Migrate from Gin to Echo framework and add comprehensive integration tests

Major changes: - Migrate all handlers from Gin to Echo framework - Add new apperrors, echohelpers, and validator packages - Update middleware for Echo compatibility - Add ArchivedHandler to task categorization chain (archived tasks go to cancelled_tasks column) - Add 6 new integration tests: - RecurringTaskLifecycle: NextDueDate advancement for weekly/monthly tasks - MultiUserSharing: Complex sharing with user removal - TaskStateTransitions: All state transitions and kanban column changes - DateBoundaryEdgeCases: Threshold boundary testing - CascadeOperations: Residence deletion cascade effects - MultiUserOperations: Shared residence collaboration - Add single-purpose repository functions for kanban columns (GetOverdueTasks, GetDueSoonTasks, etc.) - Fix RemoveUser route param mismatch (userId -> user_id) - Fix determineExpectedColumn helper to correctly prioritize in_progress over overdue 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-16 13:52:08 -06:00
parent c51f1ce34a
commit 6dac34e373
98 changed files with 8209 additions and 4425 deletions
--- a/internal/middleware/auth.go
+++ b/internal/middleware/auth.go
@@ -3,15 +3,15 @@ package middleware
 import (
 	"context"
 	"fmt"
-	"net/http"
 	"strings"
 	"time"

-	"github.com/gin-gonic/gin"
+	"github.com/labstack/echo/v4"
 	"github.com/redis/go-redis/v9"
 	"github.com/rs/zerolog/log"
 	"gorm.io/gorm"

+	"github.com/treytartt/casera-api/internal/apperrors"
 	"github.com/treytartt/casera-api/internal/models"
 	"github.com/treytartt/casera-api/internal/services"
 )
@@ -41,84 +41,79 @@ func NewAuthMiddleware(db *gorm.DB, cache *services.CacheService) *AuthMiddlewar
 	}
 }

-// TokenAuth returns a Gin middleware that validates token authentication
-func (m *AuthMiddleware) TokenAuth() gin.HandlerFunc {
-	return func(c *gin.Context) {
-		// Extract token from Authorization header
-		token, err := extractToken(c)
-		if err != nil {
-			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{
-				"error": err.Error(),
-			})
-			return
-		}
+// TokenAuth returns an Echo middleware that validates token authentication
+func (m *AuthMiddleware) TokenAuth() echo.MiddlewareFunc {
+	return func(next echo.HandlerFunc) echo.HandlerFunc {
+		return func(c echo.Context) error {
+			// Extract token from Authorization header
+			token, err := extractToken(c)
+			if err != nil {
+				return apperrors.Unauthorized("error.not_authenticated")
+			}

-		// Try to get user from cache first
-		user, err := m.getUserFromCache(c.Request.Context(), token)
-		if err == nil && user != nil {
-			// Cache hit - set user in context and continue
+			// Try to get user from cache first
+			user, err := m.getUserFromCache(c.Request().Context(), token)
+			if err == nil && user != nil {
+				// Cache hit - set user in context and continue
+				c.Set(AuthUserKey, user)
+				c.Set(AuthTokenKey, token)
+				return next(c)
+			}
+
+			// Cache miss - look up token in database
+			user, err = m.getUserFromDatabase(token)
+			if err != nil {
+				log.Debug().Err(err).Str("token", token[:8]+"...").Msg("Token authentication failed")
+				return apperrors.Unauthorized("error.invalid_token")
+			}
+
+			// Cache the user ID for future requests
+			if cacheErr := m.cacheUserID(c.Request().Context(), token, user.ID); cacheErr != nil {
+				log.Warn().Err(cacheErr).Msg("Failed to cache user ID")
+			}
+
+			// Set user in context
 			c.Set(AuthUserKey, user)
 			c.Set(AuthTokenKey, token)
-			c.Next()
-			return
+			return next(c)
 		}
-
-		// Cache miss - look up token in database
-		user, err = m.getUserFromDatabase(token)
-		if err != nil {
-			log.Debug().Err(err).Str("token", token[:8]+"...").Msg("Token authentication failed")
-			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{
-				"error": "Invalid token",
-			})
-			return
-		}
-
-		// Cache the user ID for future requests
-		if cacheErr := m.cacheUserID(c.Request.Context(), token, user.ID); cacheErr != nil {
-			log.Warn().Err(cacheErr).Msg("Failed to cache user ID")
-		}
-
-		// Set user in context
-		c.Set(AuthUserKey, user)
-		c.Set(AuthTokenKey, token)
-		c.Next()
 	}
 }

