go_gameshield/internal/server/http.go

package server

import (
	"github.com/casbin/casbin/v2"
	"github.com/gin-gonic/gin"
	apiV1 "github.com/go-nunu/nunu-layout-advanced/api/v1"
	"github.com/go-nunu/nunu-layout-advanced/docs"
	"github.com/go-nunu/nunu-layout-advanced/internal/handler"
	"github.com/go-nunu/nunu-layout-advanced/internal/handler/admin"
	"github.com/go-nunu/nunu-layout-advanced/internal/handler/api/waf"
	"github.com/go-nunu/nunu-layout-advanced/internal/middleware"
	"github.com/go-nunu/nunu-layout-advanced/internal/service"
	"github.com/go-nunu/nunu-layout-advanced/pkg/jwt"
	"github.com/go-nunu/nunu-layout-advanced/pkg/limiter"
	"github.com/go-nunu/nunu-layout-advanced/pkg/log"
	"github.com/go-nunu/nunu-layout-advanced/pkg/server/http"
	"github.com/spf13/viper"
	swaggerfiles "github.com/swaggo/files"
	ginSwagger "github.com/swaggo/gin-swagger"
)

func NewHTTPServer(
	logger *log.Logger,
	conf *viper.Viper,
	jwt *jwt.JWT,
	e *casbin.SyncedEnforcer,
	limiterInstance *limiter.Limiter,
	rateLimitMiddleware gin.HandlerFunc,
	userHandler *admin.UserHandler,
	gameShieldHandler *handler.GameShieldHandler,
	gameShieldBackendHandler *handler.GameShieldBackendHandler,
	webForwardingHandler *waf.WebForwardingHandler,
	tcpForwardingHandler *waf.TcpforwardingHandler,
	udpForwardingHandler *waf.UdpForWardingHandler,
	globalLimitHandler *waf.GlobalLimitHandler,
	adminHandler *admin.AdminHandler,
	gatewayIpAdminHandler *admin.GatewayIpAdminHandler,
	allowAnddenyHandler *waf.AllowAndDenyIpHandler,
	ccHandler *handler.CcHandler,
	logService service.LogService,
	ccIpListHandler *waf.CcIpListHandler,
) *http.Server {
	gin.SetMode(gin.DebugMode)
	s := http.NewServer(
		gin.Default(),
		logger,
		http.WithServerHost(conf.GetString("http.host")),
		http.WithServerPort(conf.GetInt("http.port")),
	)

	// swagger doc
	docs.SwaggerInfo.BasePath = "/v1"
	s.GET("/swagger/*any", ginSwagger.WrapHandler(
		swaggerfiles.Handler,
		//ginSwagger.URL(fmt.Sprintf("http://localhost:%d/swagger/doc.json", conf.GetInt("app.http.port"))),
		ginSwagger.DefaultModelsExpandDepth(-1),
		ginSwagger.PersistAuthorization(true),
	))

	s.Use(
		middleware.CORSMiddleware(),
		middleware.ResponseLogMiddleware(logger),
		middleware.RequestLogMiddleware(logger),
		middleware.OperationLogMiddleware(logService),
		//middleware.SignMiddleware(log),
		rateLimitMiddleware,
	)
	s.GET("/", func(ctx *gin.Context) {
		logger.WithContext(ctx).Info("hello")
		apiV1.HandleSuccess(ctx, map[string]interface{}{
			":)": "Thank you for using nunu!",
		})
	})

	v1 := s.Group("/v1")
	{
		// No route group has permission
		noAuthRouter := v1.Group("/")
		{
			// 使用增强的Limiter.GetAPIConfig方法获取特定API的限流配置

			// 登录API限流
			loginConfig := limiterInstance.GetAPIConfig("login")
			noAuthRouter.POST("/login", middleware.IPRateLimitMiddleware(loginConfig), adminHandler.Login)

			//// 注册API限流
			//registerConfig := limiterInstance.GetAPIConfig("register")
			//noAuthRouter.POST("/register", middleware.IPRateLimitMiddleware(registerConfig), userHandler.Register)

			// 创建IP白名单实例
			ipAllowlist := middleware.NewIPAllowlist(conf, logger)
			ipAllowlistMiddleware := ipAllowlist.IPAllowlistMiddleware()

