drive/apps/backend/internal/account/http.go

package account

import (
	"errors"

	"github.com/get-drexa/drexa/internal/auth"
	"github.com/get-drexa/drexa/internal/httperr"
	"github.com/get-drexa/drexa/internal/reqctx"
	"github.com/get-drexa/drexa/internal/user"
	"github.com/get-drexa/drexa/internal/virtualfs"
	"github.com/gofiber/fiber/v2"
	"github.com/google/uuid"
	"github.com/uptrace/bun"
)

type HTTPHandler struct {
	accountService *Service
	authService    *auth.Service
	vfs            *virtualfs.VirtualFS
	db             *bun.DB
	authMiddleware fiber.Handler
	cookieConfig   auth.CookieConfig
}

// registerAccountRequest represents a new account registration
// @Description Request to create a new account and user
type registerAccountRequest struct {
	// Email address for the new account
	Email string `json:"email" example:"newuser@example.com"`
	// Password for the new account (min 8 characters)
	Password string `json:"password" example:"securepassword123"`
	// Display name for the user
	DisplayName string `json:"displayName" example:"Jane Doe"`
	// How to deliver tokens: "cookie" (set HTTP-only cookies) or "body" (include in response)
	TokenDelivery string `json:"tokenDelivery" example:"body" enums:"cookie,body"`
}

// registerAccountResponse represents a successful registration
// @Description Response after successful account registration
type registerAccountResponse struct {
	// The created account
	Account *Account `json:"account"`
	// The created user
	User *user.User `json:"user"`
	// JWT access token for immediate authentication (only included when tokenDelivery is "body")
	AccessToken string `json:"accessToken,omitempty" example:"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1NTBlODQwMC1lMjliLTQxZDQtYTcxNi00NDY2NTU0NDAwMDAifQ.signature"`
	// Base64 URL encoded refresh token (only included when tokenDelivery is "body")
	RefreshToken string `json:"refreshToken,omitempty" example:"dR4nD0mUu1DkZXlCeXRlc0FuZFJhbmRvbURhdGFIZXJlMTIzNDU2Nzg5MGFi"`
}

func NewHTTPHandler(accountService *Service, authService *auth.Service, vfs *virtualfs.VirtualFS, db *bun.DB, authMiddleware fiber.Handler, cookieConfig auth.CookieConfig) *HTTPHandler {
	return &HTTPHandler{accountService: accountService, authService: authService, db: db, authMiddleware: authMiddleware, cookieConfig: cookieConfig}
}

func (h *HTTPHandler) RegisterRoutes(api fiber.Router) *ScopedRouter {
	api.Get("/accounts", h.authMiddleware, h.listAccounts)
	api.Post("/accounts", h.registerAccount)

	account := api.Group("/accounts/:accountID")
	account.Use(h.authMiddleware)
	account.Use(h.accountMiddleware)

	account.Get("/", h.getAccount)

	return &ScopedRouter{virtualfs.ScopedRouter{account}}
}

func (h *HTTPHandler) accountMiddleware(c *fiber.Ctx) error {
	u := reqctx.AuthenticatedUser(c).(*user.User)

	accountID, err := uuid.Parse(c.Params("accountID"))
	if err != nil {
		return c.SendStatus(fiber.StatusNotFound)
	}

	account, err := h.accountService.AccountByID(c.Context(), h.db, u.ID, accountID)
	if err != nil {
		if errors.Is(err, ErrAccountNotFound) {
			return c.SendStatus(fiber.StatusNotFound)
		}
		return httperr.Internal(err)
	}

	root, err := h.vfs.FindRootDirectory(c.Context(), h.db, account.ID)
	if err != nil {
		return httperr.Internal(err)
	}

	scope := &virtualfs.Scope{
		AccountID:    account.ID,
		RootNodeID:   root.ID,
		AllowedOps:   virtualfs.AllAllowedOps,
		AllowedNodes: nil,
		ActorKind:    virtualfs.ScopeActorAccount,
		ActorID:      u.ID,
	}

