From aae83db2ea0f00ce32ea5b1087dcbd952bd4ac11 Mon Sep 17 00:00:00 2001
From: Anton Vakhrushev <anwinged@ya.ru>
Date: Thu, 14 Aug 2025 12:25:58 +0300
Subject: [PATCH] Simplify config and add user white list

---
 config.dist.toml             | 43 ++++++++++++++++++------------------
 internal/config/config.go    | 41 +++++++++++++++-------------------
 internal/controller/tg/tg.go | 19 +++++++++++++++-
 main.go                      | 13 ++++++-----
 4 files changed, 65 insertions(+), 51 deletions(-)

diff --git a/config.dist.toml b/config.dist.toml
index 562e6a0..9fb1c67 100644
--- a/config.dist.toml
+++ b/config.dist.toml
@@ -1,36 +1,37 @@
 # Server configuration
 [server]
 port = 8080
+shutdown_timeout = 5
+force_shutdown_timeout = 20
 
 # Database configuration
 [database]
 path = "data/transcriber.db"
 
-# AWS S3 Configuration
-[aws]
-# Регион AWS (например: us-east-1, eu-west-1)
-region = "us-east-1"
-
-# AWS Access Key ID (получить в AWS Console)
-access_key_id = "your_access_key_id"
-
-# AWS Secret Access Key (получить в AWS Console)
-secret_access_key = "your_secret_access_key"
-
-# Имя S3 bucket для загрузки файлов
-bucket_name = "your_bucket_name"
-
-# Кастомный endpoint для S3 (оставить пустым для AWS S3, заполнить для MinIO или других S3-совместимых сервисов)
-endpoint = ""
-
-# Yandex Cloud Speech-to-Text Configuration
+# Yandex Cloud Configuration
 [yandex]
-# API ключ для доступа к Yandex Cloud (получить в консоли Yandex Cloud)
-api_key = "your_api_key_here"
-
 # ID папки в Yandex Cloud (получить в консоли Yandex Cloud)
 folder_id = "your_folder_id_here"
 
+# API ключ для доступа к Yandex SpeechKit (получить в консоли Yandex Cloud)
+speech_kit_api_key = "your_speech_kit_api_key_here"
+
+# Object Storage (S3) configuration
+# Access Key ID для доступа к Object Storage (получить в консоли Yandex Cloud)
+object_storage_access_key_id = "your_access_key_id"
+
+# Secret Access Key для доступа к Object Storage (получить в консоли Yandex Cloud)
+object_storage_secret_access_key = "your_secret_access_key"
+
+# Имя бакета в Object Storage
+object_storage_bucket_name = "your_bucket_name"
+
+# Регион Object Storage
+object_storage_region = "ru-central1"
+
+# Endpoint Object Storage
+object_storage_endpoint = "https://storage.yandexcloud.net/"
+
 # Telegram Bot Configuration
 [telegram]
 # Токен Telegram бота (получить у @BotFather в Telegram)
diff --git a/internal/config/config.go b/internal/config/config.go
index 5eab274..57597bc 100644
--- a/internal/config/config.go
+++ b/internal/config/config.go
@@ -10,32 +10,29 @@ import (
 type Config struct {
 	Server   ServerConfig   `toml:"server"`
 	Database DatabaseConfig `toml:"database"`
-	AWS      AWSConfig      `toml:"aws"`
 	Yandex   YandexConfig   `toml:"yandex"`
 	Telegram TelegramConfig `toml:"telegram"`
 }
 
 type ServerConfig struct {
-	Port                 int `toml:"port"`
-	ShutdownTimeout      int `toml:"shutdown_timeout"`
-	ForceShutdownTimeout int `toml:"force_shutdown_timeout"`
+	Port                 int      `toml:"port"`
+	ShutdownTimeout      int      `toml:"shutdown_timeout"`
+	ForceShutdownTimeout int      `toml:"force_shutdown_timeout"`
+	UsersWhiteList       []string `toml:"users_while_list"`
 }
 
 type DatabaseConfig struct {
 	Path string `toml:"path"`
 }
 
-type AWSConfig struct {
-	Region     string `toml:"region"`
-	AccessKey  string `toml:"access_key_id"`
-	SecretKey  string `toml:"secret_access_key"`
-	BucketName string `toml:"bucket_name"`
-	Endpoint   string `toml:"endpoint"`
-}
-
 type YandexConfig struct {
-	APIKey   string `toml:"api_key"`
-	FolderID string `toml:"folder_id"`
+	FolderID             string `toml:"folder_id"`
+	SpeechKitAPIKey      string `toml:"speech_kit_api_key"`
+	ObjStorageAccessKey  string `toml:"object_storage_access_key_id"`
+	ObjStorageSecretKey  string `toml:"object_storage_secret_access_key"`
+	ObjStorageBucketName string `toml:"object_storage_bucket_name"`
+	ObjStorageRegion     string `toml:"object_storage_region"`
+	ObjStorageEndpoint   string `toml:"object_storage_endpoint"`
 }
 
