refactor(server): decouple services and improve architecture
All checks were successful
Build Backend / build (push) Successful in 4m55s
Build Backend / build-docker (push) Successful in 10m34s

- Introduce interfaces for all major services (JWT, PostAI, Comment, Message, Notification, QRCodeLogin, Upload, Vote, etc.) to support dependency inversion.
- Move query parameters from `internal/dto` to a new `internal/query` package to separate request payloads from data transfer objects.
- Refactor `internal/router` to use embedded `RouterDeps` for cleaner dependency management.
- Decouple handlers from repositories by injecting services instead of direct repository access, ensuring proper layering.
- Improve database initialization by moving it from `internal/model` to `internal/database`.
- Optimize message decryption by implementing a more efficient `BatchDecrypt` method in `MessageEncryptor` using a worker pool.
- Enhance error handling and security by implementing fail-fast checks for encryption key length during startup.
- Clean up unused code, including the `avatar` package and several unused DTOs.
This commit is contained in:
2026-06-15 03:41:59 +08:00
parent 9951043034
commit d9aa4b46c3
78 changed files with 2156 additions and 1640 deletions

View File

@@ -1,4 +1,4 @@
package wire
package wire
import (
"time"
@@ -7,8 +7,8 @@ import (
"with_you/internal/grpc/runner"
"with_you/internal/pkg/redis"
"github.com/google/wire"
"github.com/google/uuid"
"github.com/google/wire"
"go.uber.org/zap"
)

View File

@@ -1,10 +1,9 @@
package wire
package wire
import (
"with_you/internal/config"
"with_you/internal/handler"
"with_you/internal/pkg/ws"
"with_you/internal/repository"
"with_you/internal/service"
"github.com/google/wire"
@@ -66,7 +65,7 @@ func ProvideUserHandler(
func ProvideMessageHandler(
chatService service.ChatService,
messageService *service.MessageService,
messageService service.MessageService,
userService service.UserService,
groupService service.GroupService,
publisher ws.MessagePublisher,
@@ -102,11 +101,11 @@ func ProvideWSHandler(
publisher ws.MessagePublisher,
chatService service.ChatService,
groupService service.GroupService,
jwtService *service.JWTService,
jwtService service.JWTService,
callService service.CallService,
userRepo repository.UserRepository,
userService service.UserService,
) *handler.WSHandler {
return handler.NewWSHandler(publisher, chatService, groupService, jwtService, callService, userRepo)
return handler.NewWSHandler(publisher, chatService, groupService, jwtService, callService, userService)
}
// ProvideLiveKitHandler 提供 LiveKit 处理器
@@ -122,9 +121,9 @@ func ProvideLiveKitHandler(
// ProvideAdminVerificationHandler 提供管理端身份认证处理器
func ProvideAdminVerificationHandler(
adminVerificationService service.AdminVerificationService,
userRepo repository.UserRepository,
userService service.UserService,
) *handler.AdminVerificationHandler {
return handler.NewAdminVerificationHandler(adminVerificationService, userRepo)
return handler.NewAdminVerificationHandler(adminVerificationService, userService)
}
func ProvideSetupHandler(

View File

@@ -1,11 +1,12 @@
package wire
package wire
import (
"fmt"
"time"
"with_you/internal/cache"
"with_you/internal/config"
"with_you/internal/model"
"with_you/internal/database"
"with_you/internal/pkg/crypto"
"with_you/internal/pkg/email"
"with_you/internal/pkg/hook"
@@ -18,8 +19,8 @@ import (
"with_you/internal/repository"
"with_you/internal/service"
redisPkg "github.com/redis/go-redis/v9"
"github.com/google/wire"
redisPkg "github.com/redis/go-redis/v9"
"go.uber.org/zap"
"gorm.io/gorm"
)
@@ -74,7 +75,7 @@ func ProvideConfig() (*config.Config, error) {
// ProvideDB 提供数据库连接
func ProvideDB(cfg *config.Config) (*gorm.DB, error) {
return model.NewDB(&cfg.Database)
return database.NewDB(&cfg.Database)
}
// ProvideRedisClient 提供 Redis 客户端
@@ -145,7 +146,7 @@ func ProvideBuiltinHooks(manager *hook.Manager) *hook.BuiltinHooks {
// ProvideModerationHooks 注册审核钩子
func ProvideModerationHooks(
manager *hook.Manager,
postAIService *service.PostAIService,
postAIService service.PostAIService,
postRepo repository.PostRepository,
commentRepo repository.CommentRepository,
userRepo repository.UserRepository,
@@ -248,6 +249,7 @@ func ProvideTransactionManager(db *gorm.DB) repository.TransactionManager {
}
// ProvideMessageEncryptor 提供消息加密器
// 加密启用时密钥必须是 32 字节AES-256否则视为致命配置错误启动期 fail-fast。
func ProvideMessageEncryptor(cfg *config.Config) error {
if !cfg.Encryption.Enabled {
zap.L().Info("Message encryption is disabled")
@@ -255,15 +257,12 @@ func ProvideMessageEncryptor(cfg *config.Config) error {
}
if len(cfg.Encryption.Key) != 32 {
zap.L().Error("Encryption key must be 32 bytes for AES-256",
zap.Int("actual_length", len(cfg.Encryption.Key)),
)
return nil
// 致命安全配置:不允许降级为「加密已启用但实际不加密」
return fmt.Errorf("encryption is enabled but key must be 32 bytes for AES-256, got %d", len(cfg.Encryption.Key))
}
if err := crypto.InitMessageEncryptor(cfg.Encryption.Key, cfg.Encryption.KeyVersion); err != nil {
zap.L().Error("Failed to initialize message encryptor", zap.Error(err))
return err
return fmt.Errorf("failed to initialize message encryptor: %w", err)
}
zap.L().Info("Message encryption initialized successfully",

