feat: add path prefixes for routers

backend/config/config.go

@@ -240,8 +240,9 @@ func (c *Cookie) GetName() string {
 type ServerSettings struct {
 	// The Address to listen on in the form of host:port
 	// See net.Dial for details of the address format.
-	Address string `yaml:"address" json:"address,omitempty" koanf:"address"`
-	Cors    Cors   `yaml:"cors" json:"cors,omitempty" koanf:"cors"`
+	Address    string `yaml:"address" json:"address,omitempty" koanf:"address"`
+	PathPrefix string `yaml:"path_prefix" json:"path_prefix,omitempty" koanf:"path_prefix" split_words:"true"`
+	Cors       Cors   `yaml:"cors" json:"cors,omitempty" koanf:"cors"`
 }
 
 type Cors struct {

backend/handler/admin_router.go

@@ -15,7 +15,11 @@ func NewAdminRouter(cfg *config.Config, persister persistence.Persister, prometh
 	e := echo.New()
 	e.Renderer = template.NewTemplateRenderer()
 	e.HideBanner = true
+
 	g := e.Group("")
+	if len(cfg.Server.Admin.PathPrefix) > 0 {
+		g = e.Group(cfg.Server.Admin.PathPrefix)
+	}
 
 	e.HTTPErrorHandler = dto.NewHTTPErrorHandler(dto.HTTPErrorHandlerConfig{Debug: false, Logger: e.Logger})
 	e.Use(middleware.RequestID())

backend/handler/public_router.go

@@ -18,11 +18,14 @@ import (
 
 func NewPublicRouter(cfg *config.Config, persister persistence.Persister, prometheus echo.MiddlewareFunc) *echo.Echo {
 	e := echo.New()
-
 	e.Renderer = template.NewTemplateRenderer()
-
 	e.HideBanner = true
 
+	g := e.Group("")
+	if len(cfg.Server.Public.PathPrefix) > 0 {
+		g = e.Group(cfg.Server.Public.PathPrefix)
+	}
+
 	e.HTTPErrorHandler = dto.NewHTTPErrorHandler(dto.HTTPErrorHandlerConfig{Debug: false, Logger: e.Logger})
 	e.Use(middleware.RequestID())
 	e.Use(hankoMiddleware.GetLoggerMiddleware())
@@ -75,26 +78,26 @@ func NewPublicRouter(cfg *config.Config, persister persistence.Persister, promet
 	if cfg.Password.Enabled {
 		passwordHandler := NewPasswordHandler(persister, sessionManager, cfg, auditLogger)
 
-		password := e.Group("/password")
+		password := g.Group("/password")
 		password.PUT("", passwordHandler.Set, sessionMiddleware)
 		password.POST("/login", passwordHandler.Login)
 	}
 
 	userHandler := NewUserHandler(cfg, persister, sessionManager, auditLogger)
 	statusHandler := NewStatusHandler(persister)
 
-	e.GET("/", statusHandler.Status)
-	e.GET("/me", userHandler.Me, sessionMiddleware)
+	g.GET("/", statusHandler.Status)
+	g.GET("/me", userHandler.Me, sessionMiddleware)
 
-	user := e.Group("/users")
+	user := g.Group("/users")
 	user.POST("", userHandler.Create)
 	user.GET("/:id", userHandler.Get, sessionMiddleware)
 
-	e.POST("/user", userHandler.GetUserIdByEmail)
-	e.POST("/logout", userHandler.Logout, sessionMiddleware)
+	g.POST("/user", userHandler.GetUserIdByEmail)
+	g.POST("/logout", userHandler.Logout, sessionMiddleware)
 
 	if cfg.Account.AllowDeletion {
-		e.DELETE("/user", userHandler.Delete, sessionMiddleware)
+		g.DELETE("/user", userHandler.Delete, sessionMiddleware)
 	}
 
 	healthHandler := NewHealthHandler()
@@ -124,7 +127,7 @@ func NewPublicRouter(cfg *config.Config, persister persistence.Persister, promet
 		panic(fmt.Errorf("failed to create public email handler: %w", err))
 	}
 
-	webauthn := e.Group("/webauthn")
+	webauthn := g.Group("/webauthn")
 	webauthnRegistration := webauthn.Group("/registration", sessionMiddleware)
 	webauthnRegistration.POST("/initialize", webauthnHandler.BeginRegistration)
 	webauthnRegistration.POST("/finalize", webauthnHandler.FinishRegistration)
@@ -138,25 +141,25 @@ func NewPublicRouter(cfg *config.Config, persister persistence.Persister, promet
 	webauthnCredentials.PATCH("/:id", webauthnHandler.UpdateCredential)
 	webauthnCredentials.DELETE("/:id", webauthnHandler.DeleteCredential)
 
-	passcode := e.Group("/passcode")
+	passcode := g.Group("/passcode")
 	passcodeLogin := passcode.Group("/login")
 	passcodeLogin.POST("/initialize", passcodeHandler.Init)
 	passcodeLogin.POST("/finalize", passcodeHandler.Finish)
 
-	email := e.Group("/emails", sessionMiddleware)
+	email := g.Group("/emails", sessionMiddleware)
 	email.GET("", emailHandler.List)
 	email.POST("", emailHandler.Create)
 	email.DELETE("/:id", emailHandler.Delete)
 	email.POST("/:id/set_primary", emailHandler.SetPrimaryEmail)
 
 	thirdPartyHandler := NewThirdPartyHandler(cfg, persister, sessionManager, auditLogger)
-	thirdparty := e.Group("thirdparty")
+	thirdparty := g.Group("thirdparty")
 	thirdparty.GET("/auth", thirdPartyHandler.Auth)
 	thirdparty.GET("/callback", thirdPartyHandler.Callback)
 	thirdparty.POST("/callback", thirdPartyHandler.CallbackPost)
 
 	tokenHandler := NewTokenHandler(cfg, persister, sessionManager, auditLogger)
-	e.POST("/token", tokenHandler.Validate)
+	g.POST("/token", tokenHandler.Validate)
 
 	return e
 }