Add hot reload for backend

Signed-off-by: Asai Neko <sugar@sne.moe>

.env.development

@@ -1,32 +1 @@
-
-SERVER_APPLICATION=nixcn-cms
-SERVER_ADDRESS=:8000
-SERVER_EXTERNAL_URL=http://test.sne.moe:8080
-SERVER_DEBUG_MODE=true
-SERVER_FILE_LOGGER=false
-
-DATABASE_TYPE=postgres
-DATABASE_HOST=localhost:5432
-DATABASE_NAME=postgres
-DATABASE_USERNAME=postgres
-DATABASE_PASSWORD=postgres
-
-CACHE_HOSTS=localhost:6379
-CACHE_MASTER=
-CACHE_USERNAME=
-CACHE_PASSWORD=
-CACHE_DB=0
-
-SEARCH_HOST=localhost
-SEARCH_API_KEY=
-
-EMAIL_RESEND_API_KEY=re_BMJaPVVB_kgdf1Go7n3dWVywp6hp4WmSA
-EMAIL_FROM=NixCN CMS Email Verify <nixcn@violet.sne.moe>
-
-SECRETS_JWT_SECRET=6Wd5xkDkF4XX5q2Ckq6TY6WX
-SECRETS_TURNSTILE_SECRET=0x4AAAAAACI5pgVONOZ0rzyAYsdUcoOBF8w
-
-TTL_MAGIC_LINK_TTL=10m
-TTL_ACCESS_TTL=15s
-TTL_REFRESH_TTL=168h
-TTL_CHECKIN_COSE_TTL=10m
+TZ=Asia/Shanghai

config.default.yaml

@@ -28,5 +28,5 @@ secrets:
 ttl:
     magic_link_ttl: 10m
     jwt_ttl: 15s
-    refresh_ttl: 7d
-    checkin_code_ttl: 5m
+    refresh_ttl: 168h
+    checkin_code_ttl: 10m

config/types.go

@@ -13,9 +13,9 @@ type config struct {
 type server struct {
 	Application string `yaml:"application"`
 	Address     string `yaml:"address"`
+	ExternalUrl string `yaml:"external_url"`
 	DebugMode   string `yaml:"debug_mode"`
 	FileLogger  string `yaml:"file_logger"`
-	JwtSecret   string `yaml:"jwt_secret"`
 }
 
 type database struct {

devenv.nix

@@ -8,6 +8,7 @@
   packages = [
     pkgs.git
     pkgs.just
+    pkgs.watchexec
   ];
 
   dotenv = {
@@ -32,11 +33,7 @@
       exec = "bun run dev";
       cwd = "./client";
     };
-    backend.exec = "just backend";
-  };
-
-  tasks = {
-    "backend:build".exec = "just clean && just build";
+    backend.exec = "just dev-back";
   };
 
   services = {

justfile

@@ -34,5 +34,8 @@ run-back:
 test-back:
     cd {{ output_dir }} && CONFIG_PATH={{ output_dir }} GO_ENV=test go test -C .. ./...
 
+dev-back: clean
+    watchexec -r -e go,yaml,tpl -i '.devenv/**' -i '.direnv/**' -i 'client/**' -i 'vendor/**' 'go build -o {{ join(output_dir, "nixcn-cms") }} . && cd {{ output_dir }} && CONFIG_PATH={{ output_dir }} {{ exec_path }}'
+
 dev:
     devenv up --verbose

pkgs/authcode/authcode.go

@@ -1,4 +1,4 @@
-package magiclink
+package authcode
 
 import (
 	"crypto/rand"
@@ -19,7 +19,7 @@ var (
 )
 
 // Generate magic token
-func NewMagicToken(email string) (string, error) {
+func NewAuthCode(email string) (string, error) {
 	b := make([]byte, 32)
 	if _, err := rand.Read(b); err != nil {
 		return "", err
@@ -36,7 +36,7 @@ func NewMagicToken(email string) (string, error) {
 }
 
