refactor: use dependency injection in backend

2025-12-23 14:29:23 +00:00 · 2024-08-17 21:57:14 +02:00
parent 0595d73ea5
commit 601f6c488a
44 changed files with 2220 additions and 1751 deletions
--- a/backend/internal/middleware/cors.go
+++ b/backend/internal/middleware/cors.go
@@ -0,0 +1,24 @@
+package middleware
+
+import (
+	"github.com/stonith404/pocket-id/backend/internal/common"
+	"time"
+
+	"github.com/gin-contrib/cors"
+	"github.com/gin-gonic/gin"
+)
+
+type CorsMiddleware struct{}
+
+func NewCorsMiddleware() *CorsMiddleware {
+	return &CorsMiddleware{}
+}
+
+func (m *CorsMiddleware) Add() gin.HandlerFunc {
+	return cors.New(cors.Config{
+		AllowOrigins: []string{common.EnvConfig.AppURL},
+		AllowMethods: []string{"*"},
+		AllowHeaders: []string{"*"},
+		MaxAge:       12 * time.Hour,
+	})
+}
--- a/backend/internal/middleware/file_size_limit.go
+++ b/backend/internal/middleware/file_size_limit.go
@@ -0,0 +1,46 @@
+package middleware
+
+import (
+	"fmt"
+	"github.com/gin-gonic/gin"
+	"github.com/stonith404/pocket-id/backend/internal/utils"
+	"net/http"
+)
+
+type FileSizeLimitMiddleware struct{}
+
+func NewFileSizeLimitMiddleware() *FileSizeLimitMiddleware {
+	return &FileSizeLimitMiddleware{}
+}
+
+func (m *FileSizeLimitMiddleware) Add(maxSize int64) gin.HandlerFunc {
+	return func(c *gin.Context) {
+		c.Request.Body = http.MaxBytesReader(c.Writer, c.Request.Body, maxSize)
+		if err := c.Request.ParseMultipartForm(maxSize); err != nil {
+			utils.HandlerError(c, http.StatusRequestEntityTooLarge, fmt.Sprintf("The file can't be larger than %s bytes", formatFileSize(maxSize)))
+			c.Abort()
+			return
+		}
+		c.Next()
+	}
+}
+
+// formatFileSize formats a file size in bytes to a human-readable string
+func formatFileSize(size int64) string {
+	const (
+		KB = 1 << (10 * 1)
+		MB = 1 << (10 * 2)
+		GB = 1 << (10 * 3)
+	)
+
+	switch {
+	case size >= GB:
+		return fmt.Sprintf("%.2f GB", float64(size)/GB)
+	case size >= MB:
+		return fmt.Sprintf("%.2f MB", float64(size)/MB)
+	case size >= KB:
+		return fmt.Sprintf("%.2f KB", float64(size)/KB)
+	default:
+		return fmt.Sprintf("%d bytes", size)
+	}
+}
--- a/backend/internal/middleware/jwt_auth.go
+++ b/backend/internal/middleware/jwt_auth.go
@@ -0,0 +1,52 @@
+package middleware
+
+import (
+	"github.com/gin-gonic/gin"
+	"github.com/stonith404/pocket-id/backend/internal/service"
+	"github.com/stonith404/pocket-id/backend/internal/utils"
+	"net/http"
+	"strings"
+)
+
+type JwtAuthMiddleware struct {
+	jwtService *service.JwtService
+}
+
+func NewJwtAuthMiddleware(jwtService *service.JwtService) *JwtAuthMiddleware {
+	return &JwtAuthMiddleware{jwtService: jwtService}
+}
+
+func (m *JwtAuthMiddleware) Add(adminOnly bool) gin.HandlerFunc {
+	return func(c *gin.Context) {
+		// Extract the token from the cookie or the Authorization header
+		token, err := c.Cookie("access_token")
+		if err != nil {
+			authorizationHeaderSplitted := strings.Split(c.GetHeader("Authorization"), " ")
+			if len(authorizationHeaderSplitted) == 2 {
+				token = authorizationHeaderSplitted[1]
+			} else {
+				utils.HandlerError(c, http.StatusUnauthorized, "You're not signed in")
+				c.Abort()
+				return
+			}
+		}
+
+		claims, err := m.jwtService.VerifyAccessToken(token)
+		if err != nil {
+			utils.HandlerError(c, http.StatusUnauthorized, "You're not signed in")
+			c.Abort()
+			return
+		}
+
+		// Check if the user is an admin
+		if adminOnly && !claims.IsAdmin {
+			utils.HandlerError(c, http.StatusForbidden, "You don't have permission to access this resource")
+			c.Abort()
+			return
+		}
+
+		c.Set("userID", claims.Subject)
+		c.Set("userIsAdmin", claims.IsAdmin)
+		c.Next()
+	}
+}
--- a/backend/internal/middleware/rate_limit.go
+++ b/backend/internal/middleware/rate_limit.go
@@ -0,0 +1,81 @@
+package middleware
+
+import (
+	"github.com/stonith404/pocket-id/backend/internal/common"
+	"github.com/stonith404/pocket-id/backend/internal/utils"
+	"net/http"
+	"sync"
+	"time"
+
+	"github.com/gin-gonic/gin"
+	"golang.org/x/time/rate"
+)
+
+type RateLimitMiddleware struct{}
+
+func NewRateLimitMiddleware() *RateLimitMiddleware {
+	return &RateLimitMiddleware{}
+}
+
+func (m *RateLimitMiddleware) Add(limit rate.Limit, burst int) gin.HandlerFunc {
+	// Start the cleanup routine
+	go cleanupClients()
+
+	return func(c *gin.Context) {
+		ip := c.ClientIP()
+
+		// Skip rate limiting for localhost and test environment
+		// If the client ip is localhost the request comes from the frontend
+		if ip == "127.0.0.1" || ip == "::1" || common.EnvConfig.AppEnv == "test" {
+			c.Next()
+			return
+		}
+
+		limiter := getLimiter(ip, limit, burst)
+		if !limiter.Allow() {
+			utils.HandlerError(c, http.StatusTooManyRequests, "Too many requests. Please wait a while before trying again.")
+			c.Abort()
+			return
+		}
+
+		c.Next()
+	}
+}
+
+type client struct {
+	limiter  *rate.Limiter
+	lastSeen time.Time
+}
+
+// Map to store the rate limiters per IP
+var clients = make(map[string]*client)
+var mu sync.Mutex
+
+// Cleanup routine to remove stale clients that haven't been seen for a while
+func cleanupClients() {
+	for {
+		time.Sleep(time.Minute)
+		mu.Lock()
+		for ip, client := range clients {
+			if time.Since(client.lastSeen) > 3*time.Minute {
+				delete(clients, ip)
+			}
+		}
+		mu.Unlock()
+	}
+}
+
+// getLimiter retrieves the rate limiter for a given IP address, creating one if it doesn't exist
+func getLimiter(ip string, limit rate.Limit, burst int) *rate.Limiter {
+	mu.Lock()
+	defer mu.Unlock()
+
+	if client, exists := clients[ip]; exists {
+		client.lastSeen = time.Now()
+		return client.limiter
+	}
+
+	limiter := rate.NewLimiter(limit, burst)
+	clients[ip] = &client{limiter: limiter, lastSeen: time.Now()}
+	return limiter
+}