Stack of changes to get gin, scs, nosurf running.

internal/handlers/messages.go

@@ -1,27 +1,24 @@
 package handlers
 
 import (
-	"database/sql"
 	"log"
 	"net/http"
 
 	templateHandlers "synlotto-website/internal/handlers/template"
-	httpHelpers "synlotto-website/internal/helpers/http"
 	securityHelpers "synlotto-website/internal/helpers/security"
-
-	// ToDo multi storage references need handler?
 	templateHelpers "synlotto-website/internal/helpers/template"
 	messagesStorage "synlotto-website/internal/storage/messages"
-	storage "synlotto-website/internal/storage/messages"
 
 	"synlotto-website/internal/helpers"
+	"synlotto-website/internal/platform/bootstrap"
 )
 
-func MessagesInboxHandler(db *sql.DB) http.HandlerFunc {
+// Inbox: paginated list of messages
+func MessagesInboxHandler(app *bootstrap.App) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
-		userID, ok := securityHelpers.GetCurrentUserID(r)
+		userID, ok := securityHelpers.GetCurrentUserID(app.SessionManager, r)
 		if !ok {
-			templateHelpers.RenderError(w, r, 403)
+			templateHelpers.RenderError(w, r, http.StatusForbidden)
 			return
 		}
 
@@ -31,86 +28,82 @@ func MessagesInboxHandler(db *sql.DB) http.HandlerFunc {
 		}
 		perPage := 10
 
-		totalCount := messagesStorage.GetInboxMessageCount(db, userID)
+		totalCount := messagesStorage.GetInboxMessageCount(app.DB, userID)
 		totalPages := (totalCount + perPage - 1) / perPage
 		if totalPages == 0 {
 			totalPages = 1
 		}
 
-		messages := messagesStorage.GetInboxMessages(db, userID, page, perPage)
+		messages := messagesStorage.GetInboxMessages(app.DB, userID, page, perPage)
 
-		data := templateHandlers.BuildTemplateData(db, w, r)
-		context := templateHelpers.TemplateContext(w, r, data)
+		data := templateHandlers.BuildTemplateData(app, w, r)
+		ctx := templateHelpers.TemplateContext(w, r, data)
+		ctx["Messages"] = messages
+		ctx["CurrentPage"] = page
+		ctx["TotalPages"] = totalPages
+		ctx["PageRange"] = templateHelpers.PageRange(page, totalPages)
 
-		context["Messages"] = messages
-		context["CurrentPage"] = page
-		context["TotalPages"] = totalPages
-		context["PageRange"] = templateHelpers.PageRange(page, totalPages)
-
-		tmpl := templateHelpers.LoadTemplateFiles("messages.html", "templates/account/messages/index.html")
-
-		if err := tmpl.ExecuteTemplate(w, "layout", context); err != nil {
-			// ToDo: Make this load all error pages without defining explictly.
-			templateHelpers.RenderError(w, r, 500)
+		tmpl := templateHelpers.LoadTemplateFiles("messages.html", "web/templates/account/messages/index.html")
+		if err := tmpl.ExecuteTemplate(w, "layout", ctx); err != nil {
+			templateHelpers.RenderError(w, r, http.StatusInternalServerError)
 		}
 	}
 }
 
-func ReadMessageHandler(db *sql.DB) http.HandlerFunc {
+// Read a single message (marks as read)
+func ReadMessageHandler(app *bootstrap.App) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
-		idStr := r.URL.Query().Get("id")
-		messageID := helpers.Atoi(idStr)
+		id := helpers.Atoi(r.URL.Query().Get("id"))
 
-		session, _ := httpHelpers.GetSession(w, r)
-		userID, ok := session.Values["user_id"].(int)
+		userID, ok := securityHelpers.GetCurrentUserID(app.SessionManager, r)
 		if !ok {
-			templateHelpers.RenderError(w, r, 403)
+			templateHelpers.RenderError(w, r, http.StatusForbidden)
 			return
 		}
 
