remove varbose build log

add verbose logging for image build
build: install git to support go mod download
2026-01-16 19:05:08 +03:00 · 2026-01-14 16:41:22 +03:00 · 2026-01-12 17:57:31 +03:00 · 2026-01-12 17:23:21 +03:00 · 2026-01-12 17:17:18 +03:00 · 2026-01-06 19:26:21 +03:00
28 changed files with 1820 additions and 149 deletions
--- a/4
+++ b/4
@@ -8,6 +8,8 @@ WORKDIR /app
 # Копируем файлы go.mod и go.sum для загрузки зависимостей
 COPY go.mod go.sum ./
 # Загружаем зависимости. Этот слой будет кэшироваться, если файлы не менялись
+ENV GOPROXY=direct
+RUN apk add --no-cache git
 RUN go mod download

 # Копируем весь остальной исходный код
@@ -30,7 +32,7 @@ WORKDIR /app
 COPY --from=builder /app/server .

 # (Опционально, но хорошая практика) Добавляем сертификаты для HTTPS-запросов из нашего приложения
-RUN apk --no-cache add ca-certificates
+RUN apk --no-cache add  ca-certificates

 # (Опционально, но хорошая практика) Запускаем приложение от имени непривилегированного пользователя
 RUN addgroup -S appgroup && adduser -S appuser -G appgroup
--- a/cmd/server/main.go
+++ b/cmd/server/main.go
@@ -2,19 +2,30 @@ package main

 import (
 	"context"
-	"log"
+	"log/slog"
 	"net/http"
 	"os"
+	"os/signal"
+	"syscall"
+	"time"

 	"gitea.mrixs.me/minecraft-platform/backend/internal/api"
 	"gitea.mrixs.me/minecraft-platform/backend/internal/core"
 	"gitea.mrixs.me/minecraft-platform/backend/internal/database"
+	"gitea.mrixs.me/minecraft-platform/backend/internal/ws"

 	"github.com/go-chi/chi/v5"
 	"github.com/go-chi/chi/v5/middleware"
+	"github.com/go-chi/httprate"
 )

 func main() {
+	// --- Инициализация логгера (slog) ---
+	logger := slog.New(slog.NewJSONHandler(os.Stdout, nil))
+	slog.SetDefault(logger)
+
+	slog.Info("Starting backend server initialization...")
+
 	dbPool := database.Connect()
 	defer dbPool.Close()

@@ -22,33 +33,45 @@ func main() {
 	userRepo := &database.UserRepository{DB: dbPool}
 	serverRepo := &database.ServerRepository{DB: dbPool}
 	modpackRepo := &database.ModpackRepository{DB: dbPool}
+	jobRepo := &database.JobRepository{DB: dbPool}

 	// --- Инициализация сервисов ---
 	userService := &core.UserService{Repo: userRepo}
 	authService := &core.AuthService{UserRepo: userRepo}
 	serverPoller := &core.ServerPoller{Repo: serverRepo}

+	// --- Инициализация WebSocket Hub ---
+	hub := ws.NewHub()
+	go hub.Run()
+
 	keyPath := os.Getenv("RSA_PRIVATE_KEY_PATH")
 	if keyPath == "" {
-		log.Fatal("RSA_PRIVATE_KEY_PATH environment variable is not set")
+		slog.Error("RSA_PRIVATE_KEY_PATH environment variable is not set")
+		os.Exit(1)
 	}
 	domain := os.Getenv("APP_DOMAIN")
 	if domain == "" {
-		log.Fatal("APP_DOMAIN environment variable is not set")
+		slog.Error("APP_DOMAIN environment variable is not set")
+		os.Exit(1)
 	}
 	profileService, err := core.NewProfileService(userRepo, keyPath, domain)
 	if err != nil {
-		log.Fatalf("Failed to create profile service: %v", err)
+		slog.Error("Failed to create profile service", "error", err)
+		os.Exit(1)
 	}

 	modpacksStoragePath := os.Getenv("MODPACKS_STORAGE_PATH")
 	if modpacksStoragePath == "" {
-		log.Fatal("MODPACKS_STORAGE_PATH environment variable is not set")
+		slog.Error("MODPACKS_STORAGE_PATH environment variable is not set")
+		os.Exit(1)
 	}
 	janitorService := core.NewFileJanitorService(modpackRepo, modpacksStoragePath)

 	// --- Запуск фоновых задач ---
-	go serverPoller.Start(context.Background())
+	ctx, cancel := context.WithCancel(context.Background())
+	defer cancel()
+
+	go serverPoller.Start(ctx) // Передаем контекст для отмены

 	// --- Инициализация хендлеров ---
 	userHandler := &api.UserHandler{Service: userService}
@@ -58,29 +81,50 @@ func main() {
 	launcherHandler := &api.LauncherHandler{ModpackRepo: modpackRepo}
 	modpackHandler := &api.ModpackHandler{
 		ModpackRepo:    modpackRepo,
+		JobRepo:        jobRepo,
 		JanitorService: janitorService,
+		Hub:            hub,
 	}
-	adminUserHandler := &api.AdminUserHandler{UserRepo: userRepo} // Этот хендлер мы создали для админских функций
+	adminUserHandler := &api.AdminUserHandler{UserRepo: userRepo}

 	// --- Настройка роутера ---
 	r := chi.NewRouter()
-	r.Use(middleware.Logger)
+	r.Use(middleware.Logger) // Можно заменить на slog middleware, но пока оставим standard
 	r.Use(middleware.Recoverer)

+	// Health Check
+	r.Get("/health", func(w http.ResponseWriter, r *http.Request) {
+		w.WriteHeader(http.StatusOK)
+		w.Write([]byte("OK"))
+	})
+
 	// --- Публичные роуты ---
 	r.Route("/api", func(r chi.Router) {
-		r.Post("/register", userHandler.Register)
-		r.Post("/login", authHandler.Login)
+		// Rate limiting: 100 requests per minute for general API
+		r.Use(httprate.LimitByIP(100, time.Minute))
+
+		// Auth endpoints: stricter limit (10 requests per minute)
+		r.Group(func(r chi.Router) {
+			r.Use(httprate.LimitByIP(10, time.Minute))
+			r.Post("/register", userHandler.Register)
+			r.Post("/login", authHandler.Login)
+		})
+
 		r.Get("/servers", serverHandler.GetServers)

 		r.Route("/launcher", func(r chi.Router) {
 			r.Get("/modpacks/{name}/manifest", launcherHandler.GetModpackManifest)
+			r.Get("/modpacks/summary", launcherHandler.GetModpacksSummary)
 		})
 	})
 	r.Route("/authserver", func(r chi.Router) {
+		// Stricter rate limit for auth server (10 req/min)
+		r.Use(httprate.LimitByIP(10, time.Minute))
 		r.Post("/authenticate", authHandler.Authenticate)
 	})
 	r.Route("/sessionserver/session/minecraft", func(r chi.Router) {
+		// Rate limit for session endpoints (60 req/min)
+		r.Use(httprate.LimitByIP(60, time.Minute))
 		r.Post("/join", authHandler.Join)
 		r.Get("/profile/{uuid}", profileHandler.GetProfile)
 	})
@@ -91,25 +135,59 @@ func main() {

 		r.Route("/api/user", func(r chi.Router) {
 			r.Post("/skin", profileHandler.UploadSkin)
+			r.Get("/me", userHandler.GetMe)
 		})

 		r.Route("/api/admin", func(r chi.Router) {
 			r.Use(api.AdminMiddleware)

+			// WebSocket endpoint for jobs
+			r.Get("/ws/jobs", func(w http.ResponseWriter, r *http.Request) {
+				ws.ServeWs(hub, w, r)
+			})
+
 			r.Route("/modpacks", func(r chi.Router) {
+				r.Get("/", modpackHandler.GetModpacks)
 				r.Post("/import", modpackHandler.ImportModpack)
+				r.Post("/update", modpackHandler.UpdateModpack)
+				r.Get("/versions", modpackHandler.GetModpackVersions)
 			})

 			r.Route("/users", func(r chi.Router) {
-				// ИСПРАВЛЕНО: Используем adminUserHandler
 				r.Get("/", adminUserHandler.GetAllUsers)
 				r.Patch("/{id}/role", adminUserHandler.UpdateUserRole)
 			})
 		})
 	})

