2026-05-06 12:39:11 +08:00
|
|
|
// Code generated by Wire. DO NOT EDIT.
|
2026-03-15 18:17:39 +08:00
|
|
|
|
|
|
|
|
//go:generate go run -mod=mod github.com/google/wire/cmd/wire
|
|
|
|
|
//go:build !wireinject
|
|
|
|
|
// +build !wireinject
|
|
|
|
|
|
|
|
|
|
package main
|
|
|
|
|
|
|
|
|
|
import (
|
feat(auth): implement session-based token management with revocation support
Add Session model, SessionService, and SessionRepository to track user login
sessions and enable token revocation on auth-critical events.
- Introduce explicit TokenType (access/refresh) in JWT claims to prevent
refresh token misuse via access token endpoints
- Add SessionID field to JWT claims, enabling stateless JWT validation
against revoked sessions
- Replace legacy Auth middleware with RequireAuth/OptionalAuth pipeline
that validates token type, account status, and session validity
- Implement session revocation on password change, reset, user ban/inactive,
and explicit logout
- Add Principal cache with active invalidation for banned/role-changed users
- Fix IDOR vulnerability: GetMessagesByCursor now validates currentUserID
is conversation participant via GetParticipantStrict
- Add group member visibility checks: announcements, group info, member list
now require group membership
- Simplify Casbin policy: remove g grouping, use r.sub == p.sub matcher
with globMatch; user_roles table is single source of truth for roles
- Add migration logic to clean legacy casbin g rules and migrate old p rules
from path-style to admin/<domain> resource naming
2026-07-05 18:28:08 +08:00
|
|
|
"with_you/internal/cache"
|
2026-04-22 16:01:59 +08:00
|
|
|
"with_you/internal/handler"
|
feat(auth): implement session-based token management with revocation support
Add Session model, SessionService, and SessionRepository to track user login
sessions and enable token revocation on auth-critical events.
- Introduce explicit TokenType (access/refresh) in JWT claims to prevent
refresh token misuse via access token endpoints
- Add SessionID field to JWT claims, enabling stateless JWT validation
against revoked sessions
- Replace legacy Auth middleware with RequireAuth/OptionalAuth pipeline
that validates token type, account status, and session validity
- Implement session revocation on password change, reset, user ban/inactive,
and explicit logout
- Add Principal cache with active invalidation for banned/role-changed users
- Fix IDOR vulnerability: GetMessagesByCursor now validates currentUserID
is conversation participant via GetParticipantStrict
- Add group member visibility checks: announcements, group info, member list
now require group membership
- Simplify Casbin policy: remove g grouping, use r.sub == p.sub matcher
with globMatch; user_roles table is single source of truth for roles
- Add migration logic to clean legacy casbin g rules and migrate old p rules
from path-style to admin/<domain> resource naming
2026-07-05 18:28:08 +08:00
|
|
|
"with_you/internal/middleware"
|
2026-04-22 16:01:59 +08:00
|
|
|
"with_you/internal/repository"
|
|
|
|
|
"with_you/internal/router"
|
|
|
|
|
"with_you/internal/service"
|
|
|
|
|
"with_you/internal/wire"
|
2026-03-15 18:17:39 +08:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
// Injectors from wire.go:
|
|
|
|
|
|
|
|
|
|
// InitializeApp 初始化应用程序
|
|
|
|
|
func InitializeApp() (*App, error) {
|
|
|
|
|
config, err := wire.ProvideConfig()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
db, err := wire.ProvideDB(config)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
userRepository := repository.NewUserRepository(db)
|
|
|
|
|
systemNotificationRepository := repository.NewSystemNotificationRepository(db)
|
|
|
|
|
pushRecordRepository := repository.NewPushRecordRepository(db)
|
|
|
|
|
deviceTokenRepository := repository.NewDeviceTokenRepository(db)
|
|
|
|
|
messageRepository := repository.NewMessageRepository(db)
|
2026-05-06 12:39:11 +08:00
|
|
|
client := wire.ProvideRedisClient(config)
|
|
|
|
|
messagePublisher := wire.ProvideWSMessagePublisher(config, client)
|
2026-04-27 23:20:24 +08:00
|
|
|
logger := wire.ProvideLogger()
|
|
|
|
|
jpushClient := wire.ProvideJPushClient(config, logger)
|
2026-06-17 20:41:55 +08:00
|
|
|
pushService := wire.ProvidePushService(pushRecordRepository, deviceTokenRepository, messageRepository, messagePublisher, jpushClient, config)
|
2026-03-15 18:17:39 +08:00
|
|
|
postRepository := repository.NewPostRepository(db)
|
|
|
|
|
cache := wire.ProvideCache(config, client)
|
|
|
|
|
systemMessageService := wire.ProvideSystemMessageService(systemNotificationRepository, pushService, userRepository, postRepository, cache)
|
|
|
|
|
emailClient := wire.ProvideEmailClient(config)
|
|
|
|
|
emailService := wire.ProvideEmailService(emailClient)
|
2026-03-15 20:38:22 +08:00
|
|
|
operationLogRepository := repository.NewOperationLogRepository(db)
|
|
|
|
|
loginLogRepository := repository.NewLoginLogRepository(db)
|
|
|
|
|
dataChangeLogRepository := repository.NewDataChangeLogRepository(db)
|
2026-03-26 18:14:16 +08:00
|
|
|
asyncLogManager := wire.ProvideAsyncLogManager(operationLogRepository, loginLogRepository, dataChangeLogRepository, logger, config)
|
2026-03-15 20:38:22 +08:00
|
|
|
operationLogService := wire.ProvideOperationLogService(asyncLogManager, operationLogRepository)
|
|
|
|
|
loginLogService := wire.ProvideLoginLogService(asyncLogManager, loginLogRepository)
|
|
|
|
|
dataChangeLogService := wire.ProvideDataChangeLogService(asyncLogManager, dataChangeLogRepository)
|
|
|
|
|
logService := wire.ProvideLogService(operationLogService, loginLogService, dataChangeLogService)
|
feat(auth): implement session-based token management with revocation support
Add Session model, SessionService, and SessionRepository to track user login
sessions and enable token revocation on auth-critical events.
