From b90f9cc5484262a8088f65ba66ca677b3fafe43f Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 20 Nov 2023 07:00:38 +0000
Subject: [PATCH 01/24] Bump docker/build-push-action from 5.0.0 to 5.1.0

Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 5.0.0 to 5.1.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v5.0.0...v5.1.0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/docker.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
index 9dcbd25..42afc31 100644
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -49,7 +49,7 @@ jobs:
       # https://github.com/docker/build-push-action
       - name: Build and push Docker image
         id: build-and-push
-        uses: docker/build-push-action@v5.0.0
+        uses: docker/build-push-action@v5.1.0
         with:
           context: .
           push: true

From adccabf7d63295bd092bb4ef10f630d4ea1645e5 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 25 Dec 2023 06:33:05 +0000
Subject: [PATCH 02/24] Bump docker/metadata-action from 5.0.0 to 5.4.0

Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 5.0.0 to 5.4.0.
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Commits](https://github.com/docker/metadata-action/compare/v5.0.0...v5.4.0)

---
updated-dependencies:
- dependency-name: docker/metadata-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/docker.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
index 42afc31..975cba7 100644
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -41,7 +41,7 @@ jobs:
       # https://github.com/docker/metadata-action
       - name: Extract Docker metadata
         id: meta
-        uses: docker/metadata-action@v5.0.0
+        uses: docker/metadata-action@v5.4.0
         with:
           images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
 

From f2ca3867dd2d1f0339a2b11a6b0c060ec14e2f23 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 4 Dec 2023 06:39:21 +0000
Subject: [PATCH 03/24] Bump golang.org/x/crypto from 0.14.0 to 0.16.0

Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.14.0 to 0.16.0.
- [Commits](https://github.com/golang/crypto/compare/v0.14.0...v0.16.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 go.mod |  6 +++---
 go.sum | 12 ++++++------
 2 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/go.mod b/go.mod
index 3d211a0..9aff556 100644
--- a/go.mod
+++ b/go.mod
@@ -8,7 +8,7 @@ require (
 	github.com/joho/godotenv v1.5.1
 	github.com/kelseyhightower/envconfig v1.4.0
 	github.com/sirupsen/logrus v1.9.3
-	golang.org/x/crypto v0.14.0
+	golang.org/x/crypto v0.16.0
 	gorm.io/driver/sqlite v1.5.4
 	gorm.io/gorm v1.25.5
 )
@@ -36,8 +36,8 @@ require (
 	github.com/ugorji/go/codec v1.2.11 // indirect
 	golang.org/x/arch v0.3.0 // indirect
 	golang.org/x/net v0.17.0 // indirect
-	golang.org/x/sys v0.13.0 // indirect
-	golang.org/x/text v0.13.0 // indirect
+	golang.org/x/sys v0.15.0 // indirect
+	golang.org/x/text v0.14.0 // indirect
 	google.golang.org/protobuf v1.30.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
diff --git a/go.sum b/go.sum
index 149258f..0347a1d 100644
--- a/go.sum
+++ b/go.sum
@@ -76,17 +76,17 @@ github.com/ugorji/go/codec v1.2.11/go.mod h1:UNopzCgEMSXjBc6AOMqYvWC1ktqTAfzJZUZ
 golang.org/x/arch v0.0.0-20210923205945-b76863e36670/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8=
 golang.org/x/arch v0.3.0 h1:02VY4/ZcO/gBOH6PUaoiptASxtXU10jazRCP865E97k=
 golang.org/x/arch v0.3.0/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8=
-golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc=
-golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4=
+golang.org/x/crypto v0.16.0 h1:mMMrFzRSCF0GvB7Ne27XVtVAaXLrPmgPC7/v0tkwHaY=
+golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
 golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM=
 golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
 golang.org/x/sys v0.0.0-20220704084225-05e143d24a9e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE=
-golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k=
-golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
+golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
+golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
+golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=

From 2f6a548d940219f6b2d68b95cd19f6b9ba558a78 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 2 Jan 2024 16:21:24 +0000
Subject: [PATCH 04/24] Bump golang.org/x/crypto from 0.14.0 to 0.17.0

Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.14.0 to 0.17.0.
- [Commits](https://github.com/golang/crypto/compare/v0.14.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 go.mod | 2 +-
 go.sum | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/go.mod b/go.mod
index 9aff556..e5a31dd 100644
--- a/go.mod
+++ b/go.mod
@@ -8,7 +8,7 @@ require (
 	github.com/joho/godotenv v1.5.1
 	github.com/kelseyhightower/envconfig v1.4.0
 	github.com/sirupsen/logrus v1.9.3
-	golang.org/x/crypto v0.16.0
+	golang.org/x/crypto v0.17.0
 	gorm.io/driver/sqlite v1.5.4
 	gorm.io/gorm v1.25.5
 )
diff --git a/go.sum b/go.sum
index 0347a1d..1d4ecc5 100644
--- a/go.sum
+++ b/go.sum
@@ -76,8 +76,8 @@ github.com/ugorji/go/codec v1.2.11/go.mod h1:UNopzCgEMSXjBc6AOMqYvWC1ktqTAfzJZUZ
 golang.org/x/arch v0.0.0-20210923205945-b76863e36670/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8=
 golang.org/x/arch v0.3.0 h1:02VY4/ZcO/gBOH6PUaoiptASxtXU10jazRCP865E97k=
 golang.org/x/arch v0.3.0/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8=
-golang.org/x/crypto v0.16.0 h1:mMMrFzRSCF0GvB7Ne27XVtVAaXLrPmgPC7/v0tkwHaY=
-golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
+golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k=
+golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
 golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM=
 golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
 golang.org/x/sys v0.0.0-20220704084225-05e143d24a9e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=

From 7fc743abdb3354bb51a08754aa3eda751ebf9ecd Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 18 Dec 2023 06:17:35 +0000
Subject: [PATCH 05/24] Bump github/codeql-action from 2 to 3

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/codeql.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 3e407da..085a3d8 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -23,15 +23,15 @@ jobs:
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v2
+      uses: github/codeql-action/init@v3
       with:
         languages: go
 
     # Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift).
     - name: Autobuild
-      uses: github/codeql-action/autobuild@v2
+      uses: github/codeql-action/autobuild@v3
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v2
+      uses: github/codeql-action/analyze@v3
       with:
         category: "/language:go"

From 5738476c6b03cae8e2e964cd88f10c161e81aff5 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 4 Dec 2023 06:39:12 +0000
Subject: [PATCH 06/24] Bump github.com/golang-jwt/jwt/v5 from 5.0.0 to 5.2.0

Bumps [github.com/golang-jwt/jwt/v5](https://github.com/golang-jwt/jwt) from 5.0.0 to 5.2.0.
- [Release notes](https://github.com/golang-jwt/jwt/releases)
- [Changelog](https://github.com/golang-jwt/jwt/blob/main/VERSION_HISTORY.md)
- [Commits](https://github.com/golang-jwt/jwt/compare/v5.0.0...v5.2.0)

---
updated-dependencies:
- dependency-name: github.com/golang-jwt/jwt/v5
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 go.mod | 2 +-
 go.sum | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/go.mod b/go.mod
index e5a31dd..4f5d6ed 100644
--- a/go.mod
+++ b/go.mod
@@ -4,7 +4,7 @@ go 1.20
 
 require (
 	github.com/gin-gonic/gin v1.9.1
-	github.com/golang-jwt/jwt/v5 v5.0.0
+	github.com/golang-jwt/jwt/v5 v5.2.0
 	github.com/joho/godotenv v1.5.1
 	github.com/kelseyhightower/envconfig v1.4.0
 	github.com/sirupsen/logrus v1.9.3
diff --git a/go.sum b/go.sum
index 1d4ecc5..e385120 100644
--- a/go.sum
+++ b/go.sum
@@ -22,8 +22,8 @@ github.com/go-playground/validator/v10 v10.14.0 h1:vgvQWe3XCz3gIeFDm/HnTIbj6UGmg
 github.com/go-playground/validator/v10 v10.14.0/go.mod h1:9iXMNT7sEkjXb0I+enO7QXmzG6QCsPWY4zveKFVRSyU=
 github.com/goccy/go-json v0.10.2 h1:CrxCmQqYDkv1z7lO7Wbh2HN93uovUHgrECaO5ZrCXAU=
 github.com/goccy/go-json v0.10.2/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I=
-github.com/golang-jwt/jwt/v5 v5.0.0 h1:1n1XNM9hk7O9mnQoNBGolZvzebBQ7p93ULHRc28XJUE=
-github.com/golang-jwt/jwt/v5 v5.0.0/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
+github.com/golang-jwt/jwt/v5 v5.2.0 h1:d/ix8ftRUorsN+5eMIlF4T6J8CAt9rch3My2winC1Jw=
+github.com/golang-jwt/jwt/v5 v5.2.0/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
 github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
 github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU=
 github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=

From f0f8d4ff8d515a9a7970f4b4a22b68938ff5b147 Mon Sep 17 00:00:00 2001
From: Ivan Reshetnikov <ordinarydev@protonmail.com>
Date: Wed, 3 Jan 2024 17:15:49 +0500
Subject: [PATCH 07/24] style: group imports

---
 views/errors.go   | 3 ++-
 views/groups.go   | 5 +++--
 views/index.go    | 3 ++-
 views/links.go    | 5 +++--
 views/settings.go | 3 ++-
 5 files changed, 12 insertions(+), 7 deletions(-)

diff --git a/views/errors.go b/views/errors.go
index 3265114..9a2512d 100644
--- a/views/errors.go
+++ b/views/errors.go
@@ -1,9 +1,10 @@
 package views
 
 import (
+	"net/http"
+
 	"github.com/gin-gonic/gin"
 	"github.com/ordinary-dev/phoenix/config"
-	"net/http"
 )
 
 func ShowError(ctx *gin.Context, cfg *config.Config, err error) {
diff --git a/views/groups.go b/views/groups.go
index 2584e0d..c1bda7a 100644
--- a/views/groups.go
+++ b/views/groups.go
@@ -2,12 +2,13 @@ package views
 
 import (
 	"fmt"
+	"net/http"
+	"strconv"
+
 	"github.com/gin-gonic/gin"
 	"github.com/ordinary-dev/phoenix/config"
 	"github.com/ordinary-dev/phoenix/database"
 	"gorm.io/gorm"
-	"net/http"
-	"strconv"
 )
 
 func CreateGroup(cfg *config.Config, db *gorm.DB) gin.HandlerFunc {
diff --git a/views/index.go b/views/index.go
index f027378..24ab1a7 100644
--- a/views/index.go
+++ b/views/index.go
@@ -1,11 +1,12 @@
 package views
 
 import (
+	"net/http"
+
 	"github.com/gin-gonic/gin"
 	"github.com/ordinary-dev/phoenix/config"
 	"github.com/ordinary-dev/phoenix/database"
 	"gorm.io/gorm"
-	"net/http"
 )
 
 func ShowMainPage(cfg *config.Config, db *gorm.DB) gin.HandlerFunc {
diff --git a/views/links.go b/views/links.go
index f1b1293..6293f74 100644
--- a/views/links.go
+++ b/views/links.go
@@ -2,12 +2,13 @@ package views
 
 import (
 	"fmt"
+	"net/http"
+	"strconv"
+
 	"github.com/gin-gonic/gin"
 	"github.com/ordinary-dev/phoenix/config"
 	"github.com/ordinary-dev/phoenix/database"
 	"gorm.io/gorm"
-	"net/http"
-	"strconv"
 )
 
 func CreateLink(cfg *config.Config, db *gorm.DB) gin.HandlerFunc {
diff --git a/views/settings.go b/views/settings.go
index bfe1642..205681d 100644
--- a/views/settings.go
+++ b/views/settings.go
@@ -1,11 +1,12 @@
 package views
 
 import (
+	"net/http"
+
 	"github.com/gin-gonic/gin"
 	"github.com/ordinary-dev/phoenix/config"
 	"github.com/ordinary-dev/phoenix/database"
 	"gorm.io/gorm"
-	"net/http"
 )
 
 func ShowSettings(cfg *config.Config, db *gorm.DB) gin.HandlerFunc {

From 6d25c4e8af7c9ccd745ab41039119bb0f524b566 Mon Sep 17 00:00:00 2001
From: Ivan Reshetnikov <ordinarydev@protonmail.com>
Date: Mon, 25 Mar 2024 15:52:18 +0500
Subject: [PATCH 08/24] feat!: migrate to net/http

With the release of Go 1.22, the standard library now has
all the necessary functions that allow us to abandon Gin.

I hope this rewrite will lower the entry barrier for new developers.
As a nice bonus, the size of the program has decreased from 20 to 15.4 MB.

To solve issue #81, request logging has been improved.
Now all errors are displayed in the logs.
---
 config/main.go                           |  30 ++--
 database/admins.go                       |  13 +-
 database/db.go                           |  13 +-
 go.mod                                   |  26 +---
 go.sum                                   |  68 ---------
 jwttoken/token.go                        |  33 +++++
 main.go                                  |  20 +--
 templates/auth.html.tmpl                 |   8 +-
 templates/error.html.tmpl                |   4 +-
 templates/{ => fragments}/head.html.tmpl |   4 +-
 templates/index.html.tmpl                |   2 +-
 templates/settings.html.tmpl             |  13 +-
 views/auth.go                            | 176 -----------------------
 views/errors.go                          |  15 --
 views/groups.go                          |  71 ---------
 views/index.go                           |  30 ----
 views/links.go                           |  91 ------------
 views/main.go                            |  63 --------
 views/middleware/auth.go                 |  82 +++++++++++
 views/middleware/logging.go              |  22 +++
 views/middleware/security.go             |  18 +++
 views/pages/errors.go                    |  18 +++
 views/pages/groups.go                    |  63 ++++++++
 views/pages/index.go                     |  30 ++++
 views/pages/links.go                     |  82 +++++++++++
 views/pages/registration.go              |  50 +++++++
 views/pages/settings.go                  |  26 ++++
 views/pages/signin.go                    |  43 ++++++
 views/pages/templates.go                 |  70 +++++++++
 views/render.go                          |  13 --
 views/routes.go                          |  62 ++++++++
 views/security.go                        |  14 --
 views/settings.go                        |  30 ----
 33 files changed, 661 insertions(+), 642 deletions(-)
 create mode 100644 jwttoken/token.go
 rename templates/{ => fragments}/head.html.tmpl (90%)
 delete mode 100644 views/auth.go
 delete mode 100644 views/errors.go
 delete mode 100644 views/groups.go
 delete mode 100644 views/index.go
 delete mode 100644 views/links.go
 delete mode 100644 views/main.go
 create mode 100644 views/middleware/auth.go
 create mode 100644 views/middleware/logging.go
 create mode 100644 views/middleware/security.go
 create mode 100644 views/pages/errors.go
 create mode 100644 views/pages/groups.go
 create mode 100644 views/pages/index.go
 create mode 100644 views/pages/links.go
 create mode 100644 views/pages/registration.go
 create mode 100644 views/pages/settings.go
 create mode 100644 views/pages/signin.go
 create mode 100644 views/pages/templates.go
 delete mode 100644 views/render.go
 create mode 100644 views/routes.go
 delete mode 100644 views/security.go
 delete mode 100644 views/settings.go

diff --git a/config/main.go b/config/main.go
index be3e7e6..2d09e3b 100644
--- a/config/main.go
+++ b/config/main.go
@@ -6,18 +6,29 @@ import (
 	"github.com/sirupsen/logrus"
 )
 
+var Cfg Config
+
 type Config struct {
-	SecretKey       string `required:"true"`
-	DBPath          string `required:"true"`
-	LogLevel        string `default:"warning"`
-	EnableGinLogger bool   `default:"false"`
-	Production      bool   `default:"true"`
-	HeaderAuth      bool   `default:"false"`
+	// A long and random secret string used for authorization.
+	SecretKey string `required:"true"`
+	// Path to the sqlite database.
+	DBPath string `required:"true"`
+
+	LogLevel string `default:"warning"`
+
+	// Allows you to skip authorization if the "Remote-User" header is specified.
+	// Don't use it if you don't know why you need it.
+	HeaderAuth bool `default:"false"`
+
+	// Data for the first user.
+	// Optional, the site also allows you to create the first user.
 	DefaultUsername string
 	DefaultPassword string
+
 	// Controls the "secure" option for a token cookie.
 	SecureCookie bool `default:"true"`
 
+	// Site title.
 	Title string `default:"Phoenix"`
 	// Any supported css value, embedded directly into every page.
 	FontFamily string `default:"sans-serif"`
@@ -29,13 +40,12 @@ func GetConfig() (*Config, error) {
 		logrus.Infof("Config: %v", err)
 	}
 
-	var cfg Config
-	err = envconfig.Process("p", &cfg)
+	err = envconfig.Process("p", &Cfg)
 	if err != nil {
 		return nil, err
 	}
 
-	return &cfg, nil
+	return &Cfg, nil
 }
 
 func (cfg *Config) GetLogLevel() logrus.Level {
@@ -44,7 +54,7 @@ func (cfg *Config) GetLogLevel() logrus.Level {
 		return logrus.DebugLevel
 	case "info":
 		return logrus.InfoLevel
-	case "warning":
+	case "warning", "warn":
 		return logrus.WarnLevel
 	case "error":
 		return logrus.ErrorLevel
diff --git a/database/admins.go b/database/admins.go
index b23e4ec..fd57d46 100644
--- a/database/admins.go
+++ b/database/admins.go
@@ -2,7 +2,6 @@ package database
 
 import (
 	"golang.org/x/crypto/bcrypt"
-	"gorm.io/gorm"
 )
 
 type Admin struct {
@@ -11,14 +10,14 @@ type Admin struct {
 	Bcrypt   string `gorm:"notNull"`
 }
 
-func CountAdmins(db *gorm.DB) int64 {
+func CountAdmins() int64 {
 	var admins []Admin
 	var count int64
-	db.Model(&admins).Count(&count)
+	DB.Model(&admins).Count(&count)
 	return count
 }
 
-func CreateAdmin(db *gorm.DB, username string, password string) (Admin, error) {
+func CreateAdmin(username string, password string) (Admin, error) {
 	hash, err := bcrypt.GenerateFromPassword([]byte(password), 10)
 	if err != nil {
 		return Admin{}, err
@@ -28,7 +27,7 @@ func CreateAdmin(db *gorm.DB, username string, password string) (Admin, error) {
 		Username: username,
 		Bcrypt:   string(hash),
 	}
-	result := db.Create(&admin)
+	result := DB.Create(&admin)
 
 	if result.Error != nil {
 		return Admin{}, result.Error
@@ -37,9 +36,9 @@ func CreateAdmin(db *gorm.DB, username string, password string) (Admin, error) {
 	return admin, nil
 }
 
-func AuthorizeAdmin(db *gorm.DB, username string, password string) (Admin, error) {
+func AuthorizeAdmin(username string, password string) (Admin, error) {
 	var admin Admin
-	result := db.Where("username = ?", username).First(&admin)
+	result := DB.Where("username = ?", username).First(&admin)
 
 	if result.Error != nil {
 		return Admin{}, result.Error
diff --git a/database/db.go b/database/db.go
index 51303d5..22e551d 100644
--- a/database/db.go
+++ b/database/db.go
@@ -6,14 +6,17 @@ import (
 	"gorm.io/gorm"
 )
 
