63ede5c237
- refactor: move HTTP status and DTO concerns out of model and service layers into API and handler code. - feat: add admin service boundary and route auth through services instead of direct repository access. - test: add architecture and error tests covering package boundaries, redaction, and service behavior. - docs: record the protocol-neutral boundary decision and update architecture and roadmap notes.
48 lines
1.3 KiB
Go
48 lines
1.3 KiB
Go
package server
|
|
|
|
import (
|
|
"github.com/gin-gonic/gin"
|
|
|
|
"github.com/dhao2001/mygo/internal/app"
|
|
"github.com/dhao2001/mygo/internal/handler"
|
|
"github.com/dhao2001/mygo/internal/middleware"
|
|
)
|
|
|
|
func setupProtectedRoutes(rg *gin.RouterGroup, webApp *app.WebApp) {
|
|
accountHandler := handler.NewAccountHandler(webApp.AuthService)
|
|
fileHandler := handler.NewFileHandler(webApp.FileService)
|
|
adminHandler := handler.NewAdminHandler(webApp.AdminService)
|
|
|
|
rg.Use(middleware.AuthRequired(webApp.AuthService))
|
|
|
|
account := rg.Group("/account")
|
|
{
|
|
account.GET("", accountHandler.GetAccount)
|
|
|
|
passkeys := account.Group("/passkeys")
|
|
{
|
|
passkeys.GET("", accountHandler.ListPasskeys)
|
|
passkeys.POST("", accountHandler.CreatePasskey)
|
|
passkeys.DELETE("/:id", accountHandler.RevokePasskey)
|
|
}
|
|
}
|
|
|
|
files := rg.Group("/files")
|
|
{
|
|
files.GET("", fileHandler.List)
|
|
files.POST("", fileHandler.Upload)
|
|
files.GET("/:id", fileHandler.Get)
|
|
files.GET("/:id/content", fileHandler.Download)
|
|
files.PUT("/:id", fileHandler.Update)
|
|
files.DELETE("/:id", fileHandler.Delete)
|
|
}
|
|
|
|
admin := rg.Group("/admin")
|
|
admin.Use(middleware.AdminRequired())
|
|
{
|
|
admin.GET("/users", adminHandler.ListUsers)
|
|
admin.GET("/users/:id", adminHandler.GetUser)
|
|
admin.DELETE("/users/:id", adminHandler.DeleteUser)
|
|
}
|
|
}
|