package v1 import ( "api-service/internal/config" authHandlers "api-service/internal/handlers/auth" bpjsPesertaHandlers "api-service/internal/handlers/bpjs/reference" retribusiHandlers "api-service/internal/handlers/retribusi" "api-service/internal/middleware" services "api-service/internal/services/auth" "log" "github.com/gin-gonic/gin" swaggerFiles "github.com/swaggo/files" ginSwagger "github.com/swaggo/gin-swagger" ) func RegisterRoutes(cfg *config.Config) *gin.Engine { router := gin.New() // Add global middleware router.Use(middleware.CORSConfig()) router.Use(middleware.ErrorHandler()) router.Use(gin.Logger()) router.Use(gin.Recovery()) // Initialize services with error handling authService := services.NewAuthService(cfg) if authService == nil { log.Fatal("Failed to initialize auth service") } // Swagger UI route router.GET("/swagger/*any", ginSwagger.WrapHandler(swaggerFiles.Handler)) // API v1 group v1 := router.Group("/api/v1") // ============================================================================= // PUBLIC ROUTES (No Authentication Required) // ============================================================================= // Authentication routes authHandler := authHandlers.NewAuthHandler(authService) tokenHandler := authHandlers.NewTokenHandler(authService) // Basic auth routes v1.POST("/auth/login", authHandler.Login) v1.POST("/auth/register", authHandler.Register) v1.POST("/auth/refresh", authHandler.RefreshToken) // Token generation routes (keep public if needed) v1.POST("/token/generate", tokenHandler.GenerateToken) v1.POST("/token/generate-direct", tokenHandler.GenerateTokenDirect) // BPJS endpoints bpjsPesertaHandler := bpjsPesertaHandlers.NewPesertaHandler(cfg.Bpjs) v1.GET("/bpjs/peserta/nik/:nik/tglSEP/:tglSEP", bpjsPesertaHandler.GetPesertaByNIK) // Retribusi endpoints retribusiHandler := retribusiHandlers.NewRetribusiHandler() retribusiGroup := v1.Group("/retribusi") { retribusiGroup.GET("", retribusiHandler.GetRetribusi) retribusiGroup.GET("/dynamic", retribusiHandler.GetRetribusiDynamic) // Route baru retribusiGroup.GET("/search", retribusiHandler.SearchRetribusiAdvanced) // Route pencarian retribusiGroup.GET("/:id", retribusiHandler.GetRetribusiByID) retribusiGroup.POST("", retribusiHandler.CreateRetribusi) retribusiGroup.PUT("/:id", retribusiHandler.UpdateRetribusi) retribusiGroup.DELETE("/:id", retribusiHandler.DeleteRetribusi) } // ============================================================================= // PROTECTED ROUTES (Authentication Required) // ============================================================================= // Create protected group with AuthMiddleware protected := v1.Group("/") protected.Use(middleware.AuthMiddleware()) // Use Keycloak AuthMiddleware // User profile (protected) protected.GET("/auth/me", authHandler.Me) // Retribusi endpoints (CRUD operations - should be protected) // retribusiHandler := retribusiHandlers.NewRetribusiHandler() // protectedRetribusi := protected.Group("/retribusi") // { // protectedRetribusi.GET("", retribusiHandler.GetRetribusi) // GET /api/v1/retribusi // protectedRetribusi.GET("/:id", retribusiHandler.GetRetribusiByID) // GET /api/v1/retribusi/:id // protectedRetribusi.POST("/", retribusiHandler.CreateRetribusi) // POST /api/v1/retribusi/ // protectedRetribusi.PUT("/:id", retribusiHandler.UpdateRetribusi) // PUT /api/v1/retribusi/:id // protectedRetribusi.DELETE("/:id", retribusiHandler.DeleteRetribusi) // DELETE /api/v1/retribusi/:id // } // BPJS endpoints (sensitive data - should be protected) // bpjsPesertaHandler := bpjsPesertaHandlers.NewPesertaHandler(cfg.Bpjs) // protectedBpjs := protected.Group("/bpjs") // { // protectedBpjs.GET("/peserta/nik/:nik/tglSEP/:tglSEP", bpjsPesertaHandler.GetPesertaByNIK) // } return router }