From 6dc69881e6c0a22c2fc47f6b493bb7886cb8bf5d Mon Sep 17 00:00:00 2001
From: bmf-san <bmf.infomation@gmail.com>
Date: Sun, 8 Jan 2023 00:10:01 +0900
Subject: [PATCH] [update] go pkgs and routes setting

---
 app/go.mod                       |  12 +--
 app/go.sum                       |  37 +++++----
 app/infrastructure/middleware.go |   2 +-
 app/infrastructure/router.go     | 134 +++++++++----------------------
 4 files changed, 67 insertions(+), 118 deletions(-)

diff --git a/app/go.mod b/app/go.mod
index 5350fa4..ab90a81 100644
--- a/app/go.mod
+++ b/app/go.mod
@@ -3,19 +3,19 @@ module github.com/bmf-san/gobel-api/app
 go 1.19
 
 require (
-	github.com/bmf-san/goblin v0.0.0-20220803014351-7290b2e17c5e
+	github.com/bmf-san/goblin v0.0.0-20230107162049-721d2630c05c
 	github.com/bmf-san/golem v0.0.0-20210221133857-7ecb33f0ca76
-	golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa
+	golang.org/x/crypto v0.5.0
 )
 
 require (
-	github.com/go-redis/redis/v9 v9.0.0-beta.2
-	github.com/go-sql-driver/mysql v1.6.0
-	github.com/golang-jwt/jwt/v4 v4.4.2
+	github.com/go-redis/redis/v9 v9.0.0-rc.2
+	github.com/go-sql-driver/mysql v1.7.0
+	github.com/golang-jwt/jwt/v4 v4.4.3
 	github.com/google/uuid v1.3.0
 )
 
