Commit Graph

140 Commits

Author SHA1 Message Date
lafay
15f0f1605e feat(post): implement share recording functionality
All checks were successful
Build Backend / build (push) Successful in 13m16s
Build Backend / build-docker (push) Successful in 1m4s
- Added RecordShare method in PostHandler to handle sharing posts and increment share count.
- Introduced IncrementShares method in PostRepository to update shares_count for published posts.
- Updated PostService to include RecordShare, ensuring cache invalidation for post details and lists.
- Integrated new share route in the router for handling share requests.
2026-03-24 05:21:36 +08:00
lafay
176cd20847 refactor: remove Gorse integration and implement HotRank feature
Some checks failed
Build Backend / build-docker (push) Has been cancelled
Build Backend / build (push) Has been cancelled
- Removed Gorse-related configurations, handlers, and dependencies from the codebase.
- Introduced HotRank feature with configuration options for ranking posts based on recent activity.
- Updated application structure to support HotRank processing, including new caching mechanisms and database interactions.
- Cleaned up related DTOs and repository methods to reflect the removal of Gorse and the addition of HotRank functionality.
2026-03-24 05:18:30 +08:00
lafay
b41567a39a fix(handler): adjust SSE heartbeat interval and cache control header
All checks were successful
Build Backend / build (push) Successful in 14m55s
Build Backend / build-docker (push) Successful in 1m0s
- Updated Cache-Control header to include 'no-transform'.
- Reduced heartbeat interval from 25 seconds to 10 seconds to accommodate common proxy idle timeouts.
- Added comments for clarity on keepalive handling for SSE intermediaries and proxies.
2026-03-24 04:23:23 +08:00
lafay
ab4ee30690 chore(ci): downgrade actions/upload-artifact and actions/download-artifact to version 3 in build workflow
All checks were successful
Build Backend / build (push) Successful in 19m32s
Build Backend / build-docker (push) Successful in 1m0s
2026-03-23 14:38:39 +08:00
lafay
081e44c4ff chore(ci, dto): update build workflow and enhance post DTOs
Some checks failed
Build Backend / build (push) Failing after 13m9s
Build Backend / build-docker (push) Has been skipped
- Added NODE_NO_WARNINGS environment variable to build and deploy workflows.
- Upgraded actions/upload-artifact and actions/download-artifact to version 4 in the build workflow.
- Introduced ContentEditedAt field in PostResponse and PostDetailResponse DTOs to track content modification timestamps.
- Updated post conversion functions to include ContentEditedAt in responses.
- Ensured ContentEditedAt is set during post updates in the repository.
2026-03-23 14:08:36 +08:00
lafay
d2969a32de ci: update Docker build cache configuration to use registry
All checks were successful
Build Backend / build (push) Successful in 14m14s
Build Backend / build-docker (push) Successful in 1m12s
2026-03-23 03:08:21 +08:00
lafay
9d546b9989 refactor(dto, repository): standardize pagination field names and update moderation status handling
Some checks failed
Build Backend / build (push) Successful in 12m39s
Build Backend / build-docker (push) Failing after 2m0s
- Changed JSON field names from "items" to "list" in various cursor pagination response DTOs for consistency.
- Updated moderation status update methods in CommentRepository and PostRepository to use UpdateColumn for better clarity and to ensure that moderation actions do not affect content update timestamps.
2026-03-23 01:06:41 +08:00
lafay
fa68f101de ci: 添加Go模块缓存和Docker构建缓存
Some checks failed
Build Backend / build (push) Successful in 12m35s
Build Backend / build-docker (push) Failing after 1m55s
2026-03-21 14:15:27 +08:00
lafay
d7c7a51f77 refactor(notification): migrate cursor pagination to use unified cursor package
All checks were successful
Build Backend / build (push) Successful in 3m58s
Build Backend / build-docker (push) Successful in 2m52s
- Add new GetByReceiverIDCursor method with context support and generic cursor types
- Rename old implementation to GetByReceiverIDCursorLegacy for backward compatibility
- Update handler to use legacy interface temporarily during migration
- Use CursorBuilder pattern for consistent pagination across services
2026-03-21 03:21:07 +08:00
lafay
639ee55696 feat(wire): add moderation and builtin hooks to post service wiring
All checks were successful
Build Backend / build (push) Successful in 3m57s
Build Backend / build-docker (push) Successful in 4m43s
Add wire providers for ModerationHooks and BuiltinHooks, injecting them
into PostService via dependency injection. Hooks are passed as blank
identifiers to trigger their initialization and registration side effects.
2026-03-21 02:53:38 +08:00
lafay
1a48bb440c feat(api): add cursor-based pagination for system messages
Some checks failed
Build Backend / build-docker (push) Has been cancelled
Build Backend / build (push) Has been cancelled
- Add SystemMessageCursorPageResponse DTO for cursor pagination
- Implement GetSystemMessagesByCursor handler method
- Add GetByReceiverIDCursor repository method with cursor decoding
- Maintain backward compatibility with existing offset-based pagination
2026-03-21 02:48:06 +08:00
lafay
687ac92aea feat(api): add tab-based post feed endpoints with cursor pagination
Some checks failed
Build Backend / build (push) Successful in 3m58s
Build Backend / build-docker (push) Failing after 4m49s
Add support for different post feed types via tab parameter:
- follow: posts from followed users (requires authentication)
- hot: trending posts using Gorse most_liked_weekly or database fallback
- recommend: personalized recommendations with random offset for diversity
- latest: default chronological feed

