handler

package
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 15, 2026 License: MIT Imports: 18 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GetPairedUserIDFromContext 

func GetPairedUserIDFromContext(ctx context.Context) string

GetPairedUserIDFromContext extracts the paired user ID from context. Returns empty string if not a User-Admin or pairing not loaded.

func GetTargetUserID 

func GetTargetUserID(ctx context.Context) string

GetTargetUserID returns the appropriate user ID based on account type. For User-Admin accounts, returns the paired user ID. For regular users, returns the authenticated user's ID.

Types

type AddressRequest 

type AddressRequest struct {
	Street  string `json:"street" validate:"required,min:5,max:200"`
	City    string `json:"city" validate:"required,min:2,max:100"`
	State   string `json:"state" validate:"required,min:2,max:100"`
	PIN     string `json:"pin" validate:"required,pincode"`
	Country string `json:"country" validate:"required,len:2"`
}

AddressRequest represents an address in a request.

type AdminStatsResponse 

type AdminStatsResponse struct {
	TotalUsers        int `json:"total_users"`
	ActiveUsers       int `json:"active_users"`
	PendingKYC        int `json:"pending_kyc"`
	TotalWallets      int `json:"total_wallets"`
	TotalTransactions int `json:"total_transactions"`
}

AdminStatsResponse represents admin dashboard statistics.

type AuthHandler 

type AuthHandler struct {
	// contains filtered or unexported fields
}

AuthHandler handles authentication HTTP requests.

func NewAuthHandler 

func NewAuthHandler(authService *service.AuthService) *AuthHandler

NewAuthHandler creates a new authentication handler.

func (*AuthHandler) ChangePassword 

func (h *AuthHandler) ChangePassword(w http.ResponseWriter, r *http.Request)

ChangePassword handles password change requests. PUT /api/v1/users/me/password

func (*AuthHandler) GetAdminStats 

func (h *AuthHandler) GetAdminStats(w http.ResponseWriter, r *http.Request)

GetAdminStats retrieves statistics for admin dashboard (admin operation). GET /api/v1/admin/stats

func (*AuthHandler) GetKYC 

func (h *AuthHandler) GetKYC(w http.ResponseWriter, r *http.Request)

GetKYC retrieves the current user's KYC information. GET /api/v1/auth/kyc

func (*AuthHandler) GetPairedUserProfile 

func (h *AuthHandler) GetPairedUserProfile(w http.ResponseWriter, r *http.Request)

GetPairedUserProfile returns the paired user's profile for User-Admin accounts. GET /api/v1/user-admin/paired-user

func (*AuthHandler) GetProfile 

func (h *AuthHandler) GetProfile(w http.ResponseWriter, r *http.Request)

GetProfile retrieves the current user's profile. GET /api/v1/auth/me

func (*AuthHandler) GetUserDetails 

func (h *AuthHandler) GetUserDetails(w http.ResponseWriter, r *http.Request)

GetUserDetails retrieves detailed information about a specific user (admin operation). GET /api/v1/admin/users/:id

func (*AuthHandler) ListPendingKYCs 

func (h *AuthHandler) ListPendingKYCs(w http.ResponseWriter, r *http.Request)

ListPendingKYCs retrieves all pending KYC submissions (admin operation). GET /api/v1/admin/kyc/pending

func (*AuthHandler) Login 

func (h *AuthHandler) Login(w http.ResponseWriter, r *http.Request)

Login handles user authentication. POST /api/v1/auth/login

func (*AuthHandler) Logout 

func (h *AuthHandler) Logout(w http.ResponseWriter, r *http.Request)

Logout handles session termination. POST /api/v1/auth/logout

func (*AuthHandler) LogoutAll 

func (h *AuthHandler) LogoutAll(w http.ResponseWriter, r *http.Request)

LogoutAll handles termination of all sessions for a user. POST /api/v1/auth/logout-all

func (*AuthHandler) LookupUser 

func (h *AuthHandler) LookupUser(w http.ResponseWriter, r *http.Request)

LookupUser finds a user by phone number for recipient lookup in transfers. GET /api/v1/users/lookup?phone={phone}

func (*AuthHandler) Register 

func (h *AuthHandler) Register(w http.ResponseWriter, r *http.Request)

