feat: allow viewing/spectating games without login

Make watch, ranking, game list, and tournament endpoints accessible without authentication. Unauthenticated users can browse games and spectate from the index page, while play/submit/preview still require login. https://claude.ai/code/session_019j9tNcnLsLz15e1qtbmeqe
author: Claude <noreply@anthropic.com> 2026-02-20 17:53:55 +0000
committer: Claude <noreply@anthropic.com> 2026-02-20 17:53:55 +0000
commit: 4af93cae1ca54ad7c9bc7eb4b56c010f55c4c72d (patch)
tree: 804f0aee031469aad98a15cf8307cc9f0794c5bc /backend
parent: 00354d392a0bcddaac71fee7b6aae721e5747f59 (diff)
download: phperkaigi-2026-albatross-4af93cae1ca54ad7c9bc7eb4b56c010f55c4c72d.tar.gz
phperkaigi-2026-albatross-4af93cae1ca54ad7c9bc7eb4b56c010f55c4c72d.tar.zst
phperkaigi-2026-albatross-4af93cae1ca54ad7c9bc7eb4b56c010f55c4c72d.zip
3 files changed, 21 insertions, 33 deletions
diff --git a/backend/api/handler.go b/backend/api/handler.go
index 57ae973..dcebfa1 100644
--- a/backend/api/handler.go
+++ b/backend/api/handler.go
@@ -218,7 +218,7 @@ func (h *Handler) GetGame(ctx context.Context, request GetGameRequestObject, use
 		}
 		return nil, echo.NewHTTPError(http.StatusInternalServerError, err.Error())
 	}
-	if !row.IsPublic && !user.IsAdmin {
+	if !row.IsPublic && (user == nil || !user.IsAdmin) {
 		return GetGame404JSONResponse{
 			Message: "Game not found",
 		}, nil
@@ -318,7 +318,7 @@ func (h *Handler) GetGameWatchLatestStates(ctx context.Context, request GetGameW
 			Status:               status,
 		}
 
-		if row.UserID == user.UserID && !user.IsAdmin {
+		if user != nil && row.UserID == user.UserID && !user.IsAdmin {
 			return GetGameWatchLatestStates403JSONResponse{
 				Message: "You are one of the main players of this game",
 			}, nil
diff --git a/backend/api/handler_wrapper.go b/backend/api/handler_wrapper.go
index 48a0eef..1c8bc83 100644
--- a/backend/api/handler_wrapper.go
+++ b/backend/api/handler_wrapper.go
@@ -28,12 +28,7 @@ func NewHandler(queries db.Querier, txm db.TxManager, hub GameHubInterface, auth
 }
 
 func (h *HandlerWrapper) GetGame(ctx context.Context, request GetGameRequestObject) (GetGameResponseObject, error) {
-	user, ok := GetUserFromContext(ctx)
-	if !ok {
-		return GetGame401JSONResponse{
-			Message: "Unauthorized",
-		}, nil
-	}
+	user, _ := GetUserFromContext(ctx)
 	return h.impl.GetGame(ctx, request, user)
 }
 
@@ -58,32 +53,17 @@ func (h *HandlerWrapper) GetGamePlaySubmissions(ctx context.Context, request Get
 }
 
 func (h *HandlerWrapper) GetGameWatchLatestStates(ctx context.Context, request GetGameWatchLatestStatesRequestObject) (GetGameWatchLatestStatesResponseObject, error) {
-	user, ok := GetUserFromContext(ctx)
-	if !ok {
-		return GetGameWatchLatestStates401JSONResponse{
-			Message: "Unauthorized",
-		}, nil
-	}
+	user, _ := GetUserFromContext(ctx)
 	return h.impl.GetGameWatchLatestStates(ctx, request, user)
 }
 
