refactor: use dtos in controllers

backend/internal/controller/app_config_controller.go

@@ -5,19 +5,19 @@ import (
 	"fmt"
 	"github.com/gin-gonic/gin"
 	"github.com/stonith404/pocket-id/backend/internal/common"
+	"github.com/stonith404/pocket-id/backend/internal/dto"
 	"github.com/stonith404/pocket-id/backend/internal/middleware"
-	"github.com/stonith404/pocket-id/backend/internal/model"
 	"github.com/stonith404/pocket-id/backend/internal/service"
 	"github.com/stonith404/pocket-id/backend/internal/utils"
 	"net/http"
 )
 
-func NewApplicationConfigurationController(
+func NewAppConfigController(
 	group *gin.RouterGroup,
 	jwtAuthMiddleware *middleware.JwtAuthMiddleware,
 	appConfigService *service.AppConfigService) {
 
-	acc := &ApplicationConfigurationController{
+	acc := &AppConfigController{
 		appConfigService: appConfigService,
 	}
 	group.GET("/application-configuration", acc.listApplicationConfigurationHandler)
@@ -32,86 +32,104 @@ func NewApplicationConfigurationController(
 	group.PUT("/application-configuration/background-image", jwtAuthMiddleware.Add(true), acc.updateBackgroundImageHandler)
 }
 
-type ApplicationConfigurationController struct {
+type AppConfigController struct {
 	appConfigService *service.AppConfigService
 }
 
-func (acc *ApplicationConfigurationController) listApplicationConfigurationHandler(c *gin.Context) {
+func (acc *AppConfigController) listApplicationConfigurationHandler(c *gin.Context) {
 	configuration, err := acc.appConfigService.ListApplicationConfiguration(false)
 	if err != nil {
-		utils.UnknownHandlerError(c, err)
+		utils.ControllerError(c, err)
 		return
 	}
 
-	c.JSON(200, configuration)
+	var configVariablesDto []dto.PublicAppConfigVariableDto
+	if err := dto.MapStructList(configuration, &configVariablesDto); err != nil {
+		utils.ControllerError(c, err)
+		return
+	}
+
+	c.JSON(200, configVariablesDto)
 }
 
-func (acc *ApplicationConfigurationController) listAllApplicationConfigurationHandler(c *gin.Context) {
+func (acc *AppConfigController) listAllApplicationConfigurationHandler(c *gin.Context) {
 	configuration, err := acc.appConfigService.ListApplicationConfiguration(true)
 	if err != nil {
-		utils.UnknownHandlerError(c, err)
+		utils.ControllerError(c, err)
 		return
 	}
 
-	c.JSON(200, configuration)
+	var configVariablesDto []dto.AppConfigVariableDto
+	if err := dto.MapStructList(configuration, &configVariablesDto); err != nil {
+		utils.ControllerError(c, err)
+		return
+	}
+
+	c.JSON(200, configVariablesDto)
 }
 
-func (acc *ApplicationConfigurationController) updateApplicationConfigurationHandler(c *gin.Context) {
-	var input model.AppConfigUpdateDto
+func (acc *AppConfigController) updateApplicationConfigurationHandler(c *gin.Context) {
+	var input dto.AppConfigUpdateDto
 	if err := c.ShouldBindJSON(&input); err != nil {
-		utils.HandlerError(c, http.StatusBadRequest, common.ErrInvalidBody.Error())
+		utils.ControllerError(c, err)
 		return
 	}
 
 	savedConfigVariables, err := acc.appConfigService.UpdateApplicationConfiguration(input)
 	if err != nil {
-		utils.UnknownHandlerError(c, err)
+		utils.ControllerError(c, err)
 		return
 	}
 
-	c.JSON(http.StatusOK, savedConfigVariables)
+	var configVariablesDto []dto.AppConfigVariableDto
+	if err := dto.MapStructList(savedConfigVariables, &configVariablesDto); err != nil {
+		utils.ControllerError(c, err)
+		return
+	}
+
+	c.JSON(http.StatusOK, configVariablesDto)
 }
 
-func (acc *ApplicationConfigurationController) getLogoHandler(c *gin.Context) {
+func (acc *AppConfigController) getLogoHandler(c *gin.Context) {
 	imageType := acc.appConfigService.DbConfig.LogoImageType.Value
 	acc.getImage(c, "logo", imageType)
 }
 
-func (acc *ApplicationConfigurationController) getFaviconHandler(c *gin.Context) {
+func (acc *AppConfigController) getFaviconHandler(c *gin.Context) {
 	acc.getImage(c, "favicon", "ico")
 }
 
