feat: 品牌重命名 Sub2API -> TianShuAPI
- 前端: 所有界面显示、i18n 文本、组件中的品牌名称 - 后端: 服务层、设置默认值、邮件模板、安装向导 - 数据库: 迁移脚本注释 - 保持功能完全一致,仅更改品牌名称 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
This commit is contained in:
huangzhenpc
@@ -1,294 +1,294 @@
|
||||
package setup
|
||||
|
||||
import (
|
||||
"bufio"
|
||||
"fmt"
|
||||
"net/mail"
|
||||
"os"
|
||||
"regexp"
|
||||
"strconv"
|
||||
"strings"
|
||||
|
||||
"golang.org/x/term"
|
||||
)
|
||||
|
||||
// CLI input validation functions (matching Web API validation)
|
||||
func cliValidateHostname(host string) bool {
|
||||
validHost := regexp.MustCompile(`^[a-zA-Z0-9.\-:]+$`)
|
||||
return validHost.MatchString(host) && len(host) <= 253
|
||||
}
|
||||
|
||||
func cliValidateDBName(name string) bool {
|
||||
validName := regexp.MustCompile(`^[a-zA-Z][a-zA-Z0-9_]*$`)
|
||||
return validName.MatchString(name) && len(name) <= 63
|
||||
}
|
||||
|
||||
func cliValidateUsername(name string) bool {
|
||||
validName := regexp.MustCompile(`^[a-zA-Z0-9_]+$`)
|
||||
return validName.MatchString(name) && len(name) <= 63
|
||||
}
|
||||
|
||||
func cliValidateEmail(email string) bool {
|
||||
_, err := mail.ParseAddress(email)
|
||||
return err == nil && len(email) <= 254
|
||||
}
|
||||
|
||||
func cliValidatePort(port int) bool {
|
||||
return port > 0 && port <= 65535
|
||||
}
|
||||
|
||||
func cliValidateSSLMode(mode string) bool {
|
||||
validModes := map[string]bool{
|
||||
"disable": true, "require": true, "verify-ca": true, "verify-full": true,
|
||||
}
|
||||
return validModes[mode]
|
||||
}
|
||||
|
||||
// RunCLI runs the CLI setup wizard
|
||||
func RunCLI() error {
|
||||
reader := bufio.NewReader(os.Stdin)
|
||||
|
||||
fmt.Println()
|
||||
fmt.Println("╔═══════════════════════════════════════════╗")
|
||||
fmt.Println("║ Sub2API Installation Wizard ║")
|
||||
fmt.Println("╚═══════════════════════════════════════════╝")
|
||||
fmt.Println()
|
||||
|
||||
cfg := &SetupConfig{
|
||||
Server: ServerConfig{
|
||||
Host: "0.0.0.0",
|
||||
Port: 8080,
|
||||
Mode: "release",
|
||||
},
|
||||
JWT: JWTConfig{
|
||||
ExpireHour: 24,
|
||||
},
|
||||
}
|
||||
|
||||
// Database configuration with validation
|
||||
fmt.Println("── Database Configuration ──")
|
||||
|
||||
for {
|
||||
cfg.Database.Host = promptString(reader, "PostgreSQL Host", "localhost")
|
||||
if cliValidateHostname(cfg.Database.Host) {
|
||||
break
|
||||
}
|
||||
fmt.Println(" Invalid hostname format. Use alphanumeric, dots, hyphens only.")
|
||||
}
|
||||
|
||||
for {
|
||||
cfg.Database.Port = promptInt(reader, "PostgreSQL Port", 5432)
|
||||
if cliValidatePort(cfg.Database.Port) {
|
||||
break
|
||||
}
|
||||
fmt.Println(" Invalid port. Must be between 1 and 65535.")
|
||||
}
|
||||
|
||||
for {
|
||||
cfg.Database.User = promptString(reader, "PostgreSQL User", "postgres")
|
||||
if cliValidateUsername(cfg.Database.User) {
|
||||
break
|
||||
}
|
||||
fmt.Println(" Invalid username. Use alphanumeric and underscores only.")
|
||||
}
|
||||
|
||||
cfg.Database.Password = promptPassword("PostgreSQL Password")
|
||||
|
||||
for {
|
||||
cfg.Database.DBName = promptString(reader, "Database Name", "sub2api")
|
||||
if cliValidateDBName(cfg.Database.DBName) {
|
||||
break
|
||||
}
|
||||
fmt.Println(" Invalid database name. Start with letter, use alphanumeric and underscores.")
|
||||
}
|
||||
|
||||
for {
|
||||
cfg.Database.SSLMode = promptString(reader, "SSL Mode", "disable")
|
||||
if cliValidateSSLMode(cfg.Database.SSLMode) {
|
||||
break
|
||||
}
|
||||
fmt.Println(" Invalid SSL mode. Use: disable, require, verify-ca, or verify-full.")
|
||||
}
|
||||
|
||||
fmt.Println()
|
||||
fmt.Print("Testing database connection... ")
|
||||
if err := TestDatabaseConnection(&cfg.Database); err != nil {
|
||||
fmt.Println("FAILED")
|
||||
return fmt.Errorf("database connection failed: %w", err)
|
||||
}
|
||||
fmt.Println("OK")
|
||||
|
||||
// Redis configuration with validation
|
||||
fmt.Println()
|
||||
fmt.Println("── Redis Configuration ──")
|
||||
|
||||
for {
|
||||
cfg.Redis.Host = promptString(reader, "Redis Host", "localhost")
|
||||
if cliValidateHostname(cfg.Redis.Host) {
|
||||
break
|
||||
}
|
||||
fmt.Println(" Invalid hostname format. Use alphanumeric, dots, hyphens only.")
|
||||
}
|
||||
|
||||
for {
|
||||
cfg.Redis.Port = promptInt(reader, "Redis Port", 6379)
|
||||
if cliValidatePort(cfg.Redis.Port) {
|
||||
break
|
||||
}
|
||||
fmt.Println(" Invalid port. Must be between 1 and 65535.")