-func GetDatabaseConnection(cfg *config.Config) (*gorm.DB, error) {
-	db, err := gorm.Open(sqlite.Open(cfg.DBPath), &gorm.Config{})
+var DB *gorm.DB
+
+func EstablishDatabaseConnection(cfg *config.Config) error {
+	var err error
+	DB, err = gorm.Open(sqlite.Open(cfg.DBPath), &gorm.Config{})
 	if err != nil {
-		return nil, err
+		return err
 	}
 
 	// Migrate the schema
-	db.AutoMigrate(&Admin{}, &Group{}, &Link{})
+	DB.AutoMigrate(&Admin{}, &Group{}, &Link{})
 
-	return db, nil
+	return nil
 }
diff --git a/go.mod b/go.mod
index 4f5d6ed..8da8c4c 100644
--- a/go.mod
+++ b/go.mod
@@ -1,9 +1,8 @@
 module github.com/ordinary-dev/phoenix
 
-go 1.20
+go 1.22
 
 require (
-	github.com/gin-gonic/gin v1.9.1
 	github.com/golang-jwt/jwt/v5 v5.2.0
 	github.com/joho/godotenv v1.5.1
 	github.com/kelseyhightower/envconfig v1.4.0
@@ -14,30 +13,9 @@ require (
 )
 
 require (
-	github.com/bytedance/sonic v1.9.1 // indirect
-	github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311 // indirect
-	github.com/gabriel-vasile/mimetype v1.4.2 // indirect
-	github.com/gin-contrib/sse v0.1.0 // indirect
-	github.com/go-playground/locales v0.14.1 // indirect
-	github.com/go-playground/universal-translator v0.18.1 // indirect
-	github.com/go-playground/validator/v10 v10.14.0 // indirect
-	github.com/goccy/go-json v0.10.2 // indirect
 	github.com/jinzhu/inflection v1.0.0 // indirect
 	github.com/jinzhu/now v1.1.5 // indirect
-	github.com/json-iterator/go v1.1.12 // indirect
-	github.com/klauspost/cpuid/v2 v2.2.4 // indirect
-	github.com/leodido/go-urn v1.2.4 // indirect
-	github.com/mattn/go-isatty v0.0.19 // indirect
 	github.com/mattn/go-sqlite3 v1.14.17 // indirect
-	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
-	github.com/modern-go/reflect2 v1.0.2 // indirect
-	github.com/pelletier/go-toml/v2 v2.0.8 // indirect
-	github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
-	github.com/ugorji/go/codec v1.2.11 // indirect
-	golang.org/x/arch v0.3.0 // indirect
-	golang.org/x/net v0.17.0 // indirect
+	github.com/stretchr/testify v1.8.3 // indirect
 	golang.org/x/sys v0.15.0 // indirect
-	golang.org/x/text v0.14.0 // indirect
-	google.golang.org/protobuf v1.30.0 // indirect
-	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
diff --git a/go.sum b/go.sum
index e385120..e52a1c9 100644
--- a/go.sum
+++ b/go.sum
@@ -1,98 +1,31 @@
-github.com/bytedance/sonic v1.5.0/go.mod h1:ED5hyg4y6t3/9Ku1R6dU/4KyJ48DZ4jPhfY1O2AihPM=
-github.com/bytedance/sonic v1.9.1 h1:6iJ6NqdoxCDr6mbY8h18oSO+cShGSMRGCEo7F2h0x8s=
-github.com/bytedance/sonic v1.9.1/go.mod h1:i736AoUSYt75HyZLoJW9ERYxcy6eaN6h4BZXU064P/U=
-github.com/chenzhuoyu/base64x v0.0.0-20211019084208-fb5309c8db06/go.mod h1:DH46F32mSOjUmXrMHnKwZdA8wcEefY7UVqBKYGjpdQY=
-github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311 h1:qSGYFH7+jGhDF8vLC+iwCD4WpbV1EBDSzWkJODFLams=
-github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311/go.mod h1:b583jCggY9gE99b6G5LEC39OIiVsWj+R97kbl5odCEk=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/gabriel-vasile/mimetype v1.4.2 h1:w5qFW6JKBz9Y393Y4q372O9A7cUSequkh1Q7OhCmWKU=
-github.com/gabriel-vasile/mimetype v1.4.2/go.mod h1:zApsH/mKG4w07erKIaJPFiX0Tsq9BFQgN3qGY5GnNgA=
-github.com/gin-contrib/sse v0.1.0 h1:Y/yl/+YNO8GZSjAhjMsSuLt29uWRFHdHYUb5lYOV9qE=
-github.com/gin-contrib/sse v0.1.0/go.mod h1:RHrZQHXnP2xjPF+u1gW/2HnVO7nvIa9PG3Gm+fLHvGI=
-github.com/gin-gonic/gin v1.9.1 h1:4idEAncQnU5cB7BeOkPtxjfCSye0AAm1R0RVIqJ+Jmg=
-github.com/gin-gonic/gin v1.9.1/go.mod h1:hPrL7YrpYKXt5YId3A/Tnip5kqbEAP+KLuI3SUcPTeU=
-github.com/go-playground/assert/v2 v2.2.0 h1:JvknZsQTYeFEAhQwI4qEt9cyV5ONwRHC+lYKSsYSR8s=
-github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/oXslEjJA=
-github.com/go-playground/locales v0.14.1/go.mod h1:hxrqLVvrK65+Rwrd5Fc6F2O76J/NuW9t0sjnWqG1slY=
-github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJnYK9S473LQFuzCbDbfSFY=
-github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY=
-github.com/go-playground/validator/v10 v10.14.0 h1:vgvQWe3XCz3gIeFDm/HnTIbj6UGmg/+t63MyGU2n5js=
-github.com/go-playground/validator/v10 v10.14.0/go.mod h1:9iXMNT7sEkjXb0I+enO7QXmzG6QCsPWY4zveKFVRSyU=
-github.com/goccy/go-json v0.10.2 h1:CrxCmQqYDkv1z7lO7Wbh2HN93uovUHgrECaO5ZrCXAU=
-github.com/goccy/go-json v0.10.2/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I=
 github.com/golang-jwt/jwt/v5 v5.2.0 h1:d/ix8ftRUorsN+5eMIlF4T6J8CAt9rch3My2winC1Jw=
 github.com/golang-jwt/jwt/v5 v5.2.0/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
-github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
-github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU=
-github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
 github.com/jinzhu/inflection v1.0.0 h1:K317FqzuhWc8YvSVlFMCCUb36O/S9MCKRDI7QkRKD/E=
 github.com/jinzhu/inflection v1.0.0/go.mod h1:h+uFLlag+Qp1Va5pdKtLDYj+kHp5pxUVkryuEj+Srlc=
 github.com/jinzhu/now v1.1.5 h1:/o9tlHleP7gOFmsnYNz3RGnqzefHA47wQpKrrdTIwXQ=
 github.com/jinzhu/now v1.1.5/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/z8=
 github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0=
 github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4=
-github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
-github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
 github.com/kelseyhightower/envconfig v1.4.0 h1:Im6hONhd3pLkfDFsbRgu68RDNkGF1r3dvMUtDTo2cv8=
 github.com/kelseyhightower/envconfig v1.4.0/go.mod h1:cccZRl6mQpaq41TPp5QxidR+Sa3axMbJDNb//FQX6Gg=
-github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
-github.com/klauspost/cpuid/v2 v2.2.4 h1:acbojRNwl3o09bUq+yDCtZFc1aiwaAAxtcn8YkZXnvk=
-github.com/klauspost/cpuid/v2 v2.2.4/go.mod h1:RVVoqg1df56z8g3pUjL/3lE5UfnlrJX8tyFgg4nqhuY=
-github.com/leodido/go-urn v1.2.4 h1:XlAE/cm/ms7TE/VMVoduSpNBoyc2dOxHs5MZSwAN63Q=
-github.com/leodido/go-urn v1.2.4/go.mod h1:7ZrI8mTSeBSHl/UaRyKQW1qZeMgak41ANeCNaVckg+4=
-github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA=
-github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
 github.com/mattn/go-sqlite3 v1.14.17 h1:mCRHCLDUBXgpKAqIKsaAaAsrAlbkeomtRFKXh2L6YIM=
 github.com/mattn/go-sqlite3 v1.14.17/go.mod h1:2eHXhiwb8IkHr+BDWZGa96P6+rkvnG63S2DGjv9HUNg=
-github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
-github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=
-github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
-github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M=
-github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
-github.com/pelletier/go-toml/v2 v2.0.8 h1:0ctb6s9mE31h0/lhu+J6OPmVeDxJn+kYnJc2jZR9tGQ=
-github.com/pelletier/go-toml/v2 v2.0.8/go.mod h1:vuYfssBdrU2XDZ9bYydBu6t+6a6PYNcZljzZR9VXg+4=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
 github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
-github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
-github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
-github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
-github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
-github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
 github.com/stretchr/testify v1.8.3 h1:RP3t2pwF7cMEbC1dqtB6poj3niw/9gnV4Cjg5oW5gtY=
 github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
-github.com/twitchyliquid64/golang-asm v0.15.1 h1:SU5vSMR7hnwNxj24w34ZyCi/FmDZTkS4MhqMhdFk5YI=
-github.com/twitchyliquid64/golang-asm v0.15.1/go.mod h1:a1lVb/DtPvCB8fslRZhAngC2+aY1QWCk3Cedj/Gdt08=
-github.com/ugorji/go/codec v1.2.11 h1:BMaWp1Bb6fHwEtbplGBGJ498wD+LKlNSl25MjdZY4dU=
-github.com/ugorji/go/codec v1.2.11/go.mod h1:UNopzCgEMSXjBc6AOMqYvWC1ktqTAfzJZUZgYf6w6lg=
-golang.org/x/arch v0.0.0-20210923205945-b76863e36670/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8=
-golang.org/x/arch v0.3.0 h1:02VY4/ZcO/gBOH6PUaoiptASxtXU10jazRCP865E97k=
-golang.org/x/arch v0.3.0/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8=
 golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k=
 golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
-golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM=
-golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
-golang.org/x/sys v0.0.0-20220704084225-05e143d24a9e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
 golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
-golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
-golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4=
-golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
-google.golang.org/protobuf v1.30.0 h1:kPPoIgf3TsEvrm0PFe15JQ+570QVxYzEvvHqChK+cng=
-google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
-gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
@@ -101,4 +34,3 @@ gorm.io/driver/sqlite v1.5.4 h1:IqXwXi8M/ZlPzH/947tn5uik3aYQslP9BVveoax0nV0=
 gorm.io/driver/sqlite v1.5.4/go.mod h1:qxAuCol+2r6PannQDpOP1FP6ag3mKi4esLnB/jHed+4=
 gorm.io/gorm v1.25.5 h1:zR9lOiiYf09VNh5Q1gphfyia1JpiClIWG9hQaxB/mls=
 gorm.io/gorm v1.25.5/go.mod h1:hbnx/Oo0ChWMn1BIhpy1oYozzpM15i4YPuHDmfYtwg8=
-rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4=
diff --git a/jwttoken/token.go b/jwttoken/token.go
new file mode 100644
index 0000000..fa857c5
--- /dev/null
+++ b/jwttoken/token.go
@@ -0,0 +1,33 @@
+package jwttoken
+
+import (
+	"net/http"
+	"time"
+
+	"github.com/golang-jwt/jwt/v5"
+
+	"github.com/ordinary-dev/phoenix/config"
+)
+
+const (
+	TOKEN_LIFETIME_IN_SECONDS = 60 * 60 * 24 * 30
+	TOKEN_COOKIE_NAME         = "phoenix-token"
+)
+
+func GetJWTToken() (string, error) {
+	claims := jwt.RegisteredClaims{
+		ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Second * TOKEN_LIFETIME_IN_SECONDS)),
+	}
+	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
+	return token.SignedString([]byte(config.Cfg.SecretKey))
+}
+
+func TokenToCookie(value string) *http.Cookie {
+	return &http.Cookie{
+		Name:     TOKEN_COOKIE_NAME,
+		Value:    value,
+		HttpOnly: true,
+		Secure:   config.Cfg.SecureCookie,
+		MaxAge:   TOKEN_LIFETIME_IN_SECONDS,
+	}
+}
diff --git a/main.go b/main.go
index e7239f5..4a1be63 100644
--- a/main.go
+++ b/main.go
@@ -25,21 +25,23 @@ func main() {
 	logrus.Infof("Setting log level to %v", logLevel)
 
 	// Connect to the database
-	db, err := database.GetDatabaseConnection(cfg)
+	err = database.EstablishDatabaseConnection(cfg)
 	if err != nil {
 		logrus.Fatalf("%v", err)
 	}
 
 	// Create the first user
-	if cfg.DefaultUsername != "" && cfg.DefaultPassword != "" {
-		if database.CountAdmins(db) < 1 {
-			_, err := database.CreateAdmin(db, cfg.DefaultUsername, cfg.DefaultPassword)
-			if err != nil {
-				logrus.Errorf("%v", err)
-			}
+	if cfg.DefaultUsername != "" && cfg.DefaultPassword != "" && database.CountAdmins() < 1 {
+		_, err := database.CreateAdmin(cfg.DefaultUsername, cfg.DefaultPassword)
+		if err != nil {
+			logrus.Errorf("%v", err)
 		}
 	}
 
-	engine := views.GetGinEngine(cfg, db)
-	engine.Run(":8080")
+	server, err := views.GetHttpServer()
+	if err != nil {
+		logrus.Fatal(err)
+	}
+
+	server.ListenAndServe()
 }
diff --git a/templates/auth.html.tmpl b/templates/auth.html.tmpl
index bd0163c..021e7ea 100644
--- a/templates/auth.html.tmpl
+++ b/templates/auth.html.tmpl
@@ -1,14 +1,14 @@
 <!DOCTYPE html>
 <html lang="en">
     <head>
-        {{template "head" .}}
+        {{ template "head" . }}
         <link rel="stylesheet" href="assets/css/auth.css" />
     </head>
     <body>
         <div class="page">
-            <form action="{{.formAction}}" method="POST">
-                <h1>{{.title}}</h1>
-                <p>{{.description}}</p>
+            <form action="{{ .formAction }}" method="POST">
+                <h1>{{ .title }}</h1>
+                <p>{{ .description }}</p>
                 <input
                     placeholder="Username"
                     name="username"
diff --git a/templates/error.html.tmpl b/templates/error.html.tmpl
index aa42b42..333e6b2 100644
--- a/templates/error.html.tmpl
+++ b/templates/error.html.tmpl
@@ -1,14 +1,14 @@
 <!DOCTYPE html>
 <html lang="en">
     <head>
-        {{template "head" .}}
+        {{ template "head" . }}
         <link rel="stylesheet" href="assets/css/error.css" />
     </head>
     <body>
         <div class="page">
             <div class="content">
                 <h1>Error</h1>
-                <code>{{.error}}</code>
+                <code>{{ .error }}</code>
                 <p>
                     <a href="/">Main page</a>
                 </p>
diff --git a/templates/head.html.tmpl b/templates/fragments/head.html.tmpl
similarity index 90%
rename from templates/head.html.tmpl
rename to templates/fragments/head.html.tmpl
index 3487400..f05e657 100644
--- a/templates/head.html.tmpl
+++ b/templates/fragments/head.html.tmpl
@@ -1,5 +1,5 @@
 {{define "head"}}
-<title>{{.WebsiteTitle}}</title>
+<title>{{ .title }}</title>
 <meta charset="utf-8" />
 <meta name="description" content="A minimalistic start page with your collection of links to important sites." />
 <meta name="viewport" content="width=device-width, initial-scale=1" />
@@ -10,7 +10,7 @@
 <link rel="apple-touch-icon" href="/assets/favicons/favicon-180.png" />
 <style>
 body {
-    font-family: {{.FontFamily}};
+    font-family: {{ .fontFamily }};
 }
 </style>
 {{end}}
diff --git a/templates/index.html.tmpl b/templates/index.html.tmpl
index e3550ab..f3bf377 100644
--- a/templates/index.html.tmpl
+++ b/templates/index.html.tmpl
@@ -6,7 +6,7 @@
     </head>
     <body>
         <div class="page">
-            <h1>{{.WebsiteTitle}}</h1>
+            <h1>{{ .title }}</h1>
             {{if not .groups}}
             <p>
                 You don't have any links.
diff --git a/templates/settings.html.tmpl b/templates/settings.html.tmpl
index c2cf34c..b096583 100644
--- a/templates/settings.html.tmpl
+++ b/templates/settings.html.tmpl
@@ -11,7 +11,7 @@
         {{range .groups}}
         <h2 id="group-{{.ID}}">Group "{{.Name}}"</h2>
         <div class="row">
-            <form method="POST" action="/api/groups/{{.ID}}/put" class="innerForm">
+            <form method="POST" action="/groups/{{.ID}}/update" class="innerForm">
                 <input
                     value="{{.Name}}"
                     placeholder="Name"
@@ -25,7 +25,7 @@
                     <img src="/assets/svg/floppy-disk-solid.svg" width="16px" height="16px" />
                 </button>
             </form>
-            <form method="POST" action="/api/groups/{{.ID}}/delete">
+            <form method="POST" action="/groups/{{.ID}}/delete">
                 <button
                     type="submit"
                     aria-label="Delete the group"
@@ -37,8 +37,7 @@
 
         {{range .Links}}
         <div class="row" id="link-{{.ID}}">
-            <form method="POST" action="/api/links/{{.ID}}/put" class="innerForm">
-                <!-- method: put -->
+            <form method="POST" action="/links/{{.ID}}/update" class="innerForm">
                 <input
                     class="small-row"
                     value="{{ if .Icon }}{{ .Icon }}{{ end }}"
@@ -65,7 +64,7 @@
                     <img src="/assets/svg/floppy-disk-solid.svg" width="16px" height="16px" />
                 </button>
             </form>
-            <form method="POST" action="/api/links/{{.ID}}/delete">
+            <form method="POST" action="/links/{{.ID}}/delete">
                 <button
                     type="submit"
                     aria-label="Delete the link"
@@ -76,7 +75,7 @@
         </div>
         {{end}}
 
-        <form action="/api/links" method="POST" class="row">
+        <form action="/links" method="POST" class="row">
             <input
                 class="small-row"
                 name="icon"
@@ -110,7 +109,7 @@
         {{end}}
 
