108 lines
2.6 KiB
Go
108 lines
2.6 KiB
Go
package handler
|
|
|
|
import (
|
|
"net/http"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
|
|
"github.com/dhao2001/mygo/internal/api"
|
|
"github.com/dhao2001/mygo/internal/middleware"
|
|
"github.com/dhao2001/mygo/internal/model"
|
|
"github.com/dhao2001/mygo/internal/service"
|
|
)
|
|
|
|
// AccountHandler handles authenticated account endpoints.
|
|
type AccountHandler struct {
|
|
authService *service.AuthService
|
|
}
|
|
|
|
// NewAccountHandler creates an AccountHandler.
|
|
func NewAccountHandler(authService *service.AuthService) *AccountHandler {
|
|
return &AccountHandler{authService: authService}
|
|
}
|
|
|
|
type createPasskeyRequest struct {
|
|
Label string `json:"label" binding:"required"`
|
|
}
|
|
|
|
// GetAccount handles GET /api/v1/account.
|
|
func (h *AccountHandler) GetAccount(c *gin.Context) {
|
|
userID := middleware.GetUserID(c)
|
|
if userID == "" {
|
|
api.Error(c, http.StatusUnauthorized, "unauthorized")
|
|
return
|
|
}
|
|
|
|
c.JSON(http.StatusOK, gin.H{"user_id": userID})
|
|
}
|
|
|
|
// ListPasskeys handles GET /api/v1/account/passkeys.
|
|
func (h *AccountHandler) ListPasskeys(c *gin.Context) {
|
|
userID := middleware.GetUserID(c)
|
|
if userID == "" {
|
|
api.Error(c, http.StatusUnauthorized, "unauthorized")
|
|
return
|
|
}
|
|
|
|
creds, err := h.authService.ListPasskeys(c.Request.Context(), userID)
|
|
if err != nil {
|
|
api.Error(c, http.StatusInternalServerError, err.Error())
|
|
return
|
|
}
|
|
|
|
if creds == nil {
|
|
creds = []model.Credential{}
|
|
}
|
|
|
|
c.JSON(http.StatusOK, creds)
|
|
}
|
|
|
|
// CreatePasskey handles POST /api/v1/account/passkeys.
|
|
func (h *AccountHandler) CreatePasskey(c *gin.Context) {
|
|
userID := middleware.GetUserID(c)
|
|
if userID == "" {
|
|
api.Error(c, http.StatusUnauthorized, "unauthorized")
|
|
return
|
|
}
|
|
|
|
var req createPasskeyRequest
|
|
if err := c.ShouldBindJSON(&req); err != nil {
|
|
api.Error(c, http.StatusBadRequest, "invalid request: "+err.Error())
|
|
return
|
|
}
|
|
|
|
pk, err := h.authService.CreatePasskey(c.Request.Context(), userID, req.Label)
|
|
if err != nil {
|
|
api.Error(c, http.StatusInternalServerError, err.Error())
|
|
return
|
|
}
|
|
|
|
c.JSON(http.StatusCreated, pk)
|
|
}
|
|
|
|
// RevokePasskey handles DELETE /api/v1/account/passkeys/:id.
|
|
func (h *AccountHandler) RevokePasskey(c *gin.Context) {
|
|
userID := middleware.GetUserID(c)
|
|
if userID == "" {
|
|
api.Error(c, http.StatusUnauthorized, "unauthorized")
|
|
return
|
|
}
|
|
|
|
passkeyID := c.Param("id")
|
|
if passkeyID == "" {
|
|
api.Error(c, http.StatusBadRequest, "missing passkey id")
|
|
return
|
|
}
|
|
|
|
if err := h.authService.RevokePasskey(c.Request.Context(), userID, passkeyID); err != nil {
|
|
if err == model.ErrForbidden {
|
|
api.Error(c, http.StatusForbidden, err.Error())
|
|
return
|
|
}
|
|
api.Error(c, http.StatusInternalServerError, err.Error())
|
|
return
|
|
}
|
|
|
|
c.Status(http.StatusOK)
|
|
}
|