gems/opal-task/internal/api/handlers/auth.go

package handlers

import (
	"net/http"
	"strconv"

	"git.jnss.me/joakim/opal/internal/engine"
	"github.com/go-chi/chi/v5"
)

// ListAPIKeys returns all API keys for the current user
func ListAPIKeys(w http.ResponseWriter, r *http.Request) {
	// For now, use default user ID (1 - shared user)
	userID := 1

	keys, err := engine.ListAPIKeys(userID)
	if err != nil {
		errorResponse(w, http.StatusInternalServerError, err.Error())
		return
	}

	jsonResponse(w, http.StatusOK, keys)
}

// RevokeAPIKey revokes an API key by ID
func RevokeAPIKey(w http.ResponseWriter, r *http.Request) {
	idStr := chi.URLParam(r, "id")

	keyID, err := strconv.Atoi(idStr)
	if err != nil {
		errorResponse(w, http.StatusBadRequest, "invalid key ID")
		return
	}

	if err := engine.RevokeAPIKey(keyID); err != nil {
		errorResponse(w, http.StatusInternalServerError, err.Error())
		return
	}

	jsonResponse(w, http.StatusOK, map[string]string{"message": "API key revoked"})
}