feat: bootstrap temporserv project scaffold

Add the initial project blueprint, Go backend skeleton, frontend app shell, database schema draft, and local development/deployment files.

internal/httpapi/middleware.go

@@ -0,0 +1,53 @@
+package httpapi
+
+import (
+	"log"
+	"net/http"
+	"strings"
+	"time"
+)
+
+func requestLogger(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		startedAt := time.Now()
+		next.ServeHTTP(w, r)
+		log.Printf("%s %s %s", r.Method, r.URL.Path, time.Since(startedAt))
+	})
+}
+
+func recoverer(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		defer func() {
+			if recover() != nil {
+				http.Error(w, "internal server error", http.StatusInternalServerError)
+			}
+		}()
+		next.ServeHTTP(w, r)
+	})
+}
+
+func cors(origins string) func(http.Handler) http.Handler {
+	allowed := strings.Split(origins, ",")
+
+	return func(next http.Handler) http.Handler {
+		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			origin := r.Header.Get("Origin")
+			for _, candidate := range allowed {
+				if strings.TrimSpace(candidate) == origin {
+					w.Header().Set("Access-Control-Allow-Origin", origin)
+					break
+				}
+			}
+
+			w.Header().Set("Access-Control-Allow-Headers", "Content-Type, Authorization")
+			w.Header().Set("Access-Control-Allow-Methods", "GET, POST, PUT, PATCH, DELETE, OPTIONS")
+
+			if r.Method == http.MethodOptions {
+				w.WriteHeader(http.StatusNoContent)
+				return
+			}
+
+			next.ServeHTTP(w, r)
+		})
+	}
+}

internal/httpapi/router.go

@@ -0,0 +1,81 @@
+package httpapi
+
+import (
+	"encoding/json"
+	"net/http"
+	"strings"
+	"time"
+
+	"github.com/go-chi/chi/v5"
+
+	"github.com/benya/temporserv/internal/auth"
+	"github.com/benya/temporserv/internal/config"
+	"github.com/benya/temporserv/internal/library"
+	"github.com/benya/temporserv/internal/subsonic"
+)
+
+func NewRouter(cfg config.Config) http.Handler {
+	r := chi.NewRouter()
+	r.Use(requestLogger)
+	r.Use(recoverer)
+	r.Use(cors(cfg.CORSOrigins))
+
+	r.Get("/health", func(w http.ResponseWriter, r *http.Request) {
+		writeJSON(w, http.StatusOK, map[string]any{
+			"status": "ok",
+			"time":   time.Now().UTC(),
+			"env":    cfg.AppEnv,
+		})
+	})
+
+	r.Route("/api", func(api chi.Router) {
+		api.Get("/me", func(w http.ResponseWriter, r *http.Request) {
+			writeJSON(w, http.StatusOK, auth.DemoUser())
+		})
+		api.Get("/home", func(w http.ResponseWriter, r *http.Request) {
+			writeJSON(w, http.StatusOK, library.DemoHome())
+		})
+		api.Get("/tracks", func(w http.ResponseWriter, r *http.Request) {
+			writeJSON(w, http.StatusOK, map[string]any{
+				"items": library.DemoTracks(),
+			})
+		})
+		api.Post("/auth/login", func(w http.ResponseWriter, r *http.Request) {
+			writeJSON(w, http.StatusOK, map[string]any{
+				"token": "dev-token",
+				"user":  auth.DemoUser(),
+			})
+		})
+	})
+
+	r.Route("/rest", func(rest chi.Router) {
+		rest.Get("/ping.view", func(w http.ResponseWriter, r *http.Request) {
+			writeJSON(w, http.StatusOK, subsonic.PingResponse())
+		})
+		rest.Get("/getLicense.view", func(w http.ResponseWriter, r *http.Request) {
+			writeJSON(w, http.StatusOK, subsonic.PingResponse())
+		})
+	})
+
+	fs := http.FileServer(http.Dir("./web"))
+	r.Handle("/*", spaFallback(fs))
+
+	return r
+}
+
+func writeJSON(w http.ResponseWriter, status int, payload any) {
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(status)
+	_ = json.NewEncoder(w).Encode(payload)
+}
+
+func spaFallback(next http.Handler) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		if strings.HasPrefix(r.URL.Path, "/api") || strings.HasPrefix(r.URL.Path, "/rest") || strings.HasPrefix(r.URL.Path, "/health") {
+			http.NotFound(w, r)
+			return
+		}
+		next.ServeHTTP(w, r)
+	}
+}
+