Masahiko AMANO
caeff6786e
domain/context.go: extend WithUser/UserFromContext with session ID handler/response.go: respondJSON/respondError with domain→HTTP status mapping (404/403/401/409/400/415/500) handler/middleware.go: Bearer JWT extraction, ParseAccessToken, domain.WithUser injection; aborts with 401 JSON on failure handler/auth_handler.go: Login, Refresh, Logout, ListSessions, TerminateSession handler/router.go: /health, /api/v1/auth routes; login and refresh are public, session routes protected by AuthMiddleware Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
38 lines
945 B
Go
38 lines
945 B
Go
package handler
|
|
|
|
import (
|
|
"net/http"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
)
|
|
|
|
// NewRouter builds and returns a configured Gin engine.
|
|
// Additional handlers will be added here as they are implemented.
|
|
func NewRouter(auth *AuthMiddleware, authHandler *AuthHandler) *gin.Engine {
|
|
r := gin.New()
|
|
r.Use(gin.Logger(), gin.Recovery())
|
|
|
|
// Health check — no auth required.
|
|
r.GET("/health", func(c *gin.Context) {
|
|
c.JSON(http.StatusOK, gin.H{"status": "ok"})
|
|
})
|
|
|
|
v1 := r.Group("/api/v1")
|
|
|
|
// Auth endpoints — login and refresh are public; others require a valid token.
|
|
authGroup := v1.Group("/auth")
|
|
{
|
|
authGroup.POST("/login", authHandler.Login)
|
|
authGroup.POST("/refresh", authHandler.Refresh)
|
|
|
|
protected := authGroup.Group("", auth.Handle())
|
|
{
|
|
protected.POST("/logout", authHandler.Logout)
|
|
protected.GET("/sessions", authHandler.ListSessions)
|
|
protected.DELETE("/sessions/:id", authHandler.TerminateSession)
|
|
}
|
|
}
|
|
|
|
return r
|
|
}
|