ada/ordr
1
0
Fork 0
Code Issues 7 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
6a9948b4fe6018bd5c5d60f0e97ebbf3a5aaa8ea
ordr/api/main.go
Ada Conway 52ed3aff4f fix: set trusted proxies
2025-11-19 12:45:50 -07:00

135 lines
7.5 KiB
Go
Raw Blame History

package main
import (
"context"
"encoding/gob"
"log"
"os"
"ordr-api/auth"
"ordr-api/auth/middleware"
"ordr-api/controllers"
"ordr-api/corsmiddleware"
"github.com/gin-contrib/sessions"
"github.com/gin-contrib/sessions/cookie"
"github.com/gin-gonic/gin"
"github.com/jackc/pgx/v5/pgxpool"
"github.com/joho/godotenv"
)
func init_db_pool(databaseUrl string) (*pgxpool.Pool, error) {
config, err := pgxpool.ParseConfig(databaseUrl)
if err != nil {
log.Fatalf("Failed to load pgx pool config %s....", err)
}
pool, err := pgxpool.NewWithConfig(context.Background(), config)
err = pool.Ping(context.Background())
if err != nil {
log.Fatalf("Unable to ping database: %v\n", err)
}
return pool, err
}
func main() {
r := gin.Default()
// Configure CORS middleware
r.NoRoute(func(c *gin.Context) {
c.Writer.Header().Set("Access-Control-Allow-Origin", "http://localhost:3000")
c.Writer.Header().Set("Access-Control-Allow-Credentials", "true")
c.Writer.Header().Set("Access-Control-Allow-Headers", "Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With")
c.Writer.Header().Set("Access-Control-Allow-Methods", "POST, OPTIONS, GET, PUT")
log.Printf("%s", c.Request.Method)
if c.Request.Method == "OPTIONS" {
c.AbortWithStatus(204)
return
}
c.AbortWithStatus(404)
})
if err := godotenv.Load(); err != nil {
log.Fatalf("Failed to load the env vars: %v", err)
}
authenticator, auth_err := auth.New()
if auth_err != nil {
log.Fatal("ERROR: Failed to initialize Authenticator")
return
}
pool, pool_err := init_db_pool(os.Getenv("CONNECTION_STRING"))
if pool_err != nil {
log.Fatal("ERROR: Failed to initialize DB pooL")
}
router := gin.Default()
router.SetTrustedProxies([]string{"127.0.0.1/32", "::1/128"})
store := cookie.NewStore([]byte(os.Getenv("COOKIE_SECRET")))
router.Use(sessions.Sessions("auth-session", store))
// Middleware Function Declarations
user_authenticated := middleware.IsAuthenticated(authenticator)
user_in_db := middleware.UserInDatabase(pool)
user_active := middleware.UserIsActive(pool)
user_is_admin := middleware.IsAdmin(pool)
gob.Register(map[string]interface{}{})
router.GET("/", corsmiddleware.CORSMiddleware, user_authenticated, middleware.GetUserProfile, controllers.BaseFunction)
router.GET("/auth/login", corsmiddleware.CORSMiddleware, auth.LoginHandler(authenticator))
router.GET("/auth/logout", corsmiddleware.CORSMiddleware, auth.LogoutHandler)
router.GET("/auth/logout_callback", corsmiddleware.CORSMiddleware, auth.LogoutCallbackHandler(store))
router.GET("/callback", corsmiddleware.CORSMiddleware, auth.AuthenticationCallbackHandler(authenticator))
router.OPTIONS("./users", corsmiddleware.CORSMiddleware)
router.PUT("/users", corsmiddleware.CORSMiddleware, user_authenticated, middleware.GetUserProfile, user_in_db, user_active, user_is_admin, controllers.GetUserTable(pool))
router.GET("/user/current", corsmiddleware.CORSMiddleware, user_authenticated, middleware.GetUserProfile, user_in_db, controllers.GetCurrentAuthenticatedUser(pool))
router.GET("/item/price/current", corsmiddleware.CORSMiddleware, user_authenticated, middleware.GetUserProfile, user_in_db, controllers.GetCurrentItemPrice(pool))
router.GET("/order/items", corsmiddleware.CORSMiddleware, user_authenticated, middleware.GetUserProfile, user_in_db, controllers.GetOrderItems(pool))
router.GET("/order", corsmiddleware.CORSMiddleware, user_authenticated, middleware.GetUserProfile, user_in_db, controllers.GetOrderByOrderId(pool))
router.PUT("/order/table", corsmiddleware.CORSMiddleware, user_authenticated, middleware.GetUserProfile, user_in_db, controllers.GetOrderTable(pool))
router.OPTIONS("/order/table", corsmiddleware.CORSMiddleware)
