diff --git a/internal/routes/v1/routes.go b/internal/routes/v1/routes.go index 81f063a..c4f3278 100644 --- a/internal/routes/v1/routes.go +++ b/internal/routes/v1/routes.go @@ -1,76 +1,88 @@ package v1 import ( - bpjsDiagnosaHandlers "api-service/internal/handlers/bpjs/reference" + "api-service/internal/config" + authHandlers "api-service/internal/handlers/auth" bpjsPesertaHandlers "api-service/internal/handlers/bpjs/reference" retribusiHandlers "api-service/internal/handlers/retribusi" - - "api-service/internal/config" "api-service/internal/middleware" services "api-service/internal/services/auth" + "log" "github.com/gin-gonic/gin" swaggerFiles "github.com/swaggo/files" ginSwagger "github.com/swaggo/gin-swagger" - - authHandlers "api-service/internal/handlers/auth" ) -// RegisterRoutes registers all API routes for version 1 func RegisterRoutes(cfg *config.Config) *gin.Engine { router := gin.New() - // Add middleware + // Add global middleware router.Use(middleware.CORSConfig()) router.Use(middleware.ErrorHandler()) router.Use(gin.Logger()) router.Use(gin.Recovery()) - // Initialize services + // Initialize services with error handling authService := services.NewAuthService(cfg) + if authService == nil { + log.Fatal("Failed to initialize auth service") + } // Swagger UI route router.GET("/swagger/*any", ginSwagger.WrapHandler(swaggerFiles.Handler)) // API v1 group v1 := router.Group("/api/v1") + + // ============================================================================= + // PUBLIC ROUTES (No Authentication Required) + // ============================================================================= + + // Authentication routes + authHandler := authHandlers.NewAuthHandler(authService) + tokenHandler := authHandlers.NewTokenHandler(authService) + + // Basic auth routes + v1.POST("/auth/login", authHandler.Login) + v1.POST("/auth/register", authHandler.Register) + v1.POST("/auth/refresh", authHandler.RefreshToken) + + // Token generation routes (keep public if needed) + v1.POST("/token/generate", tokenHandler.GenerateToken) + v1.POST("/token/generate-direct", tokenHandler.GenerateTokenDirect) + + // BPJS endpoints + // bpjsPesertaHandler := bpjsPesertaHandlers.NewPesertaHandler(cfg.Bpjs) + // v1.GET("/bpjs/peserta/nik/:nik/tglSEP/:tglSEP", bpjsPesertaHandler.GetPesertaByNIK) + + // ============================================================================= + // PROTECTED ROUTES (Authentication Required) + // ============================================================================= + + // Create protected group with AuthMiddleware + protected := v1.Group("/") + protected.Use(middleware.AuthMiddleware()) // Use Keycloak AuthMiddleware + + // User profile (protected) + protected.GET("/auth/me", authHandler.Me) + + // Retribusi endpoints (CRUD operations - should be protected) + retribusiHandler := retribusiHandlers.NewRetribusiHandler() + protectedRetribusi := protected.Group("/retribusi") { - // Public routes (no authentication required) + protectedRetribusi.GET("/", retribusiHandler.GetRetribusi) // GET /api/v1/retribusi/ + protectedRetribusi.GET("/:id", retribusiHandler.GetRetribusiByID) // GET /api/v1/retribusi/:id + protectedRetribusi.POST("/", retribusiHandler.CreateRetribusi) // POST /api/v1/retribusi/ + protectedRetribusi.PUT("/:id", retribusiHandler.UpdateRetribusi) // PUT /api/v1/retribusi/:id + protectedRetribusi.DELETE("/:id", retribusiHandler.DeleteRetribusi) // DELETE /api/v1/retribusi/:id + } - // Authentication routes - authHandler := authHandlers.NewAuthHandler(authService) - tokenHandler := authHandlers.NewTokenHandler(authService) - - v1.POST("/auth/login", authHandler.Login) - v1.POST("/auth/register", authHandler.Register) - v1.GET("/auth/me", middleware.JWTAuthMiddleware(authService), authHandler.Me) - v1.POST("/auth/refresh", authHandler.RefreshToken) - - // Token generation routes - v1.POST("/token/generate", tokenHandler.GenerateToken) - v1.POST("/token/generate-direct", tokenHandler.GenerateTokenDirect) - - // Retribusi endpoints - retribusiHandler := retribusiHandlers.NewRetribusiHandler() - v1.GET("/retribusis", retribusiHandler.GetRetribusi) - v1.GET("/retribusi/:id", retribusiHandler.GetRetribusiByID) - v1.POST("/retribusis", retribusiHandler.CreateRetribusi) - v1.PUT("/retribusi/:id", retribusiHandler.UpdateRetribusi) - v1.DELETE("/retribusi/:id", retribusiHandler.DeleteRetribusi) - - // BPJS endpoints - bpjsPesertaHandler := bpjsPesertaHandlers.NewPesertaHandler(cfg.Bpjs) - v1.GET("/bpjs/Peserta/nik/:nik/tglSEP/:tglSEP", bpjsPesertaHandler.GetPesertaByNIK) - - // BPJS Diagnosa endpoints - bpjsDiagnosaHandler := bpjsDiagnosaHandlers.NewDiagnosaHandler(cfg.Bpjs) - v1.GET("/bpjs/reference/referensi/diagnosa", bpjsDiagnosaHandler.GetAll) - - protected := v1.Group("/") - protected.Use(middleware.JWTAuthMiddleware(authService)) - { - // Protected routes (require authentication) - } + // BPJS endpoints (sensitive data - should be protected) + bpjsPesertaHandler := bpjsPesertaHandlers.NewPesertaHandler(cfg.Bpjs) + protectedBpjs := protected.Group("/bpjs") + { + protectedBpjs.GET("/peserta/nik/:nik/tglsep/:tglSEP", bpjsPesertaHandler.GetPesertaByNIK) } return router diff --git a/pkg/logger/logger b/pkg/logger/logger new file mode 100644 index 0000000..e69de29 diff --git a/pkg/utils/utils b/pkg/utils/utils new file mode 100644 index 0000000..e69de29 diff --git a/pkg/validator/validator b/pkg/validator/validator new file mode 100644 index 0000000..e69de29 diff --git a/scripts/scripts b/scripts/scripts new file mode 100644 index 0000000..e69de29