implemented NATS event bus, websocket hub upgrade, and audit log

2026-05-11 19:38:02 +02:00
parent db0f402ab2
commit 83d96d0a1e
16 changed files with 502 additions and 15 deletions
@@ -17,9 +17,10 @@ import (
 	"github.com/forgeo/forgebucket/internal/api/handlers"
 	"github.com/forgeo/forgebucket/internal/api/middleware"
 	"github.com/forgeo/forgebucket/internal/config"
+	"github.com/forgeo/forgebucket/internal/events"
 )

-func New(cfg *config.Config, engine *xorm.Engine, store sessions.Store, staticFiles fs.FS) http.Handler {
+func New(cfg *config.Config, engine *xorm.Engine, store sessions.Store, bus events.EventBus, staticFiles fs.FS) http.Handler {
 	r := chi.NewRouter()

 	r.Use(chimiddleware.Logger)
@@ -33,14 +34,15 @@ func New(cfg *config.Config, engine *xorm.Engine, store sessions.Store, staticFi
 		MaxAge:           300,
 	}))

-	csrf := middleware.CSRF(!cfg.Debug)
-	auth      := middleware.NewAuth(store, engine, handlers.LookupAccessToken)
+	csrf  := middleware.CSRF(!cfg.Debug)
+	auth  := middleware.NewAuth(store, engine, handlers.LookupAccessToken)
+	audit := middleware.AuditLog(engine, bus)

 	repoH    := handlers.NewRepoHandler(engine, cfg)
 	userH    := handlers.NewUserHandler(engine, store)
 	prH      := handlers.NewPRHandler(engine)
 	pipeH    := handlers.NewPipelineHandler(engine)
-	wsH      := handlers.NewWSHandler()
+	wsH      := handlers.NewWSHandler(bus)
 	gitH     := handlers.NewGitHTTPHandler(engine, cfg)
 	issueH   := handlers.NewIssueHandler(engine)
 	sshKeyH  := handlers.NewSSHKeyHandler(engine)
@@ -53,6 +55,7 @@ func New(cfg *config.Config, engine *xorm.Engine, store sessions.Store, staticFi
 	lfsH        := handlers.NewLFSHandler(engine)
 	exploreH    := handlers.NewExploreHandler(engine)
 	dashH       := handlers.NewDashboardHandler(engine)
+	auditH      := handlers.NewAuditHandler(engine)

 	// ── Git smart-HTTP transport ───────────────────────────────────────────────
 	// Regex constraint ensures only *.git paths match, so asset/SPA URLs
@@ -94,9 +97,11 @@ func New(cfg *config.Config, engine *xorm.Engine, store sessions.Store, staticFi
 		// ── Protected (session + CSRF for mutations) ──────────────────────────
 		r.Group(func(r chi.Router) {
 			r.Use(auth.Require)
+			r.Use(audit)

 			r.Get("/me", userH.Me)
 			r.Get("/dashboard", dashH.Get)
+			r.Get("/audit", auditH.List)

 			// SSH key management
 			r.Get("/user/keys", sshKeyH.List)