-func (acc *ApplicationConfigurationController) getBackgroundImageHandler(c *gin.Context) {
+func (acc *AppConfigController) getBackgroundImageHandler(c *gin.Context) {
 	imageType := acc.appConfigService.DbConfig.BackgroundImageType.Value
 	acc.getImage(c, "background", imageType)
 }
 
-func (acc *ApplicationConfigurationController) updateLogoHandler(c *gin.Context) {
+func (acc *AppConfigController) updateLogoHandler(c *gin.Context) {
 	imageType := acc.appConfigService.DbConfig.LogoImageType.Value
 	acc.updateImage(c, "logo", imageType)
 }
 
-func (acc *ApplicationConfigurationController) updateFaviconHandler(c *gin.Context) {
+func (acc *AppConfigController) updateFaviconHandler(c *gin.Context) {
 	file, err := c.FormFile("file")
 	if err != nil {
-		utils.HandlerError(c, http.StatusBadRequest, common.ErrInvalidBody.Error())
+		utils.ControllerError(c, err)
 		return
 	}
 
 	fileType := utils.GetFileExtension(file.Filename)
 	if fileType != "ico" {
-		utils.HandlerError(c, http.StatusBadRequest, "File must be of type .ico")
+		utils.CustomControllerError(c, http.StatusBadRequest, "File must be of type .ico")
 		return
 	}
 	acc.updateImage(c, "favicon", "ico")
 }
 
-func (acc *ApplicationConfigurationController) updateBackgroundImageHandler(c *gin.Context) {
+func (acc *AppConfigController) updateBackgroundImageHandler(c *gin.Context) {
 	imageType := acc.appConfigService.DbConfig.BackgroundImageType.Value
 	acc.updateImage(c, "background", imageType)
 }
 
-func (acc *ApplicationConfigurationController) getImage(c *gin.Context, name string, imageType string) {
+func (acc *AppConfigController) getImage(c *gin.Context, name string, imageType string) {
 	imagePath := fmt.Sprintf("%s/application-images/%s.%s", common.EnvConfig.UploadPath, name, imageType)
 	mimeType := utils.GetImageMimeType(imageType)
 
@@ -119,19 +137,19 @@ func (acc *ApplicationConfigurationController) getImage(c *gin.Context, name str
 	c.File(imagePath)
 }
 
-func (acc *ApplicationConfigurationController) updateImage(c *gin.Context, imageName string, oldImageType string) {
+func (acc *AppConfigController) updateImage(c *gin.Context, imageName string, oldImageType string) {
 	file, err := c.FormFile("file")
 	if err != nil {
-		utils.HandlerError(c, http.StatusBadRequest, common.ErrInvalidBody.Error())
+		utils.ControllerError(c, err)
 		return
 	}
 
 	err = acc.appConfigService.UpdateImage(file, imageName, oldImageType)
 	if err != nil {
 		if errors.Is(err, common.ErrFileTypeNotSupported) {
-			utils.HandlerError(c, http.StatusBadRequest, err.Error())
+			utils.CustomControllerError(c, http.StatusBadRequest, err.Error())
 		} else {
-			utils.UnknownHandlerError(c, err)
+			utils.ControllerError(c, err)
 		}
 		return
 	}

backend/internal/controller/oidc_controller.go

@@ -4,8 +4,8 @@ import (
 	"errors"
 	"github.com/gin-gonic/gin"
 	"github.com/stonith404/pocket-id/backend/internal/common"
+	"github.com/stonith404/pocket-id/backend/internal/dto"
 	"github.com/stonith404/pocket-id/backend/internal/middleware"
-	"github.com/stonith404/pocket-id/backend/internal/model"
 	"github.com/stonith404/pocket-id/backend/internal/service"
 	"github.com/stonith404/pocket-id/backend/internal/utils"
 	"net/http"
@@ -40,18 +40,18 @@ type OidcController struct {
 }
 
 func (oc *OidcController) authorizeHandler(c *gin.Context) {
-	var parsedBody model.AuthorizeRequest
-	if err := c.ShouldBindJSON(&parsedBody); err != nil {
-		utils.HandlerError(c, http.StatusBadRequest, common.ErrInvalidBody.Error())
+	var input dto.AuthorizeOidcClientDto
+	if err := c.ShouldBindJSON(&input); err != nil {
+		utils.ControllerError(c, err)
 		return
 	}
 
