237 lines
5.6 KiB
Go
237 lines
5.6 KiB
Go
package services
|
|
|
|
import (
|
|
"gauth-central/internal/database"
|
|
"gauth-central/internal/models"
|
|
"time"
|
|
)
|
|
|
|
type SettingsService struct {
|
|
cacheService *CacheService
|
|
}
|
|
|
|
func NewSettingsService() *SettingsService {
|
|
return &SettingsService{
|
|
cacheService: NewCacheService(),
|
|
}
|
|
}
|
|
|
|
// ==================== CORS WHITELIST ====================
|
|
|
|
func (s *SettingsService) GetAllCorsWhitelist() ([]models.CorsWhitelist, error) {
|
|
var whitelists []models.CorsWhitelist
|
|
err := database.DB.Where("is_active = ?", true).Order("created_at DESC").Find(&whitelists).Error
|
|
return whitelists, err
|
|
}
|
|
|
|
func (s *SettingsService) GetActiveWhitelistOrigins() ([]string, error) {
|
|
// Try cache first
|
|
cached, err := s.cacheService.GetCorsWhitelist()
|
|
if err == nil && cached != nil {
|
|
return cached, nil
|
|
}
|
|
|
|
// Fetch from database
|
|
var whitelists []models.CorsWhitelist
|
|
err = database.DB.Where("is_active = ?", true).Find(&whitelists).Error
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
origins := make([]string, len(whitelists))
|
|
for i, w := range whitelists {
|
|
origins[i] = w.Origin
|
|
}
|
|
|
|
// Cache for 1 hour
|
|
s.cacheService.SetCorsWhitelist(origins, 1*time.Hour)
|
|
|
|
return origins, nil
|
|
}
|
|
|
|
func (s *SettingsService) CreateCorsWhitelist(whitelist *models.CorsWhitelist) error {
|
|
err := database.DB.Create(whitelist).Error
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
// Invalidate cache
|
|
s.cacheService.InvalidateCorsWhitelist()
|
|
return nil
|
|
}
|
|
|
|
func (s *SettingsService) UpdateCorsWhitelist(id string, updates map[string]interface{}) error {
|
|
err := database.DB.Model(&models.CorsWhitelist{}).Where("id = ?", id).Updates(updates).Error
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
// Invalidate cache
|
|
s.cacheService.InvalidateCorsWhitelist()
|
|
return nil
|
|
}
|
|
|
|
func (s *SettingsService) DeleteCorsWhitelist(id string) error {
|
|
err := database.DB.Delete(&models.CorsWhitelist{}, "id = ?", id).Error
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
// Invalidate cache
|
|
s.cacheService.InvalidateCorsWhitelist()
|
|
return nil
|
|
}
|
|
|
|
// ==================== CORS BLACKLIST ====================
|
|
|
|
func (s *SettingsService) GetAllCorsBlacklist() ([]models.CorsBlacklist, error) {
|
|
var blacklists []models.CorsBlacklist
|
|
err := database.DB.Where("is_active = ?", true).Order("created_at DESC").Find(&blacklists).Error
|
|
return blacklists, err
|
|
}
|
|
|
|
func (s *SettingsService) GetActiveBlacklistOrigins() ([]string, error) {
|
|
// Try cache first
|
|
cached, err := s.cacheService.GetCorsBlacklist()
|
|
if err == nil && cached != nil {
|
|
return cached, nil
|
|
}
|
|
|
|
// Fetch from database
|
|
var blacklists []models.CorsBlacklist
|
|
err = database.DB.Where("is_active = ?", true).Find(&blacklists).Error
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
origins := make([]string, len(blacklists))
|
|
for i, b := range blacklists {
|
|
origins[i] = b.Origin
|
|
}
|
|
|
|
// Cache for 1 hour
|
|
s.cacheService.SetCorsBlacklist(origins, 1*time.Hour)
|
|
|
|
return origins, nil
|
|
}
|
|
|
|
func (s *SettingsService) CreateCorsBlacklist(blacklist *models.CorsBlacklist) error {
|
|
err := database.DB.Create(blacklist).Error
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
// Invalidate cache
|
|
s.cacheService.InvalidateCorsBlacklist()
|
|
return nil
|
|
}
|
|
|
|
func (s *SettingsService) UpdateCorsBlacklist(id string, updates map[string]interface{}) error {
|
|
err := database.DB.Model(&models.CorsBlacklist{}).Where("id = ?", id).Updates(updates).Error
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
// Invalidate cache
|
|
s.cacheService.InvalidateCorsBlacklist()
|
|
return nil
|
|
}
|
|
|
|
func (s *SettingsService) DeleteCorsBlacklist(id string) error {
|
|
err := database.DB.Delete(&models.CorsBlacklist{}, "id = ?", id).Error
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
// Invalidate cache
|
|
s.cacheService.InvalidateCorsBlacklist()
|
|
return nil
|
|
}
|
|
|
|
// ==================== RATE LIMIT SETTINGS ====================
|
|
|
|
func (s *SettingsService) GetAllRateLimitSettings() ([]models.RateLimitSetting, error) {
|
|
var settings []models.RateLimitSetting
|
|
err := database.DB.Order("name ASC").Find(&settings).Error
|
|
return settings, err
|
|
}
|
|
|
|
func (s *SettingsService) GetRateLimitSettingsMap() (map[string]*models.RateLimitSetting, error) {
|
|
// Try cache first
|
|
cached, err := s.cacheService.GetRateLimitSettings()
|
|
if err == nil && cached != nil {
|
|
return cached, nil
|
|
}
|
|
|
|
// Fetch from database
|
|
var settings []models.RateLimitSetting
|
|
err = database.DB.Where("is_active = ?", true).Find(&settings).Error
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
settingsMap := make(map[string]*models.RateLimitSetting)
|
|
for i := range settings {
|
|
settingsMap[settings[i].Name] = &settings[i]
|
|
}
|
|
|
|
// Cache for 1 hour
|
|
s.cacheService.SetRateLimitSettings(settingsMap, 1*time.Hour)
|
|
|
|
return settingsMap, nil
|
|
}
|
|
|
|
func (s *SettingsService) GetRateLimitSettingByName(name string) (*models.RateLimitSetting, error) {
|
|
settingsMap, err := s.GetRateLimitSettingsMap()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
setting, exists := settingsMap[name]
|
|
if !exists {
|
|
return nil, nil
|
|
}
|
|
|
|
return setting, nil
|
|
}
|
|
|
|
func (s *SettingsService) UpdateRateLimitSetting(id string, updates map[string]interface{}) error {
|
|
err := database.DB.Model(&models.RateLimitSetting{}).Where("id = ?", id).Updates(updates).Error
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
// Invalidate cache
|
|
s.cacheService.InvalidateRateLimitSettings()
|
|
return nil
|
|
}
|
|
|
|
// Check if origin is allowed
|
|
func (s *SettingsService) IsOriginAllowed(origin string) (bool, error) {
|
|
// Check blacklist first
|
|
blacklist, err := s.GetActiveBlacklistOrigins()
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
|
|
for _, blocked := range blacklist {
|
|
if blocked == origin {
|
|
return false, nil
|
|
}
|
|
}
|
|
|
|
// Check whitelist
|
|
whitelist, err := s.GetActiveWhitelistOrigins()
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
|
|
for _, allowed := range whitelist {
|
|
if allowed == origin || allowed == "*" {
|
|
return true, nil
|
|
}
|
|
}
|
|
|
|
return false, nil
|
|
}
|