MiauRizius/shap-planner-backend
0
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases 2 Wiki Activity
Files
ef7ef3cf7425384c6e4ab3203d7e5129c675eee3
shap-planner-backend/server/server.go
Maurice L. ef7ef3cf74 New Endpoint and security enhancement 
- Userinfo endpoint is now available
- HTTPS is now required (closes #2)
2026-03-03 15:41:07 +01:00

77 lines
2.0 KiB
Go
Raw Blame History

package server
import (
"log"
"net/http"
"os"
"shap-planner-backend/auth"
"shap-planner-backend/config"
"shap-planner-backend/handlers"
)
type Server struct {
Port string
JWTSecret []byte
DatabasePath string
CertificatePath string
PrivateKeyPath string
}
var cfg, _ = config.LoadConfig()
func InitServer() *Server {
err := config.CheckIfExists()
if err != nil {
log.Fatal(err)
return nil
}
cfg, err := config.LoadConfig()
if err != nil {
log.Fatal(err)
return nil
}
jwtSecret := os.Getenv("SHAP_JWT_SECRET")
if jwtSecret == "" {
log.Fatal("SHAP_JWT_SECRET environment variable not set.")
return nil
}
if len(jwtSecret) < 32 {
log.Fatal("SHAP_JWT_SECRET must be at least 32 characters long.")
return nil
}
return &Server{
Port: cfg.Port,
JWTSecret: []byte(jwtSecret),
DatabasePath: cfg.DatabasePath,
CertificatePath: cfg.CertificatePath,
PrivateKeyPath: cfg.PrivateKeyPath,
}
}
func (server *Server) Run() {
log.Println("Starting server...")
mux := http.NewServeMux()
// Public
mux.HandleFunc("/api/login", handlers.Login)
mux.HandleFunc("/api/register", handlers.Register)
mux.HandleFunc("/api/refresh", handlers.RefreshToken)
mux.HandleFunc("/api/logout", handlers.Logout)
// Login required
mux.Handle("/api/expenses", auth.AuthMiddleware(server.JWTSecret)(http.HandlerFunc(handlers.Expenses)))
mux.Handle("/api/balance", auth.AuthMiddleware(server.JWTSecret)(http.HandlerFunc(handlers.GetBalance)))
mux.Handle("/api/ping", auth.AuthMiddleware(server.JWTSecret)(http.HandlerFunc(handlers.TestHandler)))
mux.Handle("/api/userinfo", auth.AuthMiddleware(server.JWTSecret)(http.HandlerFunc(handlers.UserInfo)))
// Admin-only
mux.Handle("/api/admin", auth.AuthMiddleware(server.JWTSecret)(auth.RequireRole("admin")(http.HandlerFunc(handlers.AdminPanel))))
log.Printf("Listening on port %s", server.Port)
log.Fatal(http.ListenAndServeTLS(":"+server.Port, server.CertificatePath, server.PrivateKeyPath, mux))
}
Reference in New Issue View Git Blame Copy Permalink