 require (
-	github.com/cespare/xxhash/v2 v2.1.2 // indirect
+	github.com/cespare/xxhash/v2 v2.2.0 // indirect
 	github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect
 )
diff --git a/app/go.sum b/app/go.sum
index db1b2d1..2d56228 100644
--- a/app/go.sum
+++ b/app/go.sum
@@ -1,28 +1,31 @@
-github.com/bmf-san/goblin v0.0.0-20220803014351-7290b2e17c5e h1:DcbQWevrYzfI+D7SJuK+YggbUByp2aP7TGlFmru6aqg=
-github.com/bmf-san/goblin v0.0.0-20220803014351-7290b2e17c5e/go.mod h1:/zoFMy/CFURR5N5AHbIwFPf/3fZs3VzovMZKuQ40r2s=
+github.com/bmf-san/goblin v0.0.0-20230107162049-721d2630c05c h1:DTu6l4v8cu7VRImS3nWRQqA5cW+nQE77WejXbJtR85k=
+github.com/bmf-san/goblin v0.0.0-20230107162049-721d2630c05c/go.mod h1:/zoFMy/CFURR5N5AHbIwFPf/3fZs3VzovMZKuQ40r2s=
 github.com/bmf-san/golem v0.0.0-20210221133857-7ecb33f0ca76 h1:eZRVFcQ82z1uPDYQzI71M5zXwpjvrD3tLy+uc0txC6E=
 github.com/bmf-san/golem v0.0.0-20210221133857-7ecb33f0ca76/go.mod h1:v2YJqaEietOXsYUQVOJeBNIxAGrn4GCeWbfpVzAndRE=
-github.com/cespare/xxhash/v2 v2.1.2 h1:YRXhKfTDauu4ajMg1TPgFO5jnlC2HCbmLXMcTG5cbYE=
-github.com/cespare/xxhash/v2 v2.1.2/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
+github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44=
+github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f h1:lO4WD4F/rVNCu3HqELle0jiPLLBs70cWOduZpkS1E78=
 github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f/go.mod h1:cuUVRXasLTGF7a8hSLbxyZXjz+1KgoB3wDUb6vlszIc=
 github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4=
-github.com/go-redis/redis/v9 v9.0.0-beta.2 h1:ZSr84TsnQyKMAg8gnV+oawuQezeJR11/09THcWCQzr4=
-github.com/go-redis/redis/v9 v9.0.0-beta.2/go.mod h1:Bldcd/M/bm9HbnNPi/LUtYBSD8ttcZYBMupwMXhdU0o=
-github.com/go-sql-driver/mysql v1.6.0 h1:BCTh4TKNUYmOmMUcQ3IipzF5prigylS7XXjEkfCHuOE=
-github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=
-github.com/golang-jwt/jwt/v4 v4.4.2 h1:rcc4lwaZgFMCZ5jxF9ABolDcIHdBytAFgqFPbSJQAYs=
-github.com/golang-jwt/jwt/v4 v4.4.2/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
-github.com/google/go-cmp v0.5.8 h1:e6P7q2lk1O+qJJb4BtCQXlK8vWEO8V1ZeuEdJNOqZyg=
+github.com/go-redis/redis/v9 v9.0.0-rc.2 h1:IN1eI8AvJJeWHjMW/hlFAv2sAfvTun2DVksDDJ3a6a0=
+github.com/go-redis/redis/v9 v9.0.0-rc.2/go.mod h1:cgBknjwcBJa2prbnuHH/4k/Mlj4r0pWNV2HBanHujfY=
+github.com/go-sql-driver/mysql v1.7.0 h1:ueSltNNllEqE3qcWBTD0iQd3IpL/6U+mJxLkazJ7YPc=
+github.com/go-sql-driver/mysql v1.7.0/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI=
+github.com/golang-jwt/jwt/v4 v4.4.3 h1:Hxl6lhQFj4AnOX6MLrsCb/+7tCj7DxP7VA+2rDIq5AU=
+github.com/golang-jwt/jwt/v4 v4.4.3/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
+github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
 github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
 github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE=
 github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE=
-github.com/onsi/gomega v1.20.0 h1:8W0cWlwFkflGPLltQvLRB7ZVD5HuP6ng320w2IS245Q=
-golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa h1:zuSxTR4o9y82ebqCUJYNGJbGPo6sKVl54f/TVDObg1c=
-golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
-golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4 h1:HVyaeDAYux4pnY+D/SiwmLOR36ewZ4iGQIIrtnuCjFA=
-golang.org/x/sys v0.0.0-20220422013727-9388b58f7150 h1:xHms4gcpe1YE7A3yIllJXP16CMAGuqwO2lX1mTyyRRc=
-golang.org/x/text v0.3.7 h1:olpwvP2KacW1ZWvsR7uQhoyTYvKAupfQrRGBFM352Gk=
+github.com/onsi/gomega v1.24.1 h1:KORJXNNTzJXzu4ScJWssJfJMnJ+2QJqhoQSRwNlze9E=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk=
+golang.org/x/crypto v0.5.0 h1:U/0M97KRkSFvyD/3FSmdP5W5swImpNgle/EHFhOsQPE=
+golang.org/x/crypto v0.5.0/go.mod h1:NK/OQwhpMQP3MwtdjgLlYHnH9ebylxKWv3e0fK+mkQU=
+golang.org/x/net v0.5.0 h1:GyT4nK/YDHSqa1c4753ouYCDajOYKTja9Xb/OHtgvSw=
+golang.org/x/sys v0.4.0 h1:Zr2JFtRQNX3BCZ8YtxRE9hNJYC8J6I1MVbMg6owUp18=
+golang.org/x/text v0.6.0 h1:3XmdazWV+ubf7QgHSTWeykHOci5oeekaGJBLkrkaw4k=
 gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
diff --git a/app/infrastructure/middleware.go b/app/infrastructure/middleware.go
index d0497fe..911ea41 100644
--- a/app/infrastructure/middleware.go
+++ b/app/infrastructure/middleware.go
@@ -102,7 +102,7 @@ func (mw *Middleware) Refresh(next http.Handler) http.Handler {
 }
 
 // CORSMain is a middleware for main requests.
-func (mw *Middleware) CORSMain(next http.Handler) http.Handler {
+func (mw *Middleware) CORS(next http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		w.Header().Set("Access-Control-Allow-Origin", os.Getenv("ALLOW_ORIGIN"))
 		w.Header().Set("Access-Control-Expose-Headers", "Content-Length, Pagination-Count, Pagination-Pagecount, Pagination-Page, Pagination-Limit")
diff --git a/app/infrastructure/router.go b/app/infrastructure/router.go
index 38b40cf..cade49e 100644
--- a/app/infrastructure/router.go
+++ b/app/infrastructure/router.go
@@ -3,6 +3,7 @@ package infrastructure
 import (
 	"database/sql"
 	"net/http"
+	"os"
 
 	"github.com/bmf-san/gobel-api/app/domain"
 	"github.com/bmf-san/gobel-api/app/interfaces/controller"
@@ -12,7 +13,7 @@ import (
 )
 