- Introduce explicit TokenType (access/refresh) in JWT claims to prevent
refresh token misuse via access token endpoints
- Add SessionID field to JWT claims, enabling stateless JWT validation
against revoked sessions
- Replace legacy Auth middleware with RequireAuth/OptionalAuth pipeline
that validates token type, account status, and session validity
- Implement session revocation on password change, reset, user ban/inactive,
and explicit logout
- Add Principal cache with active invalidation for banned/role-changed users
- Fix IDOR vulnerability: GetMessagesByCursor now validates currentUserID
is conversation participant via GetParticipantStrict
- Add group member visibility checks: announcements, group info, member list
now require group membership
- Simplify Casbin policy: remove g grouping, use r.sub == p.sub matcher
with globMatch; user_roles table is single source of truth for roles
- Add migration logic to clean legacy casbin g rules and migrate old p rules
from path-style to admin/<domain> resource naming
2026-07-05 18:28:08 +08:00
|
|
|
sessionRepository := repository.NewSessionRepository(db)
|
|
|
|
|
jwtService := wire.ProvideJWTService(config)
|
|
|
|
|
sessionService := wire.ProvideSessionService(sessionRepository, jwtService)
|
|
|
|
|
userService := wire.ProvideUserService(userRepository, systemMessageService, emailService, cache, logService, sessionService)
|
2026-03-28 07:03:21 +08:00
|
|
|
userActivityRepository := wire.ProvideUserActivityRepository(db, cache)
|
|
|
|
|
userActivityService := wire.ProvideUserActivityService(userActivityRepository)
|
2026-04-15 11:50:47 +08:00
|
|
|
userProfileAuditRepository := repository.NewUserProfileAuditRepository(db)
|
|
|
|
|
manager := wire.ProvideHookManager()
|
2026-03-28 07:03:21 +08:00
|
|
|
openaiClient := wire.ProvideOpenAIClient(config)
|
2026-04-21 22:31:30 +08:00
|
|
|
tencentClient := wire.ProvideTencentClient(config)
|
|
|
|
|
postAIService := wire.ProvidePostAIService(openaiClient, tencentClient, config)
|
2026-03-28 07:03:21 +08:00
|
|
|
commentRepository := repository.NewCommentRepository(db)
|
2026-04-15 11:50:47 +08:00
|
|
|
sensitiveWordRepository := repository.NewSensitiveWordRepository(db)
|
|
|
|
|
sensitiveService := wire.ProvideSensitiveService(sensitiveWordRepository, client, config)
|
|
|
|
|
moderationHooks := wire.ProvideModerationHooks(manager, postAIService, postRepository, commentRepository, userRepository, sensitiveService, config)
|
|
|
|
|
userProfileAuditService := wire.ProvideUserProfileAuditService(userProfileAuditRepository, userRepository, manager, moderationHooks)
|
|
|
|
|
userHandler := wire.ProvideUserHandler(userService, userActivityService, logService, userProfileAuditService)
|
|
|
|
|
transactionManager := wire.ProvideTransactionManager(db)
|
2026-03-28 07:03:21 +08:00
|
|
|
builtinHooks := wire.ProvideBuiltinHooks(manager)
|
|
|
|
|
postService := wire.ProvidePostService(postRepository, systemMessageService, postAIService, cache, transactionManager, manager, moderationHooks, builtinHooks, logService)
|
2026-04-26 00:37:20 +08:00
|
|
|
postRefRepository := repository.NewPostRefRepository(db)
|
|
|
|
|
postRefService := wire.ProvidePostRefService(postRefRepository, postRepository)
|
2026-05-06 12:39:11 +08:00
|
|
|
channelRepository := repository.NewChannelRepository(db)
|
|
|
|
|
channelService := wire.ProvideChannelService(channelRepository, cache)
|
2026-04-26 00:37:20 +08:00
|
|
|
postHandler := handler.NewPostHandler(postService, postRefService, userService, channelService)
|
2026-03-28 07:03:21 +08:00
|
|
|
commentService := wire.ProvideCommentService(commentRepository, postRepository, systemMessageService, postAIService, cache, manager, logService)
|
2026-03-15 18:17:39 +08:00
|
|
|
commentHandler := handler.NewCommentHandler(commentService)
|
2026-03-25 03:57:40 +08:00
|
|
|
s3Client, err := wire.ProvideS3Client(config)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
2026-06-17 20:41:55 +08:00
|
|
|
uploadedFileRepository := repository.NewUploadedFileRepository(db)
|
|
|
|
|
uploadService := wire.ProvideUploadService(s3Client, userService, uploadedFileRepository)
|
2026-05-17 23:38:04 +08:00
|
|
|
seqBufferManager := wire.ProvideSeqBufferManager(config, client, cache)
|
|
|
|
|
pushWorker := wire.ProvidePushWorker(config, client, messagePublisher, pushService, messageRepository, userRepository)
|
|
|
|
|
conversationVersionLogRepository := repository.NewConversationVersionLogRepository(db)
|
2026-03-15 18:17:39 +08:00
|
|
|
groupRepository := repository.NewGroupRepository(db)
|
2026-03-26 18:14:16 +08:00
|
|
|
groupJoinRequestRepository := repository.NewGroupJoinRequestRepository(db)
|
2026-05-06 12:39:11 +08:00
|
|
|
groupService := wire.ProvideGroupService(groupRepository, userRepository, messageRepository, groupJoinRequestRepository, systemNotificationRepository, messagePublisher, cache)
|
feat(auth): implement session-based token management with revocation support
Add Session model, SessionService, and SessionRepository to track user login
sessions and enable token revocation on auth-critical events.
