feat: middleware for request body parsing, validation and authentication;

feat: helper function for getting request info from gin context

backend/go.mod

@@ -7,6 +7,7 @@ require (
 	github.com/golang-jwt/jwt/v5 v5.2.2
 	github.com/jackc/pgx/v5 v5.7.5
 	github.com/spf13/viper v1.20.1
+	github.com/stretchr/testify v1.10.0
 	github.com/swaggo/files v1.0.1
 	github.com/swaggo/gin-swagger v1.6.0
 	github.com/swaggo/swag v1.16.4
@@ -19,6 +20,7 @@ require (
 	github.com/bytedance/sonic v1.13.3 // indirect
 	github.com/bytedance/sonic/loader v0.2.4 // indirect
 	github.com/cloudwego/base64x v0.1.5 // indirect
+	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/fsnotify/fsnotify v1.9.0 // indirect
 	github.com/gabriel-vasile/mimetype v1.4.9 // indirect
 	github.com/gin-contrib/sse v1.1.0 // indirect
@@ -43,6 +45,7 @@ require (
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/pelletier/go-toml/v2 v2.2.4 // indirect
+	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/sagikazarmark/locafero v0.9.0 // indirect
 	github.com/sourcegraph/conc v0.3.0 // indirect
 	github.com/spf13/afero v1.14.0 // indirect

backend/internal/controllers/auth.go

@@ -18,11 +18,15 @@
 package controllers
 
 import (
+	"easywish/internal/middleware"
 	"easywish/internal/models"
 	"easywish/internal/services"
+	"easywish/internal/utils"
+	"easywish/internal/utils/enums"
 	"net/http"
 
 	"github.com/gin-gonic/gin"
+	"go.uber.org/zap"
 )
 
 type AuthController interface {
@@ -37,10 +41,11 @@ type AuthController interface {
 
 type authControllerImpl struct {
 	authService services.AuthService
+	log *zap.Logger
 }
 
-func NewAuthController(as services.AuthService) AuthController {
-	return &authControllerImpl{authService: as}
+func NewAuthController(_log *zap.Logger, as services.AuthService) AuthController {
+	return &authControllerImpl{log: _log, authService: as}
 }
 
 // Login implements AuthController.
@@ -94,14 +99,14 @@ func (a *authControllerImpl) Refresh(c *gin.Context) {
 // @Router /auth/registrationBegin [post]
 func (a *authControllerImpl) RegistrationBegin(c *gin.Context) {
 
-	var request models.RegistrationBeginRequest
-	
-	if err := c.ShouldBindJSON(&request); err != nil {
+	request, ok := utils.GetRequest[models.RegistrationBeginRequest](c)
+	if !ok {
 		c.Status(http.StatusBadRequest)
 		return
 	}
 
-	_, err := a.authService.RegistrationBegin(request)
+	_, err := a.authService.RegistrationBegin(request.Body)
+
 	if err != nil {
 		c.JSON(http.StatusBadRequest, err.Error())
 		return
@@ -122,7 +127,7 @@ func (a *authControllerImpl) RegistrationComplete(c *gin.Context) {
 }
 
 func (a *authControllerImpl) RegisterRoutes(group *gin.RouterGroup) {
-    group.POST("/registrationBegin", a.RegistrationBegin)
+    group.POST("/registrationBegin", middleware.RequestMiddleware[models.RegistrationBeginRequest](enums.GuestRole), a.RegistrationBegin)
     group.POST("/registrationComplete", a.RegistrationComplete)
     group.POST("/login", a.Login)
     group.POST("/refresh", a.Refresh)

backend/internal/controllers/profile.go

@@ -18,7 +18,6 @@
 package controllers
 
 import (
-	"easywish/internal/middleware"
 	"net/http"
 
 	"github.com/gin-gonic/gin"
@@ -92,11 +91,4 @@ func (p *profileControllerImpl) UpdatePrivacySettings(c *gin.Context) {
 }
 
 func (p *profileControllerImpl) RegisterRoutes(group *gin.RouterGroup) {
-		protected := group.Group("")
-		protected.Use(middleware.JWTAuthMiddleware())
-		{
-			protected.GET("/me", p.GetOwnProfile)
-			protected.GET("/:username", p.GetProfile)
-			protected.GET("/privacy", p.GetPrivacySettings)
-		}
 }

backend/internal/middleware/auth.go

@@ -19,6 +19,7 @@ package middleware
 
 import (
 	"easywish/config"
+	"easywish/internal/utils/enums"
 	"errors"
 	"fmt"
 	"net/http"
@@ -29,15 +30,19 @@ import (
 
 type Claims struct {
 	Username string     `json:"username"`
+	Role     enums.Role `json:"role"`
 	jwt.RegisteredClaims
 }
 