|
||||
}
|
||||
|
||||
cfg.Redis.Password = promptPassword("Redis Password (optional)")
|
||||
|
||||
for {
|
||||
cfg.Redis.DB = promptInt(reader, "Redis DB", 0)
|
||||
if cfg.Redis.DB >= 0 && cfg.Redis.DB <= 15 {
|
||||
break
|
||||
}
|
||||
fmt.Println(" Invalid Redis DB. Must be between 0 and 15.")
|
||||
}
|
||||
|
||||
fmt.Println()
|
||||
fmt.Print("Testing Redis connection... ")
|
||||
if err := TestRedisConnection(&cfg.Redis); err != nil {
|
||||
fmt.Println("FAILED")
|
||||
return fmt.Errorf("redis connection failed: %w", err)
|
||||
}
|
||||
fmt.Println("OK")
|
||||
|
||||
// Admin configuration with validation
|
||||
fmt.Println()
|
||||
fmt.Println("── Admin Account ──")
|
||||
|
||||
for {
|
||||
cfg.Admin.Email = promptString(reader, "Admin Email", "admin@example.com")
|
||||
if cliValidateEmail(cfg.Admin.Email) {
|
||||
break
|
||||
}
|
||||
fmt.Println(" Invalid email format.")
|
||||
}
|
||||
|
||||
for {
|
||||
cfg.Admin.Password = promptPassword("Admin Password")
|
||||
// SECURITY: Match Web API requirement of 8 characters minimum
|
||||
if len(cfg.Admin.Password) < 8 {
|
||||
fmt.Println(" Password must be at least 8 characters")
|
||||
continue
|
||||
}
|
||||
if len(cfg.Admin.Password) > 128 {
|
||||
fmt.Println(" Password must be at most 128 characters")
|
||||
continue
|
||||
}
|
||||
confirm := promptPassword("Confirm Password")
|
||||
if cfg.Admin.Password != confirm {
|
||||
fmt.Println(" Passwords do not match")
|
||||
continue
|
||||
}
|
||||
break
|
||||
}
|
||||
|
||||
// Server configuration with validation
|
||||
fmt.Println()
|
||||
fmt.Println("── Server Configuration ──")
|
||||
|
||||
for {
|
||||
cfg.Server.Port = promptInt(reader, "Server Port", 8080)
|
||||
if cliValidatePort(cfg.Server.Port) {
|
||||
break
|
||||
}
|
||||
fmt.Println(" Invalid port. Must be between 1 and 65535.")
|
||||
}
|
||||
|
||||
// Confirm and install
|
||||
fmt.Println()
|
||||
fmt.Println("── Configuration Summary ──")
|
||||
fmt.Printf("Database: %s@%s:%d/%s\n", cfg.Database.User, cfg.Database.Host, cfg.Database.Port, cfg.Database.DBName)
|
||||
fmt.Printf("Redis: %s:%d\n", cfg.Redis.Host, cfg.Redis.Port)
|
||||
fmt.Printf("Admin: %s\n", cfg.Admin.Email)
|
||||
fmt.Printf("Server: :%d\n", cfg.Server.Port)
|
||||
fmt.Println()
|
||||
|
||||
if !promptConfirm(reader, "Proceed with installation?") {
|
||||
fmt.Println("Installation cancelled")
|
||||
return nil
|
||||
}
|
||||
|
||||
fmt.Println()
|
||||
fmt.Print("Installing... ")
|
||||
if err := Install(cfg); err != nil {
|
||||
fmt.Println("FAILED")
|
||||
return err
|
||||
}
|
||||
fmt.Println("OK")
|
||||
|
||||
fmt.Println()
|
||||
fmt.Println("╔═══════════════════════════════════════════╗")
|
||||
fmt.Println("║ Installation Complete! ║")
|
||||
fmt.Println("╚═══════════════════════════════════════════╝")
|
||||
fmt.Println()
|
||||
fmt.Println("Start the server with:")
|
||||
fmt.Println(" ./sub2api")
|
||||
fmt.Println()
|
||||
fmt.Printf("Admin panel: http://localhost:%d\n", cfg.Server.Port)
|
||||
fmt.Println()
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func promptString(reader *bufio.Reader, prompt, defaultVal string) string {
|
||||
if defaultVal != "" {
|
||||
fmt.Printf(" %s [%s]: ", prompt, defaultVal)
|
||||
} else {
|
||||
fmt.Printf(" %s: ", prompt)
|
||||
}
|
||||
|
||||
input, _ := reader.ReadString('\n')
|
||||
input = strings.TrimSpace(input)
|
||||
|
||||
if input == "" {
|
||||
return defaultVal
|
||||
}
|
||||
return input
|
||||
}
|
||||
|
||||
func promptInt(reader *bufio.Reader, prompt string, defaultVal int) int {
|
||||
fmt.Printf(" %s [%d]: ", prompt, defaultVal)
|
||||
|
||||
input, _ := reader.ReadString('\n')
|
||||
input = strings.TrimSpace(input)
|
||||
|
||||
if input == "" {
|
||||
return defaultVal
|
||||
}
|
||||
|
||||
val, err := strconv.Atoi(input)
|
||||
if err != nil {
|
||||
return defaultVal
|
||||
}
|
||||
return val
|
||||
}
|
||||
|
||||
func promptPassword(prompt string) string {
|
||||
fmt.Printf(" %s: ", prompt)
|
||||
|
||||
// Try to read password without echo
|
||||
if term.IsTerminal(int(os.Stdin.Fd())) {
|
||||
password, err := term.ReadPassword(int(os.Stdin.Fd()))
|
||||
fmt.Println()
|
||||
if err == nil {
|
||||
return string(password)
|
||||
}
|
||||
}
|
||||
|
||||
// Fallback to regular input
|
||||
reader := bufio.NewReader(os.Stdin)
|
||||
input, _ := reader.ReadString('\n')
|
||||
return strings.TrimSpace(input)
|
||||
}
|
||||
|
||||
func promptConfirm(reader *bufio.Reader, prompt string) bool {
|
||||
fmt.Printf("%s [y/N]: ", prompt)
|
||||
input, _ := reader.ReadString('\n')
|
||||
