sneak/webhooker
1
0
Fork 0
Code Issues 4 Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
853f25ee678b73cac71f1f7ca634e4a9057b4de6
webhooker/internal/server/routes.go
clawbot 7d13c9da17 feat: add auth middleware for protected routes 
Add RequireAuth middleware that checks for a valid session and
redirects unauthenticated users to /pages/login. Applied to all
/sources and /source/{sourceID} routes. The middleware uses the
existing session package for authentication checks.

closes #9
2026-03-01 16:01:44 -08:00

113 lines
3.4 KiB
Go
Raw Blame History

package server
import (
"net/http"
"time"
sentryhttp "github.com/getsentry/sentry-go/http"
"github.com/go-chi/chi"
"github.com/go-chi/chi/middleware"
"github.com/prometheus/client_golang/prometheus/promhttp"
"sneak.berlin/go/webhooker/static"
)
func (s *Server) SetupRoutes() {
s.router = chi.NewRouter()
// the mux .Use() takes a http.Handler wrapper func, like most
// things that deal with "middlewares" like alice et c, and will
// call ServeHTTP on it. These middlewares applied by the mux (you
// can .Use() more than one) will be applied to every request into
// the service.
s.router.Use(middleware.Recoverer)
s.router.Use(middleware.RequestID)
s.router.Use(s.mw.Logging())
// add metrics middleware only if we can serve them behind auth
if s.params.Config.MetricsUsername != "" {
s.router.Use(s.mw.Metrics())
}
// set up CORS headers
s.router.Use(s.mw.CORS())
// timeout for request context; your handlers must finish within
// this window:
s.router.Use(middleware.Timeout(60 * time.Second))
// this adds a sentry reporting middleware if and only if sentry is
// enabled via setting of SENTRY_DSN in env.
if s.sentryEnabled {
// Options docs at
// https://docs.sentry.io/platforms/go/guides/http/
// we set sentry to repanic so that all panics bubble up to the
// Recoverer chi middleware above.
sentryHandler := sentryhttp.New(sentryhttp.Options{
Repanic: true,
})
s.router.Use(sentryHandler.Handle)
}
////////////////////////////////////////////////////////////////////////
// ROUTES
// complete docs: https://github.com/go-chi/chi
////////////////////////////////////////////////////////////////////////
s.router.Get("/", s.h.HandleIndex())
s.router.Mount("/s", http.StripPrefix("/s", http.FileServer(http.FS(static.Static))))
s.router.Route("/api/v1", func(_ chi.Router) {
// TODO: Add API routes here
})
s.router.Get(
"/.well-known/healthcheck",
s.h.HandleHealthCheck(),
)
// set up authenticated /metrics route:
if s.params.Config.MetricsUsername != "" {
s.router.Group(func(r chi.Router) {
r.Use(s.mw.MetricsAuth())
r.Get("/metrics", http.HandlerFunc(promhttp.Handler().ServeHTTP))
})
}
// pages that are rendered server-side
s.router.Route("/pages", func(r chi.Router) {
// Login page (no auth required)
r.Get("/login", s.h.HandleLoginPage())
r.Post("/login", s.h.HandleLoginSubmit())
// Logout (auth required)
r.Post("/logout", s.h.HandleLogout())
})
// User profile routes
s.router.Route("/user/{username}", func(r chi.Router) {
r.Get("/", s.h.HandleProfile())
})
// Webhook management routes (require authentication)
s.router.Route("/sources", func(r chi.Router) {
r.Use(s.mw.RequireAuth())
r.Get("/", s.h.HandleSourceList()) // List all webhooks
r.Get("/new", s.h.HandleSourceCreate()) // Show create form
r.Post("/new", s.h.HandleSourceCreateSubmit()) // Handle create submission
})
s.router.Route("/source/{sourceID}", func(r chi.Router) {
r.Use(s.mw.RequireAuth())
r.Get("/", s.h.HandleSourceDetail()) // View webhook details
r.Get("/edit", s.h.HandleSourceEdit()) // Show edit form
r.Post("/edit", s.h.HandleSourceEditSubmit()) // Handle edit submission
r.Post("/delete", s.h.HandleSourceDelete()) // Delete webhook
r.Get("/logs", s.h.HandleSourceLogs()) // View webhook logs
})
// Entrypoint endpoint - accepts incoming webhook POST requests
s.router.HandleFunc("/webhook/{uuid}", s.h.HandleWebhook())
}
Reference in New Issue View Git Blame Copy Permalink