feat: use avatar directly as URI

feat: image full URI in avatar
feat: new env variable for server URI
2025-06-06 12:37:34 +02:00 · 2025-06-06 12:12:03 +02:00 · 2025-06-06 12:04:25 +02:00
9 changed files with 15 additions and 15 deletions
--- a/.env.example
+++ b/.env.example
@ -1,6 +1,7 @@

 GUARD_PORT=3001
 GUARD_HOST="127.0.0.1"
+GUARD_URI="http://localhost:3001"

 GUARD_DB_URL="postgres://<user>:<user>@<host>:<port>/<db>?sslmode=disable"

@ -11,7 +12,6 @@ GUARD_ADMIN_PASSWORD="secret"
 GUARD_JWT_PRIVATE="rsa"
 GUARD_JWT_PUBLIC="rsa"
 GUARD_JWT_KID="my-rsa-key-1"
-GUARD_JWT_ISSUER="http://localhost:3001"

 GUARD_MINIO_ENDPOINT="localhost:9000"
 GUARD_MINIO_ACCESS_KEY=""
@ -20,5 +20,3 @@ GUARD_MINIO_SECRET_KEY=""
 GOOSE_DRIVER="postgres"
 GOOSE_DBSTRING=$DATABASE_URL
 GOOSE_MIGRATION_DIR="./migrations"
-
-
--- a/2
+++ b/2
@ -33,6 +33,7 @@ COPY --from=frontend-builder /app/dist ./dist
 ENV ENV=production \
    GUARD_PORT=3001 \
    GUARD_HOST="127.0.0.1" \
+    GUARD_URI="http://localhost:3001" \
    GUARD_DB_URL="postgres://user:user@localhost:5432/db?sslmode=disable" \
    GUARD_ADMIN_NAME="admin" \
    GUARD_ADMIN_EMAIL="admin@test.net" \
@ -40,7 +41,6 @@ ENV ENV=production \
    GUARD_JWT_PRIVATE="rsa" \
    GUARD_JWT_PUBLIC="rsa" \
    GUARD_JWT_KID="my-rsa-key-1" \
-    GUARD_JWT_ISSUER="http://localhost:3001" \
    GUARD_MINIO_ENDPOINT="localhost:9000" \
    GUARD_MINIO_ACCESS_KEY="" \
    GUARD_MINIO_SECRET_KEY="" \
--- a/internal/auth/routes.go
+++ b/internal/auth/routes.go
@ -29,7 +29,7 @@ func (h *AuthHandler) signTokens(user *repository.User) (string, string, error)
 		UserEmail: user.Email,
 		IsAdmin:   user.IsAdmin,
 		RegisteredClaims: jwt.RegisteredClaims{
-			Issuer:    h.cfg.Jwt.Issuer,
+			Issuer:    h.cfg.Uri,
 			Subject:   user.ID.String(),
 			IssuedAt:  jwt.NewNumericDate(time.Now()),
 			ExpiresAt: jwt.NewNumericDate(time.Now().Add(15 * time.Minute)),
@ -45,7 +45,7 @@ func (h *AuthHandler) signTokens(user *repository.User) (string, string, error)
 		UserEmail: user.Email,
 		IsAdmin:   user.IsAdmin,
 		RegisteredClaims: jwt.RegisteredClaims{
-			Issuer:    h.cfg.Jwt.Issuer,
+			Issuer:    h.cfg.Uri,
 			Subject:   user.ID.String(),
 			IssuedAt:  jwt.NewNumericDate(time.Now()),
 			ExpiresAt: jwt.NewNumericDate(time.Now().Add(30 * 24 * time.Hour)),
--- a/internal/config/jwt.go
+++ b/internal/config/jwt.go
@ -4,5 +4,4 @@ type JwtConfig struct {
 	PrivateKey string `env:"GUARD_JWT_PRIVATE" required:"true"`
 	PublicKey  string `env:"GUARD_JWT_PUBLIC" required:"true"`
 	KID        string `env:"GUARD_JWT_KID" default:"guard-rsa"`
-	Issuer     string `env:"GUARD_JWT_ISSUER" required:"true"`
 }
--- a/internal/config/mod.go
+++ b/internal/config/mod.go
@ -12,6 +12,7 @@ import (
 type AppConfig struct {
 	Port        string `env:"GUARD_PORT" default:"3001"`
 	Host        string `env:"GUARD_HOST" default:"127.0.0.1"`
+	Uri         string `env:"GUARD_URI" default:"http://127.0.0.1:3001"`
 	DatabaseURL string `env:"GUARD_DB_URL" required:"true"`
 	Admin       AdminConfig
 	Jwt         JwtConfig
--- a/internal/oauth/openid.go
+++ b/internal/oauth/openid.go
@ -23,11 +23,11 @@ func (h *OAuthHandler) OpenIdConfiguration(w http.ResponseWriter, r *http.Reques
 	w.Header().Set("Content-Type", "application/json")

