Upgrade go and dependency versions

.github/workflows/ci.yaml

@@ -23,7 +23,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v3
         with:
-          go-version: "1.20"
+          go-version: "1.25"
 
       - name: Install dependencies
         run: |

CLAUDE.md

@@ -0,0 +1,114 @@
+# CLAUDE.md
+
+This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
+
+## Project Overview
+
+Better WAPI is a RESTful API wrapper around the WEDOS DNS API (WAPI). It provides standardized CRUD operations for DNS records that the original WAPI lacks, using JWT authentication and modern API patterns.
+
+## Development Commands
+
+### Running the application
+```bash
+go run .
+```
+
+The API runs on port 8000 by default. Swagger UI is accessible at http://localhost:8000/docs/index.html (root path redirects there automatically).
+
+### Building
+```bash
+go build -o app ./main.go
+```
+
+### Swagger documentation regeneration
+```bash
+swag init
+```
+
+Run this after modifying API handlers with godoc annotations in src/api/handlers/.
+
+### Docker
+```bash
+docker build -t better-wapi:latest .
+docker run -d -p 8083:8000 --env-file .env better-wapi:latest
+```
+
+### Testing
+This project currently has no automated tests.
+
+### Upgrading Go version
+When upgrading the Go version, update it in the following files:
+- `go.mod` (line 3: `go 1.xx`)
+- `Dockerfile` (line 1: `FROM golang:1.xx-alpine`)
+- `.github/workflows/ci.yaml` (line 26: `go-version: "1.xx"`)
+
+After updating, run:
+```bash
+go get -u           # Update dependencies to latest minor versions
+go mod tidy         # Clean up go.mod and go.sum
+go build -o app ./main.go  # Verify build succeeds
+```
+
+## Architecture
+
+### Core flow
+1. **Authentication**: JWT-based auth using BW_USER credentials (src/services/auth.go)
+   - Obtain token via POST /token or POST /api/auth/token with login/secret credentials
+   - Token must be passed as Bearer token in Authorization header for all protected endpoints
+2. **Request handling**: Gin handlers in src/api/handlers/ receive RESTful requests
+   - All /v1/domain and /v2/domain routes require JWT authentication
+3. **WAPI integration**: IntegrationService (src/services/integration.go) translates to WAPI commands
+4. **WAPI authentication**: Time-based SHA1 token generated using WAPI credentials + Prague timezone hour
+   - Token format: SHA1(username + SHA1(password) + current_hour_in_prague)
+   - Generated fresh for each WAPI request via getApiToken() function
+
+### Key components
+
+**IntegrationService** (src/services/integration.go)
+- Core service that communicates with WEDOS API
+- Handles WAPI authentication via time-based SHA1 token (Prague timezone)
+- All DNS operations go through `makeRequest()` method
+- Supports optional autocommit parameter for immediate DNS changes
+
+**API versioning**
+- v1 endpoints: Use subdomain strings for lookups (e.g., `/v1/domain/{domain}/record`)
+  - Create: POST /v1/domain/{domain}/record
+  - Update: PUT /v1/domain/{domain}/record (finds record by subdomain)
+  - Delete: DELETE /v1/domain/{domain}/record (finds record by subdomain)
+  - Get all: GET /v1/domain/{domain}/info
+  - Get one: GET /v1/domain/{domain}/{subdomain}/info
+  - Commit: POST /v1/domain/{domain}/commit
+- v2 endpoints: Use numeric record IDs from path (e.g., `/v2/domain/{domain}/record/{id}`)
+  - Update: PUT /v2/domain/{domain}/record/{id}
+  - Delete: DELETE /v2/domain/{domain}/record/{id}
+  - v2 returns 204 No Content on success (v1 returns 200/201)
+
+**Request models** (src/api/models/requests.go)
+- SaveRowRequest (v1): Requires subdomain string in request body
+- SaveRowRequestV2 (v2): Uses record ID from URL path parameter
+- Both support fields: TTL, Type, Data, Autocommit
+- Default values (applied via creasty/defaults package):
+  - TTL: 3600
+  - Type: "A"
+  - Autocommit: false
+- DeleteRowRequest/DeleteRowRequestV2: Support Autocommit field (default: false)
+
+**Middleware**
+- Authorization middleware in src/api/middleware/authorize.go validates JWT tokens
+- Applied to all /v1 and /v2 domain routes via router groups in src/api/routes.go
+- CORS is configured to allow all origins with credentials in main.go
+
+### Environment configuration
+
+Required environment variables (see .env.example):
+- `BW_USER_LOGIN` / `BW_USER_SECRET`: API authentication credentials
+- `BW_WAPI_USERNAME` / `BW_WAPI_PASSWORD`: WEDOS WAPI credentials
+- `BW_JSON_WEB_KEY`: JWT signing key
+- `BW_BASE_URL`: API base URL for Swagger docs
+- `BW_USE_LOGFILE`: Enable file logging
+
+**IMPORTANT**: WEDOS requires whitelisting the host IP address in their management dashboard.
+
+## Certbot integration
+
+The `tools/certbot/certbot_renew_hook.py` script provides DNS-01 challenge support for Let's Encrypt certificate renewal via the Better WAPI API. It creates and cleans up TXT records for ACME challenges.

