drexa/drive
1
0
Fork 0
mirror of https://github.com/get-drexa/drive.git synced 2026-02-03 01:01:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor: initial frontend wiring for new api

Browse Source
This commit is contained in:
Kenneth
2025-12-15 00:13:10 +00:00
parent 528aa943fa
commit 05edf69ca7
63 changed files with 1876 additions and 1991 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
apps/backend/internal/drexa/config.go
View File

@@ -28,6 +28,7 @@ type Config struct {
JWT JWTConfig `yaml:"jwt"`
Storage StorageConfig `yaml:"storage"`
Cookie CookieConfig `yaml:"cookie"`
CORS CORSConfig `yaml:"cors"`
}
type ServerConfig struct {
@@ -55,9 +56,20 @@ type StorageConfig struct {
// CookieConfig controls auth cookie behavior.
// Domain is optional - only needed for cross-subdomain setups (e.g., "app.com" for web.app.com + api.app.com).
// Secure flag is derived from the request protocol automatically.
// Secure flag is derived from the request protocol automatically, unless explicitly set.
type CookieConfig struct {
Domain string `yaml:"domain"`
Secure *bool `yaml:"secure"`
}
// CORSConfig controls Cross-Origin Resource Sharing behavior.
// AllowOrigins specifies which origins are allowed to make cross-origin requests.
// If empty, CORS will allow all origins (not recommended for production).
// AllowCredentials enables sending credentials (cookies, authorization headers) in cross-origin requests.
// This should be true when using cookies for authentication in cross-domain setups.
type CORSConfig struct {
AllowOrigins []string `yaml:"allow_origins"`
AllowCredentials bool `yaml:"allow_credentials"`
}
// ConfigFromFile loads configuration from a YAML file.
@@ -159,5 +171,10 @@ func (c *Config) Validate() []error {
}
}
// CORS validation
if c.CORS.AllowCredentials && len(c.CORS.AllowOrigins) == 0 {
errs = append(errs, errors.New("cors.allow_origins is required when cors.allow_credentials is true (cannot use wildcard '*' with credentials)"))
}
return errs
}

13
apps/backend/internal/drexa/server.go
View File

@@ -3,6 +3,7 @@ package drexa
import (
"context"
"fmt"
"strings"
"github.com/get-drexa/drexa/internal/account"
"github.com/get-drexa/drexa/internal/auth"
@@ -14,6 +15,7 @@ import (
"github.com/get-drexa/drexa/internal/user"
"github.com/get-drexa/drexa/internal/virtualfs"
"github.com/gofiber/fiber/v2"
"github.com/gofiber/fiber/v2/middleware/cors"
"github.com/gofiber/fiber/v2/middleware/logger"
"github.com/uptrace/bun"
"github.com/uptrace/bun/extra/bundebug"
@@ -44,6 +46,16 @@ func NewServer(c Config) (*Server, error) {
})
app.Use(logger.New())
// Configure CORS middleware
corsConfig := cors.Config{
AllowOrigins: "",
AllowCredentials: c.CORS.AllowCredentials,
}
if len(c.CORS.AllowOrigins) > 0 {
corsConfig.AllowOrigins = strings.Join(c.CORS.AllowOrigins, ",")
}
app.Use(cors.New(corsConfig))
db := database.NewFromPostgres(c.Database.PostgresURL)
db.AddQueryHook(bundebug.NewQueryHook(bundebug.WithVerbose(true)))
@@ -92,6 +104,7 @@ func NewServer(c Config) (*Server, error) {
cookieConfig := auth.CookieConfig{
Domain: c.Cookie.Domain,
Secure: c.Cookie.Secure,
}
authMiddleware := auth.NewAuthMiddleware(authService, db, cookieConfig)