title)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		data.Description, err = b.ConvertToPlain(article.Description)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		articleAbsName := fmt.Sprint(c.ArticleDir, "/", article.ID, ".md")
-		contentBytes, err := os.ReadFile(articleAbsName)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		content, err := b.ConvertToHTML(string(contentBytes))
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-		data.Content = template.HTML(content)
-
-		data.Tags, err = db.GetArticleTags(data.ID)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		tmpl, err := template.ParseFiles(c.WebDir + "/templates/to-be-deleted.html")
-		tmpl = template.Must(tmpl, err)
-		tmpl.ExecuteTemplate(w, "page-content", data)
-	}
-}
-
-func DeleteArticle(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		session, err := getSession(w, r, c, s)
-		if err != nil {
-			return
-		}
-
-		id, err := strconv.ParseInt(r.PathValue("id"), 10, 64)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		if err = db.DeleteArticle(id); err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		if err = os.Remove(fmt.Sprint(c.ArticleDir, "/", id, ".md")); err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		feed, err := b.GenerateRSS(c, db)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-		if err = b.SaveRSS(c.RSSFile, feed); err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
-		tmpl = template.Must(tmpl, err)
-		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"].(int))
-	}
-}
--- a/cmd/frontend/editor.go
+++ b/cmd/frontend/editor.go
@ -1,34 +0,0 @@
-package frontend
-
-import (
-	"html/template"
-	"net/http"
-
-	b "streifling.com/jason/cpolis/cmd/backend"
-)
-
-func CreateTag(c *b.Config, s *b.CookieStore) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		if _, err := getSession(w, r, c, s); err != nil {
-			return
-		}
-
-		tmpl, err := template.ParseFiles(c.WebDir + "/templates/add-tag.html")
-		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", nil)
-	}
-}
-
-func AddTag(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		session, err := getSession(w, r, c, s)
-		if err != nil {
-			return
-		}
-
-		db.AddTag(r.PostFormValue("tag"))
-
-		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
-		tmpl = template.Must(tmpl, err)
-		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"])
-	}
-}
--- a/cmd/frontend/issues.go
+++ b/cmd/frontend/issues.go
@ -1,191 +0,0 @@
-package frontend
-
-import (
-	"fmt"
-	"html/template"
-	"io"
-	"log"
-	"mime"
-	"net/http"
-	"os"
-	"path/filepath"
-	"strings"
-	"time"
-
-	"github.com/google/uuid"
-	b "streifling.com/jason/cpolis/cmd/backend"
-)
-
-func PublishLatestIssue(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		session, err := getSession(w, r, c, s)
-		if err != nil {
-			return
-		}
-
-		session.Values["article"] = nil
-		if err = session.Save(r, w); err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		if session.Values["issue-image"] == nil {
-			err := "error: Image required"
-			log.Println(err)
-			http.Error(w, err, http.StatusBadRequest)
-			return
-		}
-
-		imgFileName := session.Values["issue-image"].(string)
-		imgAbsName := fmt.Sprint(c.PicsDir, "/", imgFileName)
-
-		imgFile, err := os.Open(imgAbsName)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-		defer imgFile.Close()
-
-		imgInfo, err := imgFile.Stat()
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		imgSize := imgInfo.Size()
-		mimeType := mime.TypeByExtension(filepath.Ext(imgAbsName))
-
-		article := &b.Article{
-			Title:         r.PostFormValue("issue-title"),
-			EncURL:        fmt.Sprint(c.Domain, "/image/serve/", imgFileName),
-			EncLength:     int(imgSize),
-			EncType:       mimeType,
-			Published:     true,
-			Rejected:      false,
-			Created:       time.Now(),
-			AuthorID:      session.Values["id"].(int64),
-			AutoGenerated: true,
-		}
-
-		article.ID, err = db.AddArticle(article)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		articleAbsName := fmt.Sprint(c.ArticleDir, "/", article.ID, ".md")
-		if err = os.WriteFile(articleAbsName, []byte(r.PostFormValue("article-content")), 0644); err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		article.Link = fmt.Sprint(c.Domain, "/article/serve/", article.ID)
-		if err = db.UpdateAttributes(&b.Attribute{Table: "articles", ID: article.ID, AttName: "link", Value: article.Link}); err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		if err = db.UpdateAttributes(&b.Attribute{Table: "articles", ID: article.ID, AttName: "link", Value: article.Link}); err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		if err = db.AddArticleToCurrentIssue(article.ID); err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		if err := db.PublishLatestIssue(); err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		feed, err := b.GenerateRSS(c, db)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-		if err = b.SaveRSS(c.RSSFile, feed); err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		session.Values["issue-image"] = nil
-		if err = session.Save(r, w); err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
-		tmpl = template.Must(tmpl, err)
-		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"])
-	}
-}
-
-func UploadIssueImage(c *b.Config, s *b.CookieStore) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		session, err := getSession(w, r, c, s)
-		if err != nil {
-			return
-		}
-
-		if err := r.ParseMultipartForm(10 << 20); err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusBadRequest)
-			return
-		}
-
-		file, header, err := r.FormFile("issue-image")
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-		defer file.Close()
-
-		nameStrings := strings.Split(header.Filename, ".")
-		extension := "." + nameStrings[len(nameStrings)-1]
-		filename := fmt.Sprint(uuid.New(), extension)
-		absFilepath, err := filepath.Abs(fmt.Sprint(c.PicsDir, "/", filename))
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		img, err := os.Create(absFilepath)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-		defer img.Close()
-
-		if _, err = io.Copy(img, file); err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		session.Values["issue-image"] = filename
-		if err = session.Save(r, w); err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		w.WriteHeader(http.StatusOK)
-	}
-}
--- a/cmd/frontend/pdf.go
+++ b/cmd/frontend/pdf.go
@ -1,59 +0,0 @@
-package frontend
-
-import (
-	"fmt"
-	"io"
-	"log"
-	"net/http"
-	"os"
-	"path/filepath"
-
-	"github.com/google/uuid"
-	b "streifling.com/jason/cpolis/cmd/backend"
-)
-
-func UploadPDF(c *b.Config, s *b.CookieStore) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		if _, err := getSession(w, r, c, s); err != nil {
-			return
-		}
-
-		if err := r.ParseMultipartForm(10 << 20); err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusBadRequest)
-			return
-		}
-
-		file, _, err := r.FormFile("pdf-upload")
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-		defer file.Close()
-
-		filename := fmt.Sprint(uuid.New(), ".pdf")
-		absFilepath, err := filepath.Abs(fmt.Sprint(c.PDFDir, "/", filename))
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		pdf, err := os.Create(absFilepath)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-		defer pdf.Close()
-
-		if _, err = io.Copy(pdf, file); err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		w.WriteHeader(http.StatusOK)
-	}
-}
--- a/cmd/frontend/users.go
+++ b/cmd/frontend/users.go
@ -1,430 +0,0 @@
-package frontend
-
-import (
-	"fmt"
-	"html/template"
-	"log"
-	"net/http"
-	"strconv"
-
-	b "streifling.com/jason/cpolis/cmd/backend"
-)
-
-type UserData struct {
-	*b.User
-	Msg string
-}
-
-func checkUserStrings(user *b.User) (string, int, bool) {
-	userLen := 15
-	nameLen := 50
-
-	if len(user.UserName) > userLen {
-		return "Benutzername", userLen, false
-	} else if len(user.FirstName) > nameLen {
-		return "Vorname", nameLen, false
-	} else if len(user.LastName) > nameLen {
-		return "Nachname", nameLen, false
-	} else {
-		return "", 0, true
-	}
-}
-
-func CreateUser(c *b.Config, s *b.CookieStore) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		if _, err := getSession(w, r, c, s); err != nil {
-			return
-		}
-
-		tmpl, err := template.ParseFiles(c.WebDir + "/templates/add-user.html")
-		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", nil)
-	}
-}
-
-func AddUser(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		session, err := getSession(w, r, c, s)
-		if err != nil {
-			return
-		}
-
-		role, err := strconv.Atoi(r.PostFormValue("role"))
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		htmlData := UserData{
-			User: &b.User{
-				UserName:  r.PostFormValue("username"),
-				FirstName: r.PostFormValue("first-name"),
-				LastName:  r.PostFormValue("last-name"),
-				Role:      role,
-			},
-		}
-		pass := r.PostFormValue("password")
-		pass2 := r.PostFormValue("password2")
-
-		if len(htmlData.UserName) == 0 || len(htmlData.FirstName) == 0 ||
-			len(htmlData.LastName) == 0 || len(pass) == 0 || len(pass2) == 0 {
-			htmlData.Msg = "Alle Felder müssen ausgefüllt werden."
-			tmpl, err := template.ParseFiles(c.WebDir + "/templates/add-user.html")
-			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", htmlData)
-			return
-		}
-		userString, stringLen, ok := checkUserStrings(htmlData.User)
-		if !ok {
-			htmlData.Msg = fmt.Sprint(userString, " ist zu lang. Maximal ",
-				stringLen, " Zeichen erlaubt.")
-			tmpl, err := template.ParseFiles(c.WebDir + "/templates/add-user.html")
-			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", htmlData)
-			return
-		}
-		id, _ := db.GetID(htmlData.UserName)
-		if id != 0 {
-			htmlData.Msg = fmt.Sprint(htmlData.UserName,
-				" ist bereits vergeben. Bitte anderen Benutzernamen wählen.")
-			tmpl, err := template.ParseFiles(c.WebDir + "/templates/add-user.html")
-			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", htmlData)
-			return
-		}
-		if pass != pass2 {
-			htmlData.Msg = "Die Passwörter stimmen nicht überein."
-			tmpl, err := template.ParseFiles(c.WebDir + "/templates/add-user.html")
-			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", htmlData)
-			return
-		}
-
-		_, err = db.AddUser(htmlData.User, pass)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
-		tmpl = template.Must(tmpl, err)
-		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"].(int))
-	}
-}
-
-func EditSelf(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		session, err := getSession(w, r, c, s)
-		if err != nil {
-			return
-		}
-
-		user, err := db.GetUser(session.Values["id"].(int64))
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		tmpl, err := template.ParseFiles(c.WebDir + "/templates/edit-self.html")
-		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", user)
-	}
-}
-
-func UpdateSelf(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		session, err := getSession(w, r, c, s)
-		if err != nil {
-			return
-		}
-
-		userData := UserData{
-			User: &b.User{
-				ID:        session.Values["id"].(int64),
-				UserName:  r.PostFormValue("username"),
-				FirstName: r.PostFormValue("first-name"),
-				LastName:  r.PostFormValue("last-name"),
-			},
-		}
-		oldPass := r.PostFormValue("old-password")
-		newPass := r.PostFormValue("password")
-		newPass2 := r.PostFormValue("password2")
-
-		if len(userData.UserName) == 0 || len(userData.FirstName) == 0 ||
-			len(userData.LastName) == 0 {
-			userData.Msg = "Alle Felder mit * müssen ausgefüllt sein."
-			tmpl, err := template.ParseFiles(c.WebDir + "/templates/edit-user.html")
-			tmpl = template.Must(tmpl, err)
-			tmpl.ExecuteTemplate(w, "page-content", userData.Msg)
-			return
-		}
-
-		userString, stringLen, ok := checkUserStrings(userData.User)
-		if !ok {
-			userData.Msg = fmt.Sprint(userString, " ist zu lang. Maximal ",
-				stringLen, " Zeichen erlaubt.")
-			tmpl, err := template.ParseFiles(c.WebDir + "/templates/edit-user.html")
-			tmpl = template.Must(tmpl, err)
-			tmpl.ExecuteTemplate(w, "page-content", userData)
-			return
-		}
-
-		if id, ok := db.GetID(userData.UserName); ok {
-			if id != userData.ID {
-				userData.Msg = "Benutzername bereits vergeben."
-				userData.UserName = ""
-				tmpl, err := template.ParseFiles(c.WebDir + "/templates/edit-user.html")
-				tmpl = template.Must(tmpl, err)
-				tmpl.ExecuteTemplate(w, "page-content", userData)
-				return
-			}
-		}
-
-		if err = db.UpdateOwnAttributes(
-			userData.ID,
-			userData.UserName,
-			userData.FirstName,
-			userData.LastName,
-			oldPass,
-			newPass,
-			newPass2); err != nil {
-			userData.Msg = "Aktualisierung der Benutzerdaten fehlgeschlagen."
-			tmpl, err := template.ParseFiles(c.WebDir + "/templates/edit-user.html")
-			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", userData)
-		}
-
-		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
-		tmpl = template.Must(tmpl, err)
-		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"].(int))
-	}
-}
-
-func AddFirstUser(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		var err error
-		htmlData := UserData{
-			User: &b.User{
-				UserName:  r.PostFormValue("username"),
-				FirstName: r.PostFormValue("first-name"),
-				LastName:  r.PostFormValue("last-name"),
-				Role:      b.Admin,
-			},
-		}
-		pass := r.PostFormValue("password")
-		pass2 := r.PostFormValue("password2")
-
-		if len(htmlData.UserName) == 0 || len(htmlData.FirstName) == 0 ||
-			len(htmlData.LastName) == 0 || len(pass) == 0 || len(pass2) == 0 {
-			htmlData.Msg = "Alle Felder müssen ausgefüllt werden."
-			tmpl, err := template.ParseFiles(c.WebDir + "/templates/add-user.html")
-			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", htmlData)
-			return
-		}
-		userString, stringLen, ok := checkUserStrings(htmlData.User)
-		if !ok {
-			htmlData.Msg = fmt.Sprint(userString, " ist zu lang. Maximal ",
-				stringLen, " Zeichen erlaubt.")
-			tmpl, err := template.ParseFiles(c.WebDir + "/templates/add-user.html")
-			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", htmlData)
-			return
-		}
-		id, _ := db.GetID(htmlData.UserName)
-		if id != 0 {
-			htmlData.Msg = fmt.Sprint(htmlData.UserName,
-				" ist bereits vergeben. Bitte anderen Benutzernamen wählen.")
-			tmpl, err := template.ParseFiles(c.WebDir + "/templates/add-user.html")
-			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", htmlData)
-			return
-		}
-		if pass != pass2 {
-			htmlData.Msg = "Die Passwörter stimmen nicht überein."
-			tmpl, err := template.ParseFiles(c.WebDir + "/templates/add-user.html")
-			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", htmlData)
-			return
-		}
-
-		htmlData.ID, err = db.AddFirstUser(htmlData.User, pass)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-		if htmlData.ID > 1 {
-			errString := "error: there is already a first user"
-			log.Println(errString)
-			http.Error(w, errString, http.StatusInternalServerError)
-			return
-		}
-
-		if err := saveSession(w, r, s, htmlData.User); err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		if _, err := db.AddIssue(); err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
-		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", 0)
-	}
-}
-
-func ShowAllUsers(c *b.Config, db *b.DB, s *b.CookieStore, action string) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		session, err := getSession(w, r, c, s)
-		if err != nil {
-			return
-		}
-
-		type htmlData struct {
-			Users  map[int64]*b.User
-			Action string
-		}
-
-		data := &htmlData{Action: action}
-		data.Users, err = db.GetAllUsers()
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		delete(data.Users, session.Values["id"].(int64))
-		tmpl, err := template.ParseFiles(c.WebDir + "/templates/show-all-users.html")
-		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", data)
-	}
-}
-
-func EditUser(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		if _, err := getSession(w, r, c, s); err != nil {
-			return
-		}
-
-		id, err := strconv.ParseInt(r.PathValue("id"), 10, 64)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		user, err := db.GetUser(id)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		tmpl, err := template.ParseFiles(c.WebDir + "/templates/edit-user.html")
-		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", user)
-	}
-}
-
-func UpdateUser(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		session, err := getSession(w, r, c, s)
-		if err != nil {
-			return
-		}
-
-		id, err := strconv.ParseInt(r.PathValue("id"), 10, 64)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		role, err := strconv.Atoi(r.PostFormValue("role"))
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		userData := UserData{
-			User: &b.User{
-				ID:        id,
-				UserName:  r.PostFormValue("username"),
-				FirstName: r.PostFormValue("first-name"),
-				LastName:  r.PostFormValue("last-name"),
-				Role:      role,
-			},
-		}
-		newPass := r.PostFormValue("password")
-		newPass2 := r.PostFormValue("password2")
-
-		if len(userData.UserName) == 0 || len(userData.FirstName) == 0 ||
-			len(userData.LastName) == 0 {
-			userData.Msg = "Alle Felder mit * müssen ausgefüllt sein."
-			tmpl, err := template.ParseFiles(c.WebDir + "/templates/edit-user.html")
-			tmpl = template.Must(tmpl, err)
-			tmpl.ExecuteTemplate(w, "page-content", userData.Msg)
-			return
-		}
-
-		userString, stringLen, ok := checkUserStrings(userData.User)
-		if !ok {
-			userData.Msg = fmt.Sprint(userString, " ist zu lang. Maximal ",
-				stringLen, " Zeichen erlaubt.")
-			tmpl, err := template.ParseFiles(c.WebDir + "/templates/edit-user.html")
-			tmpl = template.Must(tmpl, err)
-			tmpl.ExecuteTemplate(w, "page-content", userData)
-			return
-		}
-
-		if id, ok := db.GetID(userData.UserName); ok {
-			if id != userData.ID {
-				userData.Msg = "Benutzername bereits vergeben."
-				userData.UserName = ""
-				tmpl, err := template.ParseFiles(c.WebDir + "/templates/edit-user.html")
-				tmpl = template.Must(tmpl, err)
-				tmpl.ExecuteTemplate(w, "page-content", userData)
-				return
-			}
-		}
-
-		if err = db.UpdateUserAttributes(
-			userData.ID,
-			userData.UserName,
-			userData.FirstName,
-			userData.LastName,
-			newPass,
-			newPass2,
-			userData.Role); err != nil {
-			userData.Msg = "Aktualisierung der Benutzerdaten fehlgeschlagen."
-			tmpl, err := template.ParseFiles(c.WebDir + "/templates/edit-user.html")
-			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", userData)
-		}
-
-		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
-		tmpl = template.Must(tmpl, err)
-		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"].(int))
-	}
-}
-
-func DeleteUser(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		session, err := getSession(w, r, c, s)
-		if err != nil {
-			return
-		}
-
-		id, err := strconv.ParseInt(r.PathValue("id"), 10, 64)
-		if err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		if err = db.DeleteUser(id); err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
-		tmpl = template.Must(tmpl, err)
-		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"].(int))
-	}
-}
--- a/cmd/frontend/verification.go
+++ b/cmd/frontend/verification.go
@ -1,29 +0,0 @@
-package frontend
-
-import (
-	"errors"
-	"html/template"
-	"net/http"
-
-	"github.com/gorilla/sessions"
-	b "streifling.com/jason/cpolis/cmd/backend"
-)
-
-// getSession is used for verifying that the user is logged in and returns their session and an error.
-func getSession(w http.ResponseWriter, r *http.Request, c *b.Config, s *b.CookieStore) (*sessions.Session, error) {
-	msg := "Keine gültige Session. Bitte erneut anmelden."
-	tmpl, tmplErr := template.ParseFiles(c.WebDir+"/templates/index.html", c.WebDir+"/templates/login.html")
-
-	session, err := s.Get(r, "cookie")
-	if err != nil {
-		template.Must(tmpl, tmplErr).ExecuteTemplate(w, "page-content", msg)
-		return nil, err
-	}
-
-	if session.IsNew {
-		template.Must(tmpl, tmplErr).ExecuteTemplate(w, "page-content", msg)
-		return session, errors.New("error: no existing session")
-	}
-
-	return session, nil
-}
--- a/cmd/main.go
+++ b/cmd/main.go
@ -6,87 +6,72 @@ import (
 	"net/http"
 	"os"