         <h2>New group</h2>
-        <form method="POST" action="/api/groups" class="row">
+        <form method="POST" action="/groups" class="row">
             <input
                 placeholder="Name"
                 name="groupName"
diff --git a/views/auth.go b/views/auth.go
deleted file mode 100644
index 5b59025..0000000
--- a/views/auth.go
+++ /dev/null
@@ -1,176 +0,0 @@
-package views
-
-import (
-	"errors"
-	"fmt"
-	"net/http"
-	"time"
-
-	"github.com/gin-gonic/gin"
-	"github.com/golang-jwt/jwt/v5"
-	"github.com/ordinary-dev/phoenix/config"
-	"github.com/ordinary-dev/phoenix/database"
-	"gorm.io/gorm"
-)
-
-const TOKEN_LIFETIME_IN_SECONDS = 60 * 60 * 24 * 30
-
-func ShowRegistrationForm(cfg *config.Config, db *gorm.DB) gin.HandlerFunc {
-	return func(ctx *gin.Context) {
-		if database.CountAdmins(db) > 0 {
-			ShowError(ctx, cfg, errors.New("At least 1 user already exists"))
-			return
-		}
-
-		Render(ctx, cfg, http.StatusOK, "auth.html.tmpl", gin.H{
-			"title":       "Create an account",
-			"description": "To prevent other people from seeing your links, create an account.",
-			"button":      "Create",
-			"formAction":  "/api/users",
-		})
-	}
-}
-
-func ShowLoginForm(cfg *config.Config) gin.HandlerFunc {
-	return func(ctx *gin.Context) {
-		Render(ctx, cfg, http.StatusOK, "auth.html.tmpl", gin.H{
-			"title":       "Sign in",
-			"description": "Authorization is required to view this page.",
-			"button":      "Sign in",
-			"formAction":  "/api/users/signin",
-		})
-	}
-}
-
-// Requires the user to log in before viewing the page.
-// Returns error if the user is not authorized.
-// If `nil` is returned instead of an error, it is safe to display protected content.
-func RequireAuth(c *gin.Context, cfg *config.Config) (*jwt.RegisteredClaims, error) {
-	tokenValue, err := c.Cookie("phoenix-token")
-
-	// Anonymous visitor
-	if err != nil {
-		return nil, err
-	}
-
-	// Check token
-	token, err := jwt.ParseWithClaims(tokenValue, &jwt.RegisteredClaims{}, func(token *jwt.Token) (interface{}, error) {
-		// Validate the alg
-		if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
-			return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"])
-		}
-
-		return []byte(cfg.SecretKey), nil
-	})
-	if err != nil {
-		return nil, err
-	}
-	claims, ok := token.Claims.(*jwt.RegisteredClaims)
-	if !ok || !token.Valid {
-		return nil, errors.New("Token is invalid")
-	}
-
-	return claims, nil
-}
-
-func AuthMiddleware(db *gorm.DB, cfg *config.Config) gin.HandlerFunc {
-	return func(ctx *gin.Context) {
-		claims, err := RequireAuth(ctx, cfg)
-		if err != nil {
-			if cfg.HeaderAuth && ctx.Request.Header.Get("Remote-User") != "" {
-				// Generate access token.
-				token, err := GetJWTToken(cfg)
-				if err != nil {
-					ShowError(ctx, cfg, err)
-					return
-				}
-				SetTokenCookie(ctx, token, cfg)
-				return
-			}
-
-			if database.CountAdmins(db) < 1 {
-				ctx.Redirect(http.StatusFound, "/registration")
-			} else {
-				ctx.Redirect(http.StatusFound, "/signin")
-			}
-			ctx.Abort()
-			return
-		}
-
-		// Create a new token if the old one is about to expire
-		if time.Now().Add(time.Second * (TOKEN_LIFETIME_IN_SECONDS / 2)).After(claims.ExpiresAt.Time) {
-			newToken, err := GetJWTToken(cfg)
-			if err != nil {
-				ShowError(ctx, cfg, err)
-				return
-			}
-			SetTokenCookie(ctx, newToken, cfg)
-		}
-	}
-}
-
-func GetJWTToken(cfg *config.Config) (string, error) {
-	claims := jwt.RegisteredClaims{
-		ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Second * TOKEN_LIFETIME_IN_SECONDS)),
-	}
-	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
-	return token.SignedString([]byte(cfg.SecretKey))
-}
-
-func CreateUser(db *gorm.DB, cfg *config.Config) gin.HandlerFunc {
-	return func(ctx *gin.Context) {
-		if database.CountAdmins(db) > 0 {
-			ShowError(ctx, cfg, errors.New("At least 1 user already exists"))
-			return
-		}
-
-		// Try to create a user.
-		username := ctx.PostForm("username")
-		password := ctx.PostForm("password")
-		_, err := database.CreateAdmin(db, username, password)
-		if err != nil {
-			ShowError(ctx, cfg, err)
-			return
-		}
-
-		// Generate access token.
-		token, err := GetJWTToken(cfg)
-		if err != nil {
-			ShowError(ctx, cfg, err)
-			return
-		}
-		SetTokenCookie(ctx, token, cfg)
-
-		// Redirect to homepage.
-		ctx.Redirect(http.StatusFound, "/")
-	}
-}
-
-func AuthorizeUser(db *gorm.DB, cfg *config.Config) gin.HandlerFunc {
-	return func(ctx *gin.Context) {
-		// Check credentials.
-		username := ctx.PostForm("username")
-		password := ctx.PostForm("password")
-		_, err := database.AuthorizeAdmin(db, username, password)
-		if err != nil {
-			ShowError(ctx, cfg, err)
-			return
-		}
-
-		// Generate an access token.
-		token, err := GetJWTToken(cfg)
-		if err != nil {
-			ShowError(ctx, cfg, err)
-			return
-		}
-		SetTokenCookie(ctx, token, cfg)
-
-		// Redirect to homepage.
-		ctx.Redirect(http.StatusFound, "/")
-	}
-}
-
-// Save token in cookies
-func SetTokenCookie(c *gin.Context, token string, cfg *config.Config) {
-	c.SetCookie("phoenix-token", token, TOKEN_LIFETIME_IN_SECONDS, "/", "", cfg.SecureCookie, true)
-}
diff --git a/views/errors.go b/views/errors.go
deleted file mode 100644
index 9a2512d..0000000
--- a/views/errors.go
+++ /dev/null
@@ -1,15 +0,0 @@
-package views
-
-import (
-	"net/http"
-
-	"github.com/gin-gonic/gin"
-	"github.com/ordinary-dev/phoenix/config"
-)
-
-func ShowError(ctx *gin.Context, cfg *config.Config, err error) {
-	Render(ctx, cfg, http.StatusBadRequest, "error.html.tmpl", gin.H{
-		"error": err.Error(),
-	})
-	ctx.Abort()
-}
diff --git a/views/groups.go b/views/groups.go
deleted file mode 100644
index c1bda7a..0000000
--- a/views/groups.go
+++ /dev/null
@@ -1,71 +0,0 @@
-package views
-
-import (
-	"fmt"
-	"net/http"
-	"strconv"
-
-	"github.com/gin-gonic/gin"
-	"github.com/ordinary-dev/phoenix/config"
-	"github.com/ordinary-dev/phoenix/database"
-	"gorm.io/gorm"
-)
-
-func CreateGroup(cfg *config.Config, db *gorm.DB) gin.HandlerFunc {
-	return func(ctx *gin.Context) {
-		// Save new group to the database.
-		group := database.Group{
-			Name: ctx.PostForm("groupName"),
-		}
-		if result := db.Create(&group); result.Error != nil {
-			ShowError(ctx, cfg, result.Error)
-			return
-		}
-
-		// This page is called from the settings, return the user back.
-		ctx.Redirect(http.StatusFound, fmt.Sprintf("/settings#group-%v", group.ID))
-	}
-}
-
-func UpdateGroup(cfg *config.Config, db *gorm.DB) gin.HandlerFunc {
-	return func(ctx *gin.Context) {
-		id, err := strconv.ParseUint(ctx.Param("id"), 10, 64)
-		if err != nil {
-			ShowError(ctx, cfg, err)
-			return
-		}
-
-		var group database.Group
-		if result := db.First(&group, id); result.Error != nil {
-			ShowError(ctx, cfg, result.Error)
-			return
-		}
-
-		group.Name = ctx.PostForm("groupName")
-		if result := db.Save(&group); result.Error != nil {
-			ShowError(ctx, cfg, result.Error)
-			return
-		}
-
-		// This page is called from the settings, return the user back.
-		ctx.Redirect(http.StatusFound, fmt.Sprintf("/settings#group-%v", group.ID))
-	}
-}
-
-func DeleteGroup(cfg *config.Config, db *gorm.DB) gin.HandlerFunc {
-	return func(ctx *gin.Context) {
-		id, err := strconv.ParseUint(ctx.Param("id"), 10, 64)
-		if err != nil {
-			ShowError(ctx, cfg, err)
-			return
-		}
-
-		if result := db.Delete(&database.Group{}, id); result.Error != nil {
-			ShowError(ctx, cfg, result.Error)
-			return
-		}
-
-		// Redirect to settings.
-		ctx.Redirect(http.StatusFound, "/settings")
-	}
-}
diff --git a/views/index.go b/views/index.go
deleted file mode 100644
index 24ab1a7..0000000
--- a/views/index.go
+++ /dev/null
@@ -1,30 +0,0 @@
-package views
-
-import (
-	"net/http"
-
-	"github.com/gin-gonic/gin"
-	"github.com/ordinary-dev/phoenix/config"
-	"github.com/ordinary-dev/phoenix/database"
-	"gorm.io/gorm"
-)
-
-func ShowMainPage(cfg *config.Config, db *gorm.DB) gin.HandlerFunc {
-	return func(ctx *gin.Context) {
-		// Get a list of groups with links
-		var groups []database.Group
-		result := db.
-			Model(&database.Group{}).
-			Preload("Links").
-			Find(&groups)
-
-		if result.Error != nil {
-			ShowError(ctx, cfg, result.Error)
-			return
-		}
-
-		Render(ctx, cfg, http.StatusOK, "index.html.tmpl", gin.H{
-			"groups": groups,
-		})
-	}
-}
diff --git a/views/links.go b/views/links.go
deleted file mode 100644
index 6293f74..0000000
--- a/views/links.go
+++ /dev/null
@@ -1,91 +0,0 @@
-package views
-
-import (
-	"fmt"
-	"net/http"
-	"strconv"
-
-	"github.com/gin-gonic/gin"
-	"github.com/ordinary-dev/phoenix/config"
-	"github.com/ordinary-dev/phoenix/database"
-	"gorm.io/gorm"
-)
-
-func CreateLink(cfg *config.Config, db *gorm.DB) gin.HandlerFunc {
-	return func(ctx *gin.Context) {
-		groupID, err := strconv.ParseUint(ctx.PostForm("groupID"), 10, 32)
-		if err != nil {
-			ShowError(ctx, cfg, err)
-			return
-		}
-
-		link := database.Link{
-			Name:    ctx.PostForm("linkName"),
-			Href:    ctx.PostForm("href"),
-			GroupID: groupID,
-		}
-		icon := ctx.PostForm("icon")
-		if icon == "" {
-			link.Icon = nil
-		} else {
-			link.Icon = &icon
-		}
-		if result := db.Create(&link); result.Error != nil {
-			ShowError(ctx, cfg, result.Error)
-			return
-		}
-
-		// Redirect to settings.
-		ctx.Redirect(http.StatusFound, fmt.Sprintf("/settings#link-%v", link.ID))
-	}
-}
-
-func UpdateLink(cfg *config.Config, db *gorm.DB) gin.HandlerFunc {
-	return func(ctx *gin.Context) {
-		id, err := strconv.ParseUint(ctx.Param("id"), 10, 64)
-		if err != nil {
-			ShowError(ctx, cfg, err)
-			return
-		}
-
-		var link database.Link
-		if result := db.First(&link, id); result.Error != nil {
-			ShowError(ctx, cfg, err)
-			return
-		}
-
-		link.Name = ctx.PostForm("linkName")
-		link.Href = ctx.PostForm("href")
-		icon := ctx.PostForm("icon")
-		if icon == "" {
-			link.Icon = nil
-		} else {
-			link.Icon = &icon
-		}
-		if result := db.Save(&link); result.Error != nil {
-			ShowError(ctx, cfg, result.Error)
-			return
-		}
-
-		// Redirect to settings.
-		ctx.Redirect(http.StatusFound, fmt.Sprintf("/settings#link-%v", link.ID))
-	}
-}
-
-func DeleteLink(cfg *config.Config, db *gorm.DB) gin.HandlerFunc {
-	return func(ctx *gin.Context) {
-		id, err := strconv.ParseUint(ctx.Param("id"), 10, 64)
-		if err != nil {
-			ShowError(ctx, cfg, err)
-			return
-		}
-
-		if result := db.Delete(&database.Link{}, id); result.Error != nil {
-			ShowError(ctx, cfg, result.Error)
-			return
-		}
-
-		// Redirect to settings.
-		ctx.Redirect(http.StatusFound, "/settings")
-	}
-}
diff --git a/views/main.go b/views/main.go
deleted file mode 100644
index 72e07bd..0000000
--- a/views/main.go
+++ /dev/null
@@ -1,63 +0,0 @@
-package views
-
-import (
-	"github.com/gin-gonic/gin"
-	"github.com/ordinary-dev/phoenix/config"
-	"gorm.io/gorm"
-)
-
-func GetGinEngine(cfg *config.Config, db *gorm.DB) *gin.Engine {
-	if cfg.Production {
-		gin.SetMode(gin.ReleaseMode)
-	}
-
-	engine := gin.New()
-	engine.Use(gin.Recovery())
-	if cfg.EnableGinLogger {
-		engine.Use(gin.Logger())
-	}
-
-	engine.LoadHTMLGlob("templates/*")
-	engine.Static("/assets", "./assets")
-
-	engine.Use(SecurityHeadersMiddleware)
-
-	engine.GET("/signin", ShowLoginForm(cfg))
-	engine.POST("/api/users/signin", AuthorizeUser(db, cfg))
-
-	engine.GET("/registration", ShowRegistrationForm(cfg, db))
-	engine.POST("/api/users", CreateUser(db, cfg))
-
-	// This group requires authorization before viewing.
-	protected := engine.Group("/")
-	protected.Use(AuthMiddleware(db, cfg))
-
-	// Main page
-	protected.GET("/", ShowMainPage(cfg, db))
-
-	protected.GET("/settings", ShowSettings(cfg, db))
-
-	// Create new group
-	protected.POST("/api/groups", CreateGroup(cfg, db))
-
-	// Update group
-	// HTML forms cannot be submitted using PUT or PATCH methods without javascript.
-	protected.POST("/api/groups/:id/put", UpdateGroup(cfg, db))
-
-	// Delete group
-	// HTML forms cannot be submitted using the DELETE method without javascript.
-	protected.POST("/api/groups/:id/delete", DeleteGroup(cfg, db))
-
-	// Create new link
-	protected.POST("/api/links", CreateLink(cfg, db))
-
-	// Update link.
-	// HTML forms cannot be submitted using PUT or PATCH methods without javascript.
-	protected.POST("/api/links/:id/put", UpdateLink(cfg, db))
-
-	// Delete link
-	// HTML forms cannot be submitted using the DELETE method without javascript.
-	protected.POST("/api/links/:id/delete", DeleteLink(cfg, db))
-
-	return engine
-}
diff --git a/views/middleware/auth.go b/views/middleware/auth.go
new file mode 100644
index 0000000..8f586f3
--- /dev/null
+++ b/views/middleware/auth.go
@@ -0,0 +1,82 @@
+package middleware
+
+import (
+	"fmt"
+	"net/http"
+	"time"
+
+	"github.com/golang-jwt/jwt/v5"
+
+	"github.com/ordinary-dev/phoenix/config"
+	"github.com/ordinary-dev/phoenix/database"
+	"github.com/ordinary-dev/phoenix/jwttoken"
+	"github.com/ordinary-dev/phoenix/views/pages"
+)
+
+// Try to find the access token in the request.
+// Returns error if the user is not authorized.
+// If `nil` is returned instead of an error, it is safe to display protected content.
+func ParseToken(r *http.Request) (*jwt.RegisteredClaims, error) {
+	tokenCookie, err := r.Cookie(jwttoken.TOKEN_COOKIE_NAME)
+
+	// Anonymous visitor.
+	if err != nil {
+		return nil, err
+	}
+
+	// Check token.
+	token, err := jwt.ParseWithClaims(tokenCookie.Value, &jwt.RegisteredClaims{}, func(token *jwt.Token) (interface{}, error) {
+		// Validate the alg.
+		if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
+			return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
+		}
+
+		return []byte(config.Cfg.SecretKey), nil
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	claims, ok := token.Claims.(*jwt.RegisteredClaims)
+	if !ok || !token.Valid {
+		return nil, fmt.Errorf("token is invalid")
+	}
+
+	return claims, nil
+}
+
+func RequireAuth(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		// Check if SSO is enabled.
+		if config.Cfg.HeaderAuth && r.Header.Get("Remote-User") != "" {
+			next.ServeHTTP(w, r)
+			return
+		}
+
+		claims, err := ParseToken(r)
+
+		// Most likely the user is not authorized.
+		if err != nil {
+			if database.CountAdmins() < 1 {
+				http.Redirect(w, r, "/registration", http.StatusFound)
+			} else {
+				http.Redirect(w, r, "/signin", http.StatusFound)
+			}
+
+			return
+		}
+
+		// Create a new token if the old one is about to expire
+		if time.Now().Add(time.Second * (jwttoken.TOKEN_LIFETIME_IN_SECONDS / 2)).After(claims.ExpiresAt.Time) {
+			newToken, err := jwttoken.GetJWTToken()
+			if err != nil {
+				pages.ShowError(w, http.StatusInternalServerError, err)
+				return
+			}
+
+			http.SetCookie(w, jwttoken.TokenToCookie(newToken))
+		}
+
+		next.ServeHTTP(w, r)
+	})
+}
diff --git a/views/middleware/logging.go b/views/middleware/logging.go
new file mode 100644
index 0000000..05f0c89
--- /dev/null
+++ b/views/middleware/logging.go
@@ -0,0 +1,22 @@
+package middleware
+
+import (
+	"net/http"
+	"time"
+
+	log "github.com/sirupsen/logrus"
+)
+
+func LoggingMiddleware(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		start := time.Now()
+
+		next.ServeHTTP(w, r)
+
+		log.WithFields(log.Fields{
+			"latency": time.Since(start),
+			"method":  r.Method,
+			"path":    r.URL.Path,
+		}).Info("Request")
+	})
+}
diff --git a/views/middleware/security.go b/views/middleware/security.go
new file mode 100644
index 0000000..5b2195f
--- /dev/null
+++ b/views/middleware/security.go
@@ -0,0 +1,18 @@
+package middleware
+
+import (
+	"net/http"
+)
+
+// Adds several headers to the response to improve security.
+// For example, headers prevent embedding a site and passing information about the referrer.
+func SecurityHeadersMiddleware(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Set("X-Frame-Options", "SAMEORIGIN")
+		w.Header().Set("X-Content-Type-Options", "nosniff")
+		w.Header().Set("Referrer-Policy", "same-origin")
+		w.Header().Set("Content-Security-Policy", "script-src 'self'; ")
+
+		next.ServeHTTP(w, r)
+	})
+}
diff --git a/views/pages/errors.go b/views/pages/errors.go
new file mode 100644
index 0000000..4c4f444
--- /dev/null
+++ b/views/pages/errors.go
@@ -0,0 +1,18 @@
+package pages
+
+import (
+	"net/http"
+
+	log "github.com/sirupsen/logrus"
+)
+
+func ShowError(w http.ResponseWriter, statusCode int, err error) {
+	log.WithField("code", statusCode).Error(err)
+
+	w.WriteHeader(statusCode)
+	Render("error.html.tmpl", w, map[string]any{
+		"title":       "Error",
+		"description": "The request failed.",
+		"error":       err.Error(),
+	})
+}
diff --git a/views/pages/groups.go b/views/pages/groups.go
new file mode 100644
index 0000000..fa330fa
--- /dev/null
+++ b/views/pages/groups.go
@@ -0,0 +1,63 @@
+package pages
+
+import (
+	"fmt"
+	"net/http"
+	"strconv"
+
+	"github.com/ordinary-dev/phoenix/database"
+)
+
+func CreateGroup(w http.ResponseWriter, r *http.Request) {
+	// Save new group to the database.
+	group := database.Group{
+		Name: r.FormValue("groupName"),
+	}
+
+	if result := database.DB.Create(&group); result.Error != nil {
+		ShowError(w, http.StatusInternalServerError, result.Error)
+		return
+	}
+
+	// This page is called from the settings, return the user back.
+	http.Redirect(w, r, fmt.Sprintf("/settings#group-%v", group.ID), http.StatusFound)
+}
+
+func UpdateGroup(w http.ResponseWriter, r *http.Request) {
+	id, err := strconv.ParseUint(r.PathValue("id"), 10, 64)
+	if err != nil {
+		ShowError(w, http.StatusBadRequest, err)
+		return
+	}
+
+	var group database.Group
+	if result := database.DB.First(&group, id); result.Error != nil {
+		ShowError(w, http.StatusInternalServerError, result.Error)
+		return
+	}
+
+	group.Name = r.FormValue("groupName")
+	if result := database.DB.Save(&group); result.Error != nil {
+		ShowError(w, http.StatusInternalServerError, result.Error)
+		return
+	}
+
+	// This page is called from the settings, return the user back.
+	http.Redirect(w, r, fmt.Sprintf("/settings#group-%v", group.ID), http.StatusFound)
+}
+
+func DeleteGroup(w http.ResponseWriter, r *http.Request) {
+	id, err := strconv.ParseUint(r.PathValue("id"), 10, 64)
+	if err != nil {
+		ShowError(w, http.StatusBadRequest, err)
+		return
+	}
+
+	if result := database.DB.Delete(&database.Group{}, id); result.Error != nil {
+		ShowError(w, http.StatusInternalServerError, result.Error)
+		return
+	}
+
+	// Redirect to settings.
+	http.Redirect(w, r, "/settings", http.StatusFound)
+}
diff --git a/views/pages/index.go b/views/pages/index.go
new file mode 100644
index 0000000..5f36973
--- /dev/null
+++ b/views/pages/index.go
@@ -0,0 +1,30 @@
+package pages
+
+import (
+	"net/http"
+
+	"github.com/ordinary-dev/phoenix/database"
+	log "github.com/sirupsen/logrus"
+)
+
+func ShowMainPage(w http.ResponseWriter, _ *http.Request) {
+	// Get a list of groups with links
+	var groups []database.Group
+	result := database.DB.
+		Model(&database.Group{}).
+		Preload("Links").
+		Find(&groups)
+
+	if result.Error != nil {
+		ShowError(w, http.StatusInternalServerError, result.Error)
+		return
+	}
+
+	err := Render("index.html.tmpl", w, map[string]any{
+		"description": "Self-hosted start page.",
+		"groups":      groups,
+	})
+	if err != nil {
+		log.Error(err)
+	}
+}
diff --git a/views/pages/links.go b/views/pages/links.go
new file mode 100644
index 0000000..d40ad37
--- /dev/null
+++ b/views/pages/links.go
@@ -0,0 +1,82 @@
+package pages
+
+import (
+	"fmt"
+	"net/http"
+	"strconv"
+
+	"github.com/ordinary-dev/phoenix/database"
+)
+
+func CreateLink(w http.ResponseWriter, r *http.Request) {
+	groupID, err := strconv.ParseUint(r.FormValue("groupID"), 10, 32)
+	if err != nil {
+		ShowError(w, http.StatusBadRequest, err)
+		return
+	}
+
+	link := database.Link{
+		Name:    r.FormValue("linkName"),
+		Href:    r.FormValue("href"),
+		GroupID: groupID,
+	}
+	icon := r.FormValue("icon")
+	if icon == "" {
+		link.Icon = nil
+	} else {
+		link.Icon = &icon
+	}
+	if result := database.DB.Create(&link); result.Error != nil {
+		ShowError(w, http.StatusInternalServerError, result.Error)
+		return
+	}
+
+	// Redirect to settings.
+	http.Redirect(w, r, fmt.Sprintf("/settings#link-%v", link.ID), http.StatusFound)
+}
+
+func UpdateLink(w http.ResponseWriter, r *http.Request) {
+	id, err := strconv.ParseUint(r.PathValue("id"), 10, 64)
+	if err != nil {
+		ShowError(w, http.StatusBadRequest, err)
+		return
+	}
+
+	var link database.Link
+	if result := database.DB.First(&link, id); result.Error != nil {
+		ShowError(w, http.StatusInternalServerError, result.Error)
+		return
+	}
+
+	link.Name = r.FormValue("linkName")
+	link.Href = r.FormValue("href")
+	icon := r.FormValue("icon")
+	if icon == "" {
+		link.Icon = nil
+	} else {
+		link.Icon = &icon
+	}
+	if result := database.DB.Save(&link); result.Error != nil {
+		ShowError(w, http.StatusInternalServerError, result.Error)
+		return
+	}
+
+	// Redirect to settings.
+	http.Redirect(w, r, fmt.Sprintf("/settings#link-%v", link.ID), http.StatusFound)
+}
+
+func DeleteLink(w http.ResponseWriter, r *http.Request) {
+	id, err := strconv.ParseUint(r.PathValue("id"), 10, 64)
+	if err != nil {
+		ShowError(w, http.StatusBadRequest, err)
+		return
+	}
+
+	if result := database.DB.Delete(&database.Link{}, id); result.Error != nil {
+		ShowError(w, http.StatusInternalServerError, result.Error)
+		return
+	}
+
+	// Redirect to settings.
+	http.Redirect(w, r, "/settings", http.StatusFound)
+}
diff --git a/views/pages/registration.go b/views/pages/registration.go
new file mode 100644
index 0000000..0dcb34a
--- /dev/null
+++ b/views/pages/registration.go
@@ -0,0 +1,50 @@
+package pages
+
+import (
+	"errors"
+	"net/http"
+
+	"github.com/ordinary-dev/phoenix/database"
+	"github.com/ordinary-dev/phoenix/jwttoken"
+)
+
+func ShowRegistrationForm(w http.ResponseWriter, _ *http.Request) {
+	if database.CountAdmins() > 0 {
+		ShowError(w, http.StatusBadRequest, errors.New("at least 1 user already exists"))
+		return
+	}
+
+	Render("auth.html.tmpl", w, map[string]any{
+		"title":       "Create an account",
+		"description": "To prevent other people from seeing your links, create an account.",
+		"button":      "Create",
+		"formAction":  "/registration",
+	})
+}
+
+func CreateUser(w http.ResponseWriter, r *http.Request) {
+	if database.CountAdmins() > 0 {
+		ShowError(w, http.StatusBadRequest, errors.New("at least 1 user already exists"))
+		return
+	}
+
+	// Try to create a user.
+	username := r.FormValue("username")
+	password := r.FormValue("password")
+	_, err := database.CreateAdmin(username, password)
+	if err != nil {
+		ShowError(w, http.StatusInternalServerError, err)
+		return
+	}
+
+	// Generate access token.
+	token, err := jwttoken.GetJWTToken()
+	if err != nil {
+		ShowError(w, http.StatusInternalServerError, err)
+		return
+	}
+	http.SetCookie(w, jwttoken.TokenToCookie(token))
+
+	// Redirect to homepage.
+	http.Redirect(w, r, "/", http.StatusFound)
+}
diff --git a/views/pages/settings.go b/views/pages/settings.go
new file mode 100644
index 0000000..4fd3d5e
--- /dev/null
+++ b/views/pages/settings.go
@@ -0,0 +1,26 @@
+package pages
+
+import (
+	"net/http"
+
+	"github.com/ordinary-dev/phoenix/database"
+)
+
+func ShowSettings(w http.ResponseWriter, _ *http.Request) {
+	// Get a list of groups with links
+	var groups []database.Group
+	result := database.DB.
+		Model(&database.Group{}).
+		Preload("Links").
+		Find(&groups)
+
+	if result.Error != nil {
+		ShowError(w, http.StatusInternalServerError, result.Error)
+		return
+	}
+
+	Render("settings.html.tmpl", w, map[string]any{
+		"title":  "Settings",
+		"groups": groups,
+	})
+}
diff --git a/views/pages/signin.go b/views/pages/signin.go
new file mode 100644
index 0000000..2190d71
--- /dev/null
+++ b/views/pages/signin.go
@@ -0,0 +1,43 @@
+package pages
+
+import (
+	"net/http"
+
+	log "github.com/sirupsen/logrus"
+
+	"github.com/ordinary-dev/phoenix/database"
+	"github.com/ordinary-dev/phoenix/jwttoken"
+)
+
+func ShowSignInForm(w http.ResponseWriter, _ *http.Request) {
+	err := Render("auth.html.tmpl", w, map[string]any{
+		"title":       "Sign in",
+		"description": "Authorization is required to view this page.",
+		"button":      "Sign in",
+		"formAction":  "/signin",
+	})
+	if err != nil {
+		log.Error(err)
+	}
+}
+
+func AuthorizeUser(w http.ResponseWriter, r *http.Request) {
+	// Check credentials.
+	username := r.FormValue("username")
+	password := r.FormValue("password")
+	_, err := database.AuthorizeAdmin(username, password)
+	if err != nil {
+		ShowError(w, http.StatusUnauthorized, err)
+		return
+	}
+
+	// Generate an access token.
+	token, err := jwttoken.GetJWTToken()
+	if err != nil {
+		ShowError(w, http.StatusInternalServerError, err)
+		return
+	}
+	http.SetCookie(w, jwttoken.TokenToCookie(token))
+
+	http.Redirect(w, r, "/", http.StatusFound)
+}
diff --git a/views/pages/templates.go b/views/pages/templates.go
new file mode 100644
index 0000000..575b3e1
--- /dev/null
+++ b/views/pages/templates.go
@@ -0,0 +1,70 @@
+package pages
+
+import (
+	"html/template"
+	"io"
+	"os"
+	"path"
+
+	log "github.com/sirupsen/logrus"
+
+	"github.com/ordinary-dev/phoenix/config"
+)
+
+var (
+	// Preloaded templates.
+	// The key is the file name.
+	templates = make(map[string]*template.Template)
+)
+
+// Preload all templates into `Templates` map.
+func LoadTemplates() error {
+	// Fragments are reusable parts of templates.
+	fragments, err := os.ReadDir("templates/fragments")
+	if err != nil {
+		return err
+	}
+
+	var fragmentPaths []string
+	for _, f := range fragments {
+		fragmentPaths = append(
+			fragmentPaths,
+			path.Join("templates/fragments", f.Name()),
+		)
+	}
+
+	// Load pages.
+	files, err := os.ReadDir("templates")
+	if err != nil {
+		return err
+	}
+
+	for _, f := range files {
+		if f.IsDir() {
+			continue
+		}
+
+		templatePaths := []string{path.Join("templates", f.Name())}
+		templatePaths = append(templatePaths, fragmentPaths...)
+
+		tmpl, err := template.ParseFiles(templatePaths...)
+		if err != nil {
+			return err
+		}
+
+		templates[f.Name()] = tmpl
+		log.Infof("Template %v was loaded", f.Name())
+	}
+
+	return nil
+}
+
+func Render(template string, wr io.Writer, data map[string]any) error {
+	data["fontFamily"] = config.Cfg.FontFamily
+
+	if _, ok := data["title"]; !ok {
+		data["title"] = config.Cfg.Title
+	}
+
+	return templates[template].Execute(wr, data)
+}
diff --git a/views/render.go b/views/render.go
deleted file mode 100644
index 81d2a69..0000000
--- a/views/render.go
+++ /dev/null
@@ -1,13 +0,0 @@
-package views
-
-import (
-	"github.com/gin-gonic/gin"
-	"github.com/ordinary-dev/phoenix/config"
-)
-
-// Fill in the necessary parameters from the settings and output html.
-func Render(ctx *gin.Context, cfg *config.Config, status int, templatePath string, params map[string]any) {
-	params["WebsiteTitle"] = cfg.Title
-	params["FontFamily"] = cfg.FontFamily
-	ctx.HTML(status, templatePath, params)
-}
diff --git a/views/routes.go b/views/routes.go
new file mode 100644
index 0000000..768ab53
--- /dev/null
+++ b/views/routes.go
@@ -0,0 +1,62 @@
+package views
+
+import (
+	"net/http"
+
+	"github.com/ordinary-dev/phoenix/views/middleware"
+	"github.com/ordinary-dev/phoenix/views/pages"
+)
+
+// Create and configure an HTTP server.
+//
+// Unfortunately, I haven't found a way to use PUT and DELETE methods without JavaScript.
+// POST is used instead.
+func GetHttpServer() (*http.Server, error) {
+	if err := pages.LoadTemplates(); err != nil {
+		return nil, err
+	}
+
+	mux := http.NewServeMux()
+
+	mux.Handle("/assets/", http.StripPrefix(
+		"/assets",
+		http.FileServer(http.Dir("assets")),
+	))
+
+	mux.HandleFunc("GET /signin", pages.ShowSignInForm)
+	mux.HandleFunc("POST /signin", pages.AuthorizeUser)
+
+	mux.HandleFunc("GET /registration", pages.ShowRegistrationForm)
+	mux.HandleFunc("POST /registration", pages.CreateUser)
+
+	protectedMux := http.NewServeMux()
+	mux.Handle("/", middleware.RequireAuth(protectedMux))
+
+	protectedMux.HandleFunc("GET /", pages.ShowMainPage)
+	protectedMux.HandleFunc("GET /settings", pages.ShowSettings)
+
+	// Groups.
+
+	// Create group.
+	protectedMux.HandleFunc("POST /groups", pages.CreateGroup)
+	// Update group.
+	protectedMux.HandleFunc("POST /groups/{id}/update", pages.UpdateGroup)
+	// Delete group.
+	protectedMux.HandleFunc("POST /groups/{id}/delete", pages.DeleteGroup)
+
+	// Links.
+
+	// Create link.
+	protectedMux.HandleFunc("POST /links", pages.CreateLink)
+	// Update link.
+	protectedMux.HandleFunc("POST /links/{id}/update", pages.UpdateLink)
+	// Delete link.
+	protectedMux.HandleFunc("POST /links/{id}/delete", pages.DeleteLink)
+
+	return &http.Server{
+		Addr: ":8080",
+		Handler: middleware.LoggingMiddleware(
+			middleware.SecurityHeadersMiddleware(mux),
+		),
+	}, nil
+}
diff --git a/views/security.go b/views/security.go
deleted file mode 100644
index 11b8a54..0000000
--- a/views/security.go
+++ /dev/null
@@ -1,14 +0,0 @@
-package views
-
-import (
-	"github.com/gin-gonic/gin"
-)
-
-// Adds several headers to the response to improve security.
-// For example, headers prevent embedding a site and passing information about the referrer.
-func SecurityHeadersMiddleware(c *gin.Context) {
-	c.Writer.Header().Set("X-Frame-Options", "SAMEORIGIN")
-	c.Writer.Header().Set("X-Content-Type-Options", "nosniff")
-	c.Writer.Header().Set("Referrer-Policy", "same-origin")
-	c.Writer.Header().Set("Content-Security-Policy", "script-src 'self'; ")
-}
diff --git a/views/settings.go b/views/settings.go
deleted file mode 100644
index 205681d..0000000
--- a/views/settings.go
+++ /dev/null
@@ -1,30 +0,0 @@
-package views
-
-import (
-	"net/http"
-
-	"github.com/gin-gonic/gin"
-	"github.com/ordinary-dev/phoenix/config"
-	"github.com/ordinary-dev/phoenix/database"
-	"gorm.io/gorm"
-)
-
-func ShowSettings(cfg *config.Config, db *gorm.DB) gin.HandlerFunc {
-	return func(ctx *gin.Context) {
-		// Get a list of groups with links
-		var groups []database.Group
-		result := db.
-			Model(&database.Group{}).
-			Preload("Links").
-			Find(&groups)
-
-		if result.Error != nil {
-			ShowError(ctx, cfg, result.Error)
-			return
-		}
-
-		Render(ctx, cfg, http.StatusOK, "settings.html.tmpl", gin.H{
-			"groups": groups,
-		})
-	}
-}

