Ilia Denisov
8565942392
Serve the whole stack behind one host: site at /, game UI at /game/, gateway REST at /api + /healthz, Connect at /rpc (prefix stripped by the edge Caddy). The built artifact is domain-agnostic — the UI talks to the gateway same-origin via relative URLs, so the same bundle runs under any host with no rebuild and with CORS disabled. - Rename the Connect proto service galaxy.gateway.v1.EdgeGateway -> edge.v1.Gateway; regenerate Go + TS; public path /rpc/edge.v1.Gateway. - Move the game UI under base path /game (env BASE_PATH); make the manifest, service-worker scope, WASM loader, and all navigation base-aware via a withBase helper. - Relative API + /rpc Connect prefix; Vite dev proxy mirrors the strip. - Rewrite the edge Caddy (dev + prod) for path-based routing; empty CORS allow-lists (same-origin); single host. - New VitePress project site (site/): i18n en/ru with switcher, LaTeX math, minimal monospace theme; built and served at /. - dev-deploy compose/Makefile + CI (dev-deploy, prod-build, new site-build) build and seed the site; probes hit /, /game/, /healthz. - Sync docs (ARCHITECTURE, gateway README/openapi, dev-deploy & local-dev READMEs, CLAUDE.md, ui/PLAN). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
67 lines
2.0 KiB
Go
67 lines
2.0 KiB
Go
package grpcapi
|
|
|
|
import (
|
|
"context"
|
|
"errors"
|
|
|
|
"galaxy/gateway/authn"
|
|
edgev1 "galaxy/gateway/proto/edge/v1"
|
|
|
|
"google.golang.org/grpc"
|
|
"google.golang.org/grpc/codes"
|
|
"google.golang.org/grpc/status"
|
|
)
|
|
|
|
// payloadHashVerifyingService applies payload-hash verification after session
|
|
// lookup and before any later auth or routing step runs.
|
|
type payloadHashVerifyingService struct {
|
|
edgev1.UnimplementedGatewayServer
|
|
|
|
delegate edgev1.GatewayServer
|
|
}
|
|
|
|
// ExecuteCommand verifies req payload integrity before delegating to the
|
|
// configured service implementation.
|
|
func (s payloadHashVerifyingService) ExecuteCommand(ctx context.Context, req *edgev1.ExecuteCommandRequest) (*edgev1.ExecuteCommandResponse, error) {
|
|
if err := verifyPayloadHash(ctx); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return s.delegate.ExecuteCommand(ctx, req)
|
|
}
|
|
|
|
// SubscribeEvents verifies req payload integrity before delegating to the
|
|
// configured service implementation.
|
|
func (s payloadHashVerifyingService) SubscribeEvents(req *edgev1.SubscribeEventsRequest, stream grpc.ServerStreamingServer[edgev1.GatewayEvent]) error {
|
|
if err := verifyPayloadHash(stream.Context()); err != nil {
|
|
return err
|
|
}
|
|
|
|
return s.delegate.SubscribeEvents(req, stream)
|
|
}
|
|
|
|
// newPayloadHashVerifyingService wraps delegate with the payload-hash
|
|
// verification gate.
|
|
func newPayloadHashVerifyingService(delegate edgev1.GatewayServer) edgev1.GatewayServer {
|
|
return payloadHashVerifyingService{delegate: delegate}
|
|
}
|
|
|
|
func verifyPayloadHash(ctx context.Context) error {
|
|
envelope, ok := parsedEnvelopeFromContext(ctx)
|
|
if !ok {
|
|
return status.Error(codes.Internal, "authenticated request context is incomplete")
|
|
}
|
|
|
|
err := authn.VerifyPayloadHash(envelope.PayloadBytes, envelope.PayloadHash)
|
|
switch {
|
|
case err == nil:
|
|
return nil
|
|
case errors.Is(err, authn.ErrInvalidPayloadHash), errors.Is(err, authn.ErrPayloadHashMismatch):
|
|
return status.Error(codes.InvalidArgument, err.Error())
|
|
default:
|
|
return status.Error(codes.Internal, "payload hash verification failed")
|
|
}
|
|
}
|
|
|
|
var _ edgev1.GatewayServer = payloadHashVerifyingService{}
|