refactor(api): extract middleware logic into a separate package

Author: GenerQAQ

src/server/api/go/internal/middleware/auth.go

@@ -0,0 +1,65 @@
+package middleware
+
+import (
+	"errors"
+	"net/http"
+	"strings"
+
+	"github.com/gin-gonic/gin"
+	"go.opentelemetry.io/otel/attribute"
+	"go.opentelemetry.io/otel/trace"
+	"gorm.io/gorm"
+
+	"github.com/memodb-io/Acontext/internal/config"
+	"github.com/memodb-io/Acontext/internal/modules/model"
+	"github.com/memodb-io/Acontext/internal/modules/serializer"
+	"github.com/memodb-io/Acontext/internal/pkg/utils/secrets"
+	"github.com/memodb-io/Acontext/internal/pkg/utils/tokens"
+)
+
+// ProjectAuth returns a middleware that authenticates requests using project bearer tokens.
+// It validates the token, looks up the project in the database, and sets the project in the context.
+// It also sets the project_id attribute on the current span for telemetry filtering.
+func ProjectAuth(cfg *config.Config, db *gorm.DB) gin.HandlerFunc {
+	return func(c *gin.Context) {
+		auth := c.GetHeader("Authorization")
+		if !strings.HasPrefix(auth, "Bearer ") {
+			c.AbortWithStatusJSON(http.StatusUnauthorized, serializer.AuthErr("Unauthorized"))
+			return
+		}
+		raw := strings.TrimPrefix(auth, "Bearer ")
+
+		secret, ok := tokens.ParseToken(raw, cfg.Root.ProjectBearerTokenPrefix)
+		if !ok {
+			c.AbortWithStatusJSON(http.StatusUnauthorized, serializer.AuthErr("Unauthorized"))
+			return
+		}
+
+		lookup := tokens.HMAC256Hex(cfg.Root.SecretPepper, secret)
+
+		var project model.Project
+		if err := db.WithContext(c.Request.Context()).Where(&model.Project{SecretKeyHMAC: lookup}).First(&project).Error; err != nil {
+			if errors.Is(err, gorm.ErrRecordNotFound) {
+				c.AbortWithStatusJSON(http.StatusUnauthorized, serializer.AuthErr("Unauthorized"))
+				return
+			}
+			c.AbortWithStatusJSON(http.StatusInternalServerError, serializer.DBErr("", err))
+			return
+		}
+
+		pass, err := secrets.VerifySecret(secret, cfg.Root.SecretPepper, project.SecretKeyHashPHC)
+		if err != nil || !pass {
+			c.AbortWithStatusJSON(http.StatusUnauthorized, serializer.AuthErr("Unauthorized"))
+			return
+		}
+
+		// Set project_id attribute on the current span for telemetry filtering
+		span := trace.SpanFromContext(c.Request.Context())
+		if span.SpanContext().IsValid() {
+			span.SetAttributes(attribute.String("project_id", project.ID.String()))
+		}
+
+		c.Set("project", &project)
+		c.Next()
+	}
+}

src/server/api/go/internal/middleware/logger.go

@@ -0,0 +1,41 @@
+package middleware
+
+import (
+	"strings"
+	"time"
+
+	"github.com/gin-gonic/gin"
+	"go.uber.org/zap"
+)
+
+// ZapLogger returns a middleware that logs HTTP requests using zap logger.
+// It logs API paths (/api/*) at info level and other paths at debug level.
+func ZapLogger(log *zap.Logger) gin.HandlerFunc {
+	return func(c *gin.Context) {
+		start := time.Now()
+		c.Next()
+		dur := time.Since(start)
+
+		// Use debug level for all paths except /api/*
+		path := c.Request.URL.Path
+		isAPIPath := strings.HasPrefix(path, "/api/")
+
+		if isAPIPath {
+			log.Sugar().Infow("HTTP",
+				"method", c.Request.Method,
+				"path", path,
+				"status", c.Writer.Status(),
+				"latency", dur.String(),
+				"clientIP", c.ClientIP(),
+			)
+		} else {
+			log.Sugar().Debugw("HTTP",
+				"method", c.Request.Method,
+				"path", path,
+				"status", c.Writer.Status(),
+				"latency", dur.String(),
+				"clientIP", c.ClientIP(),
+			)
+		}
+	}
+}

