rename project from service-http to nsqauthd and update related configurations

Author: lwnmengjing

.github/workflows/ci.yml

@@ -0,0 +1,105 @@
+name: CI
+
+on:
+  push:
+    paths-ignore:
+      - 'docs/**'
+      - '.github/**'
+      - '.gitignore'
+    branches:
+      - main
+    tags:
+      - 'v*.*.*'
+  pull_request:
+    branches:
+      - main
+
+env:
+  # Use docker.io for Docker Hub if empty
+  REGISTRY: ghcr.io
+  # github.repository as <account>/<repo>
+  IMAGE_NAME: ${{ github.repository }}
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Setup golang
+        uses: actions/setup-go@v5
+        with:
+          go-version: 1.24
+      - name: Start Redis
+        uses: supercharge/redis-github-action@1.8.0
+        with:
+          redis-version: 7
+      - name: Install dependencies
+        run: make deps
+      - name: Unit Test
+        run: make test
+
+      - name: Convert coverage report to table
+        run: go tool cover -func=coverage.out | tail -n +2 | awk '{print "|",$1,"|",$3,"|"}' > coverage_table.md
+
+      - name: Comment on PR with coverage table
+        if: github.event_name == 'pull_request'
+        working-directory: cmd/tools/pr
+        run: go mod tidy && go run main.go
+        continue-on-error: true
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          REPO_NAME: ${{ github.repository }}
+          PR_NUMBER: ${{ github.event.number }}
+          COVERAGE_FILE: ../../../coverage_table.md
+      - name: Build
+        run: make build
+      - name: Vendor
+        run: go mod vendor
+
+      # Login against a Docker registry except on PR
+      # https://github.com/docker/login-action
+      - name: Log into registry ${{ env.REGISTRY }}
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Set up QEMU
+        if: github.event_name != 'pull_request'
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        if: github.event_name != 'pull_request'
+        uses: docker/setup-buildx-action@v3
+
+      # Extract metadata (tags, labels) for Docker
+      # https://github.com/docker/metadata-action
+      - name: Extract Docker metadata
+        id: meta
+        if: github.event_name != 'pull_request'
+        uses: docker/metadata-action@v5
+        with:
+          images: '${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}'
+          flavor: |
+            latest=auto
+          tags: |
+            type=schedule
+            type=ref,event=tag
+            type=sha,prefix=,format=long,enable=true,priority=100
+
+      # Build and push Docker image with Buildx (don't push on PR)
+      # https://github.com/docker/build-push-action
+      - name: Build and push Docker image
+        if: github.event_name != 'pull_request'
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: Dockerfile
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          platforms: linux/amd64

.github/workflows/release.yml

@@ -0,0 +1,115 @@
+name: Release
+
+on:
+  push:
+    tags:
+      - 'v*.*.*'
+
+env:
+  # Use docker.io for Docker Hub if empty
+  REGISTRY: ghcr.io
+  # github.repository as <account>/<repo>
+  IMAGE_NAME: ${{ github.repository }}
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        os: [linux, windows, darwin]
+        arch: [amd64, arm64]
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Setup golang
+        uses: actions/setup-go@v5
+        with:
+          go-version: 1.24
+      - name: Start Redis
+        uses: supercharge/redis-github-action@1.8.0
+        with:
+          redis-version: 7
+      - name: Install dependencies
+        run: make deps
+      - name: Unit Test
+        run: make test
+      - name: Build
+        run: GOOS=${{ matrix.os }} GOARCH=${{ matrix.arch }} go build -o admin
+      - name: Windows
+        if: matrix.os == 'windows'
+        run: mv admin admin.exe
+      - name: Archive artifact
+        if: matrix.os != 'windows'
+        uses: actions/upload-artifact@v4
+        with:
+          name: admin-${{ matrix.os }}-${{ matrix.arch }}
+          path: |
+            admin
+            public
+            config/*.yml
+      - name: Archive artifact
+        if: matrix.os == 'windows'
+        uses: actions/upload-artifact@v4
+        with:
+          name: admin-${{ matrix.os }}-${{ matrix.arch }}
+          path: |
+            admin.exe
+            public
+            config/*.yml
+
+  release:
+    runs-on: ubuntu-latest
+    needs: build
+    steps:
+      - name: Download artifact
+        uses: actions/download-artifact@v4
+
+      - name: Get latest release version
+        id: get_release
+        run: |
+          LATEST_RELEASE=$(curl -s https://api.github.com/repos/mss-boot-io/mss-boot-admin-antd/releases/latest)
+          VERSION=$(echo $LATEST_RELEASE | jq -r '.tag_name')
+          echo "LATEST_RELEASE_VERSION=${VERSION}" >> $GITHUB_ENV
+
+      - name: Download dist-local.tar.gz
+        run: |
+          wget https://github.com/mss-boot-io/mss-boot-admin-antd/releases/download/${{ env.LATEST_RELEASE_VERSION }}/dist-local.tar.gz
+          tar -zxvf dist-local.tar.gz
+          cp -r dist admin-linux-amd64/
+          cp -r dist admin-linux-arm64/
+          cp -r dist admin-darwin-amd64/
+          cp -r dist admin-darwin-arm64/
+          cp -r dist admin-windows-amd64/
+          cp -r dist admin-windows-arm64/
+
+      - name: Package
+        run: |
+          zip -r admin-linux-amd64.zip admin-linux-amd64
+          zip -r admin-linux-arm64.zip admin-linux-arm64
+          zip -r admin-darwin-amd64.zip admin-darwin-amd64
+          zip -r admin-darwin-arm64.zip admin-darwin-arm64
+          zip -r admin-windows-amd64.zip admin-windows-amd64
+          zip -r admin-windows-arm64.zip admin-windows-arm64
+
+      - name: Get version
+        id: get_version
+        run: echo ::set-output name=VERSION::${GITHUB_REF/refs\/tags\//}
+
+      - name: Release
+        uses: softprops/action-gh-release@v1
+        with:
+          generate_release_notes: true
+          files: |
+            admin-linux-amd64.zip
+            admin-linux-arm64.zip
+            admin-darwin-amd64.zip
+            admin-darwin-arm64.zip
+            admin-windows-amd64.zip
+            admin-windows-arm64.zip
+          prerelease: false
+          body: |
+            ## Pull Image
+            ```shell
+            docker pull ghcr.io/${{ github.repository }}:${{ steps.get_version.outputs.VERSION }}
+            ```
+            

