James Griffin
6c9746eb05
- Admin-only account creation (no self-registration); invite-token flow
replaces the public /auth/register endpoint
- New volunteer fields: phone, is_trainee, operational_roles,
notification_preference, admin_notes, last_login, completed_shifts
- Role-scoped profile editing: volunteers update name/phone only;
admins update all fields including notes and trainee flag
- /auth/activate endpoint for invite-token-based account activation
- /api/v1/volunteers/{id}/invite for admin to resend invite links
- last_login recorded on each successful authentication
Tests:
- Go: handler tests (auth rules, create, activate, update scoping) via
Storer/AuthServicer interfaces and fake store; auth unit tests for
HashPassword, IssueToken, and Parse
- Frontend: RTL tests for Activate, Profile, and Volunteers pages
- Fixed CRA 5 + React Router v7 Jest compatibility (moduleNameMapper +
TextEncoder polyfill)
- Replaced stale CRA App.test.tsx placeholder with real tests
CI:
- .gitea/workflows/ci.yml runs go vet, go test, tsc, and npm test on
every push and pull request
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
86 lines
2.7 KiB
Go
86 lines
2.7 KiB
Go
package server
|
|
|
|
import (
|
|
"database/sql"
|
|
"net/http"
|
|
|
|
"github.com/go-chi/chi/v5"
|
|
chimiddleware "github.com/go-chi/chi/v5/middleware"
|
|
|
|
"git.unsupervised.ca/walkies/internal/auth"
|
|
"git.unsupervised.ca/walkies/internal/checkin"
|
|
"git.unsupervised.ca/walkies/internal/notification"
|
|
"git.unsupervised.ca/walkies/internal/schedule"
|
|
"git.unsupervised.ca/walkies/internal/server/middleware"
|
|
"git.unsupervised.ca/walkies/internal/timeoff"
|
|
"git.unsupervised.ca/walkies/internal/volunteer"
|
|
)
|
|
|
|
func New(db *sql.DB, jwtSecret string, staticDir string) http.Handler {
|
|
authSvc := auth.NewService(db, jwtSecret)
|
|
|
|
volunteerStore := volunteer.NewStore(db)
|
|
volunteerHandler := volunteer.NewHandler(volunteerStore, authSvc)
|
|
|
|
scheduleStore := schedule.NewStore(db)
|
|
scheduleHandler := schedule.NewHandler(scheduleStore)
|
|
|
|
timeoffStore := timeoff.NewStore(db)
|
|
timeoffHandler := timeoff.NewHandler(timeoffStore)
|
|
|
|
checkinStore := checkin.NewStore(db)
|
|
checkinHandler := checkin.NewHandler(checkinStore)
|
|
|
|
notificationStore := notification.NewStore(db)
|
|
notificationHandler := notification.NewHandler(notificationStore)
|
|
|
|
r := chi.NewRouter()
|
|
r.Use(chimiddleware.Logger)
|
|
r.Use(chimiddleware.Recoverer)
|
|
r.Use(chimiddleware.RealIP)
|
|
|
|
// API routes
|
|
r.Route("/api/v1", func(r chi.Router) {
|
|
// Public auth endpoints
|
|
r.Post("/auth/login", volunteerHandler.Login)
|
|
r.Post("/auth/activate", volunteerHandler.Activate)
|
|
|
|
// Protected routes
|
|
r.Group(func(r chi.Router) {
|
|
r.Use(middleware.Authenticate(authSvc))
|
|
|
|
// Volunteers
|
|
r.With(middleware.RequireAdmin).Post("/volunteers", volunteerHandler.Create)
|
|
r.Get("/volunteers", volunteerHandler.List)
|
|
r.Get("/volunteers/{id}", volunteerHandler.Get)
|
|
r.Put("/volunteers/{id}", volunteerHandler.Update)
|
|
r.With(middleware.RequireAdmin).Post("/volunteers/{id}/invite", volunteerHandler.ResendInvite)
|
|
|
|
// Schedules
|
|
r.Get("/schedules", scheduleHandler.List)
|
|
r.Post("/schedules", scheduleHandler.Create)
|
|
r.With(middleware.RequireAdmin).Put("/schedules/{id}", scheduleHandler.Update)
|
|
r.With(middleware.RequireAdmin).Delete("/schedules/{id}", scheduleHandler.Delete)
|
|
|
|
// Time off
|
|
r.Get("/timeoff", timeoffHandler.List)
|
|
r.Post("/timeoff", timeoffHandler.Create)
|
|
r.With(middleware.RequireAdmin).Put("/timeoff/{id}/review", timeoffHandler.Review)
|
|
|
|
// Check-in / check-out
|
|
r.Post("/checkin", checkinHandler.CheckIn)
|
|
r.Post("/checkout", checkinHandler.CheckOut)
|
|
r.Get("/checkin/history", checkinHandler.History)
|
|
|
|
// Notifications
|
|
r.Get("/notifications", notificationHandler.List)
|
|
r.Put("/notifications/{id}/read", notificationHandler.MarkRead)
|
|
})
|
|
})
|
|
|
|
// Serve static React app for all other routes
|
|
r.Handle("/*", http.FileServer(http.Dir(staticDir)))
|
|
|
|
return r
|
|
}
|