feat(server): refactoring the development environment [VIZ-2314] (#1866)

Author: hexaforce

.gitignore

@@ -1,7 +1,7 @@
 .DS_Store
 node_modules
-/mongo
-/data
 /.env
 /.env.*
 /.idea
+*.log
+mongo/

docker-compose.dev.yml

@@ -0,0 +1,41 @@
+services:
+
+  reearth-visualizer-dev:
+    build:
+      context: ./server
+      dockerfile: Dockerfile.dev
+    env_file:
+      - ./server/.env.docker
+    ports:
+      - 8080:8080
+    depends_on:
+      - reearth-mongo
+      - reearth-gcs
+    volumes:
+      - ./server:/reearth-visualizer       # Mount source code for hot reload
+      - /reearth-visualizer/tmp            # Exclude tmp directory
+    networks:
+      - reearth
+
+  reearth-mongo:
+    image: mongo:7
+    ports:
+      - 27017:27017
+    volumes:
+      - ${PWD}/tmp/mongo:/data/db
+    networks:
+      - reearth
+
+  reearth-gcs:
+    image: fsouza/fake-gcs-server:1.52.1
+    ports:
+      - 4443:4443
+    volumes:
+      - ${PWD}/tmp/gcs:/storage
+    command: -scheme http
+    networks:
+      - reearth
+
+networks:
+  reearth:
+    name: reearth

server/.env.docker

@@ -0,0 +1,45 @@
+# Docker-specific environment variables
+# This file is used when running the application in Docker
+
+# Database connection (Docker service name)
+REEARTH_DB=mongodb://reearth-mongo
+
+# Server host (bind to all interfaces in Docker)
+REEARTH_SERVERHOST=0.0.0.0
+
+# GCS configuration for Docker
+STORAGE_EMULATOR_HOST=http://reearth-gcs:4443
+REEARTH_GCS_BUCKETNAME=test-bucket
+REEARTH_GCS_ISFAKE=true
+GOOGLE_CLOUD_PROJECT=reearth-local
+
+# Asset base URL
+REEARTH_ASSETBASEURL=http://localhost:8080
+
+# Auth0 configuration
+REEARTH_AUTH0_DOMAIN=
+REEARTH_AUTH0_AUDIENCE=
+REEARTH_AUTH0_CLIENTID=
+REEARTH_AUTH0_CLIENTSECRET=
+
+# Account Auth
+REEARTH_ACCOUNTSAPI_ENABLED=true
+REEARTH_ACCOUNTSAPI_HOST=http://reearth-accounts-dev:8090
+
+# Migration
+RUN_MIGRATION=fasle
+
+# Mock auth for development
+REEARTH_MOCKAUTH=false
+
+# Internal API
+REEARTH_VISUALIZER_INTERNALAPI_ACTIVE=false
+
+# Dashboard API
+REEARTH_DASHBOARD_API=https://api.dev.reearth.io:8080
+
+# Policy checker
+REEARTH_VISUALIZER_POLICY_CHECKER_TYPE=permissive
+REEARTH_VISUALIZER_POLICY_CHECKER_ENDPOINT=https://cloud.visualizer.dev.reearth.io/api/internal/policy-check
+REEARTH_CLOUD_INTERNAL_API_KEY=
+REEARTH_VISUALIZER_POLICY_CHECKER_TIMEOUT=30

server/.env.example

@@ -42,8 +42,8 @@ REEARTH_VISUALIZER_INTERNALAPI_TOKEN=token
 REEARTH_GCP_PROJECT=
 
 # Trace API
-REEARTH_TRACER=gcp
-REEARTH_TRACER_SAMPLE=1.0
+# REEARTH_TRACER=gcp
+# REEARTH_TRACER_SAMPLE=1.0
 
 # Auth client
 #REEARTH_AUTH_ISS=https://hoge.com

server/.gitignore

@@ -26,6 +26,7 @@ __debug_bin
 /mongo
 /.env*
 !/.env.example
+!/.env.docker
 /coverage.txt
 /web
 tmp

server/Dockerfile.dev

@@ -0,0 +1,21 @@
+FROM golang:1.24.4-alpine
+
+RUN apk add --update --no-cache git ca-certificates build-base curl
+
+# Install air for hot reload
+RUN go install github.com/air-verse/[email protected]
+
+WORKDIR /reearth-visualizer
+
+# Copy go mod files
+COPY go.mod go.sum ./
+RUN go mod download
+
+# Copy source code
+COPY . .
+
+# Expose port
+EXPOSE 8080
+
+# Run air for hot reload
+CMD ["air", "-c", ".air.toml"]

server/Makefile

@@ -8,6 +8,7 @@ REEARTH_DB := mongodb://localhost
 SCHEMATYPER := github.com/idubinskiy/schematyper
 MANIFEST_DIR := pkg/plugin/manifest
 DOCKER_COMPOSE := docker compose -f ../docker-compose.yml
+DOCKER_COMPOSE_DEV := docker compose -f ../docker-compose.dev.yml
 
