TDvorak/Trackeep
1
0
Fork 0
mirror of https://github.com/Dvorinka/Trackeep.git synced 2026-06-04 12:32:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

feat: major feature updates and cleanup

Browse Source 
- Add Redis architecture implementation
- Update browser extension functionality
- Clean up deprecated files and documentation
- Enhance backend handlers for auth, messages, search
- Add new configuration options and settings
- Update Docker and deployment configurations
This commit is contained in:
Tomas Dvorak
2026-03-03 11:03:37 +01:00
parent 446bc7acfb
commit 083373a24f
241 changed files with 46662 additions and 24880 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backend/handlers/auth.go
+245
View File
@@ -2,10 +2,15 @@ package handlers
import (
"crypto/rand"
"encoding/json"
"errors"
"fmt"
"io"
"net/http"
"net/smtp"
"os"
"os/exec"
"runtime"
"strings"
"time"
@@ -771,3 +776,243 @@ func formatTimeAgo(t time.Time) string {
return t.Format("Jan 2, 2006")
}
}
// GitHubRelease represents a GitHub release
type GitHubRelease struct {
TagName string `json:"tag_name"`
Name string `json:"name"`
Draft bool `json:"draft"`
Prerelease bool `json:"prerelease"`
PublishedAt string `json:"published_at"`
Body string `json:"body"`
}
// GetLatestVersion fetches the latest version from GitHub releases
func GetLatestVersion() (string, error) {
// GitHub API endpoint for releases
url := "https://api.github.com/repos/dvorinka/trackeep/releases"
// Create HTTP request
req, err := http.NewRequest("GET", url, nil)
if err != nil {
return "", fmt.Errorf("failed to create request: %w", err)
}
// Set headers
req.Header.Set("Accept", "application/vnd.github.v3+json")
req.Header.Set("User-Agent", "Trackeep-Backend")
// Make request
client := &http.Client{Timeout: 10 * time.Second}
resp, err := client.Do(req)
if err != nil {
return "", fmt.Errorf("failed to fetch releases: %w", err)
}
defer resp.Body.Close()
if resp.StatusCode != http.StatusOK {
return "", fmt.Errorf("GitHub API returned status %d", resp.StatusCode)
}
// Read response
body, err := io.ReadAll(resp.Body)
if err != nil {
return "", fmt.Errorf("failed to read response: %w", err)
}
// Parse JSON
var releases []GitHubRelease
if err := json.Unmarshal(body, &releases); err != nil {
return "", fmt.Errorf("failed to parse JSON: %w", err)
}
// Find latest non-draft release
for _, release := range releases {
if !release.Draft && !release.Prerelease {
return release.TagName, nil
}
}
// If no stable release found, return the latest release (including prerelease)
if len(releases) > 0 {
return releases[0].TagName, nil
}
return "", errors.New("no releases found")
}
// GetCurrentVersion detects the current running version
func GetCurrentVersion() (string, error) {
// Method 1: Check if running in Docker and get image info
if isRunningInDocker() {
if version, err := getDockerImageVersion(); err == nil && version != "" {
return version, nil
}
}
// Method 2: Check for version file or environment variable
if version := os.Getenv("TRACKEEP_VERSION"); version != "" {
return version, nil
}
// Method 3: Try to read from version file
if version, err := readVersionFile(); err == nil && version != "" {
return version, nil
}
// Method 4: Check git tag if running from source
if version, err := getGitVersion(); err == nil && version != "" {
return version, nil
}
// Fallback: Return build time or unknown
if buildTime := os.Getenv("BUILD_TIME"); buildTime != "" {
return fmt.Sprintf("build-%s", buildTime), nil
}
return "unknown", nil
}
// isRunningInDocker checks if the application is running in a Docker container
func isRunningInDocker() bool {
// Check for .dockerenv file
if _, err := os.Stat("/.dockerenv"); err == nil {
return true
}
// Check for Docker in cgroup
data, err := os.ReadFile("/proc/1/cgroup")
if err != nil {
return false
}
return strings.Contains(string(data), "docker")
}
// getDockerImageVersion gets the Docker image tag
func getDockerImageVersion() (string, error) {
// Try to get container ID from cgroup
containerID, err := getContainerID()
if err != nil {
return "", err
}
// Try to inspect the container to get image info
cmd := exec.Command("docker", "inspect", "--format='{{.Config.Image}}'", containerID)
output, err := cmd.Output()
if err != nil {
return "", err
}
imageName := strings.TrimSpace(string(output))
if strings.Contains(imageName, ":") {
parts := strings.Split(imageName, ":")
if len(parts) > 1 {
tag := parts[len(parts)-1]
// Remove quotes if present
tag = strings.Trim(tag, "'")
return tag, nil
}
}
return "latest", nil
}
// getContainerID attempts to get the current container ID
func getContainerID() (string, error) {
// Method 1: Read from /proc/self/cgroup
data, err := os.ReadFile("/proc/self/cgroup")
if err != nil {
return "", err
}
lines := strings.Split(string(data), "\n")
for _, line := range lines {
if strings.Contains(line, "docker") {
parts := strings.Split(line, "/")
if len(parts) > 0 {
containerID := parts[len(parts)-1]
// Remove any non-hex characters
containerID = strings.Trim(containerID, " \t\r\n")
if len(containerID) >= 12 {
return containerID[:12], nil
}
}
}
}
// Method 2: Try to get from hostname
hostname, err := os.Hostname()
if err == nil && len(hostname) >= 12 {
return hostname[:12], nil
}
return "", errors.New("could not determine container ID")
}
// readVersionFile tries to read version from a file
func readVersionFile() (string, error) {
// Try multiple possible version file locations
versionFiles := []string{
"/app/VERSION",
"/app/version.txt",
"./VERSION",
"./version.txt",
}
for _, file := range versionFiles {
if data, err := os.ReadFile(file); err == nil {
return strings.TrimSpace(string(data)), nil
}
}
return "", errors.New("no version file found")
}
// getGitVersion gets version from git tag
func getGitVersion() (string, error) {
if runtime.GOOS == "windows" {
return "", errors.New("git version detection not supported on Windows")
}
cmd := exec.Command("git", "describe", "--tags", "--abbrev=0")
output, err := cmd.Output()
if err != nil {
return "", err
}
version := strings.TrimSpace(string(output))
return strings.TrimPrefix(version, "v"), nil
}
// GetVersionHandler returns the current and latest version
func GetVersionHandler(c *gin.Context) {
latestVersion, err := GetLatestVersion()
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{
"error": "Failed to fetch latest version",
"details": err.Error(),
})
return
}
// Get current running version
currentVersion, err := GetCurrentVersion()
if err != nil {
currentVersion = "unknown"
}
// Clean the version tag (remove 'v' prefix if present)
cleanLatestVersion := strings.TrimPrefix(latestVersion, "v")
response := gin.H{
"current_version": currentVersion,
