Refactor and remove sqlite and replace with MySQL

2025-10-23 18:43:31 +01:00
parent d53e27eea8
commit 21ebc9c34b
139 changed files with 1013 additions and 529 deletions
--- a/internal/platform/bootstrap/csrf.go
+++ b/internal/platform/bootstrap/csrf.go
@@ -0,0 +1,26 @@
+package bootstrap
+
+import (
+	"fmt"
+	"net/http"
+
+	"github.com/gorilla/csrf"
+)
+
+var CSRFMiddleware func(http.Handler) http.Handler
+
+func InitCSRFProtection(csrfKey []byte, isProduction bool) error {
+	if len(csrfKey) != 32 {
+		return fmt.Errorf("csrf key must be 32 bytes, got %d", len(csrfKey))
+	}
+
+	CSRFMiddleware = csrf.Protect(
+		csrfKey,
+		csrf.Secure(isProduction),
+		csrf.SameSite(csrf.SameSiteStrictMode),
+		csrf.Path("/"),
+		csrf.HttpOnly(true),
+	)
+
+	return nil
+}
--- a/internal/platform/bootstrap/license.go
+++ b/internal/platform/bootstrap/license.go
@@ -0,0 +1,32 @@
+package bootstrap
+
+import (
+	"log"
+	"time"
+
+	internal "synlotto-website/internal/licensecheck"
+	"synlotto-website/models"
+)
+
+var globalChecker *internal.LicenseChecker
+
+func InitLicenseChecker(config *models.Config) error {
+	checker := &internal.LicenseChecker{
+		LicenseAPIURL: config.License.APIURL,
+		APIKey:        config.License.APIKey,
+		PollInterval:  10 * time.Minute,
+	}
+
+	if err := checker.Validate(); err != nil {
+		return err
+	}
+
+	checker.StartBackgroundCheck()
+	globalChecker = checker
+	log.Println("✅ License validation started.")
+	return nil
+}
+
+func GetLicenseChecker() *internal.LicenseChecker {
+	return globalChecker
+}
--- a/internal/platform/bootstrap/loader.go
+++ b/internal/platform/bootstrap/loader.go
@@ -0,0 +1,30 @@
+package bootstrap
+
+import (
+	"encoding/json"
+	"fmt"
+	"os"
+
+	"synlotto-website/models"
+)
+
+type AppState struct {
+	Config *models.Config
+}
+
+func LoadAppState(configPath string) (*AppState, error) {
+	file, err := os.Open(configPath)
+	if err != nil {
+		return nil, fmt.Errorf("open config: %w", err)
+	}
+	defer file.Close()
+
+	var config models.Config
+	if err := json.NewDecoder(file).Decode(&config); err != nil {
+		return nil, fmt.Errorf("decode config: %w", err)
+	}
+
+	return &AppState{
+		Config: &config,
+	}, nil
+}
--- a/internal/platform/bootstrap/session.go
+++ b/internal/platform/bootstrap/session.go
@@ -0,0 +1,115 @@
+package bootstrap
+
+import (
+	"bytes"
+	"crypto/rand"
+	"encoding/base64"
+	"encoding/gob"
+	"fmt"
+	"net/http"
+	"os"
+	"time"
+
+	sessionHandlers "synlotto-website/handlers/session"
+	sessionHelpers "synlotto-website/helpers/session"
+
+	"synlotto-website/logging"
+	"synlotto-website/models"
+
+	"github.com/gorilla/sessions"
+)
+
+var (
+	sessionStore *sessions.CookieStore
+	Name         string
+	authKey      []byte
+	encryptKey   []byte
+)
+
+func InitSession(cfg *models.Config) error {
+	gob.Register(time.Time{})
+	authPath := cfg.Session.AuthKeyPath
+	encPath := cfg.Session.EncryptionKeyPath
+
+	if _, err := os.Stat(authPath); os.IsNotExist(err) {
+		logging.Info("⚠️ Auth key not found, creating: %s", authPath)
+		key, err := generateRandomBytes(32)
+		if err != nil {
+			return err
+		}
+		encoded := sessionHelpers.EncodeKey(key)
+		err = os.WriteFile(authPath, []byte(encoded), 0600)
+		if err != nil {
+			return err
+		}
+	}
+
+	if _, err := os.Stat(encPath); os.IsNotExist(err) {
+		logging.Info("⚠️ Encryption key not found, creating: %s", encPath)
+		key, err := generateRandomBytes(32)
+		if err != nil {
+			return err
+		}
+		encoded := sessionHelpers.EncodeKey(key)
+		err = os.WriteFile(encPath, []byte(encoded), 0600)
+		if err != nil {
+			return err
+		}
+	}
+
+	return loadSessionKeys(
+		authPath,
+		encPath,
+		cfg.Session.Name,
+		cfg.HttpServer.ProductionMode,
+	)
+}
+
+func generateRandomBytes(length int) ([]byte, error) {
+	b := make([]byte, length)
+	_, err := rand.Read(b)
+	if err != nil {
+		logging.Error("failed to generate random bytes: %w", err)
+
+		return nil, err
+	}
+	return b, nil
+}
+
+func loadSessionKeys(authPath, encryptionPath, name string, isProduction bool) error {
+	var err error
+
+	rawAuth, err := os.ReadFile(authPath)
+	if err != nil {
+		return fmt.Errorf("error reading auth key: %w", err)
+	}
+	authKey, err = base64.StdEncoding.DecodeString(string(bytes.TrimSpace(rawAuth)))
+	if err != nil {
+		return fmt.Errorf("error decoding auth key: %w", err)
+	}
+
+	rawEnc, err := os.ReadFile(encryptionPath)
+	if err != nil {
+		return fmt.Errorf("error reading encryption key: %w", err)
+	}
+	encryptKey, err = base64.StdEncoding.DecodeString(string(bytes.TrimSpace(rawEnc)))
+	if err != nil {
+		return fmt.Errorf("error decoding encryption key: %w", err)
+	}
+
+	if len(authKey) != 32 || len(encryptKey) != 32 {
+		return fmt.Errorf("auth and encryption keys must be 32 bytes each (got auth=%d, enc=%d)", len(authKey), len(encryptKey))
+	}
+
+	sessionHandlers.SessionStore = sessions.NewCookieStore(authKey, encryptKey)
+	sessionHandlers.SessionStore.Options = &sessions.Options{
+		Path:     "/",
+		MaxAge:   86400,
+		HttpOnly: true,
+		Secure:   isProduction,
+		SameSite: http.SameSiteLaxMode,
+	}
+
+	sessionHandlers.Name = name
+	return nil
+}
--- a/internal/platform/config/config.go
+++ b/internal/platform/config/config.go
@@ -0,0 +1,22 @@
+package config
+
+import (
+	"sync"
+
+	"synlotto-website/models"
+)
+
+var (
+	appConfig *models.Config
+	once      sync.Once
+)
+
+func Init(config *models.Config) {
+	once.Do(func() {
+		appConfig = config
+	})
+}
+
+func Get() *models.Config {
+	return appConfig
+}
--- a/internal/platform/constants/session.go
+++ b/internal/platform/constants/session.go
@@ -0,0 +1,5 @@
+package constants
+
+import "time"
+
+const SessionDuration = 30 * time.Minute