-	b "streifling.com/jason/cpolis/cmd/backend"
-	c "streifling.com/jason/cpolis/cmd/calls"
-	f "streifling.com/jason/cpolis/cmd/frontend"
+	"streifling.com/jason/cpolis/cmd/control"
+	"streifling.com/jason/cpolis/cmd/model"
+	"streifling.com/jason/cpolis/cmd/view"
 )

 func init() {
-	gob.Register(b.User{})
+	gob.Register(model.User{})
 }

 func main() {
-	config, err := b.HandleConfig()
-	if err != nil {
-		log.Fatalln(err)
-	}
-
-	logFile, err := os.OpenFile(config.LogFile, os.O_WRONLY|os.O_CREATE|os.O_APPEND, 0644)
+	logFile, err := os.OpenFile("tmp/cpolis.log",
+		os.O_WRONLY|os.O_CREATE|os.O_APPEND, 0644)
 	if err != nil {
 		log.Fatalln(err)
 	}
 	defer logFile.Close()
-	log.SetOutput(logFile)
+	// log.SetOutput(logFile)

-	db, err := b.OpenDB(config.DBName)
+	db, err := model.OpenDB("cpolis")
 	if err != nil {
 		log.Fatalln(err)
 	}
 	defer db.Close()

-	key, err := b.LoadKey(config.KeyFile)
+	key, err := control.LoadKey("tmp/key.gob")
 	if err != nil {
-		key, err = b.NewKey()
+		key, err = control.NewKey()
 		if err != nil {
 			log.Fatalln(err)
 		}
-		b.SaveKey(key, config.KeyFile)
+		control.SaveKey(key, "tmp/key.gob")
 	}
-	store := b.NewCookieStore(key)
+	store := control.NewCookieStore(key)

 	mux := http.NewServeMux()
 	mux.Handle("/web/static/", http.StripPrefix("/web/static/",
-		http.FileServer(http.Dir(config.WebDir+"/static/"))))
-	mux.HandleFunc("/", f.HomePage(config, db, store))
+		http.FileServer(http.Dir("web/static/"))))
+	mux.HandleFunc("/", view.HomePage(db, store))

-	mux.HandleFunc("GET /article/all-published", f.ShowPublishedArticles(config, db, store))
-	mux.HandleFunc("GET /article/all-rejected", f.ShowRejectedArticles(config, db, store))
-	mux.HandleFunc("GET /article/all-unpublished", f.ShowUnpublishedArticles(config, db, store))
-	mux.HandleFunc("GET /article/delete/{id}", f.DeleteArticle(config, db, store))
-	mux.HandleFunc("GET /article/publish/{id}", f.PublishArticle(config, db, store))
-	mux.HandleFunc("GET /article/reject/{id}", f.RejectArticle(config, db, store))
-	mux.HandleFunc("GET /article/review-deletion/{id}", f.ReviewArticleForDeletion(config, db, store))
-	mux.HandleFunc("GET /article/review-rejected/{id}", f.ReviewRejectedArticle(config, db, store))
-	mux.HandleFunc("GET /article/review-unpublished/{id}", f.ReviewUnpublishedArticle(config, db, store))
-	mux.HandleFunc("GET /article/serve/{id}", c.ServeArticle(config, db))
-	mux.HandleFunc("GET /article/write", f.WriteArticle(config, db, store))
-	mux.HandleFunc("GET /hub", f.ShowHub(config, db, store))
-	mux.HandleFunc("GET /image/serve/{pic}", c.ServeImage(config, store))
-	mux.HandleFunc("GET /issue/this", f.ShowCurrentArticles(config, db, store))
-	mux.HandleFunc("GET /logout", f.Logout(config, store))
-	mux.HandleFunc("GET /pdf/get-list", c.ServePDFList(config))
-	mux.HandleFunc("GET /pdf/serve/{id}", c.ServePDF(config))
-	mux.HandleFunc("GET /rss/serve", c.ServeRSS(config))
-	mux.HandleFunc("GET /tag/create", f.CreateTag(config, store))
-	mux.HandleFunc("GET /user/create", f.CreateUser(config, store))
-	mux.HandleFunc("GET /user/delete/{id}", f.DeleteUser(config, db, store))
-	mux.HandleFunc("GET /user/edit/{id}", f.EditUser(config, db, store))
-	mux.HandleFunc("GET /user/edit/self", f.EditSelf(config, db, store))
-	mux.HandleFunc("GET /user/show-all/delete", f.ShowAllUsers(config, db, store, "delete"))
-	mux.HandleFunc("GET /user/show-all/edit", f.ShowAllUsers(config, db, store, "edit"))
+	mux.HandleFunc("GET /create-tag/", view.CreateTag)
+	mux.HandleFunc("GET /create-user/", view.CreateUser)
+	mux.HandleFunc("GET /edit-user/", view.EditUser(db, store))
+	mux.HandleFunc("GET /hub/", view.ShowHub(db, store))
+	mux.HandleFunc("GET /logout/", view.Logout(store))
+	mux.HandleFunc("GET /publish-issue/", view.PublishLatestIssue(db))
+	mux.HandleFunc("GET /rejected-articles/", view.ShowRejectedArticles(db, store))
+	mux.HandleFunc("GET /rss/", view.ShowRSS(
+		db,
+		"Freimaurer Distrikt Niedersachsen und Sachsen-Anhalt",
+		"https://distrikt-ni-st.de",
+		"Freiheit, Gleichheit, Brüderlichkeit, Toleranz und Humanität",
+	))
+	mux.HandleFunc("GET /this-issue/", view.ShowCurrentArticles(db))
+	mux.HandleFunc("GET /unpublished-articles/", view.ShowUnpublishedArticles(db))
+	mux.HandleFunc("GET /write-article/", view.WriteArticle(db))

-	mux.HandleFunc("POST /article/resubmit/{id}", f.ResubmitArticle(config, db, store))
-	mux.HandleFunc("POST /article/submit", f.SubmitArticle(config, db, store))
-	mux.HandleFunc("POST /article/upload-image", f.UploadArticleImage(config, store))
-	mux.HandleFunc("POST /issue/publish", f.PublishLatestIssue(config, db, store))
-	mux.HandleFunc("POST /issue/upload-image", f.UploadIssueImage(config, store))
-	mux.HandleFunc("POST /login", f.Login(config, db, store))
-	mux.HandleFunc("POST /pdf/upload", f.UploadPDF(config, store))
-	mux.HandleFunc("POST /tag/add", f.AddTag(config, db, store))
-	mux.HandleFunc("POST /user/add", f.AddUser(config, db, store))
-	mux.HandleFunc("POST /user/add-first", f.AddFirstUser(config, db, store))
-	mux.HandleFunc("POST /user/update/{id}", f.UpdateUser(config, db, store))
-	mux.HandleFunc("POST /user/update/self", f.UpdateSelf(config, db, store))
+	mux.HandleFunc("POST /add-tag/", view.AddTag(db, store))
+	mux.HandleFunc("POST /add-user/", view.AddUser(db, store))
+	mux.HandleFunc("POST /login/", view.Login(db, store))
+	mux.HandleFunc("POST /publish-article/", view.PublishArticle(db, store))
+	mux.HandleFunc("POST /reject-article/", view.RejectArticle(db, store))
+	mux.HandleFunc("POST /resubmit-article/", view.ResubmitArticle(db, store))
+	mux.HandleFunc("POST /review-rejected-article/", view.ReviewRejectedArticle(db, store))
+	mux.HandleFunc("POST /review-unpublished-article/", view.ReviewUnpublishedArticle(db, store))
+	mux.HandleFunc("POST /submit-article/", view.SubmitArticle(db, store))
+	mux.HandleFunc("POST /update-user/", view.UpdateUser(db, store))

-	log.Fatalln(http.ListenAndServe(config.Port, mux))
+	log.Fatalln(http.ListenAndServe(":8080", mux))
 }
--- a/cmd/backend/articles.go
+++ b/cmd/backend/articles.go
@ -1,4 +1,4 @@
-package backend
+package model

 import (
 	"context"
@ -9,20 +9,15 @@ import (
 )

 type Article struct {
-	Title         string
-	Created       time.Time
-	Description   string
-	Link          string
-	EncURL        string
-	EncLength     int
-	EncType       string
-	Published     bool
-	Rejected      bool
-	ID            int64
-	AuthorID      int64
-	IssueID       int64
-	IsInIssue     bool
-	AutoGenerated bool
+	Title       string
+	Created     time.Time
+	Description string
+	Content     string
+	Published   bool
+	Rejected    bool
+	ID          int64
+	AuthorID    int64
+	IssueID     int64
 }

 func (db *DB) AddArticle(a *Article) (int64, error) {
@ -31,8 +26,8 @@ func (db *DB) AddArticle(a *Article) (int64, error) {
 	selectQuery := "SELECT id FROM issues WHERE published = false"
 	insertQuery := `
    INSERT INTO articles
-        (title, description, link, enc_url, enc_length, enc_type, published, rejected, author_id, issue_id, is_in_issue, auto_generated)
-    VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+        (title, description, content, published, rejected, author_id, issue_id)
+    VALUES (?, ?, ?, ?, ?, ?, ?)
    `

 	for i := 0; i < TxMaxRetries; i++ {
@ -49,9 +44,8 @@ func (db *DB) AddArticle(a *Article) (int64, error) {
 				return 0, fmt.Errorf("error getting issue ID when adding article to DB: %v", err)
 			}

-			result, err := tx.Exec(insertQuery, a.Title, a.Description, a.Link,
-				a.EncURL, a.EncLength, a.EncType, a.Published, a.Rejected, a.AuthorID, id,
-				a.IsInIssue, a.AutoGenerated)
+			result, err := tx.Exec(insertQuery, a.Title, a.Description,
+				a.Content, a.Published, a.Rejected, a.AuthorID, id)
 			if err != nil {
 				if rollbackErr := tx.Rollback(); rollbackErr != nil {
 					log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
@ -85,7 +79,7 @@ func (db *DB) AddArticle(a *Article) (int64, error) {

 func (db *DB) GetArticle(id int64) (*Article, error) {
 	query := `
-    SELECT title, created, description, link, enc_url, enc_length, enc_type, published, author_id, issue_id, is_in_issue, auto_generated
+    SELECT title, created, description, content, published, author_id
    FROM articles
    WHERE id = ?
    `
@ -96,9 +90,7 @@ func (db *DB) GetArticle(id int64) (*Article, error) {
 	var err error

 	if err := row.Scan(&article.Title, &created, &article.Description,
-		&article.Link, &article.EncURL, &article.EncLength, &article.EncType,
-		&article.Published, &article.AuthorID, &article.IssueID,
-		&article.IsInIssue, &article.AutoGenerated); err != nil {
+		&article.Content, &article.Published, &article.AuthorID); err != nil {
 		return nil, fmt.Errorf("error scanning article row: %v", err)
 	}

@ -113,7 +105,7 @@ func (db *DB) GetArticle(id int64) (*Article, error) {

 func (db *DB) GetCertainArticles(published, rejected bool) ([]*Article, error) {
 	query := `
-    SELECT id, title, created, description, link, enc_url, enc_length, enc_type, author_id, issue_id, is_in_issue, auto_generated
+    SELECT id, title, created, description, content, author_id
    FROM articles
    WHERE published = ?
    AND rejected = ?
@ -129,9 +121,7 @@ func (db *DB) GetCertainArticles(published, rejected bool) ([]*Article, error) {
 		var created []byte

 		if err = rows.Scan(&article.ID, &article.Title, &created,
-			&article.Description, &article.Link, &article.EncURL, &article.EncLength,
-			&article.EncType, &article.AuthorID, &article.IssueID,
-			&article.IsInIssue, &article.AutoGenerated); err != nil {
+			&article.Description, &article.Content, &article.AuthorID); err != nil {
 			return nil, fmt.Errorf("error scanning article row: %v", err)
 		}

@ -152,9 +142,9 @@ func (db *DB) GetCurrentIssueArticles() ([]*Article, error) {
 	txOptions := &sql.TxOptions{Isolation: sql.LevelSerializable}
 	issueQuery := "SELECT id FROM issues WHERE published = false"
 	articlesQuery := `
-    SELECT id, title, created, description, link, enc_url, enc_length, enc_type, author_id, auto_generated
+    SELECT id, title, created, description, content, author_id
    FROM articles
-    WHERE issue_id = ? AND published = true AND is_in_issue = true
+    WHERE issue_id = ? AND published = true
    `

 	for i := 0; i < TxMaxRetries; i++ {
@ -186,8 +176,7 @@ func (db *DB) GetCurrentIssueArticles() ([]*Article, error) {
 				var created []byte

 				if err = rows.Scan(&article.ID, &article.Title, &created,
-					&article.Description, &article.Link, &article.EncURL, &article.EncLength,
-					&article.EncType, &article.AuthorID, &article.AutoGenerated); err != nil {
+					&article.Description, &article.Content, &article.AuthorID); err != nil {
 					if rollbackErr := tx.Rollback(); rollbackErr != nil {
 						log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
 					}
@ -266,21 +255,3 @@ func (db *DB) AddArticleToCurrentIssue(id int64) error {

 	return fmt.Errorf("error: %v unsuccessful retries for DB operation, aborting", TxMaxRetries)
 }
-
-func (db *DB) DeleteArticle(id int64) error {
-	articlesTagsQuery := "DELETE FROM articles_tags WHERE article_id = ?"
-
-	_, err := db.Exec(articlesTagsQuery, id)
-	if err != nil {
-		return fmt.Errorf("error deleting article %v from DB: %v", id, err)
-	}
-
-	articlesQuery := "DELETE FROM articles WHERE id = ?"
-
-	_, err = db.Exec(articlesQuery, id)
-	if err != nil {
-		return fmt.Errorf("error deleting article %v from DB: %v", id, err)
-	}
-
-	return nil
-}
--- a/cmd/backend/articles_tags.go
+++ b/cmd/backend/articles_tags.go
@ -1,4 +1,4 @@
-package backend
+package model

 import (
 	"fmt"
@ -6,7 +6,10 @@ import (
 )

 func (db *DB) WriteArticleTags(articleID int64, tagIDs []int64) error {
-	query := "INSERT INTO articles_tags (article_id, tag_id) VALUES (?, ?)"
+	query := `
+    INSERT INTO articles_tags (article_id, tag_id)
+    VALUES (?, ?)
+    `

 	for i := 0; i < TxMaxRetries; i++ {
 		err := func() error {
@ -65,8 +68,8 @@ func (db *DB) GetArticleTags(articleID int64) ([]*Tag, error) {
 }

 func (db *DB) UpdateArticleTags(articleID int64, tagIDs []int64) error {
-	deleteQuery := "DELETE FROM articles_tags WHERE article_id = ?"
-	insertQuery := "INSERT INTO articles_tags (article_id, tag_id) VALUES (?, ?)"
+	query := `
+    `

 	for i := 0; i < TxMaxRetries; i++ {
 		err := func() error {
@ -75,22 +78,6 @@ func (db *DB) UpdateArticleTags(articleID int64, tagIDs []int64) error {
 				return fmt.Errorf("error starting transaction: %v", err)
 			}