Register handles user registration. POST /api/v1/auth/register

func (*AuthHandler) RejectKYC 

func (h *AuthHandler) RejectKYC(w http.ResponseWriter, r *http.Request)

RejectKYC rejects a user's KYC (admin operation). POST /api/v1/admin/kyc/reject

func (*AuthHandler) SearchUsers 

func (h *AuthHandler) SearchUsers(w http.ResponseWriter, r *http.Request)

SearchUsers searches for users by query string (admin operation). GET /api/v1/admin/users/search?q={query}&limit=50&offset=0

func (*AuthHandler) SuspendUser 

func (h *AuthHandler) SuspendUser(w http.ResponseWriter, r *http.Request)

SuspendUser handles POST /api/v1/admin/users/:id/suspend

func (*AuthHandler) UnsuspendUser 

func (h *AuthHandler) UnsuspendUser(w http.ResponseWriter, r *http.Request)

UnsuspendUser handles POST /api/v1/admin/users/:id/unsuspend

func (*AuthHandler) UpdateKYC 

func (h *AuthHandler) UpdateKYC(w http.ResponseWriter, r *http.Request)

UpdateKYC handles KYC information submission/update. PUT /api/v1/auth/kyc

func (*AuthHandler) UpdateProfile 

func (h *AuthHandler) UpdateProfile(w http.ResponseWriter, r *http.Request)

UpdateProfile handles user profile updates. PUT /api/v1/users/me

func (*AuthHandler) VerifyKYC 

func (h *AuthHandler) VerifyKYC(w http.ResponseWriter, r *http.Request)

VerifyKYC approves a user's KYC (admin operation). POST /api/v1/admin/kyc/verify

type AuthMiddleware 

type AuthMiddleware struct {
	// contains filtered or unexported fields
}

AuthMiddleware provides authentication middleware functionality.

func NewAuthMiddleware 

func NewAuthMiddleware(authService *service.AuthService) *AuthMiddleware

NewAuthMiddleware creates a new authentication middleware.

func (*AuthMiddleware) Authenticate 

func (m *AuthMiddleware) Authenticate(next http.Handler) http.Handler

Authenticate is a middleware that validates JWT tokens and sets user in context.

func (*AuthMiddleware) OptionalAuthenticate 

func (m *AuthMiddleware) OptionalAuthenticate(next http.Handler) http.Handler

OptionalAuthenticate is a middleware that validates JWT tokens if present, but doesn't require them.

func (*AuthMiddleware) RequireAnyPermission 

func (m *AuthMiddleware) RequireAnyPermission(permissions ...string) func(http.Handler) http.Handler

RequireAnyPermission creates a middleware that checks if the user has ANY of the required permissions.

func (*AuthMiddleware) RequireAnyRole 

func (m *AuthMiddleware) RequireAnyRole(roles ...string) func(http.Handler) http.Handler

RequireAnyRole creates a middleware that checks if the user has ANY of the required roles.

func (*AuthMiddleware) RequireKYCVerified 

func (m *AuthMiddleware) RequireKYCVerified(next http.Handler) http.Handler

RequireKYCVerified is a middleware that requires the user's KYC to be verified.

func (*AuthMiddleware) RequirePermission 

func (m *AuthMiddleware) RequirePermission(permission string) func(http.Handler) http.Handler

RequirePermission creates a middleware that checks if the user has the required permission. Must be chained after Authenticate middleware.

func (*AuthMiddleware) RequireRole 

func (m *AuthMiddleware) RequireRole(role string) func(http.Handler) http.Handler

RequireRole creates a middleware that checks if the user has the required role.

func (*AuthMiddleware) RequireStatus 

func (m *AuthMiddleware) RequireStatus(statuses ...models.UserStatus) func(http.Handler) http.Handler

RequireStatus is a middleware that checks if the user has the required status.

type ChangePasswordRequest 

type ChangePasswordRequest struct {
	CurrentPassword string `json:"current_password" validate:"required"`
	NewPassword     string `json:"new_password" validate:"required,min:8,max:72"`
}

ChangePasswordRequest represents a password change request.

type CompletePasswordChangeRequest 

type CompletePasswordChangeRequest struct {
	VerificationToken string `json:"verification_token" validate:"required"`
	NewPassword       string `json:"new_password" validate:"required,min:8"`
}

