40 lines
928 B
Go
40 lines
928 B
Go
package auth
|
|
|
|
import (
|
|
"ResendIt/internal/api/middleware"
|
|
"ResendIt/internal/config"
|
|
"time"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
)
|
|
|
|
type ConfigService interface {
|
|
GetIntDefault(key string, def int) int
|
|
}
|
|
|
|
func RegisterRoutes(r *gin.RouterGroup, h *Handler, cfg ConfigService) {
|
|
auth := r.Group("/auth")
|
|
|
|
// Stricter rate limit on login to reduce brute-force / log spam.
|
|
auth.POST("/login", middleware.RateLimitByIPDynamic(
|
|
func() int {
|
|
return cfg.GetIntDefault(config.KeyRateLimitLoginPerMinute, config.DefaultRateLimitLoginPerMinute)
|
|
},
|
|
time.Minute,
|
|
func() int {
|
|
return cfg.GetIntDefault(config.KeyRateLimitLoginBurst, config.DefaultRateLimitLoginBurst)
|
|
},
|
|
15*time.Minute,
|
|
), h.Login)
|
|
|
|
protected := auth.Group("/")
|
|
protected.Use(middleware.AuthMiddleware())
|
|
|
|
protected.GET("/me", h.Me)
|
|
|
|
admin := protected.Group("/")
|
|
admin.Use(middleware.RequireRole("admin"))
|
|
|
|
admin.GET("/admin-check", h.AdminCheck)
|
|
}
|