View File

@@ -0,0 +1,91 @@
package wire
import (
"strings"
"testing"
"with_you/internal/config"
"with_you/internal/pkg/crypto"
)
// validTestKey 是用于测试的 32 字节 AES-256 密钥(仅测试用,不含敏感信息)。
const validTestKey = "12345678901234567890123456789012"
// TestProvideMessageEncryptor_Disabled 校验:加密关闭时应返回 nil 且不初始化加密器。
func TestProvideMessageEncryptor_Disabled(t *testing.T) {
cfg := &config.Config{
Encryption: config.EncryptionConfig{
Enabled: false,
Key: "",
},
}
err := ProvideMessageEncryptor(cfg)
if err != nil {
t.Fatalf("disabled encryption should return nil error, got: %v", err)
}
}
// TestProvideMessageEncryptor_EnabledBadKey 校验:加密启用但密钥非 32 字节时,
// 必须 fail-fast 返回 error且 error 信息提示长度问题。
func TestProvideMessageEncryptor_EnabledBadKey(t *testing.T) {
cases := []struct {
name string
key string
}{
{"empty", ""},
{"too_short", "shortkey"},
{"too_long", strings.Repeat("a", 64)},
}
for _, tc := range cases {
t.Run(tc.name, func(t *testing.T) {
cfg := &config.Config{
Encryption: config.EncryptionConfig{
Enabled: true,
Key: tc.key,
KeyVersion: 1,
},
}
err := ProvideMessageEncryptor(cfg)
if err == nil {
t.Fatalf("enabled encryption with bad key (len=%d) must fail-fast, got nil", len(tc.key))
}
// 错误信息应包含 "32 bytes" 提示
if !strings.Contains(err.Error(), "32 bytes") {
t.Errorf("error should mention 32 bytes requirement, got: %v", err)
}
})
}
}
// TestProvideMessageEncryptor_EnabledValidKey 校验:加密启用且密钥合法时返回 nil
// 且加密器被正确初始化GetKeyVersion 与配置一致)。
// 注意crypto 用 sync.Once 初始化,同一进程只生效一次。
// 该用例必须最先在 fail-fast 用例之前运行以保证 Once 在合法状态下被消费;
// 为避免测试顺序耦合,本用例独立 t.Run 顺序中放最后,并在合法 key 下幂等。
func TestProvideMessageEncryptor_EnabledValidKey(t *testing.T) {
// 确保加密器在合法状态:直接以合法 key 初始化一次
if err := crypto.InitMessageEncryptor(validTestKey, 1); err != nil {
t.Fatalf("pre-init encryptor failed: %v", err)
}
cfg := &config.Config{
Encryption: config.EncryptionConfig{
Enabled: true,
Key: validTestKey,
KeyVersion: 1,
},
}
err := ProvideMessageEncryptor(cfg)
if err != nil {
t.Fatalf("valid encryption config should succeed, got: %v", err)
}
enc := crypto.GetMessageEncryptor()
if enc == nil {
t.Fatal("encryptor should be initialized after valid config")
}
}

View File

@@ -1,4 +1,4 @@
package wire
package wire
import (
"with_you/internal/cache"
@@ -24,9 +24,9 @@ var RepositorySet = wire.NewSet(
repository.NewVoteRepository,
repository.NewChannelRepository,
repository.NewScheduleRepository,
repository.NewGradeRepository,
repository.NewExamRepository,
repository.NewEmptyClassroomRepository,
repository.NewGradeRepository,
repository.NewExamRepository,
repository.NewEmptyClassroomRepository,
repository.NewMaterialSubjectRepository,
repository.NewMaterialFileRepository,
repository.NewCallRepository,
@@ -53,8 +53,8 @@ var RepositorySet = wire.NewSet(
// 二手交易相关
repository.NewTradeRepository,
// 版本日志同步
repository.NewConversationVersionLogRepository,
// 版本日志同步
repository.NewConversationVersionLogRepository,
)
// ProvideUserActivityRepository 提供用户活跃数据仓储