-			if _, err := tx.Exec(deleteQuery, articleID); err != nil {
-				if rollbackErr := tx.Rollback(); rollbackErr != nil {
-					log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
-				}
-				return fmt.Errorf("error deleting entries from articles_tags before inserting new ones: %v", err)
-			}
-
-			for _, tagID := range tagIDs {
-				if _, err := tx.Exec(insertQuery, articleID, tagID); err != nil {
-					if rollbackErr := tx.Rollback(); rollbackErr != nil {
-						log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
-					}
-					return fmt.Errorf("error inserting new entries into articles_tags: %v", err)
-				}
-			}
-
 			if err = tx.Commit(); err != nil {
 				return fmt.Errorf("error committing transaction: %v", err)
 			}
--- a/cmd/backend/db.go
+++ b/cmd/backend/db.go
@ -1,4 +1,4 @@
-package backend
+package model

 import (
 	"bufio"
--- a/cmd/backend/issues.go
+++ b/cmd/backend/issues.go
@ -1,4 +1,4 @@
-package backend
+package model

 import (
 	"context"
@ -23,6 +23,7 @@ func (db *DB) AddIssue() (int64, error) {
 }

 func (db *DB) PublishLatestIssue() error {
+	var id int64
 	txOptions := &sql.TxOptions{Isolation: sql.LevelSerializable}
 	updateQuery := "UPDATE issues SET published = true WHERE published = false"
 	insertQuery := "INSERT INTO issues (published) VALUES (?)"
@ -34,7 +35,7 @@ func (db *DB) PublishLatestIssue() error {
 				return fmt.Errorf("error starting transaction: %v", err)
 			}

-			if _, err := tx.Exec(updateQuery); err != nil {
+			if _, err := tx.Exec(updateQuery, id); err != nil {
 				if rollbackErr := tx.Rollback(); rollbackErr != nil {
 					log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
 				}
--- a/cmd/backend/tags.go
+++ b/cmd/backend/tags.go
@ -1,4 +1,4 @@
-package backend
+package model

 import "fmt"

--- a/cmd/model/users.go
+++ b/cmd/model/users.go
@ -0,0 +1,200 @@
+package model
+
+import (
+	"fmt"
+	"log"
+
+	"golang.org/x/crypto/bcrypt"
+)
+
+const (
+	Admin = iota
+	Publisher
+	Editor
+	Author
+)
+
+type User struct {
+	UserName  string
+	FirstName string
+	LastName  string
+	ID        int64
+	Role      int
+}
+
+func (db *DB) AddUser(u *User, pass string) (int64, error) {
+	hashedPass, err := bcrypt.GenerateFromPassword([]byte(pass), bcrypt.DefaultCost)
+	if err != nil {
+		return 0, fmt.Errorf("error creating password hash: %v", err)
+	}
+
+	query := `
+    INSERT INTO users (username, password, first_name, last_name, role)
+    VALUES (?, ?, ?, ?, ?)
+    `
+	result, err := db.Exec(query, u.UserName, string(hashedPass), u.FirstName, u.LastName, u.Role)
+	if err != nil {
+		return 0, fmt.Errorf("error inserting new user %v into DB: %v", u.UserName, err)
+	}
+	id, err := result.LastInsertId()
+	if err != nil {
+		return 0, fmt.Errorf("error inserting user into DB: %v", err)
+	}
+
+	return id, nil
+}
+
+func (db *DB) GetID(userName string) (int64, bool) {
+	var id int64
+
+	query := `
+    SELECT id
+    FROM users
+    WHERE username = ?
+    `
+	row := db.QueryRow(query, userName)
+	if err := row.Scan(&id); err != nil {
+		return 0, false
+	}
+
+	return id, true
+}
+
+func (db *DB) CheckPassword(id int64, pass string) error {
+	var queriedPass string
+
+	query := `
+    SELECT password
+    FROM users
+    WHERE id = ?
+    `
+	row := db.QueryRow(query, id)
+	if err := row.Scan(&queriedPass); err != nil {
+		return fmt.Errorf("error reading password from DB: %v", err)
+	}
+
+	if err := bcrypt.CompareHashAndPassword([]byte(queriedPass), []byte(pass)); err != nil {
+		return fmt.Errorf("incorrect password: %v", err)
+	}
+
+	return nil
+}
+
+func (tx *Tx) ChangePassword(id int64, oldPass, newPass string) error {
+	var queriedPass string
+	getQuery := `
+    SELECT password
+    FROM users
+    WHERE id = ?
+    `
+	row := tx.QueryRow(getQuery, id)
+	if err := row.Scan(&queriedPass); err != nil {
+		if rollbackErr := tx.Rollback(); rollbackErr != nil {
+			log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
+		}
+		return fmt.Errorf("error reading password from DB: %v", err)
+	}
+
+	if err := bcrypt.CompareHashAndPassword([]byte(queriedPass), []byte(oldPass)); err != nil {
+		if rollbackErr := tx.Rollback(); rollbackErr != nil {
+			log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
+		}
+		return fmt.Errorf("incorrect password: %v", err)
+	}
+
+	newHashedPass, err := bcrypt.GenerateFromPassword([]byte(newPass), bcrypt.DefaultCost)
+	if err != nil {
+		if rollbackErr := tx.Rollback(); rollbackErr != nil {
+			log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
+		}
+		return fmt.Errorf("error creating password hash: %v", err)
+	}
+
+	setQuery := `
+    UPDATE users
+    SET password = ?
+    WHERE id = ?
+    `
+	if _, err = tx.Exec(setQuery, string(newHashedPass), id); err != nil {
+		if rollbackErr := tx.Rollback(); rollbackErr != nil {
+			log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
+		}
+		return fmt.Errorf("error updating password in DB: %v", err)
+	}
+
+	return nil
+}
+
+// TODO: No need for ID field in general
+func (db *DB) GetUser(id int64) (*User, error) {
+	user := new(User)
+	query := `
+    SELECT id, username, first_name, last_name, role
+    FROM users
+    WHERE id = ?
+    `
+
+	row := db.QueryRow(query, id)
+	if err := row.Scan(&user.ID, &user.UserName, &user.FirstName,
+		&user.LastName, &user.Role); err != nil {
+		return nil, fmt.Errorf("error reading user information: %v", err)
+	}
+
+	return user, nil
+}
+
+func (db *DB) UpdateUserAttributes(id int64, user, first, last, oldPass, newPass, newPass2 string) error {
+	passwordEmpty := true
+	if len(newPass) > 0 || len(newPass2) > 0 {
+		if newPass != newPass2 {
+			return fmt.Errorf("error: passwords do not match")
+		}
+		passwordEmpty = false
+	}
+
+	tx := new(Tx)
+	var err error
+
+	for i := 0; i < TxMaxRetries; i++ {
+		err := func() error {
+			tx.Tx, err = db.Begin()
+			if err != nil {
+				return fmt.Errorf("error starting transaction: %v", err)
+			}
+
+			if !passwordEmpty {
+				if err = tx.ChangePassword(id, oldPass, newPass); err != nil {
+					if rollbackErr := tx.Rollback(); rollbackErr != nil {
+						log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
+					}
+					return fmt.Errorf("error changing password: %v", err)
+				}
+			}
+
+			if err = tx.UpdateAttributes(
+				&Attribute{Table: "users", ID: id, AttName: "username", Value: user},
+				&Attribute{Table: "users", ID: id, AttName: "first_name", Value: first},
+				&Attribute{Table: "users", ID: id, AttName: "last_name", Value: last},
+			); err != nil {
+				if rollbackErr := tx.Rollback(); rollbackErr != nil {
+					log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr)
+				}
+				return fmt.Errorf("error updating attributes in DB: %v", err)
+			}
+
+			if err = tx.Commit(); err != nil {
+				return fmt.Errorf("error committing transaction: %v", err)
+			}
+
+			return nil
+		}()
+		if err == nil {
+			return nil
+		}
+
+		log.Println(err)
+		wait(i)
+	}
+
+	return fmt.Errorf("error: %v unsuccessful retries for DB operation, aborting", TxMaxRetries)
+}
--- a/cmd/view/articles.go
+++ b/cmd/view/articles.go
@ -0,0 +1,352 @@
+package view
+
+import (
+	"html/template"
+	"log"
+	"net/http"
+	"strconv"
+	"time"
+
+	"streifling.com/jason/cpolis/cmd/control"
+	"streifling.com/jason/cpolis/cmd/model"
+)
+
+func ShowHub(db *model.DB, s *control.CookieStore) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		session, err := s.Get(r, "cookie")
+		if err != nil {
+			tmpl, err := template.ParseFiles("web/templates/login.html")
+			msg := "Session nicht mehr gültig. Bitte erneut anmelden."
+			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg)
+		}
+
+		tmpl, err := template.ParseFiles("web/templates/hub.html")
+		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", session.Values["role"].(int))
+	}
+}
+
+func WriteArticle(db *model.DB) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		tags, err := db.GetTagList()
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		tmpl, err := template.ParseFiles("web/templates/editor.html")
+		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", tags)
+	}
+}
+
+func SubmitArticle(db *model.DB, s *control.CookieStore) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		session, err := s.Get(r, "cookie")
+		if err != nil {
+			tmpl, err := template.ParseFiles("web/templates/login.html")
+			msg := "Session nicht mehr gültig. Bitte erneut anmelden."
+			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg)
+		}
+
+		article := &model.Article{
+			Title:       r.PostFormValue("article-title"),
+			Description: r.PostFormValue("article-description"),
+			Content:     r.PostFormValue("article-content"),
+			Published:   false,
+			Rejected:    false,
+			AuthorID:    session.Values["id"].(int64),
+		}
+
+		article.ID, err = db.AddArticle(article)
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		r.ParseForm()
+		tags := make([]int64, 0)
+		for _, tag := range r.Form["tags"] {
+			tagID, err := strconv.ParseInt(tag, 10, 64)
+			if err != nil {
+				log.Println(err)
+				http.Error(w, err.Error(), http.StatusInternalServerError)
+				return
+			}
+			tags = append(tags, tagID)
+		}
+		if err = db.WriteArticleTags(article.ID, tags); err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		tmpl, err := template.ParseFiles("web/templates/hub.html")
+		tmpl = template.Must(tmpl, err)
+		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"])
+	}
+}
+
+func ResubmitArticle(db *model.DB, s *control.CookieStore) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		id, err := strconv.ParseInt(r.PostFormValue("article-id"), 10, 64)
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		title := r.PostFormValue("article-title")
+		description := r.PostFormValue("article-description")
+		content := r.PostFormValue("article-content")
+
+		if err := db.UpdateAttributes(
+			&model.Attribute{Table: "articles", ID: id, AttName: "title", Value: title},
+			&model.Attribute{Table: "articles", ID: id, AttName: "description", Value: description},
+			&model.Attribute{Table: "articles", ID: id, AttName: "content", Value: content},
+			&model.Attribute{Table: "articles", ID: id, AttName: "rejected", Value: false},
+		); err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		session, err := s.Get(r, "cookie")
+		if err != nil {
+			tmpl, err := template.ParseFiles("web/templates/login.html")
+			msg := "Session nicht mehr gültig. Bitte erneut anmelden."
+			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg)
+		}
+
+		tmpl, err := template.ParseFiles("web/templates/hub.html")
+		tmpl = template.Must(tmpl, err)
+		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"])
+	}
+}
+
+func ShowUnpublishedArticles(db *model.DB) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		unpublishedArticles, err := db.GetCertainArticles(false, false)
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		tmpl, err := template.ParseFiles("web/templates/unpublished-articles.html")
+		tmpl = template.Must(tmpl, err)
+		tmpl.ExecuteTemplate(w, "page-content", unpublishedArticles)
+	}
+}
+
+func ShowRejectedArticles(db *model.DB, s *control.CookieStore) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		type htmlData struct {
+			MyIDs            map[int64]bool
+			RejectedArticles []*model.Article
+		}
+		data := new(htmlData)
+
+		session, err := s.Get(r, "cookie")
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		data.RejectedArticles, err = db.GetCertainArticles(false, true)
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		data.MyIDs = make(map[int64]bool)
+		for _, article := range data.RejectedArticles {
+			if article.AuthorID == session.Values["id"].(int64) {
+				data.MyIDs[article.ID] = true
+			}
+		}
+
+		tmpl, err := template.ParseFiles("web/templates/rejected-articles.html")
+		tmpl = template.Must(tmpl, err)
+		tmpl.ExecuteTemplate(w, "page-content", data)
+	}
+}
+
+func ReviewUnpublishedArticle(db *model.DB, s *control.CookieStore) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		type htmlData struct {
+			Article *model.Article
+			Tags    []*model.Tag
+		}
+		data := new(htmlData)
+
+		id, err := strconv.ParseInt(r.PostFormValue("id"), 10, 64)
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		data.Article, err = db.GetArticle(id)
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		data.Tags, err = db.GetArticleTags(id)
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		tmpl, err := template.ParseFiles("web/templates/to-be-published.html")
+		tmpl = template.Must(tmpl, err)
+		tmpl.ExecuteTemplate(w, "page-content", data)
+	}
+}
+
+func ReviewRejectedArticle(db *model.DB, s *control.CookieStore) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		type htmlData struct {
+			Selected map[int64]bool
+			Article  *model.Article
+			Tags     []*model.Tag
+		}
+		data := new(htmlData)
+
+		id, err := strconv.ParseInt(r.PostFormValue("id"), 10, 64)
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		data.Article, err = db.GetArticle(id)
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		data.Tags, err = db.GetTagList()
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		selectedTags, err := db.GetArticleTags(id)
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+		data.Selected = make(map[int64]bool)
+		for _, tag := range selectedTags {
+			data.Selected[tag.ID] = true
+		}
+
+		tmpl, err := template.ParseFiles("web/templates/rework-article.html")
+		tmpl = template.Must(tmpl, err)
+		tmpl.ExecuteTemplate(w, "page-content", data)
+	}
+}
+
+func PublishArticle(db *model.DB, s *control.CookieStore) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		id, err := strconv.ParseInt(r.PostFormValue("id"), 10, 64)
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		session, err := s.Get(r, "cookie")
+		if err != nil {
+			tmpl, err := template.ParseFiles("web/templates/login.html")
+			msg := "Session nicht mehr gültig. Bitte erneut anmelden."
+			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg)
+		}
+
+		if err = db.AddArticleToCurrentIssue(id); err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		if err = db.UpdateAttributes(
+			&model.Attribute{Table: "articles", ID: id, AttName: "published", Value: true},
+			&model.Attribute{Table: "articles", ID: id, AttName: "rejected", Value: false},
+			&model.Attribute{Table: "articles", ID: id, AttName: "created", Value: time.Now().Format("2006-01-02 15:04:05")},
+		); err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		tmpl, err := template.ParseFiles("web/templates/hub.html")
+		tmpl = template.Must(tmpl, err)
+		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"])
+	}
+}
+
+func RejectArticle(db *model.DB, s *control.CookieStore) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		id, err := strconv.ParseInt(r.PostFormValue("id"), 10, 64)
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		session, err := s.Get(r, "cookie")
+		if err != nil {
+			tmpl, err := template.ParseFiles("web/templates/login.html")
+			msg := "Session nicht mehr gültig. Bitte erneut anmelden."
+			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg)
+		}
+
+		if err = db.UpdateAttributes(
+			&model.Attribute{Table: "articles", ID: id, AttName: "rejected", Value: true},
+		); err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		tmpl, err := template.ParseFiles("web/templates/hub.html")
+		tmpl = template.Must(tmpl, err)
+		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"])
+	}
+}
+
+func ShowCurrentArticles(db *model.DB) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		articles, err := db.GetCurrentIssueArticles()
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		tmpl, err := template.ParseFiles("web/templates/current-articles.html")
+		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", articles)
+	}
+}
+
+func PublishLatestIssue(db *model.DB) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		if err := db.PublishLatestIssue(); err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		tmpl, err := template.ParseFiles("web/templates/hub.html")
+		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", nil)
+	}
+}
--- a/cmd/view/editor.go
+++ b/cmd/view/editor.go
@ -0,0 +1,31 @@
+package view
+
+import (
+	"html/template"
+	"net/http"
+
+	"streifling.com/jason/cpolis/cmd/control"
+	"streifling.com/jason/cpolis/cmd/model"
+)
+
+func CreateTag(w http.ResponseWriter, r *http.Request) {
+	tmpl, err := template.ParseFiles("web/templates/add-tag.html")
+	template.Must(tmpl, err).ExecuteTemplate(w, "page-content", nil)
+}
+
+func AddTag(db *model.DB, s *control.CookieStore) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		db.AddTag(r.PostFormValue("tag"))
+
+		session, err := s.Get(r, "cookie")
+		if err != nil {
+			tmpl, err := template.ParseFiles("web/templates/login.html")
+			msg := "Session nicht mehr gültig. Bitte erneut anmelden."
+			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg)
+		}
+
+		tmpl, err := template.ParseFiles("web/templates/hub.html")
+		tmpl = template.Must(tmpl, err)
+		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"])
+	}
+}
--- a/cmd/view/rss.go
+++ b/cmd/view/rss.go
@ -0,0 +1,95 @@
+package view
+
+import (
+	"fmt"
+	"html/template"
+	"log"
+	"net/http"
+	"time"
+
+	"git.streifling.com/jason/rss"
+	"streifling.com/jason/cpolis/cmd/control"
+	"streifling.com/jason/cpolis/cmd/model"
+)
+
+func ShowRSS(db *model.DB, title, link, desc string) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		channel := &rss.Channel{
+			Title:       title,
+			Link:        link,
+			Description: desc,
+			Items:       make([]*rss.Item, 0),
+		}
+
+		articles, err := db.GetCertainArticles(true, false)
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		for _, article := range articles {
+			tags, err := db.GetArticleTags(article.ID)
+			if err != nil {
+				log.Println(err)
+				http.Error(w, err.Error(), http.StatusInternalServerError)
+				return
+			}
+			tagNames := make([]string, 0)
+			for _, tag := range tags {
+				tagNames = append(tagNames, tag.Name)
+			}
+			tagNames = append(tagNames, fmt.Sprint("Orient Express ", article.IssueID))
+
+			user, err := db.GetUser(article.AuthorID)
+			if err != nil {
+				log.Println(err)
+				http.Error(w, err.Error(), http.StatusInternalServerError)
+				return
+			}
+
+			articleTitle, err := control.ConvertToPlain(article.Title)
+			if err != nil {
+				log.Println(err)
+				http.Error(w, err.Error(), http.StatusInternalServerError)
+				return
+			}
+
+			articleDescription, err := control.ConvertToPlain(article.Description)
+			if err != nil {
+				log.Println(err)
+				http.Error(w, err.Error(), http.StatusInternalServerError)
+				return
+			}
+
+			articleContent, err := control.ConvertToHTML(article.Content)
+			if err != nil {
+				log.Println(err)
+				http.Error(w, err.Error(), http.StatusInternalServerError)
+				return
+			}
+
+			channel.Items = append(channel.Items, &rss.Item{
+				Title:       articleTitle,
+				Author:      user.FirstName + user.LastName,
+				PubDate:     article.Created.Format(time.RFC1123Z),
+				Description: articleDescription,
+				Content:     &rss.Content{Value: articleContent},
+				Categories:  tagNames,
+			})
+		}
+
+		feed := rss.NewFeed()
+		feed.Channels = append(feed.Channels, channel)
+		rss, err := feed.ToXML()
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		files := []string{"web/templates/index.html", "web/templates/feed.rss"}
+		tmpl, err := template.ParseFiles(files...)
+		template.Must(tmpl, err).Execute(w, rss)
+	}
+}
--- a/cmd/frontend/sessions.go
+++ b/cmd/frontend/sessions.go
@ -1,4 +1,4 @@
-package frontend
+package view

