dev day #89

2026-06-05 11:12:56 +00:00 · 2025-11-11 10:29:30 +01:00
parent d5b4faea61
commit 8762bde4bf
139 changed files with 7240 additions and 2870 deletions
@@ -58,6 +58,7 @@ func SetupRoutes(api *gin.RouterGroup, db *gorm.DB) {
 	youtubeController := controllers.NewYouTubeController(db)
 	umamiController := controllers.NewUmamiController()
 	imageProcessingController := &controllers.ImageProcessingController{}
+	errorController := controllers.NewErrorController(db)

 	// API v1 group
 	{
@@ -95,6 +96,8 @@ func SetupRoutes(api *gin.RouterGroup, db *gorm.DB) {
 		// SMTP validation (public during setup; does not send email, only connects)
 		api.POST("/setup/validate-smtp", baseController.ValidateSMTP)

+		api.POST("/errors", middleware.RateLimit(120, time.Minute), errorController.Ingest)
+
 		// Auth routes
 		auth := api.Group("/auth")
 		{
@@ -122,14 +125,15 @@ func SetupRoutes(api *gin.RouterGroup, db *gorm.DB) {
 		// Event routes (public)
 		eventController := &controllers.EventController{DB: db}
 		events := api.Group("/events")
+		events.Use(middleware.JWTOptional(db))
 		{
 			events.GET("", eventController.GetEvents)
 			events.GET("/upcoming", eventController.GetUpcomingEvents)
 			events.GET("/:id", eventController.GetEventByID)
 		}

-		// Comments (public list)
-		api.GET("/comments", commentController.GetComments)
+		// Comments (public list; attach optional auth to personalize reactions)
+		api.GET("/comments", middleware.JWTOptional(db), commentController.GetComments)

 		// Engagement (public + protected)
 		api.GET("/engagement/rewards", engagementController.GetRewards)
@@ -271,6 +275,13 @@ func SetupRoutes(api *gin.RouterGroup, db *gorm.DB) {
 			admin := protected.Group("/admin")
 			admin.Use(middleware.RoleAuth("admin"))
 			{
+				// Errors
+				admin.GET("/errors", errorController.AdminList)
+				admin.GET("/errors/:id", errorController.AdminGet)
+				// External Error Review proxies
+				admin.GET("/errors/external", errorController.AdminListExternal)
+				admin.GET("/errors/external/:id", errorController.AdminGetExternal)
+
 				// Comments
 				commentsAdmin := admin.Group("/comments")
 				{
@@ -321,6 +332,7 @@ func SetupRoutes(api *gin.RouterGroup, db *gorm.DB) {
 				// Scoreboard sponsors & QR (admin-only)
 				admin.GET("/scoreboard/sponsors", scoreboardController.ListSponsors)
 				admin.POST("/scoreboard/sponsors/upload", scoreboardController.UploadSponsors)
+				admin.POST("/scoreboard/sponsors/prefill", scoreboardController.PrefillSponsorsFromPage)
 				admin.DELETE("/scoreboard/sponsors", scoreboardController.DeleteSponsor)
 				admin.GET("/scoreboard/qr", scoreboardController.GetQR)
 				admin.POST("/scoreboard/qr", scoreboardController.UploadQR)
@@ -578,18 +590,25 @@ func SetupRoutes(api *gin.RouterGroup, db *gorm.DB) {

 		api.GET("/scoreboard", scoreboardController.GetPublic)
 		api.GET("/scoreboard/colors/derive", scoreboardController.DeriveColors)
+		api.GET("/scoreboard/sponsors", scoreboardController.ListSponsors)
+		api.GET("/scoreboard/qr", scoreboardController.GetQR)

 		api.GET("/settings", baseController.GetPublicSettings)
 		api.GET("/competition-aliases", baseController.GetPublicCompetitionAliases)
 		api.GET("/public/team-logo-overrides", baseController.GetPublicTeamLogoOverrides)

-		api.GET("/articles/featured", baseController.GetFeaturedArticles)
-		api.GET("/articles", baseController.GetArticles)
-		api.GET("/articles/:id", baseController.GetArticle)
-		api.GET("/articles/slug/:slug", baseController.GetArticleBySlug)
-		api.POST("/articles/:id/read", baseController.IncrementArticleRead)
-		api.POST("/articles/:id/track-view", baseController.TrackArticleView)
-		api.GET("/articles/:id/match-link", baseController.GetArticleMatchLink)
+		// Articles (public; use optional auth so admin/editor can see drafts in list when requesting published=false)
+		articlesPub := api.Group("/articles")
+		articlesPub.Use(middleware.JWTOptional(db))
+		{
+			articlesPub.GET("/featured", baseController.GetFeaturedArticles)
+			articlesPub.GET("", baseController.GetArticles)
+			articlesPub.GET("/slug/:slug", baseController.GetArticleBySlug)
+			articlesPub.GET("/:id", baseController.GetArticle)
+			articlesPub.POST("/:id/read", baseController.IncrementArticleRead)
+			articlesPub.POST("/:id/track-view", baseController.TrackArticleView)
+			articlesPub.GET("/:id/match-link", baseController.GetArticleMatchLink)
+		}
 		api.GET("/categories", baseController.GetCategories)
 		api.GET("/youtube/videos", youtubeController.GetYouTubeVideos)
 		api.GET("/about", aboutController.GetPublicAboutPage)