-	code, err := oc.oidcService.Authorize(parsedBody, c.GetString("userID"))
+	code, err := oc.oidcService.Authorize(input, c.GetString("userID"))
 	if err != nil {
 		if errors.Is(err, common.ErrOidcMissingAuthorization) {
-			utils.HandlerError(c, http.StatusForbidden, err.Error())
+			utils.CustomControllerError(c, http.StatusForbidden, err.Error())
 		} else {
-			utils.UnknownHandlerError(c, err)
+			utils.ControllerError(c, err)
 		}
 		return
 	}
@@ -60,15 +60,15 @@ func (oc *OidcController) authorizeHandler(c *gin.Context) {
 }
 
 func (oc *OidcController) authorizeNewClientHandler(c *gin.Context) {
-	var parsedBody model.AuthorizeNewClientDto
-	if err := c.ShouldBindJSON(&parsedBody); err != nil {
-		utils.HandlerError(c, http.StatusBadRequest, common.ErrInvalidBody.Error())
+	var input dto.AuthorizeOidcClientDto
+	if err := c.ShouldBindJSON(&input); err != nil {
+		utils.ControllerError(c, err)
 		return
 	}
 
-	code, err := oc.oidcService.AuthorizeNewClient(parsedBody, c.GetString("userID"))
+	code, err := oc.oidcService.AuthorizeNewClient(input, c.GetString("userID"))
 	if err != nil {
-		utils.UnknownHandlerError(c, err)
+		utils.ControllerError(c, err)
 		return
 	}
 
@@ -76,35 +76,35 @@ func (oc *OidcController) authorizeNewClientHandler(c *gin.Context) {
 }
 
 func (oc *OidcController) createIDTokenHandler(c *gin.Context) {
-	var body model.OidcIdTokenDto
+	var input dto.OidcIdTokenDto
 
-	if err := c.ShouldBind(&body); err != nil {
-		utils.HandlerError(c, http.StatusBadRequest, common.ErrInvalidBody.Error())
+	if err := c.ShouldBind(&input); err != nil {
+		utils.ControllerError(c, err)
 		return
 	}
 
-	clientID := body.ClientID
-	clientSecret := body.ClientSecret
+	clientID := input.ClientID
+	clientSecret := input.ClientSecret
 
 	// Client id and secret can also be passed over the Authorization header
 	if clientID == "" || clientSecret == "" {
 		var ok bool
 		clientID, clientSecret, ok = c.Request.BasicAuth()
 		if !ok {
-			utils.HandlerError(c, http.StatusBadRequest, "Client id and secret not provided")
+			utils.CustomControllerError(c, http.StatusBadRequest, "Client id and secret not provided")
 			return
 		}
 	}
 
-	idToken, accessToken, err := oc.oidcService.CreateTokens(body.Code, body.GrantType, clientID, clientSecret)
+	idToken, accessToken, err := oc.oidcService.CreateTokens(input.Code, input.GrantType, clientID, clientSecret)
 	if err != nil {
 		if errors.Is(err, common.ErrOidcGrantTypeNotSupported) ||
 			errors.Is(err, common.ErrOidcMissingClientCredentials) ||
 			errors.Is(err, common.ErrOidcClientSecretInvalid) ||
 			errors.Is(err, common.ErrOidcInvalidAuthorizationCode) {
-			utils.HandlerError(c, http.StatusBadRequest, err.Error())
+			utils.CustomControllerError(c, http.StatusBadRequest, err.Error())
 		} else {
-			utils.UnknownHandlerError(c, err)
+			utils.ControllerError(c, err)
 		}
 		return
 	}
@@ -116,14 +116,14 @@ func (oc *OidcController) userInfoHandler(c *gin.Context) {
 	token := strings.Split(c.GetHeader("Authorization"), " ")[1]
 	jwtClaims, err := oc.jwtService.VerifyOauthAccessToken(token)
 	if err != nil {
-		utils.HandlerError(c, http.StatusUnauthorized, common.ErrTokenInvalidOrExpired.Error())
+		utils.CustomControllerError(c, http.StatusUnauthorized, common.ErrTokenInvalidOrExpired.Error())
 		return
 	}
 	userID := jwtClaims.Subject
 	clientId := jwtClaims.Audience[0]
 	claims, err := oc.oidcService.GetUserClaimsForClient(userID, clientId)
 	if err != nil {
-		utils.UnknownHandlerError(c, err)
+		utils.ControllerError(c, err)
 		return
 	}
 
