a0e3748dde
Major changes:
- Add auth-svc: JWT auth, register/login/refresh, password reset
- Add auth UI: modals, pages (/login, /register, /forgot-password)
- Add usage tracking (usage_metrics table, daily limits)
- Add tiered rate limiting (free/pro/business)
- Add LLM usage limits per tier
Security fixes:
- All repos now require userID for Update/Delete operations
- JWT middleware in chat-svc, llm-svc, agent-svc, discover-svc
- ErrNotFound/ErrForbidden errors for proper access control
Cleanup:
- Remove legacy TypeScript services/ directory
- Remove computer-svc (to be reimplemented)
- Remove old deploy/docker configs
New files:
- backend/cmd/auth-svc/main.go
- backend/internal/auth/{types,repository}.go
- backend/internal/usage/{types,repository}.go
- backend/pkg/middleware/{llm_limits,ratelimit_tiered}.go
- backend/webui/src/components/auth/*
- backend/webui/src/app/(auth)/*
Made-with: Cursor
107 lines
2.1 KiB
Go
107 lines
2.1 KiB
Go
package middleware
|
|
|
|
import (
|
|
"context"
|
|
"database/sql"
|
|
|
|
"github.com/gofiber/fiber/v2"
|
|
"github.com/gooseek/backend/internal/usage"
|
|
)
|
|
|
|
type LLMLimitsConfig struct {
|
|
UsageRepo *usage.Repository
|
|
}
|
|
|
|
func LLMLimits(config LLMLimitsConfig) fiber.Handler {
|
|
return func(c *fiber.Ctx) error {
|
|
userID := GetUserID(c)
|
|
if userID == "" {
|
|
return c.Status(401).JSON(fiber.Map{
|
|
"error": "Authentication required",
|
|
})
|
|
}
|
|
|
|
tier := GetUserTier(c)
|
|
if tier == "" {
|
|
tier = "free"
|
|
}
|
|
|
|
if config.UsageRepo != nil {
|
|
allowed, reason := config.UsageRepo.CheckLLMLimits(c.Context(), userID, tier)
|
|
if !allowed {
|
|
limits := usage.GetLimits(tier)
|
|
return c.Status(429).JSON(fiber.Map{
|
|
"error": reason,
|
|
"tier": tier,
|
|
"dailyLimit": limits.LLMRequestsPerDay,
|
|
"tokenLimit": limits.LLMTokensPerDay,
|
|
"upgradeUrl": "/settings/billing",
|
|
})
|
|
}
|
|
}
|
|
|
|
return c.Next()
|
|
}
|
|
}
|
|
|
|
type UsageTracker struct {
|
|
repo *usage.Repository
|
|
}
|
|
|
|
func NewUsageTracker(db *sql.DB) *UsageTracker {
|
|
return &UsageTracker{
|
|
repo: usage.NewRepository(db),
|
|
}
|
|
}
|
|
|
|
func (t *UsageTracker) RunMigrations(ctx context.Context) error {
|
|
return t.repo.RunMigrations(ctx)
|
|
}
|
|
|
|
func (t *UsageTracker) TrackAPIRequest(c *fiber.Ctx) {
|
|
userID := GetUserID(c)
|
|
if userID == "" {
|
|
return
|
|
}
|
|
tier := GetUserTier(c)
|
|
if tier == "" {
|
|
tier = "free"
|
|
}
|
|
go t.repo.IncrementAPIRequests(context.Background(), userID, tier)
|
|
}
|
|
|
|
func (t *UsageTracker) TrackLLMRequest(ctx context.Context, userID, tier string, tokens int) {
|
|
if userID == "" {
|
|
return
|
|
}
|
|
if tier == "" {
|
|
tier = "free"
|
|
}
|
|
go t.repo.IncrementLLMUsage(ctx, userID, tier, tokens)
|
|
}
|
|
|
|
func (t *UsageTracker) TrackSearchRequest(c *fiber.Ctx) {
|
|
userID := GetUserID(c)
|
|
if userID == "" {
|
|
return
|
|
}
|
|
tier := GetUserTier(c)
|
|
if tier == "" {
|
|
tier = "free"
|
|
}
|
|
go t.repo.IncrementSearchRequests(context.Background(), userID, tier)
|
|
}
|
|
|
|
func (t *UsageTracker) GetRepository() *usage.Repository {
|
|
return t.repo
|
|
}
|
|
|
|
func UsageTracking(tracker *UsageTracker) fiber.Handler {
|
|
return func(c *fiber.Ctx) error {
|
|
if tracker != nil {
|
|
tracker.TrackAPIRequest(c)
|
|
}
|
|
return c.Next()
|
|
}
|
|
}
|