src/server/api/go/internal/middleware/telemetry.go

@@ -0,0 +1,41 @@
+package middleware
+
+import (
+	"strings"
+
+	"github.com/gin-gonic/gin"
+	"go.opentelemetry.io/contrib/instrumentation/github.com/gin-gonic/gin/otelgin"
+	"go.opentelemetry.io/otel/trace"
+)
+
+// OtelTracing returns a middleware for OpenTelemetry instrumentation.
+// It only traces requests that match /api/ paths to reduce overhead.
+func OtelTracing(serviceName string) gin.HandlerFunc {
+	otelMiddleware := otelgin.Middleware(serviceName)
+
+	return func(c *gin.Context) {
+		// Only instrument requests that start with /api/
+		path := c.Request.URL.Path
+		if strings.HasPrefix(path, "/api/") {
+			otelMiddleware(c)
+		} else {
+			// Skip OpenTelemetry instrumentation for non-API paths
+			c.Next()
+		}
+	}
+}
+
+// TraceID returns a middleware that adds trace ID to response headers.
+// This is useful for correlating logs and traces in distributed systems.
+func TraceID() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		// Get current span from context
+		span := trace.SpanFromContext(c.Request.Context())
+		if span.SpanContext().IsValid() {
+			// Add trace ID to response header
+			traceID := span.SpanContext().TraceID().String()
+			c.Header("X-Trace-Id", traceID)
+		}
+		c.Next()
+	}
+}

src/server/api/go/internal/router/router.go

@@ -1,105 +1,21 @@
 package router
 
 import (
-	"errors"
 	"net/http"
-	"strings"
-	"time"
 
 	"github.com/gin-gonic/gin"
-	"go.opentelemetry.io/otel/attribute"
-	"go.opentelemetry.io/otel/trace"
 	"go.uber.org/zap"
 	"gorm.io/gorm"
 
 	_ "github.com/memodb-io/Acontext/docs"
 	"github.com/memodb-io/Acontext/internal/config"
+	"github.com/memodb-io/Acontext/internal/middleware"
 	"github.com/memodb-io/Acontext/internal/modules/handler"
-	"github.com/memodb-io/Acontext/internal/modules/model"
 	"github.com/memodb-io/Acontext/internal/modules/serializer"
-	"github.com/memodb-io/Acontext/internal/pkg/utils/secrets"
-	"github.com/memodb-io/Acontext/internal/pkg/utils/tokens"
-	"github.com/memodb-io/Acontext/internal/telemetry"
 	swaggerFiles "github.com/swaggo/files"
 	ginSwagger "github.com/swaggo/gin-swagger"
 )
 
-// zapLoggerMiddleware
-func zapLoggerMiddleware(log *zap.Logger) gin.HandlerFunc {
-	return func(c *gin.Context) {
-		start := time.Now()
-		c.Next()
-		dur := time.Since(start)
-
-		// Use debug level for all paths except /api/*
-		path := c.Request.URL.Path
-		isAPIPath := strings.HasPrefix(path, "/api/")
-
-		if isAPIPath {
-			log.Sugar().Infow("HTTP",
-				"method", c.Request.Method,
-				"path", path,
-				"status", c.Writer.Status(),
-				"latency", dur.String(),
-				"clientIP", c.ClientIP(),
-			)
-		} else {
-			log.Sugar().Debugw("HTTP",
-				"method", c.Request.Method,
-				"path", path,
-				"status", c.Writer.Status(),
-				"latency", dur.String(),
-				"clientIP", c.ClientIP(),
-			)
-		}
-	}
-}
-
-// projectAuthMiddleware
-func projectAuthMiddleware(cfg *config.Config, db *gorm.DB) gin.HandlerFunc {
-	return func(c *gin.Context) {
-		auth := c.GetHeader("Authorization")
-		if !strings.HasPrefix(auth, "Bearer ") {
-			c.AbortWithStatusJSON(http.StatusUnauthorized, serializer.AuthErr("Unauthorized"))
-			return
-		}
-		raw := strings.TrimPrefix(auth, "Bearer ")
-
-		secret, ok := tokens.ParseToken(raw, cfg.Root.ProjectBearerTokenPrefix)
-		if !ok {
-			c.AbortWithStatusJSON(http.StatusUnauthorized, serializer.AuthErr("Unauthorized"))
-			return
-		}
-
-		lookup := tokens.HMAC256Hex(cfg.Root.SecretPepper, secret)
-
-		var project model.Project
-		if err := db.WithContext(c.Request.Context()).Where(&model.Project{SecretKeyHMAC: lookup}).First(&project).Error; err != nil {
-			if errors.Is(err, gorm.ErrRecordNotFound) {
-				c.AbortWithStatusJSON(http.StatusUnauthorized, serializer.AuthErr("Unauthorized"))
-				return
-			}
-			c.AbortWithStatusJSON(http.StatusInternalServerError, serializer.DBErr("", err))
-			return
-		}
-
-		pass, err := secrets.VerifySecret(secret, cfg.Root.SecretPepper, project.SecretKeyHashPHC)
-		if err != nil || !pass {
-			c.AbortWithStatusJSON(http.StatusUnauthorized, serializer.AuthErr("Unauthorized"))
-			return
-		}
-
-		// Set project_id attribute on the current span for telemetry filtering
-		span := trace.SpanFromContext(c.Request.Context())
-		if span.SpanContext().IsValid() {
-			span.SetAttributes(attribute.String("project_id", project.ID.String()))
-		}
-
-		c.Set("project", &project)
-		c.Next()
-	}
-}
-
 type RouterDeps struct {
 	Config          *config.Config
 	DB              *gorm.DB
@@ -122,12 +38,12 @@ func NewRouter(d RouterDeps) *gin.Engine {
 
