hnh-map/internal/app/handlers/handlers.go

package handlers

import (
	"net/http"

	"github.com/andyleap/hnh-map/internal/app"
	"github.com/andyleap/hnh-map/internal/app/services"
)

// Handlers holds HTTP handlers and their dependencies.
type Handlers struct {
	App   *app.App
	Auth  *services.AuthService
	Map   *services.MapService
	Admin *services.AdminService
}

// New creates Handlers with the given dependencies.
func New(a *app.App, auth *services.AuthService, mapSvc *services.MapService, admin *services.AdminService) *Handlers {
	return &Handlers{App: a, Auth: auth, Map: mapSvc, Admin: admin}
}

// requireAdmin returns session if admin, or writes 401 and returns nil.
func (h *Handlers) requireAdmin(rw http.ResponseWriter, req *http.Request) *app.Session {
	s := h.Auth.GetSession(req)
	if s == nil || !s.Auths.Has(app.AUTH_ADMIN) {
		JSONError(rw, http.StatusUnauthorized, "Unauthorized", "UNAUTHORIZED")
		return nil
	}
	return s
}

// canAccessMap returns true if session has map or admin auth.
func (h *Handlers) canAccessMap(s *app.Session) bool {
	return s != nil && (s.Auths.Has(app.AUTH_MAP) || s.Auths.Has(app.AUTH_ADMIN))
}