2 files changed, 97 insertions, 0 deletions

diff --git a/api/internal/middleware/middleware.go b/api/internal/middleware/middleware.go
new file mode 100644
index 0000000..819f1e5
--- /dev/null
+++ b/api/internal/middleware/middleware.go
@@ -0,0 +1,55 @@
+package middleware
+
+import (
+        "errors"
+        "github.com/gin-gonic/gin"
+        "log"
+        "net/http"
+        "strings"
+)
+
+func TokenRequired() gin.HandlerFunc {
+        return func(c *gin.Context) {
+                _, err := checkForTokenInContext(c)
+
+                if err != nil {
+                        c.JSON(http.StatusUnauthorized, gin.H{"error": "Unauthorized"})
+                        c.Abort()
+                        return
+                }
+
+                c.Next()
+        }
+}
+
+func CORSMiddleware() gin.HandlerFunc {
+        return func(c *gin.Context) {
+                c.Writer.Header().Set("Access-Control-Allow-Origin", "*")
+                c.Writer.Header().Set("Access-Control-Allow-Credentials", "true")
+                c.Writer.Header().Set("Access-Control-Allow-Headers", "Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With")
+                c.Writer.Header().Set("Access-Control-Allow-Methods", "POST, OPTIONS, GET, PUT")
+
+                if c.Request.Method == "OPTIONS" {
+                        log.Println(c.Request.Header)
+                        c.AbortWithStatus(http.StatusNoContent)
+                        return
+                }
+
+                c.Next()
+        }
+}
+
+func checkForTokenInContext(c *gin.Context) (string, error) {
+        authorizationHeader := c.GetHeader("Authorization")
+        if authorizationHeader == "" {
+                return "", errors.New("authorization header is missing")
+        }
+
+        parts := strings.Split(authorizationHeader, " ")
+
+        if len(parts) != 2 || parts[0] != "Bearer" {
+                return "", errors.New("invalid Authorization header format")
+        }
+
+        return parts[1], nil
+}
\ No newline at end of file
diff --git a/api/internal/router/router.go b/api/internal/router/router.go
new file mode 100644
index 0000000..adf96d0
--- /dev/null
+++ b/api/internal/router/router.go
@@ -0,0 +1,42 @@
+package router
+
+import (
+        "github.com/gin-gonic/gin"
+        "water/api/internal/controllers"
+        "water/api/internal/middleware"
+)
+
+func SetupRouter() *gin.Engine {
+        // Disable Console Color
+        //      gin.DisableConsoleColor()
+        r := gin.Default()
+        r.Use(middleware.CORSMiddleware())
+        r.Use(gin.Logger())
+        r.Use(gin.Recovery())
+
+        api := r.Group("api/v1")
+
+        api.POST("/auth", controllers.AuthHandler)
+
+        user := api.Group("/user/:uuid")
+        user.Use(middleware.TokenRequired())
+        {
+                user.GET("", controllers.GetUser)
+                user.GET("preferences", controllers.GetUserPreferences)
+                user.PATCH("preferences", controllers.UpdateUserPreferences)
+        }
+
+        stats := api.Group("/stats")
+        stats.Use(middleware.TokenRequired())
+        {
+                stats.GET("/", controllers.GetAllStatistics)
+                stats.POST("/", controllers.PostNewStatistic)
+                stats.GET("weekly/", controllers.GetWeeklyStatistics)
+                stats.GET("daily/", controllers.GetDailyUserStatistics)
+                stats.GET("user/:uuid", controllers.GetUserStatistics)
+                stats.PATCH("user/:uuid", controllers.UpdateUserStatistic)
+                stats.DELETE("user/:uuid", controllers.DeleteUserStatistic)
+        }
+
+        return r
+}
\ No newline at end of file