The cursor pagination detection is also improved to check for parameter
existence rather than non-empty string value.
2026-03-21 02:24:11 +08:00
lafay
57058b04da fix(response): correct error status mapping and response structure
All checks were successful
Build Backend / build (push) Successful in 4m46s
Build Backend / build-docker (push) Successful in 5m33s
Map INVALID_CREDENTIALS to http.StatusBadRequest (400) instead of
http.StatusUnauthorized (401) to better align with client error semantics.

Update ErrorWithStringCode to return the HTTP status code in the 'code'
field and set 'data' to nil, removing the legacy compatibility workaround
that set 'code' to 0.

BREAKING CHANGE: Response structure for ErrorWithStringCode changed (Code
field now returns status code, Data is nil) and INVALID_CREDENTIALS status
changed from 401 to 400.
2026-03-21 01:35:57 +08:00
lafay
92babe509f feat(api): add cursor-based pagination for posts, comments, messages, groups, and notifications
All checks were successful
Build Backend / build (push) Successful in 4m42s
Build Backend / build-docker (push) Successful in 3m53s
Implement cursor-based pagination across multiple API endpoints to improve performance and enable efficient infinite scrolling. This replaces traditional offset-based pagination for high-volume data retrieval.

Changes:
- Add cursor pagination DTOs for all entity types (Post, Comment, Message, Conversation, Group, Notification, GroupMember, GroupAnnouncement)
- Implement cursor pagination methods in repositories with support for various sort orders (created_at, updated_at, join_time, seq)
- Add cursor pagination handlers that maintain backward compatibility with existing offset pagination
- Add new API routes for cursor-based endpoints (/cursor suffix)
- Add helper converter functions for pointer slice types in DTO conversions
2026-03-20 23:03:23 +08:00
lafay
98f0c9f2b6 feat: add hook system, QR code login, and layered cache
All checks were successful
Build Backend / build (push) Successful in 5m54s
Build Backend / build-docker (push) Successful in 4m7s
- Implement extensible hook system for content moderation with
  builtin and AI-powered moderation hooks
- Add QR code login feature with SSE for real-time status updates
  and scan/confirm/cancel workflow
- Introduce layered cache with local LRU + Redis backend for
  improved read performance
- Refactor post and comment services to use hook-based moderation
  instead of direct AI service calls
- Add local cache configuration options (size, buckets, ttl)
2026-03-20 12:23:28 +08:00
lafay
bdfcbdadea fix(cors): add admin.littlelan.cn and browser.littlelan.cn, support *.littlelan.cn subdomains
All checks were successful
Build Backend / build (push) Successful in 12m24s
Build Backend / build-docker (push) Successful in 13m8s
2026-03-19 22:46:21 +08:00
lafay
2c1f2f47ec Merge branch 'master' of https://code.littlelan.cn/carrot_bbs/backend
All checks were successful
Build Backend / build (push) Successful in 3m58s
Build Backend / build-docker (push) Successful in 2m29s
2026-03-19 19:43:40 +08:00
lafay
4c2d605411 fix: 修复了未自动迁移的表 2026-03-19 19:43:37 +08:00
lan
ad17349944 feat: 更新依赖
All checks were successful
Build Backend / build (push) Successful in 6m49s
Build Backend / build-docker (push) Successful in 3m7s
2026-03-19 15:17:28 +08:00
lafay
b0f209fdf8 fix(security): security audit fixes for API vulnerabilities
All checks were successful
Build Backend / build (push) Successful in 4m47s
Build Backend / build-docker (push) Successful in 2m22s
Security fixes:
- Fix sensitive data exposure: UserResponse no longer contains email/phone
- Add UserSelfResponse for authenticated user's own data
- Protect Gorse endpoints with admin role requirement
- Add rate limiting (10 req/min) to auth endpoints
- Fix CORS configuration to use allowed origins list
- Add pagination parameter validation (max 100 per page)

