first commit

internal/handlers/handler.go

@@ -0,0 +1,101 @@
+package handlers
+
+import (
+	"log"
+	"net/http"
+	"strconv"
+
+	"tankstopp/internal/auth"
+	"tankstopp/internal/database"
+
+	"github.com/gorilla/mux"
+)
+
+// Handler contains dependencies for all HTTP handlers
+type Handler struct {
+	db             *database.DB
+	sessionManager *auth.SessionManager
+}
+
+// NewHandler creates a new handler with database connection and session manager
+func NewHandler(db *database.DB) *Handler {
+	return &Handler{
+		db:             db,
+		sessionManager: auth.NewSessionManager(),
+	}
+}
+
+// AuthMiddleware checks if user is authenticated
+func (h *Handler) AuthMiddleware(next http.HandlerFunc) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		sessionID, err := auth.GetSessionCookie(r)
+		if err != nil {
+			http.Redirect(w, r, "/login", http.StatusSeeOther)
+			return
+		}
+
+		session, exists := h.sessionManager.GetSession(sessionID)
+		if !exists {
+			http.Redirect(w, r, "/login", http.StatusSeeOther)
+			return
+		}
+
+		// Add user info to request context
+		r.Header.Set("X-User-ID", strconv.Itoa(int(session.UserID)))
+		r.Header.Set("X-Username", session.Username)
+
+		next.ServeHTTP(w, r)
+	}
+}
+
+// getCurrentUser extracts user information from request headers
+func (h *Handler) getCurrentUser(r *http.Request) (uint, string) {
+	userIDStr := r.Header.Get("X-User-ID")
+	username := r.Header.Get("X-Username")
+
+	if userIDStr == "" {
+		return 0, ""
+	}
+
+	userIDInt, err := strconv.Atoi(userIDStr)
+	if err != nil {
+		log.Printf("Error parsing user ID: %v", err)
+		return 0, ""
+	}
+
+	return uint(userIDInt), username
+}
+
+// RegisterRoutes registers all application routes
+func (h *Handler) RegisterRoutes(r *mux.Router) {
+	// Static files
+	r.PathPrefix("/static/").Handler(http.StripPrefix("/static/", http.FileServer(http.Dir("./static/"))))
+
+	// Public routes (no authentication required)
+	r.HandleFunc("/", h.RootHandler).Methods("GET")
+	r.HandleFunc("/login", h.LoginHandler).Methods("GET", "POST")
+	r.HandleFunc("/register", h.RegisterHandler).Methods("GET", "POST")
+	r.HandleFunc("/logout", h.LogoutHandler).Methods("POST")
+
+	// Protected routes (authentication required)
+	r.HandleFunc("/dashboard", h.AuthMiddleware(h.HomeHandler)).Methods("GET")
+	r.HandleFunc("/add", h.AuthMiddleware(h.AddFuelStopHandler)).Methods("GET", "POST")
+	r.HandleFunc("/edit/{id:[0-9]+}", h.AuthMiddleware(h.EditFuelStopHandler)).Methods("GET", "POST")
+	r.HandleFunc("/delete/{id:[0-9]+}", h.AuthMiddleware(h.DeleteFuelStopHandler)).Methods("POST")
+	r.HandleFunc("/settings", h.AuthMiddleware(h.SettingsHandler)).Methods("GET")
+	r.HandleFunc("/settings/profile", h.AuthMiddleware(h.UpdateProfileHandler)).Methods("POST")
+	r.HandleFunc("/settings/password", h.AuthMiddleware(h.UpdatePasswordHandler)).Methods("POST")
+	r.HandleFunc("/settings/delete-account", h.AuthMiddleware(h.DeleteAccountHandler)).Methods("POST")
+
+	// Vehicle management routes
+	r.HandleFunc("/vehicles", h.AuthMiddleware(h.VehiclesHandler)).Methods("GET")
+	r.HandleFunc("/vehicles/add", h.AuthMiddleware(h.AddVehicleHandler)).Methods("GET", "POST")
+	r.HandleFunc("/vehicles/edit/{id:[0-9]+}", h.AuthMiddleware(h.EditVehicleHandler)).Methods("GET", "POST")
+	r.HandleFunc("/vehicles/delete/{id:[0-9]+}", h.AuthMiddleware(h.DeleteVehicleHandler)).Methods("POST")
+
+	// API routes
+	r.HandleFunc("/api/fuel-stops", h.AuthMiddleware(h.APIGetFuelStopsHandler)).Methods("GET")
+	r.HandleFunc("/api/fuel-stops", h.AuthMiddleware(h.APICreateFuelStopHandler)).Methods("POST")
+	r.HandleFunc("/api/stats", h.AuthMiddleware(h.APIGetFuelStopStatsHandler)).Methods("GET")
+	r.HandleFunc("/api/vehicles/{id:[0-9]+}", h.AuthMiddleware(h.APIGetVehicleHandler)).Methods("GET")
+}