loveuer/ushare
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity
Files
5f187bb5d6558538d3b9830a302efdeaef8c6c53
ushare/internal/api/api.go
loveuer 5f187bb5d6
Some checks failed
/ build ushare (push) Failing after 1m40s
Details
/ clean (push) Successful in 2s
Details
feat: add user management system with roles and permissions 
- Introduce SQLite persistence via GORM (stored at <data>/.ushare.db)
- Add Role model with two built-in roles: admin (all perms) and user (upload only)
- Add three permissions: user_manage, upload, token_manage (reserved)
- Rewrite UserManager: DB-backed login with in-memory session tokens
- Auto-seed default roles and admin user on first startup
- Add AuthPermission middleware for fine-grained permission checks
- Add /api/uauth/me endpoint for current session info
- Add /api/admin/* CRUD routes for user and role management
- Add admin console page (/admin) with user table and role permissions view
- Show admin console link in share page for users with user_manage permission

🤖 Generated with [Qoder][https://qoder.com]
2026-02-27 19:40:31 -08:00

85 lines
2.3 KiB
Go
Raw Blame History

package api
import (
"context"
"net"
"net/http"
"github.com/loveuer/nf"
"github.com/loveuer/nf/nft/log"
"github.com/loveuer/nf/nft/tool"
"github.com/loveuer/ushare/internal/handler"
"github.com/loveuer/ushare/internal/model"
"github.com/loveuer/ushare/internal/opt"
)
func Start(ctx context.Context) <-chan struct{} {
app := nf.New(nf.Config{BodyLimit: 10 * 1024 * 1024 * 1024})
app.Get("/api/healthz", func(c *nf.Ctx) error {
return c.SendStatus(http.StatusOK)
})
// Auth
app.Post("/api/uauth/login", handler.AuthLogin())
app.Get("/api/uauth/me", handler.AuthVerify(), handler.AuthMe())
// File sharing
app.Get("/ushare/:code", handler.Fetch())
app.Put("/api/ushare/:filename", handler.AuthVerify(), handler.AuthPermission(model.PermUpload), handler.ShareNew())
app.Post("/api/ushare/:code", handler.ShareUpload())
// Local sharing (WebRTC signaling)
{
api := app.Group("/api/ulocal")
api.Post("/register", handler.LocalRegister())
api.Post("/offer", handler.LocalOffer())
api.Post("/answer", handler.LocalAnswer())
api.Post("/candidate", handler.LocalCandidate())
api.Get("/clients", handler.LocalClients())
api.Get("/ws", handler.LocalWS())
}
// Admin
{
api := app.Group("/api/admin")
api.Get("/users", handler.AuthVerify(), handler.AuthPermission(model.PermUserManage), handler.AdminListUsers())
api.Post("/users", handler.AuthVerify(), handler.AuthPermission(model.PermUserManage), handler.AdminCreateUser())
api.Put("/users/:id", handler.AuthVerify(), handler.AuthPermission(model.PermUserManage), handler.AdminUpdateUser())
api.Delete("/users/:id", handler.AuthVerify(), handler.AuthPermission(model.PermUserManage), handler.AdminDeleteUser())
api.Get("/roles", handler.AuthVerify(), handler.AuthPermission(model.PermUserManage), handler.AdminListRoles())
}
// Frontend static files
app.Use(handler.ServeFrontendMiddleware())
ready := make(chan struct{})
ln, err := net.Listen("tcp", opt.Cfg.Address)
if err != nil {
log.Fatal(err.Error())
}
go func() {
ready <- struct{}{}
if err = app.RunListener(ln); err != nil {
log.Fatal(err.Error())
}
}()
<-ready
go func() {
ready <- struct{}{}
<-ctx.Done()
if err = app.Shutdown(tool.Timeout(3)); err != nil {
log.Warn(err.Error())
}
ready <- struct{}{}
}()
<-ready
return ready
}
Reference in New Issue View Git Blame Copy Permalink