@@ -134,11 +134,28 @@ func (oc *OidcController) getClientHandler(c *gin.Context) {
 	clientId := c.Param("id")
 	client, err := oc.oidcService.GetClient(clientId)
 	if err != nil {
-		utils.UnknownHandlerError(c, err)
+		utils.ControllerError(c, err)
 		return
 	}
 
-	c.JSON(http.StatusOK, client)
+	// Return a different DTO based on the user's role
+	if c.GetBool("userIsAdmin") {
+		clientDto := dto.OidcClientDto{}
+		err = dto.MapStruct(client, &clientDto)
+		if err == nil {
+			c.JSON(http.StatusOK, clientDto)
+			return
+		}
+	} else {
+		clientDto := dto.PublicOidcClientDto{}
+		err = dto.MapStruct(client, &clientDto)
+		if err == nil {
+			c.JSON(http.StatusOK, clientDto)
+			return
+		}
+	}
+
+	utils.ControllerError(c, err)
 }
 
 func (oc *OidcController) listClientsHandler(c *gin.Context) {
@@ -148,36 +165,48 @@ func (oc *OidcController) listClientsHandler(c *gin.Context) {
 
 	clients, pagination, err := oc.oidcService.ListClients(searchTerm, page, pageSize)
 	if err != nil {
-		utils.UnknownHandlerError(c, err)
+		utils.ControllerError(c, err)
+		return
+	}
+
+	var clientsDto []dto.OidcClientDto
+	if err := dto.MapStructList(clients, &clientsDto); err != nil {
+		utils.ControllerError(c, err)
 		return
 	}
 
 	c.JSON(http.StatusOK, gin.H{
-		"data":       clients,
+		"data":       clientsDto,
 		"pagination": pagination,
 	})
 }
 
 func (oc *OidcController) createClientHandler(c *gin.Context) {
-	var input model.OidcClientCreateDto
+	var input dto.OidcClientCreateDto
 	if err := c.ShouldBindJSON(&input); err != nil {
-		utils.HandlerError(c, http.StatusBadRequest, common.ErrInvalidBody.Error())
+		utils.ControllerError(c, err)
 		return
 	}
 
 	client, err := oc.oidcService.CreateClient(input, c.GetString("userID"))
 	if err != nil {
-		utils.UnknownHandlerError(c, err)
+		utils.ControllerError(c, err)
 		return
 	}
 
-	c.JSON(http.StatusCreated, client)
+	var clientDto dto.OidcClientDto
+	if err := dto.MapStruct(client, &clientDto); err != nil {
+		utils.ControllerError(c, err)
+		return
+	}
+
+	c.JSON(http.StatusCreated, clientDto)
 }
 
 func (oc *OidcController) deleteClientHandler(c *gin.Context) {
 	err := oc.oidcService.DeleteClient(c.Param("id"))
 	if err != nil {
-		utils.HandlerError(c, http.StatusNotFound, "OIDC client not found")
+		utils.ControllerError(c, err)
 		return
 	}
 
@@ -185,25 +214,31 @@ func (oc *OidcController) deleteClientHandler(c *gin.Context) {
 }
 
 func (oc *OidcController) updateClientHandler(c *gin.Context) {
-	var input model.OidcClientCreateDto
+	var input dto.OidcClientCreateDto
 	if err := c.ShouldBindJSON(&input); err != nil {
-		utils.HandlerError(c, http.StatusBadRequest, common.ErrInvalidBody.Error())
+		utils.ControllerError(c, err)
 		return
 	}
 
 	client, err := oc.oidcService.UpdateClient(c.Param("id"), input)
 	if err != nil {
-		utils.UnknownHandlerError(c, err)
+		utils.ControllerError(c, err)
 		return
 	}
 
-	c.JSON(http.StatusNoContent, client)
+	var clientDto dto.OidcClientDto
+	if err := dto.MapStruct(client, &clientDto); err != nil {
+		utils.ControllerError(c, err)
+		return
+	}
+
+	c.JSON(http.StatusOK, clientDto)
 }
 
 func (oc *OidcController) createClientSecretHandler(c *gin.Context) {
 	secret, err := oc.oidcService.CreateClientSecret(c.Param("id"))
 	if err != nil {
-		utils.UnknownHandlerError(c, err)
+		utils.ControllerError(c, err)
 		return
 	}
 
