Files
AuthCentral/api/routes/routes.go
Beyhan Oğur 8b1fbdee99 first commit
2026-04-26 21:37:58 +03:00

142 lines
4.5 KiB
Go
Raw Permalink Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
package routes
import (
"gauth-central/api/handlers"
"gauth-central/api/middlewares"
_ "gauth-central/docs" // docs import
"gauth-central/internal/services"
"net/http"
"github.com/gin-gonic/gin"
swaggerFiles "github.com/swaggo/files"
ginSwagger "github.com/swaggo/gin-swagger"
)
func SetupRoutes(r *gin.Engine) {
jwtService := services.NewJWTService()
authService := services.NewAuthService()
authHandler := handlers.NewAuthHandler(authService)
settingsService := services.NewSettingsService()
settingsHandler := handlers.NewSettingsHandler(settingsService)
userManagementService := services.NewUserManagementService()
userManagementHandler := handlers.NewUserManagementHandler(userManagementService)
avatarHandler := handlers.NewAvatarHandler()
profileHandler := handlers.NewProfileHandler()
// Serve static files (uploaded avatars)
r.Static("/uploads", "./uploads")
// Homepage
r.LoadHTMLGlob("web/*")
r.GET("/", func(c *gin.Context) {
c.HTML(http.StatusOK, "index.html", nil)
})
v1 := r.Group("/v1")
v1.Use(middlewares.APIRateLimitMiddleware()) // General API rate limiting
{
// Swagger
v1.GET("/docs/*any", ginSwagger.WrapHandler(swaggerFiles.Handler))
auth := v1.Group("/auth")
{
auth.POST("/register", middlewares.RegisterRateLimitMiddleware(), authHandler.Register)
auth.POST("/login", middlewares.LoginRateLimitMiddleware(), authHandler.Login)
auth.GET("/verify-email", authHandler.VerifyEmail)
auth.GET("/:provider", authHandler.BeginAuth)
auth.GET("/:provider/callback", authHandler.Callback)
auth.POST("/refresh", authHandler.Refresh)
// Protected routes
protected := auth.Group("/")
protected.Use(middlewares.AuthMiddleware(jwtService))
{
protected.GET("/me", authHandler.Me)
protected.GET("/validate", func(c *gin.Context) {
c.JSON(http.StatusOK, gin.H{
"message": "Token is valid",
"user_id": c.GetString("user_id"),
"email": c.GetString("email"),
})
})
}
}
// User endpoints
user := v1.Group("/user")
user.Use(middlewares.AuthMiddleware(jwtService))
{
// Avatar management
user.POST("/avatar", avatarHandler.UploadAvatar)
user.DELETE("/avatar", avatarHandler.DeleteAvatar)
}
// Profile endpoints
profile := v1.Group("/profile")
profile.Use(middlewares.AuthMiddleware(jwtService))
{
profile.GET("", profileHandler.GetProfile)
profile.PUT("", profileHandler.UpdateProfile)
profile.PUT("/password", profileHandler.ChangePassword)
profile.PUT("/email", profileHandler.ChangeEmail)
}
// Settings endpoints (Admin only)
settings := v1.Group("/settings")
settings.Use(middlewares.AuthMiddleware(jwtService))
settings.Use(middlewares.AdminMiddleware())
{
// CORS Whitelist
corsWhitelist := settings.Group("/cors/whitelist")
{
corsWhitelist.GET("", settingsHandler.GetAllWhitelist)
corsWhitelist.POST("", settingsHandler.CreateWhitelist)
corsWhitelist.PUT("/:id", settingsHandler.UpdateWhitelist)
corsWhitelist.DELETE("/:id", settingsHandler.DeleteWhitelist)
}
// CORS Blacklist
corsBlacklist := settings.Group("/cors/blacklist")
{
corsBlacklist.GET("", settingsHandler.GetAllBlacklist)
corsBlacklist.POST("", settingsHandler.CreateBlacklist)
corsBlacklist.PUT("/:id", settingsHandler.UpdateBlacklist)
corsBlacklist.DELETE("/:id", settingsHandler.DeleteBlacklist)
}
// Rate Limit Settings
rateLimit := settings.Group("/ratelimit")
{
rateLimit.GET("", settingsHandler.GetAllRateLimits)
rateLimit.PUT("/:id", settingsHandler.UpdateRateLimit)
}
}
// Admin - User Management
admin := v1.Group("/admin")
admin.Use(middlewares.AuthMiddleware(jwtService))
admin.Use(middlewares.AdminMiddleware())
{
users := admin.Group("/users")
{
users.GET("/search", userManagementHandler.SearchUsers)
users.GET("/deleted", userManagementHandler.GetDeletedUsers) // Yeni: Silinen kullanıcılar
users.GET("", userManagementHandler.GetAllUsers)
users.POST("", userManagementHandler.CreateUser)
users.GET("/:id", userManagementHandler.GetUserByID)
users.PUT("/:id", userManagementHandler.UpdateUser)
users.DELETE("/:id", userManagementHandler.DeleteUser)
users.POST("/:id/roles", userManagementHandler.AssignRoles)
users.DELETE("/:id/roles/:role", userManagementHandler.RemoveRole)
users.POST("/:id/restore", userManagementHandler.RestoreUser) // Yeni: Kullanıcıyı restore et
// Avatar management for users (Admin)
users.POST("/:id/avatar", avatarHandler.AdminUploadAvatar)
}
}
}
}