 import (
 	"fmt"
@ -6,10 +6,11 @@ import (
 	"log"
 	"net/http"

-	b "streifling.com/jason/cpolis/cmd/backend"
+	"streifling.com/jason/cpolis/cmd/control"
+	"streifling.com/jason/cpolis/cmd/model"
 )

-func saveSession(w http.ResponseWriter, r *http.Request, s *b.CookieStore, u *b.User) error {
+func saveSession(w http.ResponseWriter, r *http.Request, s *control.CookieStore, u *model.User) error {
 	session, err := s.Get(r, "cookie")
 	if err != nil {
 		return fmt.Errorf("error getting session: %v", err)
@ -26,26 +27,26 @@ func saveSession(w http.ResponseWriter, r *http.Request, s *b.CookieStore, u *b.
 	return nil
 }

-func HomePage(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
+func HomePage(db *model.DB, s *control.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		numRows, err := db.CountEntries("users")
 		if err != nil {
 			log.Fatalln(err)
 		}

-		files := []string{c.WebDir + "/templates/index.html"}
+		files := []string{"web/templates/index.html"}
 		if numRows == 0 {
-			files = append(files, c.WebDir+"/templates/first-user.html")
+			files = append(files, "web/templates/add-user.html")
 			tmpl, err := template.ParseFiles(files...)
 			template.Must(tmpl, err).Execute(w, nil)
 		} else {
 			session, _ := s.Get(r, "cookie")
 			if auth, ok := session.Values["authenticated"].(bool); auth && ok {
-				files = append(files, c.WebDir+"/templates/hub.html")
+				files = append(files, "web/templates/hub.html")
 				tmpl, err := template.ParseFiles(files...)
 				template.Must(tmpl, err).Execute(w, session.Values["role"])
 			} else {
-				files = append(files, c.WebDir+"/templates/login.html")
+				files = append(files, "web/templates/login.html")
 				tmpl, err := template.ParseFiles(files...)
 				template.Must(tmpl, err).Execute(w, nil)
 			}
@ -53,14 +54,14 @@ func HomePage(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
 	}
 }

-func Login(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
+func Login(db *model.DB, s *control.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		userName := r.PostFormValue("username")
 		password := r.PostFormValue("password")

 		id, ok := db.GetID(userName)
 		if !ok {
-			http.Error(w, fmt.Sprintf("no such user: %v", userName), http.StatusBadRequest)
+			http.Error(w, fmt.Sprintf("no such user: %v", userName), http.StatusInternalServerError)
 			return
 		}

@ -83,45 +84,29 @@ func Login(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
 			return
 		}

-		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
+		tmpl, err := template.ParseFiles("web/templates/hub.html")
 		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", user.Role)
 	}
 }

-func Logout(c *b.Config, s *b.CookieStore) http.HandlerFunc {
+func Logout(s *control.CookieStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
-		session, err := getSession(w, r, c, s)
+		session, err := s.Get(r, "cookie")
 		if err != nil {
-			return
+			tmpl, err := template.ParseFiles("web/templates/login.html")
+			msg := "Session nicht mehr gültig. Bitte erneut anmelden."
+			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg)
 		}

 		session.Options.MaxAge = -1
+
 		if err = session.Save(r, w); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}

-		tmpl, err := template.ParseFiles(c.WebDir + "/templates/login.html")
+		tmpl, err := template.ParseFiles("web/templates/login.html")
 		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", nil)
 	}
 }
-
-func ShowHub(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		session, err := getSession(w, r, c, s)
-		if err != nil {
-			return
-		}
-
-		session.Values["article"] = nil
-		if err = session.Save(r, w); err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
-		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", session.Values["role"].(int))
-	}
-}
--- a/cmd/view/users.go
+++ b/cmd/view/users.go
@ -0,0 +1,214 @@
+package view
+
+import (
+	"fmt"
+	"html/template"
+	"log"
+	"net/http"
+	"strconv"
+
+	"streifling.com/jason/cpolis/cmd/control"
+	"streifling.com/jason/cpolis/cmd/model"
+)
+
+type UserData struct {
+	*model.User
+	Msg string
+}
+
+func checkUserStrings(user *model.User) (string, int, bool) {
+	userLen := 15
+	nameLen := 50
+
+	if len(user.UserName) > userLen {
+		return "Benutzername", userLen, false
+	} else if len(user.FirstName) > nameLen {
+		return "Vorname", nameLen, false
+	} else if len(user.LastName) > nameLen {
+		return "Nachname", nameLen, false
+	} else {
+		return "", 0, true
+	}
+}
+
+func CreateUser(w http.ResponseWriter, r *http.Request) {
+	tmpl, err := template.ParseFiles("web/templates/add-user.html")
+	template.Must(tmpl, err).ExecuteTemplate(w, "page-content", nil)
+}
+
+func AddUser(db *model.DB, s *control.CookieStore) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		role, err := strconv.Atoi(r.PostFormValue("role"))
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		htmlData := UserData{
+			User: &model.User{
+				UserName:  r.PostFormValue("username"),
+				FirstName: r.PostFormValue("first-name"),
+				LastName:  r.PostFormValue("last-name"),
+				Role:      role,
+			},
+		}
+		pass := r.PostFormValue("password")
+		pass2 := r.PostFormValue("password2")
+
+		if len(htmlData.UserName) == 0 || len(htmlData.FirstName) == 0 ||
+			len(htmlData.LastName) == 0 || len(pass) == 0 || len(pass2) == 0 {
+			htmlData.Msg = "Alle Felder müssen ausgefüllt werden."
+			tmpl, err := template.ParseFiles("web/templates/add-user.html")
+			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", htmlData)
+			return
+		}
+		userString, stringLen, ok := checkUserStrings(htmlData.User)
+		if !ok {
+			htmlData.Msg = fmt.Sprint(userString, " ist zu lang. Maximal ",
+				stringLen, " Zeichen erlaubt.")
+			tmpl, err := template.ParseFiles("web/templates/add-user.html")
+			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", htmlData)
+			return
+		}
+		id, _ := db.GetID(htmlData.UserName)
+		if id != 0 {
+			htmlData.Msg = fmt.Sprint(htmlData.UserName,
+				" ist bereits vergeben. Bitte anderen Benutzernamen wählen.")
+			tmpl, err := template.ParseFiles("web/templates/add-user.html")
+			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", htmlData)
+			return
+		}
+		if pass != pass2 {
+			htmlData.Msg = "Die Passwörter stimmen nicht überein."
+			tmpl, err := template.ParseFiles("web/templates/add-user.html")
+			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", htmlData)
+			return
+		}
+
+		htmlData.ID, err = db.AddUser(htmlData.User, pass)
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		if htmlData.ID == 1 {
+			htmlData.Role = model.Admin
+
+			if err = db.UpdateAttributes(
+				&model.Attribute{Table: "users", ID: id, AttName: "role", Value: htmlData.Role},
+			); err != nil {
+				log.Println(err)
+				http.Error(w, err.Error(), http.StatusInternalServerError)
+				return
+			}
+
+			if err := saveSession(w, r, s, htmlData.User); err != nil {
+				log.Println(err)
+				http.Error(w, err.Error(), http.StatusInternalServerError)
+				return
+			}
+
+			if _, err := db.AddIssue(); err != nil {
+				log.Println(err)
+				http.Error(w, err.Error(), http.StatusInternalServerError)
+				return
+			}
+		}
+
+		tmpl, err := template.ParseFiles("web/templates/hub.html")
+		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", 0)
+	}
+}
+
+func EditUser(db *model.DB, s *control.CookieStore) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		session, err := s.Get(r, "cookie")
+		if err != nil {
+			tmpl, err := template.ParseFiles("web/templates/login.html")
+			msg := "Session nicht mehr gültig. Bitte erneut anmelden."
+			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg)
+		}
+
+		user, err := db.GetUser(session.Values["id"].(int64))
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		tmpl, err := template.ParseFiles("web/templates/edit-user.html")
+		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", user)
+	}
+}
+
+func UpdateUser(db *model.DB, s *control.CookieStore) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		session, err := s.Get(r, "cookie")
+		if err != nil {
+			tmpl, err := template.ParseFiles("web/templates/login.html")
+			msg := "Session nicht mehr gültig. Bitte erneut anmelden."
+			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg)
+		}
+
+		userData := UserData{
+			User: &model.User{
+				ID:        session.Values["id"].(int64),
+				UserName:  r.PostFormValue("username"),
+				FirstName: r.PostFormValue("first-name"),
+				LastName:  r.PostFormValue("last-name"),
+			},
+		}
+		oldPass := r.PostFormValue("old-password")
+		newPass := r.PostFormValue("password")
+		newPass2 := r.PostFormValue("password2")
+
+		if len(userData.UserName) == 0 || len(userData.FirstName) == 0 ||
+			len(userData.LastName) == 0 {
+			userData.Msg = "Alle Felder mit * müssen ausgefüllt sein."
+			tmpl, err := template.ParseFiles("web/templates/edit-user.html")
+			tmpl = template.Must(tmpl, err)
+			tmpl.ExecuteTemplate(w, "page-content", userData.Msg)
+			return
+		}
+
+		userString, stringLen, ok := checkUserStrings(userData.User)
+		if !ok {
+			userData.Msg = fmt.Sprint(userString, " ist zu lang. Maximal ",
+				stringLen, " Zeichen erlaubt.")
+			tmpl, err := template.ParseFiles("web/templates/edit-user.html")
+			tmpl = template.Must(tmpl, err)
+			tmpl.ExecuteTemplate(w, "page-content", userData)
+			return
+		}
+
+		if id, ok := db.GetID(userData.UserName); ok {
+			if id != userData.ID {
+				userData.Msg = "Benutzername bereits vergeben."
+				userData.UserName = ""
+				tmpl, err := template.ParseFiles("web/templates/edit-user.html")
+				tmpl = template.Must(tmpl, err)
+				tmpl.ExecuteTemplate(w, "page-content", userData)
+				return
+			}
+		}
+
+		if err = db.UpdateUserAttributes(
+			userData.ID,
+			userData.UserName,
+			userData.FirstName,
+			userData.LastName,
+			oldPass,
+			newPass,
+			newPass2); err != nil {
+			userData.Msg = "Aktualisierung der Benutzerdaten fehlgeschlagen."
+			tmpl, err := template.ParseFiles("web/templates/edit-user.html")
+			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", userData)
+		}
+
+		tmpl, err := template.ParseFiles("web/templates/hub.html")
+		tmpl = template.Must(tmpl, err)
+		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"].(int))
+	}
+}
--- a/cpolis.service
+++ b/cpolis.service
@ -1,9 +0,0 @@
-[Unit]
-Description=cpolis
-
-[Service]
-ExecStart=/usr/local/bin/cpolis
-Restart=on-failure
-
-[Install]
-WantedBy=default.target
--- a/create_db.sql
+++ b/create_db.sql
@ -1,55 +0,0 @@
-DROP TABLE IF EXISTS articles_tags;
-DROP TABLE IF EXISTS tags;
-DROP TABLE IF EXISTS articles;
-DROP TABLE IF EXISTS issues;
-DROP TABLE IF EXISTS users;
-
-CREATE TABLE users (
-    id          INT         AUTO_INCREMENT,
-    username    VARCHAR(15) NOT NULL UNIQUE,
-    password    VARCHAR(60) NOT NULL,
-    first_name  VARCHAR(50) NOT NULL,
-    last_name   VARCHAR(50) NOT NULL,
-    role        INT         NOT NULL,
-    PRIMARY KEY (id)
-);
-
-CREATE TABLE issues (
-    id          INT     AUTO_INCREMENT,
-    published   BOOL    NOT NULL,
-    PRIMARY KEY (id)
-);
-
-CREATE TABLE articles (
-    id              INT             AUTO_INCREMENT,
-    title           VARCHAR(255)    NOT NULL,
-    created         TIMESTAMP       DEFAULT CURRENT_TIMESTAMP,
-    description     TEXT            NOT NULL,
-    link            VARCHAR(255),
-    enc_url         VARCHAR(255),
-    enc_length      INT,
-    enc_type        VARCHAR(255),
-    published       BOOL            NOT NULL,
-    rejected        BOOL            NOT NULL,
-    author_id       INT             NOT NULL,
-    issue_id        INT             NOT NULL,
-    is_in_issue     BOOL            NOT NULL,
-    auto_generated  BOOL            NOT NULL,
-    PRIMARY KEY (id),
-    FOREIGN KEY (author_id) REFERENCES users (id),
-    FOREIGN KEY (issue_id) REFERENCES issues (id)
-);
-
-CREATE TABLE tags (
-    id      INT         AUTO_INCREMENT,
-    name    VARCHAR(50) NOT NULL UNIQUE,
-    PRIMARY KEY (id)
-);
-
-CREATE TABLE articles_tags (
-    article_id  INT,
-    tag_id      INT,
-    PRIMARY KEY (article_id, tag_id),
-    FOREIGN KEY (article_id) REFERENCES articles (id),
-    FOREIGN KEY (tag_id) REFERENCES tags (id)
-);
--- a/go.mod
+++ b/go.mod
@ -1,62 +1,21 @@
 module streifling.com/jason/cpolis

