Skip to main content
  1. Backends/

Bikefest 2024 Backend

·4 mins· ·
Blog En
Table of Contents
peterxcli/bike-festival-2024-backend

Backbone for the 2024 NCKU Bike Festival, featuring event notifications and Line Login for authentication. Built with Go, Docker, and Redis.

Go
1
0

DB Schema
#

User Table
#

FieldTypeGORM OptionsJSON KeyDescription
IDstringtype:varchar(36);primary_keyidThe unique identifier for the user. (from line account)
Namestringtype:varchar(255);indexnameThe name of the user. (from line account)

User-Event Table
#

FieldTypeDescription
user_idvarchar(36)The ID of the user, linking to User.ID.
event_idvarchar(36)The ID of the event, linking to Event.ID.

Event Table
#

FieldTypeGORM OptionsJSON KeyRedis KeyDescription
ID*stringtype:varchar(36);primary_keyididThe event ID defined at the frontend. If not provided, it is calculated by the hash of event detail and event time.
EventTimeStart*time.Timetype:timestampevent_time_startevent_time_startThe start time of the event.
EventTimeEnd*time.Timetype:timestampevent_time_endevent_time_endThe end time of the event.
EventDetail*stringtype:varchar(1024)event_detailevent_detailThe details of the event, stored in JSON format. This is parsed when sending to the line message API.

心理測驗統計
#

  • 結果種類儲存
  • 統計趴數
FieldTypeGORM OptionsDescription
Typestringtype:varchar(255);uniqueThe unique type of the psycho test.
Countinttype:intThe count associated with the test.

API
#

  • Add type
  • Retrieve statistic result

Line
#

Official Document
#

Tutorial
#

Line Login Integration Tutorial

Push Line Flex Message
#

Asynq
#

Add Scheduled Task
#

Cancel Scheduled Task
#

Optimization
#

Get Event By EventID
#

DB only
#

(2000 virtual users, for 1 mins)

2024-02-18T205350

Redis Cache + DB
#

(2000 virtual users, for 1 mins)

2024-02-18T205401

type EventCache struct {
    ID             string    `json:"id" redis:"id"`
    EventTimeStart time.Time `json:"event_time_start" redis:"event_time_start"`
    EventTimeEnd   time.Time `json:"event_time_end" redis:"event_time_end"`
    EventDetail    string    `json:"event_detail" redis:"event_detail"`
    CreatedAt      time.Time `json:"created_at" redis:"created_at"`
    UpdatedAt      time.Time `json:"updated_at" redis:"updated_at"`
}

部署
#

Nginx Setup
#

Nginx Reverse Proxy

[!note]

要把 ssl_certificate & ssl_certificate_key 那邊的 domain 改成你自己的 (for Certbot)

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;

    server_name nckubikefestival.ncku.edu.tw;

    ssl_certificate /etc/letsencrypt/live/nckubikefestival.ncku.edu.tw/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/nckubikefestival.ncku.edu.tw/privkey.pem; # managed by Certbot
    ssl_ecdh_curve X25519:secp384r1;
    ssl_session_cache shared:SSL:50m;
    ssl_session_timeout 1440m;
    ssl_session_tickets off;
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+ECDSA+AES128:EECDH+aRSA+AES128:RSA+AES128:EECDH+ECDSA+AES256:EECDH+aRSA+AES256:RSA+AES256:EECDH+ECDSA+3DES:EECDH+aRSA+3DES:RSA+3DES:!MD5;
    ssl_prefer_server_ciphers on;
    ssl_stapling on;
    ssl_stapling_verify on;
    ssl_trusted_certificate /etc/letsencrypt/live/nckubikefestival.ncku.edu.tw/chain.pem;
    add_header Strict-Transport-Security "max-age=31536000; preload";


    # Forward https://nckubikefestival.ncku.edu.tw/api/<path> to http://localhost:8000/<path>
    # For Golang Backend

    location /api/ {
        proxy_pass http://localhost:8000/;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }

    # Forward https://nckubikefestival.ncku.edu.tw/* to http://localhost:5173/*
    # For Vue Frontend

    location / {
        proxy_pass http://localhost:5173/;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

CertBot
#

sudo apt  install certbot
sudo apt-get install python3-certbot-nginx

# 申請憑證
sudo certbot --nginx --email peterxcli@gmail.com --agree-tos -d nckubikefestival.ncku.edu.tw

# 安裝憑證 ( cert-name 要跟 nginx的 config 檔的 server_name 一樣)
sudo certbot install --cert-name nckubikefestival.ncku.edu.tw

Bug
#

Line login redirect
#

[!warning] the bug is due to the referer-policy the default policy is strict-origin-when-cross-origin

In my case, I use the additional redirect_path(which is set in query string ``) to compose the frontend redirect path:

2024-02-21T155843

It works fine when I am developing at my local computer, but in the production environment, it always redirect user to the page with duplicate path, like: /bikefest/main-stagebikefest/main-stage/

Then I discover that in my local development environment, the request referer only contain the domain name(localhost:5173), but the production send its full path and query string to the backend server.

And that the reason is: in dev env, the frontend is at localhost:5173 and the backend is at localhost:8000, the trigger the default referer policy strict-origin-when-cross-origin only send the localhost:8000 as the referer value. In prod env, the frontend and backend have the same domain but only differ at the path, so the refer default policy send origin, path, query as the referer value, and frontend also send its windows.location.path as redirected_path query string, then backend compose the referer, redirect_path, and the result would be like `https:///windows.location.path/windows.location.path. And that is the main reason why the production appear the page with duplicate path.

To resolve this problem, we only needs to set the referer policy in the nginx configuration, and let the referer only include origin to prevent the above issue:

server {
  ...

  # Set the Referrer-Policy header
  add_header Referrer-Policy "origin";
 
  ...
}

Reference
#

Related

Building a high-performance, scalable server for AD management
·13 mins
Blog En
peterxcli/ad-server Scalable state machine, exemplified through an advertisement management system | Dcard 2024 internship assignment | Distributed Systems, ensuring high availability and fault tolerance Go 5 1 Benchmark Result # Local: QPS: 96000/s K6 Load Test The primary bottleneck is the gin router. With an optimized router engine, the QPS could potentially reach 800000/s. - See gin router performance benchmarks. Short Description # A infinitely scalable. advertisement management system, baked with replicated advertisement business state machine, replicated log system, and fault recovery mechanism.