2025-12-03 19:29:37 +00:00
|
|
|
package handlers
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"fmt"
|
|
|
|
|
"net/http"
|
|
|
|
|
"time"
|
|
|
|
|
|
|
|
|
|
"github.com/gin-gonic/gin"
|
|
|
|
|
"github.com/google/uuid"
|
|
|
|
|
"go.uber.org/zap"
|
|
|
|
|
|
2025-12-24 10:54:22 +00:00
|
|
|
apperrors "veza-backend-api/internal/errors"
|
2025-12-03 19:29:37 +00:00
|
|
|
"veza-backend-api/internal/services"
|
|
|
|
|
"veza-backend-api/internal/workers"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
// WebhookHandler gère les handlers de webhooks
|
|
|
|
|
type WebhookHandler struct {
|
|
|
|
|
webhookService *services.WebhookService
|
|
|
|
|
webhookWorker *workers.WebhookWorker
|
|
|
|
|
logger *zap.Logger
|
P0: stabilisation backend/chat/stream + nouvelle base migrations v1
Backend Go:
- Remplacement complet des anciennes migrations par la base V1 alignée sur ORIGIN.
- Durcissement global du parsing JSON (BindAndValidateJSON + RespondWithAppError).
- Sécurisation de config.go, CORS, statuts de santé et monitoring.
- Implémentation des transactions P0 (RBAC, duplication de playlists, social toggles).
- Ajout d’un job worker structuré (emails, analytics, thumbnails) + tests associés.
- Nouvelle doc backend : AUDIT_CONFIG, BACKEND_CONFIG, AUTH_PASSWORD_RESET, JOB_WORKER_*.
Chat server (Rust):
- Refonte du pipeline JWT + sécurité, audit et rate limiting avancé.
- Implémentation complète du cycle de message (read receipts, delivered, edit/delete, typing).
- Nettoyage des panics, gestion d’erreurs robuste, logs structurés.
- Migrations chat alignées sur le schéma UUID et nouvelles features.
Stream server (Rust):
- Refonte du moteur de streaming (encoding pipeline + HLS) et des modules core.
- Transactions P0 pour les jobs et segments, garanties d’atomicité.
- Documentation détaillée de la pipeline (AUDIT_STREAM_*, DESIGN_STREAM_PIPELINE, TRANSACTIONS_P0_IMPLEMENTATION).
Documentation & audits:
- TRIAGE.md et AUDIT_STABILITY.md à jour avec l’état réel des 3 services.
- Cartographie complète des migrations et des transactions (DB_MIGRATIONS_*, DB_TRANSACTION_PLAN, AUDIT_DB_TRANSACTIONS, TRANSACTION_TESTS_PHASE3).
- Scripts de reset et de cleanup pour la lab DB et la V1.
Ce commit fige l’ensemble du travail de stabilisation P0 (UUID, backend, chat et stream) avant les phases suivantes (Coherence Guardian, WS hardening, etc.).
2025-12-06 10:14:38 +00:00
|
|
|
commonHandler *CommonHandler
|
2025-12-03 19:29:37 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// NewWebhookHandler crée un nouveau handler de webhooks
|
|
|
|
|
func NewWebhookHandler(
|
|
|
|
|
webhookService *services.WebhookService,
|
|
|
|
|
webhookWorker *workers.WebhookWorker,
|
|
|
|
|
logger *zap.Logger,
|
|
|
|
|
) *WebhookHandler {
|
|
|
|
|
return &WebhookHandler{
|
|
|
|
|
webhookService: webhookService,
|
|
|
|
|
webhookWorker: webhookWorker,
|
|
|
|
|
logger: logger,
|
P0: stabilisation backend/chat/stream + nouvelle base migrations v1
Backend Go:
- Remplacement complet des anciennes migrations par la base V1 alignée sur ORIGIN.
- Durcissement global du parsing JSON (BindAndValidateJSON + RespondWithAppError).
- Sécurisation de config.go, CORS, statuts de santé et monitoring.
- Implémentation des transactions P0 (RBAC, duplication de playlists, social toggles).
- Ajout d’un job worker structuré (emails, analytics, thumbnails) + tests associés.
- Nouvelle doc backend : AUDIT_CONFIG, BACKEND_CONFIG, AUTH_PASSWORD_RESET, JOB_WORKER_*.
Chat server (Rust):
- Refonte du pipeline JWT + sécurité, audit et rate limiting avancé.
