package router import ( "github.com/gin-gonic/gin" userControllers "goaresv3/app/accounts/controllers" blogControllers "goaresv3/app/blog/controllers" settingsControllers "goaresv3/app/settings/controllers" shopControllers "goaresv3/app/shop/controllers" "goaresv3/pkg/middleware" "goaresv3/pkg/swaggerui" ) // Setup registers all application routes. func Setup(r *gin.Engine) { r.GET("/swagger/*any", swaggerui.Handler()) // ── Public auth routes ─────────────────────────────────────────────────── auth := r.Group("/api/v1/auth") { auth.POST("/register", userControllers.Register) auth.GET("/verify-email", userControllers.VerifyEmail) auth.POST("/login", userControllers.Login) auth.POST("/refresh", userControllers.RefreshToken) auth.GET("/google/login", userControllers.GoogleLogin) auth.GET("/google/callback", userControllers.GoogleCallback) auth.GET("/github/login", userControllers.GitHubLogin) auth.GET("/github/callback", userControllers.GitHubCallback) } // ── Public content routes ────────────────────────────────────────────────── public := r.Group("/api/v1") { // Settings (public read) public.GET("/settings", settingsControllers.GetSetting) public.GET("/settings/heroes", settingsControllers.ListHeroes) // Shop (public read) public.GET("/shop/categories", shopControllers.ListProductCategories) public.GET("/shop/tags", shopControllers.ListProductTags) public.GET("/shop/products", shopControllers.ListProducts) public.GET("/shop/products/:id", shopControllers.GetProduct) // Blog (public read) public.GET("/blog/categories", blogControllers.ListCategories) public.GET("/blog/tags", blogControllers.ListTags) public.GET("/blog/posts", blogControllers.ListPosts) public.GET("/blog/posts/:id", blogControllers.GetPost) } // ── Protected routes (require valid access token) ──────────────────────── api := r.Group("/api/v1", middleware.AuthRequired()) { api.GET("/me", userControllers.Me) // Shop (user cart operations) api.GET("/shop/cart", shopControllers.GetMyCart) api.POST("/shop/cart/items", shopControllers.AddCartItem) api.PUT("/shop/cart/items/:itemId", shopControllers.UpdateCartItem) api.DELETE("/shop/cart/items/:itemId", shopControllers.DeleteCartItem) } admin := api.Group("", middleware.AdminRequired()) { // Settings admin.PUT("/settings", settingsControllers.UpsertSetting) // Hero admin.POST("/settings/heroes", settingsControllers.CreateHero) admin.PUT("/settings/heroes/:id", settingsControllers.UpdateHero) admin.DELETE("/settings/heroes/:id", settingsControllers.DeleteHero) // CORS whitelist admin.GET("/settings/cors/whitelist", settingsControllers.ListCorsWhitelists) admin.POST("/settings/cors/whitelist", settingsControllers.CreateCorsWhitelist) admin.PUT("/settings/cors/whitelist/:id", settingsControllers.UpdateCorsWhitelist) admin.DELETE("/settings/cors/whitelist/:id", settingsControllers.DeleteCorsWhitelist) // CORS blacklist admin.GET("/settings/cors/blacklist", settingsControllers.ListCorsBlacklists) admin.POST("/settings/cors/blacklist", settingsControllers.CreateCorsBlacklist) admin.PUT("/settings/cors/blacklist/:id", settingsControllers.UpdateCorsBlacklist) admin.DELETE("/settings/cors/blacklist/:id", settingsControllers.DeleteCorsBlacklist) // Rate limits admin.GET("/settings/rate-limits", settingsControllers.ListRateLimits) admin.POST("/settings/rate-limits", settingsControllers.CreateRateLimit) admin.PUT("/settings/rate-limits/:id", settingsControllers.UpdateRateLimit) admin.DELETE("/settings/rate-limits/:id", settingsControllers.DeleteRateLimit) // Shop categories admin.POST("/shop/categories", shopControllers.CreateProductCategory) admin.PUT("/shop/categories/:id", shopControllers.UpdateProductCategory) admin.DELETE("/shop/categories/:id", shopControllers.DeleteProductCategory) // Shop tags admin.POST("/shop/tags", shopControllers.CreateProductTag) admin.PUT("/shop/tags/:id", shopControllers.UpdateProductTag) admin.DELETE("/shop/tags/:id", shopControllers.DeleteProductTag) // Shop products admin.POST("/shop/products", shopControllers.CreateProduct) admin.PUT("/shop/products/:id", shopControllers.UpdateProduct) admin.DELETE("/shop/products/:id", shopControllers.DeleteProduct) // Blog categories admin.POST("/blog/categories", blogControllers.CreateCategory) admin.PUT("/blog/categories/:id", blogControllers.UpdateCategory) admin.DELETE("/blog/categories/:id", blogControllers.DeleteCategory) // Blog tags admin.POST("/blog/tags", blogControllers.CreateTag) admin.PUT("/blog/tags/:id", blogControllers.UpdateTag) admin.DELETE("/blog/tags/:id", blogControllers.DeleteTag) // Blog posts admin.POST("/blog/posts", blogControllers.CreatePost) admin.PUT("/blog/posts/:id", blogControllers.UpdatePost) admin.DELETE("/blog/posts/:id", blogControllers.DeletePost) } }