feat(docker): add tmpfs caching for Next.js in compose files

fix(auth): change userpass to redirect to login and update documentation
refactor(api): remove unused ErrorCode type
2026-01-15 08:03:37 +01:00 · 2025-09-14 21:24:01 +08:00 · 2025-09-14 21:11:20 +08:00 · 2025-09-14 20:50:07 +08:00 · 2025-09-14 18:39:40 +08:00
9 changed files with 12 additions and 38 deletions
--- a/compose.example.yml
+++ b/compose.example.yml
@@ -28,6 +28,8 @@ services:
    env_file: .env
    user: ${GODOXY_UID:-1000}:${GODOXY_GID:-1000}
    read_only: true
+    tmpfs:
+      - /app/.next/cache # next image caching
    security_opt:
      - no-new-privileges:true
    cap_drop:
--- a/dev.compose.yml
+++ b/dev.compose.yml
@@ -11,11 +11,10 @@ services:
    env_file: dev.env
    environment:
      TZ: Asia/Hong_Kong
-      API_ADDR: :8999
+      API_ADDR: 127.0.0.1:8999
      API_USER: dev
      API_PASSWORD: 1234
      API_SKIP_ORIGIN_CHECK: true
-      API_JWT_SECURE: false
      API_JWT_TTL: 24h
      DEBUG: true
      API_SECRET: 1234567891234567
--- a/internal/api/types/error_code.go
+++ b/internal/api/types/error_code.go
@@ -1,17 +0,0 @@
-package apitypes
-
-type ErrorCode int
-
-const (
-	ErrorCodeUnauthorized ErrorCode = iota + 1
-	ErrorCodeNotFound
-	ErrorCodeInternalServerError
-)
-
-func (e ErrorCode) String() string {
-	return []string{
-		"Unauthorized",
-		"Not Found",
-		"Internal Server Error",
-	}[e]
-}
--- a/internal/api/v1/auth/check.go
+++ b/internal/api/v1/auth/check.go
@@ -5,14 +5,14 @@ import (
 	"github.com/yusing/go-proxy/internal/auth"
 )

-// @x-id				"check"
+// @x-id	  	"check"
 // @Base			/api/v1
 // @Summary		Check authentication status
 // @Description	Checks if the user is authenticated by validating their token
 // @Tags			auth
 // @Produce		plain
 // @Success		200	{string}	string	"OK"
-// @Failure		403	{string}	string	"Forbidden: use X-Redirect-To header to redirect to login page"
+// @Failure		302	{string}	string	"Redirects to login page or IdP"
 // @Router			/auth/check [head]
 func Check(c *gin.Context) {
 	auth.AuthCheckHandler(c.Writer, c.Request)
--- a/internal/api/v1/auth/login.go
+++ b/internal/api/v1/auth/login.go
@@ -12,7 +12,6 @@ import (
 // @Tags       auth
 // @Produce    plain
 // @Success    302 {string} string "Redirects to login page or IdP"
-// @Failure    403 {string} string "Forbidden(webui): follow X-Redirect-To header"
 // @Failure    429 {string} string "Too Many Requests"
 // @Router     /auth/login [post]
 func Login(c *gin.Context) {
--- a/internal/api/v1/docs/swagger.json
+++ b/internal/api/v1/docs/swagger.json
@@ -239,8 +239,8 @@
              "type": "string"
            }
          },
-          "403": {
-            "description": "Forbidden: use X-Redirect-To header to redirect to login page",
+          "302": {
+            "description": "Redirects to login page or IdP",
            "schema": {
              "type": "string"
            }
@@ -267,12 +267,6 @@
              "type": "string"
            }
          },
-          "403": {
-            "description": "Forbidden(webui): follow X-Redirect-To header",
-            "schema": {
-              "type": "string"
-            }
-          },
          "429": {
            "description": "Too Many Requests",
            "schema": {
--- a/internal/api/v1/docs/swagger.yaml
+++ b/internal/api/v1/docs/swagger.yaml
@@ -1581,8 +1581,8 @@ paths:
          description: OK
          schema:
            type: string
-        "403":
-          description: 'Forbidden: use X-Redirect-To header to redirect to login page'
+        "302":
+          description: Redirects to login page or IdP
          schema:
            type: string
      summary: Check authentication status
@@ -1600,10 +1600,6 @@ paths:
          description: Redirects to login page or IdP
          schema:
            type: string
-        "403":
-          description: 'Forbidden(webui): follow X-Redirect-To header'
-          schema:
-            type: string
        "429":
          description: Too Many Requests
          schema:
--- a/internal/auth/userpass.go
+++ b/internal/auth/userpass.go
@@ -129,8 +129,7 @@ func (auth *UserPassAuth) PostAuthCallbackHandler(w http.ResponseWriter, r *http
 }

 func (auth *UserPassAuth) LoginHandler(w http.ResponseWriter, r *http.Request) {
-	w.Header().Set("X-Redirect-To", "/login")
-	w.WriteHeader(http.StatusForbidden)
+	http.Redirect(w, r, "/login", http.StatusFound)
 }

 func (auth *UserPassAuth) LogoutHandler(w http.ResponseWriter, r *http.Request) {
--- a/rootless-compose.example.yml
+++ b/rootless-compose.example.yml
@@ -26,6 +26,8 @@ services:
    restart: unless-stopped
    env_file: .env
    read_only: true
+    tmpfs:
+      - /app/.next/cache # next image caching
    security_opt:
      - no-new-privileges:true
    cap_drop:
Author	SHA1	Message	Date
yusing	b12999210f	feat(docker): add tmpfs caching for Next.js in compose files	2025-09-14 21:24:01 +08:00
yusing	8b8969f033	fix(auth): change userpass to redirect to login and update documentation	2025-09-14 21:11:20 +08:00
yusing	025ebab1ce	refactor(api): remove unused ErrorCode type	2025-09-14 20:50:07 +08:00
yusing	ea7bd0d19a	fix(docker): update dev docker compose	2025-09-14 18:39:40 +08:00