Dockerfile

@@ -1,4 +1,4 @@
-FROM golang:1.20-alpine as builder
+FROM golang:1.25-alpine as builder
 
 RUN apk update && apk add --no-cache alpine-sdk git tzdata
 

go.mod

@@ -1,53 +1,65 @@
 module github.com/loupeznik/better-wapi
 
-go 1.20
+go 1.25
 
 require (
-	github.com/gin-contrib/cors v1.6.0
-	github.com/gin-gonic/gin v1.9.1
+	github.com/gin-contrib/cors v1.7.6
+	github.com/gin-gonic/gin v1.11.0
+	github.com/golang-jwt/jwt/v5 v5.3.0
 	github.com/joho/godotenv v1.5.1
-	github.com/swaggo/files v1.0.0
-	github.com/swaggo/gin-swagger v1.5.3
-	github.com/swaggo/swag v1.8.10
+	github.com/swaggo/files v1.0.1
+	github.com/swaggo/gin-swagger v1.6.1
+	github.com/swaggo/swag v1.16.6
 )
 
 require (
-	github.com/chenzhuoyu/iasm v0.9.1 // indirect
-	github.com/gabriel-vasile/mimetype v1.4.3 // indirect
+	github.com/bytedance/gopkg v0.1.3 // indirect
+	github.com/bytedance/sonic/loader v0.4.0 // indirect
+	github.com/cloudwego/base64x v0.1.6 // indirect
+	github.com/gabriel-vasile/mimetype v1.4.11 // indirect
+	github.com/go-openapi/swag/conv v0.25.4 // indirect
+	github.com/go-openapi/swag/jsonname v0.25.4 // indirect
+	github.com/go-openapi/swag/jsonutils v0.25.4 // indirect
+	github.com/go-openapi/swag/loading v0.25.4 // indirect
+	github.com/go-openapi/swag/stringutils v0.25.4 // indirect
+	github.com/go-openapi/swag/typeutils v0.25.4 // indirect
+	github.com/go-openapi/swag/yamlutils v0.25.4 // indirect
+	github.com/goccy/go-yaml v1.19.0 // indirect
+	github.com/kr/text v0.2.0 // indirect
+	github.com/quic-go/qpack v0.6.0 // indirect
+	github.com/quic-go/quic-go v0.57.1 // indirect
+	go.uber.org/mock v0.6.0 // indirect
+	go.yaml.in/yaml/v3 v3.0.4 // indirect
+	golang.org/x/mod v0.31.0 // indirect
+	golang.org/x/sync v0.19.0 // indirect
 )
 
 require (
 	github.com/KyleBanks/depth v1.2.1 // indirect
-	github.com/bytedance/sonic v1.11.2 // indirect
-	github.com/chenzhuoyu/base64x v0.0.0-20230717121745-296ad89f973d // indirect
-	github.com/creasty/defaults v1.7.0
-	github.com/gin-contrib/sse v0.1.0 // indirect
-	github.com/go-openapi/jsonpointer v0.19.6 // indirect
-	github.com/go-openapi/jsonreference v0.20.2 // indirect
-	github.com/go-openapi/spec v0.20.8 // indirect
-	github.com/go-openapi/swag v0.22.3 // indirect
+	github.com/bytedance/sonic v1.14.2 // indirect
+	github.com/creasty/defaults v1.8.0
+	github.com/gin-contrib/sse v1.1.0 // indirect
+	github.com/go-openapi/jsonpointer v0.22.4 // indirect
+	github.com/go-openapi/jsonreference v0.21.4 // indirect
+	github.com/go-openapi/spec v0.22.2 // indirect
 	github.com/go-playground/locales v0.14.1 // indirect
 	github.com/go-playground/universal-translator v0.18.1 // indirect
-	github.com/go-playground/validator/v10 v10.19.0 // indirect
-	github.com/goccy/go-json v0.10.2 // indirect
-	github.com/golang-jwt/jwt v3.2.2+incompatible
-	github.com/josharian/intern v1.0.0 // indirect
+	github.com/go-playground/validator/v10 v10.28.0 // indirect
+	github.com/goccy/go-json v0.10.5 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
-	github.com/klauspost/cpuid/v2 v2.2.7 // indirect
+	github.com/klauspost/cpuid/v2 v2.3.0 // indirect
 	github.com/leodido/go-urn v1.4.0 // indirect
-	github.com/mailru/easyjson v0.7.7 // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
-	github.com/pelletier/go-toml/v2 v2.1.1 // indirect
+	github.com/pelletier/go-toml/v2 v2.2.4 // indirect
 	github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
-	github.com/ugorji/go/codec v1.2.12 // indirect
-	golang.org/x/arch v0.7.0 // indirect
-	golang.org/x/crypto v0.31.0 // indirect
-	golang.org/x/net v0.33.0 // indirect
-	golang.org/x/sys v0.28.0 // indirect
-	golang.org/x/text v0.21.0 // indirect
-	golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d // indirect
-	google.golang.org/protobuf v1.33.0 // indirect
-	gopkg.in/yaml.v3 v3.0.1 // indirect
+	github.com/ugorji/go/codec v1.3.1 // indirect
+	golang.org/x/arch v0.23.0 // indirect
+	golang.org/x/crypto v0.46.0 // indirect
+	golang.org/x/net v0.48.0 // indirect
+	golang.org/x/sys v0.39.0 // indirect
+	golang.org/x/text v0.32.0 // indirect
+	golang.org/x/tools v0.40.0 // indirect
+	google.golang.org/protobuf v1.36.11 // indirect
 )