	reqctx.SetVFSAccessScope(c, scope)
	reqctx.SetCurrentAccount(c, account)

	return c.Next()
}

// listAccounts lists all accounts for the authenticated user
// @Summary List accounts
// @Description Retrieve all accounts for the authenticated user
// @Tags accounts
// @Produce json
// @Security BearerAuth
// @Success 200 {array} Account "List of accounts for the authenticated user"
// @Failure 401 {string} string "Not authenticated"
// @Router /accounts [get]
func (h *HTTPHandler) listAccounts(c *fiber.Ctx) error {
	u := reqctx.AuthenticatedUser(c).(*user.User)
	accounts, err := h.accountService.ListAccounts(c.Context(), h.db, u.ID)
	if err != nil {
		return httperr.Internal(err)
	}
	return c.JSON(accounts)
}

// getAccount retrieves account information
// @Summary Get account
// @Description Retrieve account details including storage usage and quota
// @Tags accounts
// @Produce json
// @Security BearerAuth
// @Param accountID path string true "Account ID" format(uuid)
// @Success 200 {object} Account "Account details"
// @Failure 401 {string} string "Not authenticated"
// @Failure 404 {string} string "Account not found"
// @Router /accounts/{accountID} [get]
func (h *HTTPHandler) getAccount(c *fiber.Ctx) error {
	account, ok := reqctx.CurrentAccount(c).(*Account)
	if !ok || account == nil {
		return c.SendStatus(fiber.StatusNotFound)
	}
	return c.JSON(account)
}

// registerAccount creates a new account and user
// @Summary Register new account
// @Description Create a new user account with email and password. Returns the account, user, and authentication tokens. Tokens can be delivered via HTTP-only cookies or in the response body based on the tokenDelivery field.
// @Tags accounts
// @Accept json
// @Produce json
// @Param request body registerAccountRequest true "Registration details"
// @Success 200 {object} registerAccountResponse "Account created successfully"
// @Failure 400 {string} string "Invalid request body or token delivery method"
// @Failure 409 {string} string "Email already registered"
// @Router /accounts [post]
func (h *HTTPHandler) registerAccount(c *fiber.Ctx) error {
	req := new(registerAccountRequest)
	if err := c.BodyParser(req); err != nil {
		return c.SendStatus(fiber.StatusBadRequest)
	}

	tx, err := h.db.BeginTx(c.Context(), nil)
	if err != nil {
		return httperr.Internal(err)
	}
	defer tx.Rollback()

	acc, u, err := h.accountService.Register(c.Context(), tx, RegisterOptions{
		Email:       req.Email,
		Password:    req.Password,
		DisplayName: req.DisplayName,
	})
	if err != nil {
		var ae *user.AlreadyExistsError
		if errors.As(err, &ae) {
			return c.SendStatus(fiber.StatusConflict)
		}
		if errors.Is(err, ErrAccountAlreadyExists) {
			return c.SendStatus(fiber.StatusConflict)
		}
		return httperr.Internal(err)
	}

	result, err := h.authService.GrantForUser(c.Context(), tx, u)
	if err != nil {
		return httperr.Internal(err)
	}

	err = tx.Commit()
	if err != nil {
		return httperr.Internal(err)
	}

	switch req.TokenDelivery {
	default:
		return c.Status(fiber.StatusBadRequest).JSON(fiber.Map{"error": "invalid token delivery method"})

	case auth.TokenDeliveryCookie:
		auth.SetAuthCookies(c, result.AccessToken, result.RefreshToken, h.cookieConfig)
		return c.JSON(registerAccountResponse{
			Account: acc,
			User:    u,
		})

	case auth.TokenDeliveryBody:
		return c.JSON(registerAccountResponse{
			Account:      acc,
			User:         u,
			AccessToken:  result.AccessToken,
			RefreshToken: result.RefreshToken,
		})
	}
}
feat: introduce account 2025-11-30 17:12:50 +00:00			`package account`

