handlers/routes.go

package handlers

import (
	"net/http"
	"strconv"

	"nebula/models"
	"nebula/views"
)

func RegisterRoutes(mux *http.ServeMux) {
	mux.HandleFunc("GET /", handleWelcome)
	mux.HandleFunc("GET /welcome", handleWelcome)
	mux.HandleFunc("GET /welcome/step/{step}", handleWelcomeStep)

	mux.HandleFunc("GET /register", handleRegister)
	mux.HandleFunc("GET /register/step/{step}", handleRegisterStep)
	mux.HandleFunc("GET /register/capabilities", handleRegisterCapabilities)
	mux.HandleFunc("POST /register/verify-code", handleRegisterVerifyCode)

	mux.HandleFunc("GET /login", handleLogin)
	mux.HandleFunc("GET /login/step/{step}", handleLoginStep)
	mux.HandleFunc("GET /login/qr-status", handleLoginQRStatus)

	mux.HandleFunc("GET /authorize", handleAuthorize)
	mux.HandleFunc("POST /authorize/approve", handleAuthorizeApprove)
	mux.HandleFunc("POST /authorize/deny", handleAuthorizeDeny)

	mux.HandleFunc("GET /dashboard", handleDashboard)

	mux.HandleFunc("GET /settings", handleSettings)
}

// handleWelcome renders the full welcome page at step 1
func handleWelcome(w http.ResponseWriter, r *http.Request) {
	views.WelcomePage(1).Render(r.Context(), w)
}

// handleWelcomeStep handles HTMX partial updates for step navigation
func handleWelcomeStep(w http.ResponseWriter, r *http.Request) {
	stepStr := r.PathValue("step")
	step, err := strconv.Atoi(stepStr)
	if err != nil || step < 1 || step > 3 {
		step = 1
	}

	// Check if this is an HTMX request
	if r.Header.Get("HX-Request") == "true" {
		// Return step content with OOB stepper update (HTMX 4 pattern)
		views.WelcomeStepWithStepper(step).Render(r.Context(), w)
		return
	}

	views.WelcomePage(step).Render(r.Context(), w)
}

func handleRegister(w http.ResponseWriter, r *http.Request) {
	state := models.RegisterState{Step: 1}
	views.RegisterPage(state).Render(r.Context(), w)
}

func handleRegisterStep(w http.ResponseWriter, r *http.Request) {
	stepStr := r.PathValue("step")
	step, err := strconv.Atoi(stepStr)
	if err != nil || step < 1 || step > 3 {
		step = 1
	}

	method := r.URL.Query().Get("method")
	if method == "" {
		method = "passkey"
	}

	state := models.RegisterState{Step: step, Method: method}

	if r.Header.Get("HX-Request") == "true" {
		views.RegisterStepWithStepper(state).Render(r.Context(), w)
		return
	}

	views.RegisterPage(state).Render(r.Context(), w)
}

func handleRegisterCapabilities(w http.ResponseWriter, r *http.Request) {
	caps := models.DeviceCapabilities{
		Platform:      true,
		CrossPlatform: true,
		Conditional:   true,
	}
	views.CapabilitiesResult(caps).Render(r.Context(), w)
}

func handleRegisterVerifyCode(w http.ResponseWriter, r *http.Request) {
	state := models.RegisterState{Step: 3}
	if r.Header.Get("HX-Request") == "true" {
		views.RegisterStepWithStepper(state).Render(r.Context(), w)
		return
	}
	views.RegisterPage(state).Render(r.Context(), w)
}

func handleLogin(w http.ResponseWriter, r *http.Request) {
	state := models.LoginState{Step: "1"}
	views.LoginPage(state).Render(r.Context(), w)
}

func handleLoginStep(w http.ResponseWriter, r *http.Request) {
	step := r.PathValue("step")
	if step == "" {
		step = "1"
	}

	state := models.LoginState{Step: step}

	if r.Header.Get("HX-Request") == "true" {
		views.LoginStepWithOOB(state).Render(r.Context(), w)
		return
	}