- Introduce explicit TokenType (access/refresh) in JWT claims to prevent
refresh token misuse via access token endpoints
- Add SessionID field to JWT claims, enabling stateless JWT validation
against revoked sessions
- Replace legacy Auth middleware with RequireAuth/OptionalAuth pipeline
that validates token type, account status, and session validity
- Implement session revocation on password change, reset, user ban/inactive,
and explicit logout
- Add Principal cache with active invalidation for banned/role-changed users
- Fix IDOR vulnerability: GetMessagesByCursor now validates currentUserID
is conversation participant via GetParticipantStrict
- Add group member visibility checks: announcements, group info, member list
now require group membership
- Simplify Casbin policy: remove g grouping, use r.sub == p.sub matcher
with globMatch; user_roles table is single source of truth for roles
- Add migration logic to clean legacy casbin g rules and migrate old p rules
from path-style to admin/<domain> resource naming
2026-07-05 18:28:08 +08:00
|
|
|
chatService := wire.ProvideChatService(messageRepository, userRepository, messagePublisher, cache, uploadService, pushService, seqBufferManager, pushWorker, client, conversationVersionLogRepository, config, groupService)
|
|
|
|
|
messageService := wire.ProvideMessageService(messageRepository, cache, uploadService)
|
2026-06-17 20:41:55 +08:00
|
|
|
messageHandler := wire.ProvideMessageHandler(chatService, messageService, userService, groupService, uploadService, messagePublisher)
|
2026-03-15 18:17:39 +08:00
|
|
|
notificationRepository := repository.NewNotificationRepository(db)
|
|
|
|
|
notificationService := wire.ProvideNotificationService(notificationRepository, cache)
|
|
|
|
|
notificationHandler := handler.NewNotificationHandler(notificationService)
|
|
|
|
|
uploadHandler := handler.NewUploadHandler(uploadService)
|
feat(auth): implement session-based token management with revocation support
Add Session model, SessionService, and SessionRepository to track user login
sessions and enable token revocation on auth-critical events.
- Introduce explicit TokenType (access/refresh) in JWT claims to prevent
refresh token misuse via access token endpoints
- Add SessionID field to JWT claims, enabling stateless JWT validation
against revoked sessions
- Replace legacy Auth middleware with RequireAuth/OptionalAuth pipeline
that validates token type, account status, and session validity
- Implement session revocation on password change, reset, user ban/inactive,
and explicit logout
- Add Principal cache with active invalidation for banned/role-changed users
- Fix IDOR vulnerability: GetMessagesByCursor now validates currentUserID
is conversation participant via GetParticipantStrict
- Add group member visibility checks: announcements, group info, member list
now require group membership
- Simplify Casbin policy: remove g grouping, use r.sub == p.sub matcher
with globMatch; user_roles table is single source of truth for roles
- Add migration logic to clean legacy casbin g rules and migrate old p rules
from path-style to admin/<domain> resource naming
2026-07-05 18:28:08 +08:00
|
|
|
enforcer := wire.ProvideCasbinEnforcer(config, db)
|
|
|
|
|
roleRepository := wire.ProvideRoleRepository(db)
|
|
|
|
|
casbinService := wire.ProvideCasbinService(enforcer, cache, roleRepository, config)
|
|
|
|
|
identityProvider := wire.ProvideIdentityProvider(userService, casbinService, sessionRepository)
|
2026-03-15 18:17:39 +08:00
|
|
|
pushHandler := handler.NewPushHandler(pushService)
|
2026-03-26 18:14:16 +08:00
|
|
|
systemMessageHandler := wire.ProvideSystemMessageHandler(systemMessageService)
|
2026-03-15 18:17:39 +08:00
|
|
|
groupHandler := wire.ProvideGroupHandler(groupService, userService)
|
|
|
|
|
stickerRepository := repository.NewStickerRepository(db)
|
|
|
|
|
stickerService := wire.ProvideStickerService(stickerRepository)
|
|
|
|
|
stickerHandler := handler.NewStickerHandler(stickerService)
|
|
|
|
|
voteRepository := repository.NewVoteRepository(db)
|
2026-04-11 04:23:24 +08:00
|
|
|
voteService := wire.ProvideVoteService(voteRepository, postRepository, cache, postAIService, systemMessageService, manager, logService)
|
2026-03-15 18:17:39 +08:00
|
|
|
voteHandler := handler.NewVoteHandler(voteService, postService)
|
2026-03-24 22:27:53 +08:00
|
|
|
channelHandler := handler.NewChannelHandler(channelService)
|
2026-03-15 18:17:39 +08:00
|
|
|
scheduleRepository := repository.NewScheduleRepository(db)
|
|
|
|
|
scheduleService := wire.ProvideScheduleService(scheduleRepository)
|
2026-05-07 01:08:39 +08:00
|
|
|
runnerHub := wire.ProvideRunnerHub(logger)
|
|
|
|
|
taskManager := wire.ProvideTaskManager(runnerHub, logger)
|
2026-03-15 18:17:39 +08:00
|
|
|
scheduleSyncService := wire.ProvideScheduleSyncService(taskManager, scheduleRepository, logger)
|
|
|
|
|
scheduleHandler := wire.ProvideScheduleHandler(scheduleService, scheduleSyncService)
|
2026-05-12 01:28:18 +08:00
|
|
|
gradeRepository := repository.NewGradeRepository(db)
|
|
|
|
|
gradeSyncService := wire.ProvideGradeSyncService(taskManager, gradeRepository, logger)
|
refactor(server): decouple services and improve architecture
- Introduce interfaces for all major services (JWT, PostAI, Comment, Message, Notification, QRCodeLogin, Upload, Vote, etc.) to support dependency inversion.