			`import (`
			`"errors"`

			`"github.com/get-drexa/drexa/internal/auth"`
feat: improve err logging 2025-11-30 19:19:33 +00:00			`"github.com/get-drexa/drexa/internal/httperr"`
refactor: introduce reqctx pkg for request context 2025-12-04 00:48:43 +00:00			`"github.com/get-drexa/drexa/internal/reqctx"`
feat: introduce account 2025-11-30 17:12:50 +00:00			`"github.com/get-drexa/drexa/internal/user"`
feat: initial sharing impl 2025-12-27 19:27:08 +00:00			`"github.com/get-drexa/drexa/internal/virtualfs"`
feat: introduce account 2025-11-30 17:12:50 +00:00			`"github.com/gofiber/fiber/v2"`
			`"github.com/google/uuid"`
			`"github.com/uptrace/bun"`
			`)`

			`type HTTPHandler struct {`
			`accountService *Service`
			`authService *auth.Service`
feat: initial sharing impl 2025-12-27 19:27:08 +00:00			`vfs *virtualfs.VirtualFS`
feat: introduce account 2025-11-30 17:12:50 +00:00			`db *bun.DB`
			`authMiddleware fiber.Handler`
feat: suppor tokenDelivery field for account reg 2025-12-16 00:41:30 +00:00			`cookieConfig auth.CookieConfig`
feat: introduce account 2025-11-30 17:12:50 +00:00			`}`

docs: add OpenAPI documentation with Scalar UI - Add swaggo annotations to all HTTP handlers - Add Swagger/OpenAPI spec generation with swag - Create separate docs server binary (drexa-docs) - Add Makefile with build, run, and docs targets - Configure Scalar as the API documentation UI Run 'make docs' to regenerate, 'make run-docs' to serve. 2025-12-13 22:44:37 +00:00			`// registerAccountRequest represents a new account registration`
			`// @Description Request to create a new account and user`
feat: introduce account 2025-11-30 17:12:50 +00:00			`type registerAccountRequest struct {`
docs: add OpenAPI documentation with Scalar UI - Add swaggo annotations to all HTTP handlers - Add Swagger/OpenAPI spec generation with swag - Create separate docs server binary (drexa-docs) - Add Makefile with build, run, and docs targets - Configure Scalar as the API documentation UI Run 'make docs' to regenerate, 'make run-docs' to serve. 2025-12-13 22:44:37 +00:00			`// Email address for the new account`
			Email string `json:"email" example:"newuser@example.com"`
			`// Password for the new account (min 8 characters)`
			Password string `json:"password" example:"securepassword123"`
			`// Display name for the user`
			DisplayName string `json:"displayName" example:"Jane Doe"`
feat: suppor tokenDelivery field for account reg 2025-12-16 00:41:30 +00:00			`// How to deliver tokens: "cookie" (set HTTP-only cookies) or "body" (include in response)`
			TokenDelivery string `json:"tokenDelivery" example:"body" enums:"cookie,body"`
feat: introduce account 2025-11-30 17:12:50 +00:00			`}`