-go 1.23
-
-toolchain go1.23.0
+go 1.22.0

 require (
-	firebase.google.com/go/v4 v4.14.1
-	git.streifling.com/jason/rss v0.1.3
-	github.com/BurntSushi/toml v1.4.0
-	github.com/go-sql-driver/mysql v1.8.1
-	github.com/google/uuid v1.6.0
-	github.com/gorilla/sessions v1.4.0
-	github.com/microcosm-cc/bluemonday v1.0.27
-	github.com/yuin/goldmark v1.7.4
-	golang.org/x/crypto v0.26.0
-	golang.org/x/term v0.23.0
-	google.golang.org/api v0.195.0
+	git.streifling.com/jason/rss v0.0.0-20240305164907-524bf9676188
+	github.com/go-sql-driver/mysql v1.7.1
+	github.com/gorilla/sessions v1.2.2
+	github.com/microcosm-cc/bluemonday v1.0.26
+	github.com/yuin/goldmark v1.7.0
+	golang.org/x/crypto v0.14.0
+	golang.org/x/term v0.17.0
 )

 require (
-	cloud.google.com/go v0.115.1 // indirect
-	cloud.google.com/go/auth v0.9.2 // indirect
-	cloud.google.com/go/auth/oauth2adapt v0.2.4 // indirect
-	cloud.google.com/go/compute/metadata v0.5.0 // indirect
-	cloud.google.com/go/firestore v1.16.0 // indirect
-	cloud.google.com/go/iam v1.2.0 // indirect
-	cloud.google.com/go/longrunning v0.6.0 // indirect
-	cloud.google.com/go/storage v1.43.0 // indirect
-	filippo.io/edwards25519 v1.1.0 // indirect
-	github.com/MicahParks/keyfunc v1.9.0 // indirect
 	github.com/aymerick/douceur v0.2.0 // indirect
-	github.com/felixge/httpsnoop v1.0.4 // indirect
-	github.com/go-logr/logr v1.4.2 // indirect
-	github.com/go-logr/stdr v1.2.2 // indirect
-	github.com/golang-jwt/jwt/v4 v4.5.0 // indirect
-	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
-	github.com/golang/protobuf v1.5.4 // indirect
-	github.com/google/s2a-go v0.1.8 // indirect
-	github.com/googleapis/enterprise-certificate-proxy v0.3.3 // indirect
-	github.com/googleapis/gax-go/v2 v2.13.0 // indirect
-	github.com/gorilla/css v1.0.1 // indirect
+	github.com/gorilla/css v1.0.0 // indirect
 	github.com/gorilla/securecookie v1.1.2 // indirect
-	go.opencensus.io v0.24.0 // indirect
-	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.54.0 // indirect
-	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.54.0 // indirect
-	go.opentelemetry.io/otel v1.29.0 // indirect
-	go.opentelemetry.io/otel/metric v1.29.0 // indirect
-	go.opentelemetry.io/otel/trace v1.29.0 // indirect
-	golang.org/x/net v0.28.0 // indirect
-	golang.org/x/oauth2 v0.22.0 // indirect
-	golang.org/x/sync v0.8.0 // indirect
-	golang.org/x/sys v0.24.0 // indirect
-	golang.org/x/text v0.17.0 // indirect
-	golang.org/x/time v0.6.0 // indirect
-	google.golang.org/appengine/v2 v2.0.6 // indirect
-	google.golang.org/genproto v0.0.0-20240827150818-7e3bb234dfed // indirect
-	google.golang.org/genproto/googleapis/api v0.0.0-20240827150818-7e3bb234dfed // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20240827150818-7e3bb234dfed // indirect
-	google.golang.org/grpc v1.66.0 // indirect
-	google.golang.org/protobuf v1.34.2 // indirect
+	golang.org/x/net v0.17.0 // indirect
+	golang.org/x/sys v0.17.0 // indirect
 )
--- a/go.sum
+++ b/go.sum
@ -1,229 +1,26 @@
-cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
-cloud.google.com/go v0.115.1 h1:Jo0SM9cQnSkYfp44+v+NQXHpcHqlnRJk2qxh6yvxxxQ=
-cloud.google.com/go v0.115.1/go.mod h1:DuujITeaufu3gL68/lOFIirVNJwQeyf5UXyi+Wbgknc=
-cloud.google.com/go/auth v0.9.2 h1:I+Rq388FYU8QdbVB1IiPd+6KNdrqtAPE/asiKHShBLM=
-cloud.google.com/go/auth v0.9.2/go.mod h1:7z6VY+7h3KUdRov5F1i8NDP5ZzWKYmEPO842BgCsmTk=
-cloud.google.com/go/auth/oauth2adapt v0.2.4 h1:0GWE/FUsXhf6C+jAkWgYm7X9tK8cuEIfy19DBn6B6bY=
-cloud.google.com/go/auth/oauth2adapt v0.2.4/go.mod h1:jC/jOpwFP6JBxhB3P5Rr0a9HLMC/Pe3eaL4NmdvqPtc=
-cloud.google.com/go/compute/metadata v0.5.0 h1:Zr0eK8JbFv6+Wi4ilXAR8FJ3wyNdpxHKJNPos6LTZOY=
-cloud.google.com/go/compute/metadata v0.5.0/go.mod h1:aHnloV2TPI38yx4s9+wAZhHykWvVCfu7hQbF+9CWoiY=
-cloud.google.com/go/firestore v1.16.0 h1:YwmDHcyrxVRErWcgxunzEaZxtNbc8QoFYA/JOEwDPgc=
-cloud.google.com/go/firestore v1.16.0/go.mod h1:+22v/7p+WNBSQwdSwP57vz47aZiY+HrDkrOsJNhk7rg=
-cloud.google.com/go/iam v1.2.0 h1:kZKMKVNk/IsSSc/udOb83K0hL/Yh/Gcqpz+oAkoIFN8=
-cloud.google.com/go/iam v1.2.0/go.mod h1:zITGuWgsLZxd8OwAlX+eMFgZDXzBm7icj1PVTYG766Q=
-cloud.google.com/go/longrunning v0.6.0 h1:mM1ZmaNsQsnb+5n1DNPeL0KwQd9jQRqSqSDEkBZr+aI=
-cloud.google.com/go/longrunning v0.6.0/go.mod h1:uHzSZqW89h7/pasCWNYdUpwGz3PcVWhrWupreVPYLts=
-cloud.google.com/go/storage v1.43.0 h1:CcxnSohZwizt4LCzQHWvBf1/kvtHUn7gk9QERXPyXFs=
-cloud.google.com/go/storage v1.43.0/go.mod h1:ajvxEa7WmZS1PxvKRq4bq0tFT3vMd502JwstCcYv0Q0=
-filippo.io/edwards25519 v1.1.0 h1:FNf4tywRC1HmFuKW5xopWpigGjJKiJSV0Cqo0cJWDaA=
-filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4VDT4=
-firebase.google.com/go/v4 v4.14.1 h1:4qiUETaFRWoFGE1XP5VbcEdtPX93Qs+8B/7KvP2825g=
-firebase.google.com/go/v4 v4.14.1/go.mod h1:fgk2XshgNDEKaioKco+AouiegSI9oTWVqRaBdTTGBoM=
-git.streifling.com/jason/rss v0.1.3 h1:fd3j4ZtcLehapcmmroo3AP3X34gRHC4xzpfV6bDV1ZU=
-git.streifling.com/jason/rss v0.1.3/go.mod h1:gpZF0nZbQSstMpyHD9DTAvlQEG7v4pjO5c7aIMWM4Jg=
-github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
-github.com/BurntSushi/toml v1.4.0 h1:kuoIxZQy2WRRk1pttg9asf+WVv6tWQuBNVmK8+nqPr0=
-github.com/BurntSushi/toml v1.4.0/go.mod h1:ukJfTF/6rtPPRCnwkur4qwRxa8vTRFBF0uk2lLoLwho=
-github.com/MicahParks/keyfunc v1.9.0 h1:lhKd5xrFHLNOWrDc4Tyb/Q1AJ4LCzQ48GVJyVIID3+o=
-github.com/MicahParks/keyfunc v1.9.0/go.mod h1:IdnCilugA0O/99dW+/MkvlyrsX8+L8+x95xuVNtM5jw=
+git.streifling.com/jason/rss v0.0.0-20240305164907-524bf9676188 h1:C8M/j3f+cl5Y7YfGpU/ynb/SC/4tTYMDsyGFt3rswM8=
+git.streifling.com/jason/rss v0.0.0-20240305164907-524bf9676188/go.mod h1:gpZF0nZbQSstMpyHD9DTAvlQEG7v4pjO5c7aIMWM4Jg=
 github.com/aymerick/douceur v0.2.0 h1:Mv+mAeH1Q+n9Fr+oyamOlAkUNPWPlA8PPGR0QAaYuPk=
 github.com/aymerick/douceur v0.2.0/go.mod h1:wlT5vV2O3h55X9m7iVYN0TBM0NH/MmbLnd30/FjWUq4=
-github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
-github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
-github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
-github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
-github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
-github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
-github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
-github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
-github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg=
-github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
-github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
-github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY=
-github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
-github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
-github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE=
-github.com/go-sql-driver/mysql v1.8.1 h1:LedoTUt/eveggdHS9qUFC1EFSa8bU2+1pZjSRpvNJ1Y=
-github.com/go-sql-driver/mysql v1.8.1/go.mod h1:wEBSXgmK//2ZFJyE+qWnIsVGmvmEKlqwuVSjsCm7DZg=
-github.com/golang-jwt/jwt/v4 v4.4.2/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
-github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg=
-github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
-github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
-github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
-github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE=
-github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
-github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
-github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
-github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
-github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
-github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
-github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs=
-github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w=
-github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0=
-github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8=
-github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
-github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
-github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
-github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps=
-github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
-github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
-github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
-github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
-github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
+github.com/go-sql-driver/mysql v1.7.1 h1:lUIinVbN1DY0xBg0eMOzmmtGoHwWBbvnWubQUrtU8EI=
+github.com/go-sql-driver/mysql v1.7.1/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI=
 github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0=
 github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
-github.com/google/martian/v3 v3.3.3 h1:DIhPTQrbPkgs2yJYdXU/eNACCG5DVQjySNRNlflZ9Fc=
-github.com/google/martian/v3 v3.3.3/go.mod h1:iEPrYcgCF7jA9OtScMFQyAlZZ4YXTKEtJ1E6RWzmBA0=
-github.com/google/s2a-go v0.1.8 h1:zZDs9gcbt9ZPLV0ndSyQk6Kacx2g/X+SKYovpnz3SMM=
-github.com/google/s2a-go v0.1.8/go.mod h1:6iNWHTpQ+nfNRN5E00MSdfDwVesa8hhS32PhPO8deJA=
-github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
-github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
-github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
-github.com/googleapis/enterprise-certificate-proxy v0.3.3 h1:QRje2j5GZimBzlbhGA2V2QlGNgL8G6e+wGo/+/2bWI0=
-github.com/googleapis/enterprise-certificate-proxy v0.3.3/go.mod h1:YKe7cfqYXjKGpGvmSg28/fFvhNzinZQm8DGnaburhGA=
-github.com/googleapis/gax-go/v2 v2.13.0 h1:yitjD5f7jQHhyDsnhKEBU52NdvvdSeGzlAnDPT0hH1s=
-github.com/googleapis/gax-go/v2 v2.13.0/go.mod h1:Z/fvTZXF8/uw7Xu5GuslPw+bplx6SS338j1Is2S+B7A=
-github.com/gorilla/css v1.0.1 h1:ntNaBIghp6JmvWnxbZKANoLyuXTPZ4cAMlo6RyhlbO8=
-github.com/gorilla/css v1.0.1/go.mod h1:BvnYkspnSzMmwRK+b8/xgNPLiIuNZr6vbZBTPQ2A3b0=
+github.com/gorilla/css v1.0.0 h1:BQqNyPTi50JCFMTw/b67hByjMVXZRwGha6wxVGkeihY=
+github.com/gorilla/css v1.0.0/go.mod h1:Dn721qIggHpt4+EFCcTLTU/vk5ySda2ReITrtgBl60c=
 github.com/gorilla/securecookie v1.1.2 h1:YCIWL56dvtr73r6715mJs5ZvhtnY73hBvEF8kXD8ePA=
 github.com/gorilla/securecookie v1.1.2/go.mod h1:NfCASbcHqRSY+3a8tlWJwsQap2VX5pwzwo4h3eOamfo=
-github.com/gorilla/sessions v1.4.0 h1:kpIYOp/oi6MG/p5PgxApU8srsSw9tuFbt46Lt7auzqQ=
-github.com/gorilla/sessions v1.4.0/go.mod h1:FLWm50oby91+hl7p/wRxDth9bWSuk0qVL2emc7lT5ik=
-github.com/microcosm-cc/bluemonday v1.0.27 h1:MpEUotklkwCSLeH+Qdx1VJgNqLlpY2KXwXFM08ygZfk=
-github.com/microcosm-cc/bluemonday v1.0.27/go.mod h1:jFi9vgW+H7c3V0lb6nR74Ib/DIB5OBs92Dimizgw2cA=
-github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
-github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
-github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
-github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
-github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
-github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
-github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
-github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
-github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
-github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
-github.com/yuin/goldmark v1.7.4 h1:BDXOHExt+A7gwPCJgPIIq7ENvceR7we7rOS9TNoLZeg=
-github.com/yuin/goldmark v1.7.4/go.mod h1:uzxRWxtg69N339t3louHJ7+O03ezfj6PlliRlaOzY1E=
-go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0=
-go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo=
-go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.54.0 h1:r6I7RJCN86bpD/FQwedZ0vSixDpwuWREjW9oRMsmqDc=
-go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.54.0/go.mod h1:B9yO6b04uB80CzjedvewuqDhxJxi11s7/GtiGa8bAjI=
-go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.54.0 h1:TT4fX+nBOA/+LUkobKGW1ydGcn+G3vRw9+g5HwCphpk=
-go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.54.0/go.mod h1:L7UH0GbB0p47T4Rri3uHjbpCFYrVrwc1I25QhNPiGK8=
-go.opentelemetry.io/otel v1.29.0 h1:PdomN/Al4q/lN6iBJEN3AwPvUiHPMlt93c8bqTG5Llw=
-go.opentelemetry.io/otel v1.29.0/go.mod h1:N/WtXPs1CNCUEx+Agz5uouwCba+i+bJGFicT8SR4NP8=
-go.opentelemetry.io/otel/metric v1.29.0 h1:vPf/HFWTNkPu1aYeIsc98l4ktOQaL6LeSoeV2g+8YLc=
-go.opentelemetry.io/otel/metric v1.29.0/go.mod h1:auu/QWieFVWx+DmQOUMgj0F8LHWdgalxXqvp7BII/W8=
-go.opentelemetry.io/otel/sdk v1.28.0 h1:b9d7hIry8yZsgtbmM0DKyPWMMUMlK9NEKuIG4aBqWyE=
-go.opentelemetry.io/otel/sdk v1.28.0/go.mod h1:oYj7ClPUA7Iw3m+r7GeEjz0qckQRJK2B8zjcZEfu7Pg=
-go.opentelemetry.io/otel/trace v1.29.0 h1:J/8ZNK4XgR7a21DZUAsbF8pZ5Jcw1VhACmnYt39JTi4=
-go.opentelemetry.io/otel/trace v1.29.0/go.mod h1:eHl3w0sp3paPkYstJOmAimxhiFXPg+MMTlEh3nsQgWQ=
-golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
-golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
-golang.org/x/crypto v0.26.0 h1:RrRspgV4mU+YwB4FYnuBoKsUapNIL5cohGAmSH3azsw=
-golang.org/x/crypto v0.26.0/go.mod h1:GY7jblb9wI+FOo5y8/S2oY4zWP07AkOJ4+jxCqdqn54=
-golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
-golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
-golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
-golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
-golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
-golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
-golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
-golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
-golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
-golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
-golang.org/x/net v0.28.0 h1:a9JDOJc5GMUJ0+UDqmLT86WiEy7iWyIhz8gz8E4e5hE=
-golang.org/x/net v0.28.0/go.mod h1:yqtgsTWOOnlGLG9GFRrK3++bGOUEkNBoHZc8MEDWPNg=
-golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
-golang.org/x/oauth2 v0.22.0 h1:BzDx2FehcG7jJwgWLELCdmLuxk2i+x9UDpSiss2u0ZA=
-golang.org/x/oauth2 v0.22.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
-golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ=
-golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
-golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.24.0 h1:Twjiwq9dn6R1fQcyiK+wQyHWfaz/BJB+YIpzU/Cv3Xg=
-golang.org/x/sys v0.24.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
-golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
-golang.org/x/term v0.23.0 h1:F6D4vR+EHoL9/sWAWgAR1H2DcHr4PareCbAaCo1RpuU=
-golang.org/x/term v0.23.0/go.mod h1:DgV24QBUrK6jhZXl+20l6UWznPlwAHm1Q1mGHtydmSk=
-golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
-golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
-golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ=
-golang.org/x/text v0.17.0 h1:XtiM5bkSOt+ewxlOE/aE/AKEHibwj/6gvWMl9Rsh0Qc=
-golang.org/x/text v0.17.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
-golang.org/x/time v0.6.0 h1:eTDhh4ZXt5Qf0augr54TN6suAUudPcawVZeIAPU7D4U=
-golang.org/x/time v0.6.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
-golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
-golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
-golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
-golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
-golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
-golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
-golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
-golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-google.golang.org/api v0.195.0 h1:Ude4N8FvTKnnQJHU48RFI40jOBgIrL8Zqr3/QeST6yU=
-google.golang.org/api v0.195.0/go.mod h1:DOGRWuv3P8TU8Lnz7uQc4hyNqrBpMtD9ppW3wBJurgc=
-google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
-google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
-google.golang.org/appengine/v2 v2.0.6 h1:LvPZLGuchSBslPBp+LAhihBeGSiRh1myRoYK4NtuBIw=
-google.golang.org/appengine/v2 v2.0.6/go.mod h1:WoEXGoXNfa0mLvaH5sV3ZSGXwVmy8yf7Z1JKf3J3wLI=
-google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
-google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
-google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo=
-google.golang.org/genproto v0.0.0-20240827150818-7e3bb234dfed h1:4C4dbrVFtfIp3GXJdMX1Sj25mahfn5DywOo65/2ISQ8=
-google.golang.org/genproto v0.0.0-20240827150818-7e3bb234dfed/go.mod h1:ICjniACoWvcDz8c8bOsHVKuuSGDJy1z5M4G0DM3HzTc=
-google.golang.org/genproto/googleapis/api v0.0.0-20240827150818-7e3bb234dfed h1:3RgNmBoI9MZhsj3QxC+AP/qQhNwpCLOvYDYYsFrhFt0=
-google.golang.org/genproto/googleapis/api v0.0.0-20240827150818-7e3bb234dfed/go.mod h1:OCdP9MfskevB/rbYvHTsXTtKC+3bHWajPdoKgjcYkfo=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20240827150818-7e3bb234dfed h1:J6izYgfBXAI3xTKLgxzTmUltdYaLsuBxFCgDHWJ/eXg=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20240827150818-7e3bb234dfed/go.mod h1:UqMtugtsSgubUsoxbuAoiCXvqvErP7Gf0so0mK9tHxU=
-google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
-google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
-google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY=
-google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
-google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc=
-google.golang.org/grpc v1.66.0 h1:DibZuoBznOxbDQxRINckZcUvnCEvrW9pcWIE2yF9r1c=
-google.golang.org/grpc v1.66.0/go.mod h1:s3/l6xSSCURdVfAnL+TqCNMyTDAGN6+lZeVxnZR128Y=
-google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
-google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
-google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
-google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
-google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
-google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
-google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
-google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
-google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
-google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
-google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
-google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg=
-google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw=
-gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
-gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
-honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
+github.com/gorilla/sessions v1.2.2 h1:lqzMYz6bOfvn2WriPUjNByzeXIlVzURcPmgMczkmTjY=
+github.com/gorilla/sessions v1.2.2/go.mod h1:ePLdVu+jbEgHH+KWw8I1z2wqd0BAdAQh/8LRvBeoNcQ=
+github.com/microcosm-cc/bluemonday v1.0.26 h1:xbqSvqzQMeEHCqMi64VAs4d8uy6Mequs3rQ0k/Khz58=
+github.com/microcosm-cc/bluemonday v1.0.26/go.mod h1:JyzOCs9gkyQyjs+6h10UEVSe02CGwkhd72Xdqh78TWs=
+github.com/yuin/goldmark v1.7.0 h1:EfOIvIMZIzHdB/R/zVrikYLPPwJlfMcNczJFMs1m6sA=
+github.com/yuin/goldmark v1.7.0/go.mod h1:uzxRWxtg69N339t3louHJ7+O03ezfj6PlliRlaOzY1E=
+golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc=
+golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4=
+golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM=
+golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
+golang.org/x/sys v0.17.0 h1:25cE3gD+tdBA7lp7QfhuV+rJiE9YXTcS3VG1SqssI/Y=
+golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/term v0.17.0 h1:mkTF7LCd6WGJNL3K1Ad7kwxNfYAW6a8a8QqtMblp/4U=
+golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
--- a/tailwind.config.js
+++ b/tailwind.config.js
@ -1,11 +0,0 @@
-/** @type {import('tailwindcss').Config} */
-module.exports = {
-    content: ["./web/templates/*.html"],
-    theme: {
-        extend: {}
-    },
-    plugins: [
-        require('@tailwindcss/typography')
-    ],
-    darkMode: 'selector',
-}
--- a/update.sh
+++ b/update.sh
@ -1,58 +0,0 @@
-#! /bin/sh -
-
-CPOLIS_REPO_URL="https://git.streifling.com/api/v1/repos/jason/cpolis/releases"
-EXTRACTION_DIR=$HOME
-CPOLIS_DIR=$EXTRACTION_DIR/cpolis
-TAILWINDCSS_REPO_URL=https://api.github.com/repos/tailwindlabs/tailwindcss/releases/latest
-TMP_DIR=/tmp
-BIN_DIR=/usr/local/bin
-SYSTEMD_DIR=/etc/systemd/system
-
-check_dependency() {
-    if ! which $1 >/dev/null 2>&1; then
-        echo "$1 needs to be installed" >&2
-        exit 1
-    fi
-}
-
-if ! groups | grep -E 'root|wheel|sudo' >/dev/null; then
-    echo "You need administrative privileges for this script" >&2
-    exit 1
-fi
-
-check_dependency curl
-check_dependency go
-check_dependency jq
-check_dependency tar
-check_dependency xargs
-
-echo '\nDownloading cpolis...' >&2
-rm -fr $CPOLIS_DIR/*
-latest_release=$(curl -s $CPOLIS_REPO_URL | jq -r '.[0].tag_name')
-curl -Lo $TMP_DIR/cpolis.tar.gz https://git.streifling.com/jason/cpolis/archive/$latest_release.tar.gz
-tar -xzf $TMP_DIR/cpolis.tar.gz -C $EXTRACTION_DIR
-rm $TMP_DIR/cpolis.tar.gz
-
-echo '\nDownloading TailwindCSS...' >&2
-curl -s $TAILWINDCSS_REPO_URL |
-    grep -F browser_download_url |
-    grep -F linux-x64 |
-    cut -d'"' -f4 |
-    xargs -r curl -Lo $CPOLIS_DIR/tailwindcss
-chmod +x $CPOLIS_DIR/tailwindcss
-$CPOLIS_DIR/tailwindcss -i $CPOLIS_DIR/web/static/css/input.css -o $CPOLIS_DIR/web/static/css/style.css
-
-echo '\nBuilding cpolis...' >&2
-cd $CPOLIS_DIR
-go build -o $BIN_DIR/cpolis cmd/main.go
-cd
-
-echo '\nSetting up system files...' >&2
-sudo chown root:root $BIN_DIR/cpolis
-chmod +x $BIN_DIR/cpolis
-
-echo '\nSetting up service...' >&2
-sudo mv $CPOLIS_DIR/cpolis.service $SYSTEMD_DIR
-sudo chown root:root $SYSTEMD_DIR/cpolis.service
-sudo systemctl daemon-reload
-sudo systemctl is-active --quiet cpolis.service && sudo systemctl restart cpolis.service
--- a/web/static/css/input.css
+++ b/web/static/css/input.css
@ -1,64 +0,0 @@
-@tailwind base;
-@tailwind components;
-@tailwind utilities;
-
-h2 {
-    @apply font-bold mb-2 text-2xl;
-}
-
-h3 {
-    @apply font-bold mb-2 text-xl;
-}
-
-input[type="password"],
-input[type="text"] {
-    @apply bg-slate-50 dark:bg-slate-950 border border-slate-200 dark:border-slate-800 h-8 rounded-md;
-}
-
-textarea {
-    @apply bg-slate-50 dark:bg-slate-950 border border-slate-200 dark:border-slate-800 h-32 rounded-md;
-}
-
-.btn-area {
-    @apply flex gap-4 mt-4;
-}
-
-.btn {
-    @apply bg-slate-200 dark:bg-slate-800 hover:bg-slate-100 dark:hover:bg-slate-900 border border-slate-200 dark:border-slate-800 my-2 px-3 py-2 rounded-md w-full;
-}
-
-.action-btn {
-    @apply bg-slate-800 dark:bg-slate-200 hover:bg-slate-700 dark:hover:bg-slate-300 my-2 px-3 py-2 rounded-md text-slate-50 dark:text-slate-950 w-full;
-}
-
-.EasyMDEContainer .CodeMirror {
-    @apply bg-slate-50 dark:bg-slate-950 border-slate-200 dark:border-slate-800 text-slate-900 dark:text-slate-100
-}
-
-.EasyMDEContainer .cm-s-easymde .CodeMirror-cursor {
-    @apply border-slate-900 dark:border-slate-100
-}
-
-.EasyMDEContainer .editor-toolbar > * {
-    @apply text-slate-900 dark:text-slate-100
-}
-
-.EasyMDEContainer .editor-toolbar > .active, .editor-toolbar > button:hover, .editor-preview pre, .cm-s-easymde .cm-comment {
-    @apply bg-slate-100 dark:bg-slate-900
-}
-
-.EasyMDEContainer .CodeMirror-fullscreen {
-    @apply bg-slate-50 dark:bg-slate-950
-}
-
-.editor-toolbar {
-    @apply border border-slate-200 dark:border-slate-800
-}
-
-.editor-toolbar.fullscreen {
-    @apply bg-slate-50 dark:bg-slate-950
-}
-
-.editor-preview {
-    @apply bg-slate-50 dark:bg-slate-950
-}
--- a/web/static/css/style.css
+++ b/web/static/css/style.css
--- a/web/static/js/htmx.min.js
+++ b/web/static/js/htmx.min.js
--- a/web/templates/add-tag.html
+++ b/web/templates/add-tag.html
@ -1,12 +1,8 @@
 {{define "page-content"}}
-<h2>Neuer Tag</h2>
-
+<h2>Neuer Benutzer</h2>
 <form>
-    <input required name="tag" placeholder="Tag eingeben" type="text" />
-    <div class="btn-area">
-        <input class="action-btn" type="submit" value="Anlegen" hx-post="/tag/add" hx-target="#page-content" />
-        <button class="btn" hx-get="/hub" hx-target="#page-content">Abbrechen</button>
-    </div>
+    <input required name="tag" placeholder="Tag" type="text" />
+    <input type="submit" value="Anlegen" hx-post="/add-tag/" hx-target="#page-content" />
 </form>
-
+<button hx-get="/hub/" hx-target="#page-content">Abbrechen</button>
 {{end}}
--- a/web/templates/add-user.html
+++ b/web/templates/add-user.html
@ -1,54 +1,25 @@
 {{define "page-content"}}
 <h2>Neuer Benutzer</h2>
-
 <form>
-    <div class="grid grid-cols-3 gap-4">
-        <div>
-            <label for="username">Benutzername</label>
-            <input class="w-full" required name="username" type="text" value="{{.UserName}}" />
-        </div>
-        <div>
-            <label for="password">Passwort</label>
-            <input class="w-full" required name="password" placeholder="***" type="password" />
-        </div>
-        <div>
-            <label for="password2">Passwort wiederholen</label>
-            <input class="w-full" required name="password2" placeholder="***" type="password" />
-        </div>
-        <div>
-            <label for="first-name">Vorname</label>
-            <input class="w-full" required name="first-name" type="text" value="{{.FirstName}}" />
-        </div>
-        <div>
-            <label for="last-name">Nachname</label>
-            <input class="w-full" required name="last-name" type="text" value="{{.LastName}}" />
-        </div>
-    </div>
+    <input required name="username" placeholder="Benutzername" type="text" value="{{.UserName}}" />
+    <input required name="password" placeholder="Passwort" type="password" />
+    <input required name="password2" placeholder="Passwort wiederholen" type="password" />