 // OptionalTokenAuth returns middleware that authenticates if token is present but doesn't require it
-func (m *AuthMiddleware) OptionalTokenAuth() gin.HandlerFunc {
-	return func(c *gin.Context) {
-		token, err := extractToken(c)
-		if err != nil {
-			// No token or invalid format - continue without user
-			c.Next()
-			return
-		}
+func (m *AuthMiddleware) OptionalTokenAuth() echo.MiddlewareFunc {
+	return func(next echo.HandlerFunc) echo.HandlerFunc {
+		return func(c echo.Context) error {
+			token, err := extractToken(c)
+			if err != nil {
+				// No token or invalid format - continue without user
+				return next(c)
+			}

-		// Try cache first
-		user, err := m.getUserFromCache(c.Request.Context(), token)
-		if err == nil && user != nil {
-			c.Set(AuthUserKey, user)
-			c.Set(AuthTokenKey, token)
-			c.Next()
-			return
-		}
+			// Try cache first
+			user, err := m.getUserFromCache(c.Request().Context(), token)
+			if err == nil && user != nil {
+				c.Set(AuthUserKey, user)
+				c.Set(AuthTokenKey, token)
+				return next(c)
+			}

-		// Try database
-		user, err = m.getUserFromDatabase(token)
-		if err == nil {
-			m.cacheUserID(c.Request.Context(), token, user.ID)
-			c.Set(AuthUserKey, user)
-			c.Set(AuthTokenKey, token)
-		}
+			// Try database
+			user, err = m.getUserFromDatabase(token)
+			if err == nil {
+				m.cacheUserID(c.Request().Context(), token, user.ID)
+				c.Set(AuthUserKey, user)
+				c.Set(AuthTokenKey, token)
+			}

-		c.Next()
+			return next(c)
+		}
 	}
 }

 // extractToken extracts the token from the Authorization header
-func extractToken(c *gin.Context) (string, error) {
-	authHeader := c.GetHeader("Authorization")
+func extractToken(c echo.Context) (string, error) {
+	authHeader := c.Request().Header.Get("Authorization")
 	if authHeader == "" {
 		return "", fmt.Errorf("authorization header required")
 	}
@@ -205,32 +200,29 @@ func (m *AuthMiddleware) InvalidateToken(ctx context.Context, token string) erro
 	return m.cache.InvalidateAuthToken(ctx, token)
 }

-// GetAuthUser retrieves the authenticated user from the Gin context
-func GetAuthUser(c *gin.Context) *models.User {
-	user, exists := c.Get(AuthUserKey)
-	if !exists {
+// GetAuthUser retrieves the authenticated user from the Echo context
+func GetAuthUser(c echo.Context) *models.User {
+	user := c.Get(AuthUserKey)
+	if user == nil {
 		return nil
 	}
 	return user.(*models.User)
 }

-// GetAuthToken retrieves the auth token from the Gin context
-func GetAuthToken(c *gin.Context) string {
-	token, exists := c.Get(AuthTokenKey)
-	if !exists {
+// GetAuthToken retrieves the auth token from the Echo context
+func GetAuthToken(c echo.Context) string {
+	token := c.Get(AuthTokenKey)
+	if token == nil {
 		return ""
 	}
 	return token.(string)
 }

-// MustGetAuthUser retrieves the authenticated user or aborts with 401
-func MustGetAuthUser(c *gin.Context) *models.User {
+// MustGetAuthUser retrieves the authenticated user or returns error with 401
+func MustGetAuthUser(c echo.Context) (*models.User, error) {
 	user := GetAuthUser(c)
 	if user == nil {
-		c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{
-			"error": "Authentication required",
-		})
-		return nil
+		return nil, apperrors.Unauthorized("error.not_authenticated")
 	}
-	return user
+	return user, nil
 }