input = strings.TrimSpace(strings.ToLower(input))
|
||||
return input == "y" || input == "yes"
|
||||
}
|
||||
package setup
|
||||
|
||||
import (
|
||||
"bufio"
|
||||
"fmt"
|
||||
"net/mail"
|
||||
"os"
|
||||
"regexp"
|
||||
"strconv"
|
||||
"strings"
|
||||
|
||||
"golang.org/x/term"
|
||||
)
|
||||
|
||||
// CLI input validation functions (matching Web API validation)
|
||||
func cliValidateHostname(host string) bool {
|
||||
validHost := regexp.MustCompile(`^[a-zA-Z0-9.\-:]+$`)
|
||||
return validHost.MatchString(host) && len(host) <= 253
|
||||
}
|
||||
|
||||
func cliValidateDBName(name string) bool {
|
||||
validName := regexp.MustCompile(`^[a-zA-Z][a-zA-Z0-9_]*$`)
|
||||
return validName.MatchString(name) && len(name) <= 63
|
||||
}
|
||||
|
||||
func cliValidateUsername(name string) bool {
|
||||
validName := regexp.MustCompile(`^[a-zA-Z0-9_]+$`)
|
||||
return validName.MatchString(name) && len(name) <= 63
|
||||
}
|
||||
|
||||
func cliValidateEmail(email string) bool {
|
||||
_, err := mail.ParseAddress(email)
|
||||
return err == nil && len(email) <= 254
|
||||
}
|
||||
|
||||
func cliValidatePort(port int) bool {
|
||||
return port > 0 && port <= 65535
|
||||
}
|
||||
|
||||
func cliValidateSSLMode(mode string) bool {
|
||||
validModes := map[string]bool{
|
||||
"disable": true, "require": true, "verify-ca": true, "verify-full": true,
|
||||
}
|
||||
return validModes[mode]
|
||||
}
|
||||
|
||||
// RunCLI runs the CLI setup wizard
|
||||
func RunCLI() error {
|
||||
reader := bufio.NewReader(os.Stdin)
|
||||
|
||||
fmt.Println()
|
||||
fmt.Println("╔═══════════════════════════════════════════╗")
|
||||
fmt.Println("║ TianShuAPI Installation Wizard ║")
|
||||
fmt.Println("╚═══════════════════════════════════════════╝")
|
||||
fmt.Println()
|
||||
|
||||
cfg := &SetupConfig{
|
||||
Server: ServerConfig{
|
||||
Host: "0.0.0.0",
|
||||
Port: 8080,
|
||||
Mode: "release",
|
||||
},
|
||||
JWT: JWTConfig{
|
||||
ExpireHour: 24,
|
||||
},
|
||||
}
|
||||
|
||||
// Database configuration with validation
|
||||
fmt.Println("── Database Configuration ──")
|
||||
|
||||
for {
|
||||
cfg.Database.Host = promptString(reader, "PostgreSQL Host", "localhost")
|
||||
if cliValidateHostname(cfg.Database.Host) {
|
||||
break
|
||||
}
|
||||
fmt.Println(" Invalid hostname format. Use alphanumeric, dots, hyphens only.")
|
||||
}
|
||||
|
||||
for {
|
||||
cfg.Database.Port = promptInt(reader, "PostgreSQL Port", 5432)
|
||||
if cliValidatePort(cfg.Database.Port) {
|
||||
break
|
||||
}
|
||||
fmt.Println(" Invalid port. Must be between 1 and 65535.")
|
||||
}
|
||||
|
||||
for {
|
||||
cfg.Database.User = promptString(reader, "PostgreSQL User", "postgres")
|
||||
if cliValidateUsername(cfg.Database.User) {
|
||||
break
|
||||
}
|
||||
fmt.Println(" Invalid username. Use alphanumeric and underscores only.")
|
||||
}
|
||||
|
||||
cfg.Database.Password = promptPassword("PostgreSQL Password")
|
||||
|
||||
for {
|
||||
cfg.Database.DBName = promptString(reader, "Database Name", "sub2api")
|
||||
if cliValidateDBName(cfg.Database.DBName) {
|
||||
break
|
||||
}
|
||||
fmt.Println(" Invalid database name. Start with letter, use alphanumeric and underscores.")
|
||||
}
|
||||
|
||||
for {
|
||||
cfg.Database.SSLMode = promptString(reader, "SSL Mode", "disable")
|
||||
if cliValidateSSLMode(cfg.Database.SSLMode) {
|
||||
break
|
||||
}
|
||||
fmt.Println(" Invalid SSL mode. Use: disable, require, verify-ca, or verify-full.")
|
||||
}
|
||||
|
||||
fmt.Println()
|
||||
fmt.Print("Testing database connection... ")
|
||||
if err := TestDatabaseConnection(&cfg.Database); err != nil {
|
||||
fmt.Println("FAILED")
|
||||
return fmt.Errorf("database connection failed: %w", err)
|
||||
}
|
||||
fmt.Println("OK")
|
||||
|
||||
// Redis configuration with validation
|
||||
fmt.Println()
|
||||
fmt.Println("── Redis Configuration ──")
|
||||
|
||||
for {
|
||||
cfg.Redis.Host = promptString(reader, "Redis Host", "localhost")
|
||||
if cliValidateHostname(cfg.Redis.Host) {
|
||||
break
|
||||
}
|
||||
fmt.Println(" Invalid hostname format. Use alphanumeric, dots, hyphens only.")
|
||||
}
|
||||
|
||||
for {
|
||||
cfg.Redis.Port = promptInt(reader, "Redis Port", 6379)
|
||||
if cliValidatePort(cfg.Redis.Port) {
|
||||
break
|
||||
}
|
||||
fmt.Println(" Invalid port. Must be between 1 and 65535.")
|
||||
}
|
||||
|
||||
cfg.Redis.Password = promptPassword("Redis Password (optional)")
|
||||
|
||||
for {
|
||||
cfg.Redis.DB = promptInt(reader, "Redis DB", 0)
|
||||
if cfg.Redis.DB >= 0 && cfg.Redis.DB <= 15 {
|
||||
break
|
||||
}
|
||||
fmt.Println(" Invalid Redis DB. Must be between 0 and 15.")