 type TelegramConfig struct {
@@ -54,16 +51,14 @@ func DefaultConfig() *Config {
 		Database: DatabaseConfig{
 			Path: "data/transcriber.db",
 		},
-		AWS: AWSConfig{
-			Region:     "ru-central1",
-			AccessKey:  "",
-			SecretKey:  "",
-			BucketName: "",
-			Endpoint:   "",
-		},
 		Yandex: YandexConfig{
-			APIKey:   "",
-			FolderID: "",
+			FolderID:             "",
+			SpeechKitAPIKey:      "",
+			ObjStorageAccessKey:  "",
+			ObjStorageSecretKey:  "",
+			ObjStorageBucketName: "",
+			ObjStorageRegion:     "ru-central1",
+			ObjStorageEndpoint:   "https://storage.yandexcloud.net/",
 		},
 		Telegram: TelegramConfig{
 			BotToken:      "",
diff --git a/internal/controller/tg/tg.go b/internal/controller/tg/tg.go
index 118e1fe..c0912b1 100644
--- a/internal/controller/tg/tg.go
+++ b/internal/controller/tg/tg.go
@@ -5,6 +5,7 @@ import (
 	"io"
 	"log/slog"
 	"net/http"
+	"slices"
 	"strings"
 	"time"
 
@@ -15,17 +16,19 @@ import (
 
 type TelegramController struct {
 	// deps
-	bot               *tgbotapi.BotAPI
 	transcribeService *service.TranscribeService
 	jobRepo           contract.TranscriptJobRepository
 	logger            *slog.Logger
 	// params
+	bot           *tgbotapi.BotAPI
+	userWhiteList []string
 	updateTimeout int
 }
 
 type TelegramConfig struct {
 	BotToken      string
 	UpdateTimeout int
+	UserWhiteList []string
 }
 
 func NewTelegramController(
@@ -50,6 +53,7 @@ func NewTelegramController(
 		jobRepo:           jobRepo,
 		logger:            logger,
 		updateTimeout:     config.UpdateTimeout,
+		userWhiteList:     config.UserWhiteList,
 	}
 
 	return controller, nil
@@ -71,6 +75,12 @@ func (c *TelegramController) Start() {
 		author := update.Message.From.String()
 		c.logger.Info("New incoming message", "author", author)
 
+		if !slices.Contains(c.userWhiteList, author) {
+			c.logger.Info("User is not in white list, reject", "author", author)
+			c.handleForbiddenUser(update.Message)
+			continue
+		}
+
 		// Handle commands
 		if update.Message.IsCommand() {
 			// Extract the command from the Message
@@ -105,6 +115,13 @@ func (c *TelegramController) handleStartCommand(message *tgbotapi.Message) {
 	c.bot.Send(msg)
 }
 
+func (c *TelegramController) handleForbiddenUser(message *tgbotapi.Message) {
+	msg := tgbotapi.NewMessage(message.Chat.ID, "Извини, тебе нельзя пользоваться этим ботом. Обратись к владельцу бота.")
+	msg.ReplyToMessageID = message.MessageID
+
+	c.bot.Send(msg)
+}
+
 func (c *TelegramController) handleHelpCommand(message *tgbotapi.Message) {
 	helpText := `Я бот для расшифровки аудиосообщений и аудиофайлов.
 
diff --git a/main.go b/main.go
index e614f4b..c528992 100644
--- a/main.go
+++ b/main.go
@@ -100,12 +100,12 @@ func main() {
 	converter := ffmpegconv.NewFfmpegConverter()
 
 	recognizer, err := yandex.NewYandexAudioRecognizerService(yandex.YandexAudioRecognizerConfig{
-		Region:     cfg.AWS.Region,
-		AccessKey:  cfg.AWS.AccessKey,
-		SecretKey:  cfg.AWS.SecretKey,
-		BucketName: cfg.AWS.BucketName,
-		Endpoint:   cfg.AWS.Endpoint,
-		ApiKey:     cfg.Yandex.APIKey,
+		Region:     cfg.Yandex.ObjStorageRegion,
+		AccessKey:  cfg.Yandex.ObjStorageAccessKey,
+		SecretKey:  cfg.Yandex.ObjStorageSecretKey,
+		BucketName: cfg.Yandex.ObjStorageBucketName,
+		Endpoint:   cfg.Yandex.ObjStorageEndpoint,
+		ApiKey:     cfg.Yandex.SpeechKitAPIKey,
 		FolderID:   cfg.Yandex.FolderID,
 	})
 	if err != nil {
@@ -127,6 +127,7 @@ func main() {
 	tgConfig := tgcontroller.TelegramConfig{
 		BotToken:      cfg.Telegram.BotToken,
 		UpdateTimeout: cfg.Telegram.UpdateTimeout,
+		UserWhiteList: cfg.Server.UsersWhiteList,
 	}
 
 	// Создаем Telegram бот