faba565c66
用 Go (Gin + GORM + SQLite) 重写整个后端: - 单二进制部署,不依赖 Python/pip/SDK - net/http 原生客户端,无 Cloudflare TLS 指纹问题 - 多阶段 Dockerfile:Node 构建前端 + Go 构建后端 + Alpine 运行 - 内存占用从 ~95MB 降至 ~3MB - 完整保留所有 API 路由、JWT 认证、API Key 权限、审计日志
115 lines
3.4 KiB
Go
115 lines
3.4 KiB
Go
package main
|
|
|
|
import (
|
|
"log"
|
|
"os"
|
|
"path/filepath"
|
|
"strings"
|
|
|
|
"github.com/gin-contrib/cors"
|
|
"github.com/gin-gonic/gin"
|
|
|
|
"airwallex-admin/config"
|
|
"airwallex-admin/handlers"
|
|
"airwallex-admin/middleware"
|
|
"airwallex-admin/models"
|
|
)
|
|
|
|
func main() {
|
|
config.Load()
|
|
models.InitDB()
|
|
models.InitializeDefaults(models.DB)
|
|
|
|
r := gin.Default()
|
|
|
|
r.Use(cors.New(cors.Config{
|
|
AllowAllOrigins: true,
|
|
AllowMethods: []string{"GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS"},
|
|
AllowHeaders: []string{"Origin", "Content-Type", "Accept", "Authorization", "X-API-Key"},
|
|
ExposeHeaders: []string{"Content-Length"},
|
|
AllowCredentials: false,
|
|
}))
|
|
|
|
// Health check
|
|
api := r.Group("/api")
|
|
api.GET("/health", func(c *gin.Context) {
|
|
c.JSON(200, gin.H{"status": "ok"})
|
|
})
|
|
|
|
// Auth routes (no auth required)
|
|
auth := api.Group("/auth")
|
|
auth.POST("/login", handlers.Login)
|
|
|
|
// Protected admin routes (JWT required)
|
|
protected := api.Group("")
|
|
protected.Use(middleware.JWTAuth())
|
|
|
|
protected.GET("/auth/me", handlers.GetMe)
|
|
protected.GET("/dashboard", handlers.GetDashboard)
|
|
|
|
// Cards
|
|
protected.GET("/cards", handlers.ListCards)
|
|
protected.POST("/cards", handlers.CreateCard)
|
|
protected.GET("/cards/:id", handlers.GetCard)
|
|
protected.GET("/cards/:id/details", handlers.GetCardDetails)
|
|
protected.PUT("/cards/:id", handlers.UpdateCard)
|
|
|
|
// Cardholders
|
|
protected.GET("/cardholders", handlers.ListCardholders)
|
|
protected.POST("/cardholders", handlers.CreateCardholder)
|
|
|
|
// Transactions
|
|
protected.GET("/transactions", handlers.ListTransactions)
|
|
protected.GET("/authorizations", handlers.ListAuthorizations)
|
|
|
|
// Settings
|
|
protected.GET("/settings", handlers.GetSettings)
|
|
protected.PUT("/settings", handlers.UpdateSettings)
|
|
protected.POST("/settings/test-connection", handlers.TestConnection)
|
|
protected.POST("/settings/test-proxy", handlers.TestProxy)
|
|
|
|
// Tokens
|
|
protected.GET("/tokens", handlers.ListTokens)
|
|
protected.POST("/tokens", handlers.CreateToken)
|
|
protected.DELETE("/tokens/:id", handlers.DeleteToken)
|
|
|
|
// Logs
|
|
protected.GET("/card-logs", handlers.ListCardLogs)
|
|
protected.GET("/audit-logs", handlers.ListAuditLogs)
|
|
|
|
// External API (API Key auth)
|
|
v1 := api.Group("/v1")
|
|
v1.Use(middleware.APIKeyAuth())
|
|
|
|
v1.POST("/cards/create", middleware.CheckPermission("create_cards"), handlers.ExternalCreateCard)
|
|
v1.GET("/cards", middleware.CheckPermission("read_cards"), handlers.ExternalListCards)
|
|
v1.GET("/cards/:id", middleware.CheckPermission("read_cards"), handlers.ExternalGetCard)
|
|
v1.POST("/cards/:id/freeze", middleware.CheckPermission("create_cards"), handlers.ExternalFreezeCard)
|
|
v1.GET("/transactions", middleware.CheckPermission("read_transactions"), handlers.ExternalListTransactions)
|
|
v1.GET("/balance", middleware.CheckPermission("read_balance"), handlers.ExternalGetBalance)
|
|
|
|
// Static files + SPA fallback
|
|
distPath := "frontend/dist"
|
|
if _, err := os.Stat(distPath); err == nil {
|
|
r.Static("/assets", filepath.Join(distPath, "assets"))
|
|
r.StaticFile("/favicon.ico", filepath.Join(distPath, "favicon.ico"))
|
|
|
|
r.NoRoute(func(c *gin.Context) {
|
|
if strings.HasPrefix(c.Request.URL.Path, "/api/") {
|
|
c.JSON(404, gin.H{"detail": "Not found"})
|
|
return
|
|
}
|
|
c.File(filepath.Join(distPath, "index.html"))
|
|
})
|
|
}
|
|
|
|
port := config.Cfg.Port
|
|
if port == "" {
|
|
port = "8000"
|
|
}
|
|
log.Printf("Starting server on :%s", port)
|
|
if err := r.Run(":" + port); err != nil {
|
|
log.Fatalf("Failed to start server: %v", err)
|
|
}
|
|
}
|