Create a more specific var for enabling debug auth

Makefile

@@ -11,12 +11,12 @@ build:
 # use wgo to watch for code changes and subsequently rebuild the app
 .PHONY: run
 run:
-	DEBUG=1 go run github.com/bokwoon95/wgo@latest run -file .html -file .css main.go
+	ENABLE_DEBUG_AUTH=1 go run github.com/bokwoon95/wgo@latest run -file .html -file .css main.go
 
 # run the app using the local-only config file
 .PHONY: run-local
 run-local:
-	DEBUG=1 go run github.com/bokwoon95/wgo@latest run -file .html -file .css main.go -conf bloggulus.local.conf
+	ENABLE_DEBUG_AUTH=1 go run github.com/bokwoon95/wgo@latest run -file .html -file .css main.go -conf bloggulus.local.conf
 
 .PHONY: migrate
 migrate:

README.md

@@ -51,6 +51,7 @@ make run-local
 ```
 
 Otherwise, you can simply run the application normally (without OAuth configured) and use the local-only debug login.
+This is enabled when `ENABLE_DEBUG_AUTH` is set (which the already Makefile includes for `run` and `run-local`).
 
 ### Testing
 

backend/web/handler.go

@@ -92,16 +92,19 @@ func Handler(
 	// The main application routes start here.
 	mux.Handle("GET /{$}", HandleIndexPage(find))
 
+	// Check if the debug auth method should be enabled.
+	enableDebugAuth := os.Getenv("ENABLE_DEBUG_AUTH") != ""
+
 	// Authenication routes.
-	mux.Handle("GET /signin", HandleLogin())
+	mux.Handle("GET /signin", HandleLogin(enableDebugAuth))
 	mux.Handle("GET /github/signin", HandleOAuthLogin(&githubConf))
 	mux.Handle("GET /github/callback", HandleOAuthCallback(&githubConf, repo, FetchGithubUserID))
 	mux.Handle("GET /google/signin", HandleOAuthLogin(&googleConf))
 	mux.Handle("GET /google/callback", HandleOAuthCallback(&googleConf, repo, FetchGoogleUserID))
 	mux.Handle("POST /logout", HandleLogoutForm(repo))
 
 	// Debug-only auth routes.
-	if os.Getenv("DEBUG") != "" {
+	if enableDebugAuth {
 		mux.Handle("POST /debug/signin", HandleDebugLogin(repo))
 	}
 

backend/web/login.go

@@ -9,7 +9,6 @@ import (
 	"io"
 	"log/slog"
 	"net/http"
-	"os"
 
 	"github.com/theandrew168/bloggulus/backend/model"
 	"github.com/theandrew168/bloggulus/backend/postgres"
@@ -101,7 +100,7 @@ func FetchGoogleUserID(client *http.Client) (string, error) {
 	return username, nil
 }
 
-func HandleLogin() http.Handler {
+func HandleLogin(enableDebugAuth bool) http.Handler {
 	tmpl := page.NewLogin()
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		// Check for a "next" query param for post-auth redirecting.
@@ -114,11 +113,10 @@ func HandleLogin() http.Handler {
 		cookie := util.NewSessionCookie(util.NextCookieName, next)
 		http.SetCookie(w, &cookie)
 
-		isDebug := os.Getenv("DEBUG") != ""
 		data := page.LoginData{
 			BaseData: util.TemplateBaseData(r, w),
 
-			IsDebug: isDebug,
+			EnableDebugAuth: enableDebugAuth,
 		}
 		util.Render(w, r, http.StatusOK, func(w io.Writer) error {
 			return tmpl.Render(w, data)

backend/web/page/login.go

@@ -15,9 +15,10 @@ var LoginHTML string
 type LoginData struct {
 	layout.BaseData
 
-	IsDebug    bool
 	GithubConf *oauth2.Config
 	Errors     map[string]string
+
+	EnableDebugAuth bool
 }
 
 type LoginPage struct {

backend/web/page/login.html

@@ -6,7 +6,7 @@ <h2 class="login__heading">Welcome!</h2>
 
 		<hr />
 
-		{{if .IsDebug}}
+		{{if .EnableDebugAuth}}
 		<form method="POST" action="/debug/signin">
 			<input type="hidden" name="csrf_token" value="{{$.CSRFToken}}" />
 			<button class="login__button" type="submit">