.gitignore

@@ -23,4 +23,5 @@ go.work*
 # idea
 .idea
 # vscode
-.vscode
+.vscode
+*.db

README.md

@@ -1,2 +1,2 @@
-# service-http
+# nsqauthd
 mss-boot http service example

apis/auth.go

@@ -0,0 +1,79 @@
+package apis
+
+import (
+	"github.com/mss-boot-io/mss-boot/pkg/response/actions"
+	"net/http"
+
+	"github.com/gin-gonic/gin"
+	"github.com/mss-boot-io/mss-boot/pkg/config/gormdb"
+	"github.com/mss-boot-io/mss-boot/pkg/response"
+	"github.com/mss-boot-io/mss-boot/pkg/response/controller"
+
+	"nsqauthd/config"
+	"nsqauthd/dto"
+	"nsqauthd/models"
+)
+
+func init() {
+	e := &Auth{
+		Simple: controller.NewSimple(
+			controller.WithAuth(false),
+			controller.WithModelProvider(actions.ModelProviderGorm),
+		),
+	}
+	response.AppendController(e)
+}
+
+type Auth struct {
+	*controller.Simple
+}
+
+func (e *Auth) GetAction(_ string) response.Action {
+	return nil
+}
+
+func (e *Auth) Other(r *gin.RouterGroup) {
+	r.GET("/auth", e.Auth)
+}
+
+// Auth authenticate
+// @Summary authenticate
+// @Description authenticate
+// @Tags auth
+// @Accept application/json
+// @Product application/json
+// @Param secret query string true "secret"
+// @Param remote_ip query string true "remote_ip"
+// @Param tls query bool false "tls"
+// @Success 200 {object} dto.AuthResp
+// @Router /auth [get]
+func (e *Auth) Auth(ctx *gin.Context) {
+	api := response.Make(ctx)
+	req := &dto.AuthReq{}
+	if api.Bind(req).Error != nil {
+		api.Err(http.StatusForbidden, "NOT_AUTHORIZED")
+		return
+	}
+	resp := &dto.AuthResp{
+		Identity:       req.Secret,
+		TTL:            config.Cfg.TTL,
+		Authorizations: make([]*dto.AuthAccount, 0),
+	}
+	auth := models.Auth{
+		Login: req.Secret,
+	}
+	err := auth.GetByLogin(ctx, gormdb.DB)
+	if err != nil {
+		api.AddError(err).Log.Error("get auth failed", "err", err)
+		api.Err(http.StatusForbidden, "NOT_AUTHORIZED")
+		return
+	}
+	if req.TLS != auth.TlsRequired {
+		api.Err(http.StatusForbidden, "NOT_AUTHORIZED")
+		return
+	}
+	authAccount := &dto.AuthAccount{}
+	authAccount.Channels, authAccount.Topic, authAccount.Permissions = auth.ToAuthPermissions()
+	resp.Authorizations = append(resp.Authorizations, authAccount)
+	api.OK(resp)
+}