-		message, err := storage.GetMessageByID(db, userID, messageID)
+		message, err := messagesStorage.GetMessageByID(app.DB, userID, id)
 		if err != nil {
 			log.Printf("❌ Message not found: %v", err)
 			message = nil
-		} else if !message.IsRead {
-			_ = storage.MarkMessageAsRead(db, messageID, userID)
+		} else if message != nil && !message.IsRead {
+			_ = messagesStorage.MarkMessageAsRead(app.DB, id, userID)
 		}
 
-		data := templateHandlers.BuildTemplateData(db, w, r)
-		context := templateHelpers.TemplateContext(w, r, data)
-		context["Message"] = message
+		data := templateHandlers.BuildTemplateData(app, w, r)
+		ctx := templateHelpers.TemplateContext(w, r, data)
+		ctx["Message"] = message
 
-		tmpl := templateHelpers.LoadTemplateFiles("read-message.html", "templates/account/messages/read.html")
-
-		tmpl.ExecuteTemplate(w, "layout", context)
+		tmpl := templateHelpers.LoadTemplateFiles("read-message.html", "web/templates/account/messages/read.html")
+		_ = tmpl.ExecuteTemplate(w, "layout", ctx)
 	}
 }
 
-func ArchiveMessageHandler(db *sql.DB) http.HandlerFunc {
+// Archive a message
+func ArchiveMessageHandler(app *bootstrap.App) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		id := helpers.Atoi(r.URL.Query().Get("id"))
-		userID, ok := securityHelpers.GetCurrentUserID(r)
+		userID, ok := securityHelpers.GetCurrentUserID(app.SessionManager, r)
 		if !ok {
-			templateHelpers.RenderError(w, r, 403)
+			templateHelpers.RenderError(w, r, http.StatusForbidden)
 			return
 		}
 
-		err := messagesStorage.ArchiveMessage(db, userID, id)
-		if err != nil {
-			templateHelpers.SetFlash(w, r, "Failed to archive message.")
+		if err := messagesStorage.ArchiveMessage(app.DB, userID, id); err != nil {
+			templateHelpers.SetFlash(r, "Failed to archive message.")
 		} else {
-			templateHelpers.SetFlash(w, r, "Message archived.")
+			templateHelpers.SetFlash(r, "Message archived.")
 		}
 
 		http.Redirect(w, r, "/account/messages", http.StatusSeeOther)
 	}
 }
 
-func ArchivedMessagesHandler(db *sql.DB) http.HandlerFunc {
+// List archived messages (paged)
+func ArchivedMessagesHandler(app *bootstrap.App) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
-		userID, ok := securityHelpers.GetCurrentUserID(r)
+		userID, ok := securityHelpers.GetCurrentUserID(app.SessionManager, r)
 		if !ok {
-			templateHelpers.RenderError(w, r, 403)
+			templateHelpers.RenderError(w, r, http.StatusForbidden)
 			return
 		}
 
@@ -120,35 +113,35 @@ func ArchivedMessagesHandler(db *sql.DB) http.HandlerFunc {
 		}
 		perPage := 10
 
-		messages := messagesStorage.GetArchivedMessages(db, userID, page, perPage)
+		messages := messagesStorage.GetArchivedMessages(app.DB, userID, page, perPage)
 		hasMore := len(messages) == perPage
 
-		data := templateHandlers.BuildTemplateData(db, w, r)
-		context := templateHelpers.TemplateContext(w, r, data)
-		context["Messages"] = messages
-		context["Page"] = page
-		context["HasMore"] = hasMore
+		data := templateHandlers.BuildTemplateData(app, w, r)
+		ctx := templateHelpers.TemplateContext(w, r, data)
+		ctx["Messages"] = messages
+		ctx["Page"] = page
+		ctx["HasMore"] = hasMore
 