	views.LoginPage(state).Render(r.Context(), w)
}

var qrPollCount = 0

func handleLoginQRStatus(w http.ResponseWriter, r *http.Request) {
	qrPollCount++
	if qrPollCount >= 3 {
		qrPollCount = 0
		views.QRStatusSuccess().Render(r.Context(), w)
		return
	}
	views.QRStatusWaiting().Render(r.Context(), w)
}

func handleAuthorize(w http.ResponseWriter, r *http.Request) {
	reqType := r.URL.Query().Get("type")
	req := models.DefaultAuthRequest(reqType)
	views.AuthorizePage(req).Render(r.Context(), w)
}

func handleAuthorizeApprove(w http.ResponseWriter, r *http.Request) {
	r.ParseForm()
	actionType := r.FormValue("type")
	if actionType == "" {
		actionType = "connect"
	}
	views.AuthResultSuccess(actionType).Render(r.Context(), w)
}

func handleAuthorizeDeny(w http.ResponseWriter, r *http.Request) {
	views.AuthResultDenied().Render(r.Context(), w)
}

func handleDashboard(w http.ResponseWriter, r *http.Request) {
	tab := r.URL.Query().Get("tab")
	if tab == "" {
		tab = "overview"
	}
	data := models.DefaultDashboardData()

	if r.Header.Get("HX-Request") == "true" {
		views.DashboardContent(data, tab).Render(r.Context(), w)
		return
	}

	views.DashboardPage(data, tab).Render(r.Context(), w)
}

func handleSettings(w http.ResponseWriter, r *http.Request) {
	tab := r.URL.Query().Get("tab")
	if tab == "" {
		tab = "profile"
	}
	data := models.DefaultSettingsData()
	views.SettingsPage(data, tab).Render(r.Context(), w)
}
docs(htmx_repo): add v2.0.8 changelog entry 2026-01-05 11:24:23 -05:00			`package handlers`

			`import (`
			`"net/http"`
			`"strconv"`

refactor(components): extract data models into shared models package 2026-01-07 12:38:31 -05:00			`"nebula/models"`
docs(htmx_repo): add v2.0.8 changelog entry 2026-01-05 11:24:23 -05:00			`"nebula/views"`
			`)`

			`func RegisterRoutes(mux *http.ServeMux) {`
			`mux.HandleFunc("GET /", handleWelcome)`
			`mux.HandleFunc("GET /welcome", handleWelcome)`
			`mux.HandleFunc("GET /welcome/step/{step}", handleWelcomeStep)`
feat(handlers): add register routes and handlers for user registration process 2026-01-05 13:34:44 -05:00
			`mux.HandleFunc("GET /register", handleRegister)`
			`mux.HandleFunc("GET /register/step/{step}", handleRegisterStep)`
			`mux.HandleFunc("GET /register/capabilities", handleRegisterCapabilities)`
			`mux.HandleFunc("POST /register/verify-code", handleRegisterVerifyCode)`
chore: remove deprecated templ files and update auth routes BREAKING: migrates to templ from html templates in login, register and welcome pages 2026-01-05 13:44:02 -05:00
			`mux.HandleFunc("GET /login", handleLogin)`
			`mux.HandleFunc("GET /login/step/{step}", handleLoginStep)`
			`mux.HandleFunc("GET /login/qr-status", handleLoginQRStatus)`
feat(did): add web auth for oidc authorization flows 2026-01-05 13:57:11 -05:00
			`mux.HandleFunc("GET /authorize", handleAuthorize)`
			`mux.HandleFunc("POST /authorize/approve", handleAuthorizeApprove)`
			`mux.HandleFunc("POST /authorize/deny", handleAuthorizeDeny)`

			`mux.HandleFunc("GET /dashboard", handleDashboard)`
refactor(components): extract data models into shared models package 2026-01-07 12:38:31 -05:00
			`mux.HandleFunc("GET /settings", handleSettings)`
docs(htmx_repo): add v2.0.8 changelog entry 2026-01-05 11:24:23 -05:00			`}`