- Implémentation complète du cycle de message (read receipts, delivered, edit/delete, typing).
- Nettoyage des panics, gestion d’erreurs robuste, logs structurés.
- Migrations chat alignées sur le schéma UUID et nouvelles features.
Stream server (Rust):
- Refonte du moteur de streaming (encoding pipeline + HLS) et des modules core.
- Transactions P0 pour les jobs et segments, garanties d’atomicité.
- Documentation détaillée de la pipeline (AUDIT_STREAM_*, DESIGN_STREAM_PIPELINE, TRANSACTIONS_P0_IMPLEMENTATION).
Documentation & audits:
- TRIAGE.md et AUDIT_STABILITY.md à jour avec l’état réel des 3 services.
- Cartographie complète des migrations et des transactions (DB_MIGRATIONS_*, DB_TRANSACTION_PLAN, AUDIT_DB_TRANSACTIONS, TRANSACTION_TESTS_PHASE3).
- Scripts de reset et de cleanup pour la lab DB et la V1.
Ce commit fige l’ensemble du travail de stabilisation P0 (UUID, backend, chat et stream) avant les phases suivantes (Coherence Guardian, WS hardening, etc.).
2025-12-06 10:14:38 +00:00
|
|
|
commonHandler: NewCommonHandler(logger),
|
2025-12-03 19:29:37 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// RegisterWebhook gère l'enregistrement d'un webhook
|
2025-12-25 14:23:19 +00:00
|
|
|
// @Summary Register webhook
|
|
|
|
|
// @Description Register a new webhook for receiving events
|
|
|
|
|
// @Tags Webhook
|
|
|
|
|
// @Accept json
|
|
|
|
|
// @Produce json
|
|
|
|
|
// @Security BearerAuth
|
|
|
|
|
// @Param webhook body object true "Webhook registration data" SchemaExample({"url": "https://example.com/webhook", "events": ["track.uploaded", "playlist.created"]})
|
|
|
|
|
// @Success 201 {object} handlers.APIResponse{data=object{webhook=object}}
|
|
|
|
|
// @Failure 400 {object} handlers.APIResponse "Validation error"
|
|
|
|
|
// @Failure 401 {object} handlers.APIResponse "Unauthorized"
|
|
|
|
|
// @Failure 500 {object} handlers.APIResponse "Internal server error"
|
|
|
|
|
// @Router /webhooks [post]
|
2025-12-03 19:29:37 +00:00
|
|
|
func (h *WebhookHandler) RegisterWebhook() gin.HandlerFunc {
|
|
|
|
|
return func(c *gin.Context) {
|
|
|
|
|
// Récupérer l'ID utilisateur
|
|
|
|
|
userIDInterface, exists := c.Get("user_id")
|
|
|
|
|
if !exists {
|
2025-12-25 14:11:24 +00:00
|
|
|
// INT-006: Standardize error response format
|
|
|
|
|
RespondWithAppError(c, apperrors.New(apperrors.ErrCodeInvalidCredentials, "User not authenticated"))
|
2025-12-03 19:29:37 +00:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
userID, ok := userIDInterface.(uuid.UUID)
|
|
|
|
|
if !ok {
|
2025-12-25 14:11:24 +00:00
|
|
|
// INT-006: Standardize error response format
|
|
|
|
|
RespondWithAppError(c, apperrors.New(apperrors.ErrCodeInternal, "Invalid user ID type"))
|
2025-12-03 19:29:37 +00:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var req struct {
|
2026-02-19 15:08:05 +00:00
|
|
|
URL string `json:"url" validate:"required,url"`
|
|
|
|
|
Events []string `json:"events" validate:"required,min=1"`
|
2025-12-03 19:29:37 +00:00
|
|
|
}
|
|
|
|
|
|
P0: stabilisation backend/chat/stream + nouvelle base migrations v1
Backend Go:
- Remplacement complet des anciennes migrations par la base V1 alignée sur ORIGIN.
- Durcissement global du parsing JSON (BindAndValidateJSON + RespondWithAppError).
- Sécurisation de config.go, CORS, statuts de santé et monitoring.
- Implémentation des transactions P0 (RBAC, duplication de playlists, social toggles).
- Ajout d’un job worker structuré (emails, analytics, thumbnails) + tests associés.
- Nouvelle doc backend : AUDIT_CONFIG, BACKEND_CONFIG, AUTH_PASSWORD_RESET, JOB_WORKER_*.