From d1dd325774e6808053fd080a86dd777c95a6cc57 Mon Sep 17 00:00:00 2001
From: Ivan Reshetnikov <ordinarydev@protonmail.com>
Date: Mon, 25 Mar 2024 15:56:01 +0500
Subject: [PATCH 09/24] build: group dependabot pull requests

---
 .github/dependabot.yml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 0cfc43c..48911ca 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -4,7 +4,15 @@ updates:
     directory: "/"
     schedule:
       interval: "weekly"
+    groups:
+      github-deps:
+        patterns:
+          - "*"
   - package-ecosystem: "gomod"
     directory: "/"
     schedule:
       interval: "weekly"
+    groups:
+      go-deps:
+        patterns:
+          - "*"

From 5ae3bdd3596696f376f05e60a9e9590f2807daa1 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 25 Mar 2024 10:57:23 +0000
Subject: [PATCH 10/24] Bump the go-deps group with 4 updates

Bumps the go-deps group with 4 updates: [github.com/golang-jwt/jwt/v5](https://github.com/golang-jwt/jwt), [golang.org/x/crypto](https://github.com/golang/crypto), [gorm.io/driver/sqlite](https://github.com/go-gorm/sqlite) and [gorm.io/gorm](https://github.com/go-gorm/gorm).