|
||||
}
|
||||
|
||||
fmt.Println()
|
||||
fmt.Print("Testing Redis connection... ")
|
||||
if err := TestRedisConnection(&cfg.Redis); err != nil {
|
||||
fmt.Println("FAILED")
|
||||
return fmt.Errorf("redis connection failed: %w", err)
|
||||
}
|
||||
fmt.Println("OK")
|
||||
|
||||
// Admin configuration with validation
|
||||
fmt.Println()
|
||||
fmt.Println("── Admin Account ──")
|
||||
|
||||
for {
|
||||
cfg.Admin.Email = promptString(reader, "Admin Email", "admin@example.com")
|
||||
if cliValidateEmail(cfg.Admin.Email) {
|
||||
break
|
||||
}
|
||||
fmt.Println(" Invalid email format.")
|
||||
}
|
||||
|
||||
for {
|
||||
cfg.Admin.Password = promptPassword("Admin Password")
|
||||
// SECURITY: Match Web API requirement of 8 characters minimum
|
||||
if len(cfg.Admin.Password) < 8 {
|
||||
fmt.Println(" Password must be at least 8 characters")
|
||||
continue
|
||||
}
|
||||
if len(cfg.Admin.Password) > 128 {
|
||||
fmt.Println(" Password must be at most 128 characters")
|
||||
continue
|
||||
}
|
||||
confirm := promptPassword("Confirm Password")
|
||||
if cfg.Admin.Password != confirm {
|
||||
fmt.Println(" Passwords do not match")
|
||||
continue
|
||||
}
|
||||
break
|
||||
}
|
||||
|
||||
// Server configuration with validation
|
||||
fmt.Println()
|
||||
fmt.Println("── Server Configuration ──")
|
||||
|
||||
for {
|
||||
cfg.Server.Port = promptInt(reader, "Server Port", 8080)
|
||||
if cliValidatePort(cfg.Server.Port) {
|
||||
break
|
||||
}
|
||||
fmt.Println(" Invalid port. Must be between 1 and 65535.")
|
||||
}
|
||||
|
||||
// Confirm and install
|
||||
fmt.Println()
|
||||
fmt.Println("── Configuration Summary ──")
|
||||
fmt.Printf("Database: %s@%s:%d/%s\n", cfg.Database.User, cfg.Database.Host, cfg.Database.Port, cfg.Database.DBName)
|
||||
fmt.Printf("Redis: %s:%d\n", cfg.Redis.Host, cfg.Redis.Port)
|
||||
fmt.Printf("Admin: %s\n", cfg.Admin.Email)
|
||||
fmt.Printf("Server: :%d\n", cfg.Server.Port)
|
||||
fmt.Println()
|
||||
|
||||
if !promptConfirm(reader, "Proceed with installation?") {
|
||||
fmt.Println("Installation cancelled")
|
||||
return nil
|
||||
}
|
||||
|
||||
fmt.Println()
|
||||
fmt.Print("Installing... ")
|
||||
if err := Install(cfg); err != nil {
|
||||
fmt.Println("FAILED")
|
||||
return err
|
||||
}
|
||||
fmt.Println("OK")
|
||||
|
||||
fmt.Println()
|
||||
fmt.Println("╔═══════════════════════════════════════════╗")
|
||||
fmt.Println("║ Installation Complete! ║")
|
||||
fmt.Println("╚═══════════════════════════════════════════╝")
|
||||
fmt.Println()
|
||||
fmt.Println("Start the server with:")
|
||||
fmt.Println(" ./sub2api")
|
||||
fmt.Println()
|
||||
fmt.Printf("Admin panel: http://localhost:%d\n", cfg.Server.Port)
|
||||
fmt.Println()
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func promptString(reader *bufio.Reader, prompt, defaultVal string) string {
|
||||
if defaultVal != "" {
|
||||
fmt.Printf(" %s [%s]: ", prompt, defaultVal)
|
||||
} else {
|
||||
fmt.Printf(" %s: ", prompt)
|
||||
}
|
||||
|
||||
input, _ := reader.ReadString('\n')
|
||||
input = strings.TrimSpace(input)
|
||||
|
||||
if input == "" {
|
||||
return defaultVal
|
||||
}
|
||||
return input
|
||||
}
|
||||
|
||||
func promptInt(reader *bufio.Reader, prompt string, defaultVal int) int {
|
||||
fmt.Printf(" %s [%d]: ", prompt, defaultVal)
|
||||
|
||||
input, _ := reader.ReadString('\n')
|
||||
input = strings.TrimSpace(input)
|
||||
|
||||
if input == "" {
|
||||
return defaultVal
|
||||
}
|
||||
|
||||
val, err := strconv.Atoi(input)
|
||||
if err != nil {
|
||||
return defaultVal
|
||||
}
|
||||
return val
|
||||
}
|
||||
|
||||
func promptPassword(prompt string) string {
|
||||
fmt.Printf(" %s: ", prompt)
|
||||
|
||||
// Try to read password without echo
|
||||
if term.IsTerminal(int(os.Stdin.Fd())) {
|
||||
password, err := term.ReadPassword(int(os.Stdin.Fd()))
|
||||
fmt.Println()
|
||||
if err == nil {
|
||||
return string(password)
|
||||
}
|
||||
}
|
||||
|
||||
// Fallback to regular input
|
||||
reader := bufio.NewReader(os.Stdin)
|
||||
input, _ := reader.ReadString('\n')
|
||||
return strings.TrimSpace(input)
|
||||
}
|
||||
|
||||
func promptConfirm(reader *bufio.Reader, prompt string) bool {
|
||||
fmt.Printf("%s [y/N]: ", prompt)
|
||||
input, _ := reader.ReadString('\n')
|
||||
input = strings.TrimSpace(strings.ToLower(input))
|
||||
return input == "y" || input == "yes"
|
||||
}
|
||||
|
||||
@@ -1,354 +1,354 @@
|
||||
package setup
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"net/http"
|
||||
"net/mail"
|
||||
"regexp"
|
||||
"strings"
|
||||
"sync"
|
||||
"time"
|
||||
|
||||
"github.com/Wei-Shaw/sub2api/internal/pkg/response"
|
||||
"github.com/Wei-Shaw/sub2api/internal/pkg/sysutil"
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
)
|
||||
|
||||
// installMutex prevents concurrent installation attempts (TOCTOU protection)
|
||||
var installMutex sync.Mutex
|
||||
|
||||
// RegisterRoutes registers setup wizard routes
|
||||
func RegisterRoutes(r *gin.Engine) {
|
||||
setup := r.Group("/setup")
|
||||
{
|
||||
// Status endpoint is always accessible (read-only)
|
||||
setup.GET("/status", getStatus)
|
||||
|
||||
// All modification endpoints are protected by setupGuard
|
||||
protected := setup.Group("")
|
||||
protected.Use(setupGuard())
|
||||
{
|
||||
protected.POST("/test-db", testDatabase)
|
||||
protected.POST("/test-redis", testRedis)
|
||||
protected.POST("/install", install)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// SetupStatus represents the current setup state
|
||||
type SetupStatus struct {
|
||||