 // Route sets the routing.
-func Route(connm *sql.DB, connr *redis.Client, l domain.Logger) *goblin.Router {
+func Route(connm *sql.DB, connr *redis.Client, l domain.Logger) goblin.Router {
 	ar := repository.AdminRepository{
 		ConnMySQL: connm,
 		ConnRedis: connr,
@@ -23,7 +24,11 @@ func Route(connm *sql.DB, connr *redis.Client, l domain.Logger) *goblin.Router {
 
 	mw := NewMiddleware(l, ar, jr)
 
-	defaultController := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+	defaultOPTIONSHandler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Set("Access-Control-Allow-Origin", os.Getenv("ALLOW_ORIGIN"))
+		w.Header().Set("Access-Control-Max-Age", "86400")
+		w.Header().Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE, PATCH")
+		w.Header().Set("Access-Control-Allow-Headers", "Origin, Content-Type, Content-Length, Accept-Encoding, Authorization, Access-Control-Allow-Origin")
 		w.WriteHeader(http.StatusNoContent)
 	})
 	authController := controller.NewAuthController(connm, connr, l)
@@ -34,103 +39,44 @@ func Route(connm *sql.DB, connr *redis.Client, l domain.Logger) *goblin.Router {
 
 	r := goblin.NewRouter()
 
+	r.DefaultOPTIONSHandler = defaultOPTIONSHandler
+
 	r.Methods(http.MethodGet).Handler(`/healthcheck`, http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		w.WriteHeader(http.StatusOK)
 		w.Write([]byte("ok"))
 	}))
 
