refactor(api): enforce protocol-neutral service boundaries

- refactor: move HTTP status and DTO concerns out of model and service
  layers into API and handler code.
- feat: add admin service boundary and route auth through services
  instead of direct repository access.
- test: add architecture and error tests covering package boundaries,
  redaction, and service behavior.
- docs: record the protocol-neutral boundary decision and update
  architecture and roadmap notes.
This commit is contained in:
2026-07-05 23:30:17 +08:00
parent 28e17a5b08
commit 63ede5c237
34 changed files with 1028 additions and 438 deletions
+4 -6
View File
@@ -10,8 +10,6 @@ import (
"github.com/gin-gonic/gin"
"github.com/dhao2001/mygo/internal/middleware"
"github.com/dhao2001/mygo/internal/model"
"github.com/dhao2001/mygo/internal/service"
)
func setupAccountRouter(t *testing.T) (*gin.Engine, []byte) {
@@ -31,7 +29,7 @@ func setupAccountRouter(t *testing.T) (*gin.Engine, []byte) {
}
protected := r.Group("/api/v1")
protected.Use(middleware.AuthRequired(secret))
protected.Use(middleware.AuthRequired(svc))
{
account := protected.Group("/account")
{
@@ -65,7 +63,7 @@ func TestAccountEndpoint(t *testing.T) {
rec = httptest.NewRecorder()
r.ServeHTTP(rec, req)
var pair service.TokenPair
var pair testTokenPairResponse
json.Unmarshal(rec.Body.Bytes(), &pair)
// Get /account
@@ -107,7 +105,7 @@ func TestPasskeyCRUD(t *testing.T) {
rec = httptest.NewRecorder()
r.ServeHTTP(rec, req)
var pair service.TokenPair
var pair testTokenPairResponse
json.Unmarshal(rec.Body.Bytes(), &pair)
authHeader := "Bearer " + pair.AccessToken
@@ -134,7 +132,7 @@ func TestPasskeyCRUD(t *testing.T) {
}
// Revoke passkey
var creds []model.Credential
var creds []passkeyResponse
json.Unmarshal(rec.Body.Bytes(), &creds)
if len(creds) != 1 {
t.Fatalf("expected 1 passkey, got %d", len(creds))