NeedsSetup bool `json:"needs_setup"`
|
||||
Step string `json:"step"`
|
||||
}
|
||||
|
||||
// getStatus returns the current setup status
|
||||
func getStatus(c *gin.Context) {
|
||||
response.Success(c, SetupStatus{
|
||||
NeedsSetup: NeedsSetup(),
|
||||
Step: "welcome",
|
||||
})
|
||||
}
|
||||
|
||||
// setupGuard middleware ensures setup endpoints are only accessible during setup mode
|
||||
func setupGuard() gin.HandlerFunc {
|
||||
return func(c *gin.Context) {
|
||||
if !NeedsSetup() {
|
||||
response.Error(c, http.StatusForbidden, "Setup is not allowed: system is already installed")
|
||||
c.Abort()
|
||||
return
|
||||
}
|
||||
c.Next()
|
||||
}
|
||||
}
|
||||
|
||||
// validateHostname checks if a hostname/IP is safe (no injection characters)
|
||||
func validateHostname(host string) bool {
|
||||
// Allow only alphanumeric, dots, hyphens, and colons (for IPv6)
|
||||
validHost := regexp.MustCompile(`^[a-zA-Z0-9.\-:]+$`)
|
||||
return validHost.MatchString(host) && len(host) <= 253
|
||||
}
|
||||
|
||||
// validateDBName checks if database name is safe
|
||||
func validateDBName(name string) bool {
|
||||
// Allow only alphanumeric and underscores, starting with letter
|
||||
validName := regexp.MustCompile(`^[a-zA-Z][a-zA-Z0-9_]*$`)
|
||||
return validName.MatchString(name) && len(name) <= 63
|
||||
}
|
||||
|
||||
// validateUsername checks if username is safe
|
||||
func validateUsername(name string) bool {
|
||||
// Allow only alphanumeric and underscores
|
||||
validName := regexp.MustCompile(`^[a-zA-Z0-9_]+$`)
|
||||
return validName.MatchString(name) && len(name) <= 63
|
||||
}
|
||||
|
||||
// validateEmail checks if email format is valid
|
||||
func validateEmail(email string) bool {
|
||||
_, err := mail.ParseAddress(email)
|
||||
return err == nil && len(email) <= 254
|
||||
}
|
||||
|
||||
// validatePassword checks password strength
|
||||
func validatePassword(password string) error {
|
||||
if len(password) < 8 {
|
||||
return fmt.Errorf("password must be at least 8 characters")
|
||||
}
|
||||
if len(password) > 128 {
|
||||
return fmt.Errorf("password must be at most 128 characters")
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// validatePort checks if port is in valid range
|
||||
func validatePort(port int) bool {
|
||||
return port > 0 && port <= 65535
|
||||
}
|
||||
|
||||
// validateSSLMode checks if SSL mode is valid
|
||||
func validateSSLMode(mode string) bool {
|
||||
validModes := map[string]bool{
|
||||
"disable": true, "require": true, "verify-ca": true, "verify-full": true,
|
||||
}
|
||||
return validModes[mode]
|
||||
}
|
||||
|
||||
// TestDatabaseRequest represents database test request
|
||||
type TestDatabaseRequest struct {
|
||||
Host string `json:"host" binding:"required"`
|
||||
Port int `json:"port" binding:"required"`
|
||||
User string `json:"user" binding:"required"`
|
||||
Password string `json:"password"`
|
||||
DBName string `json:"dbname" binding:"required"`
|
||||
SSLMode string `json:"sslmode"`
|
||||
}
|
||||
|
||||
// testDatabase tests database connection
|
||||
func testDatabase(c *gin.Context) {
|
||||
var req TestDatabaseRequest
|
||||
if err := c.ShouldBindJSON(&req); err != nil {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid request: "+err.Error())
|
||||
return
|
||||
}
|
||||
|
||||
// Security: Validate all inputs to prevent injection attacks
|
||||
if !validateHostname(req.Host) {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid hostname format")
|
||||
return
|
||||
}
|
||||
if !validatePort(req.Port) {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid port number")
|
||||
return
|
||||
}
|
||||
if !validateUsername(req.User) {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid username format")
|
||||
return
|
||||
}
|
||||
if !validateDBName(req.DBName) {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid database name format")
|
||||
return
|
||||
}
|
||||
|
||||
if req.SSLMode == "" {
|
||||
req.SSLMode = "disable"
|
||||
}
|
||||
if !validateSSLMode(req.SSLMode) {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid SSL mode")
|
||||
return
|
||||
}
|
||||
|
||||
cfg := &DatabaseConfig{
|
||||
Host: req.Host,
|
||||
Port: req.Port,
|
||||
User: req.User,
|
||||
Password: req.Password,
|
||||
DBName: req.DBName,
|
||||
SSLMode: req.SSLMode,
|
||||
}
|
||||
|
||||
if err := TestDatabaseConnection(cfg); err != nil {
|
||||
response.Error(c, http.StatusBadRequest, "Connection failed: "+err.Error())
|
||||
return
|
||||
}
|
||||
|
||||
response.Success(c, gin.H{"message": "Connection successful"})
|
||||
}
|
||||
|
||||
// TestRedisRequest represents Redis test request
|
||||
type TestRedisRequest struct {
|
||||
Host string `json:"host" binding:"required"`
|
||||
Port int `json:"port" binding:"required"`
|
||||
Password string `json:"password"`
|
||||
DB int `json:"db"`
|
||||
}
|
||||
|
||||
// testRedis tests Redis connection
|
||||
func testRedis(c *gin.Context) {
|
||||
var req TestRedisRequest
|
||||
if err := c.ShouldBindJSON(&req); err != nil {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid request: "+err.Error())
|
||||
return
|
||||
}
|
||||
|
||||
// Security: Validate inputs
|
||||
if !validateHostname(req.Host) {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid hostname format")
|
||||
return
|
||||
}
|
||||
if !validatePort(req.Port) {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid port number")
|
||||
return
|
||||
}
|
||||
if req.DB < 0 || req.DB > 15 {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid Redis database number (0-15)")
|
||||
return
|
||||
}
|
||||
|
||||