Chat server (Rust):
- Refonte du pipeline JWT + sécurité, audit et rate limiting avancé.
- Implémentation complète du cycle de message (read receipts, delivered, edit/delete, typing).
- Nettoyage des panics, gestion d’erreurs robuste, logs structurés.
- Migrations chat alignées sur le schéma UUID et nouvelles features.
Stream server (Rust):
- Refonte du moteur de streaming (encoding pipeline + HLS) et des modules core.
- Transactions P0 pour les jobs et segments, garanties d’atomicité.
- Documentation détaillée de la pipeline (AUDIT_STREAM_*, DESIGN_STREAM_PIPELINE, TRANSACTIONS_P0_IMPLEMENTATION).
Documentation & audits:
- TRIAGE.md et AUDIT_STABILITY.md à jour avec l’état réel des 3 services.
- Cartographie complète des migrations et des transactions (DB_MIGRATIONS_*, DB_TRANSACTION_PLAN, AUDIT_DB_TRANSACTIONS, TRANSACTION_TESTS_PHASE3).
- Scripts de reset et de cleanup pour la lab DB et la V1.
Ce commit fige l’ensemble du travail de stabilisation P0 (UUID, backend, chat et stream) avant les phases suivantes (Coherence Guardian, WS hardening, etc.).
2025-12-06 10:14:38 +00:00
|
|
|
if appErr := h.commonHandler.BindAndValidateJSON(c, &req); appErr != nil {
|
|
|
|
|
RespondWithAppError(c, appErr)
|
2025-12-03 19:29:37 +00:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
webhook, err := h.webhookService.RegisterWebhook(c.Request.Context(), userID, req.URL, req.Events)
|
|
|
|
|
if err != nil {
|
2025-12-25 14:11:24 +00:00
|
|
|
// INT-006: Standardize error response format
|
|
|
|
|
RespondWithAppError(c, apperrors.Wrap(apperrors.ErrCodeInternal, "Failed to register webhook", err))
|
2025-12-03 19:29:37 +00:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2025-12-06 16:21:59 +00:00
|
|
|
RespondSuccess(c, http.StatusCreated, webhook)
|
2025-12-03 19:29:37 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// ListWebhooks liste les webhooks d'un utilisateur
|
2025-12-25 14:23:19 +00:00
|
|
|
// @Summary List webhooks
|
|
|
|
|
// @Description Get a list of all webhooks registered by the current user
|
|
|
|
|
// @Tags Webhook
|
|
|
|
|
// @Accept json
|
|
|
|
|
// @Produce json
|
|
|
|
|
// @Security BearerAuth
|
|
|
|
|
// @Success 200 {object} handlers.APIResponse{data=object{webhooks=array}}
|
|
|
|
|
// @Failure 401 {object} handlers.APIResponse "Unauthorized"
|
|
|
|
|
// @Failure 500 {object} handlers.APIResponse "Internal server error"
|
|
|
|
|
// @Router /webhooks [get]
|
2025-12-03 19:29:37 +00:00
|
|
|
func (h *WebhookHandler) ListWebhooks() gin.HandlerFunc {
|
|
|
|
|
return func(c *gin.Context) {
|
|
|
|
|
userIDInterface, exists := c.Get("user_id")
|
|
|
|
|
if !exists {
|
2025-12-25 14:11:24 +00:00
|
|
|
// INT-006: Standardize error response format
|
|
|
|
|
RespondWithAppError(c, apperrors.New(apperrors.ErrCodeInvalidCredentials, "User not authenticated"))
|
2025-12-03 19:29:37 +00:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
userID, ok := userIDInterface.(uuid.UUID)
|
|
|
|
|
if !ok {
|
2025-12-25 14:11:24 +00:00
|
|
|
// INT-006: Standardize error response format
|
|
|
|
|
RespondWithAppError(c, apperrors.New(apperrors.ErrCodeInternal, "Invalid user ID type"))
|
2025-12-03 19:29:37 +00:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
webhooks, err := h.webhookService.ListWebhooks(c.Request.Context(), userID)
|
|
|
|
|
if err != nil {
|
2025-12-25 14:11:24 +00:00
|
|
|
// INT-006: Standardize error response format
|
|
|
|
|
RespondWithAppError(c, apperrors.Wrap(apperrors.ErrCodeInternal, "Failed to list webhooks", err))
