Files
goFiber/routes/router.go
Beyhan Oğur 60db80892b first commit
2026-04-26 21:45:19 +03:00

147 lines
8.4 KiB
Go

package routes
import (
"goFiber/controllers"
"goFiber/middlewares"
"github.com/gofiber/fiber/v3"
"github.com/gofiber/fiber/v3/middleware/adaptor"
httpSwagger "github.com/swaggo/http-swagger"
)
func RouterUser(app *fiber.App) {
app.Get("/", func(c fiber.Ctx) error {
return c.SendFile("./views/coming_soon.html")
})
app.Get("/swagger/doc.json", func(c fiber.Ctx) error {
return c.SendFile("./docs/swagger.json")
})
app.Get("/swagger/*", adaptor.HTTPHandler(httpSwagger.Handler(
httpSwagger.URL("/swagger/doc.json"),
httpSwagger.PersistAuthorization(true),
httpSwagger.UIConfig(map[string]string{
"requestInterceptor": `function(req) {
const auth = req.headers.Authorization || req.headers.authorization;
if (typeof auth === "string" && auth.length > 0 && !auth.toLowerCase().startsWith("bearer ")) {
req.headers.Authorization = "Bearer " + auth;
}
return req;
}`,
}),
)))
api := app.Group("/api/v1")
users := api.Group("/users")
auth := api.Group("/auth")
admin := api.Group("/admin")
//users.Get("/", controllers.GetUser)
usersProtected := users.Group("", middlewares.RequireAuth)
usersProtected.Get("/me", controllers.Me)
usersProtected.Get("/admin/example", middlewares.RequireAdmin, controllers.AdminOnlyExample)
usersProtected.Get("/list", middlewares.RequireAdmin, controllers.AdminListUsers)
usersProtected.Get("/list/deleted", middlewares.RequireAdmin, controllers.AdminListDeletedUsers)
usersProtected.Get("/user/example", middlewares.RequireNormalUser, controllers.UserOnlyExample)
users.Get("/:id", controllers.GetUserOne)
users.Put("/:id", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.UpdateUser)
users.Delete("/:id", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.DeleteUser)
users.Delete("/:id/hard", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.HardDeleteUser)
users.Post("/:id/restore", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.RestoreUser)
auth.Post("/register", middlewares.RequireRateLimit("register", 5, 60), controllers.Register)
auth.Post("/login", middlewares.RequireRateLimit("login", 10, 60), controllers.Login)
auth.Post("/refresh", controllers.RefreshToken, middlewares.RequireRateLimit("refresh", 10, 60), controllers.RefreshToken)
auth.Post("/resend-verification", controllers.ResendVerificationEmail)
auth.Get("/verify-email", controllers.VerifyEmail)
auth.Get("/google", controllers.GoogleAuth)
auth.Get("/google/callback", controllers.GoogleAuthCallback)
auth.Get("/github", controllers.GithubAuth)
auth.Get("/github/callback", controllers.GithubAuthCallback)
// Hero Routes
api.Get("/hero", controllers.GetHero)
api.Get("/heroes", controllers.GetHeroAll)
api.Get("/setting", controllers.GetSetting)
// Blog/Public Routes
api.Get("/posts", controllers.GetPosts)
api.Get("/posts/:id", controllers.GetPost)
api.Get("/categories", controllers.ListCategories)
api.Get("/tags", controllers.ListTags)
api.Get("/comments", controllers.ListComments)
// Blog/Admin Routes
api.Post("/posts", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.CreatePost)
api.Put("/posts/:id", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.UpdatePost)
api.Delete("/posts/:id", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.DeletePost)
// Admin list posts (include trashed filter)
admin.Get("/posts", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.AdminListPosts)
admin.Delete("/posts/:id/hard", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.HardDeletePost)
admin.Post("/posts/:id/restore", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.AdminRestorePost)
// Admin tags operations (list including trashed, hard delete, restore)
admin.Get("/tags", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.AdminListTags)
admin.Delete("/tags/:id/hard", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.HardDeleteTag)
admin.Post("/tags/:id/restore", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.AdminRestoreTag)
// Admin category-views operations
admin.Get("/category-views", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.AdminListCategoryViews)
admin.Delete("/category-views/:id/hard", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.HardDeleteCategoryView)
admin.Post("/category-views/:id/restore", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.AdminRestoreCategoryView)
// Admin categories operations (list including trashed, hard delete, restore)
admin.Get("/categories", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.AdminListCategories)
admin.Delete("/categories/:id/hard", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.HardDeleteCategory)
admin.Post("/categories/:id/restore", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.AdminRestoreCategory)
api.Post("/categories", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.CreateCategory)
api.Put("/categories/:id", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.UpdateCategory)
api.Delete("/categories/:id", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.DeleteCategory)
api.Post("/tags", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.CreateTag)
api.Put("/tags/:id", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.UpdateTag)
api.Delete("/tags/:id", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.DeleteTag)
api.Post("/comments", controllers.CreateComment) // public
api.Delete("/comments/:id", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.DeleteComment)
// Auth Middleware Group
authProtected := auth.Group("", middlewares.RequireAuth)
authProtected.Get("/me", controllers.Me)
//authProtected.Get("/admin/example", middlewares.RequireAdmin, controllers.AdminOnlyExample)
//authProtected.Get("/user/example", middlewares.RequireNormalUser, controllers.UserOnlyExample)
// Admin Hero Operations
api.Post("/hero", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.CreateHero)
api.Put("/hero/:id", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.UpdateHero)
api.Delete("/hero/:id", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.DeleteHero)
// Admin Setting Operations
api.Post("/setting", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.CreateSetting)
api.Put("/setting/:id", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.UpdateSetting)
api.Delete("/setting/:id", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.DeleteSetting)
// Admin Security (CORS & Rate Limit) Operations - internal use only
admin.Get("/cors/whitelist", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.ListCorsWhitelists)
admin.Post("/cors/whitelist", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.CreateCorsWhitelist)
admin.Put("/cors/whitelist/:id", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.UpdateCorsWhitelist)
admin.Delete("/cors/whitelist/:id", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.DeleteCorsWhitelist)
admin.Delete("/cors/whitelist/:id/hard", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.HardDeleteCorsWhitelist)
admin.Get("/cors/blacklist", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.ListCorsBlacklists)
admin.Post("/cors/blacklist", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.CreateCorsBlacklist)
admin.Put("/cors/blacklist/:id", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.UpdateCorsBlacklist)
admin.Delete("/cors/blacklist/:id", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.DeleteCorsBlacklist)
admin.Delete("/cors/blacklist/:id/hard", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.HardDeleteCorsBlacklist)
admin.Get("/rate-limit", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.ListRateLimitSettings)
admin.Post("/rate-limit", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.CreateRateLimitSetting)
admin.Put("/rate-limit/:id", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.UpdateRateLimitSetting)
admin.Delete("/rate-limit/:id", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.DeleteRateLimitSetting)
admin.Delete("/rate-limit/:id/hard", middlewares.RequireAuth, middlewares.RequireAdmin, controllers.HardDeleteRateLimitSetting)
}