package http import ( "fmt" "path/filepath" "trustcontact/internal/config" "trustcontact/internal/controllers" httpmw "trustcontact/internal/http/middleware" "trustcontact/internal/services" "github.com/gofiber/fiber/v2" "github.com/gofiber/fiber/v2/middleware/session" "gorm.io/gorm" ) func RegisterRoutes(app *fiber.App, store *session.Store, database *gorm.DB, cfg *config.Config) error { app.Static("/static", "web/static") app.Static("/web-components", "web_components/dist") app.Use(httpmw.SessionStoreMiddleware(store)) app.Use(httpmw.CurrentUserMiddleware(store, database)) app.Use(httpmw.ConsumeFlash()) app.Use(func(c *fiber.Ctx) error { httpmw.SetTemplateData(c, "BuildHash", cfg.BuildHash) return c.Next() }) authService, err := services.NewAuthService(database, cfg) if err != nil { return fmt.Errorf("init auth service: %w", err) } authController := controllers.NewAuthController(authService) privateSPADir := filepath.FromSlash("quasar/private_section/dist/spa") privateController := controllers.NewPrivateController(privateSPADir) adminSPADir := filepath.FromSlash("quasar/admin_section/dist/spa") adminController := controllers.NewAdminController(adminSPADir) app.Get("/healthz", func(c *fiber.Ctx) error { return c.SendStatus(fiber.StatusOK) }) app.Get("/", authController.ShowHome) app.Get("/signup", authController.ShowSignup) app.Post("/signup", authController.Signup) app.Get("/login", authController.ShowLogin) app.Post("/login", authController.Login) app.Post("/logout", authController.Logout) app.Get("/verify-email", authController.VerifyEmail) app.Get("/verify-notice", authController.ShowVerifyNotice) app.Get("/forgot-password", authController.ShowForgotPassword) app.Post("/forgot-password", authController.ForgotPassword) app.Get("/reset-password", authController.ShowResetPassword) app.Post("/reset-password", authController.ResetPassword) app.Get("/forbidden", authController.ShowForbidden) app.Post("/preferences/lang", httpmw.RequireAuth(), authController.UpdateLanguage) app.Post("/preferences/theme", httpmw.RequireAuth(), authController.UpdateTheme) // Quasar admin SPA assets are emitted with absolute paths (/assets, /icons, /favicon.ico). // Protect them with the same auth/admin middleware used by /admin. app.Use("/assets", httpmw.RequireAuth(), httpmw.RequireAdmin()) app.Use("/icons", httpmw.RequireAuth(), httpmw.RequireAdmin()) app.Get("/favicon.ico", httpmw.RequireAuth(), httpmw.RequireAdmin(), privateController.Favicon) app.Static("/assets", filepath.Join(privateSPADir, "assets")) app.Static("/icons", filepath.Join(privateSPADir, "icons")) private := app.Group("/private", httpmw.RequireAuth(), httpmw.RequireAdmin()) private.Get("/", privateController.Dashboard) private.Get("/*", privateController.Fallback) // Quasar admin SPA assets are emitted with absolute paths (/assets, /icons, /favicon.ico). // Protect them with the same auth/admin middleware used by /admin. app.Use("/assets", httpmw.RequireAuth(), httpmw.RequireAdmin()) app.Use("/icons", httpmw.RequireAuth(), httpmw.RequireAdmin()) app.Get("/favicon.ico", httpmw.RequireAuth(), httpmw.RequireAdmin(), adminController.Favicon) app.Static("/assets", filepath.Join(adminSPADir, "assets")) app.Static("/icons", filepath.Join(adminSPADir, "icons")) admin := app.Group("/admin", httpmw.RequireAuth(), httpmw.RequireAdmin()) admin.Get("/", adminController.Dashboard) admin.Get("/*", adminController.Fallback) return nil }