Mephimeow
177 lines
5.2 KiB
Go
177 lines
5.2 KiB
Go
package auth
|
|
|
|
import (
|
|
"errors"
|
|
"log"
|
|
"net/http"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
)
|
|
|
|
type Handler struct {
|
|
service *Service
|
|
}
|
|
|
|
func NewHandler(service *Service) *Handler {
|
|
return &Handler{service: service}
|
|
}
|
|
|
|
// @Summary Epta registration
|
|
// @Description Create user account with username, email, password
|
|
// @Tags auth
|
|
// @Accept json
|
|
// @Produce json
|
|
// @Param request body RegisterRequest true "Registration details"
|
|
// @Success 201 {object} UserResponse
|
|
// @Failure 400 {object} ErrorResponse
|
|
// @Failure 409 {object} ErrorResponse
|
|
// @Router /api/auth/register [post]
|
|
func (h *Handler) Register(c *gin.Context) {
|
|
var req RegisterRequest
|
|
if err := c.ShouldBindJSON(&req); err != nil {
|
|
c.JSON(http.StatusBadRequest, ErrorResponse{Error: err.Error()})
|
|
return
|
|
}
|
|
|
|
user, err := h.service.Register(c.Request.Context(), req)
|
|
if err != nil {
|
|
if errors.Is(err, ErrEmailExists) {
|
|
c.JSON(http.StatusConflict, ErrorResponse{Error: err.Error()})
|
|
return
|
|
}
|
|
log.Printf("register error: %v", err)
|
|
c.JSON(http.StatusInternalServerError, ErrorResponse{Error: "internal server error"})
|
|
return
|
|
}
|
|
|
|
c.JSON(http.StatusCreated, UserResponse{User: *user})
|
|
}
|
|
|
|
// @Summary Epta login
|
|
// @Description Authenticate user with email and password, returns JWT token
|
|
// @Tags auth
|
|
// @Accept json
|
|
// @Produce json
|
|
// @Param request body LoginRequest true "Login credentials"
|
|
// @Success 200 {object} AuthResponse
|
|
// @Failure 400 {object} ErrorResponse
|
|
// @Failure 401 {object} ErrorResponse
|
|
// @Router /api/auth/login [post]
|
|
func (h *Handler) Login(c *gin.Context) {
|
|
var req LoginRequest
|
|
if err := c.ShouldBindJSON(&req); err != nil {
|
|
c.JSON(http.StatusBadRequest, ErrorResponse{Error: err.Error()})
|
|
return
|
|
}
|
|
|
|
resp, err := h.service.Login(c.Request.Context(), req)
|
|
if err != nil {
|
|
if errors.Is(err, ErrInvalidCreds) {
|
|
c.JSON(http.StatusUnauthorized, ErrorResponse{Error: err.Error()})
|
|
return
|
|
}
|
|
log.Printf("login error: %v", err)
|
|
c.JSON(http.StatusInternalServerError, ErrorResponse{Error: "internal server error"})
|
|
return
|
|
}
|
|
|
|
c.JSON(http.StatusOK, resp)
|
|
}
|
|
|
|
// @Summary Refresh epta token
|
|
// @Description Get a new access token using a refresh token
|
|
// @Tags auth
|
|
// @Accept json
|
|
// @Produce json
|
|
// @Param request body RefreshRequest true "Refresh token"
|
|
// @Success 200 {object} AuthResponse
|
|
// @Failure 400 {object} ErrorResponse
|
|
// @Failure 401 {object} ErrorResponse
|
|
// @Router /api/auth/refresh [post]
|
|
func (h *Handler) Refresh(c *gin.Context) {
|
|
var req RefreshRequest
|
|
if err := c.ShouldBindJSON(&req); err != nil {
|
|
c.JSON(http.StatusBadRequest, ErrorResponse{Error: err.Error()})
|
|
return
|
|
}
|
|
|
|
resp, err := h.service.Refresh(c.Request.Context(), req.RefreshToken)
|
|
if err != nil {
|
|
if errors.Is(err, ErrInvalidRefresh) || errors.Is(err, ErrRefreshExpired) {
|
|
c.JSON(http.StatusUnauthorized, ErrorResponse{Error: err.Error()})
|
|
return
|
|
}
|
|
log.Printf("refresh error: %v", err)
|
|
c.JSON(http.StatusInternalServerError, ErrorResponse{Error: "internal server error"})
|
|
return
|
|
}
|
|
|
|
c.JSON(http.StatusOK, resp)
|
|
}
|
|
|
|
// @Summary Logout epta
|
|
// @Description Invalidate a refresh token (logout)
|
|
// @Tags auth
|
|
// @Accept json
|
|
// @Produce json
|
|
// @Param request body LogoutRequest true "Refresh token to invalidate"
|
|
// @Success 200 {object} map[string]string
|
|
// @Failure 400 {object} ErrorResponse
|
|
// @Failure 401 {object} ErrorResponse
|
|
// @Router /api/auth/logout [post]
|
|
func (h *Handler) Logout(c *gin.Context) {
|
|
var req LogoutRequest
|
|
if err := c.ShouldBindJSON(&req); err != nil {
|
|
c.JSON(http.StatusBadRequest, ErrorResponse{Error: err.Error()})
|
|
return
|
|
}
|
|
|
|
if err := h.service.Logout(c.Request.Context(), req.RefreshToken); err != nil {
|
|
if errors.Is(err, ErrLogoutInvalid) {
|
|
c.JSON(http.StatusUnauthorized, ErrorResponse{Error: err.Error()})
|
|
return
|
|
}
|
|
log.Printf("logout error: %v", err)
|
|
c.JSON(http.StatusInternalServerError, ErrorResponse{Error: "internal server error"})
|
|
return
|
|
}
|
|
|
|
c.JSON(http.StatusOK, gin.H{"message": "logged out successfully"})
|
|
}
|
|
|
|
// @Summary Epta get current user
|
|
// @Description Get authenticated user's profile
|
|
// @Tags auth
|
|
// @Accept json
|
|
// @Produce json
|
|
// @Security Bearer
|
|
// @Success 200 {object} UserResponse
|
|
// @Failure 401 {object} ErrorResponse
|
|
// @Router /api/auth/me [get]
|
|
func (h *Handler) Me(c *gin.Context) {
|
|
rawUserID, exists := c.Get("user_id")
|
|
if !exists {
|
|
c.JSON(http.StatusUnauthorized, ErrorResponse{Error: "unauthorized"})
|
|
return
|
|
}
|
|
|
|
userID, ok := rawUserID.(string)
|
|
if !ok {
|
|
c.JSON(http.StatusInternalServerError, ErrorResponse{Error: "invalid user ID in context"})
|
|
return
|
|
}
|
|
|
|
user, err := h.service.GetUserByID(c.Request.Context(), userID)
|
|
if err != nil {
|
|
if errors.Is(err, ErrUserNotFound) || errors.Is(err, ErrInvalidUserID) {
|
|
c.JSON(http.StatusNotFound, ErrorResponse{Error: err.Error()})
|
|
return
|
|
}
|
|
log.Printf("me error: %v", err)
|
|
c.JSON(http.StatusInternalServerError, ErrorResponse{Error: "internal server error"})
|
|
return
|
|
}
|
|
|
|
c.JSON(http.StatusOK, UserResponse{User: *user})
|
|
}
|