- Move query parameters from `internal/dto` to a new `internal/query` package to separate request payloads from data transfer objects.
- Refactor `internal/router` to use embedded `RouterDeps` for cleaner dependency management.
- Decouple handlers from repositories by injecting services instead of direct repository access, ensuring proper layering.
- Improve database initialization by moving it from `internal/model` to `internal/database`.
- Optimize message decryption by implementing a more efficient `BatchDecrypt` method in `MessageEncryptor` using a worker pool.
- Enhance error handling and security by implementing fail-fast checks for encryption key length during startup.
- Clean up unused code, including the `avatar` package and several unused DTOs.
2026-06-15 03:41:59 +08:00
|
|
|
gradeHandler := handler.NewGradeHandler(gradeSyncService)
|
2026-05-12 01:28:18 +08:00
|
|
|
examRepository := repository.NewExamRepository(db)
|
|
|
|
|
examSyncService := wire.ProvideExamSyncService(taskManager, examRepository, logger)
|
refactor(server): decouple services and improve architecture
- Introduce interfaces for all major services (JWT, PostAI, Comment, Message, Notification, QRCodeLogin, Upload, Vote, etc.) to support dependency inversion.
- Move query parameters from `internal/dto` to a new `internal/query` package to separate request payloads from data transfer objects.
- Refactor `internal/router` to use embedded `RouterDeps` for cleaner dependency management.
- Decouple handlers from repositories by injecting services instead of direct repository access, ensuring proper layering.
- Improve database initialization by moving it from `internal/model` to `internal/database`.
- Optimize message decryption by implementing a more efficient `BatchDecrypt` method in `MessageEncryptor` using a worker pool.
- Enhance error handling and security by implementing fail-fast checks for encryption key length during startup.
- Clean up unused code, including the `avatar` package and several unused DTOs.
2026-06-15 03:41:59 +08:00
|
|
|
examHandler := handler.NewExamHandler(examSyncService)
|
2026-06-08 00:25:43 +08:00
|
|
|
emptyClassroomRepository := repository.NewEmptyClassroomRepository(db)
|
|
|
|
|
emptyClassroomSyncService := wire.ProvideEmptyClassroomSyncService(taskManager, emptyClassroomRepository, logger)
|
refactor(server): decouple services and improve architecture
- Introduce interfaces for all major services (JWT, PostAI, Comment, Message, Notification, QRCodeLogin, Upload, Vote, etc.) to support dependency inversion.
- Move query parameters from `internal/dto` to a new `internal/query` package to separate request payloads from data transfer objects.
- Refactor `internal/router` to use embedded `RouterDeps` for cleaner dependency management.
- Decouple handlers from repositories by injecting services instead of direct repository access, ensuring proper layering.
- Improve database initialization by moving it from `internal/model` to `internal/database`.
- Optimize message decryption by implementing a more efficient `BatchDecrypt` method in `MessageEncryptor` using a worker pool.
- Enhance error handling and security by implementing fail-fast checks for encryption key length during startup.
- Clean up unused code, including the `avatar` package and several unused DTOs.
2026-06-15 03:41:59 +08:00
|
|
|
emptyClassroomHandler := handler.NewEmptyClassroomHandler(emptyClassroomSyncService)
|
2026-03-15 18:17:39 +08:00
|
|
|
roleService := wire.ProvideRoleService(roleRepository, casbinService)
|
|
|
|
|
roleHandler := handler.NewRoleHandler(roleService)
|
feat(auth): implement session-based token management with revocation support
Add Session model, SessionService, and SessionRepository to track user login
sessions and enable token revocation on auth-critical events.