CompletePasswordChangeRequest represents a request to complete password change.

type ContextKey 

type ContextKey string

ContextKey is a type for context keys to avoid collisions. 

const (
	// UserContextKey is the key for storing user in context.
	UserContextKey ContextKey = "user"
	// PairedUserIDKey is the key for storing the paired user ID for User-Admin accounts.
	PairedUserIDKey ContextKey = "paired_user_id"
)

type ForgotPasswordRequest 

type ForgotPasswordRequest struct {
	Email string `json:"email" validate:"required,email"`
}

ForgotPasswordRequest represents a forgot password request.

type InitiatePasswordChangeRequest 

type InitiatePasswordChangeRequest struct {
	CurrentPassword string `json:"current_password" validate:"required"`
}

InitiatePasswordChangeRequest represents a request to initiate password change.

type JWTClaims 

type JWTClaims struct {
	UserID      string   `json:"user_id"`
	Email       string   `json:"email"`
	Status      string   `json:"status"`
	Roles       []string `json:"roles,omitempty"`
	Permissions []string `json:"permissions,omitempty"`
	jwt.RegisteredClaims
}

JWTClaims represents the JWT token claims with RBAC support.

type LoginRequest 

type LoginRequest struct {
	Identifier string `json:"identifier" validate:"required"`
	Password   string `json:"password" validate:"required"`
	Portal     string `json:"portal,omitempty"` // Portal context: "user" (default) or "admin"
}

LoginRequest represents a login request.

type PasswordHandler 

type PasswordHandler struct {
	// contains filtered or unexported fields
}

PasswordHandler handles password-related HTTP requests.

func NewPasswordHandler 

func NewPasswordHandler(
	authService *service.AuthService,
	verificationService *service.VerificationService,
) *PasswordHandler

NewPasswordHandler creates a new password handler.

func (*PasswordHandler) CompletePasswordChange 

func (h *PasswordHandler) CompletePasswordChange(w http.ResponseWriter, r *http.Request)

CompletePasswordChange handles POST /api/v1/auth/password/change/complete Protected endpoint - requires authentication + verification token.

func (*PasswordHandler) ForgotPassword 

func (h *PasswordHandler) ForgotPassword(w http.ResponseWriter, r *http.Request)

ForgotPassword handles POST /api/v1/auth/password/forgot Public endpoint - no authentication required. Creates a verification request for password reset.

func (*PasswordHandler) InitiatePasswordChange 

func (h *PasswordHandler) InitiatePasswordChange(w http.ResponseWriter, r *http.Request)

InitiatePasswordChange handles POST /api/v1/auth/password/change/initiate Protected endpoint - requires authentication. Creates a verification request for password change.

func (*PasswordHandler) ResetPassword 

func (h *PasswordHandler) ResetPassword(w http.ResponseWriter, r *http.Request)

ResetPassword handles POST /api/v1/auth/password/reset Public endpoint - uses verification token for authorization.

type RegisterRequest 

type RegisterRequest struct {
	Email    string `json:"email" validate:"required,email,max:255"`
	Phone    string `json:"phone" validate:"required,indian_phone"`
	FullName string `json:"full_name" validate:"required,min:2,max:100"`
	Password string `json:"password" validate:"required,min:8,max:72"`
}

RegisterRequest represents a user registration request.

type RejectKYCRequest 

type RejectKYCRequest struct {
	UserID string `json:"user_id" validate:"required,uuid"`
	Reason string `json:"reason" validate:"required,min:10,max:500"`
}

RejectKYCRequest represents a KYC rejection request (admin only).

type ResetPasswordRequest 

type ResetPasswordRequest struct {
	VerificationToken string `json:"verification_token" validate:"required"`
	NewPassword       string `json:"new_password" validate:"required,min:8"`
}

ResetPasswordRequest represents a password reset request.

type Router 

type Router struct {
	// contains filtered or unexported fields
}

Router sets up HTTP routes for the Identity Service.

func NewRouter 

func NewRouter(authService *service.AuthService, verificationService *service.VerificationService) *Router

NewRouter creates a new router with all handlers and middleware.

