refactor: use dtos in controllers

2025-12-22 13:59:24 +00:00 · 2024-08-23 17:04:19 +02:00
parent 9f49e5577e
commit ae7aeb0945
29 changed files with 679 additions and 304 deletions
--- a/backend/internal/middleware/file_size_limit.go
+++ b/backend/internal/middleware/file_size_limit.go
@@ -17,7 +17,7 @@ func (m *FileSizeLimitMiddleware) Add(maxSize int64) gin.HandlerFunc {
 	return func(c *gin.Context) {
 		c.Request.Body = http.MaxBytesReader(c.Writer, c.Request.Body, maxSize)
 		if err := c.Request.ParseMultipartForm(maxSize); err != nil {
-			utils.HandlerError(c, http.StatusRequestEntityTooLarge, fmt.Sprintf("The file can't be larger than %s bytes", formatFileSize(maxSize)))
+			utils.CustomControllerError(c, http.StatusRequestEntityTooLarge, fmt.Sprintf("The file can't be larger than %s bytes", formatFileSize(maxSize)))
 			c.Abort()
 			return
 		}
--- a/backend/internal/middleware/jwt_auth.go
+++ b/backend/internal/middleware/jwt_auth.go
@@ -9,11 +9,12 @@ import (
 )

 type JwtAuthMiddleware struct {
-	jwtService *service.JwtService
+	jwtService            *service.JwtService
+	ignoreUnauthenticated bool
 }

-func NewJwtAuthMiddleware(jwtService *service.JwtService) *JwtAuthMiddleware {
-	return &JwtAuthMiddleware{jwtService: jwtService}
+func NewJwtAuthMiddleware(jwtService *service.JwtService, ignoreUnauthenticated bool) *JwtAuthMiddleware {
+	return &JwtAuthMiddleware{jwtService: jwtService, ignoreUnauthenticated: ignoreUnauthenticated}
 }

 func (m *JwtAuthMiddleware) Add(adminOnly bool) gin.HandlerFunc {
@@ -24,23 +25,29 @@ func (m *JwtAuthMiddleware) Add(adminOnly bool) gin.HandlerFunc {
 			authorizationHeaderSplitted := strings.Split(c.GetHeader("Authorization"), " ")
 			if len(authorizationHeaderSplitted) == 2 {
 				token = authorizationHeaderSplitted[1]
+			} else if m.ignoreUnauthenticated {
+				c.Next()
+				return
 			} else {
-				utils.HandlerError(c, http.StatusUnauthorized, "You're not signed in")
+				utils.CustomControllerError(c, http.StatusUnauthorized, "You're not signed in")
 				c.Abort()
 				return
 			}
 		}

 		claims, err := m.jwtService.VerifyAccessToken(token)
-		if err != nil {
-			utils.HandlerError(c, http.StatusUnauthorized, "You're not signed in")
+		if err != nil && m.ignoreUnauthenticated {
+			c.Next()
+			return
+		} else if err != nil {
+			utils.CustomControllerError(c, http.StatusUnauthorized, "You're not signed in")
 			c.Abort()
 			return
 		}

 		// Check if the user is an admin
 		if adminOnly && !claims.IsAdmin {
-			utils.HandlerError(c, http.StatusForbidden, "You don't have permission to access this resource")
+			utils.CustomControllerError(c, http.StatusForbidden, "You don't have permission to access this resource")
 			c.Abort()
 			return
 		}
--- a/backend/internal/middleware/rate_limit.go
+++ b/backend/internal/middleware/rate_limit.go
@@ -33,7 +33,7 @@ func (m *RateLimitMiddleware) Add(limit rate.Limit, burst int) gin.HandlerFunc {

 		limiter := getLimiter(ip, limit, burst)
 		if !limiter.Allow() {
-			utils.HandlerError(c, http.StatusTooManyRequests, "Too many requests. Please wait a while before trying again.")
+			utils.CustomControllerError(c, http.StatusTooManyRequests, "Too many requests. Please wait a while before trying again.")
 			c.Abort()
 			return
 		}