rezidir/GeoShare
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add Swagger UI docs, custom CORS middleware, and request logging

Browse Source 
- Add Swagger UI files and updated API spec for Family Safety Tracker
- Replace shelf_cors_headers with custom CORS middleware in server.dart
- Add request_logger middleware with timing for auth and geo routes
- Add REGISTRATION_SECRET_KEY to .env for registration validation
- Remove postgres port exposure from docker-compose.yml
- Update opencode.json model configuration
- Add crypto dependency and update Flutter web assets
This commit is contained in:
dmit.b
2026-05-15 17:43:53 +03:00
parent 6b4c599981
commit fde96c0197
25 changed files with 53278 additions and 49937 deletions
Download Patch File Download Diff File Expand all files Collapse all files
bin/routes/auth_routes.dart
+32 -7
View File
@@ -5,6 +5,7 @@ import 'package:dart_jsonwebtoken/dart_jsonwebtoken.dart';
import 'package:dotenv/dotenv.dart';
import '../database/database_provider.dart';
import '../middleware/auth_middleware.dart';
import '../middleware/request_logger.dart';
import 'dart:convert';
class AuthRoutes {
@@ -29,9 +30,13 @@ class AuthRoutes {
final user = await database.findUserByLogin(login);
final stopwatch = Stopwatch()..start();
if (user == null || !BCrypt.checkpw(password, user.pwdHash)) {
await database.createLog(login, 'Failed login attempt');
return Response(401, body: jsonEncode({'error': 'Invalid credentials'}), headers: {'Content-Type': 'application/json'});
stopwatch.stop();
final response = Response(401, body: jsonEncode({'error': 'Invalid credentials'}), headers: {'Content-Type': 'application/json'});
logRequest(method: 'POST', url: '/login', status: 401, duration: stopwatch.elapsed, body: body, responseHeaders: response.headers);
return response;
}
// Генерация JWT токена
@@ -44,10 +49,14 @@ class AuthRoutes {
final token = jwt.sign(SecretKey(secret));
await database.createLog(login, 'Successful login');
return Response(200, body: jsonEncode({'token': token}), headers: {'Content-Type': 'application/json'});
stopwatch.stop();
final response = Response(200, body: jsonEncode({'token': token}), headers: {'Content-Type': 'application/json'});
logRequest(method: 'POST', url: '/login', status: 200, duration: stopwatch.elapsed, body: body, responseHeaders: response.headers);
return response;
}
Future<Response> _register(Request request) async {
final stopwatch = Stopwatch()..start();
final body = await request.readAsString();
final data = jsonDecode(body);
@@ -56,35 +65,51 @@ class AuthRoutes {
await database.createUser(login, password);
await database.createLog(login, 'User registration');
return Response(201, body: jsonEncode({'message': 'User registered'}), headers: {'Content-Type': 'application/json'});
stopwatch.stop();
final response = Response(201, body: jsonEncode({'message': 'User registered'}), headers: {'Content-Type': 'application/json'});
logRequest(method: 'POST', url: '/reg', status: 201, duration: stopwatch.elapsed, body: body, responseHeaders: response.headers);
return response;
}
Future<Response> _watch(Request request, String login) async {
final stopwatch = Stopwatch()..start();
final uniqueId = request.url.queryParameters['share_id'];
if (uniqueId == null) {
return Response(404, body: jsonEncode({'error': 'Share link not found'}), headers: {'Content-Type': 'application/json'});
stopwatch.stop();
final response = Response(404, body: jsonEncode({'error': 'Share link not found'}), headers: {'Content-Type': 'application/json'});
logRequest(method: 'GET', url: '/watch', status: 404, duration: stopwatch.elapsed, responseHeaders: response.headers);
return response;
}
final geoId = database.getGeoIdByShareId(uniqueId);
if (geoId == null) {
await database.createLog(login, 'Accessed invalid share link');
return Response(404, body: jsonEncode({'error': 'Share link not found'}), headers: {'Content-Type': 'application/json'});
stopwatch.stop();
final response = Response(404, body: jsonEncode({'error': 'Share link not found'}), headers: {'Content-Type': 'application/json'});
logRequest(method: 'GET', url: '/watch', status: 404, duration: stopwatch.elapsed, responseHeaders: response.headers);
return response;
}
final position = await database.getPositionById(geoId);
if (position == null) {
await database.createLog(login, 'Accessed share link - no position');
return Response(404, body: jsonEncode({'error': 'No position available'}), headers: {'Content-Type': 'application/json'});
stopwatch.stop();
final response = Response(404, body: jsonEncode({'error': 'No position available'}), headers: {'Content-Type': 'application/json'});
logRequest(method: 'GET', url: '/watch', status: 404, duration: stopwatch.elapsed, responseHeaders: response.headers);
return response;
}
await database.createLog(login, 'Accessed share link');
return Response(200, body: jsonEncode({
stopwatch.stop();
final response = Response(200, body: jsonEncode({
'x': position.xValue,
'y': position.yValue,
'last_update': position.lastUpdate.toIso8601String(),
'expires_at': position.expiresAt.toIso8601String(),
}), headers: {'Content-Type': 'application/json'});
logRequest(method: 'GET', url: '/watch', status: 200, duration: stopwatch.elapsed, responseHeaders: response.headers);
return response;
}
}