-func JWTAuthMiddleware() gin.HandlerFunc {
+func AuthMiddleware() gin.HandlerFunc {
 	return func(c *gin.Context) {
 		cfg := config.GetConfig()
 		authHeader := c.GetHeader("Authorization")
+
 		if authHeader == "" {
-			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Authorization header required"})
+			c.Set("username", nil)
+			c.Set("role", enums.GuestRole)
+			c.Next()
 			return
 		}
 
@@ -64,7 +69,8 @@ func JWTAuthMiddleware() gin.HandlerFunc {
 		}
 
 		if claims, ok := token.Claims.(*Claims); ok && token.Valid {
-			c.Set("userID", claims.Username)
+			c.Set("username", claims.Username)
+			c.Set("role", claims.Role)
 			c.Next()
 		} else {
 			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Invalid claims"})

backend/internal/middleware/request.go

@@ -0,0 +1,98 @@
+// Copyright (c) 2025 Nikolai Papin
+//
+// This file is part of Easywish
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See
+// the GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+package middleware
+
+import (
+	"easywish/internal/utils/enums"
+	"net/http"
+
+	"github.com/gin-gonic/gin"
+)
+
+type UserInfo struct {
+	Username string
+	Role enums.Role 
+}
+
+type Request[T any] struct {
+	User UserInfo
+	Body T
+}
+
+const requestKey = "request"
+
+func UserInfoFromContext(c *gin.Context) (*UserInfo, bool) {
+
+	var username any
+	var role any
+	var ok bool
+
+	username, ok = c.Get("username") ; if !ok {
+     return &UserInfo{Username: "", Role: enums.GuestRole}, true
+	}
+
+	role, ok = c.Get("role"); if !ok {
+     return nil, false
+	}
+
+	if username == nil {
+     return &UserInfo{Username: "", Role: enums.GuestRole}, true
+	}
+
+	if role == nil {
+		return nil, false
+	}
+
+	return &UserInfo{Username: username.(string), Role: role.(enums.Role)}, true
+}
+
+func RequestFromContext[T any](c *gin.Context) Request[T] {
+	return c.Value(requestKey).(Request[T])
+}
+
+func RequestMiddleware[T any](role enums.Role) gin.HandlerFunc {
+	return gin.HandlerFunc(func(c *gin.Context) {
+
+		userInfo, ok := UserInfoFromContext(c)
+
+		if !ok {
+			c.Status(http.StatusUnauthorized)
+			return
+		}
+
+		if userInfo.Role < role {
+			c.Status(http.StatusForbidden)
+		}
+
+		var body T
+		if err := c.ShouldBindJSON(&body); err != nil {
+			c.String(http.StatusBadRequest, err.Error())
+
+			// TODO: implement automatic validation here
+			return
+		}
+
+		request := Request[T]{
+			User: *userInfo,
+			Body: body,
+		}
+		
+		c.Set(requestKey, request)
+		c.Next()
+	})
+}

backend/internal/models/auth.go

@@ -25,7 +25,7 @@ type Tokens struct {
 type RegistrationBeginRequest struct {
 	Username string  `json:"username" binding:"required,min=3,max=20"`
 	Email		 *string `json:"email" binding:"email"`
-	Password string  `json:"password" binding:"required,password"` // TODO: password checking
+	Password string  `json:"password" binding:"required"` // TODO: password checking
 }
 
 // TODO: length check

backend/internal/routes/router.go

@@ -19,12 +19,14 @@ package routes
 
 import (
 	"easywish/internal/controllers"
+	"easywish/internal/middleware"
 
 	"github.com/gin-gonic/gin"
 )
 
 func NewRouter(engine *gin.Engine, groups []RouteGroup) *gin.Engine {
     apiGroup := engine.Group("/api")
+		apiGroup.Use(middleware.AuthMiddleware())
     for _, group := range groups {
         subgroup := apiGroup.Group(group.BasePath)
         subgroup.Use(group.Middleware...)

backend/internal/utils/enums/enums.go

@@ -18,8 +18,14 @@
 package enums
 
 type ConfirmationCodeType int32
-
 const (
 	RegistrationCodeType ConfirmationCodeType = iota
 	PasswordResetCodeType
 )
+
+type Role int32
+const (
+	GuestRole Role = iota
+	UserRole
+	AdminRole 
+)

backend/internal/utils/request.go

@@ -0,0 +1,35 @@
+// Copyright (c) 2025 Nikolai Papin
+// 
+// This file is part of Easywish
+// 
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+// 
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See
+// the GNU General Public License for more details.
+// 
+// You should have received a copy of the GNU General Public License
+// along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+package utils
+
+import (
+	"easywish/internal/middleware"
+
+	"github.com/gin-gonic/gin"
+)
+
+func GetRequest[T any](c *gin.Context) (*middleware.Request[T], bool) {
+
+	req, ok := c.Get("request")
+	request := req.(middleware.Request[T])
+	if !ok {
+		return nil, false
+	}
+
+	return &request, true
+}