|
2025-12-03 19:29:37 +00:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2025-12-06 16:21:59 +00:00
|
|
|
RespondSuccess(c, http.StatusOK, webhooks)
|
2025-12-03 19:29:37 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// DeleteWebhook supprime un webhook
|
2025-12-25 14:23:19 +00:00
|
|
|
// @Summary Delete webhook
|
|
|
|
|
// @Description Delete a webhook by ID
|
|
|
|
|
// @Tags Webhook
|
|
|
|
|
// @Accept json
|
|
|
|
|
// @Produce json
|
|
|
|
|
// @Security BearerAuth
|
|
|
|
|
// @Param id path string true "Webhook ID"
|
|
|
|
|
// @Success 200 {object} handlers.APIResponse{data=object{message=string}}
|
|
|
|
|
// @Failure 400 {object} handlers.APIResponse "Invalid webhook ID"
|
|
|
|
|
// @Failure 401 {object} handlers.APIResponse "Unauthorized"
|
|
|
|
|
// @Failure 404 {object} handlers.APIResponse "Webhook not found"
|
|
|
|
|
// @Router /webhooks/{id} [delete]
|
2025-12-03 19:29:37 +00:00
|
|
|
func (h *WebhookHandler) DeleteWebhook() gin.HandlerFunc {
|
|
|
|
|
return func(c *gin.Context) {
|
|
|
|
|
userIDInterface, exists := c.Get("user_id")
|
|
|
|
|
if !exists {
|
2025-12-25 14:11:24 +00:00
|
|
|
// INT-006: Standardize error response format
|
|
|
|
|
RespondWithAppError(c, apperrors.New(apperrors.ErrCodeInvalidCredentials, "User not authenticated"))
|
2025-12-03 19:29:37 +00:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
userID, ok := userIDInterface.(uuid.UUID)
|
|
|
|
|
if !ok {
|
2025-12-25 14:11:24 +00:00
|
|
|
// INT-006: Standardize error response format
|
|
|
|
|
RespondWithAppError(c, apperrors.New(apperrors.ErrCodeInternal, "Invalid user ID type"))
|
2025-12-03 19:29:37 +00:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
webhookIDStr := c.Param("id")
|
|
|
|
|
webhookID, err := uuid.Parse(webhookIDStr)
|
|
|
|
|
if err != nil {
|
2025-12-25 14:11:24 +00:00
|
|
|
// INT-006: Standardize error response format
|
|
|
|
|
RespondWithAppError(c, apperrors.New(apperrors.ErrCodeValidation, "Invalid webhook ID"))
|
2025-12-03 19:29:37 +00:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
err = h.webhookService.DeleteWebhook(c.Request.Context(), webhookID, userID)
|
|
|
|
|
if err != nil {
|
2025-12-25 14:11:24 +00:00
|
|
|
// INT-006: Standardize error response format
|
|
|
|
|
RespondWithAppError(c, apperrors.New(apperrors.ErrCodeNotFound, "Webhook not found"))
|
2025-12-03 19:29:37 +00:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2025-12-06 16:21:59 +00:00
|
|
|
RespondSuccess(c, http.StatusOK, gin.H{"message": "Webhook deleted successfully"})
|
2025-12-03 19:29:37 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// GetWebhookStats retourne les statistiques des webhooks
|
2025-12-25 14:23:19 +00:00
|
|
|
// @Summary Get webhook statistics
|
|
|
|
|
// @Description Get statistics for webhook delivery and performance
|
|
|
|
|
// @Tags Webhook
|
|
|
|
|
// @Accept json
|
|
|
|
|
// @Produce json
|
|
|
|
|
// @Security BearerAuth
|
|
|
|
|
// @Success 200 {object} handlers.APIResponse{data=object{stats=object}}
|
|
|
|
|
// @Failure 401 {object} handlers.APIResponse "Unauthorized"
|
|
|
|
|
// @Failure 500 {object} handlers.APIResponse "Internal server error"
|
|
|
|
|
// @Router /webhooks/stats [get]
|
2025-12-24 10:54:22 +00:00
|
|
|
// BE-API-033: Implement webhook stats endpoint validation
|
2025-12-03 19:29:37 +00:00
|
|
|
func (h *WebhookHandler) GetWebhookStats() gin.HandlerFunc {
|
|
|
|
|
return func(c *gin.Context) {
|
2025-12-24 10:54:22 +00:00
|
|
|
