Feature: release v0.5.0 (#23)

* feat: release v0.5.0

* Update backend/middleware/middleware.go

Co-authored-by: Copilot <[email protected]>

---------

Co-authored-by: Copilot <[email protected]>

Author: Okabe-Junya

.github/workflows/backend-test.yaml

@@ -26,5 +26,5 @@ jobs:
         working-directory: ./backend
 
       - name: go test
-        run: make test
+        run: make test-all
         working-directory: ./backend

backend/Makefile

@@ -23,10 +23,18 @@ vendor:
 	@go mod tidy
 	@go mod verify
 
-.PHONY: test
-test:
-	@echo "Running tests..."
-	@go test -v ./...
+.PHONY: test-all
+test-all: test-unit test-e2e
+
+.PHONY: test-unit
+test-unit:
+	@echo "Running unit tests..."
+	@go test -v ./... -run TestUnit
+
+.PHONY: test-e2e
+test-e2e:
+	@echo "Running E2E tests..."
+	@LANG=C go test -v ./tests/e2e
 
 .PHONY: run
 run:
@@ -58,14 +66,50 @@ cleanup-with-age: build-cleanup
 	@echo "Running cleanup job with custom age..."
 	@./bin/cleanup --older-than $(age)
 
+.PHONY: build-migrate
+build-migrate:
+	@echo "Building migration tool..."
+	@go build -o bin/migrate cmd/migrate/main.go
+
+.PHONY: migrate
+migrate: build-migrate
+	@echo "Running migration..."
+	@./bin/migrate $(ARGS)
+
+.PHONY: migrate-create-stats
+migrate-create-stats: build-migrate
+	@echo "Creating stats collection..."
+	@./bin/migrate --create-stats
+
+.PHONY: migrate-expired-links
+migrate-expired-links: build-migrate
+	@echo "Migrating expired links..."
+	@./bin/migrate --migrate-expired
+
+.PHONY: migrate-dry-run
+migrate-dry-run: build-migrate
+	@echo "Running migration (dry run)..."
+	@./bin/migrate --dry-run $(ARGS)
+
 .PHONY: help
 help:
 	@echo "Usage: make [target]"
 	@echo ""
 	@echo "Targets:"
-	@echo "  build  - Build the binary"
-	@echo "  lint   - Run linter"
-	@echo "  test   - Run tests"
-	@echo "  run    - Run server"
-	@echo "  clean  - Clean up"
-	@echo "  help   - Show this help message"
+	@echo "  build            - Build the server binary"
+	@echo "  lint             - Run linter"
+	@echo "  fmt              - Format code"
+	@echo "  vendor           - Update vendor dependencies"
+	@echo "  test-all         - Run all tests"
+	@echo "  test-unit        - Run unit tests"
+	@echo "  test-e2e          - Run E2E tests"
+	@echo "  run              - Run server"
+	@echo "  clean            - Clean up"
+	@echo "  cleanup          - Run cleanup job"
+	@echo "  cleanup-dry-run  - Run cleanup job (dry run)"
+	@echo "  cleanup-with-age - Run cleanup job with custom age"
+	@echo "  migrate          - Run migrations with ARGS"
+	@echo "  migrate-create-stats - Create link stats collection"
+	@echo "  migrate-expired-links - Migrate expired links"
+	@echo "  migrate-dry-run  - Run migrations in dry-run mode"
+	@echo "  help             - Show this help message"

backend/auth/auth.go

@@ -289,27 +289,38 @@ func GetCurrentUser(r *http.Request) (*User, error) {
 		}, nil
 	}
 
-	// Get the session token from the cookie
+	// First try to get user from cookie
 	cookie, err := r.Cookie("session_token")
-	if err != nil {
-		return nil, err
+	if err == nil {
+		// Validate the session token
+		user, err := ValidateSessionToken(cookie.Value)
+		if err == nil {
+			return user, nil
+		}
+		// Log error but continue with other methods
+		logger.Warn("Failed to validate session token", logger.Fields{
+			"error": err.Error(),
+		})
 	}
 
-	// Validate the session token
-	user, err := ValidateSessionToken(cookie.Value)
-	if err != nil {
-		return nil, err
+	// Fall back to header for compatibility or testing
+	userID := r.Header.Get("X-User-ID")
+	if userID != "" {
+		return &User{
+			ID:    userID,
+			Email: r.Header.Get("X-User-Email"),
+			Name:  r.Header.Get("X-User-Name"),
+		}, nil
 	}
 
-	return user, nil
+	return nil, errors.New("not authenticated")
 }
 
 // AuthMiddleware is a middleware that checks if the user is authenticated
 func AuthMiddleware(next http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		// Skip auth check if authentication is disabled
+		// If authentication is disabled, add an anonymous user to the context
 		if !authEnabled {
-			// 認証が無効の場合は匿名ユーザーをコンテキストに追加
 			anonymousUser := &User{
 				ID:    "anonymous",
 				Email: "[email protected]",

backend/auth/context.go

@@ -0,0 +1,45 @@
+package auth
+
+import (
+	"context"
+	"errors"
+	"net/http"
+)
+
+// contextKey is a private type for context keys
+type contextKey int
+
+const (
+	// userContextKey is the key for user information in request contexts
+	userContextKey contextKey = iota
+)
+
+var (
+	// ErrNoUserInContext is returned when no user is found in the context
+	ErrNoUserInContext = errors.New("no user found in context")
+)
+
+// ContextWithUser adds a user to the given context
+func ContextWithUser(ctx context.Context, user *User) context.Context {
+	return context.WithValue(ctx, userContextKey, user)
+}
+
+// UserFromContext extracts a user from the given context
+func UserFromContext(ctx context.Context) (*User, error) {
+	user, ok := ctx.Value(userContextKey).(*User)
+	if !ok || user == nil {
+		return nil, ErrNoUserInContext
+	}
+	return user, nil
+}
+
+// GetUserFromRequest extracts a user from the request, either from session or header
+func GetUserFromRequest(r *http.Request) (*User, error) {
+	// First try to get user from context (set by authentication middleware)
+	if user, err := UserFromContext(r.Context()); err == nil {
+		return user, nil
+	}
+
+	// Try to get user via GetCurrentUser (which handles both session and headers)
+	return GetCurrentUser(r)
+}

backend/auth/session.go

@@ -167,3 +167,8 @@ func createSignature(data string) (string, error) {
 	signature := base64.URLEncoding.EncodeToString(h.Sum(nil))
 	return signature, nil
 }
+
+// IsSessionEnabled returns whether session management is enabled
+func IsSessionEnabled() bool {
+	return IsAuthEnabled() && len(secretKey) > 0
+}