go_gameshield/internal/server/http.go

package server

import (
	"github.com/gin-gonic/gin"
	apiV1 "github.com/go-nunu/nunu-layout-advanced/api/v1"
	"github.com/go-nunu/nunu-layout-advanced/docs"
	"github.com/go-nunu/nunu-layout-advanced/internal/handler"
	"github.com/go-nunu/nunu-layout-advanced/internal/middleware"
	"github.com/go-nunu/nunu-layout-advanced/pkg/jwt"
	"github.com/go-nunu/nunu-layout-advanced/pkg/limiter"
	"github.com/go-nunu/nunu-layout-advanced/pkg/log"
	"github.com/go-nunu/nunu-layout-advanced/pkg/server/http"
	"github.com/spf13/viper"
	swaggerfiles "github.com/swaggo/files"
	ginSwagger "github.com/swaggo/gin-swagger"
)

func NewHTTPServer(
	logger *log.Logger,
	conf *viper.Viper,
	jwt *jwt.JWT,
	limiterInstance *limiter.Limiter,
	rateLimitMiddleware gin.HandlerFunc,
	userHandler *handler.UserHandler,
	gameShieldHandler *handler.GameShieldHandler,
	gameShieldBackendHandler *handler.GameShieldBackendHandler,
	webForwardingHandler *handler.WebForwardingHandler,
	weblimitHandler *handler.WebLimitHandler,
	tcpForwardingHandler *handler.TcpforwardingHandler,
	udpForwardingHandler *handler.UdpForWardingHandler,
	tcpLimitHandler *handler.TcpLimitHandler,
	udpLimitHandler *handler.UdpLimitHandler,

) *http.Server {
	gin.SetMode(gin.DebugMode)
	s := http.NewServer(
		gin.Default(),
		logger,
		http.WithServerHost(conf.GetString("http.host")),
		http.WithServerPort(conf.GetInt("http.port")),
	)

	// swagger doc
	docs.SwaggerInfo.BasePath = "/v1"
	s.GET("/swagger/*any", ginSwagger.WrapHandler(
		swaggerfiles.Handler,
		//ginSwagger.URL(fmt.Sprintf("http://localhost:%d/swagger/doc.json", conf.GetInt("app.http.port"))),
		ginSwagger.DefaultModelsExpandDepth(-1),
		ginSwagger.PersistAuthorization(true),
	))

	s.Use(
		middleware.CORSMiddleware(),
		middleware.ResponseLogMiddleware(logger),
		middleware.RequestLogMiddleware(logger),
		//middleware.SignMiddleware(log),
		rateLimitMiddleware,
	)
	s.GET("/", func(ctx *gin.Context) {
		logger.WithContext(ctx).Info("hello")
		apiV1.HandleSuccess(ctx, map[string]interface{}{
			":)": "Thank you for using nunu!",
		})
	})

	v1 := s.Group("/v1")
	{
		// No route group has permission
		noAuthRouter := v1.Group("/")
		{
			// 使用增强的Limiter.GetAPIConfig方法获取特定API的限流配置

			// 登录API限流
			loginConfig := limiterInstance.GetAPIConfig("login")
			noAuthRouter.POST("/login", middleware.IPRateLimitMiddleware(loginConfig), userHandler.Login)

			// 注册API限流
			registerConfig := limiterInstance.GetAPIConfig("register")
			noAuthRouter.POST("/register", middleware.IPRateLimitMiddleware(registerConfig), userHandler.Register)

			// 创建IP白名单实例
			ipAllowlist := middleware.NewIPAllowlist(conf, logger)
			ipAllowlistMiddleware := ipAllowlist.IPAllowlistMiddleware()

