package handler import ( "log/slog" "net/http" "time" "github.com/gin-gonic/gin" "github.com/dhao2001/mygo/internal/api" "github.com/dhao2001/mygo/internal/middleware" "github.com/dhao2001/mygo/internal/model" "github.com/dhao2001/mygo/internal/service" ) // AccountHandler handles authenticated account endpoints. type AccountHandler struct { authService *service.AuthService } // NewAccountHandler creates an AccountHandler. func NewAccountHandler(authService *service.AuthService) *AccountHandler { return &AccountHandler{authService: authService} } type createPasskeyRequest struct { Label string `json:"label" binding:"required"` } type accountResponse struct { UserID string `json:"user_id"` } type passkeyResponse struct { ID string `json:"id"` UserID string `json:"user_id"` Type string `json:"type"` Label string `json:"label"` LastUsedAt *time.Time `json:"last_used_at"` CreatedAt time.Time `json:"created_at"` } type createdPasskeyResponse struct { ID string `json:"id"` Raw string `json:"raw"` Label string `json:"label"` } // GetAccount handles GET /api/v1/account. func (h *AccountHandler) GetAccount(c *gin.Context) { userID := middleware.MustGetUserID(c) c.JSON(http.StatusOK, accountResponse{UserID: userID}) } // ListPasskeys handles GET /api/v1/account/passkeys. func (h *AccountHandler) ListPasskeys(c *gin.Context) { userID := middleware.MustGetUserID(c) creds, err := h.authService.ListPasskeys(c.Request.Context(), userID) if err != nil { api.RespondError(c, err) return } if creds == nil { creds = []model.Credential{} } c.JSON(http.StatusOK, toPasskeyResponses(creds)) } // CreatePasskey handles POST /api/v1/account/passkeys. func (h *AccountHandler) CreatePasskey(c *gin.Context) { userID := middleware.MustGetUserID(c) var req createPasskeyRequest if err := c.ShouldBindJSON(&req); err != nil { slog.DebugContext(c.Request.Context(), "create passkey bind failed", "error", err) api.Error(c, http.StatusBadRequest, "invalid request body") return } pk, err := h.authService.CreatePasskey(c.Request.Context(), userID, req.Label) if err != nil { api.RespondError(c, err) return } c.JSON(http.StatusCreated, createdPasskeyResponse{ ID: pk.ID, Raw: pk.Raw, Label: pk.Label, }) } // RevokePasskey handles DELETE /api/v1/account/passkeys/:id. func (h *AccountHandler) RevokePasskey(c *gin.Context) { userID := middleware.MustGetUserID(c) passkeyID := c.Param("id") if passkeyID == "" { api.Error(c, http.StatusBadRequest, "missing passkey id") return } if err := h.authService.RevokePasskey(c.Request.Context(), userID, passkeyID); err != nil { api.RespondError(c, err) return } c.Status(http.StatusOK) } func toPasskeyResponses(creds []model.Credential) []passkeyResponse { items := make([]passkeyResponse, 0, len(creds)) for i := range creds { items = append(items, passkeyResponse{ ID: creds[i].ID, UserID: creds[i].UserID, Type: creds[i].Type, Label: creds[i].Label, LastUsedAt: creds[i].LastUsedAt, CreatedAt: creds[i].CreatedAt, }) } return items }