tolelom
4843470310
All checks were successful
Server CI/CD / deploy (push) Successful in 7s
- middleware: JWT MapClaims 타입 단언 패닉 → ok 패턴으로 방어 - auth/service: Redis Set 오류 처리, 지갑 생성 실패 시 유저 롤백 - auth/service: EnsureAdmin 지갑 생성 추가, Logout 리프레시 토큰도 삭제 - auth/service: 리프레시 토큰 발급(7일) 및 로테이션, REFRESH_SECRET 분리 - auth/handler: Login 응답에 refreshToken 포함, Refresh 핸들러 추가 - auth/handler: Logout 에러 처리 추가 - download/service: hashGameExeFromZip io.Copy 오류 처리 - download/handler: Content-Disposition mime.FormatMediaType으로 헤더 인젝션 방어 - announcement/handler: Update 빈 body 400 반환 - config: REFRESH_SECRET 환경변수 추가 - routes: POST /api/auth/refresh 엔드포인트 추가 - main: INTERNAL_API_KEY 미설정 시 경고 출력 - .env.example: 누락 환경변수 7개 보완 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
83 lines
2.8 KiB
Go
83 lines
2.8 KiB
Go
package routes
|
|
|
|
import (
|
|
"a301_server/internal/announcement"
|
|
"a301_server/internal/auth"
|
|
"a301_server/internal/chain"
|
|
"a301_server/internal/download"
|
|
"a301_server/pkg/middleware"
|
|
"github.com/gofiber/fiber/v2"
|
|
)
|
|
|
|
func Register(
|
|
app *fiber.App,
|
|
authH *auth.Handler,
|
|
annH *announcement.Handler,
|
|
dlH *download.Handler,
|
|
chainH *chain.Handler,
|
|
) {
|
|
api := app.Group("/api")
|
|
|
|
// Auth
|
|
a := api.Group("/auth")
|
|
a.Post("/register", authH.Register)
|
|
a.Post("/login", authH.Login)
|
|
a.Post("/refresh", authH.Refresh)
|
|
a.Post("/logout", middleware.Auth, authH.Logout)
|
|
a.Post("/verify", authH.VerifyToken)
|
|
|
|
// Users (admin only)
|
|
u := api.Group("/users", middleware.Auth, middleware.AdminOnly)
|
|
u.Get("/", authH.GetAllUsers)
|
|
u.Patch("/:id/role", authH.UpdateRole)
|
|
u.Delete("/:id", authH.DeleteUser)
|
|
|
|
// Announcements
|
|
ann := api.Group("/announcements")
|
|
ann.Get("/", annH.GetAll)
|
|
ann.Post("/", middleware.Auth, middleware.AdminOnly, annH.Create)
|
|
ann.Put("/:id", middleware.Auth, middleware.AdminOnly, annH.Update)
|
|
ann.Delete("/:id", middleware.Auth, middleware.AdminOnly, annH.Delete)
|
|
|
|
// Download
|
|
dl := api.Group("/download")
|
|
dl.Get("/info", dlH.GetInfo)
|
|
dl.Get("/file", dlH.ServeFile)
|
|
dl.Get("/launcher", dlH.ServeLauncher)
|
|
dl.Post("/upload/game", middleware.Auth, middleware.AdminOnly, dlH.Upload)
|
|
dl.Post("/upload/launcher", middleware.Auth, middleware.AdminOnly, dlH.UploadLauncher)
|
|
|
|
// Chain - Queries (authenticated)
|
|
ch := api.Group("/chain", middleware.Auth)
|
|
ch.Get("/wallet", chainH.GetWalletInfo)
|
|
ch.Get("/balance", chainH.GetBalance)
|
|
ch.Get("/assets", chainH.GetAssets)
|
|
ch.Get("/asset/:id", chainH.GetAsset)
|
|
ch.Get("/inventory", chainH.GetInventory)
|
|
ch.Get("/market", chainH.GetMarketListings)
|
|
ch.Get("/market/:id", chainH.GetMarketListing)
|
|
|
|
// Chain - User Transactions (authenticated)
|
|
ch.Post("/transfer", chainH.Transfer)
|
|
ch.Post("/asset/transfer", chainH.TransferAsset)
|
|
ch.Post("/market/list", chainH.ListOnMarket)
|
|
ch.Post("/market/buy", chainH.BuyFromMarket)
|
|
ch.Post("/market/cancel", chainH.CancelListing)
|
|
ch.Post("/inventory/equip", chainH.EquipItem)
|
|
ch.Post("/inventory/unequip", chainH.UnequipItem)
|
|
|
|
// Chain - Admin Transactions (admin only)
|
|
chainAdmin := api.Group("/chain/admin", middleware.Auth, middleware.AdminOnly)
|
|
chainAdmin.Post("/mint", chainH.MintAsset)
|
|
chainAdmin.Post("/reward", chainH.GrantReward)
|
|
chainAdmin.Post("/template", chainH.RegisterTemplate)
|
|
|
|
// Internal - Game server endpoints (API key auth, username-based)
|
|
internal := api.Group("/internal/chain", middleware.ServerAuth)
|
|
internal.Post("/reward", chainH.InternalGrantReward)
|
|
internal.Post("/mint", chainH.InternalMintAsset)
|
|
internal.Get("/balance", chainH.InternalGetBalance)
|
|
internal.Get("/assets", chainH.InternalGetAssets)
|
|
internal.Get("/inventory", chainH.InternalGetInventory)
|
|
}
|