-	log.Println("Starting backend server on :8080")
-	if err := http.ListenAndServe(":8080", r); err != nil {
-		log.Fatalf("Failed to start server: %v", err)
+	// --- Graceful Shutdown ---
+	srv := &http.Server{
+		Addr:    ":8080",
+		Handler: r,
 	}
+
+	go func() {
+		slog.Info("Starting backend server on :8080")
+		if err := srv.ListenAndServe(); err != nil && err != http.ErrServerClosed {
+			slog.Error("Failed to start server", "error", err)
+			os.Exit(1)
+		}
+	}()
+
+	// Wait for interrupt signal to gracefully shutdown the server with a timeout.
+	quit := make(chan os.Signal, 1)
+	signal.Notify(quit, syscall.SIGINT, syscall.SIGTERM)
+	<-quit
+	slog.Info("Shutting down server...")
+
+	// The context is used to inform the server it has 5 seconds to finish
+	// the request it is currently handling
+	shutdownCtx, shutdownCancel := context.WithTimeout(context.Background(), 5*time.Second)
+	defer shutdownCancel()
+
+	if err := srv.Shutdown(shutdownCtx); err != nil {
+		slog.Error("Server forced to shutdown", "error", err)
+	}
+
+	slog.Info("Server exiting")
 }
--- a/go.mod
+++ b/go.mod
@@ -5,16 +5,26 @@ go 1.24.1
 require (
 	github.com/Tnze/go-mc v1.20.2
 	github.com/go-chi/chi/v5 v5.2.1
+	github.com/go-playground/validator/v10 v10.30.1
 	github.com/golang-jwt/jwt/v5 v5.2.2
 	github.com/google/uuid v1.6.0
+	github.com/gorilla/websocket v1.5.3
 	github.com/jackc/pgx/v5 v5.7.5
-	golang.org/x/crypto v0.39.0
+	golang.org/x/crypto v0.46.0
 )

 require (
+	github.com/gabriel-vasile/mimetype v1.4.12 // indirect
+	github.com/go-chi/httprate v0.15.0 // indirect
+	github.com/go-playground/locales v0.14.1 // indirect
+	github.com/go-playground/universal-translator v0.18.1 // indirect
 	github.com/jackc/pgpassfile v1.0.0 // indirect
 	github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 // indirect
 	github.com/jackc/puddle/v2 v2.2.2 // indirect
-	golang.org/x/sync v0.15.0 // indirect
-	golang.org/x/text v0.26.0 // indirect
+	github.com/klauspost/cpuid/v2 v2.2.10 // indirect
+	github.com/leodido/go-urn v1.4.0 // indirect
+	github.com/zeebo/xxh3 v1.0.2 // indirect
+	golang.org/x/sync v0.19.0 // indirect
+	golang.org/x/sys v0.39.0 // indirect
+	golang.org/x/text v0.32.0 // indirect
 )
--- a/go.sum
+++ b/go.sum
@@ -3,12 +3,26 @@ github.com/Tnze/go-mc v1.20.2/go.mod h1:geoRj2HsXSkB3FJBuhr7wCzXegRlzWsVXd7h7jiJ
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/gabriel-vasile/mimetype v1.4.12 h1:e9hWvmLYvtp846tLHam2o++qitpguFiYCKbn0w9jyqw=
+github.com/gabriel-vasile/mimetype v1.4.12/go.mod h1:d+9Oxyo1wTzWdyVUPMmXFvp4F9tea18J8ufA774AB3s=
 github.com/go-chi/chi/v5 v5.2.1 h1:KOIHODQj58PmL80G2Eak4WdvUzjSJSm0vG72crDCqb8=
 github.com/go-chi/chi/v5 v5.2.1/go.mod h1:L2yAIGWB3H+phAw1NxKwWM+7eUH/lU8pOMm5hHcoops=
+github.com/go-chi/httprate v0.15.0 h1:j54xcWV9KGmPf/X4H32/aTH+wBlrvxL7P+SdnRqxh5g=
+github.com/go-chi/httprate v0.15.0/go.mod h1:rzGHhVrsBn3IMLYDOZQsSU4fJNWcjui4fWKJcCId1R4=
+github.com/go-playground/assert/v2 v2.2.0 h1:JvknZsQTYeFEAhQwI4qEt9cyV5ONwRHC+lYKSsYSR8s=
+github.com/go-playground/assert/v2 v2.2.0/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4=
+github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/oXslEjJA=
+github.com/go-playground/locales v0.14.1/go.mod h1:hxrqLVvrK65+Rwrd5Fc6F2O76J/NuW9t0sjnWqG1slY=
+github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJnYK9S473LQFuzCbDbfSFY=
+github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY=
+github.com/go-playground/validator/v10 v10.30.1 h1:f3zDSN/zOma+w6+1Wswgd9fLkdwy06ntQJp0BBvFG0w=
+github.com/go-playground/validator/v10 v10.30.1/go.mod h1:oSuBIQzuJxL//3MelwSLD5hc2Tu889bF0Idm9Dg26cM=
 github.com/golang-jwt/jwt/v5 v5.2.2 h1:Rl4B7itRWVtYIHFrSNd7vhTiz9UpLdi6gZhZ3wEeDy8=
 github.com/golang-jwt/jwt/v5 v5.2.2/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
 github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
 github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/gorilla/websocket v1.5.3 h1:saDtZ6Pbx/0u+bgYQ3q96pZgCzfhKXGPqt7kZ72aNNg=
+github.com/gorilla/websocket v1.5.3/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
 github.com/jackc/pgpassfile v1.0.0 h1:/6Hmqy13Ss2zCq62VdNG8tM1wchn8zjSGOBJ6icpsIM=
 github.com/jackc/pgpassfile v1.0.0/go.mod h1:CEx0iS5ambNFdcRtxPj5JhEz+xB6uRky5eyVu/W2HEg=
 github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 h1:iCEnooe7UlwOQYpKFhBabPMi4aNAfoODPEFNiAnClxo=
@@ -17,19 +31,27 @@ github.com/jackc/pgx/v5 v5.7.5 h1:JHGfMnQY+IEtGM63d+NGMjoRpysB2JBwDr5fsngwmJs=
 github.com/jackc/pgx/v5 v5.7.5/go.mod h1:aruU7o91Tc2q2cFp5h4uP3f6ztExVpyVv88Xl/8Vl8M=
 github.com/jackc/puddle/v2 v2.2.2 h1:PR8nw+E/1w0GLuRFSmiioY6UooMp6KJv0/61nB7icHo=
 github.com/jackc/puddle/v2 v2.2.2/go.mod h1:vriiEXHvEE654aYKXXjOvZM39qJ0q+azkZFrfEOc3H4=
+github.com/klauspost/cpuid/v2 v2.2.10 h1:tBs3QSyvjDyFTq3uoc/9xFpCuOsJQFNPiAhYdw2skhE=
+github.com/klauspost/cpuid/v2 v2.2.10/go.mod h1:hqwkgyIinND0mEev00jJYCxPNVRVXFQeu1XKlok6oO0=
+github.com/leodido/go-urn v1.4.0 h1:WT9HwE9SGECu3lg4d/dIA+jxlljEa1/ffXKmRjqdmIQ=
+github.com/leodido/go-urn v1.4.0/go.mod h1:bvxc+MVxLKB4z00jd1z+Dvzr47oO32F/QSNjSBOlFxI=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk=
-github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
-golang.org/x/crypto v0.39.0 h1:SHs+kF4LP+f+p14esP5jAoDpHU8Gu/v9lFRK6IT5imM=
-golang.org/x/crypto v0.39.0/go.mod h1:L+Xg3Wf6HoL4Bn4238Z6ft6KfEpN0tJGo53AAPC632U=
-golang.org/x/sync v0.15.0 h1:KWH3jNZsfyT6xfAfKiz6MRNmd46ByHDYaZ7KSkCtdW8=
-golang.org/x/sync v0.15.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
-golang.org/x/text v0.26.0 h1:P42AVeLghgTYr4+xUnTRKDMqpar+PtX7KWuNQL21L8M=
-golang.org/x/text v0.26.0/go.mod h1:QK15LZJUUQVJxhz7wXgxSy/CJaTFjd0G+YLonydOVQA=
+github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
+github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
+github.com/zeebo/xxh3 v1.0.2 h1:xZmwmqxHZA8AI603jOQ0tMqmBr9lPeFwGg6d+xy9DC0=
+github.com/zeebo/xxh3 v1.0.2/go.mod h1:5NWz9Sef7zIDm2JHfFlcQvNekmcEl9ekUZQQKCYaDcA=
+golang.org/x/crypto v0.46.0 h1:cKRW/pmt1pKAfetfu+RCEvjvZkA9RimPbh7bhFjGVBU=
+golang.org/x/crypto v0.46.0/go.mod h1:Evb/oLKmMraqjZ2iQTwDwvCtJkczlDuTmdJXoZVzqU0=
+golang.org/x/sync v0.19.0 h1:vV+1eWNmZ5geRlYjzm2adRgW2/mcpevXNg50YZtPCE4=
+golang.org/x/sync v0.19.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
+golang.org/x/sys v0.39.0 h1:CvCKL8MeisomCi6qNZ+wbb0DN9E5AATixKsvNtMoMFk=
+golang.org/x/sys v0.39.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
+golang.org/x/text v0.32.0 h1:ZD01bjUt1FQ9WJ0ClOL5vxgxOI/sVCNgX1YtKwcY0mU=
+golang.org/x/text v0.32.0/go.mod h1:o/rUWzghvpD5TXrTIBuJU77MTaN0ljMWE47kxGJQ7jY=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
--- a/internal/api/auth_handler.go
+++ b/internal/api/auth_handler.go
@@ -3,11 +3,12 @@ package api
 import (
 	"encoding/json"
 	"errors"
-	"log"
+	"log/slog"
 	"net/http"

 	"gitea.mrixs.me/minecraft-platform/backend/internal/core"
 	"gitea.mrixs.me/minecraft-platform/backend/internal/models"
+	"gitea.mrixs.me/minecraft-platform/backend/internal/utils"
 )

 type AuthHandler struct {
@@ -27,6 +28,13 @@ func (h *AuthHandler) Authenticate(w http.ResponseWriter, r *http.Request) {
 		return
 	}

+	if validationErrors := utils.ValidateStruct(req); validationErrors != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusBadRequest)
+		json.NewEncoder(w).Encode(validationErrors)
+		return
+	}
+
 	response, err := h.Service.Authenticate(r.Context(), req)
 	if err != nil {
 		if errors.Is(err, core.ErrInvalidCredentials) {
@@ -40,7 +48,7 @@ func (h *AuthHandler) Authenticate(w http.ResponseWriter, r *http.Request) {
 		}

 		// Другие ошибки - внутренние
-		log.Printf("internal server error during authentication: %v", err)
+		slog.Error("internal server error during authentication", "error", err)
 		http.Error(w, "Internal server error", http.StatusInternalServerError)
 		return
 	}
@@ -57,6 +65,13 @@ func (h *AuthHandler) Join(w http.ResponseWriter, r *http.Request) {
 		return
 	}

