makiolaj/SimpleFinanceDash
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Init

Browse Source
This commit is contained in:
Jean-Luc Makiola
2026-03-06 19:42:15 +00:00
parent abcbe3e1e5
commit 04cbb846d1
99 changed files with 11724 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

480
backend/internal/api/handlers.go Normal file
View File

@@ -0,0 +1,480 @@
package api
import (
"encoding/json"
"net/http"
"time"
"github.com/go-chi/chi/v5"
"github.com/google/uuid"
"github.com/shopspring/decimal"
"simplefinancedash/backend/internal/auth"
"simplefinancedash/backend/internal/db"
"simplefinancedash/backend/internal/models"
)
type Handlers struct {
queries *db.Queries
sessionSecret string
}
func NewHandlers(queries *db.Queries, sessionSecret string) *Handlers {
return &Handlers{queries: queries, sessionSecret: sessionSecret}
}
// Helpers
func writeJSON(w http.ResponseWriter, status int, v interface{}) {
w.Header().Set("Content-Type", "application/json")
w.WriteHeader(status)
json.NewEncoder(w).Encode(v)
}
func writeError(w http.ResponseWriter, status int, msg string) {
writeJSON(w, status, map[string]string{"error": msg})
}
func decodeJSON(r *http.Request, v interface{}) error {
return json.NewDecoder(r.Body).Decode(v)
}
func parseUUID(s string) (uuid.UUID, error) {
return uuid.Parse(s)
}
// Auth Handlers
func (h *Handlers) Register(w http.ResponseWriter, r *http.Request) {
var req struct {
Email string `json:"email"`
Password string `json:"password"`
DisplayName string `json:"display_name"`
}
if err := decodeJSON(r, &req); err != nil {
writeError(w, http.StatusBadRequest, "invalid request body")
return
}
if req.Email == "" || req.Password == "" {
writeError(w, http.StatusBadRequest, "email and password required")
return
}
hash, err := auth.HashPassword(req.Password)
if err != nil {
writeError(w, http.StatusInternalServerError, "internal error")
return
}
user, err := h.queries.CreateUser(r.Context(), req.Email, hash, req.DisplayName, "en")
if err != nil {
writeError(w, http.StatusConflict, "email already registered")
return
}
token, err := auth.GenerateToken(user.ID, h.sessionSecret)
if err != nil {
writeError(w, http.StatusInternalServerError, "internal error")
return
}
auth.SetSessionCookie(w, token)
writeJSON(w, http.StatusCreated, user)
}
func (h *Handlers) Login(w http.ResponseWriter, r *http.Request) {
var req struct {
Email string `json:"email"`
Password string `json:"password"`
}
if err := decodeJSON(r, &req); err != nil {
writeError(w, http.StatusBadRequest, "invalid request body")
return
}
user, err := h.queries.GetUserByEmail(r.Context(), req.Email)
if err != nil {
writeError(w, http.StatusUnauthorized, "invalid credentials")
return
}
if err := auth.CheckPassword(user.PasswordHash, req.Password); err != nil {
writeError(w, http.StatusUnauthorized, "invalid credentials")
return
}
token, err := auth.GenerateToken(user.ID, h.sessionSecret)
if err != nil {
writeError(w, http.StatusInternalServerError, "internal error")
return
}
auth.SetSessionCookie(w, token)
writeJSON(w, http.StatusOK, user)
}
func (h *Handlers) Logout(w http.ResponseWriter, r *http.Request) {
auth.ClearSessionCookie(w)
w.WriteHeader(http.StatusNoContent)
}
func (h *Handlers) Me(w http.ResponseWriter, r *http.Request) {
cookie, err := r.Cookie("session")
if err != nil {
