docs: remove project structure, boring and hard to maintain

refactor: modernize using min()
refactor: replace interface{} by any
2025-12-20 17:35:16 +01:00 · 2025-12-16 15:45:51 +01:00 · 2025-12-16 15:05:23 +01:00 · 2025-12-16 15:02:42 +01:00 · 2025-12-14 21:14:42 +01:00 · 2025-12-14 21:06:15 +01:00
10 changed files with 673 additions and 328 deletions
--- a/README.md
+++ b/README.md
@@ -354,44 +354,6 @@ It will start the application in development mode. You can also run it as a daem
 Then, use `./bin/goyco` to manage the application and notably to seed the database with sample data.
 ### Project Structure
 ```bash
 goyco/
 ├── bin/ # Compiled binaries (created after build)
 ├── cmd/
 │ └── goyco/ # Main CLI application entrypoint
 ├── docker/ # Docker Compose & related files
 ├── docs/ # Documentation and API specs
 ├── internal/
 │ ├── config/ # Configuration management
 │ ├── database/ # Database models and access
 │ ├── dto/ # Data Transfer Objects (DTOs)
 │ ├── e2e/ # End-to-end tests
 │ ├── fuzz/ # Fuzz tests
 │ ├── handlers/ # HTTP handlers
 │ ├── integration/ # Integration tests
 │ ├── middleware/ # HTTP middleware
 │ ├── repositories/ # Data access layer
 │ ├── security/ # Security and auth logic
 │ ├── server/ # HTTP server implementation
 │ ├── services/ # Business logic
 │ ├── static/ # Static web assets
 │ ├── templates/ # HTML templates
 │ ├── testutils/ # Test helpers/utilities
 │ ├── validation/ # Input validation
 │ └── version/ # Version information
 ├── scripts/ # Utility/maintenance scripts
 ├── services/
 │ └── goyco.service # Systemd service unit example
 ├── .env.example # Environment variable example
 ├── AUTHORS # Authors file
 ├── Dockerfile # Docker build file
 ├── LICENSE # License file
 ├── Makefile # Project build/test targets
 └── README.md # This file
 ```
 ### Testing
 ```bash
--- a/cmd/goyco/commands/migrate.go
+++ b/cmd/goyco/commands/migrate.go
@@ -5,9 +5,10 @@ import (
 	"fmt"
 	"os"
 	"gorm.io/gorm"
 	"goyco/internal/config"
 	"goyco/internal/database"
 	"gorm.io/gorm"
 )
 func HandleMigrateCommand(cfg *config.Config, name string, args []string) error {
@@ -37,7 +38,7 @@ func runMigrateCommand(db *gorm.DB) error {
 		return fmt.Errorf("run migrations: %w", err)
 	}
 	if IsJSONOutput() {
-		outputJSON(map[string]interface{}{
+		outputJSON(map[string]any{
 			"action": "migrations_applied",
 			"status": "success",
 		})
--- a/cmd/goyco/commands/parallel_processor.go
+++ b/cmd/goyco/commands/parallel_processor.go
@@ -261,6 +261,7 @@ func processItemsInParallelNoResult[T any](
 ) error {
 	count := len(items)
 	errors := make(chan error, count)
 	completions := make(chan struct{}, count)
 	semaphore := make(chan struct{}, maxWorkers)
 	var wg sync.WaitGroup
@@ -288,20 +289,45 @@ func processItemsInParallelNoResult[T any](
 				return
 			}
-			if progress != nil {
+			completions <- struct{}{}
 				progress.Update(index + 1)
 			}
 		}(i, item)
 	}
 	go func() {
 		wg.Wait()
 		close(errors)
 		close(completions)
 	}()
 	completed := 0
 	firstError := make(chan error, 1)
 	go func() {
 		for err := range errors {
 			if err != nil {
 				select {
 				case firstError <- err:
 				default:
 				}
 				return
 			}
 		}
 	}()
 	for completed < count {
 		select {
 		case _, ok := <-completions:
 			if !ok {
 				return nil
 			}
 			completed++
 			if progress != nil {
 				progress.Update(completed)
 			}
 		case err := <-firstError:
 			return err
 		case <-ctx.Done():
 			return fmt.Errorf("timeout: %w", ctx.Err())
 		}
 	}
--- a/cmd/goyco/commands/parallel_processor_test.go
+++ b/cmd/goyco/commands/parallel_processor_test.go
@@ -2,15 +2,15 @@ package commands_test
 import (
 	"errors"
 	"fmt"
 	"sync"
 	"testing"
 	"golang.org/x/crypto/bcrypt"
 	"goyco/cmd/goyco/commands"
 	"goyco/internal/database"
 	"goyco/internal/repositories"
 	"goyco/internal/testutils"
 	"golang.org/x/crypto/bcrypt"
 )
 func TestParallelProcessor_CreateUsersInParallel(t *testing.T) {
@@ -25,7 +25,7 @@ func TestParallelProcessor_CreateUsersInParallel(t *testing.T) {
 		wantErr     bool
 	}{
 		{
-			name:  "creates users with deterministic fields",
+			name:  "creates users with required fields",
 			count: successCount,
 			repoFactory: func() repositories.UserRepository {
 				base := testutils.NewMockUserRepository()
@@ -37,14 +37,24 @@ func TestParallelProcessor_CreateUsersInParallel(t *testing.T) {
 				if len(got) != successCount {
 					t.Fatalf("expected %d users, got %d", successCount, len(got))
 				}
 				usernames := make(map[string]bool)
 				for i, user := range got {
-					expectedUsername := fmt.Sprintf("user_%d", i+1)
+					if user.Username == "" {
-					expectedEmail := fmt.Sprintf("user_%d@goyco.local", i+1)
+						t.Errorf("user %d expected non-empty username", i)
 					if user.Username != expectedUsername {
 						t.Errorf("user %d username mismatch: got %q want %q", i, user.Username, expectedUsername)
 					}
-					if user.Email != expectedEmail {
+					if len(user.Username) < 6 || user.Username[:5] != "user_" {