-	r.Methods(http.MethodGet).Use(mw.CORSMain).Handler(`/posts`, postController.Index())
-	r.Methods(http.MethodOptions).Use(mw.CORSPreflight).Handler(`/posts`, defaultController)
-
-	r.Methods(http.MethodGet).Use(mw.CORSMain).Handler(`/posts/categories/:name`, postController.IndexByCategory())
-	r.Methods(http.MethodOptions).Use(mw.CORSPreflight).Handler(`/posts/categories/:name`, defaultController)
-
-	r.Methods(http.MethodGet).Use(mw.CORSMain).Handler(`/posts/tags/:name`, postController.IndexByTag())
-	r.Methods(http.MethodOptions).Use(mw.CORSPreflight).Handler(`/posts/tags/:name`, defaultController)
-
-	r.Methods(http.MethodGet).Use(mw.CORSMain).Handler(`/posts/:title`, postController.Show())
-	r.Methods(http.MethodOptions).Use(mw.CORSPreflight).Handler(`/posts/:title`, defaultController)
-
-	r.Methods(http.MethodPost).Use(mw.CORSMain).Handler(`/posts/:title/comments`, commentController.Store())
-	r.Methods(http.MethodOptions).Use(mw.CORSPreflight).Handler(`/posts/:title/comments`, defaultController)
-
-	r.Methods(http.MethodGet).Use(mw.CORSMain).Handler(`/categories`, categoryController.Index())
-	r.Methods(http.MethodOptions).Use(mw.CORSPreflight).Handler(`/categories`, defaultController)
-
-	r.Methods(http.MethodGet).Use(mw.CORSMain).Handler(`/categories/:name`, categoryController.Show())
-	r.Methods(http.MethodOptions).Use(mw.CORSPreflight).Handler(`/categories/:name`, defaultController)
-
-	r.Methods(http.MethodGet).Use(mw.CORSMain).Handler(`/tags`, tagController.Index())
-	r.Methods(http.MethodOptions).Use(mw.CORSPreflight).Handler(`/tags`, defaultController)
-
-	r.Methods(http.MethodGet).Use(mw.CORSMain).Handler(`/tags/:name`, tagController.Show())
-	r.Methods(http.MethodOptions).Use(mw.CORSPreflight).Handler(`/tags/:name`, defaultController)
-
-	r.Methods(http.MethodPost).Use(mw.CORSMain).Handler(`/signin`, authController.SignIn())
-	r.Methods(http.MethodOptions).Use(mw.CORSPreflight).Handler(`/signin`, defaultController)
-
-	r.Methods(http.MethodPost).Use(mw.CORSMain, mw.Auth).Handler(`/private/signout`, authController.SignOut())
-	r.Methods(http.MethodOptions).Use(mw.CORSPreflight).Handler(`/private/signout`, defaultController)
-
-	r.Methods(http.MethodPost).Use(mw.CORSMain, mw.Refresh).Handler(`/private/refresh`, authController.Refresh())
-	r.Methods(http.MethodOptions).Use(mw.CORSPreflight).Handler(`/private/refresh`, defaultController)
-
-	r.Methods(http.MethodGet).Use(mw.CORSMain, mw.Auth).Handler(`/private/me`, authController.ShowMe())
-	r.Methods(http.MethodOptions).Use(mw.CORSPreflight).Handler(`/private/me`, defaultController)
-
-	r.Methods(http.MethodGet).Use(mw.CORSMain, mw.Auth).Handler(`/private/posts`, postController.IndexPrivate())
-	r.Methods(http.MethodOptions).Use(mw.CORSPreflight).Handler(`/private/posts`, defaultController)
-
-	r.Methods(http.MethodGet).Use(mw.CORSMain, mw.Auth).Handler(`/private/posts/:id`, postController.ShowPrivate())
-	r.Methods(http.MethodOptions).Use(mw.CORSPreflight).Handler(`/private/posts/:id`, defaultController)
-
-	r.Methods(http.MethodPost).Use(mw.CORSMain, mw.Auth).Handler(`/private/posts`, postController.StorePrivate())
-	r.Methods(http.MethodOptions).Use(mw.CORSPreflight).Handler(`/private/posts`, defaultController)
-
-	r.Methods(http.MethodPatch).Use(mw.CORSMain, mw.Auth).Handler(`/private/posts/:id`, postController.UpdatePrivate())
-	r.Methods(http.MethodOptions).Use(mw.CORSPreflight).Handler(`/private/posts/:id`, defaultController)
-
-	r.Methods(http.MethodDelete).Use(mw.CORSMain, mw.Auth).Handler(`/private/posts/:id`, postController.DestroyPrivate())
-	r.Methods(http.MethodOptions).Use(mw.CORSPreflight).Handler(`/private/posts/:id`, defaultController)
-
-	r.Methods(http.MethodGet).Use(mw.CORSMain, mw.Auth).Handler(`/private/comments`, commentController.IndexPrivate())
-	r.Methods(http.MethodOptions).Use(mw.CORSPreflight).Handler(`/private/comments`, defaultController)
-
-	r.Methods(http.MethodGet).Use(mw.CORSMain, mw.Auth).Handler(`/private/comments/:id`, commentController.ShowPrivate())
-	r.Methods(http.MethodOptions).Use(mw.CORSPreflight).Handler(`/private/comments/:id`, defaultController)
-
-	r.Methods(http.MethodPatch).Use(mw.CORSMain, mw.Auth).Handler(`/private/comments/:id/status`, commentController.UpdateStatusPrivate())
-	r.Methods(http.MethodOptions).Use(mw.CORSPreflight).Handler(`/private/comments/:id/status`, defaultController)
-
-	r.Methods(http.MethodGet).Use(mw.CORSMain, mw.Auth).Handler(`/private/categories`, categoryController.IndexPrivate())
-	r.Methods(http.MethodOptions).Use(mw.CORSPreflight).Handler(`/private/categories`, defaultController)
-
-	r.Methods(http.MethodGet).Use(mw.CORSMain, mw.Auth).Handler(`/private/categories/:id`, categoryController.ShowPrivate())
