From ce44ef3e62be67cc0bfc59f663dc5993a03b3610 Mon Sep 17 00:00:00 2001
From: LandaMm <qwer.009771@gmail.com>
Date: Mon, 2 Jun 2025 23:15:02 +0200
Subject: [PATCH] feat: protect required endpoints by oauth

---
 internal/oauth/routes.go | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/internal/oauth/routes.go b/internal/oauth/routes.go
index 6d40730..43e5103 100644
--- a/internal/oauth/routes.go
+++ b/internal/oauth/routes.go
@@ -2,6 +2,7 @@ package oauth
 
 import (
 	"gitea.local/admin/hspguard/internal/config"
+	imiddleware "gitea.local/admin/hspguard/internal/middleware"
 	"gitea.local/admin/hspguard/internal/repository"
 	"github.com/go-chi/chi/v5"
 )
@@ -20,9 +21,13 @@ func NewOAuthHandler(repo *repository.Queries, cfg *config.AppConfig) *OAuthHand
 
 func (h *OAuthHandler) RegisterRoutes(router chi.Router) {
 	router.Route("/oauth", func(r chi.Router) {
-		r.Post("/token", h.tokenEndpoint)
+		r.Group(func(protected chi.Router) {
+			authMiddleware := imiddleware.NewAuthMiddleware(h.cfg)
+			protected.Use(authMiddleware.Runner)
 
-		r.Post("/code", h.getAuthCode)
+			protected.Post("/code", h.getAuthCode)
+		})
 		r.Get("/authorize", h.AuthorizeClient)
+		r.Post("/token", h.tokenEndpoint)
 	})
 }