diff --git a/auth.go b/auth.go index 05a7888..3c3d6c2 100644 --- a/auth.go +++ b/auth.go @@ -108,7 +108,7 @@ func LoginHandler(w http.ResponseWriter, r *http.Request) { json.NewEncoder(w).Encode(LoginResponse{Token: tokenString}) } -// AuthMiddleware is a middleware function that checks for a valid JWT token in the request header and enables CORS. +// authMiddleware is a middleware function that checks for a valid JWT token in the request header and enables CORS. func AuthMiddleware(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { log := GetLogger() @@ -124,11 +124,21 @@ func AuthMiddleware(next http.Handler) http.Handler { return } - // Get the token from the request header + // Check if this is a browser requesting HTML + acceptHeader := r.Header.Get("Accept") + isBrowserRequest := strings.Contains(acceptHeader, "text/html") + + // If it's a browser request for HTML, always serve the React app + if isBrowserRequest { + http.Redirect(w, r, "/index.html", http.StatusSeeOther) + return + } + + // From here on, we're dealing with actual API requests tokenString := r.Header.Get("Authorization") if tokenString == "" { if log != nil { - log.Warn("Request rejected: missing Authorization header") + log.Warn("Request rejected: missing Authorization header for path: %s", r.URL.Path) } http.Error(w, "Authorization header missing", http.StatusUnauthorized) return @@ -178,4 +188,4 @@ func AuthMiddleware(next http.Handler) http.Handler { // Call the next handler in the chain next.ServeHTTP(w, r) }) -} +} \ No newline at end of file diff --git a/main.go b/main.go index b0406e7..32c23b5 100644 --- a/main.go +++ b/main.go @@ -22,19 +22,21 @@ var ( ) func main() { - log := GetLogger() + // Load configuration var err error config, err = loadAndValidateConfig() if err != nil { log.Fatalf("Failed to load config: %v", err) } - log.Printf("Config loaded successfully in main(), DB path %s\n", config.DatabasePath) // Set up logging BEFORE logging config details if err := setupLogging(config.LogFile); err != nil { log.Fatalf("Failed to set up logging: %v", err) } + + log := GetLogger() + log.Printf("Config loaded successfully in main(), DB path %s\n", config.DatabasePath) // Now that logging is set up, log the config details logConfigDetails(config) @@ -65,6 +67,10 @@ func main() { func loadAndValidateConfig() (*Config, error) { configFile := os.Getenv("BOXES_API_CONFIG") + if configFile == "" { + fmt.Println("BOXES_API_CONFIG not set") // print because logger isn't alive yet. + configFile = "./config/config.yaml" + } config, err := LoadConfig(configFile) if err != nil || config == nil { return nil, fmt.Errorf("failed to load config: %v", err)