mirror of
https://github.com/memohai/Memoh.git
synced 2026-04-27 07:16:19 +09:00
Ran
6acdd191c7
commit bcdb026ae43e4f95d0b2c4f9bd440a2df9d6b514 Author: Ran <16112591+chen-ran@users.noreply.github.com> Date: Thu Feb 12 17:10:32 2026 +0800 chore: update DEVELOPMENT.md commit30281742efMerge:ca5c6a15b05f13Author: BBQ <bbq@BBQdeMacBook-Air.local> Date: Thu Feb 12 15:49:17 2026 +0800 merge(github/main): integrate fx dependency injection framework Merge upstream fx refactor and adapt all services to use go.uber.org/fx for dependency injection. Resolve conflicts in main.go, server.go, and service constructors while preserving our domain model changes. - Fix telegram adapter panic on shutdown (double close channel) - Fix feishu adapter processing messages after stop - Increase directory lookup timeout from 2s to 5s commitca5c6a1866Author: BBQ <bbq@BBQdeMacBook-Air.local> Date: Thu Feb 12 15:33:09 2026 +0800 refactor(core): restructure conversation, channel and message domains - Rename chat module to conversation with flow-based architecture - Move channelidentities into channel/identities subpackage - Add channel/route for routing logic - Add message service with event hub - Add MCP providers: container, directory, schedule - Refactor Feishu/Telegram adapters with directory and stream support - Add platform management page and channel badges in web UI - Update database schema for conversations, messages and channel routes - Add @memoh/shared package for cross-package type definitions commit75e2ef0467Merge:d99ba3801cb6c8Author: BBQ <bbq@BBQdeMacBook-Air.local> Date: Thu Feb 12 14:45:49 2026 +0800 merge(github): merge github/main, resolve index.ts URL conflict Keep our defensive absolute-URL check in createAuthFetcher. commitd99ba38b7dMerge:860e20f35ce7d1Author: BBQ <bbq@BBQdeMacBook-Air.local> Date: Thu Feb 12 05:20:18 2026 +0800 merge(github): merge github/main, keep our code and docs/spec commit860e20fe70Author: BBQ <bbq@BBQdeMacBook-Air.local> Date: Wed Feb 11 22:13:27 2026 +0800 docs(docs): add concepts and style guides for VitePress site - Add concepts: identity-and-binding, index (en/zh) - Add style: terminology (en/zh) - Update index and zh/index - Update .vitepress/config.ts commita75fdb8040Author: BBQ <bbq@BBQdeMacBook-Air.local> Date: Wed Feb 11 17:37:16 2026 +0800 refactor(mcp): standardize unified tool gateway on go-sdk Split business executors from federation sources and migrate unified tool/federation transports to the official go-sdk for stricter MCP compliance and safer session lifecycle handling. Add targeted regression tests for accept compatibility, initialization retries, pending cleanup, and include updated swagger artifacts. commit02b33c8e85Author: BBQ <bbq@BBQdeMacBook-Air.local> Date: Wed Feb 11 15:42:21 2026 +0800 refactor(core): finalize user-centric identity and policy cleanup Unify auth and chat identity semantics around user_id, enforce personal-bot owner-only authorization, and remove legacy compatibility branches in integration tests. commit06e8619a37Author: BBQ <bbq@BBQdeMacBook-Air.local> Date: Wed Feb 11 14:47:03 2026 +0800 refactor(core): migrate channel identity and binding across app Align channel identity and bind flow across backend and app-facing layers, including generated swagger artifacts and package lock updates while excluding docs content changes.