			`// handleWelcome renders the full welcome page at step 1`
			`func handleWelcome(w http.ResponseWriter, r *http.Request) {`
			`views.WelcomePage(1).Render(r.Context(), w)`
			`}`

			`// handleWelcomeStep handles HTMX partial updates for step navigation`
			`func handleWelcomeStep(w http.ResponseWriter, r *http.Request) {`
			`stepStr := r.PathValue("step")`
			`step, err := strconv.Atoi(stepStr)`
			`if err != nil \|\| step < 1 \|\| step > 3 {`
			`step = 1`
			`}`

			`// Check if this is an HTMX request`
			`if r.Header.Get("HX-Request") == "true" {`
refactor(welcome): integrate HTMX 4 for dynamic onboarding flows 2026-01-05 13:28:41 -05:00			`// Return step content with OOB stepper update (HTMX 4 pattern)`
			`views.WelcomeStepWithStepper(step).Render(r.Context(), w)`
docs(htmx_repo): add v2.0.8 changelog entry 2026-01-05 11:24:23 -05:00			`return`
			`}`

			`views.WelcomePage(step).Render(r.Context(), w)`
			`}`
feat(handlers): add register routes and handlers for user registration process 2026-01-05 13:34:44 -05:00
			`func handleRegister(w http.ResponseWriter, r *http.Request) {`
refactor(components): extract data models into shared models package 2026-01-07 12:38:31 -05:00			`state := models.RegisterState{Step: 1}`
feat(handlers): add register routes and handlers for user registration process 2026-01-05 13:34:44 -05:00			`views.RegisterPage(state).Render(r.Context(), w)`
			`}`

			`func handleRegisterStep(w http.ResponseWriter, r *http.Request) {`
			`stepStr := r.PathValue("step")`
			`step, err := strconv.Atoi(stepStr)`
			`if err != nil \|\| step < 1 \|\| step > 3 {`
			`step = 1`
			`}`

			`method := r.URL.Query().Get("method")`
			`if method == "" {`
			`method = "passkey"`
			`}`

refactor(components): extract data models into shared models package 2026-01-07 12:38:31 -05:00			`state := models.RegisterState{Step: step, Method: method}`
feat(handlers): add register routes and handlers for user registration process 2026-01-05 13:34:44 -05:00
			`if r.Header.Get("HX-Request") == "true" {`
			`views.RegisterStepWithStepper(state).Render(r.Context(), w)`
			`return`
			`}`

			`views.RegisterPage(state).Render(r.Context(), w)`
			`}`

			`func handleRegisterCapabilities(w http.ResponseWriter, r *http.Request) {`
refactor(components): extract data models into shared models package 2026-01-07 12:38:31 -05:00			`caps := models.DeviceCapabilities{`
feat(handlers): add register routes and handlers for user registration process 2026-01-05 13:34:44 -05:00			`Platform: true,`
			`CrossPlatform: true,`
			`Conditional: true,`
			`}`
			`views.CapabilitiesResult(caps).Render(r.Context(), w)`
			`}`

			`func handleRegisterVerifyCode(w http.ResponseWriter, r *http.Request) {`
refactor(components): extract data models into shared models package 2026-01-07 12:38:31 -05:00			`state := models.RegisterState{Step: 3}`
feat(handlers): add register routes and handlers for user registration process 2026-01-05 13:34:44 -05:00			`if r.Header.Get("HX-Request") == "true" {`
			`views.RegisterStepWithStepper(state).Render(r.Context(), w)`
			`return`
			`}`
			`views.RegisterPage(state).Render(r.Context(), w)`
			`}`
chore: remove deprecated templ files and update auth routes BREAKING: migrates to templ from html templates in login, register and welcome pages 2026-01-05 13:44:02 -05:00
			`func handleLogin(w http.ResponseWriter, r *http.Request) {`
refactor(components): extract data models into shared models package 2026-01-07 12:38:31 -05:00			`state := models.LoginState{Step: "1"}`
chore: remove deprecated templ files and update auth routes BREAKING: migrates to templ from html templates in login, register and welcome pages 2026-01-05 13:44:02 -05:00			`views.LoginPage(state).Render(r.Context(), w)`
			`}`