 	// Add OpenTelemetry middleware if enabled (using configuration system)
 	if d.Config.Telemetry.Enabled && d.Config.Telemetry.OtlpEndpoint != "" {
-		r.Use(telemetry.GinMiddleware(d.Config.App.Name))
+		r.Use(middleware.OtelTracing(d.Config.App.Name))
 		// Add trace ID to response header
-		r.Use(telemetry.TraceIDMiddleware())
+		r.Use(middleware.TraceID())
 	}
 
-	r.Use(zapLoggerMiddleware(d.Log))
+	r.Use(middleware.ZapLogger(d.Log))
 
 	// health
 	r.GET("/health", func(c *gin.Context) { c.JSON(http.StatusOK, serializer.Response{Msg: "ok"}) })
@@ -140,7 +56,7 @@ func NewRouter(d RouterDeps) *gin.Engine {
 
 	v1 := r.Group("/api/v1")
 	{
-		v1.Use(projectAuthMiddleware(d.Config, d.DB))
+		v1.Use(middleware.ProjectAuth(d.Config, d.DB))
 
 		// ping endpoint
 		v1.GET("/ping", func(c *gin.Context) { c.JSON(http.StatusOK, serializer.Response{Msg: "pong"}) })

src/server/api/go/internal/telemetry/otel.go

@@ -6,17 +6,14 @@ import (
 	"strings"
 	"time"
 
-	"github.com/gin-gonic/gin"
 	"github.com/memodb-io/Acontext/internal/config"
-	"go.opentelemetry.io/contrib/instrumentation/github.com/gin-gonic/gin/otelgin"
 	"go.opentelemetry.io/otel"
 	"go.opentelemetry.io/otel/attribute"
 	"go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc"
 	"go.opentelemetry.io/otel/propagation"
 	"go.opentelemetry.io/otel/sdk/resource"
 	sdktrace "go.opentelemetry.io/otel/sdk/trace"
 	semconv "go.opentelemetry.io/otel/semconv/v1.24.0"
-	"go.opentelemetry.io/otel/trace"
 )
 
 var (
@@ -105,34 +102,3 @@ func Shutdown(ctx context.Context) error {
 	}
 	return nil
 }
-
-// GinMiddleware returns Gin middleware for OpenTelemetry instrumentation
-// Only traces requests that match /api/ paths
-func GinMiddleware(serviceName string) gin.HandlerFunc {
-	otelMiddleware := otelgin.Middleware(serviceName)
-
-	return func(c *gin.Context) {
-		// Only instrument requests that start with /api/
-		path := c.Request.URL.Path
-		if strings.HasPrefix(path, "/api/") {
-			otelMiddleware(c)
-		} else {
-			// Skip OpenTelemetry instrumentation for non-API paths
-			c.Next()
-		}
-	}
-}
-
-// TraceIDMiddleware returns a Gin middleware that adds trace ID to response headers
-func TraceIDMiddleware() gin.HandlerFunc {
-	return func(c *gin.Context) {
-		// Get current span from context
-		span := trace.SpanFromContext(c.Request.Context())
-		if span.SpanContext().IsValid() {
-			// Add trace ID to response header
-			traceID := span.SpanContext().TraceID().String()
-			c.Header("X-Trace-Id", traceID)
-		}
-		c.Next()
-	}
-}