router.GET("/items", corsmiddleware.CORSMiddleware, user_authenticated, middleware.GetUserProfile, user_in_db, controllers.GetItems(pool))
router.OPTIONS("/item/history", corsmiddleware.CORSMiddleware)
router.GET("/item/history", corsmiddleware.CORSMiddleware, user_authenticated, middleware.GetUserProfile, user_in_db, user_active, user_is_admin, controllers.GetItemHistory(pool))
router.POST("/position/create", corsmiddleware.CORSMiddleware, user_authenticated, middleware.GetUserProfile, user_in_db, user_active, user_is_admin, controllers.CreatePosition(pool))
router.POST("/item/create", corsmiddleware.CORSMiddleware, user_authenticated, middleware.GetUserProfile, user_in_db, user_active, user_is_admin, controllers.CreateItem(pool))
router.OPTIONS("/item/create", corsmiddleware.CORSMiddleware)
router.POST("/order/create", corsmiddleware.CORSMiddleware, user_authenticated, middleware.GetUserProfile, user_in_db, user_active, controllers.CreateOrder(pool))
router.OPTIONS("/order/create", corsmiddleware.CORSMiddleware)
router.PUT("/user/name", corsmiddleware.CORSMiddleware, user_authenticated, middleware.GetUserProfile, user_in_db, user_active, controllers.SetUserName(pool))
router.PUT("/user/promote", corsmiddleware.CORSMiddleware, user_authenticated, middleware.GetUserProfile, user_in_db, user_active, user_is_admin, controllers.PromoteUser(pool))
router.PUT("/user/demote", corsmiddleware.CORSMiddleware, user_authenticated, middleware.GetUserProfile, user_in_db, user_active, user_is_admin, controllers.DemoteUser(pool))
router.OPTIONS("/user/promote", corsmiddleware.CORSMiddleware)
router.OPTIONS("/user/demote", corsmiddleware.CORSMiddleware)
router.PUT("/user/position", corsmiddleware.CORSMiddleware, user_authenticated, middleware.GetUserProfile, user_in_db, user_active, user_is_admin, controllers.SetUserPosition(pool))
router.PUT("/item/price", corsmiddleware.CORSMiddleware, user_authenticated, middleware.GetUserProfile, user_in_db, user_active, user_is_admin, controllers.SetItemPrice(pool))
router.OPTIONS("/item/price", corsmiddleware.CORSMiddleware)
router.PUT("/order/item", corsmiddleware.CORSMiddleware, user_authenticated, middleware.GetUserProfile, user_in_db, user_active, controllers.AddItemToOrder(pool))
router.OPTIONS("/order/item", corsmiddleware.CORSMiddleware)
router.PUT("/item/made", corsmiddleware.CORSMiddleware, user_authenticated, middleware.GetUserProfile, user_in_db, user_active, controllers.SetItemMade(pool))
router.OPTIONS("/item/made", corsmiddleware.CORSMiddleware)
router.PUT("/item/quantity", corsmiddleware.CORSMiddleware, user_authenticated, middleware.GetUserProfile, user_in_db, user_active, controllers.SetItemQuantity(pool))
router.OPTIONS("/item/quantity", corsmiddleware.CORSMiddleware)
router.PUT("/user/activate", corsmiddleware.CORSMiddleware, middleware.IsAuthenticated(authenticator), middleware.GetUserProfile, user_in_db, user_active, user_is_admin, controllers.ActivateUser(pool))
router.OPTIONS("/user/activate", corsmiddleware.CORSMiddleware)
router.DELETE("/user/deactivate", corsmiddleware.CORSMiddleware, middleware.IsAuthenticated(authenticator), middleware.GetUserProfile, user_in_db, user_active, user_is_admin, controllers.DeactivateUser(pool))
router.OPTIONS("/user/deactivate", corsmiddleware.CORSMiddleware)
router.DELETE("/order/item", corsmiddleware.CORSMiddleware, user_authenticated, middleware.GetUserProfile, user_in_db, user_active, controllers.DeleteOrderItem(pool))
router.DELETE("/order", corsmiddleware.CORSMiddleware, user_authenticated, middleware.GetUserProfile, user_in_db, user_active, controllers.DeleteOrder(pool))
router.DELETE("/item", corsmiddleware.CORSMiddleware, user_authenticated, middleware.GetUserProfile, user_in_db, user_active, user_is_admin, controllers.DeleteItem(pool))
router.Run("localhost:8080")
}
Reference in New Issue View Git Blame Copy Permalink