chore: initial project scaffold with admin web, backend, desktop client, and deployment setup

Add monorepo structure for NexaVPN WireGuard control plane including: - .gitignore for node_modules, build artifacts, and environment files - README with project overview, monorepo layout, and quick start guide - Admin web UI with React, Vite, TypeScript, and nginx reverse proxy - API client with type definitions for users, devices, policies, gateways, and audit logs - Admin pages for dashboard, users, devices, policies, g
2026-03-15 16:32:34 +01:00
commit 830491cb0d
91 changed files with 5279 additions and 0 deletions
--- a/backend/internal/user/handler.go
+++ b/backend/internal/user/handler.go
@@ -0,0 +1,110 @@
+package user
+
+import (
+	"encoding/json"
+	"net/http"
+
+	"github.com/go-chi/chi/v5"
+	"github.com/google/uuid"
+
+	"github.com/nexavpn/nexavpn/backend/internal/apiutil"
+	"github.com/nexavpn/nexavpn/backend/internal/audit"
+	"github.com/nexavpn/nexavpn/backend/internal/httpserver"
+)
+
+type Handler struct {
+	service *Service
+	audit   *audit.Service
+}
+
+func NewHandler(service *Service, auditService *audit.Service) *Handler {
+	return &Handler{service: service, audit: auditService}
+}
+
+func (h *Handler) List(w http.ResponseWriter, r *http.Request) {
+	users, err := h.service.List(r.Context())
+	if err != nil {
+		apiutil.Error(w, http.StatusInternalServerError, "users_list_failed", "unable to list users")
+		return
+	}
+
+	apiutil.JSON(w, http.StatusOK, users)
+}
+
+func (h *Handler) Create(w http.ResponseWriter, r *http.Request) {
+	var input CreateRequest
+	if err := json.NewDecoder(r.Body).Decode(&input); err != nil {
+		apiutil.Error(w, http.StatusBadRequest, "invalid_json", "invalid request body")
+		return
+	}
+	if input.Role == "" {
+		input.Role = "user"
+	}
+
+	created, err := h.service.Create(r.Context(), input)
+	if err != nil {
+		apiutil.Error(w, http.StatusInternalServerError, "user_create_failed", "unable to create user")
+		return
+	}
+
+	if claims, ok := httpserver.ClaimsFromContext(r.Context()); ok {
+		_ = h.audit.Record(r.Context(), audit.Entry{
+			ActorUserID: &claims.UserID,
+			EntityType:  "user",
+			EntityID:    &created.ID,
+			EventType:   "admin.user.created",
+			Status:      "success",
+			Message:     "admin created user",
+			Metadata: map[string]any{
+				"username": created.Username,
+			},
+		})
+	}
+	apiutil.JSON(w, http.StatusCreated, created)
+}
+
+func (h *Handler) Disable(w http.ResponseWriter, r *http.Request) {
+	targetID, err := uuid.Parse(chi.URLParam(r, "id"))
+	if err != nil {
+		apiutil.Error(w, http.StatusBadRequest, "invalid_user_id", "invalid user id")
+		return
+	}
+	if err := h.service.SetActive(r.Context(), targetID.String(), false); err != nil {
+		apiutil.Error(w, http.StatusBadRequest, "user_disable_failed", "unable to disable user")
+		return
+	}
+	if claims, ok := httpserver.ClaimsFromContext(r.Context()); ok {
+		_ = h.audit.Record(r.Context(), audit.Entry{
+			ActorUserID: &claims.UserID,
+			EntityType:  "user",
+			EntityID:    &targetID,
+			EventType:   "admin.user.disabled",
+			Status:      "success",
+			Message:     "admin disabled user",
+		})
+	}
+	apiutil.JSON(w, http.StatusOK, map[string]any{"ok": true})
+}
+
+func (h *Handler) Enable(w http.ResponseWriter, r *http.Request) {
+	targetID, err := uuid.Parse(chi.URLParam(r, "id"))
+	if err != nil {
+		apiutil.Error(w, http.StatusBadRequest, "invalid_user_id", "invalid user id")
+		return
+	}
+	if err := h.service.SetActive(r.Context(), targetID.String(), true); err != nil {
+		apiutil.Error(w, http.StatusBadRequest, "user_enable_failed", "unable to enable user")
+		return
+	}
+	if claims, ok := httpserver.ClaimsFromContext(r.Context()); ok {
+		_ = h.audit.Record(r.Context(), audit.Entry{
+			ActorUserID: &claims.UserID,
+			EntityType:  "user",
+			EntityID:    &targetID,
+			EventType:   "admin.user.enabled",
+			Status:      "success",
+			Message:     "admin enabled user",
+		})
+	}
+	apiutil.JSON(w, http.StatusOK, map[string]any{"ok": true})
+}