// Récupérer l'ID utilisateur depuis le contexte (pour cohérence avec les autres endpoints protégés)
|
|
|
|
|
userID, ok := GetUserIDUUID(c)
|
|
|
|
|
if !ok {
|
|
|
|
|
return // Erreur déjà envoyée par GetUserIDUUID
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Récupérer les statistiques du worker
|
|
|
|
|
if h.webhookWorker == nil {
|
|
|
|
|
h.logger.Error("WebhookWorker not available")
|
|
|
|
|
RespondWithAppError(c, apperrors.Wrap(apperrors.ErrCodeInternal, "Webhook stats service not available", nil))
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2025-12-03 19:29:37 +00:00
|
|
|
stats := h.webhookWorker.GetStats()
|
|
|
|
|
|
2025-12-24 10:54:22 +00:00
|
|
|
// BE-API-033: Standardize response format
|
2025-12-06 16:21:59 +00:00
|
|
|
RespondSuccess(c, http.StatusOK, gin.H{
|
2025-12-24 10:54:22 +00:00
|
|
|
"user_id": userID,
|
|
|
|
|
"stats": stats,
|
2025-12-03 19:29:37 +00:00
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// TestWebhook teste un webhook
|
2025-12-25 14:23:19 +00:00
|
|
|
// @Summary Test webhook
|
|
|
|
|
// @Description Send a test event to a webhook to verify it's working
|
|
|
|
|
// @Tags Webhook
|
|
|
|
|
// @Accept json
|
|
|
|
|
// @Produce json
|
|
|
|
|
// @Security BearerAuth
|
|
|
|
|
// @Param id path string true "Webhook ID"
|
|
|
|
|
// @Success 200 {object} handlers.APIResponse{data=object{message=string}}
|
|
|
|
|
// @Failure 400 {object} handlers.APIResponse "Invalid webhook ID"
|
|
|
|
|
// @Failure 401 {object} handlers.APIResponse "Unauthorized"
|
|
|
|
|
// @Failure 404 {object} handlers.APIResponse "Webhook not found"
|
|
|
|
|
// @Router /webhooks/{id}/test [post]
|
2025-12-03 19:29:37 +00:00
|
|
|
func (h *WebhookHandler) TestWebhook() gin.HandlerFunc {
|
|
|
|
|
return func(c *gin.Context) {
|
|
|
|
|
userIDInterface, exists := c.Get("user_id")
|
|
|
|
|
if !exists {
|
2025-12-25 14:11:24 +00:00
|
|
|
// INT-006: Standardize error response format
|
|
|
|
|
RespondWithAppError(c, apperrors.New(apperrors.ErrCodeInvalidCredentials, "User not authenticated"))
|
2025-12-03 19:29:37 +00:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
userID, ok := userIDInterface.(uuid.UUID)
|
|
|
|
|
if !ok {
|
2025-12-25 14:11:24 +00:00
|
|
|
// INT-006: Standardize error response format
|
|
|
|
|
RespondWithAppError(c, apperrors.New(apperrors.ErrCodeInternal, "Invalid user ID type"))
|
2025-12-03 19:29:37 +00:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
webhookIDStr := c.Param("id")
|
|
|
|
|
webhookID, err := uuid.Parse(webhookIDStr)
|
|
|
|
|
if err != nil {
|
2025-12-25 14:11:24 +00:00
|
|
|
// INT-006: Standardize error response format
|
|
|
|
|
RespondWithAppError(c, apperrors.New(apperrors.ErrCodeValidation, "Invalid webhook ID"))
|
2025-12-03 19:29:37 +00:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
webhook, err := h.webhookService.GetWebhook(c.Request.Context(), webhookID, userID)
|
|
|
|
|
if err != nil {
|
2025-12-25 14:11:24 +00:00
|
|
|
// INT-006: Standardize error response format
|
|
|
|
|
RespondWithAppError(c, apperrors.New(apperrors.ErrCodeNotFound, "Webhook not found"))
|
2025-12-03 19:29:37 +00:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2025-12-25 14:16:38 +00:00
|
|
|
// INT-008: Standardize date format to ISO 8601 (RFC3339)
|
2025-12-03 19:29:37 +00:00
|
|
|
job := workers.WebhookJob{
|
|
|
|
|
Webhook: webhook,
|
|
|
|
|
Event: "ping",
|
|
|
|
|
Data: map[string]interface{}{
|
|
|
|
|
"message": "This is a test webhook from Veza",
|
2025-12-25 14:16:38 +00:00
|
|