			// 为GameShield相关接口添加IP白名单保护
			noAuthRouter.POST("/gameShield/add", ipAllowlistMiddleware, gameShieldHandler.SubmitGameShield)
			noAuthRouter.POST("/gameShield/getField", ipAllowlistMiddleware, gameShieldHandler.GetGameShieldField)
			noAuthRouter.POST("/gameShield/getKey", ipAllowlistMiddleware, gameShieldHandler.GetGameShieldKey)
			noAuthRouter.POST("/gameShield/edit", ipAllowlistMiddleware, gameShieldHandler.EditGameShield)
			noAuthRouter.POST("/gameShield/delete", ipAllowlistMiddleware, gameShieldHandler.DeleteGameShield)
			noAuthRouter.POST("/gameShield/getOnline", ipAllowlistMiddleware, gameShieldHandler.GetGameShieldOnlineList)
			noAuthRouter.POST("/gameShield/IsExistKey", ipAllowlistMiddleware, gameShieldHandler.IsExistGameShieldKey)
			noAuthRouter.POST("/webForward/add", ipAllowlistMiddleware, webForwardingHandler.AddWebForwarding)
			noAuthRouter.POST("/webForward/edit", ipAllowlistMiddleware, webForwardingHandler.EditWebForwarding)
			noAuthRouter.POST("/webForward/delete", ipAllowlistMiddleware, webForwardingHandler.DeleteWebForwarding)
			noAuthRouter.POST("/webLimit/add", ipAllowlistMiddleware, weblimitHandler.AddWebLimit)
			noAuthRouter.POST("/webLimit/edit", ipAllowlistMiddleware, weblimitHandler.EditWebLimit)
			noAuthRouter.POST("/webLimit/delete", ipAllowlistMiddleware, weblimitHandler.DeleteWebLimit)
			noAuthRouter.POST("/tcpForward/add", ipAllowlistMiddleware, tcpForwardingHandler.AddTcpForwarding)
			noAuthRouter.POST("/tcpForward/edit", ipAllowlistMiddleware, tcpForwardingHandler.EditTcpForwarding)
			noAuthRouter.POST("/tcpForward/delete", ipAllowlistMiddleware, tcpForwardingHandler.DeleteTcpForwarding)
			noAuthRouter.POST("/udpForward/add", ipAllowlistMiddleware, udpForwardingHandler.AddUdpForWarding)
			noAuthRouter.POST("/udpForward/edit", ipAllowlistMiddleware, udpForwardingHandler.EditUdpForWarding)
			noAuthRouter.POST("/udpForward/delete", ipAllowlistMiddleware, udpForwardingHandler.DeleteUdpForWarding)
			noAuthRouter.POST("/tcpLimit/add", ipAllowlistMiddleware, tcpLimitHandler.AddTcpLimit)
			noAuthRouter.POST("/tcpLimit/edit", ipAllowlistMiddleware, tcpLimitHandler.EditTcpLimit)
			noAuthRouter.POST("/tcpLimit/delete", ipAllowlistMiddleware, tcpLimitHandler.DeleteTcpLimit)
			noAuthRouter.POST("/udpLimit/add", ipAllowlistMiddleware, udpLimitHandler.AddUdpLimit)
			noAuthRouter.POST("/udpLimit/edit", ipAllowlistMiddleware, udpLimitHandler.EditUdpLimit)
			noAuthRouter.POST("/udpLimit/delete", ipAllowlistMiddleware, udpLimitHandler.DeleteUdpLimit)
			noAuthRouter.POST("/gameShieldBackend/add", ipAllowlistMiddleware, gameShieldBackendHandler.AddGameShieldBackend)
			noAuthRouter.POST("/gameShieldBackend/edit", ipAllowlistMiddleware, gameShieldBackendHandler.EditGameShieldBackend)
			noAuthRouter.POST("/gameShieldBackend/delete", ipAllowlistMiddleware, gameShieldBackendHandler.DeleteGameShieldBackend)
		}
		// Non-strict permission routing group
		noStrictAuthRouter := v1.Group("/").Use(middleware.NoStrictAuth(jwt, logger))
		{
			noStrictAuthRouter.GET("/user", userHandler.GetProfile)
		}

		// Strict permission routing group
		strictAuthRouter := v1.Group("/").Use(middleware.StrictAuth(jwt, logger))
		{
			strictAuthRouter.PUT("/user", userHandler.UpdateProfile)
		}
	}

	return s
}