package main import ( "embed" "encoding/json" "log" "mime" "net/http" "path" "path/filepath" "strings" "time" "github.com/glebarez/sqlite" "github.com/google/uuid" "gorm.io/gorm" ) func serveStaticFile(w http.ResponseWriter, r *http.Request, prefix string) error { cleanPath := path.Clean(r.URL.Path) if cleanPath == "/" { cleanPath = "/index.html" } // Try to read the exact file first content, err := frontend.ReadFile(prefix + cleanPath) ext := strings.ToLower(filepath.Ext(cleanPath)) // If file not found OR the path has no extension (likely a route path), serve index.html if err != nil || ext == "" { content, err = frontend.ReadFile(prefix + "/index.html") if err != nil { return err } w.Header().Set("Content-Type", "text/html; charset=utf-8") // Add security headers for HTML content w.Header().Set("X-Content-Type-Options", "nosniff") w.Write(content) return nil } // For actual files, set the correct MIME type var mimeType string switch ext { case ".js": mimeType = "application/javascript; charset=utf-8" case ".css": mimeType = "text/css; charset=utf-8" case ".html": mimeType = "text/html; charset=utf-8" case ".json": mimeType = "application/json; charset=utf-8" case ".png": mimeType = "image/png" case ".svg": mimeType = "image/svg+xml" default: mimeType = mime.TypeByExtension(ext) if mimeType == "" { // Try to detect content type from the content itself mimeType = http.DetectContentType(content) } } // Set security headers for all responses w.Header().Set("X-Content-Type-Options", "nosniff") w.Header().Set("Content-Type", mimeType) w.Write(content) return nil } //go:embed frontend/build/* frontend/static/* var frontend embed.FS type Note struct { ID string `json:"id" gorm:"primaryKey"` Title string `json:"title" gorm:"not null"` Content string `json:"content" gorm:"not null"` CreatedAt time.Time `json:"createdAt"` UpdatedAt time.Time `json:"updatedAt"` } var db *gorm.DB func main() { var err error db, err = gorm.Open(sqlite.Open("notes.db"), &gorm.Config{}) if err != nil { log.Fatal(err) } // Auto migrate the schema if err := db.AutoMigrate(&Note{}); err != nil { log.Fatal(err) } // API routes http.HandleFunc("/api/notes", handleNotes) http.HandleFunc("/api/notes/", handleNote) http.HandleFunc("/api/test/reset", func(w http.ResponseWriter, r *http.Request) { if r.Method != "POST" { http.Error(w, "Method not allowed", http.StatusMethodNotAllowed) return } if err := db.Session(&gorm.Session{AllowGlobalUpdate: true}).Delete(&Note{}).Error; err != nil { log.Printf("ERROR: Failed to reset database: %v", err) http.Error(w, err.Error(), http.StatusInternalServerError) return } w.WriteHeader(http.StatusOK) }) // Serve frontend http.HandleFunc("/", handleFrontend) log.Printf("INFO: Server starting on http://localhost:3000") log.Fatal(http.ListenAndServe(":3000", nil)) } func handleNotes(w http.ResponseWriter, r *http.Request) { switch r.Method { case "GET": var notes []Note if err := db.Order("updated_at desc").Find(¬es).Error; err != nil { log.Printf("ERROR: Failed to query notes: %v", err) http.Error(w, err.Error(), http.StatusInternalServerError) return } json.NewEncoder(w).Encode(notes) case "POST": var note Note if err := json.NewDecoder(r.Body).Decode(¬e); err != nil { log.Printf("ERROR: Failed to decode note: %v", err) http.Error(w, err.Error(), http.StatusBadRequest) return } // Generate a new UUID for the note note.ID = uuid.New().String() if err := db.Create(¬e).Error; err != nil { log.Printf("ERROR: Failed to create note: %v", err) http.Error(w, err.Error(), http.StatusInternalServerError) return } // Return the created note with the generated ID w.Header().Set("Content-Type", "application/json") w.WriteHeader(http.StatusCreated) json.NewEncoder(w).Encode(note) } } func handleNote(w http.ResponseWriter, r *http.Request) { id := path.Base(r.URL.Path) switch r.Method { case "GET": var note Note if err := db.First(¬e, "id = ?", id).Error; err != nil { if err == gorm.ErrRecordNotFound { http.NotFound(w, r) return } log.Printf("ERROR: Failed to get note %s: %v", id, err) http.Error(w, err.Error(), http.StatusInternalServerError) return } json.NewEncoder(w).Encode(note) case "PUT": var note Note if err := json.NewDecoder(r.Body).Decode(¬e); err != nil { log.Printf("ERROR: Failed to decode note update: %v", err) http.Error(w, err.Error(), http.StatusBadRequest) return } if err := db.Model(&Note{}).Where("id = ?", id).Updates(map[string]interface{}{ "title": note.Title, "content": note.Content, "updated_at": note.UpdatedAt, }).Error; err != nil { log.Printf("ERROR: Failed to update note %s: %v", id, err) http.Error(w, err.Error(), http.StatusInternalServerError) return } case "DELETE": if err := db.Delete(&Note{}, "id = ?", id).Error; err != nil { log.Printf("ERROR: Failed to delete note %s: %v", id, err) http.Error(w, err.Error(), http.StatusInternalServerError) return } w.WriteHeader(http.StatusNoContent) } } func handleFrontend(w http.ResponseWriter, r *http.Request) { // Don't serve API routes if path.Dir(r.URL.Path) == "/api" { http.NotFound(w, r) return } err := serveStaticFile(w, r, "frontend/build") if err != nil { // if serveStaticFile returns an error, it has already tried to serve index.html as fallback http.Error(w, err.Error(), http.StatusInternalServerError) } }