Pocket
diff --git a/‎Makefile
+1-1 b/‎Makefile
+1-1
diff --git a/‎README.md
+1-1 b/‎README.md
+1-1
diff --git a/‎internal/server/home.go renamed to ‎internal/server/admin/admin.go
+94-51 b/‎internal/server/home.go renamed to ‎internal/server/admin/admin.go
+94-51
diff --git a/‎internal/server/admin/admin_test.go
+124 b/‎internal/server/admin/admin_test.go
+124
diff --git a/‎internal/server/admin/home.go
+57 b/‎internal/server/admin/home.go
+57
@@ -94,7 +94,7 @@ setup-githooks: ## setup the git hooks
 watch-server: ## Start a hot-update scrape-server (requires entr)
 	@echo "\nStarting hot-update scrape-server. Only templates are watched."
 	@echo "[space] to restart, q to quit."
-	@find ./internal/server/htdocs -type f | entr -r make build-and-restart-server
+	@find ./internal/server/admin/htdocs -type f | entr -r make build-and-restart-server
 
 build-and-restart-server:
 	@(make > $(BUILD_DIR)/build.log 2>&1; \
 
@@ -250,7 +250,7 @@ Command line options:
 
 The root path of the server (`/`) is browsable and provides a simple way to test URLs and results.
 
-![Alt text](internal/server/assets/test-console-with-token.png)
+![Alt text](internal/server/admin/htdocs/assets/test-console-with-token.png)
 
 The select on the left lets you select between loading results for a page url or for a feed, or scraping a page using the headless browser instead of a direct http client.
 
 
@@ -1,22 +1,39 @@
-package server
+package admin
 
 import (
 	"embed"
+	"fmt"
 	"html/template"
 	"io/fs"
 	"log/slog"
 	"net/http"
+	"strings"
 	"sync"
-	"time"
 
 	"github.com/efixler/scrape/internal/auth"
 	"github.com/efixler/scrape/internal/server/version"
 )
 
 const (
 	baseTemplateName = "base.html"
+	DefaultBasePath  = "/admin"
 )
 
+type AuthzProvider interface {
+	AuthEnabled() bool
+	SigningKey() auth.HMACBase64Key
+}
+
+type authzShim auth.HMACBase64Key
+
+func (a authzShim) AuthEnabled() bool {
+	return len(a) > 0
+}
+
+func (a authzShim) SigningKey() auth.HMACBase64Key {
+	return auth.HMACBase64Key(a)
+}
+
 //go:embed htdocs/*.html
 var htdocs embed.FS
 
@@ -34,14 +51,87 @@ type adminServer struct {
 	data         codeData
 }
 
-func newAdminServer() *adminServer {
-	return &adminServer{
+type config struct {
+	basePath string
+	authz    AuthzProvider
+	openHome bool
+	profile  bool
+}
+
+type option func(*config) error
+
+func WithBasePath(basePath string) option {
+	return func(c *config) error {
+		if !strings.HasPrefix(basePath, "/") {
+			return fmt.Errorf("BasePath must start with a /")
+		}
+		c.basePath = basePath
+		return nil
+	}
+}
+
+func WithAuthz(authz AuthzProvider) option {
+	return func(c *config) error {
+		if authz == nil {
+			authz = authzShim{}
+		}
+		c.authz = authz
+		return nil
+	}
+}
+
+func WithOpenHome(openHome bool) option {
+	return func(c *config) error {
+		c.openHome = openHome
+		return nil
+	}
+}
+
+func WithProfiling(profile bool) option {
+	return func(c *config) error {
+		c.profile = profile
+		return nil
+	}
+}
+
+func MustServer(mux *http.ServeMux, options ...option) *adminServer {
+	s, err := NewServer(mux, options...)
+	if err != nil {
+		panic(err)
+	}
+	return s
+}
+
+func NewServer(mux *http.ServeMux, options ...option) (*adminServer, error) {
+	c := &config{
+		basePath: DefaultBasePath,
+		authz:    authzShim{},
+	}
+
+	for _, o := range options {
+		if err := o(c); err != nil {
+			slog.Error("AdminServer: Error applying option", "error", err)
+			return nil, err
+		}
+	}
+	as := &adminServer{
 		data: codeData{
 			Commit:  version.Commit,
 			RepoURL: version.RepoURL,
 			Tag:     version.Tag,
 		},
 	}
+	// nil mux provided for tests
+	if mux != nil {
+		// home handler is always at root
+		mux.HandleFunc("/{$}", as.homeHandler(c.authz, c.openHome))
+		mux.Handle("/assets/", assetsHandler())
+		if c.profile {
+			initPProf(mux, c.basePath)
+		}
+		mux.HandleFunc(c.basePath+"/settings", as.settingsHandler())
+	}
+	return as, nil
 }
 