 	if err := encoder.Encode(Response{
-		TokenEndpoint:         h.cfg.Jwt.Issuer + "/api/v1/oauth/token",
-		AuthorizationEndpoint: h.cfg.Jwt.Issuer + "/api/v1/oauth/authorize",
-		JwksURI:               h.cfg.Jwt.Issuer + "/.well-known/jwks.json",
-		Issuer:                h.cfg.Jwt.Issuer,
-		EndSessionEndpoint:    h.cfg.Jwt.Issuer + "/api/v1/oauth/logout",
+		TokenEndpoint:         h.cfg.Uri + "/api/v1/oauth/token",
+		AuthorizationEndpoint: h.cfg.Uri + "/api/v1/oauth/authorize",
+		JwksURI:               h.cfg.Uri + "/.well-known/jwks.json",
+		Issuer:                h.cfg.Uri,
+		EndSessionEndpoint:    h.cfg.Uri + "/api/v1/oauth/logout",
 	}); err != nil {
 		web.Error(w, "failed to encode response", http.StatusInternalServerError)
 	}
--- a/internal/oauth/token.go
+++ b/internal/oauth/token.go
@ -91,7 +91,7 @@ func (h *OAuthHandler) tokenEndpoint(w http.ResponseWriter, r *http.Request) {
 			Nonce:         nonce,
 			Roles:         roles,
 			RegisteredClaims: jwt.RegisteredClaims{
-				Issuer: h.cfg.Jwt.Issuer,
+				Issuer: h.cfg.Uri,
 				// TODO: use dedicated API id that is in local DB and bind to user there
 				Subject:   user.ID.String(),
 				Audience:  jwt.ClaimStrings{clientId},
--- a/internal/user/routes.go
+++ b/internal/user/routes.go
@ -170,8 +170,10 @@ func (h *UserHandler) uploadAvatar(w http.ResponseWriter, r *http.Request) {
 		return
 	}

+	imgURI := fmt.Sprintf("%s/api/v1/avatar/%s", h.cfg.Uri, uploadInfo.Key)
+
 	if err := h.repo.UpdateProfilePicture(r.Context(), repository.UpdateProfilePictureParams{
-		ProfilePicture: &uploadInfo.Key,
+		ProfilePicture: &imgURI,
 		ID:             user.ID,
 	}); err != nil {
 		web.Error(w, "failed to update profile picture", http.StatusInternalServerError)
--- a/web/src/feature/Avatar/index.tsx
+++ b/web/src/feature/Avatar/index.tsx
@ -22,7 +22,7 @@ const Avatar: FC<AvatarProps> = ({ iconSize = 32, className, avatarId }) => {
    >
      {avatar ? (
        <img
-          src={`/api/v1/avatar/${avatar?.toString()}`}
+          src={avatar}
          className="w-full h-full flex-1 object-cover"
          alt="profile"
        />
Author	SHA1	Message	Date
LandaMm	e2ae03f2a6	feat: use avatar directly as URI	2025-06-06 12:37:34 +02:00
LandaMm	9319564dea	feat: image full URI in avatar	2025-06-06 12:12:03 +02:00
LandaMm	83e3e5a2e9	feat: new env variable for server URI	2025-06-06 12:04:25 +02:00