@@ -213,7 +248,7 @@ func (oc *OidcController) createClientSecretHandler(c *gin.Context) {
 func (oc *OidcController) getClientLogoHandler(c *gin.Context) {
 	imagePath, mimeType, err := oc.oidcService.GetClientLogo(c.Param("id"))
 	if err != nil {
-		utils.UnknownHandlerError(c, err)
+		utils.ControllerError(c, err)
 		return
 	}
 
@@ -224,16 +259,16 @@ func (oc *OidcController) getClientLogoHandler(c *gin.Context) {
 func (oc *OidcController) updateClientLogoHandler(c *gin.Context) {
 	file, err := c.FormFile("file")
 	if err != nil {
-		utils.HandlerError(c, http.StatusBadRequest, common.ErrInvalidBody.Error())
+		utils.ControllerError(c, err)
 		return
 	}
 
 	err = oc.oidcService.UpdateClientLogo(c.Param("id"), file)
 	if err != nil {
 		if errors.Is(err, common.ErrFileTypeNotSupported) {
-			utils.HandlerError(c, http.StatusBadRequest, err.Error())
+			utils.CustomControllerError(c, http.StatusBadRequest, err.Error())
 		} else {
-			utils.UnknownHandlerError(c, err)
+			utils.ControllerError(c, err)
 		}
 		return
 	}
@@ -244,7 +279,7 @@ func (oc *OidcController) updateClientLogoHandler(c *gin.Context) {
 func (oc *OidcController) deleteClientLogoHandler(c *gin.Context) {
 	err := oc.oidcService.DeleteClientLogo(c.Param("id"))
 	if err != nil {
-		utils.UnknownHandlerError(c, err)
+		utils.ControllerError(c, err)
 		return
 	}
 

backend/internal/controller/test_controller.go

@@ -4,6 +4,7 @@ import (
 	"github.com/gin-gonic/gin"
 	"github.com/stonith404/pocket-id/backend/internal/service"
 	"github.com/stonith404/pocket-id/backend/internal/utils"
+	"net/http"
 )
 
 func NewTestController(group *gin.RouterGroup, testService *service.TestService) {
@@ -18,19 +19,19 @@ type TestController struct {
 
 func (tc *TestController) resetAndSeedHandler(c *gin.Context) {
 	if err := tc.TestService.ResetDatabase(); err != nil {
-		utils.UnknownHandlerError(c, err)
+		utils.ControllerError(c, err)
 		return
 	}
 
 	if err := tc.TestService.ResetApplicationImages(); err != nil {
-		utils.UnknownHandlerError(c, err)
+		utils.ControllerError(c, err)
 		return
 	}
 
 	if err := tc.TestService.SeedDatabase(); err != nil {
-		utils.UnknownHandlerError(c, err)
+		utils.ControllerError(c, err)
 		return
 	}
 
-	c.JSON(200, gin.H{"message": "Database reset and seeded"})
+	c.Status(http.StatusNoContent)
 }

backend/internal/controller/user_controller.go

@@ -4,8 +4,8 @@ import (
 	"errors"
 	"github.com/gin-gonic/gin"
 	"github.com/stonith404/pocket-id/backend/internal/common"
+	"github.com/stonith404/pocket-id/backend/internal/dto"
 	"github.com/stonith404/pocket-id/backend/internal/middleware"
-	"github.com/stonith404/pocket-id/backend/internal/model"
 	"github.com/stonith404/pocket-id/backend/internal/service"
 	"github.com/stonith404/pocket-id/backend/internal/utils"
 	"golang.org/x/time/rate"
@@ -43,12 +43,18 @@ func (uc *UserController) listUsersHandler(c *gin.Context) {
 
 	users, pagination, err := uc.UserService.ListUsers(searchTerm, page, pageSize)
 	if err != nil {
-		utils.UnknownHandlerError(c, err)
+		utils.ControllerError(c, err)
+		return
+	}
+
+	var usersDto []dto.UserDto
+	if err := dto.MapStructList(users, &usersDto); err != nil {
+		utils.ControllerError(c, err)
 		return
 	}
 
 	c.JSON(http.StatusOK, gin.H{
-		"data":       users,
+		"data":       usersDto,
 		"pagination": pagination,
 	})
 }
@@ -56,25 +62,38 @@ func (uc *UserController) listUsersHandler(c *gin.Context) {
 func (uc *UserController) getUserHandler(c *gin.Context) {
 	user, err := uc.UserService.GetUser(c.Param("id"))
 	if err != nil {
-		utils.UnknownHandlerError(c, err)
+		utils.ControllerError(c, err)
 		return
 	}
 