cfg := &RedisConfig{
|
||||
Host: req.Host,
|
||||
Port: req.Port,
|
||||
Password: req.Password,
|
||||
DB: req.DB,
|
||||
}
|
||||
|
||||
if err := TestRedisConnection(cfg); err != nil {
|
||||
response.Error(c, http.StatusBadRequest, "Connection failed: "+err.Error())
|
||||
return
|
||||
}
|
||||
|
||||
response.Success(c, gin.H{"message": "Connection successful"})
|
||||
}
|
||||
|
||||
// InstallRequest represents installation request
|
||||
type InstallRequest struct {
|
||||
Database DatabaseConfig `json:"database" binding:"required"`
|
||||
Redis RedisConfig `json:"redis" binding:"required"`
|
||||
Admin AdminConfig `json:"admin" binding:"required"`
|
||||
Server ServerConfig `json:"server"`
|
||||
}
|
||||
|
||||
// install performs the installation
|
||||
func install(c *gin.Context) {
|
||||
// TOCTOU Protection: Acquire mutex to prevent concurrent installation
|
||||
installMutex.Lock()
|
||||
defer installMutex.Unlock()
|
||||
|
||||
// Double-check after acquiring lock
|
||||
if !NeedsSetup() {
|
||||
response.Error(c, http.StatusForbidden, "Setup is not allowed: system is already installed")
|
||||
return
|
||||
}
|
||||
|
||||
var req InstallRequest
|
||||
if err := c.ShouldBindJSON(&req); err != nil {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid request: "+err.Error())
|
||||
return
|
||||
}
|
||||
|
||||
// ========== COMPREHENSIVE INPUT VALIDATION ==========
|
||||
// Database validation
|
||||
if !validateHostname(req.Database.Host) {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid database hostname")
|
||||
return
|
||||
}
|
||||
if !validatePort(req.Database.Port) {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid database port")
|
||||
return
|
||||
}
|
||||
if !validateUsername(req.Database.User) {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid database username")
|
||||
return
|
||||
}
|
||||
if !validateDBName(req.Database.DBName) {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid database name")
|
||||
return
|
||||
}
|
||||
|
||||
// Redis validation
|
||||
if !validateHostname(req.Redis.Host) {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid Redis hostname")
|
||||
return
|
||||
}
|
||||
if !validatePort(req.Redis.Port) {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid Redis port")
|
||||
return
|
||||
}
|
||||
if req.Redis.DB < 0 || req.Redis.DB > 15 {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid Redis database number")
|
||||
return
|
||||
}
|
||||
|
||||
// Admin validation
|
||||
if !validateEmail(req.Admin.Email) {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid admin email format")
|
||||
return
|
||||
}
|
||||
if err := validatePassword(req.Admin.Password); err != nil {
|
||||
response.Error(c, http.StatusBadRequest, err.Error())
|
||||
return
|
||||
}
|
||||
|
||||
// Server validation
|
||||
if req.Server.Port != 0 && !validatePort(req.Server.Port) {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid server port")
|
||||
return
|
||||
}
|
||||
|
||||
// ========== SET DEFAULTS ==========
|
||||
if req.Database.SSLMode == "" {
|
||||
req.Database.SSLMode = "disable"
|
||||
}
|
||||
if !validateSSLMode(req.Database.SSLMode) {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid SSL mode")
|
||||
return
|
||||
}
|
||||
if req.Server.Host == "" {
|
||||
req.Server.Host = "0.0.0.0"
|
||||
}
|
||||
if req.Server.Port == 0 {
|
||||
req.Server.Port = 8080
|
||||
}
|
||||
if req.Server.Mode == "" {
|
||||
req.Server.Mode = "release"
|
||||
}
|
||||
// Validate server mode
|
||||
if req.Server.Mode != "release" && req.Server.Mode != "debug" {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid server mode (must be 'release' or 'debug')")
|
||||
return
|
||||
}
|
||||
|
||||
// Trim whitespace from string inputs
|
||||
req.Admin.Email = strings.TrimSpace(req.Admin.Email)
|
||||
req.Database.Host = strings.TrimSpace(req.Database.Host)
|
||||
req.Database.User = strings.TrimSpace(req.Database.User)
|
||||
req.Database.DBName = strings.TrimSpace(req.Database.DBName)
|
||||
req.Redis.Host = strings.TrimSpace(req.Redis.Host)
|
||||
|
||||
cfg := &SetupConfig{
|
||||
Database: req.Database,
|
||||
Redis: req.Redis,
|
||||
Admin: req.Admin,
|
||||
Server: req.Server,
|
||||
JWT: JWTConfig{
|
||||
ExpireHour: 24,
|
||||
},
|
||||
}
|
||||
|
||||
if err := Install(cfg); err != nil {
|
||||
response.Error(c, http.StatusInternalServerError, "Installation failed: "+err.Error())
|
||||
return
|
||||
}
|
||||
|
||||
// Schedule service restart in background after sending response
|
||||
// This ensures the client receives the success response before the service restarts
|
||||
go func() {
|
||||
// Wait a moment to ensure the response is sent
|
||||
time.Sleep(500 * time.Millisecond)
|
||||
sysutil.RestartServiceAsync()
|
||||
}()
|
||||
|
||||
response.Success(c, gin.H{
|
||||
"message": "Installation completed successfully. Service will restart automatically.",
|
||||
"restart": true,
|
||||
})
|
||||
}
|
||||
package setup
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"net/http"
|
||||
"net/mail"
|
||||
"regexp"
|
||||
"strings"
|
||||
"sync"
|
||||
"time"
|
||||
|
||||
"github.com/Wei-Shaw/sub2api/internal/pkg/response"
|
||||
"github.com/Wei-Shaw/sub2api/internal/pkg/sysutil"
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
)
|
||||
|
||||
// installMutex prevents concurrent installation attempts (TOCTOU protection)
|
||||
var installMutex sync.Mutex
|
||||
|
||||
// RegisterRoutes registers setup wizard routes
|
||||
func RegisterRoutes(r *gin.Engine) {
|
||||
setup := r.Group("/setup")
|
||||
{
|
||||
