feat: add sqlite-backed auth and library services

Bootstrap SQLite on server startup with embedded migrations and development seed data. Replace placeholder auth and library responses with database-backed services, bearer sessions, and repository-driven API handlers.
2026-04-02 22:22:38 +03:00
parent debd4d05b9
commit 35abd27473
15 changed files with 808 additions and 64 deletions
--- a/internal/httpapi/middleware.go
+++ b/internal/httpapi/middleware.go
@@ -1,12 +1,19 @@
 package httpapi

 import (
+	"context"
 	"log"
 	"net/http"
 	"strings"
 	"time"
+
+	"github.com/benya/temporserv/internal/auth"
 )

+type contextKey string
+
+const currentUserKey contextKey = "currentUser"
+
 func requestLogger(next http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		startedAt := time.Now()
@@ -51,3 +58,24 @@ func cors(origins string) func(http.Handler) http.Handler {
 		})
 	}
 }
+
+func (a app) requireAuth(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		user, err := a.auth.CurrentUser(r.Context(), r.Header.Get("Authorization"))
+		if err != nil {
+			writeJSON(w, http.StatusUnauthorized, map[string]string{"error": "unauthorized"})
+			return
+		}
+
+		ctx := context.WithValue(r.Context(), currentUserKey, user)
+		next.ServeHTTP(w, r.WithContext(ctx))
+	})
+}
+
+func currentUserFromContext(r *http.Request) auth.User {
+	user, ok := r.Context().Value(currentUserKey).(auth.User)
+	if !ok {
+		return auth.User{}
+	}
+	return user
+}