Updates `github.com/golang-jwt/jwt/v5` from 5.2.0 to 5.2.1
- [Release notes](https://github.com/golang-jwt/jwt/releases)
- [Changelog](https://github.com/golang-jwt/jwt/blob/main/VERSION_HISTORY.md)
- [Commits](https://github.com/golang-jwt/jwt/compare/v5.2.0...v5.2.1)

Updates `golang.org/x/crypto` from 0.17.0 to 0.21.0
- [Commits](https://github.com/golang/crypto/compare/v0.17.0...v0.21.0)

Updates `gorm.io/driver/sqlite` from 1.5.4 to 1.5.5
- [Commits](https://github.com/go-gorm/sqlite/compare/v1.5.4...v1.5.5)

Updates `gorm.io/gorm` from 1.25.5 to 1.25.7-0.20240204074919-46816ad31dde
- [Release notes](https://github.com/go-gorm/gorm/releases)
- [Commits](https://github.com/go-gorm/gorm/commits)

---
updated-dependencies:
- dependency-name: github.com/golang-jwt/jwt/v5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-deps
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-deps
- dependency-name: gorm.io/driver/sqlite
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-deps
- dependency-name: gorm.io/gorm
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 go.mod | 10 +++++-----
 go.sum | 20 ++++++++++----------
 2 files changed, 15 insertions(+), 15 deletions(-)

diff --git a/go.mod b/go.mod
index 8da8c4c..9f2208b 100644
--- a/go.mod
+++ b/go.mod
@@ -3,13 +3,13 @@ module github.com/ordinary-dev/phoenix
 go 1.22
 
 require (
-	github.com/golang-jwt/jwt/v5 v5.2.0
+	github.com/golang-jwt/jwt/v5 v5.2.1
 	github.com/joho/godotenv v1.5.1
 	github.com/kelseyhightower/envconfig v1.4.0
 	github.com/sirupsen/logrus v1.9.3
-	golang.org/x/crypto v0.17.0
-	gorm.io/driver/sqlite v1.5.4
-	gorm.io/gorm v1.25.5
+	golang.org/x/crypto v0.21.0
+	gorm.io/driver/sqlite v1.5.5
+	gorm.io/gorm v1.25.7-0.20240204074919-46816ad31dde
 )
 
 require (
@@ -17,5 +17,5 @@ require (
 	github.com/jinzhu/now v1.1.5 // indirect
 	github.com/mattn/go-sqlite3 v1.14.17 // indirect
 	github.com/stretchr/testify v1.8.3 // indirect
-	golang.org/x/sys v0.15.0 // indirect
+	golang.org/x/sys v0.18.0 // indirect
 )
diff --git a/go.sum b/go.sum
index e52a1c9..8e9139c 100644
--- a/go.sum
+++ b/go.sum
@@ -1,8 +1,8 @@
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/golang-jwt/jwt/v5 v5.2.0 h1:d/ix8ftRUorsN+5eMIlF4T6J8CAt9rch3My2winC1Jw=
-github.com/golang-jwt/jwt/v5 v5.2.0/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
+github.com/golang-jwt/jwt/v5 v5.2.1 h1:OuVbFODueb089Lh128TAcimifWaLhJwVflnrgM17wHk=
+github.com/golang-jwt/jwt/v5 v5.2.1/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
 github.com/jinzhu/inflection v1.0.0 h1:K317FqzuhWc8YvSVlFMCCUb36O/S9MCKRDI7QkRKD/E=
 github.com/jinzhu/inflection v1.0.0/go.mod h1:h+uFLlag+Qp1Va5pdKtLDYj+kHp5pxUVkryuEj+Srlc=
 github.com/jinzhu/now v1.1.5 h1:/o9tlHleP7gOFmsnYNz3RGnqzefHA47wQpKrrdTIwXQ=
@@ -21,16 +21,16 @@ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.8.3 h1:RP3t2pwF7cMEbC1dqtB6poj3niw/9gnV4Cjg5oW5gtY=
 github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
-golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k=
-golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
+golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA=
+golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs=
 golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
-golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4=
+golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-gorm.io/driver/sqlite v1.5.4 h1:IqXwXi8M/ZlPzH/947tn5uik3aYQslP9BVveoax0nV0=
-gorm.io/driver/sqlite v1.5.4/go.mod h1:qxAuCol+2r6PannQDpOP1FP6ag3mKi4esLnB/jHed+4=
-gorm.io/gorm v1.25.5 h1:zR9lOiiYf09VNh5Q1gphfyia1JpiClIWG9hQaxB/mls=
-gorm.io/gorm v1.25.5/go.mod h1:hbnx/Oo0ChWMn1BIhpy1oYozzpM15i4YPuHDmfYtwg8=
+gorm.io/driver/sqlite v1.5.5 h1:7MDMtUZhV065SilG62E0MquljeArQZNfJnjd9i9gx3E=
+gorm.io/driver/sqlite v1.5.5/go.mod h1:6NgQ7sQWAIFsPrJJl1lSNSu2TABh0ZZ/zm5fosATavE=
+gorm.io/gorm v1.25.7-0.20240204074919-46816ad31dde h1:9DShaph9qhkIYw7QF91I/ynrr4cOO2PZra2PFD7Mfeg=
+gorm.io/gorm v1.25.7-0.20240204074919-46816ad31dde/go.mod h1:hbnx/Oo0ChWMn1BIhpy1oYozzpM15i4YPuHDmfYtwg8=

From ac54a6f8549efb9d56f9ca55fdc8fd3ba569cc81 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 25 Mar 2024 10:57:29 +0000
Subject: [PATCH 11/24] Bump the github-deps group with 4 updates

Bumps the github-deps group with 4 updates: [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action), [docker/login-action](https://github.com/docker/login-action), [docker/metadata-action](https://github.com/docker/metadata-action) and [docker/build-push-action](https://github.com/docker/build-push-action).


Updates `docker/setup-buildx-action` from 3.0.0 to 3.2.0
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](https://github.com/docker/setup-buildx-action/compare/v3.0.0...v3.2.0)

Updates `docker/login-action` from 3.0.0 to 3.1.0
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v3.0.0...v3.1.0)

Updates `docker/metadata-action` from 5.4.0 to 5.5.1
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Commits](https://github.com/docker/metadata-action/compare/v5.4.0...v5.5.1)

Updates `docker/build-push-action` from 5.1.0 to 5.3.0
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v5.1.0...v5.3.0)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-deps
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-deps
- dependency-name: docker/metadata-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-deps
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/docker.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
index 975cba7..18d470e 100644
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -26,12 +26,12 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Setup Docker buildx
-        uses: docker/setup-buildx-action@v3.0.0
+        uses: docker/setup-buildx-action@v3.2.0
 
       # Login against a Docker registry
       # https://github.com/docker/login-action
       - name: Log into registry ${{ env.REGISTRY }}
-        uses: docker/login-action@v3.0.0
+        uses: docker/login-action@v3.1.0
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
@@ -41,7 +41,7 @@ jobs:
       # https://github.com/docker/metadata-action
       - name: Extract Docker metadata
         id: meta
-        uses: docker/metadata-action@v5.4.0
+        uses: docker/metadata-action@v5.5.1
         with:
           images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
 
@@ -49,7 +49,7 @@ jobs:
       # https://github.com/docker/build-push-action
       - name: Build and push Docker image
         id: build-and-push
-        uses: docker/build-push-action@v5.1.0
+        uses: docker/build-push-action@v5.3.0
         with:
           context: .
           push: true

From 76275010a84eee859c083c054a4845fa0201b211 Mon Sep 17 00:00:00 2001
From: Ivan Reshetnikov <ordinarydev@protonmail.com>
Date: Mon, 25 Mar 2024 16:09:55 +0500
Subject: [PATCH 12/24] test: check parsing of templates

---
 Makefile                      |  9 ++++++---
 testutils/workingdir.go       | 15 +++++++++++++++
 views/pages/templates_test.go | 18 ++++++++++++++++++
 3 files changed, 39 insertions(+), 3 deletions(-)
 create mode 100644 testutils/workingdir.go
 create mode 100644 views/pages/templates_test.go

diff --git a/Makefile b/Makefile
index 0802ee3..3b92889 100644
--- a/Makefile
+++ b/Makefile
@@ -1,10 +1,13 @@
-all: fmt vet
+all: fmt test
 
 fmt:
 	gofmt -s -w .
 
-vet:
-	go vet ./...
+test:
+	go test ./...
+
+run:
+	go run .
 
 favicons:
 	convert -background none assets/favicons/favicon.svg -resize 16x16 assets/favicons/favicon-16.png
diff --git a/testutils/workingdir.go b/testutils/workingdir.go
new file mode 100644
index 0000000..a71f9a7
--- /dev/null
+++ b/testutils/workingdir.go
@@ -0,0 +1,15 @@
+package testutils
+
+import (
+	"os"
+	"path"
+	"runtime"
+)
+
+// Change the current directory to the project directory.
+// Useful for tests that work with files.
+func ResetWorkingDir() error {
+	_, filename, _, _ := runtime.Caller(0)
+	dir := path.Join(path.Dir(filename), "..")
+	return os.Chdir(dir)
+}
diff --git a/views/pages/templates_test.go b/views/pages/templates_test.go
new file mode 100644
index 0000000..c548e96
--- /dev/null
+++ b/views/pages/templates_test.go
@@ -0,0 +1,18 @@
+package pages
+
+import (
+	"testing"
+
+	"github.com/ordinary-dev/phoenix/testutils"
+)
+
+// Check that all templates can be loaded.
+func TestLoadTemplates(t *testing.T) {
+	if err := testutils.ResetWorkingDir(); err != nil {
+		t.Fatal(err)
+	}
+
+	if err := LoadTemplates(); err != nil {
+		t.Fatal(err)
+	}
+}

From 8a7337694f2fc0f34143946eb8146912b749821e Mon Sep 17 00:00:00 2001
From: Ivan Reshetnikov <ordinarydev@protonmail.com>
Date: Mon, 25 Mar 2024 16:11:36 +0500
Subject: [PATCH 13/24] docs: remove obsolete parameter ENABLEGINLOGGER

---
 readme.md | 1 -
 1 file changed, 1 deletion(-)

diff --git a/readme.md b/readme.md
index 0ccad97..1660649 100644
--- a/readme.md
+++ b/readme.md
@@ -21,7 +21,6 @@ Service settings can be set through environment variables.
 | P_DBPATH            | Path to the sqlite database.                                     | Docker: `/var/lib/phoenix/db.sqlite3` |
 | P_SECRETKEY         | A long and random secret string used for authorization.          |                                       |
 | P_LOGLEVEL          | Log level settings: `debug`, `info`, `warning`, `error`, `fatal` | `warning`                             |
-| P_ENABLEGINLOGGER   | Enable gin's logging middleware. Can create a lot of logs.       | `false`                               |
 | P_PRODUCTION        | Is this instance running in production mode?                     | `true`                                |
 | P_HEADERAUTH        | Enable Trusted Header Auth (SSO)                                 | `false`                               |
 | P_DEFAULTUSERNAME   | Data for the first user.                                         |                                       |

From 66701b26878185ce45aaaef74d6da677e258096f Mon Sep 17 00:00:00 2001
From: Ivan Reshetnikov <ordinarydev@protonmail.com>
Date: Mon, 25 Mar 2024 16:38:01 +0500
Subject: [PATCH 14/24] build(docker)!: update base images, migrate to debian

The transition to debian was caused by problems when building the sqlite3 driver.
I couldn't find a solution.
---
 Dockerfile | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 6e4f4c7..e245d9c 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,7 +1,6 @@
-FROM golang:1.21.3-alpine3.18 AS builder
+FROM golang:1.22 AS builder
 
-RUN apk add gcc
-RUN apk add musl-dev
+RUN apt install -y --no-install-recommends gcc
 
 WORKDIR /app
 
@@ -12,7 +11,7 @@ ADD . .
 
 RUN go build -o main
 
-FROM alpine:3.18.4
+FROM debian:bookworm-slim
 
 WORKDIR /app
 COPY --from=builder /app/main /usr/local/bin/phoenix

From 5aa2cee5b1a50596eb1e91db47b9917df85445d4 Mon Sep 17 00:00:00 2001
From: Ivan Reshetnikov <ordinarydev@protonmail.com>
Date: Tue, 26 Mar 2024 00:40:52 +0500
Subject: [PATCH 15/24] chore: migrate to database/sql
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Since I started simplifying, I decided to abandon ORM.

I won’t say that this makes much sense, everything works more or less as before.
Except that the size of the program has decreased slightly again, by about a megabyte.
---
 database/admins.go          | 100 ++++++++++++++++++++---------
 database/admins_test.go     |  58 +++++++++++++++++
 database/connection.go      |  20 ++++++
 database/connection_test.go |  28 ++++++++
 database/db.go              |  22 -------
 database/errors.go          |   9 +++
 database/groups.go          | 105 +++++++++++++++++++++++++++++-
 database/groups_test.go     |  46 ++++++++++++++
 database/links.go           | 123 ++++++++++++++++++++++++++++++++++--
 database/links_test.go      |  50 +++++++++++++++
 database/migrations.go      |  98 ++++++++++++++++++++++++++++
 database/migrations_test.go |  16 +++++
 go.mod                      |   6 +-
 go.sum                      |  12 +---
 main.go                     |  32 +++++++---
 views/middleware/auth.go    |   8 ++-
 views/pages/groups.go       |  25 +++-----
 views/pages/index.go        |  14 ++--
 views/pages/links.go        |  25 ++++----
 views/pages/registration.go |  18 +++++-
 views/pages/settings.go     |  12 +---
 views/pages/signin.go       |   2 +-
 22 files changed, 694 insertions(+), 135 deletions(-)
 create mode 100644 database/admins_test.go
 create mode 100644 database/connection.go
 create mode 100644 database/connection_test.go
 delete mode 100644 database/db.go
 create mode 100644 database/errors.go
 create mode 100644 database/groups_test.go
 create mode 100644 database/links_test.go
 create mode 100644 database/migrations.go
 create mode 100644 database/migrations_test.go

diff --git a/database/admins.go b/database/admins.go
index fd57d46..a06a9bd 100644
--- a/database/admins.go
+++ b/database/admins.go
@@ -5,49 +5,91 @@ import (
 )
 
 type Admin struct {
-	ID       uint64 `gorm:"primaryKey"`
-	Username string `gorm:"unique;notNull"`
-	Bcrypt   string `gorm:"notNull"`
+	ID       int
+	Username string
+	Bcrypt   string
 }
 
-func CountAdmins() int64 {
-	var admins []Admin
+func CountAdmins() (int64, error) {
 	var count int64
-	DB.Model(&admins).Count(&count)
-	return count
+	query := `SELECT COUNT(*) FROM admins`
+	if err := DB.QueryRow(query).Scan(&count); err != nil {
+		return 0, err
+	}
+
+	return count, nil
 }
 
-func CreateAdmin(username string, password string) (Admin, error) {
+func CreateAdmin(username string, password string) (*Admin, error) {
 	hash, err := bcrypt.GenerateFromPassword([]byte(password), 10)
 	if err != nil {
-		return Admin{}, err
+		return nil, err
 	}
 
-	admin := Admin{
-		Username: username,
-		Bcrypt:   string(hash),
-	}
-	result := DB.Create(&admin)
+	query := `
+        INSERT INTO admins(username, bcrypt)
+        VALUES (?, ?)
+        RETURNING id
+    `
 
-	if result.Error != nil {
-		return Admin{}, result.Error
-	}
-
-	return admin, nil
-}
-
-func AuthorizeAdmin(username string, password string) (Admin, error) {
 	var admin Admin
-	result := DB.Where("username = ?", username).First(&admin)
+	admin.Username = username
+	admin.Bcrypt = string(hash)
 
-	if result.Error != nil {
-		return Admin{}, result.Error
-	}
+	err = DB.
+		QueryRow(query, admin.Username, admin.Bcrypt).
+		Scan(&admin.ID)
 
-	err := bcrypt.CompareHashAndPassword([]byte(admin.Bcrypt), []byte(password))
 	if err != nil {
-		return Admin{}, err
+		return nil, err
 	}
 
-	return admin, nil
+	return &admin, nil
+}
+
+func GetAdminIfPasswordMatches(username string, password string) (*Admin, error) {
+	query := `
+        SELECT id, username, bcrypt
+        FROM admins
+        WHERE username = ?
+    `
+
+	var admin Admin
+	err := DB.
+		QueryRow(query, username).
+		Scan(&admin.ID, &admin.Username, &admin.Bcrypt)
+
+	if err != nil {
+		return nil, err
+	}
+
+	err = bcrypt.CompareHashAndPassword([]byte(admin.Bcrypt), []byte(password))
+	if err != nil {
+		return nil, err
+	}
+
+	return &admin, nil
+}
+
+func DeleteAdmin(id int) error {
+	query := `
+        DELETE FROM admins
+        WHERE id = ?
+    `
+
+	res, err := DB.Exec(query, id)
+	if err != nil {
+		return err
+	}
+
+	rowsAffected, err := res.RowsAffected()
+	if err != nil {
+		return err
+	}
+
+	if rowsAffected != 1 {
+		return ErrWrongNumberOfAffectedRows
+	}
+
+	return nil
 }
diff --git a/database/admins_test.go b/database/admins_test.go
new file mode 100644
index 0000000..b5251c4
--- /dev/null
+++ b/database/admins_test.go
@@ -0,0 +1,58 @@
+package database
+
+import (
+	_ "github.com/mattn/go-sqlite3"
+	"testing"
+)
+
+func TestAdmins(t *testing.T) {
+	initTestDatabase(t)
+	defer deleteTestDatabase(t)
+
+	// We should have no admins.
+	count, err := CountAdmins()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if count != 0 {
+		t.Fatal("user count is not zero")
+	}
+
+	// Create the first user.
+	username := "test"
+	password := "test"
+	admin, err := CreateAdmin(username, password)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	// Check password and get admin.
+	dbAdmin, err := GetAdminIfPasswordMatches(username, password)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if dbAdmin.ID != admin.ID {
+		t.Fatal("wrong admin id")
+	}
+
+	// Check wrong password handling.
+	if _, err := GetAdminIfPasswordMatches("test", "wrong-password"); err == nil {
+		t.Fatal("wrong password was accepted")
+	}
+
+	// Count users again.
+	count, err = CountAdmins()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if count != 1 {
+		t.Fatal("user count is not one")
+	}
+
+	// Delete user.
+	if err := DeleteAdmin(admin.ID); err != nil {
+		t.Fatal(err)
+	}
+}
diff --git a/database/connection.go b/database/connection.go
new file mode 100644
index 0000000..76ce278
--- /dev/null
+++ b/database/connection.go
@@ -0,0 +1,20 @@
+package database
+
+import (
+	"database/sql"
+	_ "github.com/mattn/go-sqlite3"
+	"github.com/ordinary-dev/phoenix/config"
+)
+
+var DB *sql.DB
+
+func EstablishDatabaseConnection(cfg *config.Config) error {
+	var err error
+	DB, err = sql.Open("sqlite3", cfg.DBPath)
+
+	if err := DB.Ping(); err != nil {
+		return err
+	}
+
+	return err
+}
diff --git a/database/connection_test.go b/database/connection_test.go
new file mode 100644
index 0000000..a361def
--- /dev/null
+++ b/database/connection_test.go
@@ -0,0 +1,28 @@
+package database
+
+import (
+	"database/sql"
+	_ "github.com/mattn/go-sqlite3"
+	"os"
+	"testing"
+)
+
+const TEST_DB_PATH = "/tmp/phoenix.sqlite3"
+
+func initTestDatabase(t *testing.T) {
+	var err error
+	DB, err = sql.Open("sqlite3", TEST_DB_PATH)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if err := ApplyMigrations(); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func deleteTestDatabase(t *testing.T) {
+	if err := os.Remove(TEST_DB_PATH); err != nil {
+		t.Fatal(err)
+	}
+}
diff --git a/database/db.go b/database/db.go
deleted file mode 100644
index 22e551d..0000000
--- a/database/db.go
+++ /dev/null
@@ -1,22 +0,0 @@
-package database
-
-import (
-	"github.com/ordinary-dev/phoenix/config"
-	"gorm.io/driver/sqlite"
-	"gorm.io/gorm"
-)
-
-var DB *gorm.DB
-
-func EstablishDatabaseConnection(cfg *config.Config) error {
-	var err error
-	DB, err = gorm.Open(sqlite.Open(cfg.DBPath), &gorm.Config{})
-	if err != nil {
-		return err
-	}
-
-	// Migrate the schema
-	DB.AutoMigrate(&Admin{}, &Group{}, &Link{})
-
-	return nil
-}
diff --git a/database/errors.go b/database/errors.go
new file mode 100644
index 0000000..e1e9715
--- /dev/null
+++ b/database/errors.go
@@ -0,0 +1,9 @@
+package database
+
+import (
+	"errors"
+)
+
+var (
+	ErrWrongNumberOfAffectedRows = errors.New("wrong number of affected rows")
+)
diff --git a/database/groups.go b/database/groups.go
index cdeae45..3f744ea 100644
--- a/database/groups.go
+++ b/database/groups.go
@@ -1,7 +1,106 @@
 package database
 