 # =======================
 # Default
@@ -67,6 +68,12 @@ dev: dev-install
 run-app:
 	go run ./cmd/reearth
 
+run:
+	${DOCKER_COMPOSE_DEV} up reearth-visualizer-dev
+
+down:
+	${DOCKER_COMPOSE_DEV} down
+
 clean:
 	go clean -modcache
 	go clean -cache
@@ -87,6 +94,22 @@ run-reset:
 	make run-db
 	make mockuser
 
+reset:
+	@echo "==== Stopping database and GCS services ===="
+	make stop-db
+	@echo ""
+	@echo "==== Removing data directory (requires sudo password) ===="
+	sudo rm -rf tmp
+	@echo ""
+	@echo "==== Starting database and GCS services ===="
+	make run-db
+	@echo ""
+	@echo "==== Waiting for services to be ready (3 seconds) ===="
+	sleep 3
+	@echo ""
+	make init
+	@echo "✓ Reset complete!"
+
 up-gcs:
 	${DOCKER_COMPOSE} up -d gcs
 
@@ -148,10 +171,39 @@ dev-install:
 # Others
 # =======================
 
+init:
+	@echo "==== Initializing GCS bucket ===="
+	make init-gcs
+	@echo ""
+	@echo "==== Waiting for GCS initialization (1 second) ===="
+	sleep 1
+	@echo ""
+	@echo "==== Creating mock user ===="
+	make mockuser
+	@echo ""
+
 mockuser:
 	curl -H 'Content-Type: application/json' \
 		-d '{"email": "[email protected]", "username": "Mock User"}' \
-		http://localhost:8080/api/signup
+		http://localhost:8080/api/signup -vvv
+
+init-gcs:
+	curl -H 'Content-Type: application/json' \
+		-d '{"name": "test-bucket"}' \
+		http://localhost:4443/storage/v1/b -vvv
+
+destroy:
+	@echo "⚠️  WARNING: This will remove ALL Docker resources!"
+	@echo "This includes containers, images, volumes, and networks."
+	@echo ""
+	@read -p "Are you sure you want to continue? [y/N] " -n 1 -r; \
+	echo; \
+	if [[ $$REPLY =~ ^[Yy]$$ ]]; then \
+		docker system prune -a --volumes -f; \
+		echo "✓ All Docker resources have been removed"; \
+	else \
+		echo "✗ Operation cancelled"; \
+	fi
 
 .PHONY: default help lint test test-debug e2e build dev-install dev run-app run-db run-reset run-clean-start clean \
         gql mockuser schematyper deep-copy up-gcs down-gcs generate

server/internal/adapter/accounts/auth_transport.go

@@ -3,7 +3,9 @@ package accounts
 import (
 	"net/http"
 
+	"github.com/reearth/reearth/server/internal/adapter"
 	"github.com/reearth/reearth/server/internal/adapter/internal"
+	"github.com/reearth/reearthx/log"
 )
 
 type DynamicAuthTransport struct{}
@@ -15,7 +17,9 @@ func (t DynamicAuthTransport) RoundTrip(req *http.Request) (*http.Response, erro
 	// - JWT tokens set directly in context (new auth middleware)
 	// - JWT tokens extracted from AuthInfo (legacy auth middleware)
 	// TODO: Remove authInfo handling once the migration is complete
-	if jwtToken := internal.GetContextJWT(req.Context()); jwtToken != "" {
+	if jwtToken := adapter.GetContextJWT(req.Context()); jwtToken != "" {
+		token = jwtToken
+	} else if jwtToken := internal.GetContextJWT(req.Context()); jwtToken != "" {
 		token = jwtToken
 	} else if authInfo := internal.GetContextAuthInfo(req.Context()); authInfo != nil && authInfo.Token != "" {
 		token = authInfo.Token
@@ -25,5 +29,10 @@ func (t DynamicAuthTransport) RoundTrip(req *http.Request) (*http.Response, erro
 		req.Header.Set("Authorization", "Bearer "+token)
 	}
 
-	return http.DefaultTransport.RoundTrip(req)
+	resp, err := http.DefaultTransport.RoundTrip(req)
+	if err != nil {
+		log.Errorfc(req.Context(), "[Accounts API] Request failed: %v", err)
+		return nil, err
+	}
+	return resp, nil
 }

server/internal/adapter/context.go

@@ -23,6 +23,7 @@ const (
 	contextLang        ContextKey = "lang"
 	contextInternal    ContextKey = "Internal"
 	contextUserID      ContextKey = "reearth_user"
+	contextJWT         ContextKey = "jwtToken"
 )
 
 var defaultLang = language.English
@@ -65,6 +66,17 @@ func AttachInternal(ctx context.Context, isInternal bool) context.Context {
 	return context.WithValue(ctx, contextInternal, isInternal)
 }
 
