admin/honeyDueAPI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
72866e935e3cf952168513fc08533db69d63df5e
honeyDueAPI/internal/push/apns.go
Trey t 42a5533a56 Fix 113 hardening issues across entire Go backend 
Security:
- Replace all binding: tags with validate: + c.Validate() in admin handlers
- Add rate limiting to auth endpoints (login, register, password reset)
- Add security headers (HSTS, XSS protection, nosniff, frame options)
- Wire Google Pub/Sub token verification into webhook handler
- Replace ParseUnverified with proper OIDC/JWKS key verification
- Verify inner Apple JWS signatures in webhook handler
- Add io.LimitReader (1MB) to all webhook body reads
- Add ownership verification to file deletion
- Move hardcoded admin credentials to env vars
- Add uniqueIndex to User.Email
- Hide ConfirmationCode from JSON serialization
- Mask confirmation codes in admin responses
- Use http.DetectContentType for upload validation
- Fix path traversal in storage service
- Replace os.Getenv with Viper in stripe service
- Sanitize Redis URLs before logging
- Separate DEBUG_FIXED_CODES from DEBUG flag
- Reject weak SECRET_KEY in production
- Add host check on /_next/* proxy routes
- Use explicit localhost CORS origins in debug mode
- Replace err.Error() with generic messages in all admin error responses

Critical fixes:
- Rewrite FCM to HTTP v1 API with OAuth 2.0 service account auth
- Fix user_customuser -> auth_user table names in raw SQL
- Fix dashboard verified query to use UserProfile model
- Add escapeLikeWildcards() to prevent SQL wildcard injection

Bug fixes:
- Add bounds checks for days/expiring_soon query params (1-3650)
- Add receipt_data/transaction_id empty-check to RestoreSubscription
- Change Active bool -> *bool in device handler
- Check all unchecked GORM/FindByIDWithProfile errors
- Add validation for notification hour fields (0-23)
- Add max=10000 validation on task description updates

Transactions & data integrity:
- Wrap registration flow in transaction
- Wrap QuickComplete in transaction
- Move image creation inside completion transaction
- Wrap SetSpecialties in transaction
- Wrap GetOrCreateToken in transaction
- Wrap completion+image deletion in transaction

Performance:
- Batch completion summaries (2 queries vs 2N)
- Reuse single http.Client in IAP validation
- Cache dashboard counts (30s TTL)
- Batch COUNT queries in admin user list
- Add Limit(500) to document queries
- Add reminder_stage+due_date filters to reminder queries
- Parse AllowedTypes once at init
- In-memory user cache in auth middleware (30s TTL)
- Timezone change detection cache
- Optimize P95 with per-endpoint sorted buffers
- Replace crypto/md5 with hash/fnv for ETags

Code quality:
- Add sync.Once to all monitoring Stop()/Close() methods
- Replace 8 fmt.Printf with zerolog in auth service
- Log previously discarded errors
- Standardize delete response shapes
- Route hardcoded English through i18n
- Remove FileURL from DocumentResponse (keep MediaURL only)
- Thread user timezone through kanban board responses
- Initialize empty slices to prevent null JSON
- Extract shared field map for task Update/UpdateTx
- Delete unused SoftDeleteModel, min(), formatCron, legacy handlers

Worker & jobs:
- Wire Asynq email infrastructure into worker
- Register HandleReminderLogCleanup with daily 3AM cron
- Use per-user timezone in HandleSmartReminder
- Replace direct DB queries with repository calls
- Delete legacy reminder handlers (~200 lines)
- Delete unused task type constants

Dependencies:
- Replace archived jung-kurt/gofpdf with go-pdf/fpdf
- Replace unmaintained gomail.v2 with wneessen/go-mail
- Add TODO for Echo jwt v3 transitive dep removal

Test infrastructure:
- Fix MakeRequest/SeedLookupData error handling
- Replace os.Exit(0) with t.Skip() in scope/consistency tests
- Add 11 new FCM v1 tests