-						t.Errorf("user %d email mismatch: got %q want %q", i, user.Email, expectedEmail)
+						t.Errorf("user %d username should start with 'user_', got %q", i, user.Username)
 					}
 					if usernames[user.Username] {
 						t.Errorf("user %d duplicate username: %q", i, user.Username)
 					}
 					usernames[user.Username] = true
 					if user.Email == "" {
 						t.Errorf("user %d expected non-empty email", i)
 					}
 					if len(user.Email) < 20 || user.Email[:5] != "user_" || user.Email[len(user.Email)-12:] != "@goyco.local" {
 						t.Errorf("user %d email should match pattern 'user_*@goyco.local', got %q", i, user.Email)
 					}
 					if !user.EmailVerified {
 						t.Errorf("user %d expected EmailVerified to be true", i)
@@ -83,6 +93,11 @@ func TestParallelProcessor_CreateUsersInParallel(t *testing.T) {
 			t.Parallel()
 			repo := tt.repoFactory()
 			p := commands.NewParallelProcessor()
 			passwordHash, err := bcrypt.GenerateFromPassword([]byte("password123"), bcrypt.DefaultCost)
 			if err != nil {
 				t.Fatalf("failed to generate password hash: %v", err)
 			}
 			p.SetPasswordHash(string(passwordHash))
 			got, gotErr := p.CreateUsersInParallel(repo, tt.count, tt.progress)
 			if gotErr != nil {
 				if !tt.wantErr {
--- a/internal/server/router_test.go
+++ b/internal/server/router_test.go
@@ -3,6 +3,7 @@ package server
 import (
 	"net/http"
 	"net/http/httptest"
 	"strings"
 	"testing"
 	"goyco/internal/config"
@@ -105,9 +106,9 @@ func defaultRateLimitConfig() config.RateLimitConfig {
 	return testutils.AppTestConfig.RateLimit
 }
-func TestAPIRootRouting(t *testing.T) {
+func createDefaultRouterConfig() RouterConfig {
 	authHandler, postHandler, voteHandler, userHandler, apiHandler, authService := setupTestHandlers()
-	router := NewRouter(RouterConfig{
+	return RouterConfig{
 		APIHandler:      apiHandler,
 		AuthHandler:     authHandler,
 		PostHandler:     postHandler,
@@ -115,7 +116,15 @@ func TestAPIRootRouting(t *testing.T) {
 		UserHandler:     userHandler,
 		AuthService:     authService,
 		RateLimitConfig: defaultRateLimitConfig(),
-	})
+	}
 }
 func createTestRouter(cfg RouterConfig) http.Handler {
 	return NewRouter(cfg)
 }
 func TestAPIRootRouting(t *testing.T) {
 	router := createTestRouter(createDefaultRouterConfig())
 	testCases := []struct {
 		name       string
@@ -141,23 +150,23 @@ func TestAPIRootRouting(t *testing.T) {
 }
 func TestProtectedRoutesRequireAuth(t *testing.T) {
-	authHandler, postHandler, voteHandler, userHandler, apiHandler, authService := setupTestHandlers()
+	router := createTestRouter(createDefaultRouterConfig())
 	router := NewRouter(RouterConfig{
 		APIHandler:      apiHandler,
 		AuthHandler:     authHandler,
 		PostHandler:     postHandler,
 		VoteHandler:     voteHandler,
 		UserHandler:     userHandler,
 		AuthService:     authService,
 		RateLimitConfig: defaultRateLimitConfig(),
 	})
 	protectedRoutes := []struct {
 		method string
 		path   string
 	}{
 		{http.MethodGet, "/api/auth/me"},
 		{http.MethodPost, "/api/auth/logout"},
 		{http.MethodPost, "/api/auth/revoke"},
 		{http.MethodPost, "/api/auth/revoke-all"},
 		{http.MethodPut, "/api/auth/email"},
 		{http.MethodPut, "/api/auth/username"},
 		{http.MethodPut, "/api/auth/password"},
 		{http.MethodDelete, "/api/auth/account"},
 		{http.MethodPost, "/api/posts"},
 		{http.MethodPut, "/api/posts/1"},
 		{http.MethodDelete, "/api/posts/1"},
 		{http.MethodPost, "/api/posts/1/vote"},
 		{http.MethodDelete, "/api/posts/1/vote"},
 		{http.MethodGet, "/api/posts/1/vote"},
@@ -183,17 +192,9 @@ func TestProtectedRoutesRequireAuth(t *testing.T) {
 }
 func TestRouterWithDebugMode(t *testing.T) {
-	authHandler, postHandler, voteHandler, userHandler, apiHandler, authService := setupTestHandlers()
+	cfg := createDefaultRouterConfig()
-	router := NewRouter(RouterConfig{
+	cfg.Debug = true
-		Debug:           true,
+	router := createTestRouter(cfg)
 		APIHandler:      apiHandler,
 		AuthHandler:     authHandler,
 		PostHandler:     postHandler,
 		VoteHandler:     voteHandler,
 		UserHandler:     userHandler,
 		AuthService:     authService,
 		RateLimitConfig: defaultRateLimitConfig(),
 	})
 	request := httptest.NewRequest(http.MethodGet, "/api", nil)
 	recorder := httptest.NewRecorder()
@@ -206,16 +207,9 @@ func TestRouterWithDebugMode(t *testing.T) {
 }
 func TestRouterWithCacheDisabled(t *testing.T) {
-	authHandler, postHandler, voteHandler, userHandler, apiHandler, authService := setupTestHandlers()
+	cfg := createDefaultRouterConfig()
-	router := NewRouter(RouterConfig{
+	cfg.DisableCache = true
-		DisableCache: true,
+	router := createTestRouter(cfg)
 		APIHandler:   apiHandler,
 		AuthHandler:  authHandler,
 		PostHandler:  postHandler,
 		VoteHandler:  voteHandler,
 		UserHandler:  userHandler,
 		AuthService:  authService,
 	})
 	request := httptest.NewRequest(http.MethodGet, "/api", nil)
 	recorder := httptest.NewRecorder()
@@ -228,17 +222,9 @@ func TestRouterWithCacheDisabled(t *testing.T) {
 }
 func TestRouterWithCompressionDisabled(t *testing.T) {
