package handler import ( "net/http" "github.com/gin-gonic/gin" "github.com/dhao2001/mygo/internal/api" "github.com/dhao2001/mygo/internal/middleware" "github.com/dhao2001/mygo/internal/model" "github.com/dhao2001/mygo/internal/service" ) // AuthHandler handles authentication endpoints. type AuthHandler struct { authService *service.AuthService } // NewAuthHandler creates an AuthHandler. func NewAuthHandler(authService *service.AuthService) *AuthHandler { return &AuthHandler{authService: authService} } type registerRequest struct { Username string `json:"username" binding:"required"` Email string `json:"email" binding:"required,email"` Password string `json:"password" binding:"required,min=6"` } type loginRequest struct { Email string `json:"email" binding:"required,email"` Password string `json:"password" binding:"required"` } type tokenRequest struct { RefreshToken string `json:"refresh_token" binding:"required"` } // Register handles POST /api/v1/auth/register. func (h *AuthHandler) Register(c *gin.Context) { var req registerRequest if err := c.ShouldBindJSON(&req); err != nil { api.Error(c, http.StatusBadRequest, "invalid request: "+err.Error()) return } user, err := h.authService.Register(c.Request.Context(), req.Username, req.Email, req.Password) if err != nil { api.Error(c, http.StatusConflict, err.Error()) return } c.JSON(http.StatusCreated, user) } // Login handles POST /api/v1/auth/login. func (h *AuthHandler) Login(c *gin.Context) { var req loginRequest if err := c.ShouldBindJSON(&req); err != nil { api.Error(c, http.StatusBadRequest, "invalid request: "+err.Error()) return } pair, err := h.authService.Login(c.Request.Context(), req.Email, req.Password) if err != nil { api.Error(c, http.StatusUnauthorized, err.Error()) return } c.JSON(http.StatusOK, pair) } // Refresh handles POST /api/v1/auth/refresh. func (h *AuthHandler) Refresh(c *gin.Context) { var req tokenRequest if err := c.ShouldBindJSON(&req); err != nil { api.Error(c, http.StatusBadRequest, "invalid request: "+err.Error()) return } pair, err := h.authService.Refresh(c.Request.Context(), req.RefreshToken) if err != nil { api.Error(c, http.StatusUnauthorized, err.Error()) return } c.JSON(http.StatusOK, pair) } // Logout handles POST /api/v1/auth/logout. func (h *AuthHandler) Logout(c *gin.Context) { var req tokenRequest if err := c.ShouldBindJSON(&req); err != nil { api.Error(c, http.StatusBadRequest, "invalid request: "+err.Error()) return } if err := h.authService.Logout(c.Request.Context(), req.RefreshToken); err != nil { api.Error(c, http.StatusInternalServerError, err.Error()) return } c.Status(http.StatusOK) } // GetAccount handles GET /api/v1/account. func (h *AuthHandler) GetAccount(c *gin.Context) { userID := middleware.GetUserID(c) if userID == "" { api.Error(c, http.StatusUnauthorized, "unauthorized") return } c.JSON(http.StatusOK, gin.H{"user_id": userID}) } type createPasskeyRequest struct { Label string `json:"label" binding:"required"` } // ListPasskeys handles GET /api/v1/users/me/passkeys. func (h *AuthHandler) ListPasskeys(c *gin.Context) { userID := middleware.GetUserID(c) if userID == "" { api.Error(c, http.StatusUnauthorized, "unauthorized") return } creds, err := h.authService.ListPasskeys(c.Request.Context(), userID) if err != nil { api.Error(c, http.StatusInternalServerError, err.Error()) return } if creds == nil { creds = []model.Credential{} } c.JSON(http.StatusOK, creds) } // CreatePasskey handles POST /api/v1/users/me/passkeys. func (h *AuthHandler) CreatePasskey(c *gin.Context) { userID := middleware.GetUserID(c) if userID == "" { api.Error(c, http.StatusUnauthorized, "unauthorized") return } var req createPasskeyRequest if err := c.ShouldBindJSON(&req); err != nil { api.Error(c, http.StatusBadRequest, "invalid request: "+err.Error()) return } pk, err := h.authService.CreatePasskey(c.Request.Context(), userID, req.Label) if err != nil { api.Error(c, http.StatusInternalServerError, err.Error()) return } c.JSON(http.StatusCreated, pk) } // RevokePasskey handles DELETE /api/v1/users/me/passkeys/:id. func (h *AuthHandler) RevokePasskey(c *gin.Context) { userID := middleware.GetUserID(c) if userID == "" { api.Error(c, http.StatusUnauthorized, "unauthorized") return } passkeyID := c.Param("id") if passkeyID == "" { api.Error(c, http.StatusBadRequest, "missing passkey id") return } if err := h.authService.RevokePasskey(c.Request.Context(), userID, passkeyID); err != nil { if err == model.ErrForbidden { api.Error(c, http.StatusForbidden, err.Error()) return } api.Error(c, http.StatusInternalServerError, err.Error()) return } c.Status(http.StatusOK) }