"latest_version": cleanLatestVersion,
"latest_tag": latestVersion, // Keep the original tag for reference
"is_latest": currentVersion == cleanLatestVersion || currentVersion == "latest",
"update_available": currentVersion != cleanLatestVersion && currentVersion != "latest",
"running_in_docker": isRunningInDocker(),
}
c.JSON(http.StatusOK, response)
}
backend/handlers/browser_extension.go
+437
View File
@@ -0,0 +1,437 @@
package handlers
import (
"archive/zip"
"crypto/rand"
"fmt"
"io"
"os"
"path/filepath"
"strings"
"time"
"github.com/gin-gonic/gin"
"github.com/trackeep/backend/config"
"github.com/trackeep/backend/models"
)
// CreateAPIKeyRequest represents a request to create an API key
type CreateAPIKeyRequest struct {
Name string `json:"name" binding:"required,min=1,max=100"`
Permissions []string `json:"permissions" binding:"required"`
ExpiresIn *int `json:"expires_in,omitempty"` // Days until expiration
}
// APIKeyResponse represents API key response
type APIKeyResponse struct {
ID uint `json:"id"`
Name string `json:"name"`
Key string `json:"key"`
Permissions []string `json:"permissions"`
ExpiresAt *time.Time `json:"expires_at,omitempty"`
CreatedAt time.Time `json:"created_at"`
}
// BrowserExtensionAuth represents browser extension authentication
type BrowserExtensionAuth struct {
ID uint `json:"id" gorm:"primaryKey"`
UserID uint `json:"user_id" gorm:"not null"`
ExtensionID string `json:"extension_id" gorm:"not null"`
Name string `json:"name" gorm:"not null"`
IsActive bool `json:"is_active" gorm:"default:true"`
LastSeen *time.Time `json:"last_seen,omitempty" gorm:"not null"`
CreatedAt time.Time `json:"created_at" gorm:"autoCreateTime"`
UpdatedAt time.Time `json:"updated_at" gorm:"autoUpdateTime"`
}
// GenerateAPIKey creates a new API key for browser extension
func GenerateAPIKey(c *gin.Context) {
user, exists := c.Get("user")
if !exists {
c.JSON(401, gin.H{"error": "User not authenticated"})
return
}
currentUser := user.(models.User)
var req CreateAPIKeyRequest
if err := c.ShouldBindJSON(&req); err != nil {
c.JSON(400, gin.H{"error": err.Error()})
return
}
// Validate permissions
validPermissions := map[string]bool{
"bookmarks:read": true,
"bookmarks:write": true,
"files:read": true,
"files:write": true,
"notes:read": true,
"notes:write": true,
"tasks:read": true,
"tasks:write": true,
}
for _, perm := range req.Permissions {
if !validPermissions[perm] {
c.JSON(400, gin.H{"error": fmt.Sprintf("Invalid permission: %s", perm)})
return
}
}
// Generate API key
key := generateAPIKey()
// Set expiration if provided
var expiresAt *time.Time
if req.ExpiresIn != nil && *req.ExpiresIn > 0 {
expiration := time.Now().AddDate(0, 0, *req.ExpiresIn)
expiresAt = &expiration
}
// Create API key record
apiKey := models.APIKey{
Name: req.Name,
Key: key,
UserID: currentUser.ID,
Permissions: req.Permissions,
IsActive: true,
ExpiresAt: expiresAt,
}
db := config.GetDB()
if err := db.Create(&apiKey).Error; err != nil {
c.JSON(500, gin.H{"error": "Failed to create API key"})
return
}
response := APIKeyResponse{
ID: apiKey.ID,
Name: apiKey.Name,
Key: apiKey.Key,
Permissions: apiKey.Permissions,
ExpiresAt: apiKey.ExpiresAt,
CreatedAt: apiKey.CreatedAt,
}
c.JSON(201, response)
}
// GetAPIKeys retrieves user's API keys
func GetAPIKeys(c *gin.Context) {
user, exists := c.Get("user")
if !exists {
c.JSON(401, gin.H{"error": "User not authenticated"})
return
}
currentUser := user.(models.User)
var apiKeys []models.APIKey
db := config.GetDB()
if err := db.Where("user_id = ? AND is_active = ?", currentUser.ID, true).Order("created_at desc").Find(&apiKeys).Error; err != nil {
c.JSON(500, gin.H{"error": "Failed to retrieve API keys"})
return
}
// Don't return the actual keys in list view
var response []map[string]interface{}
for _, key := range apiKeys {
response = append(response, map[string]interface{}{
"id": key.ID,
"name": key.Name,
"permissions": key.Permissions,
"is_active": key.IsActive,
"last_used": key.LastUsed,
"expires_at": key.ExpiresAt,
"created_at": key.CreatedAt,
"updated_at": key.UpdatedAt,
})
}
c.JSON(200, response)
}
// RevokeAPIKey revokes an API key
func RevokeAPIKey(c *gin.Context) {
user, exists := c.Get("user")
if !exists {
c.JSON(401, gin.H{"error": "User not authenticated"})
return
}
currentUser := user.(models.User)
keyID := c.Param("id")
db := config.GetDB()
var apiKey models.APIKey
if err := db.Where("id = ? AND user_id = ?", keyID, currentUser.ID).First(&apiKey).Error; err != nil {
c.JSON(404, gin.H{"error": "API key not found"})
return
}
// Deactivate the key
if err := db.Model(&apiKey).Update("is_active", false).Error; err != nil {
c.JSON(500, gin.H{"error": "Failed to revoke API key"})
return
}
c.JSON(200, gin.H{"message": "API key revoked successfully"})
}
// ValidateAPIKey validates an API key from browser extension
func ValidateAPIKey(c *gin.Context) {
authHeader := c.GetHeader("Authorization")
if authHeader == "" {
c.JSON(401, gin.H{"error": "Authorization header required"})
return
}
// Extract Bearer token
parts := strings.SplitN(authHeader, " ", 2)
if len(parts) != 2 || parts[0] != "Bearer" {
c.JSON(401, gin.H{"error": "Invalid authorization format"})
return
}
apiKey := parts[1]
db := config.GetDB()
var keyRecord models.APIKey
if err := db.Where("key = ? AND is_active = ?", apiKey, true).Preload("User").First(&keyRecord).Error; err != nil {
c.JSON(401, gin.H{"error": "Invalid API key"})
return
}
// Check expiration
if keyRecord.ExpiresAt != nil && keyRecord.ExpiresAt.Before(time.Now()) {
c.JSON(401, gin.H{"error": "API key expired"})
return
}
// Update last used timestamp
now := time.Now()
keyRecord.LastUsed = &now
db.Model(&keyRecord).Update("last_used", now)
// Return user info for extension
c.JSON(200, gin.H{
"valid": true,
"user_id": keyRecord.UserID,
"permissions": keyRecord.Permissions,
})
}
// generateAPIKey generates a secure API key
func generateAPIKey() string {
const charset = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
keyLength := 32
bytes := make([]byte, keyLength)
rand.Read(bytes)
for i, b := range bytes {
bytes[i] = charset[b%byte(len(charset))]
}
return "tk_" + string(bytes)
}
// RegisterBrowserExtension registers a browser extension instance
func RegisterBrowserExtension(c *gin.Context) {
user, exists := c.Get("user")
if !exists {
c.JSON(401, gin.H{"error": "User not authenticated"})
return
}
currentUser := user.(models.User)
var req struct {
ExtensionID string `json:"extension_id" binding:"required"`
Name string `json:"name" binding:"required"`
}
if err := c.ShouldBindJSON(&req); err != nil {
c.JSON(400, gin.H{"error": err.Error()})
return
}
// Check if extension already registered
db := config.GetDB()
var existingAuth BrowserExtensionAuth