|
"timestamp": time.Now().UTC().Format(time.RFC3339),
|
2025-12-03 19:29:37 +00:00
|
|
|
"test_id": uuid.New().String(),
|
|
|
|
|
},
|
|
|
|
|
Retries: 0,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
h.webhookWorker.Enqueue(job)
|
|
|
|
|
|
|
|
|
|
h.logger.Info("Test webhook queued", zap.String("webhook_id", webhookID.String()))
|
|
|
|
|
|
2025-12-06 16:21:59 +00:00
|
|
|
RespondSuccess(c, http.StatusOK, gin.H{"message": fmt.Sprintf("Webhook test queued for %s", webhookID)})
|
2025-12-03 19:29:37 +00:00
|
|
|
}
|
|
|
|
|
}
|
2025-12-24 17:03:52 +00:00
|
|
|
|
2025-12-25 14:23:19 +00:00
|
|
|
// RegenerateAPIKey régénère la clé API d'un webhook
|
|
|
|
|
// @Summary Regenerate webhook API key
|
|
|
|
|
// @Description Generate a new API key for a webhook (invalidates the old one)
|
|
|
|
|
// @Tags Webhook
|
|
|
|
|
// @Accept json
|
|
|
|
|
// @Produce json
|
|
|
|
|
// @Security BearerAuth
|
|
|
|
|
// @Param id path string true "Webhook ID"
|
|
|
|
|
// @Success 200 {object} handlers.APIResponse{data=object{api_key=string,message=string}}
|
|
|
|
|
// @Failure 400 {object} handlers.APIResponse "Invalid webhook ID"
|
|
|
|
|
// @Failure 401 {object} handlers.APIResponse "Unauthorized"
|
|
|
|
|
// @Failure 404 {object} handlers.APIResponse "Webhook not found"
|
|
|
|
|
// @Failure 500 {object} handlers.APIResponse "Internal server error"
|
|
|
|
|
// @Router /webhooks/{id}/regenerate-key [post]
|
|
|
|
|
// BE-SEC-012: Regenerate webhook API key
|
2025-12-24 17:03:52 +00:00
|
|
|
func (h *WebhookHandler) RegenerateAPIKey() gin.HandlerFunc {
|
|
|
|
|
return func(c *gin.Context) {
|
|
|
|
|
userIDInterface, exists := c.Get("user_id")
|
|
|
|
|
if !exists {
|
2025-12-25 14:11:24 +00:00
|
|
|
// INT-006: Standardize error response format
|
|
|
|
|
RespondWithAppError(c, apperrors.New(apperrors.ErrCodeInvalidCredentials, "User not authenticated"))
|
2025-12-24 17:03:52 +00:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
userID, ok := userIDInterface.(uuid.UUID)
|
|
|
|
|
if !ok {
|
2025-12-25 14:11:24 +00:00
|
|
|
// INT-006: Standardize error response format
|
|
|
|
|
RespondWithAppError(c, apperrors.New(apperrors.ErrCodeInternal, "Invalid user ID type"))
|
2025-12-24 17:03:52 +00:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
webhookIDStr := c.Param("id")
|
|
|
|
|
webhookID, err := uuid.Parse(webhookIDStr)
|
|
|
|
|
if err != nil {
|
2025-12-25 14:11:24 +00:00
|
|
|
// INT-006: Standardize error response format
|
|
|
|
|
RespondWithAppError(c, apperrors.New(apperrors.ErrCodeValidation, "Invalid webhook ID"))
|
2025-12-24 17:03:52 +00:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
newAPIKey, err := h.webhookService.RegenerateAPIKey(c.Request.Context(), webhookID, userID)
|
|
|
|
|
if err != nil {
|
|
|
|
|
if err.Error() == "webhook not found" {
|
2025-12-25 14:11:24 +00:00
|
|
|
// INT-006: Standardize error response format
|
|
|
|
|
RespondWithAppError(c, apperrors.New(apperrors.ErrCodeNotFound, "Webhook not found"))
|
2025-12-24 17:03:52 +00:00
|
|
|
return
|
|
|
|
|
}
|
2025-12-25 14:11:24 +00:00
|
|
|
// INT-006: Standardize error response format
|
|
|
|
|
RespondWithAppError(c, apperrors.Wrap(apperrors.ErrCodeInternal, "Failed to regenerate API key", err))
|
2025-12-24 17:03:52 +00:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
RespondSuccess(c, http.StatusOK, gin.H{
|
|
|
|
|
"api_key": newAPIKey,
|
|
|
|
|
"message": "API key regenerated successfully",
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
}
|