Implement JWT authentication and app passkey support

- Add JWT token generation and validation - Implement bcrypt password hashing - Create auth service with register/login/refresh/logout - Add app passkey generation and management - Implement protected routes and auth middleware - Add comprehensive tests for new functionality
2026-04-29 11:50:09 +08:00
parent 901a769ee7
commit 3eeb9f6d26
24 changed files with 2063 additions and 36 deletions
--- a/internal/server/routes_protected.go
+++ b/internal/server/routes_protected.go
@@ -4,9 +4,25 @@ import (
 	"github.com/gin-gonic/gin"

 	"github.com/dhao2001/mygo/internal/app"
+	"github.com/dhao2001/mygo/internal/handler"
+	"github.com/dhao2001/mygo/internal/middleware"
 )

-func setupProtectedRoutes(rg *gin.RouterGroup, _ *app.WebApp) {
-	_ = rg
-	// Protected routes will be registered after auth middleware is implemented.
+func setupProtectedRoutes(rg *gin.RouterGroup, webApp *app.WebApp) {
+	jwtSecret := []byte(webApp.Config.JWT.Secret)
+	authHandler := handler.NewAuthHandler(webApp.AuthService)
+
+	rg.Use(middleware.AuthRequired(jwtSecret))
+
+	account := rg.Group("/account")
+	{
+		account.GET("", authHandler.GetAccount)
+
+		passkeys := account.Group("/passkeys")
+		{
+			passkeys.GET("", authHandler.ListPasskeys)
+			passkeys.POST("", authHandler.CreatePasskey)
+			passkeys.DELETE("/:id", authHandler.RevokePasskey)
+		}
+	}
 }
--- a/internal/server/routes_public.go
+++ b/internal/server/routes_public.go
@@ -10,4 +10,13 @@ import (
 func setupPublicRoutes(rg *gin.RouterGroup, webApp *app.WebApp) {
 	versionHandler := handler.NewVersionHandler(webApp.Version)
 	rg.GET("/version", versionHandler.Get)
+
+	authHandler := handler.NewAuthHandler(webApp.AuthService)
+	auth := rg.Group("/auth")
+	{
+		auth.POST("/register", authHandler.Register)
+		auth.POST("/login", authHandler.Login)
+		auth.POST("/refresh", authHandler.Refresh)
+		auth.POST("/logout", authHandler.Logout)
+	}
 }
--- a/internal/server/server_test.go
+++ b/internal/server/server_test.go
@@ -5,13 +5,23 @@ import (
 	"net/http"
 	"net/http/httptest"
 	"testing"
+	"time"

 	"github.com/dhao2001/mygo/internal/app"
 	"github.com/dhao2001/mygo/internal/config"
+	"github.com/dhao2001/mygo/internal/service"
 )

 func TestVersionRoute(t *testing.T) {
-	webApp := app.NewWebApp(&config.Config{}, nil, nil, nil, nil)
+	cfg := &config.Config{
+		JWT: config.JWTConfig{
+			Secret:     "test-secret",
+			AccessTTL:  "15m",
+			RefreshTTL: "168h",
+		},
+	}
+	authService := service.NewAuthService(nil, nil, nil, nil, 15*time.Minute, 7*24*time.Hour)
+	webApp := app.NewWebApp(cfg, nil, nil, nil, nil, nil, authService)
 	router := NewRouter(webApp)

 	req := httptest.NewRequest(http.MethodGet, "/api/v1/version", nil)