+	if validationErrors := utils.ValidateStruct(req); validationErrors != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusBadRequest)
+		json.NewEncoder(w).Encode(validationErrors)
+		return
+	}
+
 	err := h.Service.ValidateJoinRequest(r.Context(), req)
 	if err != nil {
 		if errors.Is(err, core.ErrInvalidCredentials) {
@@ -69,7 +84,7 @@ func (h *AuthHandler) Join(w http.ResponseWriter, r *http.Request) {
 			return
 		}

-		log.Printf("internal server error during join: %v", err)
+		slog.Error("internal server error during join", "error", err)
 		http.Error(w, "Internal server error", http.StatusInternalServerError)
 		return
 	}
@@ -84,13 +99,20 @@ func (h *AuthHandler) Login(w http.ResponseWriter, r *http.Request) {
 		return
 	}

+	if validationErrors := utils.ValidateStruct(req); validationErrors != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusBadRequest)
+		json.NewEncoder(w).Encode(validationErrors)
+		return
+	}
+
 	token, user, err := h.Service.LoginUser(r.Context(), req)
 	if err != nil {
 		if errors.Is(err, core.ErrInvalidCredentials) {
 			http.Error(w, "Invalid username or password", http.StatusUnauthorized)
 			return
 		}
-		log.Printf("internal server error during login: %v", err)
+		slog.Error("internal server error during login", "error", err)
 		http.Error(w, "Internal server error", http.StatusInternalServerError)
 		return
 	}
--- a/internal/api/launcher_handler.go
+++ b/internal/api/launcher_handler.go
@@ -35,3 +35,15 @@ func (h *LauncherHandler) GetModpackManifest(w http.ResponseWriter, r *http.Requ
 	w.WriteHeader(http.StatusOK)
 	json.NewEncoder(w).Encode(manifest)
 }
+
+func (h *LauncherHandler) GetModpacksSummary(w http.ResponseWriter, r *http.Request) {
+	summaries, err := h.ModpackRepo.GetModpacksSummary(r.Context())
+	if err != nil {
+		http.Error(w, "Failed to get modpacks summary", http.StatusInternalServerError)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(http.StatusOK)
+	json.NewEncoder(w).Encode(summaries)
+}
--- a/internal/api/middleware.go
+++ b/internal/api/middleware.go
@@ -16,15 +16,25 @@ const ClaimsContextKey = contextKey("claims")
 // AuthMiddleware проверяет JWT токен и добавляет claims в контекст запроса.
 func AuthMiddleware(next http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		var tokenString string
+
+		// 1. Проверяем заголовок Authorization
 		authHeader := r.Header.Get("Authorization")
-		if authHeader == "" {
-			http.Error(w, "Authorization header required", http.StatusUnauthorized)
-			return
+		if authHeader != "" {
+			tokenString = strings.TrimPrefix(authHeader, "Bearer ")
+			if tokenString == authHeader { // Не было префикса Bearer
+				http.Error(w, "Invalid token format", http.StatusUnauthorized)
+				return
+			}
 		}

-		tokenString := strings.TrimPrefix(authHeader, "Bearer ")
-		if tokenString == authHeader {
-			http.Error(w, "Invalid token format", http.StatusUnauthorized)
+		// 2. Если заголовка нет, проверяем параметр query (для WebSocket)
+		if tokenString == "" {
+			tokenString = r.URL.Query().Get("token")
+		}
+
+		if tokenString == "" {
+			http.Error(w, "Authorization required", http.StatusUnauthorized)
 			return
 		}

--- a/internal/api/modpack_handler.go
+++ b/internal/api/modpack_handler.go
@@ -2,57 +2,64 @@ package api

 import (
 	"context"
+	"encoding/json"
 	"fmt"
 	"io"
+	"log/slog"
 	"net/http"
+	"net/url"
 	"os"
+	"path"

 	"gitea.mrixs.me/minecraft-platform/backend/internal/core"
 	"gitea.mrixs.me/minecraft-platform/backend/internal/core/importer"
 	"gitea.mrixs.me/minecraft-platform/backend/internal/database"
 	"gitea.mrixs.me/minecraft-platform/backend/internal/models"
+	"gitea.mrixs.me/minecraft-platform/backend/internal/ws"
 )

 type ModpackHandler struct {
 	ModpackRepo    *database.ModpackRepository
+	JobRepo        *database.JobRepository
 	JanitorService *core.FileJanitorService
+	Hub            *ws.Hub
 }

-// ImportModpack обрабатывает загрузку и импорт модпака.
+// ImportJobParams содержит параметры для фоновой задачи импорта
+type ImportJobParams struct {
+	ImporterType string
+	ImportMethod string
+	SourceURL    string
+	TempZipPath  string
+	Name         string
+	DisplayName  string
+	MCVersion    string
+}
+
+// ImportModpack обрабатывает запрос на импорт и запускает асинхронную задачу
 func (h *ModpackHandler) ImportModpack(w http.ResponseWriter, r *http.Request) {
 	if err := r.ParseMultipartForm(512 << 20); err != nil {
 		http.Error(w, "File too large", http.StatusBadRequest)
 		return
 	}

-	importerType := r.FormValue("importerType")
-	importMethod := r.FormValue("importMethod")
-	sourceURL := r.FormValue("sourceUrl")
+	params := ImportJobParams{
+		ImporterType: r.FormValue("importerType"),
+		ImportMethod: r.FormValue("importMethod"),
+		SourceURL:    r.FormValue("sourceUrl"),
+		Name:         r.FormValue("name"),
+		DisplayName:  r.FormValue("displayName"),
+		MCVersion:    r.FormValue("mcVersion"),
+	}

-	var tempZipPath string
-	var err error
-
-	// --- Выбираем импортер ---
-	var imp importer.ModpackImporter
-	storagePath := os.Getenv("MODPACKS_STORAGE_PATH")
-
-	switch importerType {
-	case "simple":
-		imp = &importer.SimpleZipImporter{StoragePath: storagePath}
-	case "curseforge":
-		apiKey := os.Getenv("CURSEFORGE_API_KEY")
-		if apiKey == "" {
-			http.Error(w, "CurseForge API key is not configured on the server", http.StatusInternalServerError)
-			return
-		}
-		imp = importer.NewCurseForgeImporter(storagePath, apiKey)
-	default:
-		http.Error(w, "Invalid importer type", http.StatusBadRequest)
+	// Валидация
+	if params.Name == "" || params.DisplayName == "" || params.MCVersion == "" {
+		http.Error(w, "Missing required fields", http.StatusBadRequest)
 		return
 	}

-	// --- Получаем zip-файл ---
-	if importMethod == "file" {
+	// Обработка загрузки файла
+	if params.ImportMethod == "file" {
 		file, _, err := r.FormFile("file")
 		if err != nil {
 			http.Error(w, "Invalid file upload", http.StatusBadRequest)
@@ -65,55 +72,389 @@ func (h *ModpackHandler) ImportModpack(w http.ResponseWriter, r *http.Request) {
 			http.Error(w, "Could not create temp file", http.StatusInternalServerError)
 			return
 		}
-		defer tempFile.Close()
-		defer os.Remove(tempFile.Name())
+		// Не удаляем файл здесь, так как он нужен worker-у. Удалим в worker-е.
+		// defer os.Remove(tempFile.Name())

 		if _, err := io.Copy(tempFile, file); err != nil {
+			tempFile.Close()
+			os.Remove(tempFile.Name())
 			http.Error(w, "Could not save temp file", http.StatusInternalServerError)
 			return
 		}
-		tempZipPath = tempFile.Name()
-
-	} else if importMethod == "url" {
-		cfImporter, ok := imp.(*importer.CurseForgeImporter)
-		if !ok {
-			http.Error(w, "Importer type does not support URL import", http.StatusBadRequest)
-			return
-		}
-		tempZipPath, err = cfImporter.DownloadModpackFromURL(sourceURL)
-		if err != nil {
-			http.Error(w, fmt.Sprintf("Failed to download from URL: %v", err), http.StatusInternalServerError)
-			return
-		}
-		defer os.Remove(tempZipPath)
-
-	} else {
-		http.Error(w, "Invalid import method", http.StatusBadRequest)
-		return
+		tempFile.Close()
+		params.TempZipPath = tempFile.Name()
 	}

-	// --- Запускаем импорт ---
-	files, err := imp.Import(tempZipPath)
+	// Создаем задачу в БД
+	jobID, err := h.JobRepo.CreateJob(r.Context())
 	if err != nil {
-		http.Error(w, fmt.Sprintf("Import failed: %v", err), http.StatusInternalServerError)
+		if params.ImportMethod == "file" {
+			os.Remove(params.TempZipPath)
+		}
+		http.Error(w, fmt.Sprintf("Failed to create job: %v", err), http.StatusInternalServerError)
 		return
 	}

