Skripsi_Valentino_5103022014/backend/cmd/main.go

package main

import (
	"net/http"
	"s-class-backend/config"
	"s-class-backend/controllers"
	"s-class-backend/middleware"
	"s-class-backend/models"

	"github.com/gin-gonic/gin"
)

func main() {
	// 1. Konek Database
	config.ConnectDatabase()

	// 2. AutoMigrate
	config.DB.AutoMigrate(&models.User{}, &models.Room{}, &models.Booking{}, &models.ClassSchedule{})

	r := gin.Default()

	// 3. CORS Middleware (Panggil fungsinya di sini)
	r.Use(CORSMiddleware())

	r.GET("/", func(c *gin.Context) {
		c.JSON(http.StatusOK, gin.H{"message": "Server S-CLASS Backend Berjalan!"})
	})

	// 4. Routes
	auth := r.Group("/api/auth")
	{
		auth.POST("/register", controllers.Register)
		auth.POST("/login", controllers.Login)
	}

	r.POST("/api/verify-code", controllers.VerifyRedeemCode)

	// --- RUTE YANG DILINDUNGI TOKEN (UNTUK WEB) ---
	protected := r.Group("/api")
	protected.Use(middleware.AuthMiddleware())
	{
		protected.GET("/profile", func(c *gin.Context) {
			userID, _ := c.Get("user_id")
			role, _ := c.Get("role")
			c.JSON(http.StatusOK, gin.H{"message": "Masuk!", "user_id": userID, "role": role})
		})

		// Rooms
		protected.GET("/rooms", controllers.GetRooms)
		protected.POST("/rooms", controllers.CreateRoom)

		// Bookings
		protected.POST("/bookings", controllers.CreateBooking)
		protected.GET("/bookings", controllers.GetAllBookings)
		protected.PUT("/bookings/:id/status", controllers.UpdateBookingStatus)
		protected.GET("/my-bookings", controllers.GetMyBookings)

		// Admin (Manage Rooms)
		protected.PUT("/admin/rooms/:id/status", controllers.UpdateRoomStatus)

		// Jadwal Kuliah (Untuk Halaman Web Admin)
		protected.GET("/schedules", controllers.GetSchedules)
		protected.POST("/schedules", controllers.CreateSchedule)
		protected.PUT("/schedules/:id", controllers.UpdateSchedule)
		protected.DELETE("/schedules/:id", controllers.DeleteSchedule)
	}

	// 5. Jalur IoT ESP32 & Kontrol Daya
	r.POST("/api/sensor/energy", controllers.UpdateRoomPower)
	r.POST("/api/hardware/verify", controllers.VerifyHardwareCode)
	r.POST("/api/hardware/control", controllers.ControlHardware)
	r.GET("/api/hardware/status", controllers.GetHardwareStatus)
	r.GET("/api/hardware/power-status", controllers.GetPowerStatus)
	r.POST("/api/power/global", controllers.GlobalPowerControl)

	r.Run(":8080")
}

// =========================================================================
// FUNGSI MIDDLEWARE HARUS DITULIS DI LUAR FUNGSI MAIN
// =========================================================================
func CORSMiddleware() gin.HandlerFunc {
	return func(c *gin.Context) {
		c.Writer.Header().Set("Access-Control-Allow-Origin", "*")
		c.Writer.Header().Set("Access-Control-Allow-Credentials", "true")
		c.Writer.Header().Set("Access-Control-Allow-Headers", "Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With")
		// Pastikan DELETE sudah masuk di sini
		c.Writer.Header().Set("Access-Control-Allow-Methods", "POST, OPTIONS, GET, PUT, PATCH, DELETE")

		if c.Request.Method == "OPTIONS" {
			c.AbortWithStatus(204)
			return
		}
		c.Next()
	}
}