package handler import ( "log/slog" "net/http" "time" "github.com/gin-gonic/gin" "github.com/dhao2001/mygo/internal/api" "github.com/dhao2001/mygo/internal/model" "github.com/dhao2001/mygo/internal/service" ) // AuthHandler handles authentication endpoints. type AuthHandler struct { authService *service.AuthService } // NewAuthHandler creates an AuthHandler. func NewAuthHandler(authService *service.AuthService) *AuthHandler { return &AuthHandler{authService: authService} } type registerRequest struct { Username string `json:"username" binding:"required"` Email string `json:"email" binding:"required,email"` Password string `json:"password" binding:"required,min=6"` } type loginRequest struct { Email string `json:"email" binding:"required,email"` Password string `json:"password" binding:"required"` } type tokenRequest struct { RefreshToken string `json:"refresh_token" binding:"required"` } type userResponse struct { ID string `json:"id"` Username string `json:"username"` Email string `json:"email"` IsAdmin bool `json:"is_admin"` CreatedAt time.Time `json:"created_at"` UpdatedAt time.Time `json:"updated_at"` } type tokenPairResponse struct { AccessToken string `json:"access_token"` RefreshToken string `json:"refresh_token"` } // Register handles POST /api/v1/auth/register. func (h *AuthHandler) Register(c *gin.Context) { var req registerRequest if err := c.ShouldBindJSON(&req); err != nil { slog.DebugContext(c.Request.Context(), "register bind failed", "error", err) api.Error(c, http.StatusBadRequest, "invalid request body") return } user, err := h.authService.Register(c.Request.Context(), req.Username, req.Email, req.Password) if err != nil { api.RespondError(c, err) return } c.JSON(http.StatusCreated, toUserResponse(user)) } // Login handles POST /api/v1/auth/login. func (h *AuthHandler) Login(c *gin.Context) { var req loginRequest if err := c.ShouldBindJSON(&req); err != nil { slog.DebugContext(c.Request.Context(), "login bind failed", "error", err) api.Error(c, http.StatusBadRequest, "invalid request body") return } pair, err := h.authService.Login(c.Request.Context(), req.Email, req.Password) if err != nil { api.RespondError(c, err) return } c.JSON(http.StatusOK, toTokenPairResponse(pair)) } // Refresh handles POST /api/v1/auth/refresh. func (h *AuthHandler) Refresh(c *gin.Context) { var req tokenRequest if err := c.ShouldBindJSON(&req); err != nil { slog.DebugContext(c.Request.Context(), "refresh bind failed", "error", err) api.Error(c, http.StatusBadRequest, "invalid request body") return } pair, err := h.authService.Refresh(c.Request.Context(), req.RefreshToken) if err != nil { api.RespondError(c, err) return } c.JSON(http.StatusOK, toTokenPairResponse(pair)) } // Logout handles POST /api/v1/auth/logout. func (h *AuthHandler) Logout(c *gin.Context) { var req tokenRequest if err := c.ShouldBindJSON(&req); err != nil { slog.DebugContext(c.Request.Context(), "logout bind failed", "error", err) api.Error(c, http.StatusBadRequest, "invalid request body") return } if err := h.authService.Logout(c.Request.Context(), req.RefreshToken); err != nil { api.RespondError(c, err) return } c.Status(http.StatusOK) } func toUserResponse(user *model.User) userResponse { return userResponse{ ID: user.ID, Username: user.Username, Email: user.Email, IsAdmin: user.IsAdmin, CreatedAt: user.CreatedAt, UpdatedAt: user.UpdatedAt, } } func toTokenPairResponse(pair *service.TokenPair) tokenPairResponse { return tokenPairResponse{ AccessToken: pair.AccessToken, RefreshToken: pair.RefreshToken, } }