 // mustBaseTemplate returns a template for the base template. The returned template
@@ -83,53 +173,6 @@ func (a *adminServer) mustTemplate(name string, funcs template.FuncMap) *templat
 	return tmpl
 }
 
-// mustHomeTemplate creates a template for the home page.
-// To enable usage of the home page without a token when auth is enabled,
-// for API endpoint, set openHome to true.
-func (a *adminServer) mustHomeTemplate(ss *scrapeServer, openHome bool) *template.Template {
-	var authTokenF = func() string { return "" }
-	var showTokenWidget = func() bool {
-		// when openHome is true don't show the token entry widget
-		if openHome {
-			return false
-		}
-		return ss.AuthEnabled()
-	}
-	if ss.AuthEnabled() && openHome {
-		authTokenF = func() string {
-			c, err := auth.NewClaims(
-				auth.WithSubject("home"),
-				auth.ExpiresIn(60*time.Minute),
-			)
-			if err != nil {
-				slog.Error("Error creating claims for home view", "error", err)
-				return ""
-			}
-			s, err := c.Sign(ss.SigningKey())
-			if err != nil {
-				slog.Error("Error signing claims for home view", "error", err)
-				return ""
-			}
-			return s
-		}
-	}
-	funcMap := template.FuncMap{
-		"AuthToken":       authTokenF,
-		"ShowTokenWidget": showTokenWidget,
-	}
-	tmpl := a.mustTemplate("index.html", funcMap)
-	return tmpl
-}
-
-func (a *adminServer) homeHandler(ss *scrapeServer, openHome bool) http.HandlerFunc {
-	tmpl := a.mustHomeTemplate(ss, openHome)
-	return func(w http.ResponseWriter, r *http.Request) {
-		if err := tmpl.ExecuteTemplate(w, baseTemplateName, a.data); err != nil {
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-		}
-	}
-}
-
 func (a *adminServer) settingsHandler() http.HandlerFunc {
 	tmpl := a.mustTemplate("settings.html", nil)
 	return func(w http.ResponseWriter, r *http.Request) {
 
