tp/serv_nginx/api_bb/internal/handlers/auth.go

// handlers/auth.go
package handlers

import (
	"encoding/json"
	"net/http"
	"time"

	"go-rest-api/internal/models"
	"go-rest-api/internal/service"
	"go-rest-api/pkg/middleware"
    "go-rest-api/pkg/utils"

	"github.com/go-chi/chi/v5"
)

type AuthHandler struct {
	authService service.AuthService
	jwtService  service.JWTService
}

func NewAuthHandler(authService service.AuthService, jwtService service.JWTService) *AuthHandler {
	return &AuthHandler{
		authService: authService,
		jwtService:  jwtService,
	}
}

func (h *AuthHandler) Routes() chi.Router {
	r := chi.NewRouter()
	
	r.Post("/register", h.Register)
	r.Post("/login", h.Login)
	r.Post("/logout", h.Logout)
	r.Get("/profile", h.GetProfile)
	
	return r
}

type RegisterRequest struct {
	Email       string `json:"email"`
	Password    string `json:"password"`
	FirstName   string `json:"first_name"`
	LastName    string `json:"last_name"`
	Phone       string `json:"phone"`
	Experience  string `json:"experience"`
	Goals       string `json:"goals"`
	Newsletter  bool   `json:"newsletter"`
}

type LoginRequest struct {
	Email    string `json:"email"`
	Password string `json:"password"`
}

type UserResponse struct {
	ID         uint   `json:"id"`
	Email      string `json:"email"`
	FirstName  string `json:"first_name"`
	LastName   string `json:"last_name"`
	Phone      string `json:"phone"`
	Experience string `json:"experience"`
	Goals      string `json:"goals"`
	Newsletter bool   `json:"newsletter"`
	Role       string `json:"role"`
}

func (h *AuthHandler) Register(w http.ResponseWriter, r *http.Request) {
	var req RegisterRequest
	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
		utils.RespondWithError(w, http.StatusBadRequest, "Invalid request payload")
		return
	}
	
	user := &models.User{
		Email:      req.Email,
		Password:   req.Password,
		FirstName:  req.FirstName,
		LastName:   req.LastName,
		Phone:      req.Phone,
		Experience: req.Experience,
		Goals:      req.Goals,
		Newsletter: req.Newsletter,
		Role:       "user",
	}
	
	if err := h.authService.Register(user); err != nil {
		utils.RespondWithError(w, http.StatusBadRequest, err.Error())
		return
	}
	
	utils.RespondWithJSON(w, http.StatusCreated, map[string]string{
		"message": "User registered successfully",
	})
}

func (h *AuthHandler) Login(w http.ResponseWriter, r *http.Request) {
	var req LoginRequest
	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
		utils.RespondWithError(w, http.StatusBadRequest, "Invalid request payload")
		return
	}
	
	user, token, err := h.authService.Login(req.Email, req.Password)
	if err != nil {
		utils.RespondWithError(w, http.StatusUnauthorized, err.Error())
		return
	}
	
	// Устанавливаем токен в куки
	http.SetCookie(w, &http.Cookie{
		Name:     "auth_token",
		Value:    token,
		Path:     "/",
		HttpOnly: true,
		Secure:   false, // В production установить true :TODO 
		SameSite: http.SameSiteLaxMode,
		Expires:  time.Now().Add(24 * time.Hour),
	})
	
	utils.RespondWithJSON(w, http.StatusOK, map[string]interface{}{
		"message": "Login successful",
		"token":   token,
		"user":    toUserResponse(user),
	})
}

func (h *AuthHandler) Logout(w http.ResponseWriter, r *http.Request) {
	// Удаляем куку
	http.SetCookie(w, &http.Cookie{
		Name:     "auth_token",
		Value:    "",
		Path:     "/",
		HttpOnly: true,
		Secure:   false,
		SameSite: http.SameSiteLaxMode,
		Expires:  time.Now().Add(-1 * time.Hour),
		MaxAge:   -1,
	})
	
	utils.RespondWithJSON(w, http.StatusOK, map[string]string{
		"message": "Logout successful",
	})
}

func (h *AuthHandler) GetProfile(w http.ResponseWriter, r *http.Request) {
	user, ok := middleware.GetUserFromContext(r.Context())
	if !ok {
		utils.RespondWithError(w, http.StatusUnauthorized, "Authentication required")
		return
	}
	
	utils.RespondWithJSON(w, http.StatusOK, toUserResponse(user))
}

func toUserResponse(user *models.User) UserResponse {
	return UserResponse{
		ID:         user.ID,
		Email:      user.Email,
		FirstName:  user.FirstName,
		LastName:   user.LastName,
		Phone:      user.Phone,
		Experience: user.Experience,
		Goals:      user.Goals,
		Newsletter: user.Newsletter,
		Role:       user.Role,
	}
}