 // Verify magic token
-func VerifyMagicToken(token string) (string, bool) {
+func VerifyAuthCode(token string) (string, bool) {
 	val, ok := store.Load(token)
 	if !ok {
 		return "", false

service/auth/handler.go

@@ -3,6 +3,8 @@ package auth
 import "github.com/gin-gonic/gin"
 
 func Handler(r *gin.RouterGroup) {
-	r.POST("/magic", RequestMagicLink)
+	r.GET("/redirect", Redirect)
+	r.POST("/magic", Magic)
 	r.POST("/refresh", Refresh)
+	r.POST("/token", Token)
 }

service/auth/magic.go

@@ -3,8 +3,8 @@ package auth
 import (
 	"nixcn-cms/data"
 	"nixcn-cms/internal/cryptography"
+	"nixcn-cms/pkgs/authcode"
 	"nixcn-cms/pkgs/email"
-	"nixcn-cms/pkgs/magiclink"
 	"nixcn-cms/pkgs/turnstile"
 
 	"github.com/google/uuid"
@@ -15,14 +15,17 @@ import (
 	"github.com/spf13/viper"
 )
 
-type MagicLinkRequest struct {
-	Email          string `json:"email" binding:"required,email"`
-	TurnstileToken string `json:"turnstile_token" binding:"required"`
+type MagicRequest struct {
+	ClientId       string `json:"client_id"`
+	RedirectUri    string `json:"redirect_uri"`
+	State          string `json:"state"`
+	Email          string `json:"email"`
+	TurnstileToken string `json:"turnstile_token"`
 }
 
-func RequestMagicLink(c *gin.Context) {
+func Magic(c *gin.Context) {
 	// Parse request
-	var req MagicLinkRequest
+	var req MagicRequest
 	if err := c.ShouldBindJSON(&req); err != nil {
 		c.JSON(400, gin.H{"error": "invalid request"})
 		return
@@ -35,18 +38,20 @@ func RequestMagicLink(c *gin.Context) {
 		return
 	}
 
-	// Generate magic token
-	token, err := magiclink.NewMagicToken(req.Email)
+	code, err := authcode.NewAuthCode(req.Email)
 	if err != nil {
-		c.JSON(500, gin.H{"error": "internal error"})
-		return
+		c.JSON(500, gin.H{"status": "code gen failed"})
 	}
 
-	link := viper.GetString("server.external_url") + "/login?ticket=" + token
+	uri := viper.GetString("server.external_url") +
+		"/api/v1/auth/redirect?" +
+		"code=" + code +
+		"&redirect_uri" + req.RedirectUri +
+		"&state" + req.State
 
 	debugMode := viper.GetString("server.debug_mode")
 	if debugMode == "true" {
-		log.Info("Magic link for " + req.Email + " : " + link)
+		log.Info("Magic link for " + req.Email + " : " + uri)
 	} else {
 		// Send email using resend
 		resend, err := email.NewResendClient()
@@ -58,7 +63,7 @@ func RequestMagicLink(c *gin.Context) {
 		resend.Send(
 			req.Email,
 			"NixCN CMS Email Verify",
-			"<p>Click the link below to verify your email. This link will expire in 10 minutes.</p><a href="+link+">"+link+"</a>",
+			"<p>Click the link below to verify your email. This link will expire in 10 minutes.</p><a href="+uri+">"+uri+"</a>",
 		)
 	}
 
@@ -74,7 +79,7 @@ func VerifyMagicLink(c *gin.Context) {
 	}
 
 	// Verify email token
-	email, ok := magiclink.VerifyMagicToken(magicToken)
+	email, ok := authcode.VerifyAuthCode(magicToken)
 	if !ok {
 		c.JSON(401, gin.H{"error": "invalid or expired token"})
 		return

service/auth/redirect.go

@@ -1 +1,7 @@
 package auth
+
+import "github.com/gin-gonic/gin"
+
+func Redirect(c *gin.Context) {
+
+}

service/auth/token.go

@@ -1 +1,7 @@
 package auth
+
+import "github.com/gin-gonic/gin"
+
+func Token(c *gin.Context) {
+
+}