initial commit

2025-10-14 21:20:25 +03:00
commit 5471f3b138
19 changed files with 1365 additions and 0 deletions
--- a/internal/http/handlers.go
+++ b/internal/http/handlers.go
@@ -0,0 +1,210 @@
+package http
+
+import (
+	"encoding/json"
+	"fmt"
+	"log/slog"
+	"net/http"
+
+	"git.yigid.dev/fyb/tingz/internal/deploy"
+	"git.yigid.dev/fyb/tingz/internal/user"
+)
+
+type Server struct {
+	userMgr   *user.Manager
+	deployMgr *deploy.Manager
+	logger    *slog.Logger
+	baseURL   string
+}
+
+func NewServer(userMgr *user.Manager, deployMgr *deploy.Manager, logger *slog.Logger, baseURL string) *Server {
+	return &Server{
+		userMgr:   userMgr,
+		deployMgr: deployMgr,
+		logger:    logger,
+		baseURL:   baseURL,
+	}
+}
+
+func (s *Server) handleAuthCreate(w http.ResponseWriter, r *http.Request) {
+	var req struct {
+		Username string `json:"username"`
+	}
+
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		s.logger.Warn("failed to decode request", slog.String("error", err.Error()))
+		writeJSON(w, http.StatusBadRequest, map[string]string{
+			"status": "error",
+			"error":  "invalid request body",
+		})
+		return
+	}
+
+	if !user.ValidateUsername(req.Username) {
+		s.logger.Warn("invalid username", slog.String("username", req.Username))
+		writeJSON(w, http.StatusBadRequest, map[string]string{
+			"status": "error",
+			"error":  "invalid username format",
+		})
+		return
+	}
+
+	token, err := s.userMgr.CreateOrUpdate(r.Context(), req.Username)
+	if err != nil {
+		s.logger.Error("failed to create/update user",
+			slog.String("username", req.Username),
+			slog.String("error", err.Error()))
+		writeJSON(w, http.StatusInternalServerError, map[string]string{
+			"status": "error",
+			"error":  "failed to create user",
+		})
+		return
+	}
+
+	s.logger.Info("user created/updated", slog.String("username", req.Username))
+	writeJSON(w, http.StatusOK, map[string]string{
+		"status": "ok",
+		"token":  token,
+	})
+}
+
+func (s *Server) handleAuthDelete(w http.ResponseWriter, r *http.Request) {
+	var req struct {
+		Username string `json:"username"`
+		Files    string `json:"files"`
+	}
+
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		s.logger.Warn("failed to decode request", slog.String("error", err.Error()))
+		writeJSON(w, http.StatusBadRequest, map[string]string{
+			"status": "error",
+			"error":  "invalid request body",
+		})
+		return
+	}
+
+	if !user.ValidateUsername(req.Username) {
+		s.logger.Warn("invalid username", slog.String("username", req.Username))
+		writeJSON(w, http.StatusBadRequest, map[string]string{
+			"status": "error",
+			"error":  "invalid username format",
+		})
+		return
+	}
+
+	if req.Files == "" {
+		req.Files = "persist"
+	}
+
+	deleteFiles := false
+	if req.Files == "delete" {
+		deleteFiles = true
+	} else if req.Files != "persist" {
+		writeJSON(w, http.StatusBadRequest, map[string]string{
+			"status": "error",
+			"error":  "files must be 'persist' or 'delete'",
+		})
+		return
+	}
+
+	err := s.userMgr.Delete(r.Context(), req.Username, deleteFiles)
+	if err != nil {
+		s.logger.Error("failed to delete user",
+			slog.String("username", req.Username),
+			slog.String("error", err.Error()))
+		writeJSON(w, http.StatusInternalServerError, map[string]string{
+			"status": "error",
+			"error":  err.Error(),
+		})
+		return
+	}
+
+	s.logger.Info("user deleted",
+		slog.String("username", req.Username),
+		slog.Bool("files_deleted", deleteFiles))
+	writeJSON(w, http.StatusOK, map[string]string{
+		"status": "ok",
+	})
+}
+
+func (s *Server) handleDeploy(w http.ResponseWriter, r *http.Request) {
