Oauth2 support

backend/internal/api/router.go

@@ -50,6 +50,7 @@ func NewRouter() http.Handler {
 		middleware.Expansion,
 		middleware.DecodeAuth(),
 		middleware.BodyContext(),
+		middleware.Log,
 	)
 
 	return applyRoutes(r)
@@ -61,6 +62,12 @@ func applyRoutes(r chi.Router) chi.Router {
 	r.NotFound(handler.NotFound())
 	r.MethodNotAllowed(handler.NotAllowed())
 
+	// OAuth endpoints aren't technically API endpoints
+	r.With(middleware.EnforceSetup()).Route("/oauth", func(r chi.Router) {
+		r.Get("/login", handler.OAuthLogin())
+		r.Get("/redirect", handler.OAuthRedirect())
+	})
+
 	// SSE - requires a sse token as the `jwt` get parameter
 	// Exists inside /api but it's here so that we can skip the Timeout middleware
 	// that applies to other endpoints.