-	authHandler, postHandler, voteHandler, userHandler, apiHandler, authService := setupTestHandlers()
+	cfg := createDefaultRouterConfig()
-	router := NewRouter(RouterConfig{
+	cfg.DisableCompression = true
-		DisableCompression: true,
+	router := createTestRouter(cfg)
 		APIHandler:         apiHandler,
 		AuthHandler:        authHandler,
 		PostHandler:        postHandler,
 		VoteHandler:        voteHandler,
 		UserHandler:        userHandler,
 		AuthService:        authService,
 		RateLimitConfig:    defaultRateLimitConfig(),
 	})
 	request := httptest.NewRequest(http.MethodGet, "/api", nil)
 	recorder := httptest.NewRecorder()
@@ -251,19 +237,9 @@ func TestRouterWithCompressionDisabled(t *testing.T) {
 }
 func TestRouterWithCustomDBMonitor(t *testing.T) {
-	authHandler, postHandler, voteHandler, userHandler, apiHandler, authService := setupTestHandlers()
+	cfg := createDefaultRouterConfig()
-	customDBMonitor := middleware.NewInMemoryDBMonitor()
+	cfg.DBMonitor = middleware.NewInMemoryDBMonitor()
-
+	router := createTestRouter(cfg)
 	router := NewRouter(RouterConfig{
 		DBMonitor:       customDBMonitor,
 		APIHandler:      apiHandler,
 		AuthHandler:     authHandler,
 		PostHandler:     postHandler,
 		VoteHandler:     voteHandler,
 		UserHandler:     userHandler,
 		AuthService:     authService,
 		RateLimitConfig: defaultRateLimitConfig(),
 	})
 	request := httptest.NewRequest(http.MethodGet, "/api", nil)
 	recorder := httptest.NewRecorder()
@@ -296,18 +272,9 @@ func TestRouterWithPageHandler(t *testing.T) {
 }
 func TestRouterWithStaticDir(t *testing.T) {
-	authHandler, postHandler, voteHandler, userHandler, apiHandler, authService := setupTestHandlers()
+	cfg := createDefaultRouterConfig()
-
+	cfg.StaticDir = "/custom/static/path"
-	router := NewRouter(RouterConfig{
+	router := createTestRouter(cfg)
 		StaticDir:       "/custom/static/path",
 		APIHandler:      apiHandler,
 		AuthHandler:     authHandler,
 		PostHandler:     postHandler,
 		VoteHandler:     voteHandler,
 		UserHandler:     userHandler,
 		AuthService:     authService,
 		RateLimitConfig: defaultRateLimitConfig(),
 	})
 	request := httptest.NewRequest(http.MethodGet, "/api", nil)
 	recorder := httptest.NewRecorder()
@@ -320,18 +287,9 @@ func TestRouterWithStaticDir(t *testing.T) {
 }
 func TestRouterWithEmptyStaticDir(t *testing.T) {
-	authHandler, postHandler, voteHandler, userHandler, apiHandler, authService := setupTestHandlers()
+	cfg := createDefaultRouterConfig()
-
+	cfg.StaticDir = ""
-	router := NewRouter(RouterConfig{
+	router := createTestRouter(cfg)
 		StaticDir:       "",
 		APIHandler:      apiHandler,
 		AuthHandler:     authHandler,
 		PostHandler:     postHandler,
 		VoteHandler:     voteHandler,
 		UserHandler:     userHandler,
 		AuthService:     authService,
 		RateLimitConfig: defaultRateLimitConfig(),
 	})
 	request := httptest.NewRequest(http.MethodGet, "/api", nil)
 	recorder := httptest.NewRecorder()
@@ -344,20 +302,11 @@ func TestRouterWithEmptyStaticDir(t *testing.T) {
 }
 func TestRouterWithAllFeaturesDisabled(t *testing.T) {
-	authHandler, postHandler, voteHandler, userHandler, apiHandler, authService := setupTestHandlers()
+	cfg := createDefaultRouterConfig()
-
+	cfg.Debug = true
-	router := NewRouter(RouterConfig{
+	cfg.DisableCache = true
-		Debug:              true,
+	cfg.DisableCompression = true
-		DisableCache:       true,
+	router := createTestRouter(cfg)
 		DisableCompression: true,
 		APIHandler:         apiHandler,
 		AuthHandler:        authHandler,
 		PostHandler:        postHandler,
 		VoteHandler:        voteHandler,
 		UserHandler:        userHandler,
 		AuthService:        authService,
 		RateLimitConfig:    defaultRateLimitConfig(),
 	})
 	request := httptest.NewRequest(http.MethodGet, "/api", nil)
 	recorder := httptest.NewRecorder()
@@ -370,15 +319,9 @@ func TestRouterWithAllFeaturesDisabled(t *testing.T) {
 }
 func TestRouterWithoutAPIHandler(t *testing.T) {
-	authHandler, postHandler, voteHandler, userHandler, _, authService := setupTestHandlers()
+	cfg := createDefaultRouterConfig()
-	router := NewRouter(RouterConfig{
+	cfg.APIHandler = nil
-		AuthHandler:     authHandler,
+	router := createTestRouter(cfg)
 		PostHandler:     postHandler,
 		VoteHandler:     voteHandler,
 		UserHandler:     userHandler,
 		AuthService:     authService,
 		RateLimitConfig: defaultRateLimitConfig(),
 	})
 	request := httptest.NewRequest(http.MethodGet, "/api", nil)
 	recorder := httptest.NewRecorder()
@@ -391,17 +334,7 @@ func TestRouterWithoutAPIHandler(t *testing.T) {
 }
 func TestRouterWithoutPageHandler(t *testing.T) {
-	authHandler, postHandler, voteHandler, userHandler, apiHandler, authService := setupTestHandlers()
+	router := createTestRouter(createDefaultRouterConfig())
 	router := NewRouter(RouterConfig{
 		APIHandler:      apiHandler,
 		AuthHandler:     authHandler,
 		PostHandler:     postHandler,
 		VoteHandler:     voteHandler,
 		UserHandler:     userHandler,
 		AuthService:     authService,
 		RateLimitConfig: defaultRateLimitConfig(),
 	})