-	// --- Сохраняем результат в БД ---
+	// Запускаем worker
+	go h.processImportJob(jobID, params)
+
+	// Отправляем ответ
+	w.WriteHeader(http.StatusAccepted)
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"job_id":  jobID,
+		"message": "Import job started",
+	})
+}
+
+// processImportJob выполняет импорт в фоне
+func (h *ModpackHandler) processImportJob(jobID int, params ImportJobParams) {
+	ctx := context.Background()
+	h.updateJobStatus(ctx, jobID, models.JobStatusDownloading, 10, "")
+
+	// Очистка временного файла по завершении
+	if params.TempZipPath != "" {
+		defer os.Remove(params.TempZipPath)
+	}
+
+	storagePath := os.Getenv("MODPACKS_STORAGE_PATH")
+	var imp importer.ModpackImporter
+
+	// Настройка импортера
+	switch params.ImporterType {
+	case "simple":
+		imp = &importer.SimpleZipImporter{StoragePath: storagePath}
+	case "curseforge":
+		apiKey := os.Getenv("CURSEFORGE_API_KEY")
+		if apiKey == "" {
+			h.updateJobStatus(ctx, jobID, models.JobStatusFailed, 0, "CurseForge API key missing")
+			return
+		}
+		imp = importer.NewCurseForgeImporter(storagePath, apiKey)
+	case "modrinth":
+		imp = importer.NewModrinthImporter(storagePath)
+	default:
+		h.updateJobStatus(ctx, jobID, models.JobStatusFailed, 0, "Invalid importer type")
+		return
+	}
+
+	// Загрузка по URL если нужно
+	if params.ImportMethod == "url" {
+		h.updateJobStatus(ctx, jobID, models.JobStatusDownloading, 20, "Downloading from URL...")
+
+		// Логика скачивания зависит от типа импортера, пока поддерживаем CurseForge
+		// TODO: Сделать интерфейс DownloadableImporter
+		if cfImporter, ok := imp.(*importer.CurseForgeImporter); ok {
+			zipPath, err := cfImporter.DownloadModpackFromURL(params.SourceURL)
+			if err != nil {
+				h.updateJobStatus(ctx, jobID, models.JobStatusFailed, 0, fmt.Sprintf("Download failed: %v", err))
+				return
+			}
+			params.TempZipPath = zipPath
+			defer os.Remove(zipPath) // Удаляем скачанный файл после обработки
+		} else {
+			// Для других типов пока не поддерживаем URL download внутри импортера
+			h.updateJobStatus(ctx, jobID, models.JobStatusFailed, 0, "URL import not supported for this type")
+			return
+		}
+	}
+
+	h.updateJobStatus(ctx, jobID, models.JobStatusProcessing, 40, "Processing modpack files...")
+
+	// Импорт файлов
+	files, err := imp.Import(params.TempZipPath)
+	if err != nil {
+		h.updateJobStatus(ctx, jobID, models.JobStatusFailed, 0, fmt.Sprintf("Import failed: %v", err))
+		return
+	}
+
+	h.updateJobStatus(ctx, jobID, models.JobStatusProcessing, 80, "Saving to database...")
+
+	// Сохранение в БД
 	modpack := &models.Modpack{
-		Name:             r.FormValue("name"),
-		DisplayName:      r.FormValue("displayName"),
-		MinecraftVersion: r.FormValue("mcVersion"),
+		Name:             params.Name,
+		DisplayName:      params.DisplayName,
+		MinecraftVersion: params.MCVersion,
 	}

-	err = h.ModpackRepo.CreateModpackTx(r.Context(), modpack, files)
+	err = h.ModpackRepo.CreateModpackTx(ctx, modpack, files)
 	if err != nil {
-		http.Error(w, fmt.Sprintf("Database save failed: %v", err), http.StatusInternalServerError)
+		h.updateJobStatus(ctx, jobID, models.JobStatusFailed, 0, fmt.Sprintf("Database save failed: %v", err))
 		return
 	}

-	w.WriteHeader(http.StatusCreated)
-	fmt.Fprintf(w, "Modpack '%s' imported successfully with %d files.", modpack.DisplayName, len(files))
+	h.updateJobStatus(ctx, jobID, models.JobStatusCompleted, 100, "Success")

