refactor: now validate request with middleware
This commit is contained in:
@@ -40,7 +40,7 @@ func NewRouter(config *handler.Config) *gin.Engine {
|
||||
ah := account.NewHandler(hc, db)
|
||||
sah := sharedaccount.NewHandler(hc, db)
|
||||
eh := expense.NewHandler(hc, db)
|
||||
|
||||
mv := middleware.NewValidator(hc, db)
|
||||
public := router.Group("/")
|
||||
public.Handle(http.MethodGet, "/_health", hc.GetHealth)
|
||||
|
||||
@@ -48,26 +48,34 @@ func NewRouter(config *handler.Config) *gin.Engine {
|
||||
userRoute.Handle("GET", "", uh.ConnectUser)
|
||||
userRoute.Handle(http.MethodPost, "", uh.CreateUser)
|
||||
|
||||
securedUserRoute := userRoute.Group("")
|
||||
securedUserRoute := userRoute.Group("/")
|
||||
securedUserRoute.Use(middleware.ValidateOAuthToken)
|
||||
//TODO add secure auth
|
||||
securedUserRoute.Handle(http.MethodGet, "/:userId", uh.GetUser)
|
||||
|
||||
securedMatchingToken := securedUserRoute.Group("/:userId")
|
||||
securedMatchingToken.Use(mv.HasValidUserId)
|
||||
securedMatchingToken.Use(mv.UserdIdMatchOAuthToken)
|
||||
//account route
|
||||
securedUserRoute.Handle(http.MethodGet, "/:userId/accounts", ah.GetAllAccountOfUser)
|
||||
securedUserRoute.Handle(http.MethodPost, "/:userId/accounts", ah.CreateAccountOfUser)
|
||||
securedUserRoute.Handle(http.MethodDelete, "/:userId/accounts/:accountId", ah.DeleteAccountOfUser)
|
||||
securedUserRoute.Handle(http.MethodGet, "/:userId/accounts/:accountId", ah.GetSpecificAccountOfUser)
|
||||
securedMatchingToken.Handle(http.MethodGet, "/accounts", ah.GetAllAccountOfUser)
|
||||
securedMatchingToken.Handle(http.MethodPost, "/accounts", ah.CreateAccountOfUser)
|
||||
|
||||
securedValidAccount := securedMatchingToken.Group("/accounts/:accountId")
|
||||
securedValidAccount.Use(mv.HasValidAccountId)
|
||||
securedValidAccount.Use(mv.AccountExists)
|
||||
securedValidAccount.Handle(http.MethodDelete, "", ah.DeleteAccountOfUser)
|
||||
securedValidAccount.Handle(http.MethodGet, "", ah.GetSpecificAccountOfUser)
|
||||
securedValidAccount.Handle(http.MethodPost, "/expenses", eh.CreateAnExpense)
|
||||
securedValidAccount.Handle(http.MethodGet, "/expenses", eh.GetAllExpenses)
|
||||
|
||||
securedExistingExpenses := securedValidAccount.Group("/expenses/:expenseId")
|
||||
securedExistingExpenses.Handle(http.MethodGet, "", eh.GetAnExpenses)
|
||||
securedExistingExpenses.Handle(http.MethodDelete, "", eh.DeleteExpense)
|
||||
//shared route
|
||||
securedUserRoute.Handle(http.MethodPost, "/:userId/sharedaccounts/:accountId", sah.ShareAnAccount)
|
||||
securedUserRoute.Handle(http.MethodDelete, "/:userId/sharedaccounts/:accountId", sah.DeleteSharedAccount)
|
||||
securedUserRoute.Handle(http.MethodGet, "/:userId/sharedaccounts", sah.GetAllSharedAccountOfUser)
|
||||
securedUserRoute.Handle(http.MethodGet, "/:userId/sharedaccounts/:sharedAccountId", sah.GetSpecificSharedAccountOfUser)
|
||||
|
||||
securedUserRoute.Handle(http.MethodPost, "/:userId/accounts/:accountId/expenses", eh.CreateAnExpense)
|
||||
securedUserRoute.Handle(http.MethodDelete, "/:userId/accounts/:accountId/expenses/:expenseId", eh.DeleteExpense)
|
||||
securedUserRoute.Handle(http.MethodGet, "/:userId/accounts/:accountId/expenses", eh.GetAllExpenses)
|
||||
securedUserRoute.Handle(http.MethodGet, "/:userId/accounts/:accountId/expenses/:expenseId", eh.GetAnExpenses)
|
||||
return router
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user