 	request := httptest.NewRequest(http.MethodGet, "/", nil)
 	recorder := httptest.NewRecorder()
@@ -414,17 +347,7 @@ func TestRouterWithoutPageHandler(t *testing.T) {
 }
 func TestSwaggerRoute(t *testing.T) {
-	authHandler, postHandler, voteHandler, userHandler, apiHandler, authService := setupTestHandlers()
+	router := createTestRouter(createDefaultRouterConfig())
 	router := NewRouter(RouterConfig{
 		APIHandler:      apiHandler,
 		AuthHandler:     authHandler,
 		PostHandler:     postHandler,
 		VoteHandler:     voteHandler,
 		UserHandler:     userHandler,
 		AuthService:     authService,
 		RateLimitConfig: defaultRateLimitConfig(),
 	})
 	request := httptest.NewRequest(http.MethodGet, "/swagger/", nil)
 	recorder := httptest.NewRecorder()
@@ -437,18 +360,9 @@ func TestSwaggerRoute(t *testing.T) {
 }
 func TestStaticFileRoute(t *testing.T) {
-	authHandler, postHandler, voteHandler, userHandler, apiHandler, authService := setupTestHandlers()
+	cfg := createDefaultRouterConfig()
-
+	cfg.StaticDir = "../../internal/static/"
-	router := NewRouter(RouterConfig{
+	router := createTestRouter(cfg)
 		StaticDir:       "../../internal/static/",
 		APIHandler:      apiHandler,
 		AuthHandler:     authHandler,
 		PostHandler:     postHandler,
 		VoteHandler:     voteHandler,
 		UserHandler:     userHandler,
 		AuthService:     authService,
 		RateLimitConfig: defaultRateLimitConfig(),
 	})
 	request := httptest.NewRequest(http.MethodGet, "/static/css/main.css", nil)
 	recorder := httptest.NewRecorder()
@@ -461,17 +375,7 @@ func TestStaticFileRoute(t *testing.T) {
 }
 func TestRouterConfiguration(t *testing.T) {
-	authHandler, postHandler, voteHandler, userHandler, apiHandler, authService := setupTestHandlers()
+	router := createTestRouter(createDefaultRouterConfig())
 	router := NewRouter(RouterConfig{
 		APIHandler:      apiHandler,
 		AuthHandler:     authHandler,
 		PostHandler:     postHandler,
 		VoteHandler:     voteHandler,
 		UserHandler:     userHandler,
 		AuthService:     authService,
 		RateLimitConfig: defaultRateLimitConfig(),
 	})
 	if router == nil {
 		t.Error("Router should not be nil")
@@ -487,29 +391,484 @@ func TestRouterConfiguration(t *testing.T) {
 	}
 }
-func TestRouterMiddlewareIntegration(t *testing.T) {
+func TestAllRoutesExist(t *testing.T) {
-	authHandler, postHandler, voteHandler, userHandler, apiHandler, authService := setupTestHandlers()
+	router := createTestRouter(createDefaultRouterConfig())
-	router := NewRouter(RouterConfig{
+	publicRoutes := []struct {
-		APIHandler:      apiHandler,
+		method      string
-		AuthHandler:     authHandler,
+		path        string
-		PostHandler:     postHandler,
+		description string
-		VoteHandler:     voteHandler,
+	}{
-		UserHandler:     userHandler,
+		{http.MethodGet, "/api", "API info"},
-		AuthService:     authService,
+		{http.MethodGet, "/health", "Health check"},
-		RateLimitConfig: defaultRateLimitConfig(),
+		{http.MethodGet, "/metrics", "Metrics"},
-	})
+		{http.MethodGet, "/robots.txt", "Robots.txt"},
-
+		{http.MethodGet, "/api/posts", "Get posts"},
-	if router == nil {
+		{http.MethodGet, "/api/posts/search", "Search posts"},
-		t.Error("Router should not be nil")
+		{http.MethodGet, "/api/posts/title", "Fetch title from URL"},
 		{http.MethodGet, "/api/posts/1", "Get post by ID"},
 		{http.MethodPost, "/api/auth/register", "Register"},
 		{http.MethodPost, "/api/auth/login", "Login"},
 		{http.MethodPost, "/api/auth/refresh", "Refresh token"},
 		{http.MethodGet, "/api/auth/confirm", "Confirm email"},
 		{http.MethodPost, "/api/auth/resend-verification", "Resend verification"},
 		{http.MethodPost, "/api/auth/forgot-password", "Forgot password"},
 		{http.MethodPost, "/api/auth/reset-password", "Reset password"},
 		{http.MethodPost, "/api/auth/account/confirm", "Confirm account deletion"},
 	}
-	request := httptest.NewRequest(http.MethodGet, "/api", nil)
+	protectedRoutes := []struct {
 		method      string
 		path        string
 		description string
 	}{
 		{http.MethodGet, "/api/auth/me", "Get current user"},
 		{http.MethodPost, "/api/auth/logout", "Logout"},
 		{http.MethodPost, "/api/auth/revoke", "Revoke token"},
 		{http.MethodPost, "/api/auth/revoke-all", "Revoke all tokens"},
 		{http.MethodPut, "/api/auth/email", "Update email"},
 		{http.MethodPut, "/api/auth/username", "Update username"},
 		{http.MethodPut, "/api/auth/password", "Update password"},
 		{http.MethodDelete, "/api/auth/account", "Delete account"},
 		{http.MethodPost, "/api/posts", "Create post"},
 		{http.MethodPut, "/api/posts/1", "Update post"},
 		{http.MethodDelete, "/api/posts/1", "Delete post"},
 		{http.MethodPost, "/api/posts/1/vote", "Cast vote"},
 		{http.MethodDelete, "/api/posts/1/vote", "Remove vote"},
 		{http.MethodGet, "/api/posts/1/vote", "Get user vote"},
 		{http.MethodGet, "/api/posts/1/votes", "Get post votes"},
 		{http.MethodGet, "/api/users", "Get users"},
 		{http.MethodPost, "/api/users", "Create user"},
 		{http.MethodGet, "/api/users/1", "Get user by ID"},