-    <div class="flex gap-4">
-        <div>
-            <input required id="author" name="role" type="radio" value="3" {{if eq .Role 3 }}checked{{end}} />
-            <label for="author">Autor</label>
-        </div>
-        <div>
-            <input required id="editor" name="role" type="radio" value="2" {{if eq .Role 2 }}checked{{end}} />
-            <label for="editor">Redakteur</label>
-        </div>
-        <div>
-            <input required id="publisher" name="role" type="radio" value="1" {{if eq .Role 1 }}checked{{end}} />
-            <label for="publisher">Herausgeber</label>
-        </div>
-        <div>
-            <input required id="admin" name="role" type="radio" value="0" {{if eq .Role 0 }}checked{{end}} />
-            <label for="admin">Administrator</label>
-        </div>
-    </div>
+    <input required name="first-name" placeholder="Vorname" type="text" value="{{.FirstName}}" />
+    <input required name="last-name" placeholder="Nachname" type="text" value="{{.LastName}}" />

-    <div class="btn-area">
-        <input class="action-btn" type="submit" value="Anlegen" hx-post="/user/add" hx-target="#page-content" />
-        <button class="btn" hx-get="/hub" hx-target="#page-content">Abbrechen</button>
-    </div>
+    <input required id="author" name="role" type="radio" value="3" {{if eq .Role 3 }}checked{{end}} />
+    <label for="author">Autor</label>
+    <input required id="editor" name="role" type="radio" value="2" {{if eq .Role 2 }}checked{{end}} />
+    <label for="editor">Redakteur</label>
+    <input required id="publisher" name="role" type="radio" value="1" {{if eq .Role 1 }}checked{{end}} />
+    <label for="publisher">Herausgeber</label>
+    <input required id="admin" name="role" type="radio" value="0" {{if eq .Role 0 }}checked{{end}} />
+    <label for="admin">Admin</label>
+
+    <input type="submit" value="Anlegen" hx-post="/add-user/" hx-target="#page-content" />
 </form>
+<button hx-get="/hub/" hx-target="#page-content">Abbrechen</button>