if err := db.Where("user_id = ? AND extension_id = ?", currentUser.ID, req.ExtensionID).First(&existingAuth).Error; err == nil {
c.JSON(409, gin.H{"error": "Extension already registered"})
return
}
// Create new extension registration
extAuth := BrowserExtensionAuth{
UserID: currentUser.ID,
ExtensionID: req.ExtensionID,
Name: req.Name,
IsActive: true,
LastSeen: &time.Time{},
}
if err := db.Create(&extAuth).Error; err != nil {
c.JSON(500, gin.H{"error": "Failed to register extension"})
return
}
c.JSON(201, gin.H{
"message": "Extension registered successfully",
"extension_id": extAuth.ExtensionID,
})
}
// GetBrowserExtensions retrieves user's registered browser extensions
func GetBrowserExtensions(c *gin.Context) {
user, exists := c.Get("user")
if !exists {
c.JSON(401, gin.H{"error": "User not authenticated"})
return
}
currentUser := user.(models.User)
var extensions []BrowserExtensionAuth
db := config.GetDB()
if err := db.Where("user_id = ?", currentUser.ID).Order("created_at desc").Find(&extensions).Error; err != nil {
c.JSON(500, gin.H{"error": "Failed to retrieve extensions"})
return
}
c.JSON(200, extensions)
}
// RevokeBrowserExtension revokes a browser extension
func RevokeBrowserExtension(c *gin.Context) {
user, exists := c.Get("user")
if !exists {
c.JSON(401, gin.H{"error": "User not authenticated"})
return
}
currentUser := user.(models.User)
extensionID := c.Param("id")
db := config.GetDB()
var extAuth BrowserExtensionAuth
if err := db.Where("extension_id = ? AND user_id = ?", extensionID, currentUser.ID).First(&extAuth).Error; err != nil {
c.JSON(404, gin.H{"error": "Extension not found"})
return
}
// Deactivate the extension
if err := db.Model(&extAuth).Update("is_active", false).Error; err != nil {
c.JSON(500, gin.H{"error": "Failed to revoke extension"})
return
}
c.JSON(200, gin.H{"message": "Extension revoked successfully"})
}
// DownloadBrowserExtension serves the browser extension as a downloadable zip file
func DownloadBrowserExtension(c *gin.Context) {
// Path to the browser extension directory
extDir := "../browser-extension"
// Create a temporary zip file
zipPath := "/tmp/browser-extension.zip"
// Create zip file
err := createZip(extDir, zipPath)
if err != nil {
c.JSON(500, gin.H{"error": "Failed to create zip file"})
return
}
// Open the zip file
zipFile, err := os.Open(zipPath)
if err != nil {
c.JSON(500, gin.H{"error": "Failed to open zip file"})
return
}
defer zipFile.Close()
// Get file info
fileInfo, err := zipFile.Stat()
if err != nil {
c.JSON(500, gin.H{"error": "Failed to get file info"})
return
}
// Set headers for download
c.Header("Content-Type", "application/zip")
c.Header("Content-Disposition", "attachment; filename=browser-extension.zip")
c.Header("Content-Length", fmt.Sprintf("%d", fileInfo.Size()))
// Copy file to response
io.Copy(c.Writer, zipFile)
// Clean up temporary file
os.Remove(zipPath)
}
// createZip creates a zip file from a directory
func createZip(source, target string) error {
zipfile, err := os.Create(target)
if err != nil {
return err
}
defer zipfile.Close()
archive := zip.NewWriter(zipfile)
defer archive.Close()
info, err := os.Stat(source)
if err != nil {
return nil
}
var baseDir string
if info.IsDir() {
baseDir = filepath.Base(source)
}
return filepath.Walk(source, func(path string, info os.FileInfo, err error) error {
if err != nil {
return err
}
header, err := zip.FileInfoHeader(info)
if err != nil {
return err
}
if baseDir != "" {
header.Name = filepath.Join(baseDir, strings.TrimPrefix(path, source))
}
if info.IsDir() {
header.Name += "/"
} else {
header.Method = zip.Deflate
}
writer, err := archive.CreateHeader(header)
if err != nil {
return err
}
if info.IsDir() {
return nil
}
file, err := os.Open(path)
if err != nil {
return err
}
defer file.Close()
_, err = io.Copy(writer, file)
return err
})
}
backend/handlers/messages.go
+74 -2
View File
@@ -49,10 +49,17 @@ type AttachmentInput struct {
Title string `json:"title"`
}
type ReferenceInput struct {
EntityType string `json:"entity_type"`
EntityID uint `json:"entity_id"`
DeepLink string `json:"deep_link"`
}
type CreateMessageRequest struct {
Body string `json:"body"`
Attachments []AttachmentInput `json:"attachments"`
Metadata map[string]interface{} `json:"metadata"`
References []ReferenceInput `json:"references"`
}
type UpdateMessageRequest struct {
@@ -641,8 +648,8 @@ func CreateConversationMessage(c *gin.Context) {
}
trimmedBody := strings.TrimSpace(req.Body)
if trimmedBody == "" && len(req.Attachments) == 0 {
c.JSON(http.StatusBadRequest, gin.H{"error": "Message body or attachments are required"})
if trimmedBody == "" && len(req.Attachments) == 0 && len(req.References) == 0 {
c.JSON(http.StatusBadRequest, gin.H{"error": "Message body, attachments, or references are required"})
return
}
@@ -656,6 +663,37 @@ func CreateConversationMessage(c *gin.Context) {
})
}
referenceRows := make([]models.MessageReference, 0, len(req.References))
for _, ref := range req.References {
entityType := normalizeReferenceType(ref.EntityType)
if entityType == "" {
c.JSON(http.StatusBadRequest, gin.H{"error": "Invalid reference entity_type"})
return
}
if ref.EntityID == 0 {
c.JSON(http.StatusBadRequest, gin.H{"error": "Invalid reference entity_id"})
return
}
deepLink := strings.TrimSpace(ref.DeepLink)
if deepLink == "" {
c.JSON(http.StatusBadRequest, gin.H{"error": "Invalid reference deep_link"})
return
}
if !isReferenceDeepLinkAllowed(deepLink) {
c.JSON(http.StatusBadRequest, gin.H{"error": "Unsupported reference deep_link"})
return
}
if !canReferenceEntity(models.DB, userID, entityType, ref.EntityID) {
c.JSON(http.StatusForbidden, gin.H{"error": "Reference target is not accessible"})
return
}
referenceRows = append(referenceRows, models.MessageReference{
EntityType: entityType,
EntityID: ref.EntityID,
DeepLink: deepLink,
})
}
suggestions, inferredAttachments, isSensitive := services.DetectMessageContent(trimmedBody)
for _, inferred := range inferredAttachments {
if hasAttachment(attachmentRows, inferred.Kind, inferred.URL) {
@@ -719,6 +757,13 @@ func CreateConversationMessage(c *gin.Context) {
models.DB.Create(&attachmentRows)
}
for i := range referenceRows {
referenceRows[i].MessageID = message.ID
}
if len(referenceRows) > 0 {
models.DB.Create(&referenceRows)
}
if len(suggestions) > 0 {
suggestionRows := make([]models.MessageSuggestion, 0, len(suggestions))
for _, s := range suggestions {
@@ -2159,6 +2204,33 @@ func normalizeAttachmentKind(kind string) string {
}
}
func normalizeReferenceType(entityType string) string {
t := strings.ToLower(strings.TrimSpace(entityType))
switch t {
case "task", "bookmark", "calendar_event", "youtube_video", "learning_path", "saved_search", "github", "password_vault_item", "ai_chat_session", "ai_chat_message":
