refactor(server): decouple services and improve architecture
- Introduce interfaces for all major services (JWT, PostAI, Comment, Message, Notification, QRCodeLogin, Upload, Vote, etc.) to support dependency inversion. - Move query parameters from `internal/dto` to a new `internal/query` package to separate request payloads from data transfer objects. - Refactor `internal/router` to use embedded `RouterDeps` for cleaner dependency management. - Decouple handlers from repositories by injecting services instead of direct repository access, ensuring proper layering. - Improve database initialization by moving it from `internal/model` to `internal/database`. - Optimize message decryption by implementing a more efficient `BatchDecrypt` method in `MessageEncryptor` using a worker pool. - Enhance error handling and security by implementing fail-fast checks for encryption key length during startup. - Clean up unused code, including the `avatar` package and several unused DTOs.
This commit is contained in:
@@ -1,11 +1,12 @@
|
||||
package wire
|
||||
package wire
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"time"
|
||||
|
||||
"with_you/internal/cache"
|
||||
"with_you/internal/config"
|
||||
"with_you/internal/model"
|
||||
"with_you/internal/database"
|
||||
"with_you/internal/pkg/crypto"
|
||||
"with_you/internal/pkg/email"
|
||||
"with_you/internal/pkg/hook"
|
||||
@@ -18,8 +19,8 @@ import (
|
||||
"with_you/internal/repository"
|
||||
"with_you/internal/service"
|
||||
|
||||
redisPkg "github.com/redis/go-redis/v9"
|
||||
"github.com/google/wire"
|
||||
redisPkg "github.com/redis/go-redis/v9"
|
||||
"go.uber.org/zap"
|
||||
"gorm.io/gorm"
|
||||
)
|
||||
@@ -74,7 +75,7 @@ func ProvideConfig() (*config.Config, error) {
|
||||
|
||||
// ProvideDB 提供数据库连接
|
||||
func ProvideDB(cfg *config.Config) (*gorm.DB, error) {
|
||||
return model.NewDB(&cfg.Database)
|
||||
return database.NewDB(&cfg.Database)
|
||||
}
|
||||
|
||||
// ProvideRedisClient 提供 Redis 客户端
|
||||
@@ -145,7 +146,7 @@ func ProvideBuiltinHooks(manager *hook.Manager) *hook.BuiltinHooks {
|
||||
// ProvideModerationHooks 注册审核钩子
|
||||
func ProvideModerationHooks(
|
||||
manager *hook.Manager,
|
||||
postAIService *service.PostAIService,
|
||||
postAIService service.PostAIService,
|
||||
postRepo repository.PostRepository,
|
||||
commentRepo repository.CommentRepository,
|
||||
userRepo repository.UserRepository,
|
||||
@@ -248,6 +249,7 @@ func ProvideTransactionManager(db *gorm.DB) repository.TransactionManager {
|
||||
}
|
||||
|
||||
// ProvideMessageEncryptor 提供消息加密器
|
||||
// 加密启用时密钥必须是 32 字节(AES-256),否则视为致命配置错误,启动期 fail-fast。
|
||||
func ProvideMessageEncryptor(cfg *config.Config) error {
|
||||
if !cfg.Encryption.Enabled {
|
||||
zap.L().Info("Message encryption is disabled")
|
||||
@@ -255,15 +257,12 @@ func ProvideMessageEncryptor(cfg *config.Config) error {
|
||||
}
|
||||
|
||||
if len(cfg.Encryption.Key) != 32 {
|
||||
zap.L().Error("Encryption key must be 32 bytes for AES-256",
|
||||
zap.Int("actual_length", len(cfg.Encryption.Key)),
|
||||
)
|
||||
return nil
|
||||
// 致命安全配置:不允许降级为「加密已启用但实际不加密」
|
||||
return fmt.Errorf("encryption is enabled but key must be 32 bytes for AES-256, got %d", len(cfg.Encryption.Key))
|
||||
}
|
||||
|
||||
if err := crypto.InitMessageEncryptor(cfg.Encryption.Key, cfg.Encryption.KeyVersion); err != nil {
|
||||
zap.L().Error("Failed to initialize message encryptor", zap.Error(err))
|
||||
return err
|
||||
return fmt.Errorf("failed to initialize message encryptor: %w", err)
|
||||
}
|
||||
|
||||
zap.L().Info("Message encryption initialized successfully",
|
||||
|
||||
Reference in New Issue
Block a user