feat(client): workspace

Signed-off-by: Noa Virellia <noa@requiem.garden>

config.default.yaml

@@ -1,19 +1,11 @@
 server:
     address: :8000
-    external_url: https://example.com
     debug_mode: false
     file_logger: false
+    jwt_secret: someting
 database:
     type: postgres
     host: 127.0.0.1
     name: postgres
     username: postgres
     password: postgres
-email:
-    resend_api_key: abc
-    from:
-secrets:
-    jwt: something
-    turnstile: something
-ttl:
-    magic_link: 15000

config/types.go

@@ -3,9 +3,6 @@ package config
 type config struct {
 	Server   server   `yaml:"server"`
 	Database database `yaml:"database"`
-	Email    email    `yaml:"email"`
-	Secrets  secrets  `yaml:"secrets"`
-	TTL      ttl      `yaml:"ttl"`
 }
 
 type server struct {
@@ -22,17 +19,3 @@ type database struct {
 	Username string `yaml:"username"`
 	Password string `yaml:"password"`
 }
-
-type email struct {
-	ResendApiKey string `yaml:"resend_api_key"`
-	From         string `yaml:"from"`
-}
-
-type secrets struct {
-	jwt       string `yaml:"jwt"`
-	turnstile string `yaml:"turnstile"`
-}
-
-type ttl struct {
-	magic_token string `yaml:"magin_token"`
-}

internal/crypto/jwt/jwt.go

@@ -17,7 +17,7 @@ type Claims struct {
 }
 
 func JWTAuth() gin.HandlerFunc {
-	var JwtSecret = []byte(viper.GetString("secrets.jwt"))
+	var JwtSecret = []byte(viper.GetString("server.jwt_secret"))
 	return func(c *gin.Context) {
 		auth := c.GetHeader("Authorization")
 		if auth == "" {

pkgs/email/resend.go

@@ -1,87 +0,0 @@
-package email
-
-import (
-	"bytes"
-	"encoding/json"
-	"errors"
-	"net/http"
-	"time"
-
-	"github.com/spf13/viper"
-)
-
-type Client struct {
-	apiKey string
-	http   *http.Client
-}
-
-// Resend service client
-func NewResendClient() (*Client, error) {
-	key := viper.GetString("email.resend_api_key")
-	if key == "" {
-		return nil, errors.New("RESEND_API_KEY not set")
-	}
-
-	return &Client{
-		apiKey: key,
-		http: &http.Client{
-			Timeout: 10 * time.Second,
-		},
-	}, nil
-}
-
-type sendEmailRequest struct {
-	From    string   `json:"from"`
-	To      []string `json:"to"`
-	Subject string   `json:"subject"`
-	HTML    string   `json:"html,omitempty"`
-	Text    string   `json:"text,omitempty"`
-}
-
-type sendEmailResponse struct {
-	ID string `json:"id"`
-}
-
-// Send email by resend API
-func (c *Client) Send(to, subject, html string) (string, error) {
-	reqBody := sendEmailRequest{
-		From:    viper.GetString("email.from"),
-		To:      []string{to},
-		Subject: subject,
-		HTML:    html,
-	}
-
-	body, err := json.Marshal(reqBody)
-	if err != nil {
-		return "", err
-	}
-
-	req, err := http.NewRequest(
-		http.MethodPost,
-		"https://api.resend.com/emails",
-		bytes.NewReader(body),
-	)
-	if err != nil {
-		return "", err
-	}
-
-	req.Header.Set("Authorization", "Bearer "+c.apiKey)
-	req.Header.Set("Content-Type", "application/json")
-
-	resp, err := c.http.Do(req)
-	if err != nil {
-		return "", err
-	}
-	defer resp.Body.Close()
-
-	if resp.StatusCode >= 300 {
-		return "", errors.New("resend send failed")
-	}
-
-	var res sendEmailResponse
-	if err := json.NewDecoder(resp.Body).Decode(&res); err != nil {
-		return "", err
-	}
-
-	return res.ID, nil
-}

pkgs/magiclink/magiclink.go

@@ -1,51 +0,0 @@
-package magiclink
-
-import (
-	"crypto/rand"
-	"encoding/base64"
-	"sync"
-	"time"
-)
-
-type Token struct {
-	Email     string
-	ExpiresAt time.Time
-}
-
-var (
-	store = sync.Map{}
-)
-
-// Generate magic token
-func NewMagicToken(email string, ttl time.Duration) (string, error) {
-	b := make([]byte, 32)
-	if _, err := rand.Read(b); err != nil {
-		return "", err
-	}
-
-	token := base64.RawURLEncoding.EncodeToString(b)
-
-	store.Store(token, Token{
-		Email:     email,
-		ExpiresAt: time.Now().Add(ttl),
-	})
-
-	return token, nil
-}
-
-// Verify magic token
-func VerifyMagicToken(token string) (string, bool) {
-	val, ok := store.Load(token)
-	if !ok {
-		return "", false
-	}
-
-	t := val.(Token)
-	if time.Now().After(t.ExpiresAt) {
-		store.Delete(token)
-		return "", false
-	}
-
-	store.Delete(token)
-	return t.Email, true
-}