 func (h *HandlerWrapper) GetGameWatchRanking(ctx context.Context, request GetGameWatchRankingRequestObject) (GetGameWatchRankingResponseObject, error) {
-	user, ok := GetUserFromContext(ctx)
-	if !ok {
-		return GetGameWatchRanking401JSONResponse{
-			Message: "Unauthorized",
-		}, nil
-	}
+	user, _ := GetUserFromContext(ctx)
 	return h.impl.GetGameWatchRanking(ctx, request, user)
 }
 
 func (h *HandlerWrapper) GetGames(ctx context.Context, request GetGamesRequestObject) (GetGamesResponseObject, error) {
-	user, ok := GetUserFromContext(ctx)
-	if !ok {
-		return GetGames401JSONResponse{
-			Message: "Unauthorized",
-		}, nil
-	}
+	user, _ := GetUserFromContext(ctx)
 	return h.impl.GetGames(ctx, request, user)
 }
 
@@ -98,12 +78,7 @@ func (h *HandlerWrapper) GetMe(ctx context.Context, request GetMeRequestObject)
 }
 
 func (h *HandlerWrapper) GetTournament(ctx context.Context, request GetTournamentRequestObject) (GetTournamentResponseObject, error) {
-	user, ok := GetUserFromContext(ctx)
-	if !ok {
-		return GetTournament401JSONResponse{
-			Message: "Unauthorized",
-		}, nil
-	}
+	user, _ := GetUserFromContext(ctx)
 	return h.impl.GetTournament(ctx, request, user)
 }
 
diff --git a/backend/gen/api/handler_wrapper_gen.go b/backend/gen/api/handler_wrapper_gen.go
index e3e56c1..982e191 100644
--- a/backend/gen/api/handler_wrapper_gen.go
+++ b/backend/gen/api/handler_wrapper_gen.go
@@ -61,16 +61,26 @@ func main() {
 	}
 	slices.Sort(methods)
 
+	loginOptionalMethods := map[string]bool{
+		"GetGames":                  true,
+		"GetGame":                   true,
+		"GetGameWatchLatestStates":  true,
+		"GetGameWatchRanking":       true,
+		"GetTournament":             true,
+	}
+
 	type TemplateParameter struct {
 		Name              string
 		RequiresLogin     bool
+		LoginOptional     bool
 		RequiresAdminRole bool
 	}
 	templateParameters := make([]TemplateParameter, len(methods))
 	for i, method := range methods {
 		templateParameters[i] = TemplateParameter{
 			Name:              method,
-			RequiresLogin:     method != "PostLogin",
+			RequiresLogin:     method != "PostLogin" && !loginOptionalMethods[method],
+			LoginOptional:     loginOptionalMethods[method],
 			RequiresAdminRole: strings.Contains(method, "Admin"),
 		}
 	}
@@ -144,6 +154,9 @@ func NewHandler(queries db.Querier, txm db.TxManager, hub GameHubInterface, auth
 				}
 			{{ end -}}
 			return h.impl.{{ .Name }}(ctx, request, user)
+		{{ else if .LoginOptional -}}
+			user, _ := GetUserFromContext(ctx)
+			return h.impl.{{ .Name }}(ctx, request, user)
 		{{ else -}}
 			return h.impl.{{ .Name }}(ctx, request)
 		{{ end -}}
author	Claude <noreply@anthropic.com>	2026-02-20 17:53:55 +0000
committer	Claude <noreply@anthropic.com>	2026-02-20 17:53:55 +0000
commit	4af93cae1ca54ad7c9bc7eb4b56c010f55c4c72d (patch)
tree	804f0aee031469aad98a15cf8307cc9f0794c5bc /backend
parent	00354d392a0bcddaac71fee7b6aae721e5747f59 (diff)
download	phperkaigi-2026-albatross-4af93cae1ca54ad7c9bc7eb4b56c010f55c4c72d.tar.gz phperkaigi-2026-albatross-4af93cae1ca54ad7c9bc7eb4b56c010f55c4c72d.tar.zst phperkaigi-2026-albatross-4af93cae1ca54ad7c9bc7eb4b56c010f55c4c72d.zip