Files
mygo/internal/server/routes_protected.go
T
ld 63ede5c237 refactor(api): enforce protocol-neutral service boundaries
- refactor: move HTTP status and DTO concerns out of model and service
  layers into API and handler code.
- feat: add admin service boundary and route auth through services
  instead of direct repository access.
- test: add architecture and error tests covering package boundaries,
  redaction, and service behavior.
- docs: record the protocol-neutral boundary decision and update
  architecture and roadmap notes.
2026-07-05 23:30:17 +08:00

48 lines
1.3 KiB
Go

package server
import (
"github.com/gin-gonic/gin"
"github.com/dhao2001/mygo/internal/app"
"github.com/dhao2001/mygo/internal/handler"
"github.com/dhao2001/mygo/internal/middleware"
)
func setupProtectedRoutes(rg *gin.RouterGroup, webApp *app.WebApp) {
accountHandler := handler.NewAccountHandler(webApp.AuthService)
fileHandler := handler.NewFileHandler(webApp.FileService)
adminHandler := handler.NewAdminHandler(webApp.AdminService)
rg.Use(middleware.AuthRequired(webApp.AuthService))
account := rg.Group("/account")
{
account.GET("", accountHandler.GetAccount)
passkeys := account.Group("/passkeys")
{
passkeys.GET("", accountHandler.ListPasskeys)
passkeys.POST("", accountHandler.CreatePasskey)
passkeys.DELETE("/:id", accountHandler.RevokePasskey)
}
}
files := rg.Group("/files")
{
files.GET("", fileHandler.List)
files.POST("", fileHandler.Upload)
files.GET("/:id", fileHandler.Get)
files.GET("/:id/content", fileHandler.Download)
files.PUT("/:id", fileHandler.Update)
files.DELETE("/:id", fileHandler.Delete)
}
admin := rg.Group("/admin")
admin.Use(middleware.AdminRequired())
{
admin.GET("/users", adminHandler.ListUsers)
admin.GET("/users/:id", adminHandler.GetUser)
admin.DELETE("/users/:id", adminHandler.DeleteUser)
}
}