From 05bb05d45c6b7c0836fcf2a9c4c430c040ba416d Mon Sep 17 00:00:00 2001
From: H3ALY <ross@healy.xyz>
Date: Wed, 16 Apr 2025 10:41:06 +0100
Subject: [PATCH] Move admin.go this is a storage task, updated routes to use
 proection

---
 routes/adminroutes.go            | 18 +++++++++---------
 {middleware => storage}/admin.go |  6 ++++--
 2 files changed, 13 insertions(+), 11 deletions(-)
 rename {middleware => storage}/admin.go (87%)

diff --git a/routes/adminroutes.go b/routes/adminroutes.go
index d66c540..ff6b234 100644
--- a/routes/adminroutes.go
+++ b/routes/adminroutes.go
@@ -9,19 +9,19 @@ import (
 )
 
 func SetupAdminRoutes(mux *http.ServeMux, db *sql.DB) {
-	mux.HandleFunc("/admin/access", middleware.AdminOnly(db, admin.AdminAccessLogHandler(db)))
-	mux.HandleFunc("/admin/audit", middleware.AdminOnly(db, admin.AuditLogHandler(db)))
-	mux.HandleFunc("/admin/dashboard", middleware.AdminOnly(db, admin.AdminDashboardHandler(db)))
-	mux.HandleFunc("/admin/triggers", middleware.AdminOnly(db, admin.AdminTriggersHandler(db)))
+	mux.HandleFunc("/admin/access", middleware.Protected(admin.AdminAccessLogHandler(db)))
+	mux.HandleFunc("/admin/audit", middleware.Protected(admin.AuditLogHandler(db)))
+	mux.HandleFunc("/admin/dashboard", middleware.Protected(admin.AdminDashboardHandler(db)))
+	mux.HandleFunc("/admin/triggers", middleware.Protected(admin.AdminTriggersHandler(db)))
 
 	// Draw management
-	mux.HandleFunc("/admin/draws", middleware.AdminOnly(db, admin.ListDrawsHandler(db)))
+	mux.HandleFunc("/admin/draws", middleware.Protected(admin.ListDrawsHandler(db)))
 	// mux.HandleFunc("/admin/draws/new", middleware.AdminOnly(db, admin.RenderNewDrawForm(db)))
 	// mux.HandleFunc("/admin/draws/submit", middleware.AdminOnly(db, admin.CreateDrawHandler(db)))
-	mux.HandleFunc("/admin/draws/modify", middleware.AdminOnly(db, admin.ModifyDrawHandler(db)))
-	mux.HandleFunc("/admin/draws/delete", middleware.AdminOnly(db, admin.DeleteDrawHandler(db)))
+	mux.HandleFunc("/admin/draws/modify", middleware.Protected(admin.ModifyDrawHandler(db)))
+	mux.HandleFunc("/admin/draws/delete", middleware.Protected(admin.DeleteDrawHandler(db)))
 
 	// Prize management
-	mux.HandleFunc("/admin/draws/prizes/add", middleware.AdminOnly(db, admin.AddPrizesHandler(db)))
-	mux.HandleFunc("/admin/draws/prizes/modify", middleware.AdminOnly(db, admin.ModifyPrizesHandler(db)))
+	mux.HandleFunc("/admin/draws/prizes/add", middleware.Protected(admin.AddPrizesHandler(db)))
+	mux.HandleFunc("/admin/draws/prizes/modify", middleware.Protected(admin.ModifyPrizesHandler(db)))
 }
diff --git a/middleware/admin.go b/storage/admin.go
similarity index 87%
rename from middleware/admin.go
rename to storage/admin.go
index ab08b9b..b968219 100644
--- a/middleware/admin.go
+++ b/storage/admin.go
@@ -1,14 +1,16 @@
-package middleware
+package storage
 
 import (
 	"database/sql"
 	"log"
 	"net/http"
+
 	"synlotto-website/helpers"
+	"synlotto-website/middleware"
 )
 
 func AdminOnly(db *sql.DB, next http.HandlerFunc) http.HandlerFunc {
-	return Auth(true)(func(w http.ResponseWriter, r *http.Request) {
+	return middleware.Auth(true)(func(w http.ResponseWriter, r *http.Request) {
 		userID, ok := helpers.GetCurrentUserID(r)
 		if !ok || !helpers.IsAdmin(db, userID) {
 			log.Printf("⛔️ Unauthorized admin attempt: user_id=%v, IP=%s, Path=%s", userID, r.RemoteAddr, r.URL.Path)