feat(api): auth-хендлеры register/login/logout/me + session cookie
This commit is contained in:
+31
-4
@@ -3,6 +3,7 @@ package api
|
||||
import (
|
||||
"context"
|
||||
"net/http"
|
||||
"time"
|
||||
|
||||
"github.com/go-chi/chi/v5"
|
||||
"github.com/go-chi/chi/v5/middleware"
|
||||
@@ -54,12 +55,31 @@ type ProviderRegistry interface {
|
||||
ByName(name string) (provider.Provider, error)
|
||||
}
|
||||
|
||||
// AuthStore is the persistence surface the auth handlers depend on.
|
||||
// *store.Store satisfies it directly (see internal/store/store.go); tests
|
||||
// can supply their own mock.
|
||||
type AuthStore interface {
|
||||
RegisterUser(ctx context.Context, email, passwordHash string) (store.User, store.Project, error)
|
||||
GetUserByEmail(ctx context.Context, email string) (store.User, error)
|
||||
GetUserProject(ctx context.Context, userID uuid.UUID) (store.Project, error)
|
||||
}
|
||||
|
||||
// SessionManager creates/validates/destroys login sessions. *auth.Sessions
|
||||
// satisfies it directly (see internal/auth/session.go).
|
||||
type SessionManager interface {
|
||||
Create(ctx context.Context, userID uuid.UUID) (string, time.Time, error)
|
||||
Validate(ctx context.Context, token string) (uuid.UUID, error)
|
||||
Destroy(ctx context.Context, token string) error
|
||||
}
|
||||
|
||||
// API holds handler dependencies.
|
||||
type API struct {
|
||||
Svc CheckApplier
|
||||
Store TenantStore
|
||||
Cipher Cipher
|
||||
Reg ProviderRegistry
|
||||
Svc CheckApplier
|
||||
Store TenantStore
|
||||
Cipher Cipher
|
||||
Reg ProviderRegistry
|
||||
Auth AuthStore
|
||||
Sessions SessionManager
|
||||
}
|
||||
|
||||
func NewRouter(a *API) http.Handler {
|
||||
@@ -67,6 +87,13 @@ func NewRouter(a *API) http.Handler {
|
||||
r.Use(middleware.RequestID)
|
||||
r.Use(middleware.Recoverer)
|
||||
|
||||
r.Route("/api/v1/auth", func(r chi.Router) {
|
||||
r.Post("/register", a.handleRegister)
|
||||
r.Post("/login", a.handleLogin)
|
||||
r.Post("/logout", a.handleLogout) // защитится RequireAuth в Task 4
|
||||
r.Get("/me", a.handleMe) // защитится RequireAuth в Task 4
|
||||
})
|
||||
|
||||
r.Route("/api/v1/projects/{pid}", func(r chi.Router) {
|
||||
r.Route("/domains", func(r chi.Router) {
|
||||
r.Post("/", a.handleCreateDomain)
|
||||
|
||||
Reference in New Issue
Block a user