# Architecture

## Layered Design

```
Handler (Gin handlers)          ← translates HTTP ↔ Service calls
    ↓
Service (business logic)        ← orchestrates, authorizes, validates
    ↓                        ↓
Repository (GORM data access)   Storage (file I/O)
    ↓                        ↓
[SQLite / PostgreSQL]        [Local FS / S3]
```

Rules:
- Handler has no business logic — parse request, call service, write response.
- Service has no HTTP awareness — operates on domain models and interfaces.
- Repository abstracts the database; Storage abstracts where bytes live.
- `internal/server` is the composition root — wires all dependencies together.

## Package Map

| Layer | Package | Purpose | Status |
|-------|---------|---------|--------|
| **CLI** | `cmd` | Cobra root command | ✅ skeleton |
| | `cmd/serve.go` | `mygo serve` — wire deps, start HTTP | ⬜ plan |
| | `cmd/config.go` | `mygo config` — config subcommand | ⬜ plan |
| | `cmd/status.go` | `mygo status` — health check | ⬜ plan |
| **Config** | `internal/config` | Viper load (YAML + env + flags) | ⬜ plan |
| **HTTP** | `internal/server` | Gin engine init, route registration, middleware chain | ⬜ plan |
| | `internal/handler` | HTTP handlers (auth, file, admin, webdav...) | ⬜ plan |
| | `internal/middleware` | Gin middleware (requestid, logger, cors, auth) | ⬜ plan |
| **Business** | `internal/service` | Business logic (auth, file, admin) | ⬜ plan |
| | `internal/model` | Domain types (User, File, errors) | ⬜ plan |
| **Data** | `internal/repository` | Repository interfaces + GORM implementations | ⬜ plan |
| | `internal/storage` | Storage backend interface + local disk impl | ⬜ plan |
| **Util** | `internal/auth` | JWT sign/verify, context helpers | ⬜ plan |
| | `internal/api` | JSON response writer, error code helpers | ⬜ plan |

## API Routes (v0)

```
POST /api/v1/auth/register
POST /api/v1/auth/login
POST /api/v1/auth/refresh

GET   /api/v1/users/me
PATCH /api/v1/users/me

GET    /api/v1/files
POST   /api/v1/files
GET    /api/v1/files/:id
GET    /api/v1/files/:id/content
PUT    /api/v1/files/:id
DELETE /api/v1/files/:id

GET    /api/v1/admin/users
GET    /api/v1/admin/users/:id
PUT    /api/v1/admin/users/:id
DELETE /api/v1/admin/users/:id
```

## Middleware Chain

Applied globally: requestid → logger → cors

Applied to protected groups: auth (JWT validation, inject user into gin.Context)