package main import ( "log" "os" "github.com/gin-gonic/gin" "github.com/breakpilot/pca-platform/heuristic-service/internal/api" "github.com/breakpilot/pca-platform/heuristic-service/internal/config" ) func main() { // Load configuration configPath := os.Getenv("CONFIG_PATH") if configPath == "" { configPath = "ai-access.json" } cfg, err := config.LoadFromFile(configPath) if err != nil { log.Printf("Warning: Could not load config from %s, using defaults: %v", configPath, err) cfg = config.DefaultConfig() } // Create handler handler := api.NewHandler(cfg) // Start cleanup routine handler.StartCleanupRoutine() // Setup Gin router if os.Getenv("GIN_MODE") == "" { gin.SetMode(gin.ReleaseMode) } r := gin.Default() // Enable CORS r.Use(func(c *gin.Context) { c.Header("Access-Control-Allow-Origin", "*") c.Header("Access-Control-Allow-Methods", "GET, POST, OPTIONS") c.Header("Access-Control-Allow-Headers", "Content-Type, Authorization, X-PCA-Session") if c.Request.Method == "OPTIONS" { c.AbortWithStatus(204) return } c.Next() }) // Health endpoint r.GET("/health", handler.HandleHealth) // PCA API v1 v1 := r.Group("/pca/v1") { // Configuration endpoint (for client SDK) v1.GET("/config", handler.HandleGetConfig) // Tick endpoint (receives behavioral metrics) v1.POST("/tick", handler.HandleTick) // Evaluation endpoint v1.GET("/evaluate", handler.HandleEvaluate) // WebAuthn step-up v1.GET("/webauthn-challenge", handler.HandleWebAuthnChallenge) v1.POST("/webauthn-verify", handler.HandleWebAuthnVerify) // Proof-of-Work step-up v1.GET("/pow-challenge", handler.HandlePoWChallenge) v1.POST("/pow-verify", handler.HandlePoWVerify) } // Start server port := cfg.Port log.Printf("PCA Heuristic Service starting on port %s", port) log.Printf("Thresholds: pass=%.2f, challenge=%.2f", cfg.Thresholds.ScorePass, cfg.Thresholds.ScoreChallenge) log.Printf("Step-up methods: %v (primary: %s)", cfg.StepUp.Methods, cfg.StepUp.Primary) if err := r.Run(":" + port); err != nil { log.Fatalf("Failed to start server: %v", err) } }