-	c.JSON(http.StatusOK, user)
+	var userDto dto.UserDto
+	if err := dto.MapStruct(user, &userDto); err != nil {
+		utils.ControllerError(c, err)
+		return
+	}
+
+	c.JSON(http.StatusOK, userDto)
 }
 
 func (uc *UserController) getCurrentUserHandler(c *gin.Context) {
 	user, err := uc.UserService.GetUser(c.GetString("userID"))
 	if err != nil {
-		utils.UnknownHandlerError(c, err)
+		utils.ControllerError(c, err)
 		return
 	}
-	c.JSON(http.StatusOK, user)
+
+	var userDto dto.UserDto
+	if err := dto.MapStruct(user, &userDto); err != nil {
+		utils.ControllerError(c, err)
+		return
+	}
+
+	c.JSON(http.StatusOK, userDto)
 }
 
 func (uc *UserController) deleteUserHandler(c *gin.Context) {
 	if err := uc.UserService.DeleteUser(c.Param("id")); err != nil {
-		utils.UnknownHandlerError(c, err)
+		utils.ControllerError(c, err)
 		return
 	}
 
@@ -82,22 +101,29 @@ func (uc *UserController) deleteUserHandler(c *gin.Context) {
 }
 
 func (uc *UserController) createUserHandler(c *gin.Context) {
-	var user model.User
-	if err := c.ShouldBindJSON(&user); err != nil {
-		utils.HandlerError(c, http.StatusBadRequest, common.ErrInvalidBody.Error())
+	var input dto.UserCreateDto
+	if err := c.ShouldBindJSON(&input); err != nil {
+		utils.ControllerError(c, err)
 		return
 	}
 
-	if err := uc.UserService.CreateUser(&user); err != nil {
+	user, err := uc.UserService.CreateUser(input)
+	if err != nil {
 		if errors.Is(err, common.ErrEmailTaken) || errors.Is(err, common.ErrUsernameTaken) {
-			utils.HandlerError(c, http.StatusConflict, err.Error())
+			utils.CustomControllerError(c, http.StatusConflict, err.Error())
 		} else {
-			utils.UnknownHandlerError(c, err)
+			utils.ControllerError(c, err)
 		}
 		return
 	}
 
-	c.JSON(http.StatusCreated, user)
+	var userDto dto.UserDto
+	if err := dto.MapStruct(user, &userDto); err != nil {
+		utils.ControllerError(c, err)
+		return
+	}
+
+	c.JSON(http.StatusCreated, userDto)
 }
 
 func (uc *UserController) updateUserHandler(c *gin.Context) {
@@ -109,15 +135,15 @@ func (uc *UserController) updateCurrentUserHandler(c *gin.Context) {
 }
 
 func (uc *UserController) createOneTimeAccessTokenHandler(c *gin.Context) {
-	var input model.OneTimeAccessTokenCreateDto
+	var input dto.OneTimeAccessTokenCreateDto
 	if err := c.ShouldBindJSON(&input); err != nil {
-		utils.HandlerError(c, http.StatusBadRequest, common.ErrInvalidBody.Error())
+		utils.ControllerError(c, err)
 		return
 	}
 
 	token, err := uc.UserService.CreateOneTimeAccessToken(input.UserID, input.ExpiresAt)
 	if err != nil {
-		utils.UnknownHandlerError(c, err)
+		utils.ControllerError(c, err)
 		return
 	}
 
@@ -128,9 +154,9 @@ func (uc *UserController) exchangeOneTimeAccessTokenHandler(c *gin.Context) {
 	user, token, err := uc.UserService.ExchangeOneTimeAccessToken(c.Param("token"))
 	if err != nil {
 		if errors.Is(err, common.ErrTokenInvalidOrExpired) {
-			utils.HandlerError(c, http.StatusUnauthorized, err.Error())
+			utils.CustomControllerError(c, http.StatusUnauthorized, err.Error())
 		} else {
-			utils.UnknownHandlerError(c, err)
+			utils.ControllerError(c, err)
 		}
 		return
 	}
@@ -143,21 +169,27 @@ func (uc *UserController) getSetupAccessTokenHandler(c *gin.Context) {
 	user, token, err := uc.UserService.SetupInitialAdmin()
 	if err != nil {
 		if errors.Is(err, common.ErrSetupAlreadyCompleted) {
-			utils.HandlerError(c, http.StatusBadRequest, err.Error())
+			utils.CustomControllerError(c, http.StatusBadRequest, err.Error())
 		} else {
-			utils.UnknownHandlerError(c, err)
+			utils.ControllerError(c, err)
 		}
 		return
 	}
 
