Add Sign in with Apple authentication

- Add AppleSocialAuth model to store Apple ID linkages - Create AppleAuthService for JWT verification with Apple's public keys - Add AppleSignIn handler and route (POST /auth/apple-sign-in/) - Implement account linking (links Apple ID to existing accounts by email) - Add Redis caching for Apple public keys (24-hour TTL) - Support private relay emails (@privaterelay.appleid.com) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-29 01:17:10 -06:00
parent c7dc56e2d2
commit 409d9716bd
10 changed files with 651 additions and 27 deletions
--- a/internal/config/config.go
+++ b/internal/config/config.go
@@ -13,14 +13,15 @@ import (

 // Config holds all configuration for the application
 type Config struct {
-	Server   ServerConfig
-	Database DatabaseConfig
-	Redis    RedisConfig
-	Email    EmailConfig
-	Push     PushConfig
-	Worker   WorkerConfig
-	Security SecurityConfig
-	Storage  StorageConfig
+	Server    ServerConfig
+	Database  DatabaseConfig
+	Redis     RedisConfig
+	Email     EmailConfig
+	Push      PushConfig
+	Worker    WorkerConfig
+	Security  SecurityConfig
+	Storage   StorageConfig
+	AppleAuth AppleAuthConfig
 }

 type ServerConfig struct {
@@ -72,6 +73,11 @@ type PushConfig struct {
 	FCMServerKey string
 }

+type AppleAuthConfig struct {
+	ClientID string // Bundle ID (e.g., com.tt.casera.CaseraDev)
+	TeamID   string // Apple Developer Team ID
+}
+
 type WorkerConfig struct {
 	// Scheduled job times (UTC)
 	TaskReminderHour    int
@@ -184,6 +190,10 @@ func Load() (*Config, error) {
 			MaxFileSize:  viper.GetInt64("STORAGE_MAX_FILE_SIZE"),
 			AllowedTypes: viper.GetString("STORAGE_ALLOWED_TYPES"),
 		},
+		AppleAuth: AppleAuthConfig{
+			ClientID: viper.GetString("APPLE_CLIENT_ID"),
+			TeamID:   viper.GetString("APPLE_TEAM_ID"),
+		},
 	}

 	// Validate required fields