refactor: centralize constants and reorganize documentation

- Create internal/constants package with all hardcoded values (environment, cookies, themes, headers, routes, cache) - Create internal/httputil package for HTTP helper functions - Update all handlers and middleware to use centralized constants - Reorganize documentation with numbered prefixes (00-26) - Remove duplicate docs from validation folder and docs/ - Delete handlers/constants.go (moved to internal/constants)
2025-12-06 16:27:12 +00:00
parent 71d9258c58
commit 2c7f8de242
37 changed files with 732 additions and 343 deletions
@@ -0,0 +1,228 @@
+// Package constants provides global constants used across the application.
+package constants
+
+import "time"
+
+// ==============================================================================
+// HTTP CONTENT TYPES
+// ==============================================================================
+
+const (
+	ContentTypeJSON         = "application/json"
+	ContentTypeHTML         = "text/html; charset=utf-8"
+	ContentTypeHTMLFragment = "text/html" // For HTMX fragments
+	ContentTypePlainText    = "text/plain; charset=utf-8"
+	ContentTypePDF          = "application/pdf"
+	ContentTypeFormURLEnc   = "application/x-www-form-urlencoded"
+)
+
+// ==============================================================================
+// HTTP HEADERS
+// ==============================================================================
+
+const (
+	HeaderContentType        = "Content-Type"
+	HeaderContentDisposition = "Content-Disposition"
+	HeaderContentLength      = "Content-Length"
+	HeaderCacheControl       = "Cache-Control"
+	HeaderXContentTypeOpts   = "X-Content-Type-Options"
+
+	// HTMX headers
+	HeaderHXRequest = "HX-Request"
+	HeaderHXTrigger = "HX-Trigger"
+)
+
+// ==============================================================================
+// CACHE CONTROL VALUES
+// ==============================================================================
+
+const (
+	// CachePublic1Hour is for relatively static content (1 hour)
+	CachePublic1Hour = "public, max-age=3600"
+
+	// CachePublic1Day is for static files in production (1 day)
+	CachePublic1Day = "public, max-age=86400"
+
+	// CachePublic5Min is for dynamic content that can be cached briefly
+	CachePublic5Min = "public, max-age=300, must-revalidate"
+
+	// CacheNoStore prevents caching entirely
+	CacheNoStore = "no-cache, no-store, must-revalidate"
+
+	// CacheStatic is for truly static assets (1 year)
+	CacheStatic = "public, max-age=31536000, immutable"
+)
+
+// Cache durations in seconds
+const (
+	CacheDuration1Hour  = 3600
+	CacheDuration5Min   = 300
+	CacheDuration1Year  = 31536000
+	CacheDuration1Day   = 86400
+	CacheDuration1Week  = 604800
+	CacheDuration1Month = 2592000
+)
+
+// ==============================================================================
+// LANGUAGE CODES
+// ==============================================================================
+
+const (
+	LangEnglish = "en"
+	LangSpanish = "es"
+	LangDefault = LangEnglish
+)
+
+// SupportedLanguages is the set of valid language codes
+var SupportedLanguages = map[string]bool{
+	LangEnglish: true,
+	LangSpanish: true,
+}
+
+// ==============================================================================
+// CV PREFERENCES
+// ==============================================================================
+
+const (
+	CVLengthShort  = "short"
+	CVLengthLong   = "long"
+	CVIconsShow    = "show"
+	CVIconsHide    = "hide"
+	CVThemeDefault = "default"
+	CVThemeClean   = "clean"
+)
+
+// ==============================================================================
+// COOKIE SETTINGS
+// ==============================================================================
+
+const (
+	CookieMaxAge = 365 * 24 * 60 * 60 // 1 year in seconds
+	CookiePath   = "/"
+)
+
+// ==============================================================================
+// RATE LIMITING
+// ==============================================================================
+
+const (
+	RateLimitPDFRequests     = 3
+	RateLimitPDFWindow       = 1 * time.Minute
+	RateLimitGeneralRequests = 100
+	RateLimitGeneralWindow   = 1 * time.Minute
+	RateLimitContactRequests = 5
+	RateLimitContactWindow   = 1 * time.Hour
+)
+
+// ==============================================================================
+// TIMEOUTS
+// ==============================================================================
+
+const (
+	TimeoutPDFGeneration = 30 * time.Second
+	TimeoutHTTPRequest   = 10 * time.Second
+)
+
+// ==============================================================================
+// PDF DIMENSIONS
+// ==============================================================================
+
+const (
+	A4WidthInches  = 8.27
+	A4HeightInches = 11.69
+)
+
+// ==============================================================================
+// SECURITY
+// ==============================================================================
+
+const (
+	// HSTS max-age (1 year)
+	HSTSMaxAge = "max-age=31536000; includeSubDomains; preload"
+
+	// Content type options
+	NoSniff = "nosniff"
+
+	// Frame options
+	FrameOptionsSameOrigin = "SAMEORIGIN"
+
+	// XSS Protection
+	XSSProtection = "1; mode=block"
+
+	// Referrer Policy
+	ReferrerPolicy = "strict-origin-when-cross-origin"
+)
+
+// ==============================================================================
+// SECURITY HEADERS
+// ==============================================================================
+
+const (
+	HeaderXFrameOptions     = "X-Frame-Options"
+	HeaderXXSSProtection    = "X-XSS-Protection"
+	HeaderReferrerPolicy    = "Referrer-Policy"
+	HeaderPermissionsPolicy = "Permissions-Policy"
+	HeaderCSP               = "Content-Security-Policy"
+	HeaderHSTS              = "Strict-Transport-Security"
+	HeaderRetryAfter        = "Retry-After"
+	HeaderXForwardedFor     = "X-Forwarded-For"
+	HeaderXRealIP           = "X-Real-IP"
+)
+
+// ==============================================================================
+// REQUEST HEADERS
+// ==============================================================================
+
+const (
+	HeaderUserAgent = "User-Agent"
+	HeaderAccept    = "Accept"
+	HeaderOrigin    = "Origin"
+	HeaderReferer   = "Referer"
+)
+
+// ==============================================================================
+// ENVIRONMENT
+// ==============================================================================
+
+const (
+	EnvProduction  = "production"
+	EnvDevelopment = "development"
+
+	EnvVarGOEnv = "GO_ENV"
+	EnvVarPort  = "PORT"
+
+	DefaultPort = "1999"
+)
+
+// ==============================================================================
+// COOKIE NAMES
+// ==============================================================================
+
+const (
+	CookieCVLength   = "cv-length"
+	CookieCVIcons    = "cv-icons"
+	CookieCVLanguage = "cv-language"
+	CookieCVTheme    = "cv-theme"
+	CookieColorTheme = "color-theme"
+)
+
+// ==============================================================================
+// COLOR THEMES
+// ==============================================================================
+
+const (
+	ColorThemeLight = "light"
+	ColorThemeDark  = "dark"
+)
+
+// ==============================================================================
+// ROUTES
+// ==============================================================================
+
+const (
+	RouteHome       = "/"
+	RouteHealth     = "/health"
+	RouteExportPDF  = "/export/pdf"
+	RouteAPIContact = "/api/contact"
+	RouteAPICmdK    = "/api/cmd-k"
+)