feat: make routing per role, add unlogged role

app/delivery/middleware/auth.go

@@ -16,9 +16,8 @@ import (
 )
 
 // AuthMiddleware creates authentication middleware
-func AuthMiddleware() fiber.Handler {
+func Authenticate() fiber.Handler {
 	authService := authService.NewAuthService()
-
 	return func(c fiber.Ctx) error {
 		// Get token from Authorization header
 		authHeader := c.Get("Authorization")
@@ -26,17 +25,13 @@ func AuthMiddleware() fiber.Handler {
 			// Try to get from cookie
 			authHeader = c.Cookies("access_token")
 			if authHeader == "" {
-				return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{
-					"error": "authorization token required",
-				})
+				return c.Next()
 			}
 		} else {
 			// Extract token from "Bearer <token>"
 			parts := strings.Split(authHeader, " ")
 			if len(parts) != 2 || parts[0] != "Bearer" {
-				return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{
-					"error": "invalid authorization header format",
-				})
+				return c.Next()
 			}
 			authHeader = parts[1]
 		}
@@ -44,24 +39,18 @@ func AuthMiddleware() fiber.Handler {
 		// Validate token
 		claims, err := authService.ValidateToken(authHeader)
 		if err != nil {
-			return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{
-				"error": "invalid or expired token",
-			})
+			return c.Next()
 		}
 
 		// Get user from database
 		user, err := authService.GetUserByID(claims.UserID)
 		if err != nil {
-			return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{
-				"error": "user not found",
-			})
+			return c.Next()
 		}
 
 		// Check if user is active
 		if !user.IsActive {
-			return c.Status(fiber.StatusForbidden).JSON(fiber.Map{
-				"error": "user account is inactive",
-			})
+			return c.Next()
 		}
 
 		// Create locale. LangID is overwritten by auth Token
@@ -80,9 +69,7 @@ func AuthMiddleware() fiber.Handler {
 
 		// We now populate the target user
 		if model.CustomerRole(user.Role.Name) != model.RoleAdmin {
-			return c.Status(fiber.StatusForbidden).JSON(fiber.Map{
-				"error": "admin access required",
-			})
+			return c.Next()
 		}
 
 		targetUserID, err := strconv.Atoi(targetUserIDAttribute)
@@ -115,6 +102,18 @@ func AuthMiddleware() fiber.Handler {
 	}
 }
 
+func Authorize() fiber.Handler {
+	return func(c fiber.Ctx) error {
+		_, ok := localeExtractor.GetUserID(c)
+		if !ok {
+			return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{
+				"error": "not authenticated",
+			})
+		}
+		return c.Next()
+	}
+}
+
 // RequireAdmin creates admin-only middleware
 func RequireAdmin() fiber.Handler {
 	return func(c fiber.Ctx) error {