142 lines
4.5 KiB
Go
142 lines
4.5 KiB
Go
package routes
|
||
|
||
import (
|
||
"gauth-central/api/handlers"
|
||
"gauth-central/api/middlewares"
|
||
_ "gauth-central/docs" // docs import
|
||
"gauth-central/internal/services"
|
||
"net/http"
|
||
|
||
"github.com/gin-gonic/gin"
|
||
swaggerFiles "github.com/swaggo/files"
|
||
ginSwagger "github.com/swaggo/gin-swagger"
|
||
)
|
||
|
||
func SetupRoutes(r *gin.Engine) {
|
||
jwtService := services.NewJWTService()
|
||
authService := services.NewAuthService()
|
||
authHandler := handlers.NewAuthHandler(authService)
|
||
|
||
settingsService := services.NewSettingsService()
|
||
settingsHandler := handlers.NewSettingsHandler(settingsService)
|
||
|
||
userManagementService := services.NewUserManagementService()
|
||
userManagementHandler := handlers.NewUserManagementHandler(userManagementService)
|
||
|
||
avatarHandler := handlers.NewAvatarHandler()
|
||
profileHandler := handlers.NewProfileHandler()
|
||
|
||
// Serve static files (uploaded avatars)
|
||
r.Static("/uploads", "./uploads")
|
||
|
||
// Homepage
|
||
r.LoadHTMLGlob("web/*")
|
||
r.GET("/", func(c *gin.Context) {
|
||
c.HTML(http.StatusOK, "index.html", nil)
|
||
})
|
||
|
||
v1 := r.Group("/v1")
|
||
v1.Use(middlewares.APIRateLimitMiddleware()) // General API rate limiting
|
||
{
|
||
// Swagger
|
||
v1.GET("/docs/*any", ginSwagger.WrapHandler(swaggerFiles.Handler))
|
||
|
||
auth := v1.Group("/auth")
|
||
{
|
||
auth.POST("/register", middlewares.RegisterRateLimitMiddleware(), authHandler.Register)
|
||
auth.POST("/login", middlewares.LoginRateLimitMiddleware(), authHandler.Login)
|
||
auth.GET("/verify-email", authHandler.VerifyEmail)
|
||
auth.GET("/:provider", authHandler.BeginAuth)
|
||
auth.GET("/:provider/callback", authHandler.Callback)
|
||
auth.POST("/refresh", authHandler.Refresh)
|
||
|
||
// Protected routes
|
||
protected := auth.Group("/")
|
||
protected.Use(middlewares.AuthMiddleware(jwtService))
|
||
{
|
||
protected.GET("/me", authHandler.Me)
|
||
protected.GET("/validate", func(c *gin.Context) {
|
||
c.JSON(http.StatusOK, gin.H{
|
||
"message": "Token is valid",
|
||
"user_id": c.GetString("user_id"),
|
||
"email": c.GetString("email"),
|
||
})
|
||
})
|
||
}
|
||
}
|
||
|
||
// User endpoints
|
||
user := v1.Group("/user")
|
||
user.Use(middlewares.AuthMiddleware(jwtService))
|
||
{
|
||
// Avatar management
|
||
user.POST("/avatar", avatarHandler.UploadAvatar)
|
||
user.DELETE("/avatar", avatarHandler.DeleteAvatar)
|
||
}
|
||
|
||
// Profile endpoints
|
||
profile := v1.Group("/profile")
|
||
profile.Use(middlewares.AuthMiddleware(jwtService))
|
||
{
|
||
profile.GET("", profileHandler.GetProfile)
|
||
profile.PUT("", profileHandler.UpdateProfile)
|
||
profile.PUT("/password", profileHandler.ChangePassword)
|
||
profile.PUT("/email", profileHandler.ChangeEmail)
|
||
}
|
||
|
||
// Settings endpoints (Admin only)
|
||
settings := v1.Group("/settings")
|
||
settings.Use(middlewares.AuthMiddleware(jwtService))
|
||
settings.Use(middlewares.AdminMiddleware())
|
||
{
|
||
// CORS Whitelist
|
||
corsWhitelist := settings.Group("/cors/whitelist")
|
||
{
|
||
corsWhitelist.GET("", settingsHandler.GetAllWhitelist)
|
||
corsWhitelist.POST("", settingsHandler.CreateWhitelist)
|
||
corsWhitelist.PUT("/:id", settingsHandler.UpdateWhitelist)
|
||
corsWhitelist.DELETE("/:id", settingsHandler.DeleteWhitelist)
|
||
}
|
||
|
||
// CORS Blacklist
|
||
corsBlacklist := settings.Group("/cors/blacklist")
|
||
{
|
||
corsBlacklist.GET("", settingsHandler.GetAllBlacklist)
|
||
corsBlacklist.POST("", settingsHandler.CreateBlacklist)
|
||
corsBlacklist.PUT("/:id", settingsHandler.UpdateBlacklist)
|
||
corsBlacklist.DELETE("/:id", settingsHandler.DeleteBlacklist)
|
||
}
|
||
|
||
// Rate Limit Settings
|
||
rateLimit := settings.Group("/ratelimit")
|
||
{
|
||
rateLimit.GET("", settingsHandler.GetAllRateLimits)
|
||
rateLimit.PUT("/:id", settingsHandler.UpdateRateLimit)
|
||
}
|
||
}
|
||
|
||
// Admin - User Management
|
||
admin := v1.Group("/admin")
|
||
admin.Use(middlewares.AuthMiddleware(jwtService))
|
||
admin.Use(middlewares.AdminMiddleware())
|
||
{
|
||
users := admin.Group("/users")
|
||
{
|
||
users.GET("/search", userManagementHandler.SearchUsers)
|
||
users.GET("/deleted", userManagementHandler.GetDeletedUsers) // Yeni: Silinen kullanıcılar
|
||
users.GET("", userManagementHandler.GetAllUsers)
|
||
users.POST("", userManagementHandler.CreateUser)
|
||
users.GET("/:id", userManagementHandler.GetUserByID)
|
||
users.PUT("/:id", userManagementHandler.UpdateUser)
|
||
users.DELETE("/:id", userManagementHandler.DeleteUser)
|
||
users.POST("/:id/roles", userManagementHandler.AssignRoles)
|
||
users.DELETE("/:id/roles/:role", userManagementHandler.RemoveRole)
|
||
users.POST("/:id/restore", userManagementHandler.RestoreUser) // Yeni: Kullanıcıyı restore et
|
||
|
||
// Avatar management for users (Admin)
|
||
users.POST("/:id/avatar", avatarHandler.AdminUploadAvatar)
|
||
}
|
||
}
|
||
}
|
||
}
|