			// 为GameShield相关接口添加IP白名单保护
			noAuthRouter.POST("/gameShield/add", ipAllowlistMiddleware, gameShieldHandler.SubmitGameShield)
			noAuthRouter.POST("/gameShield/getField", ipAllowlistMiddleware, gameShieldHandler.GetGameShieldField)
			noAuthRouter.POST("/gameShield/getKey", ipAllowlistMiddleware, gameShieldHandler.GetGameShieldKey)
			noAuthRouter.POST("/gameShield/edit", ipAllowlistMiddleware, gameShieldHandler.EditGameShield)
			noAuthRouter.POST("/gameShield/delete", ipAllowlistMiddleware, gameShieldHandler.DeleteGameShield)
			noAuthRouter.POST("/gameShield/getOnline", ipAllowlistMiddleware, gameShieldHandler.GetGameShieldOnlineList)
			noAuthRouter.POST("/gameShield/IsExistKey", gameShieldHandler.IsExistGameShieldKey)
			noAuthRouter.POST("/webForward/get", ipAllowlistMiddleware, webForwardingHandler.GetWebForwarding)
			noAuthRouter.POST("/webForward/getList", ipAllowlistMiddleware, webForwardingHandler.GetWebForwardingList)
			noAuthRouter.POST("/webForward/add", ipAllowlistMiddleware, webForwardingHandler.AddWebForwarding)
			noAuthRouter.POST("/webForward/edit", ipAllowlistMiddleware, webForwardingHandler.EditWebForwarding)
			noAuthRouter.POST("/webForward/delete", ipAllowlistMiddleware, webForwardingHandler.DeleteWebForwarding)

			noAuthRouter.POST("/tcpForward/add", ipAllowlistMiddleware, tcpForwardingHandler.AddTcpForwarding)
			noAuthRouter.POST("/tcpForward/get", ipAllowlistMiddleware, tcpForwardingHandler.GetTcpforwarding)
			noAuthRouter.POST("/tcpForward/getList", ipAllowlistMiddleware, tcpForwardingHandler.GetTcpForwardingList)
			noAuthRouter.POST("/tcpForward/edit", ipAllowlistMiddleware, tcpForwardingHandler.EditTcpForwarding)
			noAuthRouter.POST("/tcpForward/delete", ipAllowlistMiddleware, tcpForwardingHandler.DeleteTcpForwarding)
			noAuthRouter.POST("/udpForward/get", ipAllowlistMiddleware, udpForwardingHandler.GetUdpForWarding)
			noAuthRouter.POST("/udpForward/getList", ipAllowlistMiddleware, udpForwardingHandler.GetUdpForWardingList)
			noAuthRouter.POST("/udpForward/add", ipAllowlistMiddleware, udpForwardingHandler.AddUdpForWarding)
			noAuthRouter.POST("/udpForward/edit", ipAllowlistMiddleware, udpForwardingHandler.EditUdpForWarding)
			noAuthRouter.POST("/udpForward/delete", ipAllowlistMiddleware, udpForwardingHandler.DeleteUdpForWarding)

			noAuthRouter.POST("/gameShieldBackend/add", ipAllowlistMiddleware, gameShieldBackendHandler.AddGameShieldBackend)
			noAuthRouter.POST("/gameShieldBackend/edit", ipAllowlistMiddleware, gameShieldBackendHandler.EditGameShieldBackend)
			noAuthRouter.POST("/gameShieldBackend/delete", ipAllowlistMiddleware, gameShieldBackendHandler.DeleteGameShieldBackend)
			noAuthRouter.POST("/gameShieldBackend/replacementSourceMachineIp", ipAllowlistMiddleware, gameShieldBackendHandler.ReplacementSourceMachineIp)
			noAuthRouter.POST("/globalLimit/add", ipAllowlistMiddleware, globalLimitHandler.AddGlobalLimit)
			noAuthRouter.POST("/globalLimit/edit", ipAllowlistMiddleware, globalLimitHandler.EditGlobalLimit)
			noAuthRouter.POST("/globalLimit/delete", ipAllowlistMiddleware, globalLimitHandler.DeleteGlobalLimit)