+	// Запуск Janitor-а
+	go h.JanitorService.CleanOrphanedFiles(context.Background())
+}
+
+// updateJobStatus обновляет статус в БД и отправляет уведомление через WebSocket
+func (h *ModpackHandler) updateJobStatus(ctx context.Context, jobID int, status models.ImportJobStatus, progress int, errMsg string) {
+	// Обновляем БД
+	if err := h.JobRepo.UpdateJobStatus(ctx, jobID, status, progress, errMsg); err != nil {
+		slog.Error("Failed to update job status in DB", "jobID", jobID, "error", err)
+	}
+
+	// Отправляем в WebSocket
+	update := map[string]interface{}{
+		"job_id":        jobID,
+		"status":        status,
+		"progress":      progress,
+		"error_message": errMsg,
+	}
+	msg, _ := json.Marshal(update)
+	h.Hub.BroadcastMessage(msg)
+}
+
+// ModpackVersionResponse представляет версию модпака для ответа API
+type ModpackVersionResponse struct {
+	FileID       int      `json:"file_id"`
+	DisplayName  string   `json:"display_name"`
+	FileName     string   `json:"file_name"`
+	FileDate     string   `json:"file_date"`
+	GameVersions []string `json:"game_versions"`
+}
+
+// GetModpackVersions возвращает список доступных версий для модпака по URL
+func (h *ModpackHandler) GetModpackVersions(w http.ResponseWriter, r *http.Request) {
+	pageURL := r.URL.Query().Get("url")
+	if pageURL == "" {
+		http.Error(w, "Missing 'url' query parameter", http.StatusBadRequest)
+		return
+	}
+
+	apiKey := os.Getenv("CURSEFORGE_API_KEY")
+	if apiKey == "" {
+		http.Error(w, "CurseForge API key not configured", http.StatusInternalServerError)
+		return
+	}
+
+	cfImporter := importer.NewCurseForgeImporter("", apiKey)
+
+	// Извлекаем slug из URL
+	parsedURL, err := parseModpackURL(pageURL)
+	if err != nil {
+		http.Error(w, fmt.Sprintf("Invalid URL: %v", err), http.StatusBadRequest)
+		return
+	}
+
+	// Ищем проект по slug
+	projectID, err := cfImporter.FindModpackBySlug(parsedURL)
+	if err != nil {
+		http.Error(w, fmt.Sprintf("Modpack not found: %v", err), http.StatusNotFound)
+		return
+	}
+
+	// Получаем список файлов (версий)
+	files, err := cfImporter.GetModpackFiles(projectID)
+	if err != nil {
+		http.Error(w, fmt.Sprintf("Failed to get versions: %v", err), http.StatusInternalServerError)
+		return
+	}
+
+	// Преобразуем в ответ
+	var versions []ModpackVersionResponse
+	for _, f := range files {
+		versions = append(versions, ModpackVersionResponse{
+			FileID:       f.ID,
+			DisplayName:  f.DisplayName,
+			FileName:     f.FileName,
+			FileDate:     f.FileDate,
+			GameVersions: f.GameVersions,
+		})
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(versions)
+}
+
+// parseModpackURL извлекает slug из URL страницы CurseForge
+func parseModpackURL(rawURL string) (string, error) {
+	parsed, err := url.Parse(rawURL)
+	if err != nil {
+		return "", err
+	}
+	// URL вида https://www.curseforge.com/minecraft/modpacks/all-the-mods-9
+	// path.Base вернет "all-the-mods-9"
+	slug := path.Base(parsed.Path)
+	if slug == "" || slug == "." || slug == "/" {
+		return "", fmt.Errorf("could not extract modpack slug from URL")
+	}
+	return slug, nil
+}
+
+// GetModpacks возвращает список всех модпаков для админки
+func (h *ModpackHandler) GetModpacks(w http.ResponseWriter, r *http.Request) {
+	modpacks, err := h.ModpackRepo.GetAllModpacks(r.Context())
+	if err != nil {
+		slog.Error("Failed to get modpacks", "error", err)
+		http.Error(w, "Failed to get modpacks", http.StatusInternalServerError)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(modpacks)
+}
+
+// UpdateJobParams содержит параметры для фоновой задачи обновления
+type UpdateJobParams struct {
+	ImporterType string
+	ImportMethod string
+	SourceURL    string
+	TempZipPath  string
+	ModpackID    int
+	ModpackName  string
+	MCVersion    string
+}
+
+// UpdateModpack обрабатывает запрос на обновление модпака
+func (h *ModpackHandler) UpdateModpack(w http.ResponseWriter, r *http.Request) {
+	if err := r.ParseMultipartForm(512 << 20); err != nil {
+		http.Error(w, "File too large", http.StatusBadRequest)
+		return
+	}
+
+	modpackName := r.FormValue("modpackName")
+	if modpackName == "" {
+		http.Error(w, "Missing modpack name", http.StatusBadRequest)
+		return
+	}
+
+	// Получаем модпак по имени
+	modpack, err := h.ModpackRepo.GetModpackByName(r.Context(), modpackName)
+	if err != nil {
+		http.Error(w, "Modpack not found", http.StatusNotFound)
+		return
+	}
+
+	params := UpdateJobParams{
+		ImporterType: r.FormValue("importerType"),
+		ImportMethod: r.FormValue("importMethod"),
+		SourceURL:    r.FormValue("sourceUrl"),
+		ModpackID:    modpack.ID,
+		ModpackName:  modpackName,
+		MCVersion:    r.FormValue("mcVersion"),
+	}
+
+	if params.MCVersion == "" {
+		params.MCVersion = modpack.MinecraftVersion
+	}
+
+	// Обработка загрузки файла
+	if params.ImportMethod == "file" {
+		file, _, err := r.FormFile("file")
+		if err != nil {
+			http.Error(w, "Invalid file upload", http.StatusBadRequest)
+			return
+		}
+		defer file.Close()
+
+		tempFile, err := os.CreateTemp("", "modpack-update-*.zip")
+		if err != nil {
+			http.Error(w, "Could not create temp file", http.StatusInternalServerError)
+			return
+		}
+
+		if _, err := io.Copy(tempFile, file); err != nil {
+			tempFile.Close()
+			os.Remove(tempFile.Name())
+			http.Error(w, "Could not save temp file", http.StatusInternalServerError)
+			return
+		}
+		tempFile.Close()
+		params.TempZipPath = tempFile.Name()
+	}
+
+	// Создаем задачу в БД
+	jobID, err := h.JobRepo.CreateJob(r.Context())
+	if err != nil {
+		if params.ImportMethod == "file" {
+			os.Remove(params.TempZipPath)
+		}
+		http.Error(w, fmt.Sprintf("Failed to create job: %v", err), http.StatusInternalServerError)
+		return
+	}
+
+	// Запускаем worker
+	go h.processUpdateJob(jobID, params)
+
+	// Отправляем ответ
+	w.WriteHeader(http.StatusAccepted)
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"job_id":  jobID,
+		"message": "Update job started",
+	})
+}
+
+// processUpdateJob выполняет обновление модпака в фоне
+func (h *ModpackHandler) processUpdateJob(jobID int, params UpdateJobParams) {
+	ctx := context.Background()
+	h.updateJobStatus(ctx, jobID, models.JobStatusDownloading, 10, "")
+
+	// Очистка временного файла по завершении
+	if params.TempZipPath != "" {
+		defer os.Remove(params.TempZipPath)
+	}
+
+	storagePath := os.Getenv("MODPACKS_STORAGE_PATH")
+	var imp importer.ModpackImporter
+
+	// Настройка импортера
+	switch params.ImporterType {
+	case "simple":
+		imp = &importer.SimpleZipImporter{StoragePath: storagePath}
+	case "curseforge":
+		apiKey := os.Getenv("CURSEFORGE_API_KEY")
+		if apiKey == "" {
+			h.updateJobStatus(ctx, jobID, models.JobStatusFailed, 0, "CurseForge API key missing")
+			return
+		}
+		imp = importer.NewCurseForgeImporter(storagePath, apiKey)
+	case "modrinth":
+		imp = importer.NewModrinthImporter(storagePath)
+	default:
+		h.updateJobStatus(ctx, jobID, models.JobStatusFailed, 0, "Invalid importer type")
+		return
+	}
+
+	// Загрузка по URL если нужно
+	if params.ImportMethod == "url" {
+		h.updateJobStatus(ctx, jobID, models.JobStatusDownloading, 20, "Downloading from URL...")
+
+		if cfImporter, ok := imp.(*importer.CurseForgeImporter); ok {
+			zipPath, err := cfImporter.DownloadModpackFromURL(params.SourceURL)
+			if err != nil {
+				h.updateJobStatus(ctx, jobID, models.JobStatusFailed, 0, fmt.Sprintf("Download failed: %v", err))
+				return
+			}
+			params.TempZipPath = zipPath
+			defer os.Remove(zipPath)
+		} else {
+			h.updateJobStatus(ctx, jobID, models.JobStatusFailed, 0, "URL import not supported for this type")
+			return
+		}
+	}
+
+	h.updateJobStatus(ctx, jobID, models.JobStatusProcessing, 40, "Processing modpack files...")
+
+	// Импорт файлов
+	files, err := imp.Import(params.TempZipPath)
+	if err != nil {
+		h.updateJobStatus(ctx, jobID, models.JobStatusFailed, 0, fmt.Sprintf("Import failed: %v", err))
+		return
+	}
+
+	h.updateJobStatus(ctx, jobID, models.JobStatusProcessing, 80, "Updating database...")
+
+	// Обновление в БД
+	err = h.ModpackRepo.UpdateModpackTx(ctx, params.ModpackID, params.MCVersion, files)
+	if err != nil {
+		h.updateJobStatus(ctx, jobID, models.JobStatusFailed, 0, fmt.Sprintf("Database update failed: %v", err))
+		return
+	}
+
+	h.updateJobStatus(ctx, jobID, models.JobStatusCompleted, 100, "Success")
+
+	// Запуск Janitor-а
 	go h.JanitorService.CleanOrphanedFiles(context.Background())
 }
--- a/internal/api/openapi.yaml
+++ b/internal/api/openapi.yaml
@@ -0,0 +1,480 @@
+openapi: 3.0.3
+info:
+  title: Minecraft Platform API
+  description: API for Minecraft Server Platform handling auth, skins, modpacks, and servers.
+  version: 1.0.0
+servers:
+  - url: http://localhost:8080
+    description: Local development server
+
+components:
+  securitySchemes:
+    bearerAuth:
+      type: http
+      scheme: bearer
+      bearerFormat: JWT
+
+security:
+  - bearerAuth: []
+
+paths:
+  # --- Public Auth & User Registration ---
+  /api/register:
+    post:
+      summary: Register a new user
+      tags: [Auth]
+      security: []
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              type: object
+              required: [username, email, password]
+              properties:
+                username:
+                  type: string
+                email:
+                  type: string
+                  format: email
+                password:
+                  type: string
+                  format: password
+      responses:
+        201:
+          description: User registered successfully
+        400:
+          description: Validation error
+
+  /api/login:
+    post:
+      summary: Login user
+      tags: [Auth]
+      security: []
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              type: object
+              required: [email, password]
+              properties:
+                email:
+                  type: string
+                  format: email
+                password:
+                  type: string
+                  format: password
+      responses:
+        200:
+          description: Login successful
+          content:
+            application/json:
+              schema:
+                type: object
+                properties:
+                  token:
+                    type: string
+                  user:
+                    $ref: '#/components/schemas/User'
+        401:
+          description: Invalid credentials
+
+  # --- Auth Server (Launcher Integration) ---
+  /authserver/authenticate:
+    post:
+      summary: Authenticate (Launcher flow)
+      tags: [Auth]
+      security: []
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              type: object
+              properties:
+                username:
+                  type: string
+                password:
+                  type: string
+      responses:
+        200:
+          description: Authenticated
+          content:
+            application/json:
+              schema:
+                type: object
+                properties:
+                  accessToken:
+                    type: string
+                  clientToken:
+                    type: string
+                  selectedProfile:
+                    $ref: '#/components/schemas/GameProfile'
+
+  # --- Session Server ---
+  /sessionserver/session/minecraft/join:
+    post:
+      summary: Join server (Client-side)
+      tags: [Auth]
+      security: []
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              type: object
+              properties:
+                accessToken:
+                  type: string
+                selectedProfile:
+                  type: string
+                serverId:
+                  type: string
+      responses:
+        204:
+          description: Joined successfully
+
+  /sessionserver/session/minecraft/profile/{uuid}:
+    get:
+      summary: Get user profile (Server-side check)
+      tags: [User]
+      security: []
+      parameters:
+        - in: path
+          name: uuid
+          schema:
+            type: string
+          required: true
+      responses:
+        200:
+          description: Profile data
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GameProfile'
+
+  # --- User Endpoints ---
+  /api/user/me:
+    get:
+      summary: Get current user info
+      tags: [User]
+      responses:
+        200:
+          description: Current user
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/User'
+
+  /api/user/skin:
+    post:
+      summary: Upload skin
+      tags: [User]
+      requestBody:
+        content:
+          multipart/form-data:
+            schema:
+              type: object
+              properties:
+                file:
+                  type: string
+                  format: binary
+      responses:
+        200:
+          description: Skin uploaded
+
+  # --- Servers ---
+  /api/servers:
+    get:
+      summary: Get game servers list
+      tags: [Servers]
+      security: []
+      responses:
+        200:
+          description: List of servers
+          content:
+            application/json:
+              schema:
+                type: array
+                items:
+                  $ref: '#/components/schemas/GameServer'
+
+  # --- Launcher ---
+  /api/launcher/modpacks/summary:
+    get:
+      summary: Get modpacks summary (for launcher)
+      tags: [Launcher]
+      security: []
+      responses:
+        200:
+          description: List of modpacks
+          content:
+            application/json:
+              schema:
+                type: array
+                items:
+                  type: object
+                  properties:
+                    name:
+                      type: string
+                    updated_at:
+                      type: string
+                      format: date-time
+
+  /api/launcher/modpacks/{name}/manifest:
+    get:
+      summary: Get modpack manifest
+      tags: [Launcher]
+      security: []
+      parameters:
+        - in: path
+          name: name
+          required: true
+          schema:
+            type: string
+      responses:
+        200:
+          description: Modpack manifest
+          content:
+            application/json:
+              schema:
+                type: array
+                items:
+                  type: object
+                  properties:
+                    path:
+                      type: string
+                    hash:
+                      type: string
+                    size:
+                      type: integer
+
+  # --- Admin / Modpacks ---
+  /api/admin/modpacks:
+    get:
+      summary: Get all modpacks (Admin)
+      tags: [Admin]
+      responses:
+        200:
+          description: List of full modpack details
+          content:
+            application/json:
+              schema:
+                type: array
+                items:
+                  $ref: '#/components/schemas/Modpack'
+
+  /api/admin/modpacks/import:
+    post:
+      summary: Import new modpack
+      tags: [Admin]
+      requestBody:
+        content:
+          multipart/form-data:
+            schema:
+              type: object
+              properties:
+                name:
+                  type: string
+                displayName:
+                  type: string
+                mcVersion:
+                  type: string
+                importerType:
+                  type: string
+                  enum: [simple, curseforge, modrinth]
+                importMethod:
+                  type: string
+                  enum: [file, url]
+                sourceUrl:
+                  type: string
+                file:
+                  type: string
+                  format: binary
+      responses:
+        202:
+          description: Job started
+          content:
+            application/json:
+              schema:
+                type: object
+                properties:
+                  job_id:
+                    type: integer
+                  message:
+                    type: string
+
+  /api/admin/modpacks/update:
+    post:
+      summary: Update existing modpack
+      tags: [Admin]
+      requestBody:
+        content:
+          multipart/form-data:
+            schema:
+              type: object
+              properties:
+                modpackName:
+                  type: string
+                mcVersion:
+                  type: string
+                importerType:
+                  type: string
+                importMethod:
+                  type: string
+                sourceUrl:
+                  type: string
+                file:
+                  type: string
+                  format: binary
+      responses:
+        202:
+          description: Job started
+
+  /api/admin/modpacks/versions:
+    get:
+      summary: Get modpack versions (CurseForge)
+      tags: [Admin]
+      parameters:
+        - in: query
+          name: url
+          required: true
+          schema:
+            type: string
+      responses:
+        200:
+          description: List of versions
+          content:
+            application/json:
+              schema:
+                type: array
+                items:
+                  type: object
+                  properties:
+                    file_id:
+                      type: integer
+                    display_name:
+                      type: string
+                    game_versions:
+                      type: array
+                      items:
+                        type: string
+
+  # --- Admin / Users ---
+  /api/admin/users:
+    get:
+      summary: Get all users
+      tags: [Admin]
+      responses:
+        200:
+          description: List of users
+          content:
+            application/json:
+              schema:
+                type: array
+                items:
+                  $ref: '#/components/schemas/User'
+
+  /api/admin/users/{id}/role:
+    patch:
+      summary: Update user role
+      tags: [Admin]
+      parameters:
+        - in: path
+          name: id
+          required: true
+          schema:
+            type: integer
+      requestBody:
+        content:
+          application/json:
+            schema:
+              type: object
+              properties:
+                role:
+                  type: string
+                  enum: [user, admin]
+      responses:
+        200:
+          description: Role updated
+
+components:
+  schemas:
+    User:
+      type: object
+      properties:
+        id:
+          type: integer
+        username:
+          type: string
+        email:
+          type: string
+        role:
+          type: string
+        created_at:
+          type: string
+          format: date-time
+    
+    GameProfile:
+      type: object
+      properties:
+        id:
+          type: string
+        name:
+          type: string
+        properties:
+          type: array
+          items:
+            type: object
+            properties:
+              name:
+                type: string
+              value:
+                type: string
+              signature:
+                type: string
+
+    GameServer:
+      type: object
+      properties:
+        id:
+          type: integer
+        name:
+          type: string
+        address:
+          type: string
+        is_enabled:
+          type: boolean
+        motd:
+          type: string
+        player_count:
+          type: integer
+        max_players:
+          type: integer
+        version_name:
+          type: string
+        ping_proxy_server:
+          type: integer
+        bluemap_url:
+          type: string
+
+    Modpack:
+      type: object
+      properties:
+        id:
+          type: integer
+        name:
+          type: string
+        display_name:
+          type: string
+        minecraft_version:
+          type: string
+        is_active:
+          type: boolean
+        created_at:
+          type: string
+          format: date-time
+        updated_at:
+          type: string
+          format: date-time
--- a/internal/api/user_handler.go
+++ b/internal/api/user_handler.go
@@ -4,11 +4,14 @@ import (
 	"encoding/json"
 	"errors"
 	"log"
+	"log/slog"
 	"net/http"