@@ -0,0 +1,124 @@
+package admin
+
+import (
+	"net/http/httptest"
+	"testing"
+
+	"github.com/efixler/scrape/internal/auth"
+	"golang.org/x/net/html"
+)
+
+func TestMustBaseTemplate(t *testing.T) {
+	as := MustServer(nil)
+	tmpl := as.mustBaseTemplate()
+	if tmpl == nil {
+		t.Fatal("Expected non-nil template")
+	}
+	requiredTemplates := map[string]bool{
+		"base.html":    false,
+		"menubar.html": false,
+		// following are blocks expected to be defined
+		"content": false,
+		"head":    false,
+		"scripts": false,
+		"title":   false,
+	}
+	for _, t := range tmpl.Templates() {
+		requiredTemplates[t.Name()] = true
+	}
+	for k, v := range requiredTemplates {
+		if !v {
+			t.Errorf("Expected template %s to be defined", k)
+		}
+	}
+	if tmpl == as.baseTemplate {
+		t.Error("Expected returned base template to be a clone baseTemplate")
+	}
+}
+
+func TestSettingsHandler(t *testing.T) {
+	as := MustServer(nil)
+	handler := as.settingsHandler()
+	if handler == nil {
+		t.Fatal("Expected non-nil handler")
+	}
+	req := httptest.NewRequest("GET", "http://foo.bar/", nil)
+	w := httptest.NewRecorder()
+	handler(w, req)
+	resp := w.Result()
+	if resp.StatusCode != 200 {
+		t.Errorf("Expected 200 status code, got %d", resp.StatusCode)
+	}
+	if _, err := html.Parse(resp.Body); err != nil {
+		t.Errorf("Error parsing settings rendered content body: %s", err)
+	}
+}
+
+func TestWithBasePathOption(t *testing.T) {
+	tests := []struct {
+		name      string
+		basePath  string
+		expectErr bool
+	}{
+		{
+			name:      "empty base path",
+			basePath:  "",
+			expectErr: true,
+		},
+		{
+			name:      "valid base path",
+			basePath:  "/foo",
+			expectErr: false,
+		},
+	}
+	for _, test := range tests {
+		c := &config{}
+		err := WithBasePath(test.basePath)(c)
+		if test.expectErr && err == nil {
+			t.Errorf("[%s] Expected error, got nil", test.name)
+		}
+		if !test.expectErr && err != nil {
+			t.Errorf("[%s] Expected no error, got %s", test.name, err)
+		}
+		if c.basePath != test.basePath {
+			t.Errorf("[%s] Expected base path %s, got %s", test.name, test.basePath, c.basePath)
+		}
+	}
+}
+
+func TestWithAuthzOption(t *testing.T) {
+	tests := []struct {
+		name          string
+		authz         AuthzProvider
+		expectEnabled bool
+	}{
+		{
+			name:          "nil authz",
+			authz:         nil,
+			expectEnabled: false,
+		},
+		{
+			name:          "non-nil no authz",
+			authz:         authzShim{},
+			expectEnabled: false,
+		},
+		{
+			name:          "non-nil authz",
+			authz:         authzShim(auth.MustNewHS256SigningKey()),
+			expectEnabled: true,
+		},
+	}
+	for _, test := range tests {
+		c := &config{}
+		err := WithAuthz(test.authz)(c)
+		if err != nil {
+			t.Errorf("[%s] Unexpected error: %s", test.name, err)
+		}
+		if c.authz == nil {
+			t.Errorf("[%s] Expected non-nil authz", test.name)
+		}
+		if c.authz.AuthEnabled() != test.expectEnabled {
+			t.Errorf("[%s] Expected auth enabled %t, got %t", test.name, test.expectEnabled, c.authz.AuthEnabled())
+		}
+	}
+}
@@ -0,0 +1,57 @@
+package admin
+
+import (
+	"html/template"
+	"log/slog"
+	"net/http"
+	"time"
+
+	"github.com/efixler/scrape/internal/auth"
+)
+
+// mustHomeTemplate creates a template for the home page.
+// To enable usage of the home page without a token when auth is enabled,
+// for API endpoint, set openHome to true.
+func (a *adminServer) mustHomeTemplate(ss AuthzProvider, openHome bool) *template.Template {
+	var authTokenF = func() string { return "" }
+	var showTokenWidget = func() bool {
+		// when openHome is true don't show the token entry widget
+		if openHome {
+			return false
+		}
+		return ss.AuthEnabled()
+	}
+	if ss.AuthEnabled() && openHome {
+		authTokenF = func() string {
+			c, err := auth.NewClaims(
+				auth.WithSubject("home"),
+				auth.ExpiresIn(60*time.Minute),
+			)
+			if err != nil {
+				slog.Error("Error creating claims for home view", "error", err)
+				return ""
+			}
+			s, err := c.Sign(ss.SigningKey())
+			if err != nil {
+				slog.Error("Error signing claims for home view", "error", err)
+				return ""
+			}
+			return s
+		}
+	}
+	funcMap := template.FuncMap{
+		"AuthToken":       authTokenF,
+		"ShowTokenWidget": showTokenWidget,
+	}
+	tmpl := a.mustTemplate("index.html", funcMap)
+	return tmpl
+}
+
+func (a *adminServer) homeHandler(ss AuthzProvider, openHome bool) http.HandlerFunc {
+	tmpl := a.mustHomeTemplate(ss, openHome)
+	return func(w http.ResponseWriter, r *http.Request) {
+		if err := tmpl.ExecuteTemplate(w, baseTemplateName, a.data); err != nil {
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+		}
+	}
+}