return t
default:
return ""
}
}
func isReferenceDeepLinkAllowed(deepLink string) bool {
return strings.HasPrefix(deepLink, "/") || strings.HasPrefix(deepLink, "http://") || strings.HasPrefix(deepLink, "https://")
}
func canReferenceEntity(db *gorm.DB, userID uint, entityType string, entityID uint) bool {
switch entityType {
case "ai_chat_session":
var session models.ChatSession
return db.Where("id = ? AND user_id = ?", entityID, userID).First(&session).Error == nil
case "ai_chat_message":
var message models.ChatMessage
return db.Where("id = ? AND user_id = ?", entityID, userID).First(&message).Error == nil
default:
return true
}
}
func compactMessageTitle(text string, limit int) string {
trimmed := strings.TrimSpace(text)
if len(trimmed) <= limit {
backend/handlers/search.go
+351 -136
View File
@@ -7,7 +7,6 @@ import (
"io"
"net/http"
"net/url"
"os"
"github.com/gin-gonic/gin"
)
@@ -63,78 +62,176 @@ func SearchWeb(c *gin.Context) {
req.Count = 10
}
apiKey := os.Getenv("BRAVE_API_KEY")
if apiKey == "" {
c.JSON(http.StatusInternalServerError, gin.H{"error": "Brave API key not configured"})
// Get user ID from context (authentication is required)
userID, exists := c.Get("user_id")
if !exists {
c.JSON(http.StatusUnauthorized, gin.H{"error": "Authentication required for search functionality"})
return
}
// Build Brave Search API request
baseURL := "https://api.search.brave.com/res/v1/web/search"
q := url.Values{}
q.Set("q", req.Query)
q.Set("count", fmt.Sprint(req.Count))
endpoint := fmt.Sprintf("%s?%s", baseURL, q.Encode())
reqHTTP, err := http.NewRequest(http.MethodGet, endpoint, nil)
// Get user's search settings from database
searchSettings, err := GetSearchSettingsForAPI(userID.(int))
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to create Brave request"})
return
}
reqHTTP.Header.Set("Accept", "application/json")
reqHTTP.Header.Set("X-Subscription-Token", apiKey)
resp, err := http.DefaultClient.Do(reqHTTP)
if err != nil {
c.JSON(http.StatusBadGateway, gin.H{"error": "Failed to contact Brave Search API"})
return
}
defer resp.Body.Close()
if resp.StatusCode != http.StatusOK {
c.JSON(http.StatusBadGateway, gin.H{"error": fmt.Sprintf("Brave API error: %d", resp.StatusCode)})
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to get search settings"})
return
}
var braveResp BraveSearchResponse
if err := json.NewDecoder(resp.Body).Decode(&braveResp); err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to decode Brave response"})
return
}
// Check if user has search API key configured
if searchSettings.SearchAPIProvider == "brave" {
apiKey := searchSettings.BraveAPIKey
if apiKey == "" {
c.JSON(http.StatusBadRequest, gin.H{"error": "Brave Search API key not configured. Please configure your search API key in settings."})
return
}
// Prefer web.results, fall back to mixed.results
resultsRaw := braveResp.Web.Results
if len(resultsRaw) == 0 {
resultsRaw = braveResp.Mixed.Results
}
// Build Brave Search API request
baseURL := "https://api.search.brave.com/res/v1/web/search"
q := url.Values{}
q.Set("q", req.Query)
q.Set("count", fmt.Sprint(req.Count))
endpoint := fmt.Sprintf("%s?%s", baseURL, q.Encode())
results := make([]BraveSearchResult, 0, len(resultsRaw))
for _, r := range resultsRaw {
title, _ := r["title"].(string)
urlStr, _ := r["url"].(string)
desc, _ := r["description"].(string)
lang, _ := r["language"].(string)
pageAge, _ := r["page_age"].(string)
reqHTTP, err := http.NewRequest(http.MethodGet, endpoint, nil)
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to create Brave request"})
return
}
reqHTTP.Header.Set("Accept", "application/json")
reqHTTP.Header.Set("X-Subscription-Token", apiKey)
results = append(results, BraveSearchResult{
Title: title,
URL: urlStr,
Description: desc,
PublishedDate: pageAge,
Language: lang,
resp, err := http.DefaultClient.Do(reqHTTP)
if err != nil {
c.JSON(http.StatusBadGateway, gin.H{"error": "Failed to contact Brave Search API"})
return
}
defer resp.Body.Close()
if resp.StatusCode != http.StatusOK {
c.JSON(http.StatusBadGateway, gin.H{"error": fmt.Sprintf("Brave API error: %d", resp.StatusCode)})
return
}
var braveResp BraveSearchResponse
if err := json.NewDecoder(resp.Body).Decode(&braveResp); err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to decode Brave response"})
return
}
// Prefer web.results, fall back to mixed.results
resultsRaw := braveResp.Web.Results
if len(resultsRaw) == 0 {
resultsRaw = braveResp.Mixed.Results
}
results := make([]BraveSearchResult, 0, len(resultsRaw))
for _, r := range resultsRaw {
title, _ := r["title"].(string)
urlStr, _ := r["url"].(string)
desc, _ := r["description"].(string)
lang, _ := r["language"].(string)
pageAge, _ := r["page_age"].(string)
results = append(results, BraveSearchResult{
Title: title,
URL: urlStr,
Description: desc,
PublishedDate: pageAge,
Language: lang,
})
}
c.JSON(http.StatusOK, gin.H{
"results": results,
"query": gin.H{
"original": braveResp.Query.Original,
"display": braveResp.Query.Display,
},
"count": len(results),
})
return
}
c.JSON(http.StatusOK, gin.H{
"results": results,
"query": gin.H{
"original": braveResp.Query.Original,
"display": braveResp.Query.Display,
},
"count": len(results),
})
// Use the configured provider
if searchSettings.SearchAPIProvider == "brave" {
apiKey := searchSettings.BraveAPIKey
if apiKey == "" {
c.JSON(http.StatusBadRequest, gin.H{"error": "Brave Search API key not configured. Please configure your search API key in settings."})
return
}
// Build Brave Search API request
baseURL := searchSettings.BraveSearchBaseURL
q := url.Values{}
q.Set("q", req.Query)
q.Set("count", fmt.Sprint(req.Count))
endpoint := fmt.Sprintf("%s?%s", baseURL, q.Encode())
reqHTTP, err := http.NewRequest(http.MethodGet, endpoint, nil)
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to create Brave request"})
return
}
reqHTTP.Header.Set("Accept", "application/json")
reqHTTP.Header.Set("X-Subscription-Token", apiKey)
resp, err := http.DefaultClient.Do(reqHTTP)
if err != nil {
c.JSON(http.StatusBadGateway, gin.H{"error": "Failed to contact Brave Search API"})
return
}
defer resp.Body.Close()
if resp.StatusCode != http.StatusOK {
c.JSON(http.StatusBadGateway, gin.H{"error": fmt.Sprintf("Brave API error: %d", resp.StatusCode)})
return
}
var braveResp BraveSearchResponse
if err := json.NewDecoder(resp.Body).Decode(&braveResp); err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to decode Brave response"})
return
}
// Prefer web.results, fall back to mixed.results
resultsRaw := braveResp.Web.Results
if len(resultsRaw) == 0 {
resultsRaw = braveResp.Mixed.Results
}
results := make([]BraveSearchResult, 0, len(resultsRaw))
for _, r := range resultsRaw {