writeError(w, http.StatusUnauthorized, "unauthorized")
return
}
userID, err := auth.ValidateToken(cookie.Value, h.sessionSecret)
if err != nil {
writeError(w, http.StatusUnauthorized, "unauthorized")
return
}
user, err := h.queries.GetUserByID(r.Context(), userID)
if err != nil {
writeError(w, http.StatusUnauthorized, "unauthorized")
return
}
writeJSON(w, http.StatusOK, user)
}
func (h *Handlers) OIDCStart(w http.ResponseWriter, r *http.Request) {
// OIDC flow placeholder - would redirect to OIDC provider
writeError(w, http.StatusNotImplemented, "OIDC not configured")
}
func (h *Handlers) OIDCCallback(w http.ResponseWriter, r *http.Request) {
// OIDC callback placeholder
writeError(w, http.StatusNotImplemented, "OIDC not configured")
}
// Category Handlers
func (h *Handlers) ListCategories(w http.ResponseWriter, r *http.Request) {
userID := auth.UserIDFromContext(r.Context())
cats, err := h.queries.ListCategories(r.Context(), userID)
if err != nil {
writeError(w, http.StatusInternalServerError, "failed to list categories")
return
}
if cats == nil {
cats = []models.Category{}
}
writeJSON(w, http.StatusOK, cats)
}
func (h *Handlers) CreateCategory(w http.ResponseWriter, r *http.Request) {
userID := auth.UserIDFromContext(r.Context())
var req struct {
Name string `json:"name"`
Type models.CategoryType `json:"type"`
Icon string `json:"icon"`
SortOrder int `json:"sort_order"`
}
if err := decodeJSON(r, &req); err != nil {
writeError(w, http.StatusBadRequest, "invalid request body")
return
}
cat, err := h.queries.CreateCategory(r.Context(), userID, req.Name, req.Type, req.Icon, req.SortOrder)
if err != nil {
writeError(w, http.StatusInternalServerError, "failed to create category")
return
}
writeJSON(w, http.StatusCreated, cat)
}
func (h *Handlers) UpdateCategory(w http.ResponseWriter, r *http.Request) {
userID := auth.UserIDFromContext(r.Context())
id, err := parseUUID(chi.URLParam(r, "id"))
if err != nil {
writeError(w, http.StatusBadRequest, "invalid id")
return
}
var req struct {
Name string `json:"name"`
Type models.CategoryType `json:"type"`
Icon string `json:"icon"`
SortOrder int `json:"sort_order"`
}
if err := decodeJSON(r, &req); err != nil {
writeError(w, http.StatusBadRequest, "invalid request body")
return
}
cat, err := h.queries.UpdateCategory(r.Context(), id, userID, req.Name, req.Type, req.Icon, req.SortOrder)
if err != nil {
writeError(w, http.StatusNotFound, "category not found")
return
}
writeJSON(w, http.StatusOK, cat)
}
func (h *Handlers) DeleteCategory(w http.ResponseWriter, r *http.Request) {
userID := auth.UserIDFromContext(r.Context())
id, err := parseUUID(chi.URLParam(r, "id"))
if err != nil {
writeError(w, http.StatusBadRequest, "invalid id")
return
}
if err := h.queries.DeleteCategory(r.Context(), id, userID); err != nil {
writeError(w, http.StatusInternalServerError, "failed to delete category")
return
}
w.WriteHeader(http.StatusNoContent)
}
// Budget Handlers
func (h *Handlers) ListBudgets(w http.ResponseWriter, r *http.Request) {
userID := auth.UserIDFromContext(r.Context())
budgets, err := h.queries.ListBudgets(r.Context(), userID)
if err != nil {
writeError(w, http.StatusInternalServerError, "failed to list budgets")
return
}
if budgets == nil {
budgets = []models.Budget{}
}
writeJSON(w, http.StatusOK, budgets)
}
func (h *Handlers) CreateBudget(w http.ResponseWriter, r *http.Request) {