 <script>
    var msg = "{{.Msg}}";
--- a/web/templates/current-articles.html
+++ b/web/templates/current-articles.html
@ -1,73 +1,10 @@
 {{define "page-content"}}
-<h2>Diese Ausgabe</h2>
-
-<form hx-encoding="multipart/form-data">
-    <div class="flex flex-col gap-4">
-        <div>
-            <h3>Aktuelle Artikel</h3>
-            <div class="flex flex-col gap-4">
-                {{range .}}
-                <div class="border border-slate-200 dark:border-slate-800 px-2 py-1 rounded-md">
-                    <h1 class="font-bold text-2xl">{{.Title}}</h1>
-                    <p>{{.Description}}</p>
-                </div>
-                {{end}}
-            </div>
-        </div>
-
-        <div>
-            <h3>Cover</h3>
-            <div class="grid grid-cols-2 gap-4 items-center">
-                <input class="h-full" name="issue-title" placeholder="Titel" type="text" />
-                <label class="btn text-center" for="image-upload">Bild hochladen</label>
-                <input class="hidden" id="image-upload" name="issue-image" type="file" required
-                    hx-post="/issue/upload-image" />
-            </div>
-        </div>
-
-        <div>
-            <h3>Über diese Ausgabe</h3>
-            <div>
-                <textarea id="easyMDE" placeholder="Beschreibung dieser Ausgabe"></textarea>
-                <input id="issue-content" name="issue-content" type="hidden" />
-            </div>
-        </div>
-    </div>
-
-    <div class="btn-area">
-        <button class="action-btn" hx-post="/issue/publish" hx-target="#page-content">Ausgabe publizieren</button>
-        <button class="btn" hx-get="/hub" hx-target="#page-content">Abbrechen</button>
-    </div>
-</form>
-
-<script>
-    var easyMDE = new EasyMDE({
-        element: document.getElementById('easyMDE'),
-        hideIcons: ['image'],
-        imageTexts: {sbInit: ''},
-        showIcons: ["code", "table", "upload-image"],
-        uploadImage: true,
-
-        imageUploadFunction: function (file, onSuccess, onError) {
-            var formData = new FormData();
-            formData.append('article-image', file);
-
-            fetch('/article/upload-image', {
-                method: 'POST',
-                body: formData
-            })
-                .then(response => response.json())
-                .then(data => {
-                    onSuccess(data);
-                })
-                .catch(error => {
-                    onError(error);
-                });
-        },
-    });
-
-    easyMDE.codemirror.on("change", () => {
-        document.getElementById('issue-content').value = easyMDE.value();
-    });
-</script>
+{{range .}}
+<div>
+    <h1>{{.Title}}</h1>
+    <p>{{.Description}}</p>
+</div>
+{{end}}
+<button hx-get="/publish-issue/" hx-target="#page-content">Ausgabe publizieren</button>
+<button hx-get="/hub/" hx-target="#page-content">Abbrechen</button>
 {{end}}
--- a/web/templates/edit-self.html
+++ b/web/templates/edit-self.html
@ -1,43 +0,0 @@
-{{define "page-content"}}
-<h2>Profil bearbeiten</h2>
-
-<form>
-    <div class="grid grid-cols-3 gap-4">
-        <div>
-            <label for="username">Benutzername</label>
-            <input class="w-full" name="username" type="text" value="{{.UserName}}" />
-        </div>
-
-        <div>
-            <label for="first-name">Vorname</label>
-            <input class="w-full" name="first-name" type="text" value="{{.FirstName}}" />
-        </div>
-
-        <div>
-            <label for="last-name">Nachname</label>
-            <input class="w-full" name="last-name" type="text" value="{{.LastName}}" />
-        </div>
-
-        <div>
-            <label for="old-password">Altes Passwort</label>
-            <input class="w-full" name="old-password" placeholder="***" type="password" />
-        </div>
-
-        <div>
-            <label for="password">Passwort</label>
-            <input class="w-full" name="password" placeholder="***" type="password" />
-        </div>
-
-        <div>
-            <label for="password2">Passwort wiederholen</label>
-            <input class="w-full" name="password2" placeholder="***" type="password" />
-        </div>
-    </div>
-
-    <div class="btn-area">
-        <input class="action-btn" type="submit" value="Aktualisieren" hx-post="/user/update/self"
-            hx-target="#page-content" />
-        <button class="btn" hx-get="/hub" hx-target="#page-content">Abbrechen</button>
-    </div>
-</form>
-{{end}}
--- a/web/templates/edit-user.html
+++ b/web/templates/edit-user.html
@ -1,57 +1,13 @@
 {{define "page-content"}}
-<h2>Profil von {{.FirstName}} {{.LastName}} bearbeiten</h2>
-
 <form>
-    <div class="grid grid-cols-3 gap-4">
-        <div>
-            <label for="username">Benutzername</label>
-            <input class="w-full" name="username" type="text" value="{{.UserName}}" />
-        </div>
+    <input name="username" type="text" value="{{.UserName}}" />
+    <input name="first-name" type="text" value="{{.FirstName}}" />
+    <input name="last-name" type="text" value="{{.LastName}}" />

-        <div>
-            <label for="first-name">Vorname</label>
-            <input class="w-full" name="first-name" type="text" value="{{.FirstName}}" />
-        </div>
+    <input name="old-password" placeholder="Altes Passwort" type="password" />
+    <input name="password" placeholder="Neues Passwort" type="password" />
+    <input name="password2" placeholder="Wiederholen" type="password" />

-        <div>
-            <label for="last-name">Nachname</label>
-            <input class="w-full" name="last-name" type="text" value="{{.LastName}}" />
-        </div>
-
-        <div>
-            <label for="password">Passwort</label>
-            <input class="w-full" name="password" placeholder="***" type="password" />
-        </div>
-
-        <div>
-            <label for="password2">Passwort wiederholen</label>
-            <input class="w-full" name="password2" placeholder="***" type="password" />
-        </div>
-    </div>
-
-    <div class="flex gap-4">
-        <div>
-            <input required id="author" name="role" type="radio" value="3" {{if eq .Role 3 }}checked{{end}} />
-            <label for="author">Autor</label>
-        </div>
-        <div>
-            <input required id="editor" name="role" type="radio" value="2" {{if eq .Role 2 }}checked{{end}} />
-            <label for="editor">Redakteur</label>
-        </div>
-        <div>
-            <input required id="publisher" name="role" type="radio" value="1" {{if eq .Role 1 }}checked{{end}} />
-            <label for="publisher">Herausgeber</label>
-        </div>
-        <div>
-            <input required id="admin" name="role" type="radio" value="0" {{if eq .Role 0 }}checked{{end}} />
-            <label for="admin">Administrator</label>
-        </div>
-    </div>
-
-    <div class="btn-area">
-        <input class="action-btn" type="submit" value="Aktualisieren" hx-post="/user/update/{{.ID}}"
-            hx-target="#page-content" />
-        <button class="btn" hx-get="/hub" hx-target="#page-content">Abbrechen</button>
-    </div>
+    <input type="submit" value="Aktualisieren" hx-post="/update-user/" hx-target="#page-content" />
 </form>
 {{end}}
--- a/web/templates/editor.html
+++ b/web/templates/editor.html
@ -1,74 +1,13 @@
 {{define "page-content"}}
 <h2>Editor</h2>
-
-<form id="edit-area">
-    <div class="flex flex-col gap-y-1">
-        <label for="article-title">Titel</label>
-        <input name="article-title" type="text" value="{{.Title}}" />
-    </div>
-
-    <div class="flex flex-col gap-y-1">
-        <label for="article-description">Beschreibung</label>
-        <textarea name="article-description">{{.Description}}</textarea>
-    </div>
-
-    <div class="flex flex-col gap-y-1">
-        <label for="easyMDE">Artikel</label>
-        <textarea id="easyMDE">{{.Content}}</textarea>
-        <input id="article-content" name="article-content" type="hidden" />
-    </div>
-
-    <div>
-        <span>Tags</span>
-        <div class="flex flex-wrap gap-x-4">
-            <div>
-                <input id="issue" name="issue" type="checkbox" />
-                <label for="issue">Orient Express</label>
-            </div>
-
-            {{range .Tags}}
-            <div>
-                <input id="{{.Name}}" name="tags" type="checkbox" value="{{.ID}}" />
-                <label for="{{.Name}}">{{.Name}}</label>
-            </div>
-            {{end}}
-        </div>
-    </div>
-
-    <div class="btn-area">
-        <input class="action-btn" type="submit" value="Senden" hx-post="/article/submit" hx-target="#page-content" />
-        <button class="btn" hx-get="/hub" hx-target="#page-content">Abbrechen</button>
-    </div>
+<form>
+    <input name="article-title" placeholder="Titel" type="text" />
+    <textarea name="article-description" placeholder="Beschreibung"></textarea>
+    <textarea name="article-content" placeholder="Artikel"></textarea>
+    {{range .}}
+    <input id="{{.Name}}" name="tags" type="checkbox" value="{{.ID}}" />
+    <label for="{{.Name}}">{{.Name}}</label>
+    {{end}}
+    <input type="submit" value="Senden" hx-post="/submit-article/" hx-target="#page-content" />
 </form>
-
-<script>
-    var easyMDE = new EasyMDE({
-        element: document.getElementById('easyMDE'),
-        hideIcons: ['image'],
-        imageTexts: {sbInit: ''},
-        showIcons: ["code", "table", "upload-image"],
-        uploadImage: true,
-
-        imageUploadFunction: function (file, onSuccess, onError) {
-            var formData = new FormData();
-            formData.append('article-image', file);
-
-            fetch('/article/upload-image', {
-                method: 'POST',
-                body: formData
-            })
-                .then(response => response.json())
-                .then(data => {
-                    onSuccess(data);
-                })
-                .catch(error => {
-                    onError(error);
-                });
-        },
-    });
-
-    easyMDE.codemirror.on("change", () => {
-        document.getElementById('article-content').value = easyMDE.value();
-    });
-</script>
 {{end}}
--- a/web/templates/feed.rss
+++ b/web/templates/feed.rss
@ -0,0 +1,3 @@
+{{define "page-content"}}
+{{.}}
+{{end}}
--- a/web/templates/first-user.html
+++ b/web/templates/first-user.html
@ -1,39 +0,0 @@
-{{define "page-content"}}
-<h2>Erster Benutzer (Administrator)</h2>
-
-<form>
-    <div class="grid grid-cols-3 gap-4">
-        <div>
-            <label for="username">Benutzername</label>
-            <input class="w-full" required name="username" type="text" value="{{.UserName}}" />
-        </div>
-        <div>
-            <label for="password">Passwort</label>
-            <input class="w-full" required name="password" placeholder="***" type="password" />
-        </div>
-        <div>
-            <label for="password2">Passwort wiederholen</label>
-            <input class="w-full" required name="password2" placeholder="***" type="password" />
-        </div>
-        <div>
-            <label for="first-name">Vorname</label>
-            <input class="w-full" required name="first-name" type="text" value="{{.FirstName}}" />
-        </div>
-        <div>
-            <label for="last-name">Nachname</label>
-            <input class="w-full" required name="last-name" type="text" value="{{.LastName}}" />
-        </div>
-    </div>
-
-    <div class="btn-area">
-        <input class="action-btn" type="submit" value="Anlegen" hx-post="/user/add-first" hx-target="#page-content" />
-    </div>
-</form>
-
-<script>
-    var msg = "{{.Msg}}";
-    if (msg != "") {
-        alert(msg);
-    }
-</script>
-{{end}}
--- a/web/templates/hub.html
+++ b/web/templates/hub.html
@ -1,54 +1,17 @@
 {{define "page-content"}}
-<div class="flex flex-col gap-4">
-    <button class="btn" hx-get="/logout" hx-target="#page-content">Abmelden</button>
-
-    {{if lt . 4}}
-    <div class="mb-3">
-        <h2>Artikel</h2>
-        <div class="grid grid-cols-2 gap-x-4 gap-y-2">
-            <button class="btn" hx-get="/article/write" hx-target="#page-content">Artikel schreiben</button>
-            <button class="btn" hx-get="/article/all-rejected" hx-target="#page-content">Abgelehnte Artikel</button>
-            {{if lt . 3}}<button class="btn" hx-get="/article/all-unpublished" hx-target="#page-content">
-                Unveröffentlichte Artikel
-            </button>{{end}}
-            {{if lt . 2}}<button class="btn" hx-get="/article/all-published" hx-target="#page-content">
-                Artikel löschen
-            </button>{{end}}
-            {{if lt . 3}}<button class="btn" hx-get="/tag/create" hx-target="#page-content">Neuer Tag</button>{{end}}
-        </div>
-    </div>
-    {{end}}
-
-    {{if lt . 2}}
-    <div class="mb-3">
-        <h2>Ausgabe</h2>
-        <div class="grid grid-cols-2 gap-x-4 gap-y-2">
-            <button class="btn" hx-get="/issue/this" hx-target="#page-content">Diese Ausgabe</button>
-            <form class="flex" hx-encoding="multipart/form-data">
-                <label class="btn text-center" for="pdf-upload">PDF hochladen</label>
-                <input accept=".pdf" class="hidden" id="pdf-upload" name="pdf-upload" type="file"
-                    hx-post="/pdf/upload" />
-            </form>
-        </div>
-        {{end}}
-    </div>
-
-    {{if lt . 4}}
-    <div class="mb-3">
-        <h2>Benutzer</h2>
-        <div class="grid grid-cols-2 gap-x-4 gap-y-2">
-            <button class="btn" hx-get="/user/edit/self" hx-target="#page-content">Mein Profil bearbeiten</button>
-            {{if eq . 0}}<button class="btn" hx-get="/user/create" hx-target="#page-content">
-                Benutzer hinzufügen
-            </button>{{end}}
-            {{if eq . 0}}<button class="btn" hx-get="/user/show-all/edit" hx-target="#page-content">
-                Benutzer bearbeiten
-            </button>{{end}}
-            {{if eq . 0}}<button class="btn" hx-get="/user/show-all/delete" hx-target="#page-content">
-                Benutzer löschen
-            </button>{{end}}
-        </div>
-    </div>
-    {{end}}
-</div>
+<h2>Hub</h2>
+<button hx-get="/write-article/" hx-target="#page-content">Artikel schreiben</button>
+<button hx-get="/rejected-articles/" hx-target="#page-content">Abgelehnte Artikel</button>
+<button hx-get="/rss/" hx-target="#page-content">RSS Feed</button>
+<button hx-get="/edit-user/" hx-target="#page-content">Benutzer bearbeiten</button>
+{{if lt . 3}}
+<button hx-get="/unpublished-articles/" hx-target="#page-content">Unveröffentlichte Artikel</button>
+<button hx-get="/create-tag/" hx-target="#page-content">Neuer Tag</button>
+{{end}}
+{{if lt . 2}}
+<button hx-get="/this-issue/" hx-target="#page-content">Diese Ausgabe</button>
+{{end}}
+{{if eq . 0}}
+<button hx-get="/create-user/" hx-target="#page-content">Benutzer hinzufügen</button>
+{{end}}
 {{end}}
--- a/web/templates/index.html
+++ b/web/templates/index.html
@ -5,72 +5,26 @@
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <title>Orient Editor</title>
-
-    <link href="/web/static/css/style.css" rel="stylesheet">
-    <link rel="stylesheet" href="https://unpkg.com/easymde/dist/easymde.min.css">
+    <link href="web/static/css/style.css" rel="stylesheet">
 </head>

-<body style="width: 800px;"
-    class="bg-slate-50 dark:bg-slate-950 flex flex-col justify-between min-h-screen mx-auto text-slate-900 dark:text-slate-100">
-    <header class="my-8">
-        <h1 class="font-bold text-4xl text-center">Orient Editor</h1>
-
-        <div class="ml-4">
-            <label class="cursor-pointer flex items-center relative" for="theme-toggle">
-                <div class="bg-slate-200 dark:bg-slate-800 block h-6 w-12 rounded-full"></div>
-                <div
-                    class="absolute bg-slate-800 dark:bg-slate-50 dot left-1 top-1 h-4 w-4 rounded-full transform transition">
-                </div>
-                <span class="ml-2">Dunkel</span>
-            </label>
-            <input type="checkbox" id="theme-toggle" class="sr-only">
-        </div>
+<body>
+    <header>
+        <h1>Orient Editor</h1>
+        <button hx-get="logout" hx-target="#page-content">Abmelden</button>
    </header>

-    <main class="mx-4">
+    <main>
        <div id="page-content">
            {{template "page-content" .}}
        </div>
+
+        <script src="web/static/js/htmx.min.js"></script>
    </main>

-    <footer class="text-center text-gray-500 my-8">
-        <p>
-            &copy; 2024 Jason Streifling. Alle Rechte vorbehalten.
-        </p>
-        <p>
-            v0.9.1 - <strong>Hinweis:</strong> Diese Software befindet sich noch in der Entwicklung und kann Fehler
-            enthalten.
-        </p>
+    <footer>
+        <p>&copy; 2024 Jason Streifling. Alle Rechte vorbehalten.</p>
    </footer>
-
-    <script src="https://unpkg.com/htmx.org@2.0.2"></script>
-    <script src="https://unpkg.com/easymde/dist/easymde.min.js"></script>
-    <script>
-        document.addEventListener('DOMContentLoaded', () => {
-            const toggleSwitch = document.getElementById('theme-toggle');
-            const dot = document.querySelector('.dot');
-
-            if (localStorage.theme === 'dark' || (!('theme' in localStorage) && window.matchMedia('(prefers-color-scheme: dark)').matches)) {
-                document.documentElement.classList.add('dark')
-                toggleSwitch.checked = true;
-                dot.classList.add('translate-x-6');
-            } else {
-                document.documentElement.classList.remove('dark')
-            }
-
-            toggleSwitch.addEventListener('change', () => {
-                if (toggleSwitch.checked) {
-                    document.documentElement.classList.add('dark');
-                    localStorage.theme = 'dark';
-                    dot.classList.add('translate-x-6');
-                } else {
-                    document.documentElement.classList.remove('dark');
-                    localStorage.theme = 'light';
-                    dot.classList.remove('translate-x-6');
-                }
-            });
-        });
-    </script>
 </body>