func (*Router) SetupRoutes 

func (r *Router) SetupRoutes() http.Handler

SetupRoutes configures all HTTP routes for the Identity Service.

type SuspendUserRequest 

type SuspendUserRequest struct {
	Reason string `json:"reason" validate:"required,min:10,max:500"`
}

SuspendUserRequest represents the request to suspend a user.

type UpdateKYCRequest 

type UpdateKYCRequest struct {
	PAN         string         `json:"pan" validate:"required,pan"`
	Aadhaar     string         `json:"aadhaar" validate:"required,aadhaar"`
	DateOfBirth string         `json:"date_of_birth" validate:"required,date:2006-01-02"`
	Address     AddressRequest `json:"address" validate:"required"`
}

UpdateKYCRequest represents a KYC update request.

type UpdateProfileRequest 

type UpdateProfileRequest struct {
	FullName string `json:"full_name" validate:"required,min:2,max:100"`
	Email    string `json:"email" validate:"required,email,max:255"`
	Phone    string `json:"phone" validate:"required,indian_phone"`
}

UpdateProfileRequest represents a profile update request.

type UserAdminValidation 

type UserAdminValidation struct {
	// contains filtered or unexported fields
}

UserAdminValidation is a middleware that validates User-Admin access scope. For User-Admin accounts (account_type = 'user_admin'), this middleware: 1. Loads the paired regular user ID into context 2. Validates that requests targeting a user ID are scoped to the paired user

func NewUserAdminValidation 

func NewUserAdminValidation(authService *service.AuthService) *UserAdminValidation

NewUserAdminValidation creates a new User-Admin validation middleware.

func (*UserAdminValidation) LoadPairedUserID 

func (v *UserAdminValidation) LoadPairedUserID(next http.Handler) http.Handler

LoadPairedUserID loads the paired user ID into context without validating access. Use this for endpoints where User-Admin should be aware of their paired user.

func (*UserAdminValidation) ValidatePairing 

func (v *UserAdminValidation) ValidatePairing(next http.Handler) http.Handler

ValidatePairing ensures User-Admin accounts can only access their paired user's data. This middleware must be chained after Authenticate middleware. It extracts target user ID from path (userId parameter) and validates pairing.

type VerificationHandler 

type VerificationHandler struct {
	// contains filtered or unexported fields
}

VerificationHandler handles verification-related HTTP requests.

func NewVerificationHandler 

func NewVerificationHandler(svc *service.VerificationService) *VerificationHandler

NewVerificationHandler creates a new verification handler.

func (*VerificationHandler) CancelVerification 

func (h *VerificationHandler) CancelVerification(w http.ResponseWriter, r *http.Request)

CancelVerification handles DELETE /api/v1/verifications/{id} Cancels a pending verification request.

func (*VerificationHandler) CreateVerification 

func (h *VerificationHandler) CreateVerification(w http.ResponseWriter, r *http.Request)

CreateVerification handles POST /api/v1/verifications Creates a new verification request for a sensitive operation.

func (*VerificationHandler) GetMyVerifications 

func (h *VerificationHandler) GetMyVerifications(w http.ResponseWriter, r *http.Request)

GetMyVerifications handles GET /api/v1/verifications/me For regular user to see their verification history (without OTP).

func (*VerificationHandler) GetPendingVerifications 

func (h *VerificationHandler) GetPendingVerifications(w http.ResponseWriter, r *http.Request)

GetPendingVerifications handles GET /api/v1/verifications/pending For User-Admin to see pending verifications with OTP codes.

func (*VerificationHandler) GetVerification 

func (h *VerificationHandler) GetVerification(w http.ResponseWriter, r *http.Request)

GetVerification handles GET /api/v1/verifications/{id} Gets a specific verification request (sanitized for regular users).

func (*VerificationHandler) VerifyOTP 

func (h *VerificationHandler) VerifyOTP(w http.ResponseWriter, r *http.Request)

VerifyOTP handles POST /api/v1/verifications/{id}/verify Verifies the OTP and returns a verification token.

type VerifyKYCRequest 

type VerifyKYCRequest struct {
	UserID string `json:"user_id" validate:"required,uuid"`
}

VerifyKYCRequest represents a KYC verification request (admin only).

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.