Adam French
b56f8253d9
All checks were successful
Deploy with Docker Compose / deploy (push) Successful in 3m51s
- Fix WebSocket CheckOrigin to use proper url.Parse instead of string stripping - Add admin auth checks to Users/User GraphQL queries - Remove GraphQL GET transport to prevent CSRF via cross-site links - Add application-level IP-based login rate limiting (5 attempts/min) - Add path traversal bounds check on radio file upload - Require DEV_MODE for GraphQL introspection and playground - Move notes backend endpoint behind admin middleware - Add dedicated Nginx rate limit zone for GraphQL (10r/s) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
50 lines
1.1 KiB
Go
50 lines
1.1 KiB
Go
package handlers
|
|
|
|
import (
|
|
"time"
|
|
|
|
"adam-french.co.uk/backend/services"
|
|
"github.com/anthropics/anthropic-sdk-go"
|
|
"github.com/zmb3/spotify/v2"
|
|
spotifyauth "github.com/zmb3/spotify/v2/auth"
|
|
"gorm.io/gorm"
|
|
)
|
|
|
|
type Store struct {
|
|
DB *gorm.DB
|
|
SpotifyAuth *spotifyauth.Authenticator
|
|
SpotifyClient *spotify.Client
|
|
ClaudeClient *anthropic.Client
|
|
Auth *services.Auth
|
|
Notes *services.Notes
|
|
LoginLimiter *services.RateLimiter
|
|
|
|
RecentSongs *[]spotify.RecentlyPlayedItem
|
|
RecentSongsFetchedAt time.Time
|
|
|
|
GiteaHost string
|
|
GiteaPort string
|
|
GiteaFeed *services.GiteaFeedResponse
|
|
GiteaFeedFetchedAt time.Time
|
|
|
|
SteamAPIKey string
|
|
SteamID string
|
|
SteamRecentGames []services.SteamRecentGame
|
|
SteamOnline bool
|
|
SteamFetchedAt time.Time
|
|
}
|
|
|
|
func (s *Store) GiteaFeedFresh() bool {
|
|
if s.GiteaFeed == nil {
|
|
return false
|
|
}
|
|
return time.Since(s.GiteaFeedFetchedAt) < time.Minute
|
|
}
|
|
|
|
func (s *Store) SteamFresh() bool {
|
|
if s.SteamRecentGames == nil {
|
|
return false
|
|
}
|
|
return time.Since(s.SteamFetchedAt) < 5*time.Minute
|
|
}
|