// Status endpoint is always accessible (read-only)
|
||||
setup.GET("/status", getStatus)
|
||||
|
||||
// All modification endpoints are protected by setupGuard
|
||||
protected := setup.Group("")
|
||||
protected.Use(setupGuard())
|
||||
{
|
||||
protected.POST("/test-db", testDatabase)
|
||||
protected.POST("/test-redis", testRedis)
|
||||
protected.POST("/install", install)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// SetupStatus represents the current setup state
|
||||
type SetupStatus struct {
|
||||
NeedsSetup bool `json:"needs_setup"`
|
||||
Step string `json:"step"`
|
||||
}
|
||||
|
||||
// getStatus returns the current setup status
|
||||
func getStatus(c *gin.Context) {
|
||||
response.Success(c, SetupStatus{
|
||||
NeedsSetup: NeedsSetup(),
|
||||
Step: "welcome",
|
||||
})
|
||||
}
|
||||
|
||||
// setupGuard middleware ensures setup endpoints are only accessible during setup mode
|
||||
func setupGuard() gin.HandlerFunc {
|
||||
return func(c *gin.Context) {
|
||||
if !NeedsSetup() {
|
||||
response.Error(c, http.StatusForbidden, "Setup is not allowed: system is already installed")
|
||||
c.Abort()
|
||||
return
|
||||
}
|
||||
c.Next()
|
||||
}
|
||||
}
|
||||
|
||||
// validateHostname checks if a hostname/IP is safe (no injection characters)
|
||||
func validateHostname(host string) bool {
|
||||
// Allow only alphanumeric, dots, hyphens, and colons (for IPv6)
|
||||
validHost := regexp.MustCompile(`^[a-zA-Z0-9.\-:]+$`)
|
||||
return validHost.MatchString(host) && len(host) <= 253
|
||||
}
|
||||
|
||||
// validateDBName checks if database name is safe
|
||||
func validateDBName(name string) bool {
|
||||
// Allow only alphanumeric and underscores, starting with letter
|
||||
validName := regexp.MustCompile(`^[a-zA-Z][a-zA-Z0-9_]*$`)
|
||||
return validName.MatchString(name) && len(name) <= 63
|
||||
}
|
||||
|
||||
// validateUsername checks if username is safe
|
||||
func validateUsername(name string) bool {
|
||||
// Allow only alphanumeric and underscores
|
||||
validName := regexp.MustCompile(`^[a-zA-Z0-9_]+$`)
|
||||
return validName.MatchString(name) && len(name) <= 63
|
||||
}
|
||||
|
||||
// validateEmail checks if email format is valid
|
||||
func validateEmail(email string) bool {
|
||||
_, err := mail.ParseAddress(email)
|
||||
return err == nil && len(email) <= 254
|
||||
}
|
||||
|
||||
// validatePassword checks password strength
|
||||
func validatePassword(password string) error {
|
||||
if len(password) < 8 {
|
||||
return fmt.Errorf("password must be at least 8 characters")
|
||||
}
|
||||
if len(password) > 128 {
|
||||
return fmt.Errorf("password must be at most 128 characters")
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// validatePort checks if port is in valid range
|
||||
func validatePort(port int) bool {
|
||||
return port > 0 && port <= 65535
|
||||
}
|
||||
|
||||
// validateSSLMode checks if SSL mode is valid
|
||||
func validateSSLMode(mode string) bool {
|
||||
validModes := map[string]bool{
|
||||
"disable": true, "require": true, "verify-ca": true, "verify-full": true,
|
||||
}
|
||||
return validModes[mode]
|
||||
}
|
||||
|
||||
// TestDatabaseRequest represents database test request
|
||||
type TestDatabaseRequest struct {
|
||||
Host string `json:"host" binding:"required"`
|
||||
Port int `json:"port" binding:"required"`
|
||||
User string `json:"user" binding:"required"`
|
||||
Password string `json:"password"`
|
||||
DBName string `json:"dbname" binding:"required"`
|
||||
SSLMode string `json:"sslmode"`
|
||||
}
|
||||
|
||||
// testDatabase tests database connection
|
||||
func testDatabase(c *gin.Context) {
|
||||
var req TestDatabaseRequest
|
||||
if err := c.ShouldBindJSON(&req); err != nil {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid request: "+err.Error())
|
||||
return
|
||||
}
|
||||
|
||||
// Security: Validate all inputs to prevent injection attacks
|
||||
if !validateHostname(req.Host) {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid hostname format")
|
||||
return
|
||||
}
|
||||
if !validatePort(req.Port) {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid port number")
|
||||
return
|
||||
}
|
||||
if !validateUsername(req.User) {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid username format")
|
||||
return
|
||||
}
|
||||
if !validateDBName(req.DBName) {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid database name format")
|
||||
return
|
||||
}
|
||||
|
||||
if req.SSLMode == "" {
|
||||
req.SSLMode = "disable"
|
||||
}
|
||||
if !validateSSLMode(req.SSLMode) {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid SSL mode")
|
||||
return
|
||||
}
|
||||
|
||||
cfg := &DatabaseConfig{
|
||||
Host: req.Host,
|
||||
Port: req.Port,
|
||||
User: req.User,
|
||||
Password: req.Password,
|
||||
DBName: req.DBName,
|
||||
SSLMode: req.SSLMode,
|
||||
}
|
||||
|
||||
if err := TestDatabaseConnection(cfg); err != nil {
|
||||
response.Error(c, http.StatusBadRequest, "Connection failed: "+err.Error())
|
||||
return
|
||||
}
|
||||
|
||||
response.Success(c, gin.H{"message": "Connection successful"})
|
||||
}
|
||||
|
||||
// TestRedisRequest represents Redis test request
|
||||
type TestRedisRequest struct {
|
||||
Host string `json:"host" binding:"required"`
|
||||
Port int `json:"port" binding:"required"`
|
||||
Password string `json:"password"`
|
||||
DB int `json:"db"`
|
||||
}
|
||||
|
||||
// testRedis tests Redis connection
|
||||
func testRedis(c *gin.Context) {
|
||||
var req TestRedisRequest
|
||||
if err := c.ShouldBindJSON(&req); err != nil {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid request: "+err.Error())