Changes:
- dto/dto.go: Add UserSelfResponse type
- dto/user_converter.go: Add ConvertUserToSelfResponse
- handler/user_handler.go: Use secure response types
- middleware/cors.go: Implement origin whitelist
- middleware/ratelimit.go: Enhance rate limiter
- router/router.go: Add auth rate limit, protect Gorse
- service/admin_*.go: Use ConvertUserToResponse
2026-03-19 13:49:51 +08:00
lan
d387cc493e fix: 修复课程表DayOfWeek字段omitzero导致周一数据被省略的问题
All checks were successful
Build Backend / build (push) Successful in 8m15s
Build Backend / build-docker (push) Successful in 6m4s
2026-03-19 00:31:57 +08:00
lafay
a6fa82bf50 feat: Add CD workflow and Makefile
Some checks failed
Build Backend / build (push) Successful in 3m21s
Build Backend / build-docker (push) Failing after 4m30s
- Add deploy.yml for SSH-based deployment (only triggers on PR merge or master/main)
- Add Makefile for local build commands
- Add optimized Dockerfile (multi-stage build)
2026-03-17 19:39:44 +08:00
lafay
226a088ec3 feat(ci): add deploy workflow and Makefile
- Add .gitea/workflows/deploy.yml for CD pipeline
- Add Makefile for build automation
- Update .gitignore to exclude docs/
2026-03-17 19:39:37 +08:00
lan
99cc4d9549 ci: add backend gitea build workflow
All checks were successful
Build Backend / build (push) Successful in 4m48s
Build Backend / build-docker (push) Successful in 3m20s
Add a Gitea Actions pipeline to compile the backend server artifact and build/push Docker images for master/dev changes.

Made-with: Cursor
2026-03-17 14:56:27 +08:00
lafay
8a2b0e0a5e feat(message): add message encryption with batch decryption optimization
- Add encryption configuration with environment variable support
- Implement batch parallel decryption for improved query performance
- Integrate message encryptor via wire dependency injection
- Add explicit Decrypt() method for single message decryption
- Optimize AfterFind hook to defer decryption for batch processing
2026-03-17 10:10:49 +08:00
lafay
5d6c982c9c refactor: replace standard log with zap logger and optimize code patterns
- Migrate all log.Printf/log.Println calls to structured zap logging
- Use cmp.Or for cleaner default value handling
- Replace manual loops with slices.ContainsFunc/IndexFunc
- Add batch query methods (IsLikedBatch, IsFavoritedBatch) to solve N+1 problem
- Update JSON tags from omitempty to omitzero for numeric fields
- Use errgroup-style wg.Go for worker goroutines
- Remove duplicate casbin/v2 dependency (keeping v3)
- Add plans/ to gitignore
2026-03-17 00:47:17 +08:00
lafay
b028f7e1d3 feat: enhance logging and message encryption features
- Introduced new logging services: operation logs, login logs, and data change logs.
- Added support for message content encryption in the Message model, including methods for encrypting and decrypting message segments.
- Updated router to include admin log handling and integrated log service for access logging.
- Modified configuration to support encryption settings.
2026-03-15 20:38:22 +08:00
lan
700b8b6bad feat: 修复了文件被意外ignore 2026-03-15 18:19:17 +08:00
9a2ef67c85 Merge pull request 'feat: 添加日志管理和敏感词过滤功能' (#1) from feature/logs-and-sanitizer into master
Reviewed-on: #1
2026-03-15 12:10:14 +08:00
lan
ebd9cb8b04 feat: 添加日志管理和敏感词过滤功能
- 新增日志管理模块:操作日志、登录日志、数据变更日志
- 新增敏感词过滤器 (sanitizer)
- 新增日志异步写入管理器
- 新增日志定时清理服务
- 优化帖子相关服务和上传服务
2026-03-15 02:25:10 +08:00
lan
d3065b30cc feat(admin): add comprehensive admin management system
- Add admin handlers and services for users, posts, comments, groups, and dashboard
- Implement role permission management with ability to view and update permissions
- Add database seeding for roles and Casbin permission policies
- Upgrade Casbin from v2 to v3 with GORM adapter for persistent policy storage
- Add admin-specific repository methods with filtering and pagination
- Register new admin API routes under /api/v1/admin/*
2026-03-14 18:01:55 +08:00
lan
ae5b997924 feat(auth): add Casbin RBAC and user activity tracking
Integrate Casbin for role-based access control with admin routes for role management. Add user activity logging service to track login and refresh events. Refactor audit service to use AI-based content moderation.
2026-03-14 02:09:38 +08:00
lan
c561a0bb0c feat(grpc): add gRPC server infrastructure and schedule sync service
Add gRPC server support with configurable TLS, environment-based settings, and Wire injection. Implement schedule synchronization service with task runner integration for external course data fetching.