userID := auth.UserIDFromContext(r.Context())
var req struct {
Name string `json:"name"`
StartDate string `json:"start_date"`
EndDate string `json:"end_date"`
Currency string `json:"currency"`
CarryoverAmount decimal.Decimal `json:"carryover_amount"`
}
if err := decodeJSON(r, &req); err != nil {
writeError(w, http.StatusBadRequest, "invalid request body")
return
}
startDate, err := time.Parse("2006-01-02", req.StartDate)
if err != nil {
writeError(w, http.StatusBadRequest, "invalid start_date format")
return
}
endDate, err := time.Parse("2006-01-02", req.EndDate)
if err != nil {
writeError(w, http.StatusBadRequest, "invalid end_date format")
return
}
if req.Currency == "" {
req.Currency = "EUR"
}
budget, err := h.queries.CreateBudget(r.Context(), userID, req.Name, startDate, endDate, req.Currency, req.CarryoverAmount)
if err != nil {
writeError(w, http.StatusInternalServerError, "failed to create budget")
return
}
writeJSON(w, http.StatusCreated, budget)
}
func (h *Handlers) GetBudget(w http.ResponseWriter, r *http.Request) {
userID := auth.UserIDFromContext(r.Context())
id, err := parseUUID(chi.URLParam(r, "id"))
if err != nil {
writeError(w, http.StatusBadRequest, "invalid id")
return
}
detail, err := h.queries.GetBudgetWithItems(r.Context(), id, userID)
if err != nil {
writeError(w, http.StatusNotFound, "budget not found")
return
}
if detail.Items == nil {
detail.Items = []models.BudgetItem{}
}
writeJSON(w, http.StatusOK, detail)
}
func (h *Handlers) UpdateBudget(w http.ResponseWriter, r *http.Request) {
userID := auth.UserIDFromContext(r.Context())
id, err := parseUUID(chi.URLParam(r, "id"))
if err != nil {
writeError(w, http.StatusBadRequest, "invalid id")
return
}
var req struct {
Name string `json:"name"`
StartDate string `json:"start_date"`
EndDate string `json:"end_date"`
Currency string `json:"currency"`
CarryoverAmount decimal.Decimal `json:"carryover_amount"`
}
if err := decodeJSON(r, &req); err != nil {
writeError(w, http.StatusBadRequest, "invalid request body")
return
}
startDate, _ := time.Parse("2006-01-02", req.StartDate)
endDate, _ := time.Parse("2006-01-02", req.EndDate)
budget, err := h.queries.UpdateBudget(r.Context(), id, userID, req.Name, startDate, endDate, req.Currency, req.CarryoverAmount)
if err != nil {
writeError(w, http.StatusNotFound, "budget not found")
return
}
writeJSON(w, http.StatusOK, budget)
}
func (h *Handlers) DeleteBudget(w http.ResponseWriter, r *http.Request) {
userID := auth.UserIDFromContext(r.Context())
id, err := parseUUID(chi.URLParam(r, "id"))
if err != nil {
writeError(w, http.StatusBadRequest, "invalid id")
return
}
if err := h.queries.DeleteBudget(r.Context(), id, userID); err != nil {
writeError(w, http.StatusInternalServerError, "failed to delete budget")
return
}
w.WriteHeader(http.StatusNoContent)
}
func (h *Handlers) CopyBudgetItems(w http.ResponseWriter, r *http.Request) {
userID := auth.UserIDFromContext(r.Context())
id, err := parseUUID(chi.URLParam(r, "id"))
if err != nil {
writeError(w, http.StatusBadRequest, "invalid id")
return
}
srcID, err := parseUUID(chi.URLParam(r, "srcId"))
if err != nil {
writeError(w, http.StatusBadRequest, "invalid source id")
return
}
if err := h.queries.CopyBudgetItems(r.Context(), id, srcID, userID); err != nil {
writeError(w, http.StatusInternalServerError, "failed to copy items")
