107 lines
3.6 KiB
Go
107 lines
3.6 KiB
Go
package public
|
|
|
|
import (
|
|
"net/http"
|
|
"strings"
|
|
"time"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
"github.com/mattnite/forgejo-tickets/internal/auth"
|
|
"github.com/mattnite/forgejo-tickets/internal/config"
|
|
"github.com/mattnite/forgejo-tickets/internal/email"
|
|
"github.com/mattnite/forgejo-tickets/internal/forgejo"
|
|
adminhandlers "github.com/mattnite/forgejo-tickets/internal/handlers/admin"
|
|
"github.com/mattnite/forgejo-tickets/internal/middleware"
|
|
"github.com/mattnite/forgejo-tickets/internal/templates"
|
|
"gorm.io/gorm"
|
|
)
|
|
|
|
type Dependencies struct {
|
|
DB *gorm.DB
|
|
Renderer *templates.Renderer
|
|
Auth *auth.Service
|
|
SessionStore *auth.PGStore
|
|
EmailClient *email.Client
|
|
ForgejoClient *forgejo.Client
|
|
Config *config.Config
|
|
}
|
|
|
|
func NewRouter(deps Dependencies) *gin.Engine {
|
|
r := gin.New()
|
|
|
|
r.Use(middleware.RequestID)
|
|
r.Use(middleware.Logging)
|
|
r.Use(middleware.Recovery)
|
|
r.Use(middleware.SecurityHeaders(strings.HasPrefix(deps.Config.BaseURL, "https")))
|
|
r.Use(deps.Auth.SessionMiddleware)
|
|
|
|
csrfSecret := []byte(deps.Config.SessionSecret)
|
|
isSecure := strings.HasPrefix(deps.Config.BaseURL, "https")
|
|
csrfMiddleware := middleware.CSRF(csrfSecret, isSecure)
|
|
|
|
r.GET("/health", func(c *gin.Context) {
|
|
c.String(http.StatusOK, "ok")
|
|
})
|
|
|
|
r.StaticFS("/static", gin.Dir("web/static", false))
|
|
|
|
webhookHandler := &WebhookHandler{deps: deps}
|
|
r.POST("/webhooks/forgejo/:repoSlug", webhookHandler.HandleForgejoWebhook)
|
|
|
|
ssoHandler := &SSOHandler{deps: deps}
|
|
r.GET("/sso/:slug", ssoHandler.HandleSSO)
|
|
|
|
authRateLimiter := middleware.NewRateLimiter(10, 1*time.Minute)
|
|
|
|
csrf := r.Group("/")
|
|
csrf.Use(csrfMiddleware)
|
|
{
|
|
homeHandler := &HomeHandler{deps: deps}
|
|
csrf.GET("/", homeHandler.Index)
|
|
|
|
authHandler := &AuthHandler{deps: deps}
|
|
csrf.GET("/login", authHandler.LoginForm)
|
|
csrf.POST("/login", authRateLimiter.Middleware(), authHandler.Login)
|
|
csrf.GET("/register", authHandler.RegisterForm)
|
|
csrf.POST("/register", authRateLimiter.Middleware(), authHandler.Register)
|
|
csrf.POST("/logout", authHandler.Logout)
|
|
csrf.GET("/verify-email", authHandler.VerifyEmail)
|
|
csrf.GET("/forgot-password", authHandler.ForgotPasswordForm)
|
|
csrf.POST("/forgot-password", authRateLimiter.Middleware(), authHandler.ForgotPassword)
|
|
csrf.GET("/reset-password", authHandler.ResetPasswordForm)
|
|
csrf.POST("/reset-password", authHandler.ResetPassword)
|
|
|
|
oauthHandler := &OAuthHandler{deps: deps}
|
|
csrf.GET("/auth/:provider/login", oauthHandler.Login)
|
|
csrf.GET("/auth/:provider/callback", oauthHandler.Callback)
|
|
csrf.POST("/auth/apple/callback", oauthHandler.AppleCallback)
|
|
|
|
authenticated := csrf.Group("/")
|
|
authenticated.Use(auth.RequireAuth)
|
|
{
|
|
ticketHandler := &TicketHandler{deps: deps}
|
|
authenticated.GET("/tickets", ticketHandler.List)
|
|
authenticated.GET("/tickets/new", ticketHandler.NewForm)
|
|
authenticated.POST("/tickets", ticketHandler.Create)
|
|
authenticated.GET("/tickets/:id", ticketHandler.Detail)
|
|
authenticated.POST("/tickets/:id/comments", ticketHandler.AddComment)
|
|
authenticated.GET("/tickets/:id/assets/:attachmentId/*filename", ticketHandler.DownloadIssueAttachment)
|
|
authenticated.GET("/tickets/:id/comments/:commentId/assets/:attachmentId/*filename", ticketHandler.DownloadCommentAttachment)
|
|
}
|
|
|
|
adminGroup := csrf.Group("/admin")
|
|
adminGroup.Use(auth.RequireAdmin)
|
|
adminhandlers.RegisterRoutes(adminGroup, adminhandlers.Dependencies{
|
|
DB: deps.DB,
|
|
Renderer: deps.Renderer,
|
|
Auth: deps.Auth,
|
|
SessionStore: deps.SessionStore,
|
|
EmailClient: deps.EmailClient,
|
|
ForgejoClient: deps.ForgejoClient,
|
|
Config: deps.Config,
|
|
})
|
|
}
|
|
|
|
return r
|
|
}
|