+	var userDto dto.UserDto
+	if err := dto.MapStruct(user, &userDto); err != nil {
+		utils.ControllerError(c, err)
+		return
+	}
+
 	c.SetCookie("access_token", token, int(time.Hour.Seconds()), "/", "", false, true)
-	c.JSON(http.StatusOK, user)
+	c.JSON(http.StatusOK, userDto)
 }
 
 func (uc *UserController) updateUser(c *gin.Context, updateOwnUser bool) {
-	var updatedUser model.User
-	if err := c.ShouldBindJSON(&updatedUser); err != nil {
-		utils.HandlerError(c, http.StatusBadRequest, common.ErrInvalidBody.Error())
+	var input dto.UserCreateDto
+	if err := c.ShouldBindJSON(&input); err != nil {
+		utils.ControllerError(c, err)
 		return
 	}
 
@@ -168,15 +200,21 @@ func (uc *UserController) updateUser(c *gin.Context, updateOwnUser bool) {
 		userID = c.Param("id")
 	}
 
-	user, err := uc.UserService.UpdateUser(userID, updatedUser, updateOwnUser)
+	user, err := uc.UserService.UpdateUser(userID, input, updateOwnUser)
 	if err != nil {
 		if errors.Is(err, common.ErrEmailTaken) || errors.Is(err, common.ErrUsernameTaken) {
-			utils.HandlerError(c, http.StatusConflict, err.Error())
+			utils.CustomControllerError(c, http.StatusConflict, err.Error())
 		} else {
-			utils.UnknownHandlerError(c, err)
+			utils.ControllerError(c, err)
 		}
 		return
 	}
 
-	c.JSON(http.StatusOK, user)
+	var userDto dto.UserDto
+	if err := dto.MapStruct(user, &userDto); err != nil {
+		utils.ControllerError(c, err)
+		return
+	}
+
+	c.JSON(http.StatusOK, userDto)
 }

backend/internal/controller/webauthn_controller.go

@@ -3,9 +3,8 @@ package controller
 import (
 	"errors"
 	"github.com/go-webauthn/webauthn/protocol"
+	"github.com/stonith404/pocket-id/backend/internal/dto"
 	"github.com/stonith404/pocket-id/backend/internal/middleware"
-	"github.com/stonith404/pocket-id/backend/internal/model"
-	"log"
 	"net/http"
 	"time"
 
@@ -40,8 +39,7 @@ func (wc *WebauthnController) beginRegistrationHandler(c *gin.Context) {
 	userID := c.GetString("userID")
 	options, err := wc.webAuthnService.BeginRegistration(userID)
 	if err != nil {
-		utils.UnknownHandlerError(c, err)
-		log.Println(err)
+		utils.ControllerError(c, err)
 		return
 	}
 
@@ -52,24 +50,30 @@ func (wc *WebauthnController) beginRegistrationHandler(c *gin.Context) {
 func (wc *WebauthnController) verifyRegistrationHandler(c *gin.Context) {
 	sessionID, err := c.Cookie("session_id")
 	if err != nil {
-		utils.HandlerError(c, http.StatusBadRequest, "Session ID missing")
+		utils.CustomControllerError(c, http.StatusBadRequest, "Session ID missing")
 		return
 	}
 
 	userID := c.GetString("userID")
 	credential, err := wc.webAuthnService.VerifyRegistration(sessionID, userID, c.Request)
 	if err != nil {
-		utils.UnknownHandlerError(c, err)
+		utils.ControllerError(c, err)
 		return
 	}
 
-	c.JSON(http.StatusOK, credential)
+	var credentialDto dto.WebauthnCredentialDto
+	if err := dto.MapStruct(credential, &credentialDto); err != nil {
+		utils.ControllerError(c, err)
+		return
+	}
+
+	c.JSON(http.StatusOK, credentialDto)
 }
 
 func (wc *WebauthnController) beginLoginHandler(c *gin.Context) {
 	options, err := wc.webAuthnService.BeginLogin()
 	if err != nil {
-		utils.UnknownHandlerError(c, err)
+		utils.ControllerError(c, err)
 		return
 	}
 