docs: add OpenAPI documentation with Scalar UI - Add swaggo annotations to all HTTP handlers - Add Swagger/OpenAPI spec generation with swag - Create separate docs server binary (drexa-docs) - Add Makefile with build, run, and docs targets - Configure Scalar as the API documentation UI Run 'make docs' to regenerate, 'make run-docs' to serve. 2025-12-13 22:44:37 +00:00			`// registerAccountResponse represents a successful registration`
			`// @Description Response after successful account registration`
feat: introduce account 2025-11-30 17:12:50 +00:00			`type registerAccountResponse struct {`
docs: add OpenAPI documentation with Scalar UI - Add swaggo annotations to all HTTP handlers - Add Swagger/OpenAPI spec generation with swag - Create separate docs server binary (drexa-docs) - Add Makefile with build, run, and docs targets - Configure Scalar as the API documentation UI Run 'make docs' to regenerate, 'make run-docs' to serve. 2025-12-13 22:44:37 +00:00			`// The created account`
			Account *Account `json:"account"`
			`// The created user`
			User *user.User `json:"user"`
feat: suppor tokenDelivery field for account reg 2025-12-16 00:41:30 +00:00			`// JWT access token for immediate authentication (only included when tokenDelivery is "body")`
			AccessToken string `json:"accessToken,omitempty" example:"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1NTBlODQwMC1lMjliLTQxZDQtYTcxNi00NDY2NTU0NDAwMDAifQ.signature"`
			`// Base64 URL encoded refresh token (only included when tokenDelivery is "body")`
			RefreshToken string `json:"refreshToken,omitempty" example:"dR4nD0mUu1DkZXlCeXRlc0FuZFJhbmRvbURhdGFIZXJlMTIzNDU2Nzg5MGFi"`
feat: introduce account 2025-11-30 17:12:50 +00:00			`}`

feat: initial sharing impl 2025-12-27 19:27:08 +00:00			`func NewHTTPHandler(accountService Service, authService auth.Service, vfs virtualfs.VirtualFS, db bun.DB, authMiddleware fiber.Handler, cookieConfig auth.CookieConfig) *HTTPHandler {`
feat: suppor tokenDelivery field for account reg 2025-12-16 00:41:30 +00:00			`return &HTTPHandler{accountService: accountService, authService: authService, db: db, authMiddleware: authMiddleware, cookieConfig: cookieConfig}`
feat: introduce account 2025-11-30 17:12:50 +00:00			`}`

feat: initial sharing impl 2025-12-27 19:27:08 +00:00			`func (h HTTPHandler) RegisterRoutes(api fiber.Router) ScopedRouter {`
refactor: initial frontend wiring for new api 2025-12-15 00:13:10 +00:00			`api.Get("/accounts", h.authMiddleware, h.listAccounts)`
feat: introduce account 2025-11-30 17:12:50 +00:00			`api.Post("/accounts", h.registerAccount)`

			`account := api.Group("/accounts/:accountID")`
			`account.Use(h.authMiddleware)`
			`account.Use(h.accountMiddleware)`

			`account.Get("/", h.getAccount)`

feat: initial sharing impl 2025-12-27 19:27:08 +00:00			`return &ScopedRouter{virtualfs.ScopedRouter{account}}`
feat: introduce account 2025-11-30 17:12:50 +00:00			`}`

			`func (h HTTPHandler) accountMiddleware(c fiber.Ctx) error {`
refactor: introduce reqctx pkg for request context 2025-12-04 00:48:43 +00:00			`u := reqctx.AuthenticatedUser(c).(*user.User)`
feat: introduce account 2025-11-30 17:12:50 +00:00
			`accountID, err := uuid.Parse(c.Params("accountID"))`
			`if err != nil {`
			`return c.SendStatus(fiber.StatusNotFound)`
			`}`

refactor: introduce reqctx pkg for request context 2025-12-04 00:48:43 +00:00			`account, err := h.accountService.AccountByID(c.Context(), h.db, u.ID, accountID)`
feat: introduce account 2025-11-30 17:12:50 +00:00			`if err != nil {`
			`if errors.Is(err, ErrAccountNotFound) {`
			`return c.SendStatus(fiber.StatusNotFound)`
			`}`
feat: improve err logging 2025-11-30 19:19:33 +00:00			`return httperr.Internal(err)`
feat: introduce account 2025-11-30 17:12:50 +00:00			`}`

feat: initial sharing impl 2025-12-27 19:27:08 +00:00			`root, err := h.vfs.FindRootDirectory(c.Context(), h.db, account.ID)`
			`if err != nil {`
			`return httperr.Internal(err)`
			`}`