			noAuthRouter.POST("/allowAndDeny/get", ipAllowlistMiddleware, allowAnddenyHandler.GetAllowAndDenyIp)
			noAuthRouter.POST("/allowAndDeny/getList", ipAllowlistMiddleware, allowAnddenyHandler.GetAllowAndDenyIpList)
			noAuthRouter.POST("/allowAndDeny/add", ipAllowlistMiddleware, allowAnddenyHandler.AddAllowAndDenyIp)
			noAuthRouter.POST("/allowAndDeny/edit", ipAllowlistMiddleware, allowAnddenyHandler.EditAllowAndDenyIp)
			noAuthRouter.POST("/allowAndDeny/delete", ipAllowlistMiddleware, allowAnddenyHandler.DeleteAllowAndDenyIp)

			noAuthRouter.POST("/cc/getList", ipAllowlistMiddleware, ccHandler.GetCcList)
			noAuthRouter.POST("/cc/editState", ipAllowlistMiddleware, ccHandler.EditCcState)

			noAuthRouter.POST("/ccIpList/getList", ipAllowlistMiddleware, ccIpListHandler.GetCcIpList)
			noAuthRouter.POST("/ccIpList/add", ipAllowlistMiddleware, ccIpListHandler.AddCcIpList)
			noAuthRouter.POST("/ccIpList/edit", ipAllowlistMiddleware, ccIpListHandler.EditCcIpList)
			noAuthRouter.POST("/ccIpList/delete", ipAllowlistMiddleware, ccIpListHandler.DelCcIpList)

		}
		// Non-strict permission routing group
		//noStrictAuthRouter := v1.Group("/").Use(middleware.NoStrictAuth(jwt, logger))
		//{
		//	noStrictAuthRouter.GET("/user", userHandler.GetProfile)
		//}

		// Strict permission routing group
		strictAuthRouter := v1.Group("/").Use(middleware.StrictAuth(jwt, logger), middleware.AuthMiddleware(e))
		{
			strictAuthRouter.GET("/user", userHandler.GetUsers)

			strictAuthRouter.GET("/menus", adminHandler.GetMenus)
			strictAuthRouter.GET("/admin/menus", adminHandler.GetAdminMenus)
			strictAuthRouter.POST("/admin/menu", adminHandler.MenuCreate)
			strictAuthRouter.PUT("/admin/menu", adminHandler.MenuUpdate)
			strictAuthRouter.DELETE("/admin/menu", adminHandler.MenuDelete)

			strictAuthRouter.GET("/admin/users", adminHandler.GetAdminUsers)
			strictAuthRouter.GET("/admin/user", adminHandler.GetAdminUser)
			strictAuthRouter.PUT("/admin/user", adminHandler.AdminUserUpdate)
			strictAuthRouter.POST("/admin/user", adminHandler.AdminUserCreate)
			strictAuthRouter.DELETE("/admin/user", adminHandler.AdminUserDelete)
			strictAuthRouter.GET("/admin/user/permissions", adminHandler.GetUserPermissions)
			strictAuthRouter.GET("/admin/role/permissions", adminHandler.GetRolePermissions)
			strictAuthRouter.PUT("/admin/role/permission", adminHandler.UpdateRolePermission)
			strictAuthRouter.GET("/admin/roles", adminHandler.GetRoles)
			strictAuthRouter.POST("/admin/role", adminHandler.RoleCreate)
			strictAuthRouter.PUT("/admin/role", adminHandler.RoleUpdate)
			strictAuthRouter.DELETE("/admin/role", adminHandler.RoleDelete)

			strictAuthRouter.GET("/admin/apis", adminHandler.GetApis)
			strictAuthRouter.POST("/admin/api", adminHandler.ApiCreate)
			strictAuthRouter.PUT("/admin/api", adminHandler.ApiUpdate)
			strictAuthRouter.DELETE("/admin/api", adminHandler.ApiDelete)


			strictAuthRouter.GET("/gatewayIp/get", gatewayIpAdminHandler.GetGatewayIpAdmin)
			strictAuthRouter.GET("/gatewayIp/getList", gatewayIpAdminHandler.GetGatewayIpAdminList)
			strictAuthRouter.POST("/gatewayIp/add", gatewayIpAdminHandler.AddGatewayIpAdmin)
			strictAuthRouter.PUT("/gatewayIp/edit", gatewayIpAdminHandler.EditGatewayIpAdmin)
			strictAuthRouter.DELETE("/gatewayIp/del", gatewayIpAdminHandler.DeleteGatewayIpAdmin)
			strictAuthRouter.DELETE("/gatewayIp/delList", gatewayIpAdminHandler.DeleteGatewayIpsAdmin)

		}
	}

	return s
}