title, _ := r["title"].(string)
urlStr, _ := r["url"].(string)
desc, _ := r["description"].(string)
lang, _ := r["language"].(string)
pageAge, _ := r["page_age"].(string)
results = append(results, BraveSearchResult{
Title: title,
URL: urlStr,
Description: desc,
PublishedDate: pageAge,
Language: lang,
})
}
c.JSON(http.StatusOK, gin.H{
"results": results,
"query": gin.H{
"original": braveResp.Query.Original,
"display": braveResp.Query.Display,
},
"count": len(results),
})
} else if searchSettings.SearchAPIProvider == "serper" {
// TODO: Implement Serper API integration
c.JSON(http.StatusNotImplemented, gin.H{"error": "Serper API integration not yet implemented"})
} else {
c.JSON(http.StatusBadRequest, gin.H{"error": "No valid search API provider configured. Please configure a search API provider in settings."})
}
}
// SearchNews handles POST /api/v1/search/news
func SearchNews(c *gin.Context) {
fmt.Printf("DEBUG: SearchNews function called\n")
var req struct {
@@ -151,97 +248,215 @@ func SearchNews(c *gin.Context) {
req.Count = 10
}
apiKey := os.Getenv("BRAVE_API_KEY")
if apiKey == "" {
c.JSON(http.StatusInternalServerError, gin.H{"error": "Brave API key not configured"})
// Get user ID from context (authentication is required)
userID, exists := c.Get("user_id")
if !exists {
c.JSON(http.StatusUnauthorized, gin.H{"error": "Authentication required for search functionality"})
return
}
baseURL := "https://api.search.brave.com/res/v1/news/search"
q := url.Values{}
q.Set("q", req.Query)
q.Set("count", fmt.Sprint(req.Count))
endpoint := fmt.Sprintf("%s?%s", baseURL, q.Encode())
reqHTTP, err := http.NewRequest(http.MethodGet, endpoint, nil)
// Get user's search settings from database
searchSettings, err := GetSearchSettingsForAPI(userID.(int))
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to create Brave request"})
return
}
reqHTTP.Header.Set("Accept", "application/json")
reqHTTP.Header.Set("X-Subscription-Token", apiKey)
resp, err := http.DefaultClient.Do(reqHTTP)
if err != nil {
c.JSON(http.StatusBadGateway, gin.H{"error": "Failed to contact Brave News API"})
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to get search settings"})
return
}
if resp.StatusCode != http.StatusOK {
resp.Body.Close()
c.JSON(http.StatusBadGateway, gin.H{"error": fmt.Sprintf("Brave News API error: %d", resp.StatusCode)})
return
}
// Read the response body for debugging
bodyBytes, err := io.ReadAll(resp.Body)
resp.Body.Close()
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to read response body"})
return
}
fmt.Printf("DEBUG: Raw Brave News API response: %s\n", string(bodyBytes))
var braveResp BraveNewsResponse
if err := json.NewDecoder(bytes.NewReader(bodyBytes)).Decode(&braveResp); err != nil {
fmt.Printf("DEBUG: JSON decode error: %v\n", err)
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to decode Brave news response"})
return
}
// Debug logging
fmt.Printf("DEBUG: Parsed BraveNewsResponse: %+v\n", braveResp)
fmt.Printf("DEBUG: Number of results: %d\n", len(braveResp.Results))
resultsRaw := braveResp.Results
results := make([]BraveSearchResult, 0, len(resultsRaw))
for _, r := range resultsRaw {
title, _ := r["title"].(string)
urlStr, _ := r["url"].(string)
desc, _ := r["description"].(string)
lang, _ := r["language"].(string)
pubDate, _ := r["published_date"].(string)
if pubDate == "" {
pubDate, _ = r["page_age"].(string)
// Check if user has search API key configured
if searchSettings.SearchAPIProvider == "brave" {
apiKey := searchSettings.BraveAPIKey
if apiKey == "" {
c.JSON(http.StatusBadRequest, gin.H{"error": "Brave Search API key not configured. Please configure your search API key in settings."})
return
}
results = append(results, BraveSearchResult{
Title: title,
URL: urlStr,
Description: desc,
PublishedDate: pubDate,
Language: lang,
baseURL := "https://api.search.brave.com/res/v1/news/search"
q := url.Values{}
q.Set("q", req.Query)
q.Set("count", fmt.Sprint(req.Count))
endpoint := fmt.Sprintf("%s?%s", baseURL, q.Encode())
reqHTTP, err := http.NewRequest(http.MethodGet, endpoint, nil)
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to create Brave request"})
return
}
reqHTTP.Header.Set("Accept", "application/json")
reqHTTP.Header.Set("X-Subscription-Token", apiKey)
resp, err := http.DefaultClient.Do(reqHTTP)
if err != nil {
c.JSON(http.StatusBadGateway, gin.H{"error": "Failed to contact Brave News API"})
return
}
if resp.StatusCode != http.StatusOK {
resp.Body.Close()
c.JSON(http.StatusBadGateway, gin.H{"error": fmt.Sprintf("Brave News API error: %d", resp.StatusCode)})
return
}
// Read the response body for debugging
bodyBytes, err := io.ReadAll(resp.Body)
resp.Body.Close()
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to read response body"})
return
}
fmt.Printf("DEBUG: Raw Brave News API response: %s\n", string(bodyBytes))
var braveResp BraveNewsResponse
if err := json.NewDecoder(bytes.NewReader(bodyBytes)).Decode(&braveResp); err != nil {
fmt.Printf("DEBUG: JSON decode error: %v\n", err)
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to decode Brave news response"})
return
}
// Debug logging
fmt.Printf("DEBUG: Parsed BraveNewsResponse: %+v\n", braveResp)
fmt.Printf("DEBUG: Number of results: %d\n", len(braveResp.Results))
resultsRaw := braveResp.Results
results := make([]BraveSearchResult, 0, len(resultsRaw))
for _, r := range resultsRaw {
title, _ := r["title"].(string)
urlStr, _ := r["url"].(string)
desc, _ := r["description"].(string)
lang, _ := r["language"].(string)
pubDate, _ := r["published_date"].(string)
if pubDate == "" {
pubDate, _ = r["page_age"].(string)
}
results = append(results, BraveSearchResult{
Title: title,
URL: urlStr,
Description: desc,
PublishedDate: pubDate,
Language: lang,
})
}
original := braveResp.Query.Original
display := braveResp.Query.Display
if original == "" {
original = req.Query
}
if display == "" {
display = req.Query
}
c.JSON(http.StatusOK, gin.H{
"results": results,
"query": gin.H{
"original": original,
"display": display,
},
"count": len(results),
})
return
}
original := braveResp.Query.Original
display := braveResp.Query.Display
if original == "" {
original = req.Query
}
if display == "" {
display = req.Query
}
// Use the configured provider
if searchSettings.SearchAPIProvider == "brave" {
apiKey := searchSettings.BraveAPIKey
if apiKey == "" {
c.JSON(http.StatusInternalServerError, gin.H{"error": "Brave API key not configured"})
return
}
c.JSON(http.StatusOK, gin.H{
"results": results,
"query": gin.H{
"original": original,
"display": display,
},
"count": len(results),
})
baseURL := "https://api.search.brave.com/res/v1/news/search"
q := url.Values{}
q.Set("q", req.Query)
q.Set("count", fmt.Sprint(req.Count))