 		{http.MethodGet, "/api/users/1/posts", "Get user posts"},
 	}
 	for _, route := range publicRoutes {
 		t.Run(route.description+" "+route.method+" "+route.path, func(t *testing.T) {
 			invalidMethod := http.MethodPatch
 			switch route.method {
 			case http.MethodGet:
 				invalidMethod = http.MethodDelete
 			case http.MethodPost:
 				invalidMethod = http.MethodGet
 			}
 			request := httptest.NewRequest(invalidMethod, route.path, nil)
 			recorder := httptest.NewRecorder()
 			router.ServeHTTP(recorder, request)
-	if recorder.Code == 0 {
+			routeExists := recorder.Code == http.StatusMethodNotAllowed
-		t.Error("Router should return a status code")
+
 			if !routeExists {
 				request = httptest.NewRequest(route.method, route.path, nil)
 				recorder = httptest.NewRecorder()
 				router.ServeHTTP(recorder, request)
 				if recorder.Code == http.StatusNotFound && route.path != "/api/posts/1" && route.path != "/robots.txt" {
 					t.Errorf("Route %s %s should exist, got 404", route.method, route.path)
 				}
 			}
 		})
 	}
 	for _, route := range protectedRoutes {
 		t.Run(route.description+" "+route.method+" "+route.path, func(t *testing.T) {
 			request := httptest.NewRequest(route.method, route.path, nil)
 			recorder := httptest.NewRecorder()
 			router.ServeHTTP(recorder, request)
 			if recorder.Code == http.StatusNotFound {
 				t.Errorf("Route %s %s should exist, got 404", route.method, route.path)
 			}
 			if recorder.Code != http.StatusUnauthorized {
 				t.Errorf("Protected route %s %s should return 401 without auth, got %d", route.method, route.path, recorder.Code)
 			}
 		})
 	}
 }
 func TestRouteParameters(t *testing.T) {
 	router := createTestRouter(createDefaultRouterConfig())
 	testCases := []struct {
 		name        string
 		method      string
 		pathPattern string
 		testIDs     []string
 		isProtected bool
 	}{
 		{
 			name:        "Get post by ID",
 			method:      http.MethodGet,
 			pathPattern: "/api/posts/{id}",
 			testIDs:     []string{"1", "42", "999", "12345"},
 			isProtected: false,
 		},
 		{
 			name:        "Update post by ID",
 			method:      http.MethodPut,
 			pathPattern: "/api/posts/{id}",
 			testIDs:     []string{"1", "42", "999"},
 			isProtected: true,
 		},
 		{
 			name:        "Delete post by ID",
 			method:      http.MethodDelete,
 			pathPattern: "/api/posts/{id}",
 			testIDs:     []string{"1", "42", "999"},
 			isProtected: true,
 		},
 		{
 			name:        "Get user by ID",
 			method:      http.MethodGet,
 			pathPattern: "/api/users/{id}",
 			testIDs:     []string{"1", "42", "999", "12345"},
 			isProtected: true,
 		},
 		{
 			name:        "Get user posts by user ID",
 			method:      http.MethodGet,
 			pathPattern: "/api/users/{id}/posts",
 			testIDs:     []string{"1", "42", "999", "12345"},
 			isProtected: true,
 		},
 		{
 			name:        "Cast vote for post ID",
 			method:      http.MethodPost,
 			pathPattern: "/api/posts/{id}/vote",
 			testIDs:     []string{"1", "42", "999"},
 			isProtected: true,
 		},
 		{
 			name:        "Remove vote for post ID",
 			method:      http.MethodDelete,
 			pathPattern: "/api/posts/{id}/vote",
 			testIDs:     []string{"1", "42", "999"},
 			isProtected: true,
 		},
 		{
 			name:        "Get user vote for post ID",
 			method:      http.MethodGet,
 			pathPattern: "/api/posts/{id}/vote",
 			testIDs:     []string{"1", "42", "999", "12345"},
 			isProtected: true,
 		},
 		{
 			name:        "Get post votes by post ID",
 			method:      http.MethodGet,
 			pathPattern: "/api/posts/{id}/votes",
 			testIDs:     []string{"1", "42", "999", "12345"},
 			isProtected: true,
 		},
 	}
 	for _, tc := range testCases {
 		t.Run(tc.name, func(t *testing.T) {
 			for _, id := range tc.testIDs {
 				path := replaceID(tc.pathPattern, id)
 				t.Run("ID_"+id, func(t *testing.T) {
 					request := httptest.NewRequest(http.MethodPatch, path, nil)
 					recorder := httptest.NewRecorder()
 					router.ServeHTTP(recorder, request)
 					routeExists := recorder.Code == http.StatusMethodNotAllowed
 					request = httptest.NewRequest(tc.method, path, nil)
 					recorder = httptest.NewRecorder()
 					router.ServeHTTP(recorder, request)
 					if !routeExists {
 						if recorder.Code == http.StatusNotFound {
 							t.Errorf("Route %s %s should exist with ID %s, got 404", tc.method, path, id)
 							return
 						}
 					}
 					if tc.isProtected {
 						if recorder.Code != http.StatusUnauthorized {
 							t.Errorf("Protected route %s %s should return 401 without auth, got %d", tc.method, path, recorder.Code)
 						}
 					}
 				})
 			}
 		})
 	}
 }
 func replaceID(pattern, id string) string {
 	return strings.Replace(pattern, "{id}", id, 1)
 }
 func TestInvalidRouteParameters(t *testing.T) {
 	router := createTestRouter(createDefaultRouterConfig())
 	testCases := []struct {
 		name        string
 		method      string
 		path        string
 		expectedMin int
 		expectedMax int
 		isProtected bool
 		allow401    bool
 	}{
 		{
 			name:        "Non-numeric post ID",
