Split "auth" and "user" routes

internal/dis/component/auth/auth.go

@@ -27,13 +27,10 @@ var (
 	_ component.Routeable = (*Auth)(nil)
 )
 
-func (auth *Auth) Routes() []string { return []string{"/user/"} }
+func (auth *Auth) Routes() []string { return []string{"/auth/"} }
 
 func (auth *Auth) HandleRoute(ctx context.Context, route string) (http.Handler, error) {
 	router := httprouter.New()
-
-	router.Handler(http.MethodGet, route, auth.authUser(ctx))
-
 	{
 		login := auth.authLogin(ctx)
 		router.Handler(http.MethodGet, route+"login", login)
@@ -42,35 +39,12 @@ func (auth *Auth) HandleRoute(ctx context.Context, route string) (http.Handler,
 
 	router.Handler(http.MethodGet, route+"logout", auth.authLogout(ctx))
 
-	{
-		password := auth.authPassword(ctx)
-		router.Handler(http.MethodGet, route+"password", password)
-		router.Handler(http.MethodPost, route+"password", password)
-	}
-
-	{
-		totpenable := auth.authTOTPEnable(ctx)
-		router.Handler(http.MethodGet, route+"totp/enable", totpenable)
-		router.Handler(http.MethodPost, route+"totp/enable", totpenable)
-	}
-
-	{
-		totpenroll := auth.authTOTPEnroll(ctx)
-		router.Handler(http.MethodGet, route+"totp/enroll", totpenroll)
-		router.Handler(http.MethodPost, route+"totp/enroll", totpenroll)
-	}
-
-	{
-		totpdisable := auth.authTOTPDisable(ctx)
-		router.Handler(http.MethodGet, route+"totp/disable", totpdisable)
-		router.Handler(http.MethodPost, route+"totp/disable", totpdisable)
-	}
-
 	return router, nil
 }
 
 func (auth *Auth) CSRF() func(http.Handler) http.Handler {
 	// setup the csrf handler (if needed)
+	// TOOD: This should move to the server handler
 	return auth.csrf.Get(func() func(http.Handler) http.Handler {
 		var opts []csrf.Option
 		if !auth.Config.HTTPSEnabled() {