- Introduce explicit TokenType (access/refresh) in JWT claims to prevent
refresh token misuse via access token endpoints
- Add SessionID field to JWT claims, enabling stateless JWT validation
against revoked sessions
- Replace legacy Auth middleware with RequireAuth/OptionalAuth pipeline
that validates token type, account status, and session validity
- Implement session revocation on password change, reset, user ban/inactive,
and explicit logout
- Add Principal cache with active invalidation for banned/role-changed users
- Fix IDOR vulnerability: GetMessagesByCursor now validates currentUserID
is conversation participant via GetParticipantStrict
- Add group member visibility checks: announcements, group info, member list
now require group membership
- Simplify Casbin policy: remove g grouping, use r.sub == p.sub matcher
with globMatch; user_roles table is single source of truth for roles
- Add migration logic to clean legacy casbin g rules and migrate old p rules
from path-style to admin/<domain> resource naming
2026-07-05 18:28:08 +08:00
|
|
|
adminUserService := wire.ProvideAdminUserService(userRepository, sessionService, cache)
|
2026-06-18 20:07:24 +08:00
|
|
|
adminUserHandler := handler.NewAdminUserHandler(adminUserService, pushService)
|
2026-03-28 07:03:21 +08:00
|
|
|
adminPostService := wire.ProvideAdminPostService(postRepository, cache, logService)
|
2026-03-15 18:17:39 +08:00
|
|
|
adminPostHandler := handler.NewAdminPostHandler(adminPostService)
|
2026-06-21 17:17:38 +08:00
|
|
|
adminCommentService := wire.ProvideAdminCommentService(commentRepository, postRepository, cache)
|
2026-03-15 18:17:39 +08:00
|
|
|
adminCommentHandler := handler.NewAdminCommentHandler(adminCommentService)
|
|
|
|
|
adminGroupService := wire.ProvideAdminGroupService(groupRepository, userRepository)
|
|
|
|
|
adminGroupHandler := handler.NewAdminGroupHandler(adminGroupService)
|
|
|
|
|
adminDashboardService := wire.ProvideAdminDashboardService(db, userRepository, postRepository, commentRepository, groupRepository, userActivityRepository)
|
|
|
|
|
adminDashboardHandler := handler.NewAdminDashboardHandler(adminDashboardService)
|
2026-03-15 20:38:22 +08:00
|
|
|
adminLogHandler := handler.NewAdminLogHandler(operationLogService, loginLogService, dataChangeLogService)
|
2026-05-06 12:39:11 +08:00
|
|
|
qrCodeLoginService := wire.ProvideQRCodeLoginService(client, messagePublisher, jwtService, userService, userActivityService, logService)
|
2026-03-20 12:23:28 +08:00
|
|
|
qrCodeHandler := handler.NewQRCodeHandler(qrCodeLoginService)
|
2026-03-25 20:58:55 +08:00
|
|
|
materialSubjectRepository := repository.NewMaterialSubjectRepository(db)
|
|
|
|
|
materialFileRepository := repository.NewMaterialFileRepository(db)
|
|
|
|
|
materialService := wire.ProvideMaterialService(materialSubjectRepository, materialFileRepository)
|
|
|
|
|
materialHandler := handler.NewMaterialHandler(materialService)
|
2026-03-28 07:03:21 +08:00
|
|
|
callRepository := repository.NewCallRepository(db)
|
2026-06-07 00:11:47 +08:00
|
|
|
callService := wire.ProvideCallService(callRepository, messagePublisher, config, db, client, groupService)
|
2026-03-27 01:54:34 +08:00
|
|
|
callHandler := handler.NewCallHandler(callService)
|
2026-03-30 03:44:24 +08:00
|
|
|
reportRepository := repository.NewReportRepository(db)
|
|
|
|
|
reportService := wire.ProvideReportService(reportRepository, postRepository, commentRepository, messageRepository, userRepository, systemNotificationRepository, pushService, transactionManager, operationLogService, config)
|
|
|
|
|
reportHandler := handler.NewReportHandler(reportService)
|
|
|
|
|
adminReportService := wire.ProvideAdminReportService(reportRepository, postRepository, commentRepository, messageRepository, userRepository, systemNotificationRepository, pushService, transactionManager, operationLogService)
|
|
|
|
|
adminReportHandler := handler.NewAdminReportHandler(adminReportService)
|
2026-04-05 20:27:03 +08:00
|
|
|
verificationRepository := repository.NewVerificationRepository(db)
|
|
|
|
|
verificationService := wire.ProvideVerificationService(verificationRepository, userRepository)
|
|
|
|
|
verificationHandler := handler.NewVerificationHandler(verificationService)
|
|
|
|
|
adminVerificationService := wire.ProvideAdminVerificationService(verificationRepository, userRepository)
|
refactor(server): decouple services and improve architecture
- Introduce interfaces for all major services (JWT, PostAI, Comment, Message, Notification, QRCodeLogin, Upload, Vote, etc.) to support dependency inversion.
- Move query parameters from `internal/dto` to a new `internal/query` package to separate request payloads from data transfer objects.
- Refactor `internal/router` to use embedded `RouterDeps` for cleaner dependency management.
- Decouple handlers from repositories by injecting services instead of direct repository access, ensuring proper layering.
- Improve database initialization by moving it from `internal/model` to `internal/database`.
- Optimize message decryption by implementing a more efficient `BatchDecrypt` method in `MessageEncryptor` using a worker pool.
- Enhance error handling and security by implementing fail-fast checks for encryption key length during startup.
- Clean up unused code, including the `avatar` package and several unused DTOs.
2026-06-15 03:41:59 +08:00
|
|
|
adminVerificationHandler := wire.ProvideAdminVerificationHandler(adminVerificationService, userService)
|
2026-04-15 11:50:47 +08:00
|
|
|
adminProfileAuditHandler := handler.NewAdminProfileAuditHandler(userProfileAuditService)
|
2026-04-24 15:14:44 +08:00
|
|
|
setupService := wire.ProvideSetupService(userRepository, roleRepository, casbinService, config)
|
|
|
|
|
setupHandler := wire.ProvideSetupHandler(setupService)
|
2026-05-06 15:50:47 +08:00
|
|
|
tradeRepository := repository.NewTradeRepository(db)
|
|
|
|
|
tradeService := wire.ProvideTradeService(tradeRepository)
|
|
|
|
|
tradeHandler := handler.NewTradeHandler(tradeService)
|
refactor(server): decouple services and improve architecture
- Introduce interfaces for all major services (JWT, PostAI, Comment, Message, Notification, QRCodeLogin, Upload, Vote, etc.) to support dependency inversion.
