fix all issues

handlers/authorize.go

@@ -2,13 +2,33 @@ package handlers
 
 import (
 	"authorization/helper"
+	"authorization/middleware"
 	"authorization/models"
 	"authorization/services"
 	"encoding/json"
 	"net/http"
 )
 
+// AuthorizeHandler godoc
+// @Summary Check user authorization
+// @Description Validates if a user has permission to perform an action on a resource
+// @Tags authorization
+// @Accept json
+// @Produce json
+// @Param request body models.AuthorizationRequest true "Authorization request"
+// @Success 200 {object} models.AuthorizationResponse
+// @Failure 400 {object} map[string]string
+// @Failure 401 {object} map[string]string
+// @Failure 403 {object} map[string]string
+// @Security BearerToken
+// @Router /v1/auth/check [post]
 func AuthorizeHandler(w http.ResponseWriter, r *http.Request) {
+	// Get claims from JWT middleware
+	claims, ok := middleware.GetClaims(r)
+	if !ok {
+		helper.RespondWithError(w, http.StatusUnauthorized, "Unauthorized")
+		return
+	}
 
 	var request models.AuthorizationRequest
 
@@ -18,9 +38,29 @@ func AuthorizeHandler(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	allowed := services.Authorize()
-	if !allowed {
-		helper.RespondWithError(w, http.StatusForbidden, "Access denied")
+	// Validate request
+	if request.UserID == "" || request.Resource == "" || request.Action == "" {
+		helper.RespondWithError(w, http.StatusBadRequest, "Missing required fields")
 		return
 	}
+
+	allowed, reason := services.Authorize(claims, &request)
+	if !allowed {
+		response := models.AuthorizationResponse{
+			Allowed: false,
+			Reason:  reason,
+		}
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusForbidden)
+		json.NewEncoder(w).Encode(response)
+		return
+	}
+
+	// Success response
+	response := models.AuthorizationResponse{
+		Allowed: true,
+		Reason:  "Access granted",
+	}
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(response)
 }