+	username, ok := getUsernameFromContext(r.Context())
+	if !ok {
+		writeJSON(w, http.StatusUnauthorized, map[string]string{
+			"status": "error",
+			"error":  "unauthorized",
+		})
+		return
+	}
+
+	if err := r.ParseMultipartForm(32 << 20); err != nil {
+		s.logger.Warn("failed to parse multipart form", slog.String("error", err.Error()))
+		writeJSON(w, http.StatusBadRequest, map[string]string{
+			"status": "error",
+			"error":  "failed to parse multipart form",
+		})
+		return
+	}
+
+	project := r.FormValue("project")
+	if !user.ValidateProjectName(project) {
+		s.logger.Warn("invalid project name", slog.String("project", project))
+		writeJSON(w, http.StatusBadRequest, map[string]string{
+			"status": "error",
+			"error":  "invalid project name format",
+		})
+		return
+	}
+
+	file, header, err := r.FormFile("file")
+	if err != nil {
+		s.logger.Warn("failed to get file from form", slog.String("error", err.Error()))
+		writeJSON(w, http.StatusBadRequest, map[string]string{
+			"status": "error",
+			"error":  "missing or invalid file",
+		})
+		return
+	}
+	defer file.Close()
+
+	s.logger.Info("processing deployment",
+		slog.String("username", username),
+		slog.String("project", project),
+		slog.String("filename", header.Filename),
+		slog.Int64("size", header.Size))
+
+	releaseID, err := s.deployMgr.Deploy(r.Context(), username, project, file)
+	if err != nil {
+		s.logger.Error("deployment failed",
+			slog.String("username", username),
+			slog.String("project", project),
+			slog.String("error", err.Error()))
+		writeJSON(w, http.StatusInternalServerError, map[string]string{
+			"status": "error",
+			"error":  err.Error(),
+		})
+		return
+	}
+
+	url := fmt.Sprintf("%s/%s/%s/", s.baseURL, username, project)
+	writeJSON(w, http.StatusOK, map[string]string{
+		"status":   "ok",
+		"project":  project,
+		"username": username,
+		"url":      url,
+		"release":  releaseID,
+	})
+}
+
+func (s *Server) handleStatus(w http.ResponseWriter, r *http.Request) {
+	writeJSON(w, http.StatusOK, map[string]string{
+		"status": "ok",
+	})
+}
+
+func writeJSON(w http.ResponseWriter, status int, data interface{}) {
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(status)
+	json.NewEncoder(w).Encode(data)
+}
+
--- a/internal/http/middleware.go
+++ b/internal/http/middleware.go
@@ -0,0 +1,138 @@
+package http
+
+import (
+	"context"
+	"crypto/subtle"
+	"log/slog"
+	"net/http"
+	"strings"
+	"time"
+
+	"git.yigid.dev/fyb/tingz/internal/user"
+)
+
+type contextKey string
+
+const usernameKey contextKey = "username"
+
+func AdminAuthMiddleware(adminToken string, logger *slog.Logger) func(http.Handler) http.Handler {
+	return func(next http.Handler) http.Handler {
+		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			authHeader := r.Header.Get("Authorization")
+			if authHeader == "" {
+				logger.Warn("missing authorization header")
+				writeJSON(w, http.StatusUnauthorized, map[string]string{
+					"status": "error",
+					"error":  "missing authorization header",
+				})
+				return
+			}
+
+			parts := strings.SplitN(authHeader, " ", 2)
+			if len(parts) != 2 || parts[0] != "Bearer" {
+				logger.Warn("invalid authorization header format")
+				writeJSON(w, http.StatusUnauthorized, map[string]string{
+					"status": "error",
+					"error":  "invalid authorization header format",
+				})
+				return
+			}
+
+			token := parts[1]
+			if subtle.ConstantTimeCompare([]byte(token), []byte(adminToken)) != 1 {
+				logger.Warn("invalid admin token")
+				writeJSON(w, http.StatusUnauthorized, map[string]string{
+					"status": "error",
+					"error":  "invalid admin token",