-		tmpl := templateHelpers.LoadTemplateFiles("archived.html", "templates/account/messages/archived.html")
-		tmpl.ExecuteTemplate(w, "layout", context)
+		tmpl := templateHelpers.LoadTemplateFiles("archived.html", "web/templates/account/messages/archived.html")
+		_ = tmpl.ExecuteTemplate(w, "layout", ctx)
 	}
 }
 
-func SendMessageHandler(db *sql.DB) http.HandlerFunc {
+// Compose & send message
+func SendMessageHandler(app *bootstrap.App) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		switch r.Method {
 		case http.MethodGet:
-			data := templateHandlers.BuildTemplateData(db, w, r)
-			context := templateHelpers.TemplateContext(w, r, data)
-			tmpl := templateHelpers.LoadTemplateFiles("send-message.html", "templates/account/messages/send.html")
-
-			if err := tmpl.ExecuteTemplate(w, "layout", context); err != nil {
-				templateHelpers.RenderError(w, r, 500)
+			data := templateHandlers.BuildTemplateData(app, w, r)
+			ctx := templateHelpers.TemplateContext(w, r, data)
+			tmpl := templateHelpers.LoadTemplateFiles("send-message.html", "web/templates/account/messages/send.html")
+			if err := tmpl.ExecuteTemplate(w, "layout", ctx); err != nil {
+				templateHelpers.RenderError(w, r, http.StatusInternalServerError)
 			}
 		case http.MethodPost:
-			senderID, ok := securityHelpers.GetCurrentUserID(r)
+			senderID, ok := securityHelpers.GetCurrentUserID(app.SessionManager, r)
 			if !ok {
-				templateHelpers.RenderError(w, r, 403)
+				templateHelpers.RenderError(w, r, http.StatusForbidden)
 				return
 			}
 
@@ -156,32 +149,32 @@ func SendMessageHandler(db *sql.DB) http.HandlerFunc {
 			subject := r.FormValue("subject")
 			body := r.FormValue("message")
 
-			if err := messagesStorage.SendMessage(db, senderID, recipientID, subject, body); err != nil {
-				templateHelpers.SetFlash(w, r, "Failed to send message.")
+			if err := messagesStorage.SendMessage(app.DB, senderID, recipientID, subject, body); err != nil {
+				templateHelpers.SetFlash(r, "Failed to send message.")
 			} else {
-				templateHelpers.SetFlash(w, r, "Message sent.")
+				templateHelpers.SetFlash(r, "Message sent.")
 			}
 			http.Redirect(w, r, "/account/messages", http.StatusSeeOther)
 		default:
-			templateHelpers.RenderError(w, r, 405)
+			templateHelpers.RenderError(w, r, http.StatusMethodNotAllowed)
 		}
 	}
 }
 
-func RestoreMessageHandler(db *sql.DB) http.HandlerFunc {
+// Restore an archived message
+func RestoreMessageHandler(app *bootstrap.App) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		id := helpers.Atoi(r.URL.Query().Get("id"))
-		userID, ok := securityHelpers.GetCurrentUserID(r)
+		userID, ok := securityHelpers.GetCurrentUserID(app.SessionManager, r)
 		if !ok {
-			templateHelpers.RenderError(w, r, 403)
+			templateHelpers.RenderError(w, r, http.StatusForbidden)
 			return
 		}
 
-		err := storage.RestoreMessage(db, userID, id)
-		if err != nil {
-			templateHelpers.SetFlash(w, r, "Failed to restore message.")
+		if err := messagesStorage.RestoreMessage(app.DB, userID, id); err != nil {
+			templateHelpers.SetFlash(r, "Failed to restore message.")
 		} else {
-			templateHelpers.SetFlash(w, r, "Message restored.")
+			templateHelpers.SetFlash(r, "Message restored.")
 		}
 
 		http.Redirect(w, r, "/account/messages/archived", http.StatusSeeOther)