scannerbot/server/api/api.go

package api

import (
	"context"
	"net/http"
	"os"
	"strings"

	"git.dubyatp.xyz/dubyatp/scannerbot/server/db"
	"github.com/go-chi/chi/v5"
	"github.com/go-chi/cors"
)

func Start() {
	ctx := context.Background()
	db.InitPostgres(ctx)
	defer db.ClosePostgres()

	Store = initFileStore()

	r := chi.NewRouter()

	r.Use(cors.Handler(cors.Options{
		AllowedOrigins:   strings.Split(os.Getenv("ALLOWED_ORIGINS"), ","),
		AllowedMethods:   []string{"GET", "POST", "PUT", "DELETE", "OPTIONS"},
		AllowedHeaders:   []string{"Accept", "Authorization", "Content-Type", "X-CSRF-Token"},
		ExposedHeaders:   []string{"Link"},
		AllowCredentials: true,
		MaxAge:           300, // preflight request cache
	}))

	r.Get("/", func(w http.ResponseWriter, r *http.Request) {
		w.Write([]byte("hello world"))
	})

	r.Route("/whoami", func(r chi.Router) {
		r.Use(SessionAuthMiddleware)
		r.Use(LoginCtx)
		r.Get("/", Whoami)
	})

	r.Route("/channels", func(r chi.Router) {
		r.Use(SessionAuthMiddleware)

		r.Get("/", ListChannels)
		r.Post("/", NewChannel)
		r.Route("/{channelID}", func(r chi.Router) {
			r.Get("/", GetChannel)
			r.Delete("/", DeleteChannel)

			r.Route("/messages", func(r chi.Router) {
				r.Get("/", ListMessages)
				r.Route("/{messageID}", func(r chi.Router) {
					r.Get("/", GetMessage)
				})
			})
		})
	})

	r.Route("/users", func(r chi.Router) {
		r.Use(SessionAuthMiddleware)

		r.Get("/", ListUsers)
		r.Route("/{userID}", func(r chi.Router) {
			r.Get("/", GetUser)
		})
	})

	r.Route("/files", func(r chi.Router) {
		r.Use(SessionAuthMiddleware)

		r.Route("/{fileID}", func(r chi.Router) {
			r.Get("/", ServeFile)
		})
	})

	r.Route("/login", func(r chi.Router) {
		r.Post("/", Login)
	})

	r.Route("/logout", func(r chi.Router) {
		r.Use(SessionAuthMiddleware)

		r.Post("/", Logout)
	})

	r.Route("/register", func(r chi.Router) {
		r.Post("/", NewUser)
	})

	http.ListenAndServe(":3000", r)
}