Documentation
¶
Overview ¶
Package server provides shared HTTP infrastructure for all domain modules. Deps holds injected dependencies. Module describes a domain's contributions. Domains import this package; this package never imports domains.
Index ¶
- Variables
- func Audit(r *http.Request, auditStore store.AuditStore, ...)
- func CSRFToken(ctx context.Context) string
- func FormatJSONError(err error, expected string) string
- func GenerateAPIKey() (string, error)
- func IsMaskedValue(val string) bool
- func MaskAPIKey(key string) string
- func ParseDurationWithDays(s string) (time.Duration, error)
- func ParseSinceParam(s string) (time.Time, error)
- func RequireAdminAPI(next http.Handler) http.Handler
- func SessionFromContext(ctx context.Context) *store.Session
- func UserFromContext(ctx context.Context) *store.User
- func WithSession(ctx context.Context, session *store.Session) context.Context
- func WithUser(ctx context.Context, user *store.User) context.Context
- func WriteDetailedError(w http.ResponseWriter, status int, message, code string, ...)
- func WriteError(w http.ResponseWriter, status int, msg string)
- func WriteJSON(w http.ResponseWriter, status int, v any)
- type CSRFTokenKeyType
- type Deps
- type Module
- type ToolCatalogCategory
- type ToolCatalogEntry
- type ToolCatalogProvider
Constants ¶
This section is empty.
Variables ¶
var CtxKeyCSRFToken = CSRFTokenKeyType{}
CtxKeyCSRFToken is the context key for the per-request CSRF token.
Functions ¶
func Audit ¶
func Audit(r *http.Request, auditStore store.AuditStore, action, targetType, targetID, details string)
Audit logs an admin action to the audit store. Safe to call with a nil store.
func FormatJSONError ¶
FormatJSONError produces a user-friendly message from a JSON parse error.
func GenerateAPIKey ¶
GenerateAPIKey creates a new random API key with the "ot_" prefix.
func IsMaskedValue ¶
IsMaskedValue returns true if the value looks like a masked API key.
func MaskAPIKey ¶
MaskAPIKey returns a masked version of an API key for safe display.
func ParseDurationWithDays ¶
ParseDurationWithDays extends time.ParseDuration to support "d" suffix for days.
func ParseSinceParam ¶
ParseSinceParam parses a duration string like "24h", "7d" or an RFC3339 timestamp into a time.Time.
func RequireAdminAPI ¶
RequireAdminAPI is middleware that returns 403 JSON if the user is not an admin.
func SessionFromContext ¶
SessionFromContext returns the session from the request context, or nil.
func UserFromContext ¶
UserFromContext returns the authenticated user from the request context, or nil.
func WithSession ¶
WithSession stores a session in the context.
func WriteDetailedError ¶
func WriteDetailedError(w http.ResponseWriter, status int, message, code string, details map[string]any)
WriteDetailedError writes a JSON error with a code and optional details.
func WriteError ¶
func WriteError(w http.ResponseWriter, status int, msg string)
WriteError writes a JSON error response.
Types ¶
type CSRFTokenKeyType ¶
type CSRFTokenKeyType struct{}
CSRFTokenKeyType is the context key type for CSRF tokens. Exported so the web middleware can set it and modules can read it.
type Deps ¶
type Deps struct {
DB *sql.DB
Cfg *config.Config
// Stores — embedded so modules can access deps.LogStore directly.
store.Stores
// Infrastructure
Registry *connector.Registry
Queue *jobs.Queue
WatchMetrics *watcher.WatchMetrics
// ToolCatalog provides the MCP tool catalog for the tools page/API.
// Typed as interface to avoid importing internal/mcp.
ToolCatalog ToolCatalogProvider
// PageRouter is the top-level router group for page routes (with auth
// and onboarding-redirect middleware already applied). Modules that
// need to register HTML page handlers use this instead of the API
// sub-router passed to Mount.
PageRouter chi.Router
// AdminPageRouter is the top-level router group for admin-only page
// routes (with auth, onboarding-redirect, and RequireAdmin middleware
// already applied). Modules that need admin HTML pages use this.
AdminPageRouter chi.Router
// APIRouter is the top-level /api router (with decompression and CORS
// but no session auth). Modules use this to register routes that need
// API key auth instead of session auth (webhooks, agent endpoints).
APIRouter chi.Router
// APIKeyAuth is middleware that validates requests using the configured
// API key. Modules apply this on webhook/ingestion routes that accept
// machine-to-machine traffic instead of browser sessions.
APIKeyAuth func(http.Handler) http.Handler
// APIRateLimiter is rate-limiting middleware for API endpoints.
APIRateLimiter func(http.Handler) http.Handler
// RootRouter is the top-level chi.Router (before any auth middleware
// groups). Modules that need to register unauthenticated routes
// (e.g. login, register, onboarding) use this.
RootRouter chi.Router
// LoginLimiter is rate-limiting middleware for login/register endpoints.
LoginLimiter func(http.Handler) http.Handler
// StartedAt records when the server process started (for uptime calculation).
StartedAt time.Time
}
Deps holds shared dependencies injected into every domain module. Adding a new store = one field in store.Stores + one line in NewStores().
type Module ¶
type Module struct {
// Name is a human-readable identifier (e.g., "errors", "watches").
Name string
// Mount registers the domain's routes on the given router.
Mount func(r chi.Router, deps *Deps)
}
Module describes a domain package's contributions to the app. Each domain exports a Module var. The router iterates these for route mounting during startup.
type ToolCatalogCategory ¶
type ToolCatalogCategory struct {
Name string
Description string
Tools []ToolCatalogEntry
}
ToolCatalogCategory groups related tools under a named section.
type ToolCatalogEntry ¶
ToolCatalogEntry describes a single MCP tool for display.
type ToolCatalogProvider ¶
type ToolCatalogProvider interface {
CategoriesForDisplay() []ToolCatalogCategory
}
ToolCatalogProvider exposes the MCP tool catalog without importing internal/mcp.
Source Files