feat: make secure request API

2024-12-11 10:35:05 +07:00 · 2024-12-11 10:35:05 +07:00 · ea96066f55
parent a7ffe420f9
commit ea96066f55
5 changed files with 83 additions and 3 deletions
--- a/internal/api/routes.go
+++ b/internal/api/routes.go
@ -7,6 +7,9 @@ import (
 )

 func AppRouter(app *fiber.App) {
+	// # API Secure
+	app.Use(middleware.APIKeyMiddleware)
+
 	// # role
 	app.Get("/listrole", controllers.GetAllUserRoles)
 	app.Get("/listrole/:id", controllers.GetUserRoleByID)
@ -51,7 +54,8 @@ func AppRouter(app *fiber.App) {

 	// # banner
 	app.Get("/banners", controllers.GetBanners)
-	app.Get("/banners/:id", controllers.GetBannerByID)
-	app.Post("/addbanners", controllers.CreateBanner)
-	app.Put("/updatebanners/:id", controllers.UpdateBanner)
+	app.Get("/banner/:id", controllers.GetBannerByID)
+	app.Post("/addbanner", controllers.CreateBanner)
+	app.Put("/updatebanner/:id", controllers.UpdateBanner)
+	app.Delete("/deletebanner/:id", controllers.DeleteBanner)
 }
--- a/internal/controllers/banner.go
+++ b/internal/controllers/banner.go
@ -176,3 +176,31 @@ func UpdateBanner(c *fiber.Ctx) error {
 		},
 	))
 }
+
+func DeleteBanner(c *fiber.Ctx) error {
+	id := c.Params("id")
+
+	err := services.DeleteBanner(id)
+	if err != nil {
+
+		if err.Error() == "banner not found" {
+			return c.Status(fiber.StatusNotFound).JSON(utils.FormatResponse(
+				fiber.StatusNotFound,
+				"Banner not found",
+				nil,
+			))
+		}
+
+		return c.Status(fiber.StatusInternalServerError).JSON(utils.FormatResponse(
+			fiber.StatusInternalServerError,
+			"Failed to delete banner",
+			nil,
+		))
+	}
+
+	return c.Status(fiber.StatusOK).JSON(utils.FormatResponse(
+		fiber.StatusOK,
+		"Banner deleted successfully",
+		nil,
+	))
+}
--- a/internal/middleware/api_secure.go
+++ b/internal/middleware/api_secure.go
@ -0,0 +1,28 @@
+package middleware
+
+import (
+	"os"
+
+	"github.com/gofiber/fiber/v2"
+	"github.com/pahmiudahgede/senggoldong/utils"
+)
+
+func APIKeyMiddleware(c *fiber.Ctx) error {
+
+	apiKey := c.Get("x-api-key")
+
+	expectedAPIKey := os.Getenv("API_KEY")
+
+	if apiKey != expectedAPIKey {
+
+		response := utils.FormatResponse(
+			fiber.StatusUnauthorized,
+			"Invalid API Key",
+			nil,
+		)
+
+		return c.Status(fiber.StatusUnauthorized).JSON(response)
+	}
+
+	return c.Next()
+}
--- a/internal/repositories/banner.go
+++ b/internal/repositories/banner.go
@ -35,4 +35,11 @@ func UpdateBanner(banner *domain.Banner) error {
 		return err
 	}
 	return nil
+}
+
+func DeleteBanner(id string) error {
+	if err := config.DB.Where("id = ?", id).Delete(&domain.Banner{}).Error; err != nil {
+		return err
+	}
+	return nil
 }
--- a/internal/services/banner.go
+++ b/internal/services/banner.go
@ -49,3 +49,16 @@ func UpdateBanner(id, bannerName, bannerImage string) (domain.Banner, error) {

 	return banner, nil
 }
+
+func DeleteBanner(id string) error {
+
+	_, err := repositories.GetBannerByID(id)
+	if err != nil {
+		return errors.New("banner not found")
+	}
+
+	if err := repositories.DeleteBanner(id); err != nil {
+		return err
+	}
+	return nil
+}