endpoint := fmt.Sprintf("%s?%s", baseURL, q.Encode())
reqHTTP, err := http.NewRequest(http.MethodGet, endpoint, nil)
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to create Brave request"})
return
}
reqHTTP.Header.Set("Accept", "application/json")
reqHTTP.Header.Set("X-Subscription-Token", apiKey)
resp, err := http.DefaultClient.Do(reqHTTP)
if err != nil {
c.JSON(http.StatusBadGateway, gin.H{"error": "Failed to contact Brave News API"})
return
}
if resp.StatusCode != http.StatusOK {
resp.Body.Close()
c.JSON(http.StatusBadGateway, gin.H{"error": fmt.Sprintf("Brave News API error: %d", resp.StatusCode)})
return
}
// Read the response body for debugging
bodyBytes, err := io.ReadAll(resp.Body)
resp.Body.Close()
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to read response body"})
return
}
fmt.Printf("DEBUG: Raw Brave News API response: %s\n", string(bodyBytes))
var braveResp BraveNewsResponse
if err := json.NewDecoder(bytes.NewReader(bodyBytes)).Decode(&braveResp); err != nil {
fmt.Printf("DEBUG: JSON decode error: %v\n", err)
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to decode Brave news response"})
return
}
// Debug logging
fmt.Printf("DEBUG: Parsed BraveNewsResponse: %+v\n", braveResp)
fmt.Printf("DEBUG: Number of results: %d\n", len(braveResp.Results))
resultsRaw := braveResp.Results
results := make([]BraveSearchResult, 0, len(resultsRaw))
for _, r := range resultsRaw {
title, _ := r["title"].(string)
urlStr, _ := r["url"].(string)
desc, _ := r["description"].(string)
lang, _ := r["language"].(string)
pubDate, _ := r["published_date"].(string)
if pubDate == "" {
pubDate, _ = r["page_age"].(string)
}
results = append(results, BraveSearchResult{
Title: title,
URL: urlStr,
Description: desc,
PublishedDate: pubDate,
Language: lang,
})
}
original := braveResp.Query.Original
display := braveResp.Query.Display
if original == "" {
original = req.Query
}
if display == "" {
display = req.Query
}
c.JSON(http.StatusOK, gin.H{
"results": results,
"query": gin.H{
"original": original,
"display": display,
},
"count": len(results),
})
} else if searchSettings.SearchAPIProvider == "serper" {
// TODO: Implement Serper API integration for news
c.JSON(http.StatusNotImplemented, gin.H{"error": "Serper API integration not yet implemented"})
} else {
c.JSON(http.StatusBadRequest, gin.H{"error": "No valid search API provider configured. Please configure a search API provider in settings."})
}
}
// GetSearchSuggestions handles GET /api/v1/search/suggestions
backend/handlers/search_settings.go
+184
View File
@@ -0,0 +1,184 @@
package handlers
import (
"net/http"
"os"
"strconv"
"github.com/gin-gonic/gin"
"github.com/trackeep/backend/models"
)
// SearchSettings represents search API configuration
type SearchSettings struct {
BraveAPIKey string `json:"brave_api_key"`
BraveSearchBaseURL string `json:"brave_search_base_url"`
SerperAPIKey string `json:"serper_api_key"`
SerperBaseURL string `json:"serper_base_url"`
SearchAPIProvider string `json:"search_api_provider"`
SearchResultsLimit int `json:"search_results_limit"`
SearchCacheTTL int `json:"search_cache_ttl"`
SearchRateLimit int `json:"search_rate_limit"`
}
// GetSearchSettings handles GET /api/v1/auth/search/settings
func GetSearchSettings(c *gin.Context) {
userID := c.GetInt("user_id")
// Get settings from database
settings, err := models.GetUserSearchSettings(uint(userID))
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to get settings"})
return
}
// Convert to response format
response := SearchSettings{
BraveSearchBaseURL: settings.BraveSearchBaseURL,
SerperBaseURL: settings.SerperBaseURL,
SearchAPIProvider: settings.SearchAPIProvider,
SearchResultsLimit: settings.SearchResultsLimit,
SearchCacheTTL: settings.SearchCacheTTL,
SearchRateLimit: settings.SearchRateLimit,
}
// Mask API keys for security
if settings.BraveAPIKey != "" && len(settings.BraveAPIKey) > 8 {
response.BraveAPIKey = settings.BraveAPIKey[:4] + "********" + settings.BraveAPIKey[len(settings.BraveAPIKey)-4:]
}
if settings.SerperAPIKey != "" && len(settings.SerperAPIKey) > 8 {
response.SerperAPIKey = settings.SerperAPIKey[:4] + "********" + settings.SerperAPIKey[len(settings.SerperAPIKey)-4:]
}
c.JSON(http.StatusOK, response)
}
// UpdateSearchSettings handles PUT /api/v1/auth/search/settings
func UpdateSearchSettings(c *gin.Context) {
userID := c.GetInt("user_id")
var newSettings SearchSettings
if err := c.ShouldBindJSON(&newSettings); err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
return
}
// Get existing settings to preserve API keys if they're masked
existingSettings, err := models.GetUserSearchSettings(uint(userID))
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to get existing settings"})
return
}
// Check if API keys are masked and preserve existing values
if len(newSettings.BraveAPIKey) > 8 && newSettings.BraveAPIKey[4:12] == "********" {
newSettings.BraveAPIKey = existingSettings.BraveAPIKey
}
if len(newSettings.SerperAPIKey) > 8 && newSettings.SerperAPIKey[4:12] == "********" {
newSettings.SerperAPIKey = existingSettings.SerperAPIKey
}
// Update model
updatedSettings := &models.UserSearchSettings{
BraveAPIKey: newSettings.BraveAPIKey,
BraveSearchBaseURL: newSettings.BraveSearchBaseURL,
SerperAPIKey: newSettings.SerperAPIKey,
SerperBaseURL: newSettings.SerperBaseURL,
SearchAPIProvider: newSettings.SearchAPIProvider,
SearchResultsLimit: newSettings.SearchResultsLimit,
SearchCacheTTL: newSettings.SearchCacheTTL,
SearchRateLimit: newSettings.SearchRateLimit,
}
// Save to database
err = models.SaveUserSearchSettings(uint(userID), updatedSettings)
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to save settings"})
return
}
// Return masked settings for consistency
GetSearchSettings(c)
}
// GetTestSearchSettings handles GET /api/v1/test-search-settings (for demo mode)
func GetTestSearchSettings(c *gin.Context) {
settings := getDefaultSearchSettings()
// Mask API keys for security
if settings.BraveAPIKey != "" && len(settings.BraveAPIKey) > 8 {
settings.BraveAPIKey = settings.BraveAPIKey[:4] + "********" + settings.BraveAPIKey[len(settings.BraveAPIKey)-4:]
}
if settings.SerperAPIKey != "" && len(settings.SerperAPIKey) > 8 {
settings.SerperAPIKey = settings.SerperAPIKey[:4] + "********" + settings.SerperAPIKey[len(settings.SerperAPIKey)-4:]
}
c.JSON(http.StatusOK, settings)
}
// GetSearchSettingsForAPI returns unmasked search settings for internal API use
func GetSearchSettingsForAPI(userID int) (SearchSettings, error) {
settings, err := models.GetUserSearchSettings(uint(userID))
if err != nil {
// Return default settings if error
defaultSettings := getDefaultSearchSettings()
return defaultSettings, nil
}
return SearchSettings{
BraveAPIKey: settings.BraveAPIKey,
