initial

internal/server/routes.go

@@ -0,0 +1,112 @@
+package server
+
+import (
+	"net/http"
+	"time"
+
+	"git.eeqj.de/sneak/webhooker/static"
+	sentryhttp "github.com/getsentry/sentry-go/http"
+	"github.com/go-chi/chi"
+	"github.com/go-chi/chi/middleware"
+	"github.com/prometheus/client_golang/prometheus/promhttp"
+)
+
+func (s *Server) SetupRoutes() {
+	s.router = chi.NewRouter()
+
+	// the mux .Use() takes a http.Handler wrapper func, like most
+	// things that deal with "middlewares" like alice et c, and will
+	// call ServeHTTP on it.  These middlewares applied by the mux (you
+	// can .Use() more than one) will be applied to every request into
+	// the service.
+
+	s.router.Use(middleware.Recoverer)
+	s.router.Use(middleware.RequestID)
+	s.router.Use(s.mw.Logging())
+
+	// add metrics middleware only if we can serve them behind auth
+	if s.params.Config.MetricsUsername != "" {
+		s.router.Use(s.mw.Metrics())
+	}
+
+	// set up CORS headers
+	s.router.Use(s.mw.CORS())
+
+	// timeout for request context; your handlers must finish within
+	// this window:
+	s.router.Use(middleware.Timeout(60 * time.Second))
+
+	// this adds a sentry reporting middleware if and only if sentry is
+	// enabled via setting of SENTRY_DSN in env.
+	if s.sentryEnabled {
+		// Options docs at
+		// https://docs.sentry.io/platforms/go/guides/http/
+		// we set sentry to repanic so that all panics bubble up to the
+		// Recoverer chi middleware above.
+		sentryHandler := sentryhttp.New(sentryhttp.Options{
+			Repanic: true,
+		})
+		s.router.Use(sentryHandler.Handle)
+	}
+
+	////////////////////////////////////////////////////////////////////////
+	// ROUTES
+	// complete docs: https://github.com/go-chi/chi
+	////////////////////////////////////////////////////////////////////////
+
+	s.router.Get("/", s.h.HandleIndex())
+
+	s.router.Mount("/s", http.StripPrefix("/s", http.FileServer(http.FS(static.Static))))
+
+	s.router.Route("/api/v1", func(_ chi.Router) {
+		// TODO: Add API routes here
+	})
+
+	s.router.Get(
+		"/.well-known/healthcheck.json",
+		s.h.HandleHealthCheck(),
+	)
+
+	// set up authenticated /metrics route:
+	if s.params.Config.MetricsUsername != "" {
+		s.router.Group(func(r chi.Router) {
+			r.Use(s.mw.MetricsAuth())
+			r.Get("/metrics", http.HandlerFunc(promhttp.Handler().ServeHTTP))
+		})
+	}
+
+	// pages that are rendered server-side
+	s.router.Route("/pages", func(r chi.Router) {
+		// Login page (no auth required)
+		r.Get("/login", s.h.HandleLoginPage())
+		r.Post("/login", s.h.HandleLoginSubmit())
+
+		// Logout (auth required)
+		r.Post("/logout", s.h.HandleLogout())
+	})
+
+	// User profile routes
+	s.router.Route("/user/{username}", func(r chi.Router) {
+		r.Get("/", s.h.HandleProfile())
+	})
+
+	// Webhook source management routes (require authentication)
+	s.router.Route("/sources", func(r chi.Router) {
+		// TODO: Add authentication middleware here
+		r.Get("/", s.h.HandleSourceList())             // List all sources
+		r.Get("/new", s.h.HandleSourceCreate())        // Show create form
+		r.Post("/new", s.h.HandleSourceCreateSubmit()) // Handle create submission
+	})
+
+	s.router.Route("/source/{sourceID}", func(r chi.Router) {
+		// TODO: Add authentication middleware here
+		r.Get("/", s.h.HandleSourceDetail())          // View source details
+		r.Get("/edit", s.h.HandleSourceEdit())        // Show edit form
+		r.Post("/edit", s.h.HandleSourceEditSubmit()) // Handle edit submission
+		r.Post("/delete", s.h.HandleSourceDelete())   // Delete source
+		r.Get("/logs", s.h.HandleSourceLogs())        // View source logs
+	})
+
+	// Webhook endpoint - accepts all HTTP methods
+	s.router.HandleFunc("/webhook/{uuid}", s.h.HandleWebhook())
+}