fix: cfg access

cmd/hspguard/api/api.go

@@ -30,6 +30,7 @@ func NewAPIServer(addr string, db *repository.Queries, minio *storage.FileStorag
 		addr:    addr,
 		repo:    db,
 		storage: minio,
+		cfg:     cfg,
 	}
 }
 
@@ -44,12 +45,13 @@ func (s *APIServer) Run() error {
 	oauthHandler := oauth.NewOAuthHandler(s.repo, s.cfg)
 
 	router.Route("/api/v1", func(r chi.Router) {
-		r.Use(imiddleware.WithSkipper(imiddleware.AuthMiddleware(s.cfg), "/api/v1/login", "/api/v1/register", "/api/v1/oauth/token"))
+		am := imiddleware.New(s.cfg)
+		r.Use(imiddleware.WithSkipper(am.Runner, "/api/v1/login", "/api/v1/register", "/api/v1/oauth/token"))
 
 		userHandler := user.NewUserHandler(s.repo, s.storage)
 		userHandler.RegisterRoutes(r)
 
-		authHandler := auth.NewAuthHandler(s.repo)
+		authHandler := auth.NewAuthHandler(s.repo, s.cfg)
 		authHandler.RegisterRoutes(r)
 
 		oauthHandler.RegisterRoutes(r)

internal/auth/routes.go

@@ -21,9 +21,10 @@ type AuthHandler struct {
 	cfg  *config.AppConfig
 }
 
-func NewAuthHandler(repo *repository.Queries) *AuthHandler {
+func NewAuthHandler(repo *repository.Queries, cfg *config.AppConfig) *AuthHandler {
 	return &AuthHandler{
-		repo: repo,
+		repo,
+		cfg,
 	}
 }
 

internal/middleware/auth.go

@@ -12,34 +12,42 @@ import (
 	"gitea.local/admin/hspguard/internal/web"
 )
 
-func AuthMiddleware(cfg *config.AppConfig) func(http.Handler) http.Handler {
+type AuthMiddleware struct {
-	return func(next http.Handler) http.Handler {
+	cfg *config.AppConfig
-		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+}
-			authHeader := r.Header.Get("Authorization")
-			if authHeader == "" {
-				web.Error(w, "unauthorized", http.StatusUnauthorized)
-				return
-			}
 
-			parts := strings.Split(authHeader, "Bearer ")
+func New(cfg *config.AppConfig) *AuthMiddleware {
-			if len(parts) != 2 {
+	return &AuthMiddleware{
-				web.Error(w, "invalid auth header format", http.StatusUnauthorized)
+		cfg,
-				return
-			}
-
-			tokenStr := parts[1]
-			token, userClaims, err := auth.VerifyToken(tokenStr, cfg.Jwt.PublicKey)
-			if err != nil || !token.Valid {
-				http.Error(w, fmt.Sprintf("invalid token: %v", err), http.StatusUnauthorized)
-				return
-			}
-
-			ctx := context.WithValue(r.Context(), types.UserIdKey, userClaims.Subject)
-			next.ServeHTTP(w, r.WithContext(ctx))
-		})
 	}
 }
 
+func (m *AuthMiddleware) Runner(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		authHeader := r.Header.Get("Authorization")
+		if authHeader == "" {
+			web.Error(w, "unauthorized", http.StatusUnauthorized)
+			return
+		}
+
+		parts := strings.Split(authHeader, "Bearer ")
+		if len(parts) != 2 {
+			web.Error(w, "invalid auth header format", http.StatusUnauthorized)
+			return
+		}
+
+		tokenStr := parts[1]
+		token, userClaims, err := auth.VerifyToken(tokenStr, m.cfg.Jwt.PublicKey)
+		if err != nil || !token.Valid {
+			http.Error(w, fmt.Sprintf("invalid token: %v", err), http.StatusUnauthorized)
+			return
+		}
+
+		ctx := context.WithValue(r.Context(), types.UserIdKey, userClaims.Subject)
+		next.ServeHTTP(w, r.WithContext(ctx))
+	})
+}
+
 func WithSkipper(mw func(http.Handler) http.Handler, excludedPaths ...string) func(http.Handler) http.Handler {
 	return func(next http.Handler) http.Handler {
 		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {