feat(api): auth-хендлеры register/login/logout/me + session cookie

This commit is contained in:
2026-07-03 20:11:00 +07:00
parent a584cf5c37
commit aa0ef1c6a9
4 changed files with 473 additions and 5 deletions
+31 -4
View File
@@ -3,6 +3,7 @@ package api
import (
"context"
"net/http"
"time"
"github.com/go-chi/chi/v5"
"github.com/go-chi/chi/v5/middleware"
@@ -54,12 +55,31 @@ type ProviderRegistry interface {
ByName(name string) (provider.Provider, error)
}
// AuthStore is the persistence surface the auth handlers depend on.
// *store.Store satisfies it directly (see internal/store/store.go); tests
// can supply their own mock.
type AuthStore interface {
RegisterUser(ctx context.Context, email, passwordHash string) (store.User, store.Project, error)
GetUserByEmail(ctx context.Context, email string) (store.User, error)
GetUserProject(ctx context.Context, userID uuid.UUID) (store.Project, error)
}
// SessionManager creates/validates/destroys login sessions. *auth.Sessions
// satisfies it directly (see internal/auth/session.go).
type SessionManager interface {
Create(ctx context.Context, userID uuid.UUID) (string, time.Time, error)
Validate(ctx context.Context, token string) (uuid.UUID, error)
Destroy(ctx context.Context, token string) error
}
// API holds handler dependencies.
type API struct {
Svc CheckApplier
Store TenantStore
Cipher Cipher
Reg ProviderRegistry
Svc CheckApplier
Store TenantStore
Cipher Cipher
Reg ProviderRegistry
Auth AuthStore
Sessions SessionManager
}
func NewRouter(a *API) http.Handler {
@@ -67,6 +87,13 @@ func NewRouter(a *API) http.Handler {
r.Use(middleware.RequestID)
r.Use(middleware.Recoverer)
r.Route("/api/v1/auth", func(r chi.Router) {
r.Post("/register", a.handleRegister)
r.Post("/login", a.handleLogin)
r.Post("/logout", a.handleLogout) // защитится RequireAuth в Task 4
r.Get("/me", a.handleMe) // защитится RequireAuth в Task 4
})
r.Route("/api/v1/projects/{pid}", func(r chi.Router) {
r.Route("/domains", func(r chi.Router) {
r.Post("/", a.handleCreateDomain)