 type Group struct {
-	ID    uint64 `gorm:"primaryKey"`
-	Name  string `gorm:"unique,notNull"`
-	Links []Link `gorm:"constraint:OnDelete:CASCADE;"`
+	ID    int
+	Name  string
+	Links []Link
+}
+
+func GetGroupsWithLinks() ([]Group, error) {
+	query := `
+        SELECT id, name
+        FROM groups
+        ORDER BY groups.id
+    `
+
+	rows, err := DB.Query(query)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var groups []Group
+	for rows.Next() {
+		var group Group
+		if err := rows.Scan(&group.ID, &group.Name); err != nil {
+			return nil, err
+		}
+		groups = append(groups, group)
+	}
+
+	if err := rows.Err(); err != nil {
+		return nil, err
+	}
+
+	for i := range groups {
+		groups[i].Links, err = GetLinksFromGroup(groups[i].ID)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	return groups, nil
+}
+
+// Create a new group in the database.
+// The function fills in the ID.
+func CreateGroup(group *Group) error {
+	query := `
+        INSERT INTO groups (name)
+        VALUES (?)
+        RETURNING id
+    `
+
+	if err := DB.QueryRow(query, group.Name).Scan(&group.ID); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func UpdateGroup(id int, name string) error {
+	query := `
+        UPDATE groups
+        SET name = ?
+        WHERE id = ?
+    `
+
+	res, err := DB.Exec(query, name, id)
+	if err != nil {
+		return err
+	}
+
+	rowsAffected, err := res.RowsAffected()
+	if err != nil {
+		return err
+	}
+
+	if rowsAffected != 1 {
+		return ErrWrongNumberOfAffectedRows
+	}
+
+	return nil
+}
+
+func DeleteGroup(groupID int) error {
+	query := `
+        DELETE FROM groups
+        WHERE id = ?
+    `
+
+	res, err := DB.Exec(query, groupID)
+	if err != nil {
+		return err
+	}
+
+	rowsAffected, err := res.RowsAffected()
+	if err != nil {
+		return err
+	}
+
+	if rowsAffected != 1 {
+		return ErrWrongNumberOfAffectedRows
+	}
+
+	return nil
 }
diff --git a/database/groups_test.go b/database/groups_test.go
new file mode 100644
index 0000000..a280a59
--- /dev/null
+++ b/database/groups_test.go
@@ -0,0 +1,46 @@
+package database
+
+import (
+	_ "github.com/mattn/go-sqlite3"
+	"testing"
+)
+
+func TestGroups(t *testing.T) {
+	initTestDatabase(t)
+	defer deleteTestDatabase(t)
+
+	// Create the first group.
+	group := Group{
+		Name: "test",
+	}
+	if err := CreateGroup(&group); err != nil {
+		t.Fatal(err)
+	}
+	if group.ID == 0 {
+		t.Fatal("group id is zero")
+	}
+
+	// Update group.
+	if err := UpdateGroup(group.ID, "new-name"); err != nil {
+		t.Fatal(err)
+	}
+
+	// Read groups.
+	groupList, err := GetGroupsWithLinks()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if len(groupList) != 1 {
+		t.Fatal("group list length is not one")
+	}
+
+	if groupList[0].Name != "new-name" {
+		t.Fatal("wrong group name")
+	}
+
+	// Delete group.
+	if err := DeleteGroup(group.ID); err != nil {
+		t.Fatal(err)
+	}
+}
diff --git a/database/links.go b/database/links.go
index 3b44042..aed805c 100644
--- a/database/links.go
+++ b/database/links.go
@@ -1,9 +1,124 @@
 package database
 
 type Link struct {
-	ID      uint64 `gorm:"primaryKey"`
-	Name    string `gorm:"notNull"`
-	Href    string `gorm:"notNull"`
-	GroupID uint64 `gorm:"notNull"`
+	ID      int
+	Name    string
+	Href    string
+	GroupID int
 	Icon    *string
 }
+
+func GetLinksFromGroup(groupID int) ([]Link, error) {
+	query := `
+        SELECT id, name, href, group_id, icon
+        FROM links
+        WHERE group_id = ?
+        ORDER BY id
+    `
+
+	rows, err := DB.Query(query, groupID)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var links []Link
+	for rows.Next() {
+		var link Link
+		if err := rows.Scan(&link.ID, &link.Name, &link.Href, &link.GroupID, &link.Icon); err != nil {
+			return nil, err
+		}
+		links = append(links, link)
+	}
+
+	if err := rows.Err(); err != nil {
+		return nil, err
+	}
+
+	return links, nil
+}
+
+func GetLink(id int) (*Link, error) {
+	query := `
+        SELECT id, name, href, group_id, icon
+        FROM links
+        WHERE id = ?
+    `
+
+	var link Link
+	err := DB.
+		QueryRow(query, id).
+		Scan(&link.ID, &link.Name, &link.Href, &link.GroupID, &link.Icon)
+	if err != nil {
+		return nil, err
+	}
+
+	return &link, nil
+}
+
+// Create a new link in the database.
+// The function fills in the ID.
+func CreateLink(link *Link) error {
+	query := `
+        INSERT INTO links (name, href, group_id, icon)
+        VALUES (?, ?, ?, ?)
+        RETURNING id
+    `
+
+	err := DB.
+		QueryRow(query, link.Name, link.Href, link.GroupID, link.Icon).
+		Scan(&link.ID)
+
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func UpdateLink(link *Link) error {
+	query := `
+        UPDATE links
+        SET name = ?, href = ?, group_id = ?, icon = ?
+        WHERE id = ?
+    `
+
+	res, err := DB.Exec(query, link.Name, link.Href, link.GroupID, link.Icon, link.ID)
+	if err != nil {
+		return err
+	}
+
+	rowsAffected, err := res.RowsAffected()
+	if err != nil {
+		return err
+	}
+
+	if rowsAffected != 1 {
+		return ErrWrongNumberOfAffectedRows
+	}
+
+	return nil
+}
+
+func DeleteLink(linkID int) error {
+	query := `
+        DELETE FROM links
+        WHERE id = ?
+    `
+
+	res, err := DB.Exec(query, linkID)
+	if err != nil {
+		return err
+	}
+
+	rowsAffected, err := res.RowsAffected()
+	if err != nil {
+		return err
+	}
+
+	if rowsAffected != 1 {
+		return ErrWrongNumberOfAffectedRows
+	}
+
+	return nil
+}
diff --git a/database/links_test.go b/database/links_test.go
new file mode 100644
index 0000000..e1c0a21
--- /dev/null
+++ b/database/links_test.go
@@ -0,0 +1,50 @@
+package database
+
+import (
+	_ "github.com/mattn/go-sqlite3"
+	"testing"
+)
+
+func TestLinks(t *testing.T) {
+	initTestDatabase(t)
+	defer deleteTestDatabase(t)
+
+	// Create the first group.
+	group := Group{
+		Name: "test",
+	}
+	if err := CreateGroup(&group); err != nil {
+		t.Fatal(err)
+	}
+
+	// Create the first link.
+	icon := "test/icon"
+	link := Link{
+		Name:    "test",
+		Href:    "/test",
+		GroupID: group.ID,
+		Icon:    &icon,
+	}
+	if err := CreateLink(&link); err != nil {
+		t.Fatal(err)
+	}
+	if link.ID == 0 {
+		t.Fatal("link id is zero")
+	}
+
+	// Update link.
+	link.Href = "/new-href"
+	if err := UpdateLink(&link); err != nil {
+		t.Fatal(err)
+	}
+
+	// Delete link.
+	if err := DeleteLink(link.ID); err != nil {
+		t.Fatal(err)
+	}
+
+	// Delete group.
+	if err := DeleteGroup(group.ID); err != nil {
+		t.Fatal(err)
+	}
+}
diff --git a/database/migrations.go b/database/migrations.go
new file mode 100644
index 0000000..e1854e0
--- /dev/null
+++ b/database/migrations.go
@@ -0,0 +1,98 @@
+package database
+
+import (
+	"database/sql"
+	"errors"
+	"fmt"
+
+	log "github.com/sirupsen/logrus"
+)
+
+// List of migrations that should be applied.
+// Migration ID = index + 1.
+var migrations = []string{
+	`CREATE TABLE IF NOT EXISTS admins (
+        id INTEGER PRIMARY KEY,
+        username TEXT NOT NULL UNIQUE,
+        bcrypt TEXT NOT NULL
+    )`,
+	`CREATE TABLE IF NOT EXISTS groups (
+        id INTEGER PRIMARY KEY,
+        name TEXT
+    )`,
+	`CREATE TABLE IF NOT EXISTS links (
+        id INTEGER PRIMARY KEY,
+        name TEXT NOT NULL,
+        href TEXT NOT NULL,
+        group_id INTEGER NOT NULL,
+        icon TEXT,
+        CONSTRAINT fk_groups_links
+            FOREIGN KEY (group_id)
+            REFERENCES groups(id)
+            ON DELETE CASCADE
+    )`,
+}
+
+func ApplyMigrations() error {
+	// Create a table to record applied migrations and retrieve the saved data.
+	_, err := DB.Exec(`CREATE TABLE IF NOT EXISTS migrations (
+        version INTEGER NOT NULL DEFAULT 0
+    )`)
+	if err != nil {
+		return err
+	}
+
+	var currentVersion int
+	err = DB.
+		QueryRow("SELECT version FROM migrations").
+		Scan(&currentVersion)
+	if err != nil {
+		if !errors.Is(err, sql.ErrNoRows) {
+			return err
+		}
+
+		// The table is empty, create a record.
+		_, err = DB.Exec("INSERT INTO migrations (version) VALUES (0)")
+		if err != nil {
+			return err
+		}
+	}
+
+	// Apply all migrations.
+	for i, migration := range migrations {
+		migrationID := i + 1
+		if migrationID <= currentVersion {
+			continue
+		}
+
+		if err := applyMigration(migrationID, migration); err != nil {
+			return fmt.Errorf("migration #%d: %w", migrationID, err)
+		}
+
+		log.Infof("Migration #%v has been applied", migrationID)
+	}
+
+	return nil
+}
+
+func applyMigration(migrationID int, query string) error {
+	tx, err := DB.Begin()
+	if err != nil {
+		return err
+	}
+	defer tx.Rollback()
+
+	if _, err := tx.Exec(query); err != nil {
+		return fmt.Errorf("error when applying migration: %w", err)
+	}
+
+	if _, err := tx.Exec("UPDATE migrations SET version = ?", migrationID); err != nil {
+		return fmt.Errorf("error when updating schema version: %w", err)
+	}
+
+	if err := tx.Commit(); err != nil {
+		return err
+	}
+
+	return nil
+}
diff --git a/database/migrations_test.go b/database/migrations_test.go
new file mode 100644
index 0000000..411f21d
--- /dev/null
+++ b/database/migrations_test.go
@@ -0,0 +1,16 @@
+package database
+
+import (
+	_ "github.com/mattn/go-sqlite3"
+	"testing"
+)
+
+func TestMigrations(t *testing.T) {
+	initTestDatabase(t)
+	defer deleteTestDatabase(t)
+
+	// We should be able to call the function multiple times.
+	if err := ApplyMigrations(); err != nil {
+		t.Fatal(err)
+	}
+}
diff --git a/go.mod b/go.mod
index 9f2208b..ba7560b 100644
--- a/go.mod
+++ b/go.mod
@@ -6,16 +6,12 @@ require (
 	github.com/golang-jwt/jwt/v5 v5.2.1
 	github.com/joho/godotenv v1.5.1
 	github.com/kelseyhightower/envconfig v1.4.0
+	github.com/mattn/go-sqlite3 v1.14.22
 	github.com/sirupsen/logrus v1.9.3
 	golang.org/x/crypto v0.21.0
-	gorm.io/driver/sqlite v1.5.5
-	gorm.io/gorm v1.25.7-0.20240204074919-46816ad31dde
 )
 
 require (
-	github.com/jinzhu/inflection v1.0.0 // indirect
-	github.com/jinzhu/now v1.1.5 // indirect
-	github.com/mattn/go-sqlite3 v1.14.17 // indirect
 	github.com/stretchr/testify v1.8.3 // indirect
 	golang.org/x/sys v0.18.0 // indirect
 )
diff --git a/go.sum b/go.sum
index 8e9139c..d4a3009 100644
--- a/go.sum
+++ b/go.sum
@@ -3,16 +3,12 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/golang-jwt/jwt/v5 v5.2.1 h1:OuVbFODueb089Lh128TAcimifWaLhJwVflnrgM17wHk=
 github.com/golang-jwt/jwt/v5 v5.2.1/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
-github.com/jinzhu/inflection v1.0.0 h1:K317FqzuhWc8YvSVlFMCCUb36O/S9MCKRDI7QkRKD/E=
-github.com/jinzhu/inflection v1.0.0/go.mod h1:h+uFLlag+Qp1Va5pdKtLDYj+kHp5pxUVkryuEj+Srlc=
-github.com/jinzhu/now v1.1.5 h1:/o9tlHleP7gOFmsnYNz3RGnqzefHA47wQpKrrdTIwXQ=
-github.com/jinzhu/now v1.1.5/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/z8=
 github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0=
 github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4=
 github.com/kelseyhightower/envconfig v1.4.0 h1:Im6hONhd3pLkfDFsbRgu68RDNkGF1r3dvMUtDTo2cv8=
 github.com/kelseyhightower/envconfig v1.4.0/go.mod h1:cccZRl6mQpaq41TPp5QxidR+Sa3axMbJDNb//FQX6Gg=
-github.com/mattn/go-sqlite3 v1.14.17 h1:mCRHCLDUBXgpKAqIKsaAaAsrAlbkeomtRFKXh2L6YIM=
-github.com/mattn/go-sqlite3 v1.14.17/go.mod h1:2eHXhiwb8IkHr+BDWZGa96P6+rkvnG63S2DGjv9HUNg=
+github.com/mattn/go-sqlite3 v1.14.22 h1:2gZY6PC6kBnID23Tichd1K+Z0oS6nE/XwU+Vz/5o4kU=
+github.com/mattn/go-sqlite3 v1.14.22/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
@@ -30,7 +26,3 @@ gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-gorm.io/driver/sqlite v1.5.5 h1:7MDMtUZhV065SilG62E0MquljeArQZNfJnjd9i9gx3E=
-gorm.io/driver/sqlite v1.5.5/go.mod h1:6NgQ7sQWAIFsPrJJl1lSNSu2TABh0ZZ/zm5fosATavE=
-gorm.io/gorm v1.25.7-0.20240204074919-46816ad31dde h1:9DShaph9qhkIYw7QF91I/ynrr4cOO2PZra2PFD7Mfeg=
-gorm.io/gorm v1.25.7-0.20240204074919-46816ad31dde/go.mod h1:hbnx/Oo0ChWMn1BIhpy1oYozzpM15i4YPuHDmfYtwg8=
diff --git a/main.go b/main.go
index 4a1be63..fa55756 100644
--- a/main.go
+++ b/main.go
@@ -4,43 +4,55 @@ import (
 	"github.com/ordinary-dev/phoenix/config"
 	"github.com/ordinary-dev/phoenix/database"
 	"github.com/ordinary-dev/phoenix/views"
-	"github.com/sirupsen/logrus"
+	log "github.com/sirupsen/logrus"
 )
 
 func main() {
 	// Configure logger
-	logrus.SetFormatter(&logrus.TextFormatter{
+	log.SetFormatter(&log.TextFormatter{
 		FullTimestamp: true,
 	})
 
 	// Read config
 	cfg, err := config.GetConfig()
 	if err != nil {
-		logrus.Fatalf("%v", err)
+		log.Fatal(err)
 	}
 
 	// Set log level
 	logLevel := cfg.GetLogLevel()
-	logrus.SetLevel(logLevel)
-	logrus.Infof("Setting log level to %v", logLevel)
+	log.SetLevel(logLevel)
+	log.Infof("Setting log level to %v", logLevel)
 
 	// Connect to the database
 	err = database.EstablishDatabaseConnection(cfg)
 	if err != nil {
-		logrus.Fatalf("%v", err)
+		log.Fatal(err)
+	}
+
+	// Apply migrations.
+	if err := database.ApplyMigrations(); err != nil {
+		log.Fatal(err)
 	}
 
 	// Create the first user
-	if cfg.DefaultUsername != "" && cfg.DefaultPassword != "" && database.CountAdmins() < 1 {
-		_, err := database.CreateAdmin(cfg.DefaultUsername, cfg.DefaultPassword)
+	if cfg.DefaultUsername != "" && cfg.DefaultPassword != "" {
+		adminCount, err := database.CountAdmins()
 		if err != nil {
-			logrus.Errorf("%v", err)
+			log.Fatal(err)
+		}
+
+		if adminCount < 1 {
+			_, err := database.CreateAdmin(cfg.DefaultUsername, cfg.DefaultPassword)
+			if err != nil {
+				log.Fatal(err)
+			}
 		}
 	}
 
 	server, err := views.GetHttpServer()
 	if err != nil {
-		logrus.Fatal(err)
+		log.Fatal(err)
 	}
 
 	server.ListenAndServe()
diff --git a/views/middleware/auth.go b/views/middleware/auth.go
index 8f586f3..1189e04 100644
--- a/views/middleware/auth.go
+++ b/views/middleware/auth.go
@@ -57,7 +57,13 @@ func RequireAuth(next http.Handler) http.Handler {
 
 		// Most likely the user is not authorized.
 		if err != nil {
-			if database.CountAdmins() < 1 {
+			count, err := database.CountAdmins()
+			if err != nil {
+				pages.ShowError(w, http.StatusInternalServerError, err)
+				return
+			}
+
+			if count < 1 {
 				http.Redirect(w, r, "/registration", http.StatusFound)
 			} else {
 				http.Redirect(w, r, "/signin", http.StatusFound)
diff --git a/views/pages/groups.go b/views/pages/groups.go
index fa330fa..dbe4260 100644
--- a/views/pages/groups.go
+++ b/views/pages/groups.go
@@ -14,8 +14,8 @@ func CreateGroup(w http.ResponseWriter, r *http.Request) {
 		Name: r.FormValue("groupName"),
 	}
 
-	if result := database.DB.Create(&group); result.Error != nil {
-		ShowError(w, http.StatusInternalServerError, result.Error)
+	if err := database.CreateGroup(&group); err != nil {
+		ShowError(w, http.StatusInternalServerError, err)
 		return
 	}
 
@@ -24,37 +24,30 @@ func CreateGroup(w http.ResponseWriter, r *http.Request) {
 }
 
 func UpdateGroup(w http.ResponseWriter, r *http.Request) {
-	id, err := strconv.ParseUint(r.PathValue("id"), 10, 64)
+	id, err := strconv.ParseInt(r.PathValue("id"), 10, 64)
 	if err != nil {
 		ShowError(w, http.StatusBadRequest, err)
 		return
 	}
 
-	var group database.Group
-	if result := database.DB.First(&group, id); result.Error != nil {
-		ShowError(w, http.StatusInternalServerError, result.Error)
-		return
-	}
-
-	group.Name = r.FormValue("groupName")
-	if result := database.DB.Save(&group); result.Error != nil {
-		ShowError(w, http.StatusInternalServerError, result.Error)
+	if err := database.UpdateGroup(int(id), r.FormValue("groupName")); err != nil {
+		ShowError(w, http.StatusInternalServerError, err)
 		return
 	}
 
 	// This page is called from the settings, return the user back.
-	http.Redirect(w, r, fmt.Sprintf("/settings#group-%v", group.ID), http.StatusFound)
+	http.Redirect(w, r, fmt.Sprintf("/settings#group-%v", id), http.StatusFound)
 }
 
 func DeleteGroup(w http.ResponseWriter, r *http.Request) {
-	id, err := strconv.ParseUint(r.PathValue("id"), 10, 64)
+	id, err := strconv.ParseInt(r.PathValue("id"), 10, 64)
 	if err != nil {
 		ShowError(w, http.StatusBadRequest, err)
 		return
 	}
 
