refactor: now validate request with middleware
This commit is contained in:
@@ -2,7 +2,7 @@ package ginserver
|
||||
|
||||
import (
|
||||
"math/rand"
|
||||
utils2 "nos-comptes/internal/utils"
|
||||
"nos-comptes/internal/utils"
|
||||
"time"
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
@@ -37,16 +37,16 @@ func randStringBytesMaskImprSrc(n int) string {
|
||||
|
||||
func GetLoggerMiddleware() gin.HandlerFunc {
|
||||
return func(c *gin.Context) {
|
||||
correlationID := c.Request.Header.Get(utils2.HeaderNameCorrelationID)
|
||||
correlationID := c.Request.Header.Get(utils.HeaderNameCorrelationID)
|
||||
if correlationID == "" {
|
||||
correlationID = randStringBytesMaskImprSrc(30)
|
||||
c.Writer.Header().Set(utils2.HeaderNameCorrelationID, correlationID)
|
||||
c.Writer.Header().Set(utils.HeaderNameCorrelationID, correlationID)
|
||||
}
|
||||
|
||||
logger := utils2.GetLogger()
|
||||
logEntry := logger.WithField(utils2.HeaderNameCorrelationID, correlationID)
|
||||
logger := utils.GetLogger()
|
||||
logEntry := logger.WithField(utils.HeaderNameCorrelationID, correlationID)
|
||||
|
||||
c.Set(utils2.ContextKeyLogger, logEntry)
|
||||
c.Set(utils.ContextKeyLogger, logEntry)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -54,7 +54,7 @@ func GetHTTPLoggerMiddleware() gin.HandlerFunc {
|
||||
return func(c *gin.Context) {
|
||||
start := time.Now()
|
||||
|
||||
utils2.GetLoggerFromCtx(c).
|
||||
utils.GetLoggerFromCtx(c).
|
||||
WithField("method", c.Request.Method).
|
||||
WithField("url", c.Request.RequestURI).
|
||||
WithField("from", c.ClientIP()).
|
||||
@@ -63,7 +63,7 @@ func GetHTTPLoggerMiddleware() gin.HandlerFunc {
|
||||
c.Next()
|
||||
d := time.Since(start)
|
||||
|
||||
utils2.GetLoggerFromCtx(c).
|
||||
utils.GetLoggerFromCtx(c).
|
||||
WithField("status", c.Writer.Status()).
|
||||
WithField("duration", d.String()).
|
||||
Info("end handling HTTP request")
|
||||
|
||||
@@ -40,7 +40,7 @@ func NewRouter(config *handler.Config) *gin.Engine {
|
||||
ah := account.NewHandler(hc, db)
|
||||
sah := sharedaccount.NewHandler(hc, db)
|
||||
eh := expense.NewHandler(hc, db)
|
||||
|
||||
mv := middleware.NewValidator(hc, db)
|
||||
public := router.Group("/")
|
||||
public.Handle(http.MethodGet, "/_health", hc.GetHealth)
|
||||
|
||||
@@ -48,26 +48,34 @@ func NewRouter(config *handler.Config) *gin.Engine {
|
||||
userRoute.Handle("GET", "", uh.ConnectUser)
|
||||
userRoute.Handle(http.MethodPost, "", uh.CreateUser)
|
||||
|
||||
securedUserRoute := userRoute.Group("")
|
||||
securedUserRoute := userRoute.Group("/")
|
||||
securedUserRoute.Use(middleware.ValidateOAuthToken)
|
||||
//TODO add secure auth
|
||||
securedUserRoute.Handle(http.MethodGet, "/:userId", uh.GetUser)
|
||||
|
||||
securedMatchingToken := securedUserRoute.Group("/:userId")
|
||||
securedMatchingToken.Use(mv.HasValidUserId)
|
||||
securedMatchingToken.Use(mv.UserdIdMatchOAuthToken)
|
||||
//account route
|
||||
securedUserRoute.Handle(http.MethodGet, "/:userId/accounts", ah.GetAllAccountOfUser)
|
||||
securedUserRoute.Handle(http.MethodPost, "/:userId/accounts", ah.CreateAccountOfUser)
|
||||
securedUserRoute.Handle(http.MethodDelete, "/:userId/accounts/:accountId", ah.DeleteAccountOfUser)
|
||||
securedUserRoute.Handle(http.MethodGet, "/:userId/accounts/:accountId", ah.GetSpecificAccountOfUser)
|
||||
securedMatchingToken.Handle(http.MethodGet, "/accounts", ah.GetAllAccountOfUser)
|
||||
securedMatchingToken.Handle(http.MethodPost, "/accounts", ah.CreateAccountOfUser)
|
||||
|
||||
securedValidAccount := securedMatchingToken.Group("/accounts/:accountId")
|
||||
securedValidAccount.Use(mv.HasValidAccountId)
|
||||
securedValidAccount.Use(mv.AccountExists)
|
||||
securedValidAccount.Handle(http.MethodDelete, "", ah.DeleteAccountOfUser)
|
||||
securedValidAccount.Handle(http.MethodGet, "", ah.GetSpecificAccountOfUser)
|
||||
securedValidAccount.Handle(http.MethodPost, "/expenses", eh.CreateAnExpense)
|
||||
securedValidAccount.Handle(http.MethodGet, "/expenses", eh.GetAllExpenses)
|
||||
|
||||
securedExistingExpenses := securedValidAccount.Group("/expenses/:expenseId")
|
||||
securedExistingExpenses.Handle(http.MethodGet, "", eh.GetAnExpenses)
|
||||
securedExistingExpenses.Handle(http.MethodDelete, "", eh.DeleteExpense)
|
||||
//shared route
|
||||
securedUserRoute.Handle(http.MethodPost, "/:userId/sharedaccounts/:accountId", sah.ShareAnAccount)
|
||||
securedUserRoute.Handle(http.MethodDelete, "/:userId/sharedaccounts/:accountId", sah.DeleteSharedAccount)
|
||||
securedUserRoute.Handle(http.MethodGet, "/:userId/sharedaccounts", sah.GetAllSharedAccountOfUser)
|
||||
securedUserRoute.Handle(http.MethodGet, "/:userId/sharedaccounts/:sharedAccountId", sah.GetSpecificSharedAccountOfUser)
|
||||
|
||||
securedUserRoute.Handle(http.MethodPost, "/:userId/accounts/:accountId/expenses", eh.CreateAnExpense)
|
||||
securedUserRoute.Handle(http.MethodDelete, "/:userId/accounts/:accountId/expenses/:expenseId", eh.DeleteExpense)
|
||||
securedUserRoute.Handle(http.MethodGet, "/:userId/accounts/:accountId/expenses", eh.GetAllExpenses)
|
||||
securedUserRoute.Handle(http.MethodGet, "/:userId/accounts/:accountId/expenses/:expenseId", eh.GetAnExpenses)
|
||||
return router
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user