nessi
b199b58840
Add DELETE /admin/devices/{id} endpoint with cascade deletion of device records, WireGuard peers, IP allocations, and device access profile settings. Update device status to 'deleted' and set deleted_at timestamp while preserving revoked_at if already set.
Add deleteDevice API method and delete button to devices page with query invalidation for both devices and device-profile lists. Record admin.device.deleted audit
93 lines
3.3 KiB
Go
93 lines
3.3 KiB
Go
package httpserver
|
|
|
|
import (
|
|
"net/http"
|
|
|
|
"github.com/go-chi/chi/v5"
|
|
|
|
"nexavpn/backend/internal/apiutil"
|
|
"nexavpn/backend/internal/auth"
|
|
"nexavpn/backend/internal/audit"
|
|
"nexavpn/backend/internal/device"
|
|
"nexavpn/backend/internal/gateway"
|
|
"nexavpn/backend/internal/group"
|
|
"nexavpn/backend/internal/policy"
|
|
"nexavpn/backend/internal/servicecatalog"
|
|
"nexavpn/backend/internal/user"
|
|
)
|
|
|
|
type Handlers struct {
|
|
Auth *auth.Handler
|
|
User *user.Handler
|
|
Device *device.Handler
|
|
Service *servicecatalog.Handler
|
|
Policy *policy.Handler
|
|
Gateway *gateway.Handler
|
|
Group *group.Handler
|
|
Audit *audit.Handler
|
|
}
|
|
|
|
func NewRouter(jwtSecret string, handlers Handlers) http.Handler {
|
|
r := chi.NewRouter()
|
|
r.Use(BaseMiddleware)
|
|
|
|
r.Get("/healthz", func(w http.ResponseWriter, _ *http.Request) {
|
|
apiutil.JSON(w, http.StatusOK, map[string]string{"status": "ok"})
|
|
})
|
|
|
|
r.Route("/api/v1", func(r chi.Router) {
|
|
r.Get("/auth/bootstrap/status", handlers.Auth.BootstrapStatus)
|
|
r.Post("/auth/bootstrap", handlers.Auth.Bootstrap)
|
|
r.Post("/auth/login", handlers.Auth.Login)
|
|
r.Post("/auth/refresh", handlers.Auth.Refresh)
|
|
r.Post("/auth/logout", handlers.Auth.Logout)
|
|
r.Post("/gateway-agent/bootstrap", handlers.Gateway.Bootstrap)
|
|
r.Get("/gateway-agent/dns/services", handlers.Gateway.AgentServiceDNS)
|
|
r.Get("/gateway-agent/{id}/sync", handlers.Gateway.AgentSyncBundle)
|
|
r.Post("/gateway-agent/{id}/telemetry", handlers.Gateway.Telemetry)
|
|
|
|
r.Group(func(r chi.Router) {
|
|
r.Use(AuthMiddleware(jwtSecret))
|
|
r.Get("/auth/me", handlers.Auth.Me)
|
|
r.Post("/devices/enroll", handlers.Device.Enroll)
|
|
r.Get("/me/devices", handlers.Device.ListOwn)
|
|
r.Get("/me/profile", handlers.Device.GetOwnProfile)
|
|
r.Put("/me/profile-selection", handlers.Device.SelectOwnProfile)
|
|
r.Get("/connection/status", handlers.Device.ConnectionStatus)
|
|
|
|
r.Route("/admin", func(r chi.Router) {
|
|
r.Use(AdminOnly)
|
|
r.Get("/users", handlers.User.List)
|
|
r.Post("/users", handlers.User.Create)
|
|
r.Patch("/users/{id}", handlers.User.Update)
|
|
r.Delete("/users/{id}", handlers.User.Delete)
|
|
r.Post("/users/{id}/disable", handlers.User.Disable)
|
|
r.Post("/users/{id}/enable", handlers.User.Enable)
|
|
r.Get("/devices", handlers.Device.ListAll)
|
|
r.Get("/devices/{id}/profile", handlers.Device.GetProfileByDeviceID)
|
|
r.Post("/devices/{id}/revoke", handlers.Device.Revoke)
|
|
r.Post("/devices/{id}/rotate", handlers.Device.Rotate)
|
|
r.Delete("/devices/{id}", handlers.Device.Delete)
|
|
r.Get("/groups", handlers.Group.List)
|
|
r.Post("/groups", handlers.Group.Create)
|
|
r.Patch("/groups/{id}", handlers.Group.Update)
|
|
r.Delete("/groups/{id}", handlers.Group.Delete)
|
|
r.Get("/services", handlers.Service.List)
|
|
r.Post("/services", handlers.Service.Create)
|
|
r.Patch("/services/{id}", handlers.Service.Update)
|
|
r.Delete("/services/{id}", handlers.Service.Delete)
|
|
r.Get("/policies", handlers.Policy.List)
|
|
r.Post("/policies", handlers.Policy.Create)
|
|
r.Patch("/policies/{id}", handlers.Policy.Update)
|
|
r.Delete("/policies/{id}", handlers.Policy.Delete)
|
|
r.Get("/gateways", handlers.Gateway.List)
|
|
r.Get("/gateways/{id}/sync", handlers.Gateway.SyncBundle)
|
|
r.Patch("/gateways/{id}", handlers.Gateway.Update)
|
|
r.Get("/audit-logs", handlers.Audit.List)
|
|
})
|
|
})
|
|
})
|
|
|
|
return r
|
|
}
|