|
||||
return
|
||||
}
|
||||
|
||||
// Security: Validate inputs
|
||||
if !validateHostname(req.Host) {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid hostname format")
|
||||
return
|
||||
}
|
||||
if !validatePort(req.Port) {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid port number")
|
||||
return
|
||||
}
|
||||
if req.DB < 0 || req.DB > 15 {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid Redis database number (0-15)")
|
||||
return
|
||||
}
|
||||
|
||||
cfg := &RedisConfig{
|
||||
Host: req.Host,
|
||||
Port: req.Port,
|
||||
Password: req.Password,
|
||||
DB: req.DB,
|
||||
}
|
||||
|
||||
if err := TestRedisConnection(cfg); err != nil {
|
||||
response.Error(c, http.StatusBadRequest, "Connection failed: "+err.Error())
|
||||
return
|
||||
}
|
||||
|
||||
response.Success(c, gin.H{"message": "Connection successful"})
|
||||
}
|
||||
|
||||
// InstallRequest represents installation request
|
||||
type InstallRequest struct {
|
||||
Database DatabaseConfig `json:"database" binding:"required"`
|
||||
Redis RedisConfig `json:"redis" binding:"required"`
|
||||
Admin AdminConfig `json:"admin" binding:"required"`
|
||||
Server ServerConfig `json:"server"`
|
||||
}
|
||||
|
||||
// install performs the installation
|
||||
func install(c *gin.Context) {
|
||||
// TOCTOU Protection: Acquire mutex to prevent concurrent installation
|
||||
installMutex.Lock()
|
||||
defer installMutex.Unlock()
|
||||
|
||||
// Double-check after acquiring lock
|
||||
if !NeedsSetup() {
|
||||
response.Error(c, http.StatusForbidden, "Setup is not allowed: system is already installed")
|
||||
return
|
||||
}
|
||||
|
||||
var req InstallRequest
|
||||
if err := c.ShouldBindJSON(&req); err != nil {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid request: "+err.Error())
|
||||
return
|
||||
}
|
||||
|
||||
// ========== COMPREHENSIVE INPUT VALIDATION ==========
|
||||
// Database validation
|
||||
if !validateHostname(req.Database.Host) {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid database hostname")
|
||||
return
|
||||
}
|
||||
if !validatePort(req.Database.Port) {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid database port")
|
||||
return
|
||||
}
|
||||
if !validateUsername(req.Database.User) {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid database username")
|
||||
return
|
||||
}
|
||||
if !validateDBName(req.Database.DBName) {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid database name")
|
||||
return
|
||||
}
|
||||
|
||||
// Redis validation
|
||||
if !validateHostname(req.Redis.Host) {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid Redis hostname")
|
||||
return
|
||||
}
|
||||
if !validatePort(req.Redis.Port) {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid Redis port")
|
||||
return
|
||||
}
|
||||
if req.Redis.DB < 0 || req.Redis.DB > 15 {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid Redis database number")
|
||||
return
|
||||
}
|
||||
|
||||
// Admin validation
|
||||
if !validateEmail(req.Admin.Email) {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid admin email format")
|
||||
return
|
||||
}
|
||||
if err := validatePassword(req.Admin.Password); err != nil {
|
||||
response.Error(c, http.StatusBadRequest, err.Error())
|
||||
return
|
||||
}
|
||||
|
||||
// Server validation
|
||||
if req.Server.Port != 0 && !validatePort(req.Server.Port) {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid server port")
|
||||
return
|
||||
}
|
||||
|
||||
// ========== SET DEFAULTS ==========
|
||||
if req.Database.SSLMode == "" {
|
||||
req.Database.SSLMode = "disable"
|
||||
}
|
||||
if !validateSSLMode(req.Database.SSLMode) {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid SSL mode")
|
||||
return
|
||||
}
|
||||
if req.Server.Host == "" {
|
||||
req.Server.Host = "0.0.0.0"
|
||||
}
|
||||
if req.Server.Port == 0 {
|
||||
req.Server.Port = 8080
|
||||
}
|
||||
if req.Server.Mode == "" {
|
||||
req.Server.Mode = "release"
|
||||
}
|
||||
// Validate server mode
|
||||
if req.Server.Mode != "release" && req.Server.Mode != "debug" {
|
||||
response.Error(c, http.StatusBadRequest, "Invalid server mode (must be 'release' or 'debug')")
|
||||
return
|
||||
}
|
||||
|
||||
// Trim whitespace from string inputs
|
||||
req.Admin.Email = strings.TrimSpace(req.Admin.Email)
|
||||
req.Database.Host = strings.TrimSpace(req.Database.Host)
|
||||
req.Database.User = strings.TrimSpace(req.Database.User)
|
||||
req.Database.DBName = strings.TrimSpace(req.Database.DBName)
|
||||
req.Redis.Host = strings.TrimSpace(req.Redis.Host)
|
||||
|
||||
cfg := &SetupConfig{
|
||||
Database: req.Database,
|
||||
Redis: req.Redis,
|
||||
Admin: req.Admin,
|
||||
Server: req.Server,
|
||||
JWT: JWTConfig{
|
||||
ExpireHour: 24,
|
||||
},
|
||||
}
|
||||
|
||||
if err := Install(cfg); err != nil {
|
||||
response.Error(c, http.StatusInternalServerError, "Installation failed: "+err.Error())
|
||||
return
|
||||
}
|
||||
|
||||
// Schedule service restart in background after sending response
|
||||
// This ensures the client receives the success response before the service restarts
|
||||
go func() {
|
||||
// Wait a moment to ensure the response is sent
|
||||
time.Sleep(500 * time.Millisecond)
|
||||
sysutil.RestartServiceAsync()
|
||||
}()
|
||||
|
||||
response.Success(c, gin.H{
|
||||
"message": "Installation completed successfully. Service will restart automatically.",
|
||||
"restart": true,
|
||||
})
|
||||
}
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
Reference in New Issue
Block a user