 	"gitea.mrixs.me/minecraft-platform/backend/internal/core"
 	"gitea.mrixs.me/minecraft-platform/backend/internal/database"
 	"gitea.mrixs.me/minecraft-platform/backend/internal/models"
+	"gitea.mrixs.me/minecraft-platform/backend/internal/utils"
+	"github.com/golang-jwt/jwt/v5"
 )

 type UserHandler struct {
@@ -22,13 +25,18 @@ func (h *UserHandler) Register(w http.ResponseWriter, r *http.Request) {
 		return
 	}

-	// --- ДОБАВЛЕНО ЛОГИРОВАНИЕ ---
-	log.Printf("[Handler] Received registration request for username: '%s', email: '%s'", req.Username, req.Email)
+	if validationErrors := utils.ValidateStruct(req); validationErrors != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusBadRequest)
+		json.NewEncoder(w).Encode(validationErrors)
+		return
+	}
+
+	slog.Info("Received registration request", "username", req.Username, "email", req.Email)

 	err := h.Service.RegisterNewUser(r.Context(), req)
 	if err != nil {
-		// --- ДОБАВЛЕНО ЛОГИРОВАНИЕ ОШИБКИ ---
-		log.Printf("[Handler] Service returned error: %v", err)
+		slog.Error("Service returned error", "error", err)

 		switch {
 		case errors.Is(err, database.ErrUserExists):
@@ -41,7 +49,36 @@ func (h *UserHandler) Register(w http.ResponseWriter, r *http.Request) {
 		return
 	}

-	// --- ДОБАВЛЕНО ЛОГИРОВАНИЕ УСПЕХА ---
-	log.Printf("[Handler] User '%s' registered successfully.", req.Username)
+	slog.Info("User registered successfully", "username", req.Username)
 	w.WriteHeader(http.StatusCreated)
 }
+
+// GetMe возвращает информацию о текущем аутентифицированном пользователе
+func (h *UserHandler) GetMe(w http.ResponseWriter, r *http.Request) {
+	claims, ok := r.Context().Value(ClaimsContextKey).(jwt.MapClaims)
+	if !ok {
+		http.Error(w, "Could not get claims from context", http.StatusInternalServerError)
+		return
+	}
+
+	// В AuthMiddleware мы не проверяли тип user_id, там json.Number или float64
+	// Обычно jwt-go возвращает float64
+	var userID int
+	if idFloat, ok := claims["user_id"].(float64); ok {
+		userID = int(idFloat)
+	} else {
+		log.Printf("[Handler] Invalid user_id type in claims: %T", claims["user_id"])
+		http.Error(w, "Invalid token claims", http.StatusUnauthorized)
+		return
+	}
+
+	user, err := h.Service.GetUserByID(r.Context(), userID)
+	if err != nil {
+		log.Printf("[Handler] Failed to get user by ID: %v", err)
+		http.Error(w, "User not found", http.StatusNotFound)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(user)
+}
--- a/internal/core/importer/curseforge.go
+++ b/internal/core/importer/curseforge.go
@@ -20,17 +20,19 @@ import (

 // CurseForgeImporter реализует импорт для сборок CurseForge.
 type CurseForgeImporter struct {
-	StoragePath string
-	APIKey      string
-	HTTPClient  *http.Client
+	StoragePath    string
+	APIKey         string
+	HTTPClient     *http.Client
+	HTTPClientLong *http.Client
 }

 // NewCurseForgeImporter создает новый экземпляр импортера.
 func NewCurseForgeImporter(storagePath, apiKey string) *CurseForgeImporter {
 	return &CurseForgeImporter{
-		StoragePath: storagePath,
-		APIKey:      apiKey,
-		HTTPClient:  &http.Client{Timeout: 60 * time.Second},
+		StoragePath:    storagePath,
+		APIKey:         apiKey,
+		HTTPClient:     &http.Client{Timeout: 30 * time.Second},
+		HTTPClientLong: &http.Client{Timeout: 10 * time.Minute},
 	}
 }

@@ -41,7 +43,7 @@ func (i *CurseForgeImporter) downloadAndProcessFile(url string) (hash string, si
 		return "", 0, err
 	}

-	resp, err := i.HTTPClient.Do(req)
+	resp, err := i.HTTPClientLong.Do(req)
 	if err != nil {
 		return "", 0, err
 	}
@@ -79,15 +81,11 @@ func (i *CurseForgeImporter) getFileInfo(projectID, fileID int) (*CurseForgeFile
 		return nil, fmt.Errorf("failed to decode file info response: %w", err)
 	}

-	if fileInfo.Data.DownloadURL == "" {
-		return nil, fmt.Errorf("received empty download URL from API for fileID %d", fileID)
-	}
-
 	return &fileInfo, nil
 }

-// findModpackBySlug ищет ID проекта по его "слагу" (части URL).
-func (i *CurseForgeImporter) findModpackBySlug(slug string) (int, error) {
+// FindModpackBySlug ищет ID проекта по его "слагу" (части URL).
+func (i *CurseForgeImporter) FindModpackBySlug(slug string) (int, error) {
 	apiURL := fmt.Sprintf("https://api.curseforge.com/v1/mods/search?gameId=432&slug=%s", url.QueryEscape(slug))
 	req, err := http.NewRequestWithContext(context.Background(), "GET", apiURL, nil)
 	if err != nil {
@@ -115,30 +113,40 @@ func (i *CurseForgeImporter) findModpackBySlug(slug string) (int, error) {

 // getLatestModpackFileURL находит URL для скачивания последнего файла проекта.
 func (i *CurseForgeImporter) getLatestModpackFileURL(projectID int) (string, error) {
+	files, err := i.GetModpackFiles(projectID)
+	if err != nil {
+		return "", err
+	}
+
+	if len(files) == 0 {
+		return "", fmt.Errorf("no files found for projectID %d", projectID)
+	}
+
+	latestFile := files[0]
+	return latestFile.DownloadURL, nil
+}
+
+// GetModpackFiles возвращает список файлов (версий) для проекта.
+func (i *CurseForgeImporter) GetModpackFiles(projectID int) ([]CurseForgeFileData, error) {
 	apiURL := fmt.Sprintf("https://api.curseforge.com/v1/mods/%d/files", projectID)
 	req, err := http.NewRequestWithContext(context.Background(), "GET", apiURL, nil)
 	if err != nil {
-		return "", err
+		return nil, err
 	}
 	req.Header.Set("x-api-key", i.APIKey)

 	resp, err := i.HTTPClient.Do(req)
 	if err != nil {
-		return "", err
+		return nil, err
 	}
 	defer resp.Body.Close()

 	var filesResp CurseForgeFilesResponse
 	if err := json.NewDecoder(resp.Body).Decode(&filesResp); err != nil {
-		return "", err
+		return nil, err
 	}

-	if len(filesResp.Data) == 0 {
-		return "", fmt.Errorf("no files found for projectID %d", projectID)
-	}
-
-	latestFile := filesResp.Data[0]
-	return latestFile.DownloadURL, nil
+	return filesResp.Data, nil
 }