pkgs/turnstile/turnstile.go

@@ -1,34 +0,0 @@
-package turnstile
-
-import (
-	"encoding/json"
-	"net/http"
-	"net/url"
-
-	"github.com/spf13/viper"
-)
-
-func VerifyTurnstile(token, ip string) (bool, error) {
-	form := url.Values{}
-	form.Set("secret", viper.GetString("secrets.turnstile"))
-	form.Set("response", token)
-	form.Set("remoteip", ip)
-
-	resp, err := http.PostForm(
-		"https://challenges.cloudflare.com/turnstile/v0/siteverify",
-		form,
-	)
-	if err != nil {
-		return false, err
-	}
-	defer resp.Body.Close()
-
-	var result struct {
-		Success bool `json:"success"`
-	}
-	if err := json.NewDecoder(resp.Body).Decode(&result); err != nil {
-		return false, err
-	}
-
-	return result.Success, nil
-}

server/router.go

@@ -1,7 +1,7 @@
 package server
 
 import (
-	"nixcn-cms/service/auth"
+	"nixcn-cms/service/check"
 
 	"github.com/gin-gonic/gin"
 )
@@ -9,5 +9,5 @@ import (
 func Router(e *gin.Engine) {
 	// API Services
 	api := e.Group("/api/v1")
-	auth.Handler(api.Group("/auth"))
+	check.Handler(api.Group("/check"))
 }

service/auth/handler.go

@@ -1,8 +0,0 @@
-package auth
-
-import "github.com/gin-gonic/gin"
-
-func Handler(r *gin.RouterGroup) {
-	r.POST("/magic", RequestMagicLink)
-	r.GET("/magic/verify", VerifyMagicLink)
-}

service/auth/magic.go

@@ -1,80 +0,0 @@
-package auth
-
-import (
-	"net/url"
-	"nixcn-cms/internal/crypto/jwt"
-	"nixcn-cms/pkgs/magiclink"
-	"nixcn-cms/pkgs/turnstile"
-	"time"
-
-	"github.com/google/uuid"
-	log "github.com/sirupsen/logrus"
-
-	"github.com/gin-gonic/gin"
-	"github.com/spf13/viper"
-)
-
-type MagicLinkRequest struct {
-	Email          string `json:"email" binding:"required,email"`
-	TurnstileToken string `json:"turnstile_token" binding:"required"`
-}
-
-func RequestMagicLink(c *gin.Context) {
-	// Parse request
-	var req MagicLinkRequest
-	if err := c.ShouldBindJSON(&req); err != nil {
-		c.JSON(400, gin.H{"error": "invalid request"})
-		return
-	}
-
-	// Cloudflare turnstile
-	ok, err := turnstile.VerifyTurnstile(req.TurnstileToken, c.ClientIP())
-	if err != nil || !ok {
-		c.JSON(403, gin.H{"error": "turnstile failed"})
-		return
-	}
-
-	// Generate magic token
-	token, err := magiclink.NewMagicToken(req.Email, 15*time.Minute)
-	if err != nil {
-		c.JSON(500, gin.H{"error": "internal error"})
-		return
-	}
-
-	link, err := url.JoinPath(viper.GetString("server.external_url"), "/api/v1/auth/magic/verify?token="+token)
-	if err != nil {
-		log.Error("Magic link join failed!")
-		c.JSON(500, gin.H{"message": "magic link join failed"})
-		return
-	}
-
-	// TODO Send EMail
-	log.Info("Magic link:", link)
-
-	c.JSON(200, gin.H{"message": "magic link sent"})
-}
-
-func VerifyMagicLink(c *gin.Context) {
-	// Get token from url
-	token := c.Query("token")
-	if token == "" {
-		c.JSON(400, gin.H{"error": "missing token"})
-		return
-	}
-
-	// Verify email token
-	email, ok := magiclink.VerifyMagicToken(token)
-	if !ok {
-		c.JSON(401, gin.H{"error": "invalid or expired token"})
-		return
-	}
-
-	// Generate jwt
-	uuid, _ := uuid.NewUUID()
-	jwtToken, _ := jwt.GenerateToken(uuid, "application")
-
-	c.JSON(200, gin.H{
-		"jwt_token": jwtToken,
-		"email":     email,
-	})
-}

service/check/checkin.go

@@ -0,0 +1,5 @@
+package check
+
+func Checkin() {
+
+}

service/check/handler.go

@@ -1,4 +1,4 @@
-package checkin
+package check
 
 import (
 	"nixcn-cms/internal/crypto/jwt"
@@ -8,4 +8,7 @@ import (
 
 func Handler(r *gin.RouterGroup) {
 	r.Use(jwt.JWTAuth())
+	r.GET("/test", func(ctx *gin.Context) {
+		ctx.JSON(200, gin.H{"Test": "Test"})
+	})
 }