-	if result := database.DB.Delete(&database.Group{}, id); result.Error != nil {
-		ShowError(w, http.StatusInternalServerError, result.Error)
+	if err := database.DeleteGroup(int(id)); err != nil {
+		ShowError(w, http.StatusInternalServerError, err)
 		return
 	}
 
diff --git a/views/pages/index.go b/views/pages/index.go
index 5f36973..29ff2f0 100644
--- a/views/pages/index.go
+++ b/views/pages/index.go
@@ -8,19 +8,13 @@ import (
 )
 
 func ShowMainPage(w http.ResponseWriter, _ *http.Request) {
-	// Get a list of groups with links
-	var groups []database.Group
-	result := database.DB.
-		Model(&database.Group{}).
-		Preload("Links").
-		Find(&groups)
-
-	if result.Error != nil {
-		ShowError(w, http.StatusInternalServerError, result.Error)
+	groups, err := database.GetGroupsWithLinks()
+	if err != nil {
+		ShowError(w, http.StatusInternalServerError, err)
 		return
 	}
 
-	err := Render("index.html.tmpl", w, map[string]any{
+	err = Render("index.html.tmpl", w, map[string]any{
 		"description": "Self-hosted start page.",
 		"groups":      groups,
 	})
diff --git a/views/pages/links.go b/views/pages/links.go
index d40ad37..0a5f9c6 100644
--- a/views/pages/links.go
+++ b/views/pages/links.go
@@ -9,7 +9,7 @@ import (
 )
 
 func CreateLink(w http.ResponseWriter, r *http.Request) {
-	groupID, err := strconv.ParseUint(r.FormValue("groupID"), 10, 32)
+	groupID, err := strconv.Atoi(r.FormValue("groupID"))
 	if err != nil {
 		ShowError(w, http.StatusBadRequest, err)
 		return
@@ -26,8 +26,8 @@ func CreateLink(w http.ResponseWriter, r *http.Request) {
 	} else {
 		link.Icon = &icon
 	}
-	if result := database.DB.Create(&link); result.Error != nil {
-		ShowError(w, http.StatusInternalServerError, result.Error)
+	if err := database.CreateLink(&link); err != nil {
+		ShowError(w, http.StatusInternalServerError, err)
 		return
 	}
 
@@ -36,15 +36,15 @@ func CreateLink(w http.ResponseWriter, r *http.Request) {
 }
 
 func UpdateLink(w http.ResponseWriter, r *http.Request) {
-	id, err := strconv.ParseUint(r.PathValue("id"), 10, 64)
+	id, err := strconv.Atoi(r.PathValue("id"))
 	if err != nil {
 		ShowError(w, http.StatusBadRequest, err)
 		return
 	}
 
-	var link database.Link
-	if result := database.DB.First(&link, id); result.Error != nil {
-		ShowError(w, http.StatusInternalServerError, result.Error)
+	link, err := database.GetLink(id)
+	if err != nil {
+		ShowError(w, http.StatusInternalServerError, err)
 		return
 	}
 
@@ -56,8 +56,9 @@ func UpdateLink(w http.ResponseWriter, r *http.Request) {
 	} else {
 		link.Icon = &icon
 	}
-	if result := database.DB.Save(&link); result.Error != nil {
-		ShowError(w, http.StatusInternalServerError, result.Error)
+
+	if err := database.UpdateLink(link); err != nil {
+		ShowError(w, http.StatusInternalServerError, err)
 		return
 	}
 
@@ -66,14 +67,14 @@ func UpdateLink(w http.ResponseWriter, r *http.Request) {
 }
 
 func DeleteLink(w http.ResponseWriter, r *http.Request) {
-	id, err := strconv.ParseUint(r.PathValue("id"), 10, 64)
+	id, err := strconv.Atoi(r.PathValue("id"))
 	if err != nil {
 		ShowError(w, http.StatusBadRequest, err)
 		return
 	}
 
-	if result := database.DB.Delete(&database.Link{}, id); result.Error != nil {
-		ShowError(w, http.StatusInternalServerError, result.Error)
+	if err := database.DeleteLink(id); err != nil {
+		ShowError(w, http.StatusInternalServerError, err)
 		return
 	}
 
diff --git a/views/pages/registration.go b/views/pages/registration.go
index 0dcb34a..2182aea 100644
--- a/views/pages/registration.go
+++ b/views/pages/registration.go
@@ -9,7 +9,13 @@ import (
 )
 
 func ShowRegistrationForm(w http.ResponseWriter, _ *http.Request) {
-	if database.CountAdmins() > 0 {
+	userCount, err := database.CountAdmins()
+	if err != nil {
+		ShowError(w, http.StatusInternalServerError, err)
+		return
+	}
+
+	if userCount > 0 {
 		ShowError(w, http.StatusBadRequest, errors.New("at least 1 user already exists"))
 		return
 	}
@@ -23,7 +29,13 @@ func ShowRegistrationForm(w http.ResponseWriter, _ *http.Request) {
 }
 
 func CreateUser(w http.ResponseWriter, r *http.Request) {
-	if database.CountAdmins() > 0 {
+	userCount, err := database.CountAdmins()
+	if err != nil {
+		ShowError(w, http.StatusInternalServerError, err)
+		return
+	}
+
+	if userCount > 0 {
 		ShowError(w, http.StatusBadRequest, errors.New("at least 1 user already exists"))
 		return
 	}
@@ -31,7 +43,7 @@ func CreateUser(w http.ResponseWriter, r *http.Request) {
 	// Try to create a user.
 	username := r.FormValue("username")
 	password := r.FormValue("password")
-	_, err := database.CreateAdmin(username, password)
+	_, err = database.CreateAdmin(username, password)
 	if err != nil {
 		ShowError(w, http.StatusInternalServerError, err)
 		return
diff --git a/views/pages/settings.go b/views/pages/settings.go
index 4fd3d5e..7eefd06 100644
--- a/views/pages/settings.go
+++ b/views/pages/settings.go
@@ -7,15 +7,9 @@ import (
 )
 
 func ShowSettings(w http.ResponseWriter, _ *http.Request) {
-	// Get a list of groups with links
-	var groups []database.Group
-	result := database.DB.
-		Model(&database.Group{}).
-		Preload("Links").
-		Find(&groups)
-
-	if result.Error != nil {
-		ShowError(w, http.StatusInternalServerError, result.Error)
+	groups, err := database.GetGroupsWithLinks()
+	if err != nil {
+		ShowError(w, http.StatusInternalServerError, err)
 		return
 	}
 
diff --git a/views/pages/signin.go b/views/pages/signin.go
index 2190d71..c848bf7 100644
--- a/views/pages/signin.go
+++ b/views/pages/signin.go
@@ -25,7 +25,7 @@ func AuthorizeUser(w http.ResponseWriter, r *http.Request) {
 	// Check credentials.
 	username := r.FormValue("username")
 	password := r.FormValue("password")
-	_, err := database.AuthorizeAdmin(username, password)
+	_, err := database.GetAdminIfPasswordMatches(username, password)
 	if err != nil {
 		ShowError(w, http.StatusUnauthorized, err)
 		return

From 4a9cec52adde87e59a3f7f15dd710ea5ba5d46f5 Mon Sep 17 00:00:00 2001
From: Ivan Reshetnikov <ordinarydev@protonmail.com>
Date: Tue, 26 Mar 2024 00:51:55 +0500
Subject: [PATCH 16/24] style: format code with goimports

---
 database/admins_test.go     | 3 ++-
 database/connection.go      | 1 +
 database/connection_test.go | 3 ++-
 database/groups_test.go     | 3 ++-
 database/links_test.go      | 3 ++-
 database/migrations_test.go | 3 ++-
 6 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/database/admins_test.go b/database/admins_test.go
index b5251c4..4028896 100644
--- a/database/admins_test.go
+++ b/database/admins_test.go
@@ -1,8 +1,9 @@
 package database
 
 import (
-	_ "github.com/mattn/go-sqlite3"
 	"testing"
+
+	_ "github.com/mattn/go-sqlite3"
 )
 
 func TestAdmins(t *testing.T) {
diff --git a/database/connection.go b/database/connection.go
index 76ce278..2fd569c 100644
--- a/database/connection.go
+++ b/database/connection.go
@@ -2,6 +2,7 @@ package database
 
 import (
 	"database/sql"
+
 	_ "github.com/mattn/go-sqlite3"
 	"github.com/ordinary-dev/phoenix/config"
 )
diff --git a/database/connection_test.go b/database/connection_test.go
index a361def..f9c3c2c 100644
--- a/database/connection_test.go
+++ b/database/connection_test.go
@@ -2,9 +2,10 @@ package database
 
 import (
 	"database/sql"
-	_ "github.com/mattn/go-sqlite3"
 	"os"
 	"testing"
+
+	_ "github.com/mattn/go-sqlite3"
 )
 
 const TEST_DB_PATH = "/tmp/phoenix.sqlite3"
diff --git a/database/groups_test.go b/database/groups_test.go
index a280a59..a98ed52 100644
--- a/database/groups_test.go
+++ b/database/groups_test.go
@@ -1,8 +1,9 @@
 package database
 
 import (
-	_ "github.com/mattn/go-sqlite3"
 	"testing"
+
+	_ "github.com/mattn/go-sqlite3"
 )
 
 func TestGroups(t *testing.T) {
diff --git a/database/links_test.go b/database/links_test.go
index e1c0a21..e735f84 100644
--- a/database/links_test.go
+++ b/database/links_test.go
@@ -1,8 +1,9 @@
 package database
 
 import (
-	_ "github.com/mattn/go-sqlite3"
 	"testing"
+
+	_ "github.com/mattn/go-sqlite3"
 )
 
 func TestLinks(t *testing.T) {
diff --git a/database/migrations_test.go b/database/migrations_test.go
index 411f21d..fd53730 100644
--- a/database/migrations_test.go
+++ b/database/migrations_test.go
@@ -1,8 +1,9 @@
 package database
 
 import (
-	_ "github.com/mattn/go-sqlite3"
 	"testing"
+
+	_ "github.com/mattn/go-sqlite3"
 )
 
 func TestMigrations(t *testing.T) {

From 6a71891478c385b5d78675d55ed285bf17056150 Mon Sep 17 00:00:00 2001
From: Ivan Reshetnikov <ordinarydev@protonmail.com>
Date: Tue, 26 Mar 2024 01:01:14 +0500
Subject: [PATCH 17/24] docs: remove obsolete parameter, remove memory
 footprint note

Unfortunately, memory consumption has increased.
I would not like to include it in the list of advantages now.
---
 readme.md | 2 --
 1 file changed, 2 deletions(-)

diff --git a/readme.md b/readme.md
index 1660649..273e43a 100644
--- a/readme.md
+++ b/readme.md
@@ -8,7 +8,6 @@ Self-hosted start page without the extra stuff.
 
 ## Features
 - No javascript
-- Relatively low resource consumption (around 7 MiB of RAM)
 - Authorization support
   - SSO via Trusted Header Auth (_Reverse Proxy_)
 - Font Awesome integration
@@ -21,7 +20,6 @@ Service settings can be set through environment variables.
 | P_DBPATH            | Path to the sqlite database.                                     | Docker: `/var/lib/phoenix/db.sqlite3` |
 | P_SECRETKEY         | A long and random secret string used for authorization.          |                                       |
 | P_LOGLEVEL          | Log level settings: `debug`, `info`, `warning`, `error`, `fatal` | `warning`                             |
-| P_PRODUCTION        | Is this instance running in production mode?                     | `true`                                |
 | P_HEADERAUTH        | Enable Trusted Header Auth (SSO)                                 | `false`                               |
 | P_DEFAULTUSERNAME   | Data for the first user.                                         |                                       |
 | P_DEFAULTPASSWORD   | Data for the first user.                                         |                                       |

From 101202b128d7e9c18edfcce418d7c3cbe2937405 Mon Sep 17 00:00:00 2001
From: Ivan Reshetnikov <ordinarydev@protonmail.com>
Date: Tue, 26 Mar 2024 01:15:51 +0500
Subject: [PATCH 18/24] chore: trim spaces in the received data

---
 views/pages/groups.go       |  6 ++++--
 views/pages/links.go        | 13 +++++++------
 views/pages/registration.go |  5 +++--
 views/pages/signin.go       |  5 +++--
 4 files changed, 17 insertions(+), 12 deletions(-)

diff --git a/views/pages/groups.go b/views/pages/groups.go
index dbe4260..7554467 100644
--- a/views/pages/groups.go
+++ b/views/pages/groups.go
@@ -4,6 +4,7 @@ import (
 	"fmt"
 	"net/http"
 	"strconv"
+	"strings"
 
 	"github.com/ordinary-dev/phoenix/database"
 )
@@ -11,7 +12,7 @@ import (
 func CreateGroup(w http.ResponseWriter, r *http.Request) {
 	// Save new group to the database.
 	group := database.Group{
-		Name: r.FormValue("groupName"),
+		Name: strings.TrimSpace(r.FormValue("groupName")),
 	}
 
 	if err := database.CreateGroup(&group); err != nil {
@@ -30,7 +31,8 @@ func UpdateGroup(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	if err := database.UpdateGroup(int(id), r.FormValue("groupName")); err != nil {
+	newName := strings.TrimSpace(r.FormValue("groupName"))
+	if err := database.UpdateGroup(int(id), newName); err != nil {
 		ShowError(w, http.StatusInternalServerError, err)
 		return
 	}
diff --git a/views/pages/links.go b/views/pages/links.go
index 0a5f9c6..692f7f7 100644
--- a/views/pages/links.go
+++ b/views/pages/links.go
@@ -4,6 +4,7 @@ import (
 	"fmt"
 	"net/http"
 	"strconv"
+	"strings"
 
 	"github.com/ordinary-dev/phoenix/database"
 )
@@ -16,11 +17,11 @@ func CreateLink(w http.ResponseWriter, r *http.Request) {
 	}
 
 	link := database.Link{
-		Name:    r.FormValue("linkName"),
-		Href:    r.FormValue("href"),
+		Name:    strings.TrimSpace(r.FormValue("linkName")),
+		Href:    strings.TrimSpace(r.FormValue("href")),
 		GroupID: groupID,
 	}
-	icon := r.FormValue("icon")
+	icon := strings.TrimSpace(r.FormValue("icon"))
 	if icon == "" {
 		link.Icon = nil
 	} else {
@@ -48,9 +49,9 @@ func UpdateLink(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	link.Name = r.FormValue("linkName")
-	link.Href = r.FormValue("href")
-	icon := r.FormValue("icon")
+	link.Name = strings.TrimSpace(r.FormValue("linkName"))
+	link.Href = strings.TrimSpace(r.FormValue("href"))
+	icon := strings.TrimSpace(r.FormValue("icon"))
 	if icon == "" {
 		link.Icon = nil
 	} else {
diff --git a/views/pages/registration.go b/views/pages/registration.go
index 2182aea..8733a9d 100644
--- a/views/pages/registration.go
+++ b/views/pages/registration.go
@@ -3,6 +3,7 @@ package pages
 import (
 	"errors"
 	"net/http"
+	"strings"
 
 	"github.com/ordinary-dev/phoenix/database"
 	"github.com/ordinary-dev/phoenix/jwttoken"
@@ -41,8 +42,8 @@ func CreateUser(w http.ResponseWriter, r *http.Request) {
 	}
 
 	// Try to create a user.
-	username := r.FormValue("username")
-	password := r.FormValue("password")
+	username := strings.TrimSpace(r.FormValue("username"))
+	password := strings.TrimSpace(r.FormValue("password"))
 	_, err = database.CreateAdmin(username, password)
 	if err != nil {
 		ShowError(w, http.StatusInternalServerError, err)
diff --git a/views/pages/signin.go b/views/pages/signin.go
index c848bf7..b02484e 100644
--- a/views/pages/signin.go
+++ b/views/pages/signin.go
@@ -2,6 +2,7 @@ package pages
 
 import (
 	"net/http"
+	"strings"
 
 	log "github.com/sirupsen/logrus"
 
@@ -23,8 +24,8 @@ func ShowSignInForm(w http.ResponseWriter, _ *http.Request) {
 
 func AuthorizeUser(w http.ResponseWriter, r *http.Request) {
 	// Check credentials.
-	username := r.FormValue("username")
-	password := r.FormValue("password")
+	username := strings.TrimSpace(r.FormValue("username"))
+	password := strings.TrimSpace(r.FormValue("password"))
 	_, err := database.GetAdminIfPasswordMatches(username, password)
 	if err != nil {
 		ShowError(w, http.StatusUnauthorized, err)

From 9a9a1af63e405f52769ad92db11ee002cc1ef76b Mon Sep 17 00:00:00 2001
From: Ivan Reshetnikov <ordinarydev@protonmail.com>
Date: Mon, 1 Apr 2024 22:38:23 +0500
Subject: [PATCH 19/24] feat: tile mode (#39)

Experimental mode for displaying links as tiles.
For consistency, I made the globe the default icon.
---
 assets/css/{index.css => index-common.css} | 44 ++++++++++++----------
 assets/css/index-list.css                  | 12 ++++++
 assets/css/index-tiles.css                 | 37 ++++++++++++++++++
 templates/index.html.tmpl                  | 40 +++++++++++++++-----
 views/pages/index.go                       | 27 ++++++++++++-
 5 files changed, 130 insertions(+), 30 deletions(-)
 rename assets/css/{index.css => index-common.css} (68%)
 create mode 100644 assets/css/index-list.css
 create mode 100644 assets/css/index-tiles.css

diff --git a/assets/css/index.css b/assets/css/index-common.css
similarity index 68%
rename from assets/css/index.css
rename to assets/css/index-common.css
index ac84f39..e1283d9 100644
--- a/assets/css/index.css
+++ b/assets/css/index-common.css
@@ -9,8 +9,29 @@
     margin-top: 3em;
 }
 
