feat: implement auth handler, middleware, and router
domain/context.go: extend WithUser/UserFromContext with session ID handler/response.go: respondJSON/respondError with domain→HTTP status mapping (404/403/401/409/400/415/500) handler/middleware.go: Bearer JWT extraction, ParseAccessToken, domain.WithUser injection; aborts with 401 JSON on failure handler/auth_handler.go: Login, Refresh, Logout, ListSessions, TerminateSession handler/router.go: /health, /api/v1/auth routes; login and refresh are public, session routes protected by AuthMiddleware Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -0,0 +1,37 @@
|
||||
package handler
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
)
|
||||
|
||||
// NewRouter builds and returns a configured Gin engine.
|
||||
// Additional handlers will be added here as they are implemented.
|
||||
func NewRouter(auth *AuthMiddleware, authHandler *AuthHandler) *gin.Engine {
|
||||
r := gin.New()
|
||||
r.Use(gin.Logger(), gin.Recovery())
|
||||
|
||||
// Health check — no auth required.
|
||||
r.GET("/health", func(c *gin.Context) {
|
||||
c.JSON(http.StatusOK, gin.H{"status": "ok"})
|
||||
})
|
||||
|
||||
v1 := r.Group("/api/v1")
|
||||
|
||||
// Auth endpoints — login and refresh are public; others require a valid token.
|
||||
authGroup := v1.Group("/auth")
|
||||
{
|
||||
authGroup.POST("/login", authHandler.Login)
|
||||
authGroup.POST("/refresh", authHandler.Refresh)
|
||||
|
||||
protected := authGroup.Group("", auth.Handle())
|
||||
{
|
||||
protected.POST("/logout", authHandler.Logout)
|
||||
protected.GET("/sessions", authHandler.ListSessions)
|
||||
protected.DELETE("/sessions/:id", authHandler.TerminateSession)
|
||||
}
|
||||
}
|
||||
|
||||
return r
|
||||
}
|
||||
Reference in New Issue
Block a user