+func SetContextJWT(ctx context.Context, token string) context.Context {
+	return context.WithValue(ctx, contextJWT, token)
+}
+
+func GetContextJWT(ctx context.Context) string {
+	if token, ok := ctx.Value(contextJWT).(string); ok {
+		return token
+	}
+	return ""
+}
+
 func User(ctx context.Context) *user.User {
 	if v := ctx.Value(contextUser); v != nil {
 		if u, ok := v.(*user.User); ok {

server/internal/adapter/middleware/accounts_middleware.go

@@ -1,9 +1,16 @@
 package middleware
 
 import (
+	"errors"
+	"fmt"
+	"net/http"
+	"strings"
+
 	echo "github.com/labstack/echo/v4"
 	"github.com/reearth/reearth/server/internal/adapter/internal"
 	"github.com/reearth/reearth/server/internal/infrastructure/accounts"
+	"github.com/reearth/reearth/server/internal/infrastructure/accounts/gqlerror"
+	"github.com/reearth/reearthx/log"
 )
 
 type AccountsMiddlewares []echo.MiddlewareFunc
@@ -14,7 +21,8 @@ type NewAccountsMiddlewaresParam struct {
 
 func NewAccountsMiddlewares(param *NewAccountsMiddlewaresParam) AccountsMiddlewares {
 	return []echo.MiddlewareFunc{
-		jwtContextMiddleware(),
+		// jwtContextMiddleware(),
+		newAccountsMiddleware(param.AccountsClient),
 	}
 }
 
@@ -23,19 +31,72 @@ type NewAccountsMiddlewaresMockParam struct {
 	AccountsClient  *accounts.Client
 }
 
-func jwtContextMiddleware() echo.MiddlewareFunc {
+// func jwtContextMiddleware() echo.MiddlewareFunc {
+// 	return func(next echo.HandlerFunc) echo.HandlerFunc {
+// 		return func(c echo.Context) error {
+// 			authHeader := c.Request().Header.Get("Authorization")
+// 			if authHeader != "" {
+// 				// Remove the "Bearer " prefix from the Authorization header to extract the token
+// 				const bearerPrefix = "Bearer "
+// 				if len(authHeader) > len(bearerPrefix) && authHeader[:len(bearerPrefix)] == bearerPrefix {
+// 					token := authHeader[len(bearerPrefix):]
+// 					ctx := internal.SetContextJWT(c.Request().Context(), token)
+// 					c.SetRequest(c.Request().WithContext(ctx))
+// 				}
+// 			}
+// 		}
+// 	}
+// }
+
+var accountsMiddlewareSkipPaths = []string{
+	"/api/ping",
+	"/api/published/",
+	"/plugins/",
+	"/assets/",
+	"/favicon.ico",
+}
+
+func shouldSkipAccountsMiddleware(method, path string) bool {
+	// Only skip authentication for GET requests
+	if method != http.MethodGet {
+		return false
+	}
+
+	for _, skipPath := range accountsMiddlewareSkipPaths {
+		if skipPath == path || strings.HasPrefix(path, skipPath) {
+			return true
+		}
+	}
+	return false
+}
+
+func newAccountsMiddleware(accountsClient *accounts.Client) echo.MiddlewareFunc {
 	return func(next echo.HandlerFunc) echo.HandlerFunc {
 		return func(c echo.Context) error {
-			authHeader := c.Request().Header.Get("Authorization")
-			if authHeader != "" {
-				// Remove the "Bearer " prefix from the Authorization header to extract the token
-				const bearerPrefix = "Bearer "
-				if len(authHeader) > len(bearerPrefix) && authHeader[:len(bearerPrefix)] == bearerPrefix {
-					token := authHeader[len(bearerPrefix):]
-					ctx := internal.SetContextJWT(c.Request().Context(), token)
-					c.SetRequest(c.Request().WithContext(ctx))
+
+			if shouldSkipAccountsMiddleware(c.Request().Method, c.Request().URL.Path) {
+				return next(c)
+			}
+
+			ctx := c.Request().Context()
+
+			// TODO: Optimize performance by including necessary user information (userID, email, etc.)
+			// directly in the JWT token instead of executing a GQL query on every request.
+			// This will eliminate the overhead of making an API call to fetch user data for each request.
+			u, err := accountsClient.UserRepo.FindMe(ctx)
+			if err != nil {
+				if errors.Is(err, gqlerror.ErrUnauthorized) {
+					return echo.NewHTTPError(http.StatusUnauthorized, "unauthorized: user not found")
 				}
+				log.Errorc(ctx, fmt.Errorf("[Accounts Middleware] failed to fetch user: %w", err))
+				return echo.NewHTTPError(http.StatusInternalServerError, "server error: failed to fetch user")
 			}
+			if u == nil {
+				return echo.NewHTTPError(http.StatusUnauthorized, "unauthorized: user not found")
+			}
+
+			ctx = internal.SetContextUser(ctx, u)
+			c.SetRequest(c.Request().WithContext(ctx))
 			return next(c)
 		}
 	}