- Add gRPC configuration with env var overrides (APP_GRPC_ENABLED, APP_GRPC_PORT, etc.)
- Create gRPC server infrastructure with runner task management
- Implement ScheduleSyncService for course data synchronization
- Add sync endpoint to schedule handler for external system integration
- Update repository with context-aware batch delete operation
- Wire all dependencies including zap logger for structured logging
2026-03-13 20:40:20 +08:00
lan
cf36b1350d refactor: introduce Wire dependency injection and interface-based architecture
- Add Google Wire for compile-time dependency injection
- Replace concrete service types with interfaces across handlers
- Remove global state (DB, cache) in favor of constructor injection
- Split monolithic files into focused modules:
  - config: separate files for each config domain
  - dto: converters split by domain (user, post, message, group)
  - cache: separate metrics.go and redis_cache.go
- Introduce unified apperrors package with string-based error codes
- Add transaction support with context-aware repository methods
- Upgrade golang.org/x/crypto from 0.17.0 to 0.26.0
2026-03-13 09:38:18 +08:00
lan
1216423350 feat(group): refactor group invite workflow for improved user experience
- Simplify InviteMembers to always send invite card directly to invitee
- Modify RespondInvite to check group join type (anyone vs need approval) before adding member
- Update SetGroupAddRequest to properly handle invite flow with invitee agreement and admin approval stages
- Add case-insensitive search using LOWER() in user repository
- Add random offset (0-50) for first page of recommended posts
- Update dependencies: remove gorilla/websocket, promote gomail to direct dependency
2026-03-12 23:40:21 +08:00
lan
0a0cbacbcc feat(schedule): add course table screens and navigation
Add complete schedule functionality including:
- Schedule screen with weekly course table view
- Course detail screen with transparent modal presentation
- New ScheduleStack navigator integrated into main tab bar
- Schedule service for API interactions
- Type definitions for course entities

Also includes bug fixes for group invite/request handlers
to include required groupId parameter.
2026-03-12 08:38:14 +08:00
lan
21293644b8 Refactor backend APIs to RESTful route patterns.
Align group and conversation handlers/services with path-based endpoints, and unify response/service error handling for related modules.

Made-with: Cursor
2026-03-10 20:52:50 +08:00
lan
86ef150fec Replace websocket flow with SSE support in backend.
Update handlers, services, router, and data conversion logic to support server-sent events and related message pipeline changes.

Made-with: Cursor
2026-03-10 12:58:23 +08:00
lan
4c0177149a Clean backend debug logging and standardize error reporting.
This removes verbose trace output in handlers/services and keeps only actionable error-level logs.
2026-03-09 22:20:44 +08:00
lan
4d8f2ec997 Initial backend repository commit.
Set up project files and add .gitignore to exclude local build/runtime artifacts.

Made-with: Cursor
2026-03-09 21:28:58 +08:00