 // DownloadModpackFromURL скачивает zip-архив модпака по URL страницы CurseForge.
@@ -150,7 +158,7 @@ func (i *CurseForgeImporter) DownloadModpackFromURL(pageURL string) (string, err
 	slug := path.Base(parsedURL.Path)
 	log.Printf("Importer: Extracted slug '%s' from URL", slug)

-	projectID, err := i.findModpackBySlug(slug)
+	projectID, err := i.FindModpackBySlug(slug)
 	if err != nil {
 		return "", err
 	}
@@ -173,7 +181,7 @@ func (i *CurseForgeImporter) DownloadModpackFromURL(pageURL string) (string, err
 		return "", err
 	}

-	resp, err := i.HTTPClient.Do(req)
+	resp, err := i.HTTPClientLong.Do(req)
 	if err != nil {
 		return "", err
 	}
@@ -223,15 +231,24 @@ func (i *CurseForgeImporter) Import(zipPath string) ([]models.ModpackFile, error
 	for _, modFile := range manifest.Files {
 		fileInfo, err := i.getFileInfo(modFile.ProjectID, modFile.FileID)
 		if err != nil {
-			return nil, fmt.Errorf("failed to get info for fileID %d: %w", modFile.FileID, err)
+			log.Printf("Importer: WARN - Could not get info for fileID %d, skipping. Error: %v", modFile.FileID, err)
+			continue
 		}

 		downloadURL := fileInfo.Data.DownloadURL
 		fileName := fileInfo.Data.FileName

+		// ИСПРАВЛЕНИЕ: Проверяем, что URL не пустой
+		if downloadURL == "" {
+			log.Printf("Importer: WARN - Empty download URL for file '%s' (fileID %d), skipping.", fileName, modFile.FileID)
+			continue // Пропускаем этот файл
+		}
+
 		hash, size, err := i.downloadAndProcessFile(downloadURL)
 		if err != nil {
-			return nil, fmt.Errorf("failed to process downloaded file '%s' (fileID %d): %w", fileName, modFile.FileID, err)
+			// Вместо того чтобы падать, просто логируем ошибку и пропускаем файл
+			log.Printf("Importer: WARN - Failed to process downloaded file '%s' (fileID %d), skipping. Error: %v", fileName, modFile.FileID, err)
+			continue
 		}

 		relativePath := filepath.Join("mods", fileName)
--- a/internal/core/importer/curseforge_types.go
+++ b/internal/core/importer/curseforge_types.go
@@ -31,16 +31,22 @@ type CurseForgeSearchResponse struct {

 // CurseForgeFilesResponse - ответ от эндпоинта получения файлов проекта
 type CurseForgeFilesResponse struct {
-	Data []struct {
-		ID          int    `json:"id"`
-		FileName    string `json:"fileName"`
-		DownloadURL string `json:"downloadUrl"`
-	} `json:"data"`
+	Data       []CurseForgeFileData `json:"data"`
 	Pagination struct {
 		TotalCount int `json:"totalCount"`
 	} `json:"pagination"`
 }

+// CurseForgeFileData - данные о файле
+type CurseForgeFileData struct {
+	ID           int      `json:"id"`
+	DisplayName  string   `json:"displayName"`
+	FileName     string   `json:"fileName"`
+	DownloadURL  string   `json:"downloadUrl"`
+	FileDate     string   `json:"fileDate"`
+	GameVersions []string `json:"gameVersions"`
+}
+
 // CurseForgeFile представляет полную информацию о файле с API.
 type CurseForgeFile struct {
 	Data struct {
--- a/internal/core/importer/modrinth.go
+++ b/internal/core/importer/modrinth.go
@@ -0,0 +1,161 @@
+package importer
+
+import (
+	"archive/zip"
+	"context"
+	"encoding/json"
+	"fmt"
+	"log"
+	"net/http"
+	"strings"
+	"time"
+
+	"gitea.mrixs.me/minecraft-platform/backend/internal/models"
+)
+
+// ModrinthImporter реализует импорт для сборок Modrinth (.mrpack).
+type ModrinthImporter struct {
+	StoragePath string
+	HTTPClient  *http.Client
+}
+
+// NewModrinthImporter создает новый экземпляр импортера.
+func NewModrinthImporter(storagePath string) *ModrinthImporter {
+	return &ModrinthImporter{
+		StoragePath: storagePath,
+		HTTPClient:  &http.Client{Timeout: 10 * time.Minute},
+	}
+}
+
+// downloadAndProcessFile скачивает файл и обрабатывает его.
+func (i *ModrinthImporter) downloadAndProcessFile(url string) (hash string, size int64, err error) {
+	req, err := http.NewRequestWithContext(context.Background(), "GET", url, nil)
+	if err != nil {
+		return "", 0, err
+	}
+
+	resp, err := i.HTTPClient.Do(req)
+	if err != nil {
+		return "", 0, err
+	}
+	defer resp.Body.Close()
+
+	if resp.StatusCode != http.StatusOK {
+		return "", 0, fmt.Errorf("bad status downloading file: %s", resp.Status)
+	}
+
+	baseImporter := SimpleZipImporter{StoragePath: i.StoragePath}
+	return baseImporter.processFile(resp.Body)
+}
+
+// Import реализует основной метод интерфейса ModpackImporter.
+func (i *ModrinthImporter) Import(zipPath string) ([]models.ModpackFile, error) {
+	r, err := zip.OpenReader(zipPath)
+	if err != nil {
+		return nil, err
+	}
+	defer r.Close()
+
+	// 1. Ищем и парсим modrinth.index.json
+	var indexFile *zip.File
+	for _, f := range r.File {
+		if f.Name == "modrinth.index.json" {
+			indexFile = f
+			break
+		}
+	}
+
+	if indexFile == nil {
+		return nil, fmt.Errorf("modrinth.index.json not found in archive")
+	}
+
+	idxReader, err := indexFile.Open()
+	if err != nil {
+		return nil, err
+	}
+	defer idxReader.Close()
+
+	var index ModrinthIndex
+	if err := json.NewDecoder(idxReader).Decode(&index); err != nil {
+		return nil, fmt.Errorf("failed to parse modrinth.index.json: %w", err)
+	}
+
+	var files []models.ModpackFile
+
+	// 2. Обрабатываем файлы из индекса (скачиваем их)
+	for _, modFile := range index.Files {
+		// Пропускаем серверные файлы, которые не нужны клиенту?
+		// В ТЗ сказано про "клиент", но обычно лаунчер качает всё, что нужно клиенту.
+		// env.client != "unsupported" (обычно "required" или "optional")
+		if modFile.Env.Client == "unsupported" {
+			continue
+		}
+
+		if len(modFile.Downloads) == 0 {
+			log.Printf("Modrinth Importer: WARN - No download URLs for file '%s', skipping.", modFile.Path)
+			continue
+		}
+
+		// Используем первый доступный URL
+		downloadURL := modFile.Downloads[0]
+
+		log.Printf("Modrinth Importer: Downloading '%s' from %s", modFile.Path, downloadURL)
+
+		// Скачиваем файл и пересчитываем его хеш/размер (и сохраняем локально, если нужно)
+		// Важно: Modrinth дает хеши в индексе. Мы могли бы использовать их, но наша система
+		// построена на том, что мы храним файлы у себя. Поэтому нам всё равно нужно скачать их
+		// и сохранить в наше хранилище. Метод downloadAndProcessFile делает именно это.
+		hash, size, err := i.downloadAndProcessFile(downloadURL)
+		if err != nil {
+			log.Printf("Modrinth Importer: WARN - Failed to download/process '%s': %v", modFile.Path, err)
+			continue
+		}
+
+		// Сверка хеша для надежности (опционально, но полезно)
+		if modFile.Hashes.SHA1 != "" && modFile.Hashes.SHA1 != hash {
+			log.Printf("Modrinth Importer: WARN - Hash mismatch for '%s'. Index SHA1: %s, Calculated: %s", modFile.Path, modFile.Hashes.SHA1, hash)
+			// Можно решить: падать с ошибкой или доверять тому, что скачали.
+			// Пока просто предупреждаем.
+		}
+
+		files = append(files, models.ModpackFile{
+			RelativePath: modFile.Path,
+			FileHash:     hash,
+			FileSize:     size,
+			DownloadURL:  downloadURL,
+		})
+	}
+
+	// 3. Обрабатываем overrides
+	baseImporter := SimpleZipImporter{StoragePath: i.StoragePath}
+	for _, f := range r.File {
+		// В .mrpack файлы для копирования лежат в папке "overrides/" (как правило)
+		// Спецификация говорит, что папка может называться иначе? Нет, обычно overrides.
+		// Но лучше проверить все папки, кроме системных.
+		// Спецификация Modrinth: "Files that are included in the modpack archive are located in the overrides directory."
+
+		prefix := "overrides/"
+		if strings.HasPrefix(f.Name, prefix) && !f.FileInfo().IsDir() {
+			fileReader, err := f.Open()
+			if err != nil {
+				return nil, err
+			}
+
+			hash, size, err := baseImporter.processFile(fileReader)
+			if err != nil {
+				fileReader.Close()
+				return nil, err
+			}
+			fileReader.Close()
+
+			relativePath := strings.TrimPrefix(f.Name, prefix)
+			files = append(files, models.ModpackFile{
+				RelativePath: relativePath,
+				FileHash:     hash,
+				FileSize:     size,
+			})
+		}
+	}
+
+	return files, nil
+}
--- a/internal/core/importer/modrinth_types.go
+++ b/internal/core/importer/modrinth_types.go
@@ -0,0 +1,24 @@
+package importer
+
+// ModrinthIndex - структура modrinth.index.json
+type ModrinthIndex struct {
+	FormatVersion int    `json:"formatVersion"`
+	Game          string `json:"game"`
+	VersionID     string `json:"versionId"`
+	Name          string `json:"name"`
+	Summary       string `json:"summary"`
+	Files         []struct {
+		Path   string `json:"path"`
+		Hashes struct {
+			SHA1   string `json:"sha1"`
+			SHA512 string `json:"sha512"`
+		} `json:"hashes"`
+		Env struct {
+			Client string `json:"client"`
+			Server string `json:"server"`
+		} `json:"env"`
+		Downloads []string `json:"downloads"`
+		FileSize  int64    `json:"fileSize"` // В спецификации это поле может быть uint64, но int64 удобнее
+	} `json:"files"`
+	Dependencies map[string]string `json:"dependencies"`
+}
--- a/internal/core/server_poller.go
+++ b/internal/core/server_poller.go
@@ -3,7 +3,7 @@ package core
 import (
 	"context"
 	"encoding/json"
-	"log"
+	"log/slog"
 	"time"