-	r.Methods(http.MethodOptions).Use(mw.CORSPreflight).Handler(`/private/categories/:id`, defaultController)
-
-	r.Methods(http.MethodPost).Use(mw.CORSMain, mw.Auth).Handler(`/private/categories`, categoryController.StorePrivate())
-	r.Methods(http.MethodOptions).Use(mw.CORSPreflight).Handler(`/private/categories`, defaultController)
-
-	r.Methods(http.MethodPatch).Use(mw.CORSMain, mw.Auth).Handler(`/private/categories/:id`, categoryController.UpdatePrivate())
-	r.Methods(http.MethodOptions).Use(mw.CORSPreflight).Handler(`/private/categories/:id`, defaultController)
-
-	r.Methods(http.MethodDelete).Use(mw.CORSMain, mw.Auth).Handler(`/private/categories/:id`, categoryController.DestroyPrivate())
-	r.Methods(http.MethodOptions).Use(mw.CORSPreflight).Handler(`/private/categories/:id`, defaultController)
-
-	r.Methods(http.MethodGet).Use(mw.CORSMain, mw.Auth).Handler(`/private/tags`, tagController.IndexPrivate())
-	r.Methods(http.MethodOptions).Use(mw.CORSPreflight).Handler(`/private/tags`, defaultController)
-
-	r.Methods(http.MethodGet).Use(mw.CORSMain, mw.Auth).Handler(`/private/tags/:id`, tagController.ShowPrivate())
-	r.Methods(http.MethodOptions).Use(mw.CORSPreflight).Handler(`/private/tags/:id`, defaultController)
-
-	r.Methods(http.MethodPost).Use(mw.CORSMain, mw.Auth).Handler(`/private/tags`, tagController.StorePrivate())
-	r.Methods(http.MethodOptions).Use(mw.CORSPreflight).Handler(`/private/tags`, defaultController)
-
-	r.Methods(http.MethodPatch).Use(mw.CORSMain, mw.Auth).Handler(`/private/tags/:id`, tagController.UpdatePrivate())
-	r.Methods(http.MethodOptions).Use(mw.CORSPreflight).Handler(`/private/tags/:id`, defaultController)
-
-	r.Methods(http.MethodDelete).Use(mw.CORSMain, mw.Auth).Handler(`/private/tags/:id`, tagController.DestroyPrivate())
-	r.Methods(http.MethodOptions).Use(mw.CORSPreflight).Handler(`/private/tags/:id`, defaultController)
+	r.UseGlobal(mw.CORS)
+	r.Methods(http.MethodGet).Handler(`/posts`, postController.Index())
+	r.Methods(http.MethodGet).Handler(`/posts/categories/:name`, postController.IndexByCategory())
+	r.Methods(http.MethodGet).Handler(`/posts/tags/:name`, postController.IndexByTag())
+	r.Methods(http.MethodGet).Handler(`/posts/:title`, postController.Show())
+	r.Methods(http.MethodPost).Handler(`/posts/:title/comments`, commentController.Store())
+	r.Methods(http.MethodGet).Handler(`/categories`, categoryController.Index())
+	r.Methods(http.MethodGet).Handler(`/categories/:name`, categoryController.Show())
+	r.Methods(http.MethodGet).Handler(`/tags`, tagController.Index())
+	r.Methods(http.MethodGet).Handler(`/tags/:name`, tagController.Show())
+	r.Methods(http.MethodPost).Handler(`/signin`, authController.SignIn())
+	r.Methods(http.MethodPost).Use(mw.Auth).Handler(`/private/signout`, authController.SignOut())
+	r.Methods(http.MethodPost).Use(mw.Refresh).Handler(`/private/refresh`, authController.Refresh())
+	r.Methods(http.MethodGet).Use(mw.Auth).Handler(`/private/me`, authController.ShowMe())
+	r.Methods(http.MethodGet).Use(mw.Auth).Handler(`/private/posts`, postController.IndexPrivate())
+	r.Methods(http.MethodGet).Use(mw.Auth).Handler(`/private/posts/:id`, postController.ShowPrivate())
+	r.Methods(http.MethodPost).Use(mw.Auth).Handler(`/private/posts`, postController.StorePrivate())
+	r.Methods(http.MethodPatch).Use(mw.Auth).Handler(`/private/posts/:id`, postController.UpdatePrivate())
+	r.Methods(http.MethodDelete).Use(mw.Auth).Handler(`/private/posts/:id`, postController.DestroyPrivate())
+	r.Methods(http.MethodGet).Use(mw.Auth).Handler(`/private/comments`, commentController.IndexPrivate())
+	r.Methods(http.MethodGet).Use(mw.Auth).Handler(`/private/comments/:id`, commentController.ShowPrivate())
+	r.Methods(http.MethodPatch).Use(mw.Auth).Handler(`/private/comments/:id/status`, commentController.UpdateStatusPrivate())
+	r.Methods(http.MethodGet).Use(mw.Auth).Handler(`/private/categories`, categoryController.IndexPrivate())
+	r.Methods(http.MethodGet).Use(mw.Auth).Handler(`/private/categories/:id`, categoryController.ShowPrivate())
+	r.Methods(http.MethodPost).Use(mw.Auth).Handler(`/private/categories`, categoryController.StorePrivate())
+	r.Methods(http.MethodPatch).Use(mw.Auth).Handler(`/private/categories/:id`, categoryController.UpdatePrivate())
+	r.Methods(http.MethodDelete).Use(mw.Auth).Handler(`/private/categories/:id`, categoryController.DestroyPrivate())
+	r.Methods(http.MethodGet).Use(mw.Auth).Handler(`/private/tags`, tagController.IndexPrivate())
+	r.Methods(http.MethodGet).Use(mw.Auth).Handler(`/private/tags/:id`, tagController.ShowPrivate())
+	r.Methods(http.MethodPost).Use(mw.Auth).Handler(`/private/tags`, tagController.StorePrivate())
+	r.Methods(http.MethodDelete).Use(mw.Auth).Handler(`/private/tags/:id`, tagController.DestroyPrivate())
 
 	return r
 }