7 Commits

Author SHA1 Message Date
ld 5eeb37389b fix(config): harden default JWT secret
Replace known development JWT secret placeholders with an ephemeral runtime secret during config loading.

Return LoadInfo so startup can warn when token persistence depends on a stable configured secret.

Update config docs and tests for default, legacy placeholder, custom, env, and empty secret behavior.
2026-07-05 13:25:44 +08:00
ld 1dfccf513a Add structured logging and centralized error handling
- Initialize slog in the serve command with terminal/file support
- Introduce `AppError` with HTTP status for unified service-layer errors
- Replace ad-hoc `api.Error` calls with `api.RespondError`
- Wrap internal errors with `model.NewInternalError` and add reference
  IDs
- Add `RequestID` middleware and switch router from `gin.Default` to
  `gin.New`
2026-07-04 16:24:22 +08:00
ld e2af482cc9 Add file management API with local storage backend
- Implement FileHandler with CRUD operations for files/directories
- Add FileService with business logic and SHA-256 hashing
- Create LocalStorage backend for filesystem persistence
- Add database repository with pagination and name uniqueness
  constraints
- Configure max upload size in storage settings
- Include comprehensive tests for all layers
2026-06-24 14:08:57 +08:00
ld f4212cddf0 Change config JWT duration fields to time.Duration
- fix: The AccessTTL and RefreshTTL fields in JWTConfig now use
  time.Duration type directly instead of string with ParseDuration
  methods. The config validation now checks for positive durations
  rather than parsing strings.
2026-04-29 17:02:49 +08:00
ld 901a769ee7 Complete foundational data layer with repository implementation
- Add GORM dependencies for SQLite and PostgreSQL
- Create domain models (User, Session, File) with common errors
- Implement repository interfaces and database layer with migrations
- Update WebApp to bootstrap with database and repositories
- Add comprehensive unit tests for repository methods
- Update config structure to support multiple database drivers
- Extend AGENTS.md with debugging principles and dependency rules
2026-04-28 13:32:33 +08:00
ld c0c34eb914 Change JWT TTL config from duration to string for flexibility
- The mapstructure library is no longer needed for direct duration
  parsing since we now store TTLs as string durations (e.g., "15m",
  "168h") and parse them on demand via helper methods.
- This allows more flexible duration formats in configuration and moves
  the parsing responsibility to the JWT config struct itself.
2026-04-27 17:15:16 +08:00
ld 54f0deadbc Add initial framework of configuration.
feat: configuration file system of app.

Note: still work in progress.
2026-04-27 16:55:58 +08:00