-.group {
-    width: 100%;
+@media screen and (min-width: 600px) {
+    .page {
+        padding: 2em 10em
+    }
+    .row {
+        gap: 4em;
+    }
+}
+
+.controls {
+    display: flex;
+    flex-wrap: wrap;
+    gap: 1em;
+}
+
+.controls a {
+    display: flex;
+    gap: 8px;
+    align-items: center;
+}
+
+.controls a img {
+    filter: invert(100%);
 }
 
 h2 {
@@ -18,23 +39,6 @@ h2 {
     margin-bottom: 6px;
 }
 
-div > a {
-    display: flex;
-    padding-top: 6px;
-    padding-bottom: 6px;
-    align-items: center;
-    gap: 8px;
-}
-
-div > a > img {
+img {
     filter: invert(100%);
 }
-
-@media screen and (min-width: 600px) {
-    .page {
-        padding: 2em 10em
-    }
-    .group {
-        max-width: 230px;
-    }
-}
diff --git a/assets/css/index-list.css b/assets/css/index-list.css
new file mode 100644
index 0000000..92da401
--- /dev/null
+++ b/assets/css/index-list.css
@@ -0,0 +1,12 @@
+.group {
+    width: 100%;
+    max-width: max-content;
+}
+
+.links > a {
+    display: flex;
+    padding-top: 6px;
+    padding-bottom: 6px;
+    align-items: center;
+    gap: 8px;
+}
diff --git a/assets/css/index-tiles.css b/assets/css/index-tiles.css
new file mode 100644
index 0000000..9a88226
--- /dev/null
+++ b/assets/css/index-tiles.css
@@ -0,0 +1,37 @@
+.group {
+    width: 100%;
+    max-width: max-content;
+}
+
+.links {
+    width: 100%;
+    display: flex;
+    flex-wrap: wrap;
+    gap: 5px;
+}
+
+.links > a {
+    display: flex;
+    flex-direction: column;
+    justify-content: center;
+    width: 130px;
+    height: 130px;
+    padding-top: 6px;
+    padding-bottom: 6px;
+    align-items: center;
+    gap: 8px;
+    border: 2px solid #444;
+    border-radius: 5px;
+    text-align: center;
+}
+
+.links > a:hover {
+    border-color: #812abd;
+    text-decoration: none;
+}
+
+.links img {
+    flex-grow: 1;
+    width: 30px;
+    height: 30px;
+}
diff --git a/templates/index.html.tmpl b/templates/index.html.tmpl
index f3bf377..403d109 100644
--- a/templates/index.html.tmpl
+++ b/templates/index.html.tmpl
@@ -2,32 +2,54 @@
 <html lang="en">
     <head>
         {{template "head" .}}
-        <link rel="stylesheet" href="assets/css/index.css" />
+        <link rel="stylesheet" href="/assets/css/index-common.css" />
+        <link rel="stylesheet" href="/assets/css/index-{{ .style }}.css" />
     </head>
     <body>
         <div class="page">
             <h1>{{ .title }}</h1>
-            {{if not .groups}}
-            <p>
-                You don't have any links.
-                Go to <a href="/settings" style="text-decoration: underline">settings</a> and create one.
-            </p>
-            {{else}}
-            <a href="/settings">Settings</a>
-            {{end}}
+
+            <div class="controls">
+                {{if not .groups}}
+                <p>
+                    You don't have any links.
+                    Go to <a href="/settings" style="text-decoration: underline">settings</a> and create one.
+                </p>
+                {{else}}
+                <a href="/settings">
+                    <img src="/assets/icons/solid/gear.svg" width="20" height="20" /> Settings
+                </a>
+                {{end}}
+                
+                {{ if ne .style "list" }}
+                <a href="/?style=list">
+                    <img src="/assets/icons/solid/list.svg" width="20" height="20" /> List
+                </a>
+                {{ end }}
+
+                {{ if ne .style "tiles" }}
+                <a href="/?style=tiles">
+                    <img src="/assets/icons/solid/table-cells-large.svg" width="20" height="20" /> Tiles
+                </a>
+                {{ end }}
+            </div>
             
             <div class="row">
                 {{range .groups}}
                 <div class="group">
                     <h2>{{.Name}}</h2>
+                    <div class="links">
                     {{range .Links}}
                         <a href="{{.Href}}" target="_blank" rel="noreferrer">
                             {{ if .Icon }}
                                 <img src="/assets/icons/{{.Icon}}.svg" width="20" height="20" />
+                            {{ else }}
+                                <img src="/assets/icons/solid/globe.svg" width="20" height="20" />
                             {{ end }}
                             {{.Name}}
                         </a>
                     {{end}}
+                    </div>
                 </div>
                 {{end}}
             </div>
diff --git a/views/pages/index.go b/views/pages/index.go
index 29ff2f0..25320eb 100644
--- a/views/pages/index.go
+++ b/views/pages/index.go
@@ -2,21 +2,46 @@ package pages
 
 import (
 	"net/http"
+	"time"
 
 	"github.com/ordinary-dev/phoenix/database"
 	log "github.com/sirupsen/logrus"
 )
 
-func ShowMainPage(w http.ResponseWriter, _ *http.Request) {
+func ShowMainPage(w http.ResponseWriter, r *http.Request) {
 	groups, err := database.GetGroupsWithLinks()
 	if err != nil {
 		ShowError(w, http.StatusInternalServerError, err)
 		return
 	}
 
+	// Get desired style.
+	style := r.FormValue("style")
+
+	if style == "tiles" || style == "list" {
+		// If a valid style is specified in the url -
+		// save the value in a cookie.
+		http.SetCookie(w, &http.Cookie{
+			Name:    "phoenix-style",
+			Value:   style,
+			Expires: time.Now().Add(time.Hour * 24 * 30 * 12 * 10),
+		})
+	} else {
+		// The style is not specified or has an incorrect type, check the cookies.
+		styleCookie, err := r.Cookie("phoenix-style")
+		if err == nil {
+			style = styleCookie.Value
+		}
+	}
+
+	if style != "tiles" && style != "list" {
+		style = "list"
+	}
+
 	err = Render("index.html.tmpl", w, map[string]any{
 		"description": "Self-hosted start page.",
 		"groups":      groups,
+		"style":       style,
 	})
 	if err != nil {
 		log.Error(err)

From 6396c160f237122a0daeedde53d355abb2bc3af5 Mon Sep 17 00:00:00 2001
From: Ivan Reshetnikov <ordinarydev@protonmail.com>
Date: Mon, 1 Apr 2024 23:35:46 +0500
Subject: [PATCH 20/24] feat: export and import

The list of links can now be exported to a json file,
and later imported back.
---
 assets/css/base.css          | 11 +++++++++--
 assets/css/import.css        | 31 +++++++++++++++++++++++++++++
 assets/css/settings.css      | 15 ++++++++++++++
 database/groups.go           |  6 +++---
 database/links.go            | 10 +++++-----
 templates/import.html.tmpl   | 27 +++++++++++++++++++++++++
 templates/settings.html.tmpl | 13 +++++++++++-
 views/pages/export.go        | 29 +++++++++++++++++++++++++++
 views/pages/import.go        | 38 ++++++++++++++++++++++++++++++++++++
 views/routes.go              |  5 +++++
 10 files changed, 174 insertions(+), 11 deletions(-)
 create mode 100644 assets/css/import.css
 create mode 100644 templates/import.html.tmpl
 create mode 100644 views/pages/export.go
 create mode 100644 views/pages/import.go

diff --git a/assets/css/base.css b/assets/css/base.css
index 30d263d..826c2aa 100644
--- a/assets/css/base.css
+++ b/assets/css/base.css
@@ -19,7 +19,8 @@ body {
 }
 
 input,
-button {
+button,
+textarea {
     font-size: inherit;
     font-family: inherit;
     padding: 8px 10px;
@@ -35,11 +36,17 @@ button {
     cursor: pointer;
 }
 
+textarea {
+    resize: vertical;
+}
+
 input:focus,
 input:hover,
 button:active,
 button:hover,
-button:focus {
+button:focus,
+textarea:focus,
+textarea:hover {
     border-color: #812abd;
 }
 
diff --git a/assets/css/import.css b/assets/css/import.css
new file mode 100644
index 0000000..d635e23
--- /dev/null
+++ b/assets/css/import.css
@@ -0,0 +1,31 @@
+body {
+    padding: 2em 1em;
+}
+
+@media screen and (min-width: 800px) {
+    body {
+        padding: 2em 10em;
+    }
+}
+
+p {
+    max-width: 400px;
+    margin-top: 2em;
+}
+
+form {
+    width: 100%;
+    max-width: 400px;
+    margin-top: 2em;
+}
+
+form textarea {
+    width: 100%;
+    margin-top: 10px;
+    margin-bottom: 10px;
+    min-height: 100px;
+}
+
+form button {
+    width: 100%;
+}
diff --git a/assets/css/settings.css b/assets/css/settings.css
index 9020098..3c833d4 100644
--- a/assets/css/settings.css
+++ b/assets/css/settings.css
@@ -2,6 +2,21 @@ body {
     padding: 2em 1em;
 }
 
+.actions {
+    display: flex;
+    gap: 2em;
+}
+
+.actions a {
+    display: flex;
+    align-items: center;
+    gap: 8px;
+}
+
+.actions a img {
+    filter: invert(100%);
+}
+
 .row {
     display: flex;
     gap: 10px;
diff --git a/database/groups.go b/database/groups.go
index 3f744ea..ccb2e2e 100644
--- a/database/groups.go
+++ b/database/groups.go
@@ -1,9 +1,9 @@
 package database
 
 type Group struct {
-	ID    int
-	Name  string
-	Links []Link
+	ID    int    `json:"id"`
+	Name  string `json:"name"`
+	Links []Link `json:"links"`
 }
 
 func GetGroupsWithLinks() ([]Group, error) {
diff --git a/database/links.go b/database/links.go
index aed805c..5b898dd 100644
--- a/database/links.go
+++ b/database/links.go
@@ -1,11 +1,11 @@
 package database
 
 type Link struct {
-	ID      int
-	Name    string
-	Href    string
-	GroupID int
-	Icon    *string
+	ID      int     `json:"id"`
+	Name    string  `json:"name"`
+	Href    string  `json:"href"`
+	GroupID int     `json:"-"`
+	Icon    *string `json:"icon,omitempty"`
 }
 
 func GetLinksFromGroup(groupID int) ([]Link, error) {
diff --git a/templates/import.html.tmpl b/templates/import.html.tmpl
new file mode 100644
index 0000000..8d0eadd
--- /dev/null
+++ b/templates/import.html.tmpl
@@ -0,0 +1,27 @@
+<!DOCTYPE html>
+<html lang="en">
+    <head>
+        {{template "head" .}}
+        <link rel="stylesheet" href="assets/css/import.css" />
+    </head>
+    <body>
+        <h1>Import</h1>
+
+        <a href="/settings">Settings</a>
+
+        <p>
+            Importing does not erase existing links, but may create duplicates.
+        </p>
+
+        <form action="/import" method="POST">
+            <label for="exportFile">JSON data</label>
+            <textarea
+                id="exportFile"
+                name="exportFile"
+                placeholder="{ groups: [] }"
+                required
+            ></textarea>
+            <button type="submit">Submit</button>
+        </form>
+    </body>
+</html>
diff --git a/templates/settings.html.tmpl b/templates/settings.html.tmpl
index b096583..4fcedf9 100644
--- a/templates/settings.html.tmpl
+++ b/templates/settings.html.tmpl
@@ -6,7 +6,18 @@
     </head>
     <body>
         <h1>Settings</h1>
-        <a href="/">Main page</a>
+
+        <div class="actions">
+            <a href="/">
+                <img src="/assets/icons/solid/house.svg" width="20" height="20" /> Main page
+            </a>
+            <a href="/export">
+                <img src="/assets/icons/solid/file-export.svg" width="20" height="20" /> Export links
+            </a>
+            <a href="/import">
+                <img src="/assets/icons/solid/file-import.svg" width="20" height="20" /> Import links
+            </a>
+        </div>
 
         {{range .groups}}
         <h2 id="group-{{.ID}}">Group "{{.Name}}"</h2>
diff --git a/views/pages/export.go b/views/pages/export.go
new file mode 100644
index 0000000..e199917
--- /dev/null
+++ b/views/pages/export.go
@@ -0,0 +1,29 @@
+package pages
+
+import (
+	"encoding/json"
+	"net/http"
+
+	"github.com/ordinary-dev/phoenix/database"
+)
+
+type ExportFile struct {
+	Groups []database.Group `json:"groups"`
+}
+
+func Export(w http.ResponseWriter, _ *http.Request) {
+	groups, err := database.GetGroupsWithLinks()
+	if err != nil {
+		ShowError(w, http.StatusInternalServerError, err)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	w.Header().Set("Content-Disposition", "attachment; filename=phoenix.json")
+	w.WriteHeader(http.StatusOK)
+
+	enc := json.NewEncoder(w)
+	enc.Encode(&ExportFile{
+		Groups: groups,
+	})
+}
diff --git a/views/pages/import.go b/views/pages/import.go
new file mode 100644
index 0000000..8d19367
--- /dev/null
+++ b/views/pages/import.go
@@ -0,0 +1,38 @@
+package pages
+
+import (
+	"encoding/json"
+	"net/http"
+
+	"github.com/ordinary-dev/phoenix/database"
+)
+
+func ImportPage(w http.ResponseWriter, _ *http.Request) {
+	Render("import.html.tmpl", w, map[string]any{})
+}
+
+func Import(w http.ResponseWriter, r *http.Request) {
+	var exportFile ExportFile
+	data := []byte(r.FormValue("exportFile"))
+	if err := json.Unmarshal(data, &exportFile); err != nil {
+		ShowError(w, http.StatusBadRequest, err)
+		return
+	}
+
+	for _, g := range exportFile.Groups {
+		if err := database.CreateGroup(&g); err != nil {
+			ShowError(w, http.StatusInternalServerError, err)
+			return
+		}
+
+		for _, l := range g.Links {
+			l.GroupID = g.ID
+			if err := database.CreateLink(&l); err != nil {
+				ShowError(w, http.StatusInternalServerError, err)
+				return
+			}
+		}
+	}
+
+	http.Redirect(w, r, "/", http.StatusFound)
+}
diff --git a/views/routes.go b/views/routes.go
index 768ab53..e51a882 100644
--- a/views/routes.go
+++ b/views/routes.go
@@ -53,6 +53,11 @@ func GetHttpServer() (*http.Server, error) {
 	// Delete link.
 	protectedMux.HandleFunc("POST /links/{id}/delete", pages.DeleteLink)
 
+	// Import-export
+	protectedMux.HandleFunc("GET /export", pages.Export)
+	protectedMux.HandleFunc("GET /import", pages.ImportPage)
+	protectedMux.HandleFunc("POST /import", pages.Import)
+
 	return &http.Server{
 		Addr: ":8080",
 		Handler: middleware.LoggingMiddleware(

From 5aa439614851e69739552bcfc75bef9f81202e12 Mon Sep 17 00:00:00 2001
From: Ivan Reshetnikov <ordinarydev@protonmail.com>
Date: Mon, 1 Apr 2024 23:49:41 +0500
Subject: [PATCH 21/24] docs: update feature list

---
 readme.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/readme.md b/readme.md
index 273e43a..d5f12ba 100644
--- a/readme.md
+++ b/readme.md
@@ -11,6 +11,8 @@ Self-hosted start page without the extra stuff.
 - Authorization support
   - SSO via Trusted Header Auth (_Reverse Proxy_)
 - Font Awesome integration
+- Multiple styles
+- Export and import
 
 ## Configuration
 Service settings can be set through environment variables.

From c8f8a7feb415f2b7d3f23cc76d62f2be4055ec24 Mon Sep 17 00:00:00 2001
From: Ivan Reshetnikov <ordinarydev@protonmail.com>
Date: Mon, 1 Apr 2024 23:55:43 +0500
Subject: [PATCH 22/24] chore: log rendering errors

---
 views/pages/index.go     | 6 +-----
 views/pages/signin.go    | 7 +------
 views/pages/templates.go | 7 +++++--
 3 files changed, 7 insertions(+), 13 deletions(-)

diff --git a/views/pages/index.go b/views/pages/index.go
index 25320eb..356e1ed 100644
--- a/views/pages/index.go
+++ b/views/pages/index.go
@@ -5,7 +5,6 @@ import (
 	"time"
 
 	"github.com/ordinary-dev/phoenix/database"
-	log "github.com/sirupsen/logrus"
 )
 
 func ShowMainPage(w http.ResponseWriter, r *http.Request) {
@@ -38,12 +37,9 @@ func ShowMainPage(w http.ResponseWriter, r *http.Request) {
 		style = "list"
 	}
 
-	err = Render("index.html.tmpl", w, map[string]any{
+	Render("index.html.tmpl", w, map[string]any{
 		"description": "Self-hosted start page.",
 		"groups":      groups,
 		"style":       style,
 	})
-	if err != nil {
-		log.Error(err)
-	}
 }
diff --git a/views/pages/signin.go b/views/pages/signin.go
index b02484e..f7cc4e0 100644
--- a/views/pages/signin.go
+++ b/views/pages/signin.go
@@ -4,22 +4,17 @@ import (
 	"net/http"
 	"strings"
 
-	log "github.com/sirupsen/logrus"
-
 	"github.com/ordinary-dev/phoenix/database"
 	"github.com/ordinary-dev/phoenix/jwttoken"
 )
 
 func ShowSignInForm(w http.ResponseWriter, _ *http.Request) {
-	err := Render("auth.html.tmpl", w, map[string]any{
+	Render("auth.html.tmpl", w, map[string]any{
 		"title":       "Sign in",
 		"description": "Authorization is required to view this page.",
 		"button":      "Sign in",
 		"formAction":  "/signin",
 	})
-	if err != nil {
-		log.Error(err)
-	}
 }
 
 func AuthorizeUser(w http.ResponseWriter, r *http.Request) {
diff --git a/views/pages/templates.go b/views/pages/templates.go
index 575b3e1..9a05c72 100644
--- a/views/pages/templates.go
+++ b/views/pages/templates.go
@@ -59,12 +59,15 @@ func LoadTemplates() error {
 	return nil
 }
 
-func Render(template string, wr io.Writer, data map[string]any) error {
+func Render(template string, wr io.Writer, data map[string]any) {
 	data["fontFamily"] = config.Cfg.FontFamily
 
 	if _, ok := data["title"]; !ok {
 		data["title"] = config.Cfg.Title
 	}
 
-	return templates[template].Execute(wr, data)
+	err := templates[template].Execute(wr, data)
+	if err != nil {
+		log.WithField("template", template).Error(err)
+	}
 }

From 4104b04f17bc6b110e9d0062c17f8a39a8fc0a3a Mon Sep 17 00:00:00 2001
From: Ivan <ordinarydev@protonmail.com>
Date: Tue, 2 Apr 2024 18:51:43 +0500
Subject: [PATCH 23/24] chore(docker): return to alpine, add dockerignore

Alpine builds are working again.
Apparently, we removed the dependency on the non-working library.
---
 .dockerignore | 5 +++++
 Dockerfile    | 7 +++----
 2 files changed, 8 insertions(+), 4 deletions(-)
 create mode 100644 .dockerignore

diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 0000000..7984597
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,5 @@
+*~
+*.db
+*.bak
+*.sqlite3
+**/.DS_Store
diff --git a/Dockerfile b/Dockerfile
index e245d9c..1e24efe 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,6 +1,6 @@
-FROM golang:1.22 AS builder
+FROM golang:1.22-alpine AS builder
 
-RUN apt install -y --no-install-recommends gcc
+RUN apk add --no-cache gcc libc-dev
 
 WORKDIR /app
 
@@ -11,7 +11,7 @@ ADD . .
 
 RUN go build -o main
 
-FROM debian:bookworm-slim
+FROM alpine:3.19
 
 WORKDIR /app
 COPY --from=builder /app/main /usr/local/bin/phoenix
@@ -20,7 +20,6 @@ COPY templates ./templates
 
 RUN mkdir /var/lib/phoenix
 ENV P_DBPATH="/var/lib/phoenix/db.sqlite3"
-ENV P_PRODUCTION="true"
 
 EXPOSE 8080
 

From 07590d3891e294b62902953bc1c237122bed110d Mon Sep 17 00:00:00 2001
From: Ivan <ordinarydev@protonmail.com>
Date: Tue, 2 Apr 2024 18:53:31 +0500
Subject: [PATCH 24/24] fix(main-page): improve message style

---
 templates/index.html.tmpl | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/templates/index.html.tmpl b/templates/index.html.tmpl
index 403d109..87728b0 100644
--- a/templates/index.html.tmpl
+++ b/templates/index.html.tmpl
@@ -8,18 +8,18 @@
     <body>
         <div class="page">
             <h1>{{ .title }}</h1>
+                
+            {{ if not .groups }}
+            <p>
+                You don't have any links.<br />
+                Go to settings and create one.
+            </p>
+            {{ end }}
 
             <div class="controls">
-                {{if not .groups}}
-                <p>
-                    You don't have any links.
-                    Go to <a href="/settings" style="text-decoration: underline">settings</a> and create one.
-                </p>
-                {{else}}
                 <a href="/settings">
                     <img src="/assets/icons/solid/gear.svg" width="20" height="20" /> Settings
                 </a>
-                {{end}}
                 
                 {{ if ne .style "list" }}
                 <a href="/?style=list">