- Move query parameters from `internal/dto` to a new `internal/query` package to separate request payloads from data transfer objects.
- Refactor `internal/router` to use embedded `RouterDeps` for cleaner dependency management.
- Decouple handlers from repositories by injecting services instead of direct repository access, ensuring proper layering.
- Improve database initialization by moving it from `internal/model` to `internal/database`.
- Optimize message decryption by implementing a more efficient `BatchDecrypt` method in `MessageEncryptor` using a worker pool.
- Enhance error handling and security by implementing fail-fast checks for encryption key length during startup.
- Clean up unused code, including the `avatar` package and several unused DTOs.
2026-06-15 03:41:59 +08:00
|
|
|
wsHandler := wire.ProvideWSHandler(messagePublisher, chatService, groupService, jwtService, callService, userService)
|
2026-06-02 11:45:10 +08:00
|
|
|
liveKitService := wire.ProvideLiveKitService(config, logger)
|
|
|
|
|
liveKitHandler := wire.ProvideLiveKitHandler(liveKitService, callService, config, logger)
|
feat(auth): implement session-based token management with revocation support
Add Session model, SessionService, and SessionRepository to track user login
sessions and enable token revocation on auth-critical events.
- Introduce explicit TokenType (access/refresh) in JWT claims to prevent
refresh token misuse via access token endpoints
- Add SessionID field to JWT claims, enabling stateless JWT validation
against revoked sessions
- Replace legacy Auth middleware with RequireAuth/OptionalAuth pipeline
that validates token type, account status, and session validity
- Implement session revocation on password change, reset, user ban/inactive,
and explicit logout
- Add Principal cache with active invalidation for banned/role-changed users
- Fix IDOR vulnerability: GetMessagesByCursor now validates currentUserID
is conversation participant via GetParticipantStrict
- Add group member visibility checks: announcements, group info, member list
now require group membership
- Simplify Casbin policy: remove g grouping, use r.sub == p.sub matcher
with globMatch; user_roles table is single source of truth for roles
- Add migration logic to clean legacy casbin g rules and migrate old p rules
from path-style to admin/<domain> resource naming
2026-07-05 18:28:08 +08:00
|
|
|
router := ProvideRouter(userRepository, userHandler, postHandler, commentHandler, messageHandler, notificationHandler, uploadHandler, jwtService, sessionService, identityProvider, cache, pushHandler, systemMessageHandler, groupHandler, stickerHandler, voteHandler, channelHandler, scheduleHandler, gradeHandler, examHandler, emptyClassroomHandler, roleHandler, adminUserHandler, adminPostHandler, adminCommentHandler, adminGroupHandler, adminDashboardHandler, adminLogHandler, qrCodeHandler, materialHandler, callHandler, reportHandler, adminReportHandler, verificationHandler, adminVerificationHandler, adminProfileAuditHandler, setupHandler, tradeHandler, logService, userActivityService, casbinService, userService, wsHandler, liveKitHandler)
|
2026-05-07 01:08:39 +08:00
|
|
|
hotRankWorker := wire.ProvideHotRankWorker(config, postRepository, channelRepository, cache, client)
|
2026-06-17 20:41:55 +08:00
|
|
|
fileCleanupWorker := wire.ProvideFileCleanupWorker(config, uploadedFileRepository, s3Client, client)
|
2026-06-18 20:34:22 +08:00
|
|
|
deviceCleanupWorker := wire.ProvideDeviceCleanupWorker(config, deviceTokenRepository, client)
|
2026-05-07 01:08:39 +08:00
|
|
|
server := wire.ProvideGRPCServer(config, logger, runnerHub)
|
|
|
|
|
runnerRegistry := wire.ProvideRunnerRegistry(config, client)
|
|
|
|
|
taskDispatcher := wire.ProvideTaskDispatcher(runnerHub, runnerRegistry, config, client, logger)
|
2026-06-18 20:34:22 +08:00
|
|
|
app := NewApp(config, db, router, pushService, hotRankWorker, fileCleanupWorker, deviceCleanupWorker, server, messagePublisher, taskDispatcher, logger, pushWorker)
|
2026-03-15 18:17:39 +08:00
|
|
|
return app, nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// wire.go:
|
|
|
|
|
|
|
|
|
|
// ProvideRouter 提供路由
|
|
|
|
|
func ProvideRouter(
|
2026-04-08 02:28:10 +08:00
|
|
|
userRepo repository.UserRepository,
|
2026-03-15 18:17:39 +08:00
|
|
|
userHandler *handler.UserHandler,
|
|
|
|
|
postHandler *handler.PostHandler,
|
|
|
|
|
commentHandler *handler.CommentHandler,
|
|
|
|
|
messageHandler *handler.MessageHandler,
|
|
|
|
|
notificationHandler *handler.NotificationHandler,
|
|
|
|
|
uploadHandler *handler.UploadHandler,
|
refactor(server): decouple services and improve architecture
- Introduce interfaces for all major services (JWT, PostAI, Comment, Message, Notification, QRCodeLogin, Upload, Vote, etc.) to support dependency inversion.
- Move query parameters from `internal/dto` to a new `internal/query` package to separate request payloads from data transfer objects.
- Refactor `internal/router` to use embedded `RouterDeps` for cleaner dependency management.
- Decouple handlers from repositories by injecting services instead of direct repository access, ensuring proper layering.
- Improve database initialization by moving it from `internal/model` to `internal/database`.