BraveSearchBaseURL: settings.BraveSearchBaseURL,
SerperAPIKey: settings.SerperAPIKey,
SerperBaseURL: settings.SerperBaseURL,
SearchAPIProvider: settings.SearchAPIProvider,
SearchResultsLimit: settings.SearchResultsLimit,
SearchCacheTTL: settings.SearchCacheTTL,
SearchRateLimit: settings.SearchRateLimit,
}, nil
}
func getDefaultSearchSettings() SearchSettings {
return SearchSettings{
BraveAPIKey: getEnvWithDefault("BRAVE_API_KEY", "BSAw0HNI1v3rKmXlSTr0C_UfZDjw7fT"),
BraveSearchBaseURL: getEnvWithDefault("BRAVE_SEARCH_BASE_URL", "https://api.search.brave.com/res/v1/web/search"),
SerperAPIKey: getEnvWithDefault("SERPER_API_KEY", "6f1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6e7f8a9b0c1d2e3f4a5b6c7d8e9f0a1b2"),
SerperBaseURL: getEnvWithDefault("SERPER_BASE_URL", "https://google.serper.dev/search"),
SearchAPIProvider: getEnvWithDefault("SEARCH_API_PROVIDER", "brave"),
SearchResultsLimit: getIntEnvWithDefault("SEARCH_RESULTS_LIMIT", 10),
SearchCacheTTL: getIntEnvWithDefault("SEARCH_CACHE_TTL", 300),
SearchRateLimit: getIntEnvWithDefault("SEARCH_RATE_LIMIT", 100),
}
}
func getEnvWithDefault(key, defaultValue string) string {
if value := os.Getenv(key); value != "" {
return value
}
return defaultValue
}
func getIntEnvWithDefault(key string, defaultValue int) int {
value := os.Getenv(key)
if value == "" {
return defaultValue
}
if intValue, err := strconv.Atoi(value); err == nil {
return intValue
}
return defaultValue
}
func getBoolEnvWithDefault(key string, defaultValue bool) bool {
value := os.Getenv(key)
if value == "" {
return defaultValue
}
if value == "true" || value == "1" {
return true
}
return false
}
backend/handlers/two_factor.go
+13 -4
View File
@@ -6,6 +6,7 @@ import (
"crypto/cipher"
"crypto/rand"
"encoding/base64"
"encoding/hex"
"encoding/json"
"fmt"
"image/png"
@@ -60,9 +61,13 @@ type TOTPLoginRequest struct {
// encrypt encrypts text using AES-GCM
func encrypt(plaintext string) (string, error) {
key := []byte(os.Getenv("ENCRYPTION_KEY"))
keyHex := strings.TrimSpace(os.Getenv("JWT_SECRET"))
key, err := hex.DecodeString(keyHex)
if err != nil {
return "", fmt.Errorf("failed to decode JWT secret for encryption: %v", err)
}
if len(key) != 32 {
return "", fmt.Errorf("encryption key must be 32 bytes")
return "", fmt.Errorf("JWT secret must be 32 bytes when decoded, got %d", len(key))
}
block, err := aes.NewCipher(key)
@@ -86,9 +91,13 @@ func encrypt(plaintext string) (string, error) {
// decrypt decrypts text using AES-GCM
func decrypt(ciphertext string) (string, error) {
key := []byte(os.Getenv("ENCRYPTION_KEY"))
keyHex := strings.TrimSpace(os.Getenv("JWT_SECRET"))
key, err := hex.DecodeString(keyHex)
if err != nil {
return "", fmt.Errorf("failed to decode JWT secret for encryption: %v", err)
}
if len(key) != 32 {
return "", fmt.Errorf("encryption key must be 32 bytes")
return "", fmt.Errorf("JWT secret must be 32 bytes when decoded, got %d", len(key))
}
block, err := aes.NewCipher(key)
backend/handlers/update_settings.go
+99
View File
@@ -0,0 +1,99 @@
package handlers
import (
"net/http"
"github.com/gin-gonic/gin"
"github.com/trackeep/backend/models"
)
// UpdateSettings represents update and OAuth configuration
type UpdateSettings struct {
OAuthServiceURL string `json:"oauth_service_url"`
AutoUpdateCheck bool `json:"auto_update_check"`
UpdateCheckInterval string `json:"update_check_interval"`
PrereleaseUpdates bool `json:"prerelease_updates"`
}
// GetUpdateSettings handles GET /api/v1/auth/update/settings
func GetUpdateSettings(c *gin.Context) {
userID := c.GetInt("user_id")
// Get settings from database
settings, err := models.GetUserUpdateSettings(uint(userID))
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to get settings"})
return
}
// Convert to response format
response := UpdateSettings{
OAuthServiceURL: settings.OAuthServiceURL,
AutoUpdateCheck: settings.AutoUpdateCheck,
UpdateCheckInterval: settings.UpdateCheckInterval,
PrereleaseUpdates: settings.PrereleaseUpdates,
}
c.JSON(http.StatusOK, response)
}
// UpdateUpdateSettings handles PUT /api/v1/auth/update/settings
func UpdateUpdateSettings(c *gin.Context) {
userID := c.GetInt("user_id")
var newSettings UpdateSettings
if err := c.ShouldBindJSON(&newSettings); err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
return
}
// Update model
updatedSettings := &models.UserUpdateSettings{
OAuthServiceURL: newSettings.OAuthServiceURL,
AutoUpdateCheck: newSettings.AutoUpdateCheck,
UpdateCheckInterval: newSettings.UpdateCheckInterval,
PrereleaseUpdates: newSettings.PrereleaseUpdates,
}
// Save to database
err := models.SaveUserUpdateSettings(uint(userID), updatedSettings)
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to save settings"})
return
}
// Return updated settings
GetUpdateSettings(c)
}
// GetTestUpdateSettings handles GET /api/v1/test-update-settings (for demo mode)
func GetTestUpdateSettings(c *gin.Context) {
settings := getDefaultUpdateSettings()
c.JSON(http.StatusOK, settings)
}
// GetUpdateSettingsForAPI returns update settings for internal API use
func GetUpdateSettingsForAPI(userID int) (UpdateSettings, error) {
settings, err := models.GetUserUpdateSettings(uint(userID))
if err != nil {
// Return default settings if error
defaultSettings := getDefaultUpdateSettings()
return defaultSettings, nil
}
return UpdateSettings{
OAuthServiceURL: settings.OAuthServiceURL,
AutoUpdateCheck: settings.AutoUpdateCheck,
UpdateCheckInterval: settings.UpdateCheckInterval,
PrereleaseUpdates: settings.PrereleaseUpdates,
}, nil
}
func getDefaultUpdateSettings() UpdateSettings {
return UpdateSettings{
OAuthServiceURL: getEnvWithDefault("OAUTH_SERVICE_URL", "https://oauth.tdvorak.dev"),
AutoUpdateCheck: getBoolEnvWithDefault("AUTO_UPDATE_CHECK", false),
UpdateCheckInterval: getEnvWithDefault("UPDATE_CHECK_INTERVAL", "24h"),
PrereleaseUpdates: getBoolEnvWithDefault("PRERELEASE_UPDATES", false),
}
}
backend/handlers/updates.go
+181 -25
View File
@@ -4,6 +4,7 @@ import (
"archive/zip"
"crypto/sha256"
"encoding/hex"
"encoding/json"
"fmt"
"io"
"log"
@@ -66,33 +67,48 @@ func init() {
}
}
// getCurrentVersion reads the current version from frontend/package.json
func getCurrentVersion() string {
// Try to read from frontend/package.json first
packageJsonPath := "frontend/package.json"
if content, err := os.ReadFile(packageJsonPath); err == nil {
var packageJson struct {
Version string `json:"version"`
}
if err := json.Unmarshal(content, &packageJson); err == nil && packageJson.Version != "" {
log.Printf("Found version in frontend/package.json: %s", packageJson.Version)
return packageJson.Version
}
}
// Fallback to backend/go.mod
goModPath := "go.mod"
if content, err := os.ReadFile(goModPath); err == nil {