+				})
+				return
+			}
+
+			next.ServeHTTP(w, r)
+		})
+	}
+}
+
+func UserAuthMiddleware(userMgr *user.Manager, logger *slog.Logger) func(http.Handler) http.Handler {
+	return func(next http.Handler) http.Handler {
+		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			authHeader := r.Header.Get("Authorization")
+			if authHeader == "" {
+				logger.Warn("missing authorization header")
+				writeJSON(w, http.StatusUnauthorized, map[string]string{
+					"status": "error",
+					"error":  "missing authorization header",
+				})
+				return
+			}
+
+			parts := strings.SplitN(authHeader, " ", 2)
+			if len(parts) != 2 || parts[0] != "Bearer" {
+				logger.Warn("invalid authorization header format")
+				writeJSON(w, http.StatusUnauthorized, map[string]string{
+					"status": "error",
+					"error":  "invalid authorization header format",
+				})
+				return
+			}
+
+			token := parts[1]
+			username, err := userMgr.GetByToken(r.Context(), token)
+			if err != nil {
+				logger.Warn("invalid user token", slog.String("error", err.Error()))
+				writeJSON(w, http.StatusUnauthorized, map[string]string{
+					"status": "error",
+					"error":  "invalid token",
+				})
+				return
+			}
+
+			ctx := context.WithValue(r.Context(), usernameKey, username)
+			next.ServeHTTP(w, r.WithContext(ctx))
+		})
+	}
+}
+
+func LoggingMiddleware(logger *slog.Logger) func(http.Handler) http.Handler {
+	return func(next http.Handler) http.Handler {
+		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			start := time.Now()
+
+			wrapped := &responseWriter{ResponseWriter: w, statusCode: http.StatusOK}
+			next.ServeHTTP(wrapped, r)
+
+			duration := time.Since(start)
+			logger.Info("request completed",
+				slog.String("method", r.Method),
+				slog.String("path", r.URL.Path),
+				slog.Int("status", wrapped.statusCode),
+				slog.Duration("duration", duration),
+				slog.String("remote_addr", r.RemoteAddr))
+		})
+	}
+}
+
+func MaxBytesMiddleware(maxBytes int64) func(http.Handler) http.Handler {
+	return func(next http.Handler) http.Handler {
+		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			r.Body = http.MaxBytesReader(w, r.Body, maxBytes)
+			next.ServeHTTP(w, r)
+		})
+	}
+}
+
+type responseWriter struct {
+	http.ResponseWriter
+	statusCode int
+}
+
+func (rw *responseWriter) WriteHeader(code int) {
+	rw.statusCode = code
+	rw.ResponseWriter.WriteHeader(code)
+}
+
+func getUsernameFromContext(ctx context.Context) (string, bool) {
+	username, ok := ctx.Value(usernameKey).(string)
+	return username, ok
+}
+
--- a/internal/http/router.go
+++ b/internal/http/router.go
@@ -0,0 +1,29 @@
+package http
+
+import (
+	"log/slog"
+	"net/http"
+
+	"git.yigid.dev/fyb/tingz/internal/config"
+	"git.yigid.dev/fyb/tingz/internal/deploy"
+	"git.yigid.dev/fyb/tingz/internal/user"
+)
+
+func NewRouter(cfg *config.Config, userMgr *user.Manager, deployMgr *deploy.Manager, logger *slog.Logger) http.Handler {
+	mux := http.NewServeMux()
+	
+	baseURL := "https://docs.yigid.dev"
+	server := NewServer(userMgr, deployMgr, logger, baseURL)
+
+	adminAuth := AdminAuthMiddleware(cfg.AdminToken, logger)
+	userAuth := UserAuthMiddleware(userMgr, logger)
+	maxBytes := MaxBytesMiddleware(cfg.MaxUploadSize)
+
+	mux.Handle("POST /api/v1/auth", adminAuth(http.HandlerFunc(server.handleAuthCreate)))
+	mux.Handle("DELETE /api/v1/auth", adminAuth(http.HandlerFunc(server.handleAuthDelete)))
+	mux.Handle("POST /api/v1/deploy", userAuth(maxBytes(http.HandlerFunc(server.handleDeploy))))
+	mux.HandleFunc("GET /api/v1/status", server.handleStatus)
+
+	return LoggingMiddleware(logger)(mux)
+}
+