 			method:      http.MethodGet,
 			path:        "/api/posts/abc",
 			expectedMin: http.StatusBadRequest,
 			expectedMax: http.StatusBadRequest,
 			isProtected: false,
 		},
 		{
 			name:        "Negative post ID",
 			method:      http.MethodGet,
 			path:        "/api/posts/-1",
 			expectedMin: http.StatusBadRequest,
 			expectedMax: http.StatusBadRequest,
 			isProtected: false,
 		},
 		{
 			name:        "Zero post ID",
 			method:      http.MethodGet,
 			path:        "/api/posts/0",
 			expectedMin: http.StatusBadRequest,
 			expectedMax: http.StatusNotFound,
 			isProtected: false,
 		},
 		{
 			name:        "Post ID with special characters",
 			method:      http.MethodGet,
 			path:        "/api/posts/123@456",
 			expectedMin: http.StatusBadRequest,
 			expectedMax: http.StatusBadRequest,
 			isProtected: false,
 		},
 		{
 			name:        "Post ID with encoded spaces",
 			method:      http.MethodGet,
 			path:        "/api/posts/12%2034",
 			expectedMin: http.StatusBadRequest,
 			expectedMax: http.StatusBadRequest,
 			isProtected: false,
 		},
 		{
 			name:        "Non-numeric user ID",
 			method:      http.MethodGet,
 			path:        "/api/users/xyz",
 			expectedMin: http.StatusBadRequest,
 			expectedMax: http.StatusUnauthorized,
 			isProtected: true,
 			allow401:    true,
 		},
 		{
 			name:        "Negative user ID",
 			method:      http.MethodGet,
 			path:        "/api/users/-5",
 			expectedMin: http.StatusBadRequest,
 			expectedMax: http.StatusUnauthorized,
 			isProtected: true,
 			allow401:    true,
 		},
 		{
 			name:        "Non-numeric post ID in vote route",
 			method:      http.MethodGet,
 			path:        "/api/posts/invalid/vote",
 			expectedMin: http.StatusBadRequest,
 			expectedMax: http.StatusUnauthorized,
 			isProtected: true,
 			allow401:    true,
 		},
 		{
 			name:        "Very large post ID",
 			method:      http.MethodGet,
 			path:        "/api/posts/999999999999",
 			expectedMin: http.StatusBadRequest,
 			expectedMax: http.StatusNotFound,
 			isProtected: false,
 		},
 	}
 	for _, tc := range testCases {
 		t.Run(tc.name, func(t *testing.T) {
 			request := httptest.NewRequest(tc.method, tc.path, nil)
 			recorder := httptest.NewRecorder()
 			router.ServeHTTP(recorder, request)
 			if tc.isProtected && tc.allow401 {
 				if recorder.Code != http.StatusUnauthorized && (recorder.Code < tc.expectedMin || recorder.Code > tc.expectedMax) {
 					t.Errorf("Protected route %s %s with invalid parameter should return 401 or status between %d and %d, got %d", tc.method, tc.path, tc.expectedMin, tc.expectedMax, recorder.Code)
 				}
 			} else {
 				if recorder.Code < tc.expectedMin || recorder.Code > tc.expectedMax {
 					t.Errorf("Route %s %s should return status between %d and %d, got %d", tc.method, tc.path, tc.expectedMin, tc.expectedMax, recorder.Code)
 				}
 				if recorder.Code != http.StatusNotFound && recorder.Code < 400 {
 					t.Errorf("Route %s %s with invalid parameter should return error status (4xx), got %d", tc.method, tc.path, recorder.Code)
 				}
 			}
 		})
 	}
 }
 func TestQueryParameters(t *testing.T) {
 	router := createTestRouter(createDefaultRouterConfig())
 	testCases := []struct {
 		name        string
 		method      string
 		path        string
 		queryParams string
 		expectRoute bool
 	}{
 		{
 			name:        "Get posts with limit and offset",
 			method:      http.MethodGet,
 			path:        "/api/posts",
 			queryParams: "limit=10&offset=5",
 			expectRoute: true,
 		},
 		{
 			name:        "Get posts with only limit",
 			method:      http.MethodGet,
 			path:        "/api/posts",
 			queryParams: "limit=20",
 			expectRoute: true,
 		},
 		{
 			name:        "Get posts with only offset",
 			method:      http.MethodGet,
 			path:        "/api/posts",
 			queryParams: "offset=10",
 			expectRoute: true,
 		},
 		{
 			name:        "Search posts with query parameter",
 			method:      http.MethodGet,
 			path:        "/api/posts/search",
 			queryParams: "q=test",
 			expectRoute: true,
 		},
 		{
 			name:        "Search posts with query, limit, and offset",
 			method:      http.MethodGet,
 			path:        "/api/posts/search",
 			queryParams: "q=test&limit=15&offset=3",
 			expectRoute: true,
 		},
 		{
 			name:        "Fetch title with URL parameter",
 			method:      http.MethodGet,
 			path:        "/api/posts/title",
 			queryParams: "url=https://example.com",
 			expectRoute: true,
 		},
 		{
 			name:        "Confirm email with token parameter",
 			method:      http.MethodGet,
 			path:        "/api/auth/confirm",
 			queryParams: "token=abc123",
 			expectRoute: true,
 		},
 		{
 			name:        "Get posts with invalid limit",
 			method:      http.MethodGet,
 			path:        "/api/posts",
 			queryParams: "limit=abc",
 			expectRoute: true,
 		},
 		{
 			name:        "Get posts with negative limit",
 			method:      http.MethodGet,
 			path:        "/api/posts",
 			queryParams: "limit=-5",
 			expectRoute: true,
 		},
 		{
 			name:        "Get posts with negative offset",