			`scope := &virtualfs.Scope{`
			`AccountID: account.ID,`
			`RootNodeID: root.ID,`
			`AllowedOps: virtualfs.AllAllowedOps,`
			`AllowedNodes: nil,`
			`ActorKind: virtualfs.ScopeActorAccount,`
			`ActorID: u.ID,`
			`}`

			`reqctx.SetVFSAccessScope(c, scope)`
			`reqctx.SetCurrentAccount(c, account)`
feat: introduce account 2025-11-30 17:12:50 +00:00
			`return c.Next()`
			`}`

refactor: initial frontend wiring for new api 2025-12-15 00:13:10 +00:00			`// listAccounts lists all accounts for the authenticated user`
			`// @Summary List accounts`
			`// @Description Retrieve all accounts for the authenticated user`
			`// @Tags accounts`
			`// @Produce json`
			`// @Security BearerAuth`
			`// @Success 200 {array} Account "List of accounts for the authenticated user"`
			`// @Failure 401 {string} string "Not authenticated"`
			`// @Router /accounts [get]`
			`func (h HTTPHandler) listAccounts(c fiber.Ctx) error {`
			`u := reqctx.AuthenticatedUser(c).(*user.User)`
			`accounts, err := h.accountService.ListAccounts(c.Context(), h.db, u.ID)`
			`if err != nil {`
			`return httperr.Internal(err)`
			`}`
			`return c.JSON(accounts)`
			`}`

docs: add OpenAPI documentation with Scalar UI - Add swaggo annotations to all HTTP handlers - Add Swagger/OpenAPI spec generation with swag - Create separate docs server binary (drexa-docs) - Add Makefile with build, run, and docs targets - Configure Scalar as the API documentation UI Run 'make docs' to regenerate, 'make run-docs' to serve. 2025-12-13 22:44:37 +00:00			`// getAccount retrieves account information`
			`// @Summary Get account`
			`// @Description Retrieve account details including storage usage and quota`
			`// @Tags accounts`
			`// @Produce json`
			`// @Security BearerAuth`
			`// @Param accountID path string true "Account ID" format(uuid)`
			`// @Success 200 {object} Account "Account details"`
			`// @Failure 401 {string} string "Not authenticated"`
			`// @Failure 404 {string} string "Account not found"`
			`// @Router /accounts/{accountID} [get]`
feat: introduce account 2025-11-30 17:12:50 +00:00			`func (h HTTPHandler) getAccount(c fiber.Ctx) error {`
feat: initial sharing impl 2025-12-27 19:27:08 +00:00			`account, ok := reqctx.CurrentAccount(c).(*Account)`
			`if !ok \|\| account == nil {`
feat: introduce account 2025-11-30 17:12:50 +00:00			`return c.SendStatus(fiber.StatusNotFound)`
			`}`
			`return c.JSON(account)`
			`}`