- Optimize message decryption by implementing a more efficient `BatchDecrypt` method in `MessageEncryptor` using a worker pool.
- Enhance error handling and security by implementing fail-fast checks for encryption key length during startup.
- Clean up unused code, including the `avatar` package and several unused DTOs.
2026-06-15 03:41:59 +08:00
|
|
|
jwtService service.JWTService,
|
feat(auth): implement session-based token management with revocation support
Add Session model, SessionService, and SessionRepository to track user login
sessions and enable token revocation on auth-critical events.
- Introduce explicit TokenType (access/refresh) in JWT claims to prevent
refresh token misuse via access token endpoints
- Add SessionID field to JWT claims, enabling stateless JWT validation
against revoked sessions
- Replace legacy Auth middleware with RequireAuth/OptionalAuth pipeline
that validates token type, account status, and session validity
- Implement session revocation on password change, reset, user ban/inactive,
and explicit logout
- Add Principal cache with active invalidation for banned/role-changed users
- Fix IDOR vulnerability: GetMessagesByCursor now validates currentUserID
is conversation participant via GetParticipantStrict
- Add group member visibility checks: announcements, group info, member list
now require group membership
- Simplify Casbin policy: remove g grouping, use r.sub == p.sub matcher
with globMatch; user_roles table is single source of truth for roles
- Add migration logic to clean legacy casbin g rules and migrate old p rules
from path-style to admin/<domain> resource naming
2026-07-05 18:28:08 +08:00
|
|
|
sessionService service.SessionService,
|
|
|
|
|
identityProvider middleware.IdentityProvider, cache2 cache.Cache,
|
|
|
|
|
|
2026-03-15 18:17:39 +08:00
|
|
|
pushHandler *handler.PushHandler,
|
|
|
|
|
systemMessageHandler *handler.SystemMessageHandler,
|
|
|
|
|
groupHandler *handler.GroupHandler,
|
|
|
|
|
stickerHandler *handler.StickerHandler,
|
|
|
|
|
voteHandler *handler.VoteHandler,
|
2026-03-24 22:27:53 +08:00
|
|
|
channelHandler *handler.ChannelHandler,
|
2026-03-15 18:17:39 +08:00
|
|
|
scheduleHandler *handler.ScheduleHandler,
|
2026-05-12 01:28:18 +08:00
|
|
|
gradeHandler *handler.GradeHandler,
|
|
|
|
|
examHandler *handler.ExamHandler,
|
2026-06-08 00:25:43 +08:00
|
|
|
emptyClassroomHandler *handler.EmptyClassroomHandler,
|
2026-03-15 18:17:39 +08:00
|
|
|
roleHandler *handler.RoleHandler,
|
|
|
|
|
adminUserHandler *handler.AdminUserHandler,
|
|
|
|
|
adminPostHandler *handler.AdminPostHandler,
|
|
|
|
|
adminCommentHandler *handler.AdminCommentHandler,
|
|
|
|
|
adminGroupHandler *handler.AdminGroupHandler,
|
|
|
|
|
adminDashboardHandler *handler.AdminDashboardHandler,
|
2026-03-15 20:38:22 +08:00
|
|
|
adminLogHandler *handler.AdminLogHandler,
|
2026-03-20 12:23:28 +08:00
|
|
|
qrcodeHandler *handler.QRCodeHandler,
|
2026-03-25 20:58:55 +08:00
|
|
|
materialHandler *handler.MaterialHandler,
|
2026-03-27 01:54:34 +08:00
|
|
|
callHandler *handler.CallHandler,
|
2026-03-30 03:44:24 +08:00
|
|
|
reportHandler *handler.ReportHandler,
|
|
|
|
|
adminReportHandler *handler.AdminReportHandler,
|
2026-04-05 20:27:03 +08:00
|
|
|
verificationHandler *handler.VerificationHandler,
|
|
|
|
|
adminVerificationHandler *handler.AdminVerificationHandler,
|
2026-04-15 11:50:47 +08:00
|
|
|
adminProfileAuditHandler *handler.AdminProfileAuditHandler,
|
2026-04-24 15:14:44 +08:00
|
|
|
setupHandler *handler.SetupHandler,
|
2026-05-06 15:50:47 +08:00
|
|
|
tradeHandler *handler.TradeHandler,
|
2026-03-15 20:38:22 +08:00
|
|
|
logService *service.LogService,
|
2026-03-15 18:17:39 +08:00
|
|
|
activityService service.UserActivityService,
|
|
|
|
|
casbinService service.CasbinService,
|
refactor(server): decouple services and improve architecture
- Introduce interfaces for all major services (JWT, PostAI, Comment, Message, Notification, QRCodeLogin, Upload, Vote, etc.) to support dependency inversion.
- Move query parameters from `internal/dto` to a new `internal/query` package to separate request payloads from data transfer objects.
- Refactor `internal/router` to use embedded `RouterDeps` for cleaner dependency management.
- Decouple handlers from repositories by injecting services instead of direct repository access, ensuring proper layering.
- Improve database initialization by moving it from `internal/model` to `internal/database`.
- Optimize message decryption by implementing a more efficient `BatchDecrypt` method in `MessageEncryptor` using a worker pool.
- Enhance error handling and security by implementing fail-fast checks for encryption key length during startup.
- Clean up unused code, including the `avatar` package and several unused DTOs.