 			method:      http.MethodGet,
 			path:        "/api/posts",
 			queryParams: "offset=-10",
 			expectRoute: true,
 		},
 	}
 	for _, tc := range testCases {
 		t.Run(tc.name, func(t *testing.T) {
 			fullPath := tc.path
 			if tc.queryParams != "" {
 				fullPath += "?" + tc.queryParams
 			}
 			request := httptest.NewRequest(tc.method, fullPath, nil)
 			recorder := httptest.NewRecorder()
 			router.ServeHTTP(recorder, request)
 			if tc.expectRoute {
 				if recorder.Code == http.StatusNotFound {
 					t.Errorf("Route %s %s should exist with query parameters, got 404", tc.method, fullPath)
 				}
 			}
 		})
 	}
 }
 func TestRouteConflicts(t *testing.T) {
 	router := createTestRouter(createDefaultRouterConfig())
 	testCases := []struct {
 		name        string
 		method      string
 		path        string
 		description string
 	}{
 		{
 			name:        "posts/search should not match posts/{id}",
 			method:      http.MethodGet,
 			path:        "/api/posts/search",
 			description: "search route should be matched, not treated as ID",
 		},
 		{
 			name:        "posts/title should not match posts/{id}",
 			method:      http.MethodGet,
 			path:        "/api/posts/title",
 			description: "title route should be matched, not treated as ID",
 		},
 		{
 			name:        "posts/{id} should work with numeric ID",
 			method:      http.MethodGet,
 			path:        "/api/posts/123",
 			description: "numeric ID should match {id} route",
 		},
 	}
 	for _, tc := range testCases {
 		t.Run(tc.name, func(t *testing.T) {
 			request := httptest.NewRequest(tc.method, tc.path, nil)
 			recorder := httptest.NewRecorder()
 			router.ServeHTTP(recorder, request)
 			switch tc.path {
 			case "/api/posts/search":
 				if recorder.Code == http.StatusNotFound {
 					t.Errorf("%s: Route %s %s should exist (not 404), got %d", tc.description, tc.method, tc.path, recorder.Code)
 				}
 			case "/api/posts/title":
 				if recorder.Code == http.StatusNotFound {
 					t.Errorf("%s: Route %s %s should exist (not 404), got %d", tc.description, tc.method, tc.path, recorder.Code)
 				}
 			case "/api/posts/123":
 				if recorder.Code == http.StatusNotFound {
 					return
 				}
 				if recorder.Code < 400 {
 					t.Errorf("%s: Route %s %s should return 4xx or 5xx, got %d", tc.description, tc.method, tc.path, recorder.Code)
 				}
 			}
 		})
 	}
 }
--- a/internal/services/auth_service.go
+++ b/internal/services/auth_service.go
@@ -1,12 +1,93 @@
 package services
 import (
 	"crypto/rand"
 	"crypto/sha256"
 	"encoding/hex"
 	"errors"
 	"fmt"
 	"net/mail"
 	"strings"
 	"goyco/internal/config"
 	"goyco/internal/database"
 )
 const (
 	defaultTokenExpirationHours  = 24
 	verificationTokenBytes       = 32
 	deletionTokenExpirationHours = 24
 )
 var (
 	ErrInvalidCredentials       = errors.New("invalid credentials")
 	ErrInvalidToken             = errors.New("invalid or expired token")
 	ErrUsernameTaken            = errors.New("username already exists")
 	ErrEmailTaken               = errors.New("email already exists")
 	ErrInvalidEmail             = errors.New("invalid email address")
 	ErrPasswordTooShort         = errors.New("password too short")
 	ErrEmailNotVerified         = errors.New("email not verified")
 	ErrAccountLocked            = errors.New("account is locked")
 	ErrInvalidVerificationToken = errors.New("invalid verification token")
 	ErrEmailSenderUnavailable   = errors.New("email sender not configured")
 	ErrDeletionEmailFailed      = errors.New("account deletion email failed")
 	ErrInvalidDeletionToken     = errors.New("invalid account deletion token")
 	ErrUserNotFound             = errors.New("user not found")
 	ErrDeletionRequestNotFound  = errors.New("deletion request not found")
 )
 type AuthResult struct {
 	AccessToken  string         `json:"access_token" example:"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."`
 	RefreshToken string         `json:"refresh_token" example:"a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6q7r8s9t0"`
 	User         *database.User `json:"user"`
 }
 type RegistrationResult struct {
 	User             *database.User `json:"user"`
 	VerificationSent bool           `json:"verification_sent"`
 }
 func normalizeEmail(email string) (string, error) {
 	trimmed := strings.TrimSpace(email)
 	if trimmed == "" {
 		return "", fmt.Errorf("email is required")
 	}
 	parsed, err := mail.ParseAddress(trimmed)
 	if err != nil {
 		return "", ErrInvalidEmail
 	}
 	return strings.ToLower(parsed.Address), nil
 }
 func generateVerificationToken() (string, string, error) {
 	buf := make([]byte, verificationTokenBytes)
 	if _, err := rand.Read(buf); err != nil {
 		return "", "", fmt.Errorf("generate verification token: %w", err)
 	}
 	token := hex.EncodeToString(buf)
 	hashed := HashVerificationToken(token)
 	return token, hashed, nil
 }
 func HashVerificationToken(token string) string {
 	sum := sha256.Sum256([]byte(token))
 	return hex.EncodeToString(sum[:])
 }
 func sanitizeUser(user *database.User) *database.User {