			`func handleLoginStep(w http.ResponseWriter, r *http.Request) {`
			`step := r.PathValue("step")`
			`if step == "" {`
			`step = "1"`
			`}`

refactor(components): extract data models into shared models package 2026-01-07 12:38:31 -05:00			`state := models.LoginState{Step: step}`
chore: remove deprecated templ files and update auth routes BREAKING: migrates to templ from html templates in login, register and welcome pages 2026-01-05 13:44:02 -05:00
			`if r.Header.Get("HX-Request") == "true" {`
			`views.LoginStepWithOOB(state).Render(r.Context(), w)`
			`return`
			`}`

			`views.LoginPage(state).Render(r.Context(), w)`
			`}`

			`var qrPollCount = 0`

			`func handleLoginQRStatus(w http.ResponseWriter, r *http.Request) {`
			`qrPollCount++`
			`if qrPollCount >= 3 {`
			`qrPollCount = 0`
			`views.QRStatusSuccess().Render(r.Context(), w)`
			`return`
			`}`
			`views.QRStatusWaiting().Render(r.Context(), w)`
			`}`
feat(did): add web auth for oidc authorization flows 2026-01-05 13:57:11 -05:00
			`func handleAuthorize(w http.ResponseWriter, r *http.Request) {`
			`reqType := r.URL.Query().Get("type")`
refactor(components): extract data models into shared models package 2026-01-07 12:38:31 -05:00			`req := models.DefaultAuthRequest(reqType)`
feat(did): add web auth for oidc authorization flows 2026-01-05 13:57:11 -05:00			`views.AuthorizePage(req).Render(r.Context(), w)`
			`}`

			`func handleAuthorizeApprove(w http.ResponseWriter, r *http.Request) {`
			`r.ParseForm()`
			`actionType := r.FormValue("type")`
			`if actionType == "" {`
			`actionType = "connect"`
			`}`
			`views.AuthResultSuccess(actionType).Render(r.Context(), w)`
			`}`

			`func handleAuthorizeDeny(w http.ResponseWriter, r *http.Request) {`
			`views.AuthResultDenied().Render(r.Context(), w)`
			`}`

			`func handleDashboard(w http.ResponseWriter, r *http.Request) {`
			`tab := r.URL.Query().Get("tab")`
			`if tab == "" {`
refactor(handlers): change default tab to 'overview' for dashboard 2026-01-05 15:39:40 -05:00			`tab = "overview"`
feat(did): add web auth for oidc authorization flows 2026-01-05 13:57:11 -05:00			`}`
refactor(components): extract data models into shared models package 2026-01-07 12:38:31 -05:00			`data := models.DefaultDashboardData()`
refactor(components): extract breadcrumb into sub-components fix(docs): document breadcrumb components refactor(sdk): migrate to new navigation components feat(sdk): create isolated sidebar component breaking(components): deprecate old topbar component feat(components): create new topbar components feat(components): create user dropdown feat(components): create breadcrumb feat(components): create navigation items docs(components): document new components perf(components): improve performance of sidebar test(components): add test for navigation components 2026-01-05 18:41:05 -05:00
			`if r.Header.Get("HX-Request") == "true" {`
			`views.DashboardContent(data, tab).Render(r.Context(), w)`
			`return`
			`}`

feat(did): add web auth for oidc authorization flows 2026-01-05 13:57:11 -05:00			`views.DashboardPage(data, tab).Render(r.Context(), w)`
			`}`
refactor(components): extract data models into shared models package 2026-01-07 12:38:31 -05:00
			`func handleSettings(w http.ResponseWriter, r *http.Request) {`
			`tab := r.URL.Query().Get("tab")`
			`if tab == "" {`
			`tab = "profile"`
			`}`
			`data := models.DefaultSettingsData()`
			`views.SettingsPage(data, tab).Render(r.Context(), w)`
			`}`