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-18 23:14:13 -05:00

208 lines
5.4 KiB
Go
Raw Blame History

package push
import (
"context"
"fmt"
"github.com/rs/zerolog/log"
"github.com/sideshow/apns2"
"github.com/sideshow/apns2/payload"
"github.com/sideshow/apns2/token"
"github.com/treytartt/honeydue-api/internal/config"
)
// APNsClient handles direct communication with Apple Push Notification service
type APNsClient struct {
client *apns2.Client
topic string
}
// NewAPNsClient creates a new APNs client using token-based authentication
func NewAPNsClient(cfg *config.PushConfig) (*APNsClient, error) {
if cfg.APNSKeyPath == "" || cfg.APNSKeyID == "" || cfg.APNSTeamID == "" {
return nil, fmt.Errorf("APNs configuration incomplete: key_path=%s, key_id=%s, team_id=%s",
cfg.APNSKeyPath, cfg.APNSKeyID, cfg.APNSTeamID)
}
// Load the APNs auth key (.p8 file)
authKey, err := token.AuthKeyFromFile(cfg.APNSKeyPath)
if err != nil {
return nil, fmt.Errorf("failed to load APNs auth key from %s: %w", cfg.APNSKeyPath, err)
}
// Create token for authentication
authToken := &token.Token{
AuthKey: authKey,
KeyID: cfg.APNSKeyID,
TeamID: cfg.APNSTeamID,
}
// Create client - sandbox if APNSSandbox is true, production otherwise.
// APNSSandbox is the single source of truth (defaults to true for safety).
var client *apns2.Client
if cfg.APNSSandbox {
client = apns2.NewTokenClient(authToken).Development()
log.Info().Msg("APNs client configured for DEVELOPMENT/SANDBOX")
} else {
client = apns2.NewTokenClient(authToken).Production()
log.Info().Msg("APNs client configured for PRODUCTION")
}
return &APNsClient{
client: client,
topic: cfg.APNSTopic,
}, nil
}
// Send sends a push notification to iOS devices
func (c *APNsClient) Send(ctx context.Context, tokens []string, title, message string, data map[string]string) error {
if len(tokens) == 0 {
return nil
}
// Build the notification payload
p := payload.NewPayload().
AlertTitle(title).
AlertBody(message).
Sound("default").
MutableContent()
// Add custom data
for key, value := range data {
p.Custom(key, value)
}
var errors []error
successCount := 0
for _, deviceToken := range tokens {
notification := &apns2.Notification{
DeviceToken: deviceToken,
Topic: c.topic,
Payload: p,
Priority: apns2.PriorityHigh,
}
res, err := c.client.PushWithContext(ctx, notification)
if err != nil {
log.Error().
Err(err).
Str("token", truncateToken(deviceToken)).
Msg("Failed to send APNs notification")
errors = append(errors, fmt.Errorf("token %s: %w", truncateToken(deviceToken), err))
continue
}
if !res.Sent() {
log.Error().
Str("token", truncateToken(deviceToken)).
Str("reason", res.Reason).
Int("status", res.StatusCode).
Msg("APNs notification not sent")
errors = append(errors, fmt.Errorf("token %s: %s (status %d)", truncateToken(deviceToken), res.Reason, res.StatusCode))
continue
}
successCount++
log.Debug().
Str("token", truncateToken(deviceToken)).
Str("apns_id", res.ApnsID).
Msg("APNs notification sent successfully")
}
log.Info().
Int("total", len(tokens)).
Int("success", successCount).
Int("failed", len(errors)).
Msg("APNs batch send complete")
if len(errors) > 0 && successCount == 0 {
return fmt.Errorf("all APNs notifications failed: %v", errors)
}
return nil
}
// SendWithCategory sends a push notification with iOS category for actionable notifications
func (c *APNsClient) SendWithCategory(ctx context.Context, tokens []string, title, message string, data map[string]string, categoryID string) error {
if len(tokens) == 0 {
return nil
}
// Build the notification payload with category
p := payload.NewPayload().
AlertTitle(title).
AlertBody(message).
Sound("default").
MutableContent().
Category(categoryID) // iOS category for actionable notifications
// Add custom data
for key, value := range data {
p.Custom(key, value)
}
var errors []error
successCount := 0
for _, deviceToken := range tokens {
notification := &apns2.Notification{
DeviceToken: deviceToken,
Topic: c.topic,
Payload: p,
Priority: apns2.PriorityHigh,
}
res, err := c.client.PushWithContext(ctx, notification)
if err != nil {
log.Error().
Err(err).
Str("token", truncateToken(deviceToken)).
Str("category", categoryID).
Msg("Failed to send APNs actionable notification")
errors = append(errors, fmt.Errorf("token %s: %w", truncateToken(deviceToken), err))
continue
}
if !res.Sent() {
log.Error().
Str("token", truncateToken(deviceToken)).
Str("reason", res.Reason).
Int("status", res.StatusCode).
Str("category", categoryID).
Msg("APNs actionable notification not sent")
errors = append(errors, fmt.Errorf("token %s: %s (status %d)", truncateToken(deviceToken), res.Reason, res.StatusCode))
continue
}
successCount++
log.Debug().
Str("token", truncateToken(deviceToken)).
Str("apns_id", res.ApnsID).
Str("category", categoryID).
Msg("APNs actionable notification sent successfully")
}
log.Info().
Int("total", len(tokens)).
Int("success", successCount).
Int("failed", len(errors)).
Str("category", categoryID).
Msg("APNs actionable batch send complete")
if len(errors) > 0 && successCount == 0 {
return fmt.Errorf("all APNs actionable notifications failed: %v", errors)
}
return nil
}
// truncateToken returns first 8 chars of token for logging
func truncateToken(token string) string {
if len(token) > 8 {
return token[:8] + "..."
}
return token
}
Reference in New Issue View Git Blame Copy Permalink