2026-06-15 03:41:59 +08:00
|
|
|
userService service.UserService,
|
2026-03-26 21:17:49 +08:00
|
|
|
wsHandler *handler.WSHandler,
|
2026-06-02 11:45:10 +08:00
|
|
|
liveKitHandler *handler.LiveKitHandler,
|
2026-03-15 18:17:39 +08:00
|
|
|
) *router.Router {
|
2026-05-04 13:07:03 +08:00
|
|
|
return router.New(router.RouterDeps{
|
|
|
|
|
UserRepo: userRepo,
|
|
|
|
|
UserHandler: userHandler,
|
|
|
|
|
PostHandler: postHandler,
|
|
|
|
|
CommentHandler: commentHandler,
|
|
|
|
|
MessageHandler: messageHandler,
|
|
|
|
|
NotificationHandler: notificationHandler,
|
|
|
|
|
UploadHandler: uploadHandler,
|
|
|
|
|
JWTService: jwtService,
|
feat(auth): implement session-based token management with revocation support
Add Session model, SessionService, and SessionRepository to track user login
sessions and enable token revocation on auth-critical events.
- Introduce explicit TokenType (access/refresh) in JWT claims to prevent
refresh token misuse via access token endpoints
- Add SessionID field to JWT claims, enabling stateless JWT validation
against revoked sessions
- Replace legacy Auth middleware with RequireAuth/OptionalAuth pipeline
that validates token type, account status, and session validity
- Implement session revocation on password change, reset, user ban/inactive,
and explicit logout
- Add Principal cache with active invalidation for banned/role-changed users
- Fix IDOR vulnerability: GetMessagesByCursor now validates currentUserID
is conversation participant via GetParticipantStrict
- Add group member visibility checks: announcements, group info, member list
now require group membership
- Simplify Casbin policy: remove g grouping, use r.sub == p.sub matcher
with globMatch; user_roles table is single source of truth for roles
- Add migration logic to clean legacy casbin g rules and migrate old p rules
from path-style to admin/<domain> resource naming
2026-07-05 18:28:08 +08:00
|
|
|
SessionService: sessionService,
|
|
|
|
|
IdentityProvider: identityProvider,
|
|
|
|
|
Cache: cache2,
|
2026-05-04 13:07:03 +08:00
|
|
|
PushHandler: pushHandler,
|
|
|
|
|
SystemMessageHandler: systemMessageHandler,
|
|
|
|
|
GroupHandler: groupHandler,
|
|
|
|
|
StickerHandler: stickerHandler,
|
|
|
|
|
VoteHandler: voteHandler,
|
|
|
|
|
ChannelHandler: channelHandler,
|
|
|
|
|
ScheduleHandler: scheduleHandler,
|
2026-05-12 01:28:18 +08:00
|
|
|
GradeHandler: gradeHandler,
|
|
|
|
|
ExamHandler: examHandler,
|
2026-06-08 00:25:43 +08:00
|
|
|
EmptyClassroomHandler: emptyClassroomHandler,
|
2026-05-04 13:07:03 +08:00
|
|
|
RoleHandler: roleHandler,
|
|
|
|
|
AdminUserHandler: adminUserHandler,
|
|
|
|
|
AdminPostHandler: adminPostHandler,
|
|
|
|
|
AdminCommentHandler: adminCommentHandler,
|
|
|
|
|
AdminGroupHandler: adminGroupHandler,
|
|
|
|
|
AdminDashboardHandler: adminDashboardHandler,
|
|
|
|
|
AdminLogHandler: adminLogHandler,
|
|
|
|
|
QRCodeHandler: qrcodeHandler,
|
|
|
|
|
MaterialHandler: materialHandler,
|
|
|
|
|
CallHandler: callHandler,
|
2026-06-02 11:45:10 +08:00
|
|
|
LiveKitHandler: liveKitHandler,
|
2026-05-04 13:07:03 +08:00
|
|
|
ReportHandler: reportHandler,
|
|
|
|
|
AdminReportHandler: adminReportHandler,
|
|
|
|
|
VerificationHandler: verificationHandler,
|
|
|
|
|
AdminVerificationHandler: adminVerificationHandler,
|
|
|
|
|
AdminProfileAuditHandler: adminProfileAuditHandler,
|
|
|
|
|
SetupHandler: setupHandler,
|
2026-05-06 15:50:47 +08:00
|
|
|
TradeHandler: tradeHandler,
|
2026-05-04 13:07:03 +08:00
|
|
|
LogService: logService,
|
|
|
|
|
ActivityService: activityService,
|
|
|
|
|
CasbinService: casbinService,
|
refactor(server): decouple services and improve architecture
- Introduce interfaces for all major services (JWT, PostAI, Comment, Message, Notification, QRCodeLogin, Upload, Vote, etc.) to support dependency inversion.
- Move query parameters from `internal/dto` to a new `internal/query` package to separate request payloads from data transfer objects.
- Refactor `internal/router` to use embedded `RouterDeps` for cleaner dependency management.
- Decouple handlers from repositories by injecting services instead of direct repository access, ensuring proper layering.
- Improve database initialization by moving it from `internal/model` to `internal/database`.
- Optimize message decryption by implementing a more efficient `BatchDecrypt` method in `MessageEncryptor` using a worker pool.
- Enhance error handling and security by implementing fail-fast checks for encryption key length during startup.
- Clean up unused code, including the `avatar` package and several unused DTOs.
2026-06-15 03:41:59 +08:00
|
|
|
UserService: userService,
|
2026-05-04 13:07:03 +08:00
|
|
|
WSHandler: wsHandler,
|
|
|
|
|
})
|
2026-03-15 18:17:39 +08:00
|
|
|
}
|