docs: add OpenAPI documentation with Scalar UI - Add swaggo annotations to all HTTP handlers - Add Swagger/OpenAPI spec generation with swag - Create separate docs server binary (drexa-docs) - Add Makefile with build, run, and docs targets - Configure Scalar as the API documentation UI Run 'make docs' to regenerate, 'make run-docs' to serve. 2025-12-13 22:44:37 +00:00			`// registerAccount creates a new account and user`
			`// @Summary Register new account`
feat: suppor tokenDelivery field for account reg 2025-12-16 00:41:30 +00:00			`// @Description Create a new user account with email and password. Returns the account, user, and authentication tokens. Tokens can be delivered via HTTP-only cookies or in the response body based on the tokenDelivery field.`
docs: add OpenAPI documentation with Scalar UI - Add swaggo annotations to all HTTP handlers - Add Swagger/OpenAPI spec generation with swag - Create separate docs server binary (drexa-docs) - Add Makefile with build, run, and docs targets - Configure Scalar as the API documentation UI Run 'make docs' to regenerate, 'make run-docs' to serve. 2025-12-13 22:44:37 +00:00			`// @Tags accounts`
			`// @Accept json`
			`// @Produce json`
			`// @Param request body registerAccountRequest true "Registration details"`
			`// @Success 200 {object} registerAccountResponse "Account created successfully"`
feat: suppor tokenDelivery field for account reg 2025-12-16 00:41:30 +00:00			`// @Failure 400 {string} string "Invalid request body or token delivery method"`
docs: add OpenAPI documentation with Scalar UI - Add swaggo annotations to all HTTP handlers - Add Swagger/OpenAPI spec generation with swag - Create separate docs server binary (drexa-docs) - Add Makefile with build, run, and docs targets - Configure Scalar as the API documentation UI Run 'make docs' to regenerate, 'make run-docs' to serve. 2025-12-13 22:44:37 +00:00			`// @Failure 409 {string} string "Email already registered"`
			`// @Router /accounts [post]`
feat: introduce account 2025-11-30 17:12:50 +00:00			`func (h HTTPHandler) registerAccount(c fiber.Ctx) error {`
			`req := new(registerAccountRequest)`
			`if err := c.BodyParser(req); err != nil {`
			`return c.SendStatus(fiber.StatusBadRequest)`
			`}`

			`tx, err := h.db.BeginTx(c.Context(), nil)`
			`if err != nil {`
feat: improve err logging 2025-11-30 19:19:33 +00:00			`return httperr.Internal(err)`
feat: introduce account 2025-11-30 17:12:50 +00:00			`}`
			`defer tx.Rollback()`

			`acc, u, err := h.accountService.Register(c.Context(), tx, RegisterOptions{`
			`Email: req.Email,`
			`Password: req.Password,`
			`DisplayName: req.DisplayName,`
			`})`
			`if err != nil {`
			`var ae *user.AlreadyExistsError`
			`if errors.As(err, &ae) {`
			`return c.SendStatus(fiber.StatusConflict)`
			`}`
			`if errors.Is(err, ErrAccountAlreadyExists) {`
			`return c.SendStatus(fiber.StatusConflict)`
			`}`
feat: improve err logging 2025-11-30 19:19:33 +00:00			`return httperr.Internal(err)`
feat: introduce account 2025-11-30 17:12:50 +00:00			`}`

feat: impl refresh token rotation 2025-12-03 00:07:39 +00:00			`result, err := h.authService.GrantForUser(c.Context(), tx, u)`
feat: introduce account 2025-11-30 17:12:50 +00:00			`if err != nil {`
feat: improve err logging 2025-11-30 19:19:33 +00:00			`return httperr.Internal(err)`
feat: introduce account 2025-11-30 17:12:50 +00:00			`}`

			`err = tx.Commit()`
			`if err != nil {`
feat: improve err logging 2025-11-30 19:19:33 +00:00			`return httperr.Internal(err)`
feat: introduce account 2025-11-30 17:12:50 +00:00			`}`

feat: suppor tokenDelivery field for account reg 2025-12-16 00:41:30 +00:00			`switch req.TokenDelivery {`
			`default:`
			`return c.Status(fiber.StatusBadRequest).JSON(fiber.Map{"error": "invalid token delivery method"})`

			`case auth.TokenDeliveryCookie:`
			`auth.SetAuthCookies(c, result.AccessToken, result.RefreshToken, h.cookieConfig)`
			`return c.JSON(registerAccountResponse{`
			`Account: acc,`
			`User: u,`
			`})`

			`case auth.TokenDeliveryBody:`
			`return c.JSON(registerAccountResponse{`
			`Account: acc,`
			`User: u,`
			`AccessToken: result.AccessToken,`
			`RefreshToken: result.RefreshToken,`
			`})`
			`}`
feat: introduce account 2025-11-30 17:12:50 +00:00			`}`