 </html>
--- a/web/templates/login.html
+++ b/web/templates/login.html
@ -1,12 +1,8 @@
 {{define "page-content"}}
 <h2>Anmeldung</h2>
-
 <form>
-    <div class="btn-area">
-        <input class="w-full" name="username" placeholder="Benutzername" type="text" />
-        <input class="w-full" name="password" placeholder="Passwort" type="password" />
-    </div>
-
-    <input class="action-btn" type="submit" value="Anmelden" hx-post="/login" hx-target="#page-content" />
+    <input name="username" placeholder="Benutzername" type="text" />
+    <input name="password" placeholder="Passwort" type="password" />
+    <input type="submit" value="Anmelden" hx-post="/login/" hx-target="#page-content" />
 </form>
 {{end}}
--- a/web/templates/published-articles.html
+++ b/web/templates/published-articles.html
@ -1,13 +0,0 @@
-{{define "page-content"}}
-<h2>Artikel löschen</h2>
-
-<div class="flex flex-col gap-4">
-    {{range .}}
-    <button class="btn" hx-get="/article/review-deletion/{{.ID}}" hx-target="#page-content">
-        <h1 class="font-bold text-2xl">{{.Title}}</h1>
-        <p>{{.Description}}</p>
-    </button>
-    {{end}}
-    <button class="action-btn" hx-get="/hub" hx-target="#page-content">Zurück</button>
-</div>
-{{end}}
--- a/web/templates/rejected-articles.html
+++ b/web/templates/rejected-articles.html
@ -1,16 +1,12 @@
 {{define "page-content"}}
-<h2>Abgelehnte Artikel</h2>
-
-<div class="flex flex-col gap-4">
+<form>
    {{range .RejectedArticles}}
    {{if index $.MyIDs .ID}}
-    <button class="btn" hx-get="/article/review-rejected/{{.ID}}" hx-target="#page-content">
-        <h1 class="font-bold text-2xl">{{.Title}}</h1>
-        <p>{{.Description}}</p>
-    </button>
+    <input required id="{{.ID}}" name="id" type="radio" value="{{.ID}}" />
+    <label for="{{.ID}}">{{.Title}}</label>
    {{end}}
    {{end}}
-
-    <button class="action-btn" hx-get="/hub" hx-target="#page-content">Zurück</button>
-</div>
+    <input type="submit" value="Auswählen" hx-post="/review-rejected-article/" hx-target="#page-content" />
+</form>
+<button hx-get="/hub/" hx-target="#page-content">Zurück</button>
 {{end}}
--- a/web/templates/rework-article.html
+++ b/web/templates/rework-article.html
@ -1,78 +1,16 @@
 {{define "page-content"}}
 <h2>Editor</h2>
-
 <form>
-    <div class="flex flex-col gap-y-1">
-        <label for="article-title">Titel</label>
-        <input name="article-title" type="text" value="{{.Article.Title}}" />
-    </div>
+    <input name="article-title" placeholder="Titel" type="text" value="{{.Article.Title}}" />
+    <textarea name="article-description" placeholder="Beschreibung">{{.Article.Description}}</textarea>
+    <textarea name="article-content" placeholder="Artikel">{{.Article.Content}}</textarea>
+    <input name="article-id" type="hidden" value="{{.Article.ID}}" />

-    <div class="flex flex-col gap-y-1">
-        <label for="article-description">Beschreibung</label>
-        <textarea name="article-description">{{.Article.Description}}</textarea>
-    </div>
+    {{range .Tags}}
+    <input id="tag-{{.Name}}" name="tags" type="checkbox" value="{{.ID}}" {{if index $.Selected .ID}}checked{{end}} />
+    <label for="tag-{{.Name}}">{{.Name}}</label>
+    {{end}}

-    <div class="flex flex-col gap-y-1">
-        <label for="easyMDE">Artikel</label>
-        <textarea id="easyMDE">{{.Content}}</textarea>
-        <input id="article-content" name="article-content" type="hidden" />
-    </div>
-
-    <div>
-        <span>Tags</span>
-        <div class="flex flex-wrap gap-x-4">
-            <div>
-                <input id="issue" name="issue" type="checkbox" {{if .Article.IsInIssue}}checked{{end}} />
-                <label for="issue">Orient Express</label>
-            </div>
-
-            {{range .Tags}}
-            <div>
-                <input id="tag-{{.Name}}" name="tags" type="checkbox" value="{{.ID}}" {{if index $.Selected
-                    .ID}}checked{{end}} />
-                <label for="tag-{{.Name}}">{{.Name}}</label>
-            </div>
-            {{end}}
-        </div>
-    </div>
-
-    <div class="btn-area">
-        <input class="action-btn" type="submit" value="Senden" hx-post="/article/resubmit/{{.Article.ID}}"
-            hx-target="#page-content" />
-        <button class="btn" hx-get="/hub" hx-target="#page-content">Zurück</button>
-    </div>
+    <input type="submit" value="Senden" hx-post="/resubmit-article/" hx-target="#page-content" />
 </form>
-
-<script>
-    document.getElementById('article-content').value = easyMDE.value();
-
-    var easyMDE = new EasyMDE({
-        element: document.getElementById('easyMDE'),
-        hideIcons: ['image'],
-        imageTexts: {sbInit: ''},
-        showIcons: ["code", "table", "upload-image"],
-        uploadImage: true,
-
-        imageUploadFunction: function (file, onSuccess, onError) {
-            var formData = new FormData();
-            formData.append('article-image', file);
-
-            fetch('/article/upload-image', {
-                method: 'POST',
-                body: formData
-            })
-                .then(response => response.json())
-                .then(data => {
-                    onSuccess(data);
-                })
-                .catch(error => {
-                    onError(error);
-                });
-        },
-    });
-
-    easyMDE.codemirror.on("change", () => {
-        document.getElementById('article-content').value = easyMDE.value();
-    });
-</script>
 {{end}}
--- a/web/templates/show-all-users.html
+++ b/web/templates/show-all-users.html
@ -1,24 +0,0 @@
-{{define "page-content"}}
-<h2>Alle Benutzer</h2>
-
-<div class="flex flex-col gap-4">
-    {{range .Users}}
-    <button class="btn" hx-get="/user/{{$.Action}}/{{.ID}}" hx-target="#page-content">
-        <h1 class="font-bold text-2xl">
-            {{.UserName}}
-            ({{if eq .Role 0}}
-            Administrator
-            {{else if eq .Role 1}}
-            Herausgeber
-            {{else if eq .Role 2}}
-            Redakteur
-            {{else}}
-            Autor
-            {{end}})
-        </h1>
-        <p>{{.FirstName}} {{.LastName}}</p>
-    </button>
-    {{end}}
-    <button class="action-btn" hx-get="/hub" hx-target="#page-content">Zurück</button>
-</div>
-{{end}}
--- a/web/templates/to-be-deleted.html
+++ b/web/templates/to-be-deleted.html
@ -1,36 +0,0 @@
-{{define "page-content"}}
-<h2>Artikel löschen</h2>
-
-<div>
-    <span>Titel</span>
-    <div class="bg-white border border-slate-200 dark:border-slate-800 mb-3 px-2 py-2 rounded-md w-full">
-        {{.Title}}
-    </div>
-
-    <span>Beschreibung</span>
-    <div class="bg-white border border-slate-200 dark:border-slate-800 mb-3 px-2 py-2 rounded-md w-full">
-        {{.Description}}
-    </div>
-
-    <span>Artikel</span>
-    <div class="bg-white border border-slate-200 dark:border-slate-800 mb-3 px-2 py-2 rounded-md w-full">
-        <div class="prose">
-            {{.Content}}
-        </div>
-    </div>
-
-    <span>Tags</span>
-    <div class="bg-white border border-slate-200 dark:border-slate-800 mb-3 px-2 py-2 rounded-md w-full">
-        {{range .Tags}}
-        {{.Name}}
-        <br>
-        {{end}}
-    </div>
-
-    <div class="btn-area">
-        <input class="action-btn" type="submit" value="Löschen" hx-get="/article/delete/{{.ID}}"
-            hx-target="#page-content" />
-        <button class="btn" hx-get="/hub" hx-target="#page-content">Zurück</button>
-    </div>
-</div>
-{{end}}
--- a/web/templates/to-be-published.html
+++ b/web/templates/to-be-published.html
@ -1,42 +1,19 @@
 {{define "page-content"}}
-<h2>Artikel veröffentlichen</h2>
+<form>
+    <h2>{{.Article.Title}}</h2>
+    <p>{{.Article.Description}}</p>
+    {{.Article.Content}}

-<div>
-    <span>Titel</span>
-    <div class="bg-white border border-slate-200 dark:border-slate-800 mb-3 px-2 py-2 rounded-md w-full">
-        {{.Article.Title}}
-    </div>
+    <p>
+    {{range .Tags}}
+    {{.Name}}
+    {{end}}
+    </p>

-    <span>Beschreibung</span>
-    <div class="bg-white border border-slate-200 dark:border-slate-800 mb-3 px-2 py-2 rounded-md w-full">
-        {{.Article.Description}}
-    </div>
+    <input name="id" type="hidden" value="{{.Article.ID}}" />
+    <input type="submit" value="Veröffentlichen" hx-post="/publish-article/" hx-target="#page-content" />
+    <input type="submit" value="Ablehnen" hx-post="/reject-article/" hx-target="#page-content" />
+</form>

-    <span>Artikel</span>
-    <div class="bg-white border border-slate-200 dark:border-slate-800 mb-3 px-2 py-2 rounded-md w-full">
-        <div class="prose">
-            {{.Content}}
-        </div>
-    </div>
-
-    <span>Tags</span>
-    <div class="bg-white border border-slate-200 dark:border-slate-800 mb-3 px-2 py-2 rounded-md w-full">
-        {{if .Article.IsInIssue}}
-        <span>Orient Express</span>
-        <br>
-        {{end}}
-        {{range .Tags}}
-        <span>{{.Name}}</span>
-        <br>
-        {{end}}
-    </div>
-
-    <div class="btn-area">
-        <input class="action-btn" type="submit" value="Veröffentlichen" hx-get="/article/publish/{{.Article.ID}}"
-            hx-target="#page-content" />
-        <input class="btn" type="submit" value="Ablehnen" hx-get="/article/reject/{{.Article.ID}}"
-            hx-target="#page-content" />
-        <button class="btn" hx-get="/hub" hx-target="#page-content">Zurück</button>
-    </div>
-</div>
+<button hx-get="/hub/" hx-target="#page-content">Zurück</button>
 {{end}}
--- a/web/templates/unpublished-articles.html
+++ b/web/templates/unpublished-articles.html
@ -1,13 +1,10 @@
 {{define "page-content"}}
-<h2>Unveröffentlichte Artikel</h2>
-
-<div class="flex flex-col gap-4">
+<form>
    {{range .}}
-    <button class="btn" hx-get="/article/review-unpublished/{{.ID}}" hx-target="#page-content">
-        <h1 class="font-bold text-2xl">{{.Title}}</h1>
-        <p>{{.Description}}</p>
-    </button>
+    <input required id="{{.ID}}" name="id" type="radio" value="{{.ID}}" />
+    <label for="{{.ID}}">{{.Title}}</label>
    {{end}}
-    <button class="action-btn" hx-get="/hub" hx-target="#page-content">Zurück</button>
-</div>
+    <input type="submit" value="Auswählen" hx-post="/review-unpublished-article/" hx-target="#page-content" />
+</form>
+<button hx-get="/hub/" hx-target="#page-content">Zurück</button>
 {{end}}
Author	SHA1	Message	Date
Jason Streifling	548d2c6023	Incorporated issues	2024-03-28 07:00:37 +01:00
Jason Streifling	509e1d41db	Corrected copyright	2024-03-28 06:59:39 +01:00
Jason Streifling	63d5fbd127	Disabled option to do transaction from view	2024-03-28 06:58:59 +01:00
Jason Streifling	f5c1a5e8d0	Added copyright	2024-03-17 15:29:12 +01:00
Jason Streifling	40d1104a66	Set pubDate to published time and date	2024-03-17 09:41:09 +01:00
Jason Streifling	736673c33f	Now everyone only sees their own rejected articles	2024-03-17 09:15:37 +01:00
Jason Streifling	1a2e18359c	Added ability to view tags when rejecting and change tags when reworking articles	2024-03-17 08:46:49 +01:00
Jason Streifling	d1d3a81565	Implemented retry logic on all transactions	2024-03-15 18:37:24 +01:00
Jason Streifling	bc2302d31f	Implement retry logic for UpdateAttributes	2024-03-15 15:18:02 +01:00
Jason Streifling	1b02e3fad2	Added logout	2024-03-12 20:27:39 +01:00
Jason Streifling	dc06a6e9aa	Fixed dumb routing mistake	2024-03-12 19:56:22 +01:00
Jason Streifling	63370ada01	Added ability to edit user info	2024-03-11 21:08:27 +01:00
Jason Streifling	5145e1cd94	Added ability to reject and rework article	2024-03-10 15:03:46 +01:00
Jason Streifling	28eb7e236a	Split up db.go into multiple files	2024-03-09 11:06:03 +01:00
Jason Streifling	4a7883f886	Also missed rss.go	2024-03-09 10:27:55 +01:00
Jason Streifling	b69a0688ef	Missed main when converting to MVC	2024-03-09 10:27:04 +01:00
Jason Streifling	0e18c7a7db	Changed everything to MVC	2024-03-09 10:25:20 +01:00
Jason Streifling	3ab9a8fe10	Converted RSS feed to be DB based	2024-03-09 10:12:46 +01:00
Jason Streifling	6dfd49a5cd	Reachieve basic functionality	2024-03-07 20:11:28 +01:00
Jason Streifling	5455bdb12b	Articles and tags are now inserted into DB correctly	2024-03-07 15:31:00 +01:00
Jason Streifling	9eaafdc712	Converted articles and tags to DB base	2024-03-06 20:53:17 +01:00
Jason Streifling	d127be4c93	Handle rollbackError with log.Fatalf()	2024-03-06 16:58:41 +01:00
Jason Streifling	34832e397f	Corrected transaction for ChangePassword()	2024-03-06 16:51:08 +01:00
Jason Streifling	2c0b4878f4	Use transaction when necessary	2024-03-06 15:37:59 +01:00
Jason Streifling	f0e078c011	Load ArticleList, Taglist and *Channel correctly	2024-03-06 15:37:42 +01:00
Jason Streifling	a8fc28af36	Moved main.go into cmd	2024-03-05 18:26:50 +01:00
Jason Streifling	e4f085f762	Added Tags to RSS feed as categories	2024-03-05 18:20:34 +01:00
Jason Streifling	6136f83dfc	Converted RSS package to git.streifling.com/jason/rss	2024-03-05 17:13:59 +01:00
Jason Streifling	21170c9cc2	A bit of cleaning up	2024-03-05 16:38:18 +01:00
Jason Streifling	6502aa7ec1	Added partial support for tags	2024-03-03 13:56:49 +01:00
Jason Streifling	e5bdc235b6	Initial sessions implementation	2024-03-03 09:16:49 +01:00
Jason Streifling	655992c8b2	Just a bit of cleaning up	2024-03-02 09:09:55 +01:00
Jason Streifling	aa7fcd6075	Created func for minimum spec for rss and article structs, thereby crushing an annoying bug that was caused by not initializing channels but waiting for messages to go through them	2024-03-02 00:28:42 +01:00
Jason Streifling	f9cc90a948	Changed articles and rss to channels	2024-03-01 21:01:38 +01:00
Jason Streifling	7f2433c30b	Implemented proper User struct	2024-03-01 12:25:53 +01:00
Jason Streifling	f34efc95dd	Added ability to publish articles	2024-03-01 11:30:31 +01:00
Jason Streifling	935d0a1ca4	Added article list for written but non-published articles	2024-02-27 14:10:27 +01:00
Jason Streifling	48d4d482b2	Convert title and description to plain text	2024-02-27 09:03:21 +01:00
Jason Streifling	8dae3ca21e	Implemented hub	2024-02-24 15:31:33 +01:00
Jason Streifling	6f02852212	Add ability to display feed	2024-02-24 14:49:29 +01:00
Jason Streifling	4cc2110c4b	Added messages and field memory for adding user	2024-02-24 13:25:32 +01:00
Jason Streifling	04cbee097c	Require all fields to be filled out when creating a new user	2024-02-24 12:10:34 +01:00
Jason Streifling	93423ae606	Implemented logging to file	2024-02-24 11:41:01 +01:00
Jason Streifling	41113b24a8	Check if user already exists and bug fix	2024-02-24 10:56:12 +01:00
Jason Streifling	2247f316a3	Added ability to add user	2024-02-24 10:28:12 +01:00
Jason Streifling	9beedf9b2b	Added ability to login	2024-02-24 09:54:25 +01:00
Jason Streifling	7d6f96a185	Check user credentials before adding user	2024-02-22 20:12:09 +01:00
Jason Streifling	8d47146a7c	Added ability to update Passwords	2024-02-22 19:27:41 +01:00
Jason Streifling	4853184ba1	Added ability to add user	2024-02-22 18:49:51 +01:00
Jason Streifling	50895249df	Changed error messages	2024-02-22 15:23:29 +01:00
Jason Streifling	6e91253908	Added HTML sanitizer	2024-02-22 15:22:45 +01:00
Jason Streifling	9bb6010319	Added initial support for MySQL databases	2024-02-18 16:37:13 +01:00
Jason Streifling	75a0af055c	Handle misssed errors for encoding and decoding feeds	2024-02-18 14:31:28 +01:00
Jason Streifling	171a0dd250	Added description and a way to save and restore the RSS feed.	2024-02-18 14:01:06 +01:00
Jason Streifling	372882a252	Create RSS from HTML	2024-02-18 12:41:49 +01:00
Jason Streifling	2d0b53a254	Show HTML on website	2024-02-18 10:48:37 +01:00
Jason Streifling	2447f50bac	First implementation of web based editor to HTML pipeline	2024-02-18 10:07:49 +01:00