lines := strings.Split(string(content), "\n")
for _, line := range lines {
if strings.Contains(line, "module ") {
// Extract version from module path or use a default
// For now, return a default version
log.Printf("Using fallback version from go.mod")
return "1.2.5"
}
}
}
// Final fallback
log.Printf("Using default version - could not detect from source files")
return "1.2.5"
}
// CheckForUpdates checks if a new version is available using Docker registry
func CheckForUpdates(c *gin.Context) {
updateMutex.Lock()
defer updateMutex.Unlock()
// Get current version from go.mod
currentVersion := "1.2.5"
// Get current version from frontend/package.json
currentVersion := getCurrentVersion()
// Try to read from go.mod if running in development
if _, err := os.Stat("go.mod"); err == nil {
if content, err := os.ReadFile("go.mod"); err == nil {
lines := strings.Split(string(content), "\n")
for _, line := range lines {
if strings.Contains(line, "go ") && strings.Contains(line, "1.2.5") {
// Extract version from go.mod
parts := strings.Fields(line)
if len(parts) >= 2 {
currentVersion = strings.TrimSpace(parts[1])
log.Printf("Found version in go.mod: %s", currentVersion)
break
}
}
}
}
}
log.Printf("Checking for updates using Docker registry (current version: %s)", currentVersion)
log.Printf("Checking for updates using GitHub releases (current version: %s)", currentVersion)
// Check for updates using Docker registry
updateInfo, updateAvailable, err := checkForUpdatesWithDocker(currentVersion)
@@ -109,14 +125,20 @@ func CheckForUpdates(c *gin.Context) {
currentUpdate = updateInfo
updateProgress.Available = true
} else {
currentUpdate = nil
// Still preserve updateInfo for displaying latest version, but mark as no update available
currentUpdate = updateInfo
updateProgress.Available = false
}
latestVersion := ""
if updateInfo != nil {
latestVersion = updateInfo.Version
}
c.JSON(http.StatusOK, gin.H{
"updateAvailable": updateAvailable,
"currentVersion": currentVersion,
"latestVersion": updateInfo.Version,
"latestVersion": latestVersion,
"updateInfo": currentUpdate,
})
}
@@ -167,8 +189,142 @@ func UpdateProgressWebSocket(c *gin.Context) {
})
}
// checkForUpdatesWithDocker checks for updates using Docker registry
// checkForUpdatesWithDocker checks for updates using GitHub releases
func checkForUpdatesWithDocker(currentVersion string) (*UpdateInfo, bool, error) {
log.Printf("Checking for updates (current version: %s)", currentVersion)
// Get latest release from GitHub
latestRelease, err := getLatestGitHubRelease()
if err != nil {
log.Printf("Failed to get latest release from GitHub: %v", err)
// Fallback to Docker registry check
return checkForUpdatesWithDockerRegistry(currentVersion)
}
log.Printf("Latest release from GitHub: %s", latestRelease.Version)
// Compare versions
if isNewerVersion(latestRelease.Version, currentVersion) {
log.Printf("Update available: %s -> %s", currentVersion, latestRelease.Version)
return latestRelease, true, nil
}
log.Printf("No updates available - current version %s is latest", currentVersion)
return latestRelease, false, nil
}
// getLatestGitHubRelease fetches the latest release from GitHub API
func getLatestGitHubRelease() (*UpdateInfo, error) {
client := &http.Client{Timeout: 10 * time.Second}
url := "https://api.github.com/repos/Dvorinka/Trackeep/releases/latest"
resp, err := client.Get(url)
if err != nil {
return nil, fmt.Errorf("failed to fetch release: %w", err)
}
defer resp.Body.Close()
if resp.StatusCode != http.StatusOK {
return nil, fmt.Errorf("GitHub API returned status %d", resp.StatusCode)
}
// Parse JSON response
var release struct {
TagName string `json:"tag_name"`
Name string `json:"name"`
Body string `json:"body"`
PublishedAt string `json:"published_at"`
Prerelease bool `json:"prerelease"`
Draft bool `json:"draft"`
}
if err := json.NewDecoder(resp.Body).Decode(&release); err != nil {
return nil, fmt.Errorf("failed to decode release JSON: %w", err)
}
// Skip drafts and prereleases unless specifically allowed
if release.Draft {
return nil, fmt.Errorf("latest release is a draft")
}
// Check if prereleases are allowed
allowPrerelease := os.Getenv("PRERELEASE_UPDATES") == "true"
if release.Prerelease && !allowPrerelease {
// Try to get latest non-prerelease
return getLatestStableRelease()
}
// Clean version (remove 'v' prefix if present)
version := strings.TrimPrefix(release.TagName, "v")
updateInfo := &UpdateInfo{
Version: version,
ReleaseNotes: release.Body,
DownloadURL: "", // Docker images don't need download URL
Mandatory: false,
Size: "Docker images",
Checksum: "",
PublishedAt: release.PublishedAt,
Prerelease: release.Prerelease,
}
return updateInfo, nil
}
// getLatestStableRelease gets the latest stable (non-prerelease) release
func getLatestStableRelease() (*UpdateInfo, error) {
client := &http.Client{Timeout: 10 * time.Second}
url := "https://api.github.com/repos/Dvorinka/Trackeep/releases"
resp, err := client.Get(url)
if err != nil {
return nil, fmt.Errorf("failed to fetch releases: %w", err)
}
defer resp.Body.Close()
if resp.StatusCode != http.StatusOK {
return nil, fmt.Errorf("GitHub API returned status %d", resp.StatusCode)
}
// Parse JSON response
var releases []struct {
TagName string `json:"tag_name"`
Name string `json:"name"`
Body string `json:"body"`
PublishedAt string `json:"published_at"`
Prerelease bool `json:"prerelease"`
Draft bool `json:"draft"`
}
if err := json.NewDecoder(resp.Body).Decode(&releases); err != nil {
return nil, fmt.Errorf("failed to decode releases JSON: %w", err)
}
// Find first stable (non-prerelease, non-draft) release
for _, release := range releases {
if !release.Draft && !release.Prerelease {
version := strings.TrimPrefix(release.TagName, "v")
updateInfo := &UpdateInfo{
Version: version,
ReleaseNotes: release.Body,
DownloadURL: "",
Mandatory: false,
Size: "Docker images",
Checksum: "",
PublishedAt: release.PublishedAt,
Prerelease: false,
}
return updateInfo, nil
}
}
return nil, fmt.Errorf("no stable releases found")
}
// checkForUpdatesWithDockerRegistry fallback method using Docker registry
func checkForUpdatesWithDockerRegistry(currentVersion string) (*UpdateInfo, bool, error) {
// Define images to check (using latest)
backendImage := "ghcr.io/dvorinka/trackeep/backend:latest"
frontendImage := "ghcr.io/dvorinka/trackeep/frontend:latest"
@@ -348,7 +504,7 @@ func updateWithDockerCompose() error {
// Check if production docker-compose file exists
composeFile := "docker-compose.prod.yml"
if _, err := os.Stat(composeFile); err != nil {
return fmt.Errorf("production docker-compose.yml not found")
return fmt.Errorf("production docker-compose file not found")
}
// Use docker compose command directly (assuming Docker is available on host)