 	if user == nil {
 		return nil
 	}
 	copy := *user
 	copy.Password = ""
 	copy.EmailVerificationToken = ""
 	return &copy
 }
 type AuthFacade struct {
 	registrationService   *RegistrationService
 	passwordResetService  *PasswordResetService
--- a/internal/services/auth_types.go
+++ b/internal/services/auth_types.go
@@ -1,35 +0,0 @@
 package services
 import (
 	"errors"
 	"goyco/internal/database"
 )
 var (
 	ErrInvalidCredentials       = errors.New("invalid credentials")
 	ErrInvalidToken             = errors.New("invalid or expired token")
 	ErrUsernameTaken            = errors.New("username already exists")
 	ErrEmailTaken               = errors.New("email already exists")
 	ErrInvalidEmail             = errors.New("invalid email address")
 	ErrPasswordTooShort         = errors.New("password too short")
 	ErrEmailNotVerified         = errors.New("email not verified")
 	ErrAccountLocked            = errors.New("account is locked")
 	ErrInvalidVerificationToken = errors.New("invalid verification token")
 	ErrEmailSenderUnavailable   = errors.New("email sender not configured")
 	ErrDeletionEmailFailed      = errors.New("account deletion email failed")
 	ErrInvalidDeletionToken     = errors.New("invalid account deletion token")
 	ErrUserNotFound             = errors.New("user not found")
 	ErrDeletionRequestNotFound  = errors.New("deletion request not found")
 )
 type AuthResult struct {
 	AccessToken  string         `json:"access_token" example:"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."`
 	RefreshToken string         `json:"refresh_token" example:"a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6q7r8s9t0"`
 	User         *database.User `json:"user"`
 }
 type RegistrationResult struct {
 	User             *database.User `json:"user"`
 	VerificationSent bool           `json:"verification_sent"`
 }
--- a/internal/services/auth_utils.go
+++ b/internal/services/auth_utils.go
@@ -1,59 +0,0 @@
 package services
 import (
 	"crypto/rand"
 	"crypto/sha256"
 	"encoding/hex"
 	"fmt"
 	"net/mail"
 	"strings"
 	"goyco/internal/database"
 )
 const (
 	defaultTokenExpirationHours  = 24
 	verificationTokenBytes       = 32
 	deletionTokenExpirationHours = 24
 )
 func normalizeEmail(email string) (string, error) {
 	trimmed := strings.TrimSpace(email)
 	if trimmed == "" {
 		return "", fmt.Errorf("email is required")
 	}
 	parsed, err := mail.ParseAddress(trimmed)
 	if err != nil {
 		return "", ErrInvalidEmail
 	}
 	return strings.ToLower(parsed.Address), nil
 }
 func generateVerificationToken() (string, string, error) {
 	buf := make([]byte, verificationTokenBytes)
 	if _, err := rand.Read(buf); err != nil {
 		return "", "", fmt.Errorf("generate verification token: %w", err)
 	}
 	token := hex.EncodeToString(buf)
 	hashed := HashVerificationToken(token)
 	return token, hashed, nil
 }
 func HashVerificationToken(token string) string {
 	sum := sha256.Sum256([]byte(token))
 	return hex.EncodeToString(sum[:])
 }
 func sanitizeUser(user *database.User) *database.User {
 	if user == nil {
 		return nil
 	}
 	copy := *user
 	copy.Password = ""
 	copy.EmailVerificationToken = ""
 	return &copy
 }
--- a/internal/templates/template_test.go
+++ b/internal/templates/template_test.go
@@ -32,10 +32,7 @@ func templateFuncMap() template.FuncMap {
 			if start >= len(s) {
 				return ""
 			}
-			end := start + length
+			end := min(start+length, len(s))
 			if end > len(s) {
 				end = len(s)
 			}
 			return s[start:end]
 		},
 		"upper": strings.ToUpper,
--- a/scripts/setup-postgres.sh
+++ b/scripts/setup-postgres.sh
@@ -44,5 +44,3 @@ GRANT ALL PRIVILEGES ON DATABASE goyco TO goyco;
 EOF
 echo "PostgreSQL 18 installed, database 'goyco' and user 'goyco' set up."
Author	SHA1	Message	Date
Kharec	07c6b89525	docs: remove project structure, boring and hard to maintain	2025-12-20 17:35:16 +01:00
Kharec	817205d42f	refactor: modernize using min()	2025-12-16 15:45:51 +01:00
Kharec	199ac143a4	refactor: replace interface{} by any	2025-12-16 15:05:23 +01:00
Kharec	aa7e259ed0	format: shfmt	2025-12-16 15:02:42 +01:00
Kharec	4587609e17	refactor: create createTestRouter and test edge cases	2025-12-14 21:14:42 +01:00
Kharec	33da6503e3	test: also test put/delete routes	2025-12-14 21:06:15 +01:00
Kharec	cafc44ed77	test: add a test for route parameters	2025-12-14 21:04:36 +01:00
Kharec	1480135e75	test: verified all routes to exist	2025-12-14 21:02:25 +01:00
Kharec	02a764c736	clean: remove merged files	2025-12-14 20:52:14 +01:00
Kharec	6834ad7764	refactor: merge facade, types and utils into one auth_service.go	2025-12-14 20:52:03 +01:00
Kharec	dcf054046f	test: fix parallel processor test expectations and setup	2025-12-10 07:30:27 +01:00
Kharec	d2a788933d	fix: track completed items in the main loop instead of using the index	2025-12-10 07:29:55 +01:00
`@@ -44,5 +44,3 @@ GRANT ALL PRIVILEGES ON DATABASE goyco TO goyco;`
	`EOF`	`EOF`

	`echo "PostgreSQL 18 installed, database 'goyco' and user 'goyco' set up."`	`echo "PostgreSQL 18 installed, database 'goyco' and user 'goyco' set up."`