feat: add public watchlist export

This commit is contained in:
2026-06-29 13:39:35 +02:00
parent 1e6ac5e854
commit be71ec91c8
7 changed files with 422 additions and 47 deletions

View File

@@ -272,6 +272,26 @@ func TestAuthMiddlewareRejectsUnauthenticatedRequests(t *testing.T) {
}
}
func TestAuthMiddlewareAllowsPublicWatchlistAPI(t *testing.T) {
gin.SetMode(gin.TestMode)
svc := &fakeAuthService{validateErr: errors.New("no auth")}
router := gin.New()
router.Use(AuthMiddleware(svc))
router.GET("/api/public/users/:userID/watchlist", func(c *gin.Context) { c.Status(http.StatusOK) })
rec := httptest.NewRecorder()
req := httptest.NewRequestWithContext(context.Background(), http.MethodGet, "/api/public/users/user-42/watchlist", nil)
router.ServeHTTP(rec, req)
if rec.Code != http.StatusOK {
t.Fatalf("status = %d, want %d", rec.Code, http.StatusOK)
}
if svc.validateSessionCalled || svc.validateAPITokenCalled {
t.Fatalf("public watchlist endpoint should not authenticate")
}
}
type fakeAuthService struct {
user *domain.User

View File

@@ -30,6 +30,9 @@ var publicRoutes = []publicRoute{
// Auth API.
{method: http.MethodPost, path: "/api/auth/login"},
// Explicitly public, read-only API resources.
{method: http.MethodGet, path: "/api/public/", prefix: true},
}
func isPublicRequest(method string, path string) bool {