return
}
detail, err := h.queries.GetBudgetWithItems(r.Context(), id, userID)
if err != nil {
writeError(w, http.StatusInternalServerError, "failed to get budget")
return
}
writeJSON(w, http.StatusOK, detail)
}
// Budget Item Handlers
func (h *Handlers) CreateBudgetItem(w http.ResponseWriter, r *http.Request) {
budgetID, err := parseUUID(chi.URLParam(r, "id"))
if err != nil {
writeError(w, http.StatusBadRequest, "invalid budget id")
return
}
var req struct {
CategoryID uuid.UUID `json:"category_id"`
BudgetedAmount decimal.Decimal `json:"budgeted_amount"`
ActualAmount decimal.Decimal `json:"actual_amount"`
Notes string `json:"notes"`
}
if err := decodeJSON(r, &req); err != nil {
writeError(w, http.StatusBadRequest, "invalid request body")
return
}
item, err := h.queries.CreateBudgetItem(r.Context(), budgetID, req.CategoryID, req.BudgetedAmount, req.ActualAmount, req.Notes)
if err != nil {
writeError(w, http.StatusInternalServerError, "failed to create budget item")
return
}
writeJSON(w, http.StatusCreated, item)
}
func (h *Handlers) UpdateBudgetItem(w http.ResponseWriter, r *http.Request) {
budgetID, err := parseUUID(chi.URLParam(r, "id"))
if err != nil {
writeError(w, http.StatusBadRequest, "invalid budget id")
return
}
itemID, err := parseUUID(chi.URLParam(r, "itemId"))
if err != nil {
writeError(w, http.StatusBadRequest, "invalid item id")
return
}
var req struct {
BudgetedAmount decimal.Decimal `json:"budgeted_amount"`
ActualAmount decimal.Decimal `json:"actual_amount"`
Notes string `json:"notes"`
}
if err := decodeJSON(r, &req); err != nil {
writeError(w, http.StatusBadRequest, "invalid request body")
return
}
item, err := h.queries.UpdateBudgetItem(r.Context(), itemID, budgetID, req.BudgetedAmount, req.ActualAmount, req.Notes)
if err != nil {
writeError(w, http.StatusNotFound, "budget item not found")
return
}
writeJSON(w, http.StatusOK, item)
}
func (h *Handlers) DeleteBudgetItem(w http.ResponseWriter, r *http.Request) {
budgetID, err := parseUUID(chi.URLParam(r, "id"))
if err != nil {
writeError(w, http.StatusBadRequest, "invalid budget id")
return
}
itemID, err := parseUUID(chi.URLParam(r, "itemId"))
if err != nil {
writeError(w, http.StatusBadRequest, "invalid item id")
return
}
if err := h.queries.DeleteBudgetItem(r.Context(), itemID, budgetID); err != nil {
writeError(w, http.StatusInternalServerError, "failed to delete budget item")
return
}
w.WriteHeader(http.StatusNoContent)
}
// Settings Handlers
func (h *Handlers) GetSettings(w http.ResponseWriter, r *http.Request) {
userID := auth.UserIDFromContext(r.Context())
user, err := h.queries.GetUserByID(r.Context(), userID)
if err != nil {
writeError(w, http.StatusNotFound, "user not found")
return
}
writeJSON(w, http.StatusOK, user)
}
func (h *Handlers) UpdateSettings(w http.ResponseWriter, r *http.Request) {
userID := auth.UserIDFromContext(r.Context())
var req struct {
DisplayName string `json:"display_name"`
PreferredLocale string `json:"preferred_locale"`
}
if err := decodeJSON(r, &req); err != nil {
writeError(w, http.StatusBadRequest, "invalid request body")
return
}
user, err := h.queries.UpdateUser(r.Context(), userID, req.DisplayName, req.PreferredLocale)
if err != nil {
writeError(w, http.StatusInternalServerError, "failed to update settings")
return
}
writeJSON(w, http.StatusOK, user)
}