refactor(server): decouple services and improve architecture
All checks were successful
Build Backend / build (push) Successful in 4m55s
Build Backend / build-docker (push) Successful in 10m34s

- Introduce interfaces for all major services (JWT, PostAI, Comment, Message, Notification, QRCodeLogin, Upload, Vote, etc.) to support dependency inversion.
- Move query parameters from `internal/dto` to a new `internal/query` package to separate request payloads from data transfer objects.
- Refactor `internal/router` to use embedded `RouterDeps` for cleaner dependency management.
- Decouple handlers from repositories by injecting services instead of direct repository access, ensuring proper layering.
- Improve database initialization by moving it from `internal/model` to `internal/database`.
- Optimize message decryption by implementing a more efficient `BatchDecrypt` method in `MessageEncryptor` using a worker pool.
- Enhance error handling and security by implementing fail-fast checks for encryption key length during startup.
- Clean up unused code, including the `avatar` package and several unused DTOs.
This commit is contained in:
2026-06-15 03:41:59 +08:00
parent 9951043034
commit d9aa4b46c3
78 changed files with 2156 additions and 1640 deletions

View File

@@ -1,11 +1,12 @@
package wire
package wire
import (
"fmt"
"time"
"with_you/internal/cache"
"with_you/internal/config"
"with_you/internal/model"
"with_you/internal/database"
"with_you/internal/pkg/crypto"
"with_you/internal/pkg/email"
"with_you/internal/pkg/hook"
@@ -18,8 +19,8 @@ import (
"with_you/internal/repository"
"with_you/internal/service"
redisPkg "github.com/redis/go-redis/v9"
"github.com/google/wire"
redisPkg "github.com/redis/go-redis/v9"
"go.uber.org/zap"
"gorm.io/gorm"
)
@@ -74,7 +75,7 @@ func ProvideConfig() (*config.Config, error) {
// ProvideDB 提供数据库连接
func ProvideDB(cfg *config.Config) (*gorm.DB, error) {
return model.NewDB(&cfg.Database)
return database.NewDB(&cfg.Database)
}
// ProvideRedisClient 提供 Redis 客户端
@@ -145,7 +146,7 @@ func ProvideBuiltinHooks(manager *hook.Manager) *hook.BuiltinHooks {
// ProvideModerationHooks 注册审核钩子
func ProvideModerationHooks(
manager *hook.Manager,
postAIService *service.PostAIService,
postAIService service.PostAIService,
postRepo repository.PostRepository,
commentRepo repository.CommentRepository,
userRepo repository.UserRepository,
@@ -248,6 +249,7 @@ func ProvideTransactionManager(db *gorm.DB) repository.TransactionManager {
}
// ProvideMessageEncryptor 提供消息加密器
// 加密启用时密钥必须是 32 字节AES-256否则视为致命配置错误启动期 fail-fast。
func ProvideMessageEncryptor(cfg *config.Config) error {
if !cfg.Encryption.Enabled {
zap.L().Info("Message encryption is disabled")
@@ -255,15 +257,12 @@ func ProvideMessageEncryptor(cfg *config.Config) error {
}
if len(cfg.Encryption.Key) != 32 {
zap.L().Error("Encryption key must be 32 bytes for AES-256",
zap.Int("actual_length", len(cfg.Encryption.Key)),
)
return nil
// 致命安全配置:不允许降级为「加密已启用但实际不加密」
return fmt.Errorf("encryption is enabled but key must be 32 bytes for AES-256, got %d", len(cfg.Encryption.Key))
}
if err := crypto.InitMessageEncryptor(cfg.Encryption.Key, cfg.Encryption.KeyVersion); err != nil {
zap.L().Error("Failed to initialize message encryptor", zap.Error(err))
return err
return fmt.Errorf("failed to initialize message encryptor: %w", err)
}
zap.L().Info("Message encryption initialized successfully",