Refactor handlers to use MustGetUserID

- Fix: replace repeated authorization checks in handlers with the new
  MustGetUserID helper, which panics if the user ID is missing. This
  simplifies handler code by eliminating redundant error handling.
- Tests: update auth tests to verify the panic behavior in unprotected
  routes.
This commit is contained in:
2026-06-24 14:43:38 +08:00
parent a289130dcd
commit be4fcad605
4 changed files with 64 additions and 28 deletions
+4 -21
View File
@@ -27,22 +27,13 @@ type createPasskeyRequest struct {
// GetAccount handles GET /api/v1/account.
func (h *AccountHandler) GetAccount(c *gin.Context) {
userID := middleware.GetUserID(c)
if userID == "" {
api.Error(c, http.StatusUnauthorized, "unauthorized")
return
}
userID := middleware.MustGetUserID(c)
c.JSON(http.StatusOK, gin.H{"user_id": userID})
}
// ListPasskeys handles GET /api/v1/account/passkeys.
func (h *AccountHandler) ListPasskeys(c *gin.Context) {
userID := middleware.GetUserID(c)
if userID == "" {
api.Error(c, http.StatusUnauthorized, "unauthorized")
return
}
userID := middleware.MustGetUserID(c)
creds, err := h.authService.ListPasskeys(c.Request.Context(), userID)
if err != nil {
@@ -59,11 +50,7 @@ func (h *AccountHandler) ListPasskeys(c *gin.Context) {
// CreatePasskey handles POST /api/v1/account/passkeys.
func (h *AccountHandler) CreatePasskey(c *gin.Context) {
userID := middleware.GetUserID(c)
if userID == "" {
api.Error(c, http.StatusUnauthorized, "unauthorized")
return
}
userID := middleware.MustGetUserID(c)
var req createPasskeyRequest
if err := c.ShouldBindJSON(&req); err != nil {
@@ -82,11 +69,7 @@ func (h *AccountHandler) CreatePasskey(c *gin.Context) {
// RevokePasskey handles DELETE /api/v1/account/passkeys/:id.
func (h *AccountHandler) RevokePasskey(c *gin.Context) {
userID := middleware.GetUserID(c)
if userID == "" {
api.Error(c, http.StatusUnauthorized, "unauthorized")
return
}
userID := middleware.MustGetUserID(c)
passkeyID := c.Param("id")
if passkeyID == "" {
+6 -6
View File
@@ -40,7 +40,7 @@ type updateFileRequest struct {
// If the content type is multipart/form-data, it uploads a file.
// If the content type is application/json, it creates a directory.
func (h *FileHandler) Upload(c *gin.Context) {
userID := middleware.GetUserID(c)
userID := middleware.MustGetUserID(c)
contentType := c.GetHeader("Content-Type")
// Directory creation via JSON.
@@ -97,7 +97,7 @@ func (h *FileHandler) Upload(c *gin.Context) {
// List handles GET /api/v1/files.
func (h *FileHandler) List(c *gin.Context) {
userID := middleware.GetUserID(c)
userID := middleware.MustGetUserID(c)
parentIDStr := c.Query("parent_id")
var parentID *string
@@ -131,7 +131,7 @@ func (h *FileHandler) List(c *gin.Context) {
// Get handles GET /api/v1/files/:id.
func (h *FileHandler) Get(c *gin.Context) {
userID := middleware.GetUserID(c)
userID := middleware.MustGetUserID(c)
fileID := c.Param("id")
info, err := h.fileService.Get(c.Request.Context(), userID, fileID)
@@ -145,7 +145,7 @@ func (h *FileHandler) Get(c *gin.Context) {
// Download handles GET /api/v1/files/:id/content.
func (h *FileHandler) Download(c *gin.Context) {
userID := middleware.GetUserID(c)
userID := middleware.MustGetUserID(c)
fileID := c.Param("id")
reader, info, err := h.fileService.Download(c.Request.Context(), userID, fileID)
@@ -170,7 +170,7 @@ func (h *FileHandler) Download(c *gin.Context) {
// Update handles PUT /api/v1/files/:id.
func (h *FileHandler) Update(c *gin.Context) {
userID := middleware.GetUserID(c)
userID := middleware.MustGetUserID(c)
fileID := c.Param("id")
var req updateFileRequest
@@ -196,7 +196,7 @@ func (h *FileHandler) Update(c *gin.Context) {
// Delete handles DELETE /api/v1/files/:id.
func (h *FileHandler) Delete(c *gin.Context) {
userID := middleware.GetUserID(c)
userID := middleware.MustGetUserID(c)
fileID := c.Param("id")
if err := h.fileService.Delete(c.Request.Context(), userID, fileID); err != nil {