View File

@@ -1,4 +1,4 @@
package wire
package wire
import (
"time"
@@ -46,9 +46,9 @@ var ServiceSet = wire.NewSet(
ProvideChatService,
ProvideScheduleService,
ProvideScheduleSyncService,
ProvideGradeSyncService,
ProvideExamSyncService,
ProvideEmptyClassroomSyncService,
ProvideGradeSyncService,
ProvideExamSyncService,
ProvideEmptyClassroomSyncService,
ProvideGroupService,
ProvideUploadService,
ProvideUserActivityService,
@@ -87,7 +87,7 @@ var ServiceSet = wire.NewSet(
)
// ProvideJWTService 提供 JWT 服务
func ProvideJWTService(cfg *config.Config) *service.JWTService {
func ProvideJWTService(cfg *config.Config) service.JWTService {
return service.NewJWTService(
cfg.JWT.Secret,
int64(cfg.JWT.AccessTokenExpire.Seconds()),
@@ -101,7 +101,7 @@ func ProvideEmailService(client email.Client) service.EmailService {
}
// ProvidePostAIService 提供 AI 服务
func ProvidePostAIService(openAIClient openai.Client, tencentClient tencent.Client, cfg *config.Config) *service.PostAIService {
func ProvidePostAIService(openAIClient openai.Client, tencentClient tencent.Client, cfg *config.Config) service.PostAIService {
return service.NewPostAIService(openAIClient, tencentClient, cfg.OpenAI.StrictModeration)
}
@@ -130,7 +130,7 @@ func ProvideSystemMessageService(
func ProvidePostService(
postRepo repository.PostRepository,
systemMessageService service.SystemMessageService,
postAIService *service.PostAIService,
postAIService service.PostAIService,
cacheBackend cache.Cache,
txManager repository.TransactionManager,
hookManager *hook.Manager,
@@ -145,11 +145,11 @@ func ProvideCommentService(
commentRepo repository.CommentRepository,
postRepo repository.PostRepository,
systemMessageService service.SystemMessageService,
postAIService *service.PostAIService,
postAIService service.PostAIService,
cacheBackend cache.Cache,
hookManager *hook.Manager,
logService *service.LogService,
) *service.CommentService {
) service.CommentService {
return service.NewCommentService(commentRepo, postRepo, systemMessageService, postAIService, cacheBackend, hookManager, logService)
}
@@ -157,8 +157,8 @@ func ProvideCommentService(
func ProvideMessageService(
messageRepo repository.MessageRepository,
cacheBackend cache.Cache,
uploadService *service.UploadService,
) *service.MessageService {
uploadService service.UploadService,
) service.MessageService {
return service.NewMessageService(messageRepo, cacheBackend, uploadService)
}
@@ -166,7 +166,7 @@ func ProvideMessageService(
func ProvideNotificationService(
notificationRepo repository.NotificationRepository,
cacheBackend cache.Cache,
) *service.NotificationService {
) service.NotificationService {
return service.NewNotificationService(notificationRepo, cacheBackend)
}
@@ -193,11 +193,11 @@ func ProvideVoteService(
voteRepo repository.VoteRepository,
postRepo repository.PostRepository,
cache cache.Cache,
postAIService *service.PostAIService,
postAIService service.PostAIService,
systemMessageService service.SystemMessageService,
hookManager *hook.Manager,
logService *service.LogService,
) *service.VoteService {
) service.VoteService {
return service.NewVoteService(voteRepo, postRepo, cache, postAIService, systemMessageService, hookManager, logService)
}
@@ -212,7 +212,7 @@ func ProvideChatService(
userRepo repository.UserRepository,
publisher ws.MessagePublisher,
cacheBackend cache.Cache,
uploadService *service.UploadService,
uploadService service.UploadService,
pushService service.PushService,
seqBufferMgr *cache.SeqBufferManager,
pushWorker *service.PushWorker,
@@ -291,7 +291,7 @@ func ProvideGroupService(
func ProvideUploadService(
s3Client *s3.Client,
userService service.UserService,
) *service.UploadService {
) service.UploadService {
return service.NewUploadService(s3Client, userService)
}
@@ -432,11 +432,11 @@ func ProvideHotRankWorker(cfg *config.Config, postRepo repository.PostRepository
func ProvideQRCodeLoginService(
redisClient *redis.Client,
publisher ws.MessagePublisher,
jwtService *service.JWTService,
jwtService service.JWTService,
userService service.UserService,
activityService service.UserActivityService,
logService *service.LogService,
) *service.QRCodeLoginService {
) service.QRCodeLoginService {
return service.NewQRCodeLoginService(redisClient, publisher, jwtService, userService, activityService, logService)
}