feat: add SproutWorkCollect apps

SproutWorkCollect-Backend-Golang/internal/router/router.go

@@ -0,0 +1,81 @@
+package router
+
+import (
+	"time"
+
+	"github.com/gin-contrib/cors"
+	"github.com/gin-gonic/gin"
+
+	"sproutworkcollect-backend/internal/config"
+	"sproutworkcollect-backend/internal/handler"
+	"sproutworkcollect-backend/internal/middleware"
+	"sproutworkcollect-backend/internal/service"
+)
+
+// Setup creates and configures the Gin engine: middleware, services, handlers, and routes.
+func Setup(cfg *config.Config) *gin.Engine {
+	if !cfg.Debug {
+		gin.SetMode(gin.ReleaseMode)
+	}
+
+	r := gin.Default()
+
+	// Allow files up to 32 MB to stay in memory; larger ones spill to temp disk files.
+	// This keeps RAM usage bounded even for gigabyte-scale uploads.
+	r.MaxMultipartMemory = 32 << 20
+
+	// 允许所有来源，并显式放开 Authorization 头，解决跨域访问后台接口时的预检失败问题。
+	corsCfg := cors.Config{
+		AllowOrigins: []string{"*"},
+		AllowMethods: []string{"GET", "POST", "PUT", "DELETE", "OPTIONS"},
+		AllowHeaders: []string{
+			"Origin",
+			"Content-Type",
+			"Accept",
+			"Authorization",
+			"X-Requested-With",
+		},
+		ExposeHeaders:    []string{"Content-Length"},
+		AllowCredentials: false,
+		MaxAge:           12 * time.Hour,
+	}
+	r.Use(cors.New(corsCfg))
+
+	// ─── Services ─────────────────────────────────────────────────────────────
+	workSvc := service.NewWorkService(cfg)
+	settingsSvc := service.NewSettingsService(cfg)
+	rateLimiter := service.NewRateLimiter()
+
+	// ─── Handlers ─────────────────────────────────────────────────────────────
+	pub := handler.NewPublicHandler(workSvc, settingsSvc, rateLimiter)
+	media := handler.NewMediaHandler(workSvc, rateLimiter)
+	admin := handler.NewAdminHandler(workSvc)
+
+	// ─── Public routes ────────────────────────────────────────────────────────
+	api := r.Group("/api")
+	{
+		api.GET("/settings", pub.GetSettings)
+		api.GET("/works", pub.GetWorks)
+		api.GET("/works/:work_id", pub.GetWorkDetail)
+		api.GET("/search", pub.SearchWorks)
+		api.GET("/categories", pub.GetCategories)
+		api.POST("/like/:work_id", pub.LikeWork)
+
+		api.GET("/image/:work_id/:filename", media.ServeImage)
+		api.GET("/video/:work_id/:filename", media.ServeVideo)
+		api.GET("/download/:work_id/:platform/:filename", media.DownloadFile)
+	}
+
+	// ─── Admin routes (token-protected) ──────────────────────────────────────
+	adm := api.Group("/admin", middleware.AdminAuth(cfg.AdminToken))
+	{
+		adm.GET("/works", admin.GetWorks)
+		adm.POST("/works", admin.CreateWork)
+		adm.PUT("/works/:work_id", admin.UpdateWork)
+		adm.DELETE("/works/:work_id", admin.DeleteWork)
+		adm.POST("/upload/:work_id/:file_type", admin.UploadFile)
+		adm.DELETE("/delete-file/:work_id/:file_type/:filename", admin.DeleteFile)
+	}
+
+	return r
+}