106 lines
3.1 KiB
Go
106 lines
3.1 KiB
Go
package handlers
|
|
|
|
import (
|
|
"errors"
|
|
"log/slog"
|
|
"net/http"
|
|
"strings"
|
|
"time"
|
|
|
|
"github.com/labstack/echo/v4"
|
|
|
|
"github.com/memohai/memoh/internal/accounts"
|
|
"github.com/memohai/memoh/internal/auth"
|
|
)
|
|
|
|
type AuthHandler struct {
|
|
accountService *accounts.Service
|
|
jwtSecret string
|
|
expiresIn time.Duration
|
|
logger *slog.Logger
|
|
}
|
|
|
|
type LoginRequest struct {
|
|
Username string `json:"username"`
|
|
Password string `json:"password"`
|
|
}
|
|
|
|
type LoginResponse struct {
|
|
AccessToken string `json:"access_token"`
|
|
TokenType string `json:"token_type"`
|
|
ExpiresAt string `json:"expires_at"`
|
|
UserID string `json:"user_id"`
|
|
Role string `json:"role"`
|
|
DisplayName string `json:"display_name"`
|
|
Username string `json:"username"`
|
|
}
|
|
|
|
func NewAuthHandler(log *slog.Logger, accountService *accounts.Service, jwtSecret string, expiresIn time.Duration) *AuthHandler {
|
|
return &AuthHandler{
|
|
accountService: accountService,
|
|
jwtSecret: jwtSecret,
|
|
expiresIn: expiresIn,
|
|
logger: log.With(slog.String("handler", "auth")),
|
|
}
|
|
}
|
|
|
|
func (h *AuthHandler) Register(e *echo.Echo) {
|
|
e.POST("/auth/login", h.Login)
|
|
}
|
|
|
|
// Login godoc
|
|
// @Summary Login
|
|
// @Description Validate user credentials and issue a JWT
|
|
// @Tags auth
|
|
// @Param payload body LoginRequest true "Login request"
|
|
// @Success 200 {object} LoginResponse
|
|
// @Failure 400 {object} ErrorResponse
|
|
// @Failure 401 {object} ErrorResponse
|
|
// @Failure 500 {object} ErrorResponse
|
|
// @Router /auth/login [post]
|
|
func (h *AuthHandler) Login(c echo.Context) error {
|
|
if h.accountService == nil {
|
|
return echo.NewHTTPError(http.StatusInternalServerError, "user service not configured")
|
|
}
|
|
if strings.TrimSpace(h.jwtSecret) == "" {
|
|
return echo.NewHTTPError(http.StatusInternalServerError, "jwt secret not configured")
|
|
}
|
|
if h.expiresIn <= 0 {
|
|
return echo.NewHTTPError(http.StatusInternalServerError, "jwt expiry not configured")
|
|
}
|
|
|
|
var req LoginRequest
|
|
if err := c.Bind(&req); err != nil {
|
|
return echo.NewHTTPError(http.StatusBadRequest, err.Error())
|
|
}
|
|
req.Username = strings.TrimSpace(req.Username)
|
|
if req.Username == "" || strings.TrimSpace(req.Password) == "" {
|
|
return echo.NewHTTPError(http.StatusBadRequest, "username and password are required")
|
|
}
|
|
|
|
account, err := h.accountService.Login(c.Request().Context(), req.Username, req.Password)
|
|
if err != nil {
|
|
if errors.Is(err, accounts.ErrInvalidCredentials) {
|
|
return echo.NewHTTPError(http.StatusUnauthorized, "invalid credentials")
|
|
}
|
|
if errors.Is(err, accounts.ErrInactiveAccount) {
|
|
return echo.NewHTTPError(http.StatusUnauthorized, "user is inactive")
|
|
}
|
|
return echo.NewHTTPError(http.StatusInternalServerError, err.Error())
|
|
}
|
|
token, expiresAt, err := auth.GenerateToken(account.ID, h.jwtSecret, h.expiresIn)
|
|
if err != nil {
|
|
return echo.NewHTTPError(http.StatusInternalServerError, err.Error())
|
|
}
|
|
|
|
return c.JSON(http.StatusOK, LoginResponse{
|
|
AccessToken: token,
|
|
TokenType: "Bearer",
|
|
ExpiresAt: expiresAt.Format(time.RFC3339),
|
|
UserID: account.ID,
|
|
Username: account.Username,
|
|
Role: account.Role,
|
|
DisplayName: account.DisplayName,
|
|
})
|
|
}
|