perbaikan root

2025-08-19 19:22:03 +07:00
parent 615db47606
commit bbecb299a5
5 changed files with 55 additions and 43 deletions
--- a/internal/routes/v1/routes.go
+++ b/internal/routes/v1/routes.go
@@ -1,76 +1,88 @@
 package v1
 import (
-	bpjsDiagnosaHandlers "api-service/internal/handlers/bpjs/reference"
+	"api-service/internal/config"
 	authHandlers "api-service/internal/handlers/auth"
 	bpjsPesertaHandlers "api-service/internal/handlers/bpjs/reference"
 	retribusiHandlers "api-service/internal/handlers/retribusi"
 	"api-service/internal/config"
 	"api-service/internal/middleware"
 	services "api-service/internal/services/auth"
 	"log"
 	"github.com/gin-gonic/gin"
 	swaggerFiles "github.com/swaggo/files"
 	ginSwagger "github.com/swaggo/gin-swagger"
 	authHandlers "api-service/internal/handlers/auth"
 )
 // RegisterRoutes registers all API routes for version 1
 func RegisterRoutes(cfg *config.Config) *gin.Engine {
 	router := gin.New()
-	// Add middleware
+	// Add global middleware
 	router.Use(middleware.CORSConfig())
 	router.Use(middleware.ErrorHandler())
 	router.Use(gin.Logger())
 	router.Use(gin.Recovery())
-	// Initialize services
+	// Initialize services with error handling
 	authService := services.NewAuthService(cfg)
 	if authService == nil {
 		log.Fatal("Failed to initialize auth service")
 	}
 	// Swagger UI route
 	router.GET("/swagger/*any", ginSwagger.WrapHandler(swaggerFiles.Handler))
 	// API v1 group
 	v1 := router.Group("/api/v1")
 	// =============================================================================
 	// PUBLIC ROUTES (No Authentication Required)
 	// =============================================================================
 	// Authentication routes
 	authHandler := authHandlers.NewAuthHandler(authService)
 	tokenHandler := authHandlers.NewTokenHandler(authService)
 	// Basic auth routes
 	v1.POST("/auth/login", authHandler.Login)
 	v1.POST("/auth/register", authHandler.Register)
 	v1.POST("/auth/refresh", authHandler.RefreshToken)
 	// Token generation routes (keep public if needed)
 	v1.POST("/token/generate", tokenHandler.GenerateToken)
 	v1.POST("/token/generate-direct", tokenHandler.GenerateTokenDirect)
 	// BPJS endpoints
 	// bpjsPesertaHandler := bpjsPesertaHandlers.NewPesertaHandler(cfg.Bpjs)
 	// v1.GET("/bpjs/peserta/nik/:nik/tglSEP/:tglSEP", bpjsPesertaHandler.GetPesertaByNIK)
 	// =============================================================================
 	// PROTECTED ROUTES (Authentication Required)
 	// =============================================================================
 	// Create protected group with AuthMiddleware
 	protected := v1.Group("/")
 	protected.Use(middleware.AuthMiddleware()) // Use Keycloak AuthMiddleware
 	// User profile (protected)
 	protected.GET("/auth/me", authHandler.Me)
 	// Retribusi endpoints (CRUD operations - should be protected)
 	retribusiHandler := retribusiHandlers.NewRetribusiHandler()
 	protectedRetribusi := protected.Group("/retribusi")
 	{
-		// Public routes (no authentication required)
+		protectedRetribusi.GET("/", retribusiHandler.GetRetribusi)          // GET /api/v1/retribusi/
 		protectedRetribusi.GET("/:id", retribusiHandler.GetRetribusiByID)   // GET /api/v1/retribusi/:id
 		protectedRetribusi.POST("/", retribusiHandler.CreateRetribusi)      // POST /api/v1/retribusi/
 		protectedRetribusi.PUT("/:id", retribusiHandler.UpdateRetribusi)    // PUT /api/v1/retribusi/:id
 		protectedRetribusi.DELETE("/:id", retribusiHandler.DeleteRetribusi) // DELETE /api/v1/retribusi/:id
 	}
-		// Authentication routes
+	// BPJS endpoints (sensitive data - should be protected)
-		authHandler := authHandlers.NewAuthHandler(authService)
+	bpjsPesertaHandler := bpjsPesertaHandlers.NewPesertaHandler(cfg.Bpjs)
-		tokenHandler := authHandlers.NewTokenHandler(authService)
+	protectedBpjs := protected.Group("/bpjs")
-
+	{
-		v1.POST("/auth/login", authHandler.Login)
+		protectedBpjs.GET("/peserta/nik/:nik/tglsep/:tglSEP", bpjsPesertaHandler.GetPesertaByNIK)
 		v1.POST("/auth/register", authHandler.Register)
 		v1.GET("/auth/me", middleware.JWTAuthMiddleware(authService), authHandler.Me)
 		v1.POST("/auth/refresh", authHandler.RefreshToken)
 		// Token generation routes
 		v1.POST("/token/generate", tokenHandler.GenerateToken)
 		v1.POST("/token/generate-direct", tokenHandler.GenerateTokenDirect)
 		// Retribusi endpoints
 		retribusiHandler := retribusiHandlers.NewRetribusiHandler()
 		v1.GET("/retribusis", retribusiHandler.GetRetribusi)
 		v1.GET("/retribusi/:id", retribusiHandler.GetRetribusiByID)
 		v1.POST("/retribusis", retribusiHandler.CreateRetribusi)
 		v1.PUT("/retribusi/:id", retribusiHandler.UpdateRetribusi)
 		v1.DELETE("/retribusi/:id", retribusiHandler.DeleteRetribusi)
 		// BPJS endpoints
 		bpjsPesertaHandler := bpjsPesertaHandlers.NewPesertaHandler(cfg.Bpjs)
 		v1.GET("/bpjs/Peserta/nik/:nik/tglSEP/:tglSEP", bpjsPesertaHandler.GetPesertaByNIK)
 		// BPJS Diagnosa endpoints
 		bpjsDiagnosaHandler := bpjsDiagnosaHandlers.NewDiagnosaHandler(cfg.Bpjs)
 		v1.GET("/bpjs/reference/referensi/diagnosa", bpjsDiagnosaHandler.GetAll)
 		protected := v1.Group("/")
 		protected.Use(middleware.JWTAuthMiddleware(authService))
 		{
 			// Protected routes (require authentication)
 		}
 	}
 	return router
--- a/pkg/logger/logger
+++ b/pkg/logger/logger
--- a/pkg/utils/utils
+++ b/pkg/utils/utils
--- a/pkg/validator/validator
+++ b/pkg/validator/validator
--- a/scripts/scripts
+++ b/scripts/scripts