@@ -80,13 +84,13 @@ func (wc *WebauthnController) beginLoginHandler(c *gin.Context) {
 func (wc *WebauthnController) verifyLoginHandler(c *gin.Context) {
 	sessionID, err := c.Cookie("session_id")
 	if err != nil {
-		utils.HandlerError(c, http.StatusBadRequest, "Session ID missing")
+		utils.CustomControllerError(c, http.StatusBadRequest, "Session ID missing")
 		return
 	}
 
 	credentialAssertionData, err := protocol.ParseCredentialRequestResponseBody(c.Request.Body)
 	if err != nil {
-		utils.HandlerError(c, http.StatusBadRequest, common.ErrInvalidBody.Error())
+		utils.ControllerError(c, err)
 		return
 	}
 
@@ -94,32 +98,44 @@ func (wc *WebauthnController) verifyLoginHandler(c *gin.Context) {
 	user, err := wc.webAuthnService.VerifyLogin(sessionID, userID, credentialAssertionData)
 	if err != nil {
 		if errors.Is(err, common.ErrInvalidCredentials) {
-			utils.HandlerError(c, http.StatusUnauthorized, err.Error())
+			utils.CustomControllerError(c, http.StatusUnauthorized, err.Error())
 		} else {
-			utils.UnknownHandlerError(c, err)
+			utils.ControllerError(c, err)
 		}
 		return
 	}
 
-	token, err := wc.jwtService.GenerateAccessToken(*user)
+	token, err := wc.jwtService.GenerateAccessToken(user)
 	if err != nil {
-		utils.UnknownHandlerError(c, err)
+		utils.ControllerError(c, err)
+		return
+	}
+
+	var userDto dto.UserDto
+	if err := dto.MapStruct(user, &userDto); err != nil {
+		utils.ControllerError(c, err)
 		return
 	}
 
 	c.SetCookie("access_token", token, int(time.Hour.Seconds()), "/", "", false, true)
-	c.JSON(http.StatusOK, user)
+	c.JSON(http.StatusOK, userDto)
 }
 
 func (wc *WebauthnController) listCredentialsHandler(c *gin.Context) {
 	userID := c.GetString("userID")
 	credentials, err := wc.webAuthnService.ListCredentials(userID)
 	if err != nil {
-		utils.UnknownHandlerError(c, err)
+		utils.ControllerError(c, err)
 		return
 	}
 
-	c.JSON(http.StatusOK, credentials)
+	var credentialDtos []dto.WebauthnCredentialDto
+	if err := dto.MapStructList(credentials, &credentialDtos); err != nil {
+		utils.ControllerError(c, err)
+		return
+	}
+
+	c.JSON(http.StatusOK, credentialDtos)
 }
 
 func (wc *WebauthnController) deleteCredentialHandler(c *gin.Context) {
@@ -128,7 +144,7 @@ func (wc *WebauthnController) deleteCredentialHandler(c *gin.Context) {
 
 	err := wc.webAuthnService.DeleteCredential(userID, credentialID)
 	if err != nil {
-		utils.UnknownHandlerError(c, err)
+		utils.ControllerError(c, err)
 		return
 	}
 
@@ -139,19 +155,25 @@ func (wc *WebauthnController) updateCredentialHandler(c *gin.Context) {
 	userID := c.GetString("userID")
 	credentialID := c.Param("id")
 
-	var input model.WebauthnCredentialUpdateDto
+	var input dto.WebauthnCredentialUpdateDto
 	if err := c.ShouldBindJSON(&input); err != nil {
-		utils.HandlerError(c, http.StatusBadRequest, common.ErrInvalidBody.Error())
+		utils.ControllerError(c, err)
 		return
 	}
 
-	err := wc.webAuthnService.UpdateCredential(userID, credentialID, input.Name)
+	credential, err := wc.webAuthnService.UpdateCredential(userID, credentialID, input.Name)
 	if err != nil {
-		utils.UnknownHandlerError(c, err)
+		utils.ControllerError(c, err)
 		return
 	}
 
-	c.Status(http.StatusNoContent)
+	var credentialDto dto.WebauthnCredentialDto
+	if err := dto.MapStruct(credential, &credentialDto); err != nil {
+		utils.ControllerError(c, err)
+		return
+	}
+
+	c.JSON(http.StatusOK, credentialDto)
 }
 
 func (wc *WebauthnController) logoutHandler(c *gin.Context) {

backend/internal/controller/well_known_controller.go

@@ -21,7 +21,7 @@ type WellKnownController struct {
 func (wkc *WellKnownController) jwksHandler(c *gin.Context) {
 	jwk, err := wkc.jwtService.GetJWK()
 	if err != nil {
-		utils.UnknownHandlerError(c, err)
+		utils.ControllerError(c, err)
 		return
 	}