feat(api): GET /api/me
Returns the authenticated user (id/username/is_admin). Shape matches UserView used in the login response so SPA stores stay typed against one interface. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
@@ -6,7 +6,6 @@ package api
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"log/slog"
|
"log/slog"
|
||||||
"net/http"
|
|
||||||
|
|
||||||
"github.com/go-chi/chi/v5"
|
"github.com/go-chi/chi/v5"
|
||||||
"github.com/jackc/pgx/v5/pgxpool"
|
"github.com/jackc/pgx/v5/pgxpool"
|
||||||
@@ -33,10 +32,3 @@ type handlers struct {
|
|||||||
pool *pgxpool.Pool
|
pool *pgxpool.Pool
|
||||||
logger *slog.Logger
|
logger *slog.Logger
|
||||||
}
|
}
|
||||||
|
|
||||||
// Stub handlers so Mount() compiles. Real implementations in later tasks
|
|
||||||
// replace these in place (Task 8 me).
|
|
||||||
|
|
||||||
func (h *handlers) handleGetMe(w http.ResponseWriter, r *http.Request) {
|
|
||||||
writeErr(w, http.StatusNotImplemented, "not_implemented", "me not wired")
|
|
||||||
}
|
|
||||||
|
|||||||
@@ -0,0 +1,25 @@
|
|||||||
|
package api
|
||||||
|
|
||||||
|
import (
|
||||||
|
"encoding/json"
|
||||||
|
"net/http"
|
||||||
|
|
||||||
|
"git.fabledsword.com/bvandeusen/minstrel/internal/auth"
|
||||||
|
)
|
||||||
|
|
||||||
|
func (h *handlers) handleGetMe(w http.ResponseWriter, r *http.Request) {
|
||||||
|
user, ok := auth.UserFromContext(r.Context())
|
||||||
|
if !ok {
|
||||||
|
// Hitting /me without RequireUser in front of it is a routing bug;
|
||||||
|
// it can't happen in real traffic.
|
||||||
|
h.logger.Error("api: /me reached without authenticated user")
|
||||||
|
writeErr(w, http.StatusInternalServerError, "server_error", "missing auth context")
|
||||||
|
return
|
||||||
|
}
|
||||||
|
w.Header().Set("Content-Type", "application/json")
|
||||||
|
_ = json.NewEncoder(w).Encode(UserView{
|
||||||
|
ID: user.ID,
|
||||||
|
Username: user.Username,
|
||||||
|
IsAdmin: user.IsAdmin,
|
||||||
|
})
|
||||||
|
}
|
||||||
@@ -0,0 +1,44 @@
|
|||||||
|
package api
|
||||||
|
|
||||||
|
import (
|
||||||
|
"context"
|
||||||
|
"encoding/json"
|
||||||
|
"net/http"
|
||||||
|
"net/http/httptest"
|
||||||
|
"testing"
|
||||||
|
|
||||||
|
"git.fabledsword.com/bvandeusen/minstrel/internal/db/dbq"
|
||||||
|
)
|
||||||
|
|
||||||
|
func TestHandleGetMe_ReturnsAuthenticatedUser(t *testing.T) {
|
||||||
|
h, pool := testHandlers(t)
|
||||||
|
user := seedUser(t, pool, "alice", "hunter2", true)
|
||||||
|
|
||||||
|
req := httptest.NewRequest(http.MethodGet, "/api/me", nil)
|
||||||
|
req = req.WithContext(context.WithValue(req.Context(), userCtxKeyForTest(), user))
|
||||||
|
w := httptest.NewRecorder()
|
||||||
|
h.handleGetMe(w, req)
|
||||||
|
|
||||||
|
if w.Code != http.StatusOK {
|
||||||
|
t.Fatalf("status = %d body = %s", w.Code, w.Body.String())
|
||||||
|
}
|
||||||
|
var got UserView
|
||||||
|
if err := json.Unmarshal(w.Body.Bytes(), &got); err != nil {
|
||||||
|
t.Fatalf("decode: %v", err)
|
||||||
|
}
|
||||||
|
if got.Username != "alice" || !got.IsAdmin {
|
||||||
|
t.Errorf("user = %+v, want alice/admin", got)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestHandleGetMe_MissingContextReturns500(t *testing.T) {
|
||||||
|
h, _ := testHandlers(t)
|
||||||
|
req := httptest.NewRequest(http.MethodGet, "/api/me", nil)
|
||||||
|
w := httptest.NewRecorder()
|
||||||
|
h.handleGetMe(w, req)
|
||||||
|
|
||||||
|
if w.Code != http.StatusInternalServerError {
|
||||||
|
t.Errorf("status = %d, want 500 (context should be populated by RequireUser)", w.Code)
|
||||||
|
}
|
||||||
|
_ = dbq.User{} // keep the import used
|
||||||
|
}
|
||||||
Reference in New Issue
Block a user