start working on the frontend side

2025-12-24 19:53:45 +00:00
parent 3aa0169af0
commit c962a223c6
84 changed files with 14761 additions and 58 deletions
--- a/backend/internal/common/config/config.go
+++ b/backend/internal/common/config/config.go
@@ -14,6 +14,7 @@ type Config struct {
 	Database DatabaseConfig `yaml:"database"`
 	Auth     AuthConfig     `yaml:"auth"`
 	Logging  LoggingConfig  `yaml:"logging"`
+	Security SecurityConfig `yaml:"security"`
 }

 // ServerConfig holds HTTP server configuration
@@ -23,6 +24,14 @@ type ServerConfig struct {
 	ReadTimeout  time.Duration `yaml:"read_timeout"`
 	WriteTimeout time.Duration `yaml:"write_timeout"`
 	IdleTimeout  time.Duration `yaml:"idle_timeout"`
+	Cache        CacheConfig   `yaml:"cache"`
+}
+
+// CacheConfig holds response caching configuration
+type CacheConfig struct {
+	Enabled    bool          `yaml:"enabled"`
+	DefaultTTL time.Duration `yaml:"default_ttl"`
+	MaxAge     int           `yaml:"max_age"` // seconds for Cache-Control header
 }

 // DatabaseConfig holds PostgreSQL connection configuration
@@ -60,6 +69,33 @@ type LoggingConfig struct {
 	Format string `yaml:"format"` // json or text
 }

+// SecurityConfig holds security-related configuration
+type SecurityConfig struct {
+	CORS          CORSConfig          `yaml:"cors"`
+	RateLimit     RateLimitConfig     `yaml:"rate_limit"`
+	SecurityHeaders SecurityHeadersConfig `yaml:"security_headers"`
+}
+
+// CORSConfig holds CORS configuration
+type CORSConfig struct {
+	AllowedOrigins []string `yaml:"allowed_origins"`
+	AllowedMethods []string `yaml:"allowed_methods"`
+	AllowedHeaders []string `yaml:"allowed_headers"`
+	AllowCredentials bool   `yaml:"allow_credentials"`
+}
+
+// RateLimitConfig holds rate limiting configuration
+type RateLimitConfig struct {
+	Enabled          bool    `yaml:"enabled"`
+	RequestsPerSecond float64 `yaml:"requests_per_second"`
+	BurstSize        int     `yaml:"burst_size"`
+}
+
+// SecurityHeadersConfig holds security headers configuration
+type SecurityHeadersConfig struct {
+	Enabled bool `yaml:"enabled"`
+}
+
 // Load reads configuration from file and environment variables
 func Load(path string) (*Config, error) {
 	cfg := DefaultConfig()
@@ -118,6 +154,22 @@ func DefaultConfig() *Config {
 			Level:  getEnv("CALYPSO_LOG_LEVEL", "info"),
 			Format: getEnv("CALYPSO_LOG_FORMAT", "json"),
 		},
+		Security: SecurityConfig{
+			CORS: CORSConfig{
+				AllowedOrigins:   []string{"*"}, // Default: allow all (should be restricted in production)
+				AllowedMethods:   []string{"GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS"},
+				AllowedHeaders:   []string{"Content-Type", "Authorization", "Accept", "Origin"},
+				AllowCredentials: true,
+			},
+			RateLimit: RateLimitConfig{
+				Enabled:          true,
+				RequestsPerSecond: 100.0,
+				BurstSize:        50,
+			},
+			SecurityHeaders: SecurityHeadersConfig{
+				Enabled: true,
+			},
+		},
 	}
 }