a301_server/routes/routes.go

package routes

import (
	"a301_server/internal/announcement"
	"a301_server/internal/auth"
	"a301_server/internal/chain"
	"a301_server/internal/download"
	"a301_server/pkg/middleware"
	"github.com/gofiber/fiber/v2"
)

func Register(
	app *fiber.App,
	authH *auth.Handler,
	annH *announcement.Handler,
	dlH *download.Handler,
	chainH *chain.Handler,
	authLimiter fiber.Handler,
	apiLimiter fiber.Handler,
) {
	api := app.Group("/api", apiLimiter)

	// Auth
	a := api.Group("/auth")
	a.Post("/register", authLimiter, authH.Register)
	a.Post("/login", authLimiter, authH.Login)
	a.Post("/refresh", authLimiter, authH.Refresh)
	a.Post("/logout", middleware.Auth, authH.Logout)
	a.Post("/verify", authLimiter, authH.VerifyToken)
	a.Get("/ssafy/login", authH.SSAFYLoginURL)
	a.Post("/ssafy/callback", authLimiter, authH.SSAFYCallback)

	// Users (admin only)
	u := api.Group("/users", middleware.Auth, middleware.AdminOnly)
	u.Get("/", authH.GetAllUsers)
	u.Patch("/:id/role", authH.UpdateRole)
	u.Delete("/:id", authH.DeleteUser)

	// Announcements
	ann := api.Group("/announcements")
	ann.Get("/", annH.GetAll)
	ann.Post("/", middleware.Auth, middleware.AdminOnly, annH.Create)
	ann.Put("/:id", middleware.Auth, middleware.AdminOnly, annH.Update)
	ann.Delete("/:id", middleware.Auth, middleware.AdminOnly, annH.Delete)

	// Download
	dl := api.Group("/download")
	dl.Get("/info", dlH.GetInfo)
	dl.Get("/file", dlH.ServeFile)
	dl.Get("/launcher", dlH.ServeLauncher)
	dl.Post("/upload/game", middleware.Auth, middleware.AdminOnly, dlH.Upload)
	dl.Post("/upload/launcher", middleware.Auth, middleware.AdminOnly, dlH.UploadLauncher)

	// Chain - Queries (authenticated)
	ch := api.Group("/chain", middleware.Auth)
	ch.Get("/wallet", chainH.GetWalletInfo)
	ch.Get("/balance", chainH.GetBalance)
	ch.Get("/assets", chainH.GetAssets)
	ch.Get("/asset/:id", chainH.GetAsset)
	ch.Get("/inventory", chainH.GetInventory)
	ch.Get("/market", chainH.GetMarketListings)
	ch.Get("/market/:id", chainH.GetMarketListing)

	// Chain - User Transactions (authenticated, idempotency-protected)
	ch.Post("/transfer", middleware.Idempotency, chainH.Transfer)
	ch.Post("/asset/transfer", middleware.Idempotency, chainH.TransferAsset)
	ch.Post("/market/list", middleware.Idempotency, chainH.ListOnMarket)
	ch.Post("/market/buy", middleware.Idempotency, chainH.BuyFromMarket)
	ch.Post("/market/cancel", middleware.Idempotency, chainH.CancelListing)
	ch.Post("/inventory/equip", middleware.Idempotency, chainH.EquipItem)
	ch.Post("/inventory/unequip", middleware.Idempotency, chainH.UnequipItem)

	// Chain - Admin Transactions (admin only, idempotency-protected)
	chainAdmin := api.Group("/chain/admin", middleware.Auth, middleware.AdminOnly)
	chainAdmin.Post("/mint", middleware.Idempotency, chainH.MintAsset)
	chainAdmin.Post("/reward", middleware.Idempotency, chainH.GrantReward)
	chainAdmin.Post("/template", middleware.Idempotency, chainH.RegisterTemplate)

	// Internal - Game server endpoints (API key auth, username-based, idempotency-protected)
	internal := api.Group("/internal/chain", middleware.ServerAuth)
	internal.Post("/reward", middleware.Idempotency, chainH.InternalGrantReward)
	internal.Post("/mint", middleware.Idempotency, chainH.InternalMintAsset)
	internal.Get("/balance", chainH.InternalGetBalance)
	internal.Get("/assets", chainH.InternalGetAssets)
	internal.Get("/inventory", chainH.InternalGetInventory)
}