 	"gitea.mrixs.me/minecraft-platform/backend/internal/database"
@@ -29,7 +29,7 @@ type ServerPoller struct {
 }

 func (p *ServerPoller) Start(ctx context.Context) {
-	log.Println("Starting server poller...")
+	slog.Info("Starting server poller...")
 	ticker := time.NewTicker(60 * time.Second)
 	defer ticker.Stop()

@@ -40,7 +40,7 @@ func (p *ServerPoller) Start(ctx context.Context) {
 		case <-ticker.C:
 			p.pollAllServers(ctx)
 		case <-ctx.Done():
-			log.Println("Stopping server poller...")
+			slog.Info("Stopping server poller...")
 			return
 		}
 	}
@@ -49,7 +49,7 @@ func (p *ServerPoller) Start(ctx context.Context) {
 func (p *ServerPoller) pollAllServers(ctx context.Context) {
 	servers, err := p.Repo.GetAllEnabledServers(ctx)
 	if err != nil {
-		log.Printf("Poller: failed to get servers: %v", err)
+		slog.Error("Poller: failed to get servers", "error", err)
 		return
 	}

@@ -61,13 +61,13 @@ func (p *ServerPoller) pollAllServers(ctx context.Context) {
 func (p *ServerPoller) pollServer(ctx context.Context, server *models.GameServer) {
 	resp, delay, err := bot.PingAndList(server.Address)
 	if err != nil {
-		log.Printf("Poller: failed to ping %s (%s): %v", server.Name, server.Address, err)
+		slog.Warn("Poller: failed to ping server", "server", server.Name, "address", server.Address, "error", err)
 		return
 	}

 	var status pingResponse
 	if err := json.Unmarshal(resp, &status); err != nil {
-		log.Printf("Poller: failed to unmarshal status for %s: %v", server.Name, err)
+		slog.Error("Poller: failed to unmarshal status", "server", server.Name, "error", err)
 		return
 	}

@@ -83,8 +83,8 @@ func (p *ServerPoller) pollServer(ctx context.Context, server *models.GameServer
 	}

 	if err := p.Repo.UpdateServerStatus(ctx, server.ID, updateData); err != nil {
-		log.Printf("Poller: failed to update status for %s: %v", server.Name, err)
+		slog.Error("Poller: failed to update status", "server", server.Name, "error", err)
 	} else {
-		log.Printf("Poller: successfully polled %s", server.Name)
+		slog.Info("Poller: successfully polled server", "server", server.Name)
 	}
 }
--- a/internal/core/user_service.go
+++ b/internal/core/user_service.go
@@ -60,6 +60,11 @@ func (s *UserService) RegisterNewUser(ctx context.Context, req models.RegisterRe
 	return s.Repo.CreateUserTx(ctx, user)
 }

+// GetUserByID возвращает пользователя по его ID
+func (s *UserService) GetUserByID(ctx context.Context, userID int) (*models.User, error) {
+	return s.Repo.GetUserByID(ctx, userID)
+}
+
 // ValidateJoinRequest проверяет запрос на присоединение к серверу.
 func (s *AuthService) ValidateJoinRequest(ctx context.Context, req models.JoinRequest) error {
 	var uuidStr string
--- a/internal/database/job_repository.go
+++ b/internal/database/job_repository.go
@@ -0,0 +1,58 @@
+package database
+
+import (
+	"context"
+
+	"gitea.mrixs.me/minecraft-platform/backend/internal/models"
+	"github.com/jackc/pgx/v5"
+	"github.com/jackc/pgx/v5/pgxpool"
+)
+
+type JobRepository struct {
+	DB *pgxpool.Pool
+}
+
+// CreateJob создает новую задачу со статусом pending
+func (r *JobRepository) CreateJob(ctx context.Context) (int, error) {
+	var jobID int
+	query := `INSERT INTO modpack_import_jobs (status, progress, created_at, updated_at) 
+	          VALUES ($1, $2, NOW(), NOW()) RETURNING id`
+
+	err := r.DB.QueryRow(ctx, query, models.JobStatusPending, 0).Scan(&jobID)
+	return jobID, err
+}
+
+// UpdateJobStatus обновляет статус и прогресс задачи
+func (r *JobRepository) UpdateJobStatus(ctx context.Context, jobID int, status models.ImportJobStatus, progress int, errorMessage string) error {
+	query := `UPDATE modpack_import_jobs 
+	          SET status = $1, progress = $2, error_message = $3, updated_at = NOW() 
+	          WHERE id = $4`
+
+	_, err := r.DB.Exec(ctx, query, status, progress, errorMessage, jobID)
+	return err
+}
+
+// GetJob получает задачу по ID
+func (r *JobRepository) GetJob(ctx context.Context, jobID int) (*models.ImportJob, error) {
+	job := &models.ImportJob{}
+	query := `SELECT id, status, progress, error_message, created_at, updated_at 
+	          FROM modpack_import_jobs WHERE id = $1`
+
+	var errMsg *string // Для обработки NULL
+	err := r.DB.QueryRow(ctx, query, jobID).Scan(
+		&job.ID, &job.Status, &job.Progress, &errMsg, &job.CreatedAt, &job.UpdatedAt,
+	)
+
+	if err != nil {
+		if err == pgx.ErrNoRows {
+			return nil, nil // Или спец ошибка
+		}
+		return nil, err
+	}
+
+	if errMsg != nil {
+		job.ErrorMessage = *errMsg
+	}
+
+	return job, nil
+}
--- a/internal/database/modpack_repository.go
+++ b/internal/database/modpack_repository.go
@@ -101,3 +101,110 @@ func (r *ModpackRepository) GetAllFileHashes(ctx context.Context) (map[string]st

 	return hashes, rows.Err()
 }
+
+// GetModpacksSummary возвращает список всех активных модпаков с датой последнего обновления.
+func (r *ModpackRepository) GetModpacksSummary(ctx context.Context) ([]models.ModpackSummary, error) {
+	query := `
+		SELECT name, updated_at
+		FROM modpacks
+		WHERE is_active = TRUE`
+
+	rows, err := r.DB.Query(ctx, query)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var summaries []models.ModpackSummary
+	for rows.Next() {
+		var s models.ModpackSummary
+		if err := rows.Scan(&s.Name, &s.UpdatedAt); err != nil {
+			return nil, err
+		}
+		summaries = append(summaries, s)
+	}
+
+	return summaries, nil
+}
+
+// GetAllModpacks возвращает список всех модпаков для админки.
+func (r *ModpackRepository) GetAllModpacks(ctx context.Context) ([]models.Modpack, error) {
+	query := `
+		SELECT id, name, display_name, minecraft_version, is_active, created_at, updated_at
+		FROM modpacks
+		ORDER BY name`
+
+	rows, err := r.DB.Query(ctx, query)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var modpacks []models.Modpack
+	for rows.Next() {
+		var m models.Modpack
+		if err := rows.Scan(&m.ID, &m.Name, &m.DisplayName, &m.MinecraftVersion, &m.IsActive, &m.CreatedAt, &m.UpdatedAt); err != nil {
+			return nil, err
+		}
+		modpacks = append(modpacks, m)
+	}
+
+	return modpacks, nil
+}
+
+// UpdateModpackTx обновляет файлы модпака в транзакции: удаляет старые, добавляет новые.
+func (r *ModpackRepository) UpdateModpackTx(ctx context.Context, modpackID int, mcVersion string, files []models.ModpackFile) error {
+	tx, err := r.DB.Begin(ctx)
+	if err != nil {
+		return err
+	}
+	defer tx.Rollback(ctx)
+
+	// Обновляем версию Minecraft и updated_at
+	_, err = tx.Exec(ctx,
+		"UPDATE modpacks SET minecraft_version = $1, updated_at = NOW() WHERE id = $2",
+		mcVersion, modpackID)
+	if err != nil {
+		return err
+	}
+
+	// Удаляем старые файлы
+	_, err = tx.Exec(ctx, "DELETE FROM modpack_files WHERE modpack_id = $1", modpackID)
+	if err != nil {
+		return err
+	}
+
+	// Добавляем новые файлы
+	rows := make([][]interface{}, len(files))
+	for i, f := range files {
+		rows[i] = []interface{}{modpackID, f.RelativePath, f.FileHash, f.FileSize, f.DownloadURL}
+	}
+
+	_, err = tx.CopyFrom(
+		ctx,
+		pgx.Identifier{"modpack_files"},
+		[]string{"modpack_id", "relative_path", "file_hash", "file_size", "download_url"},
+		pgx.CopyFromRows(rows),
+	)
+	if err != nil {
+		return err
+	}
+
+	return tx.Commit(ctx)
+}
+
+// GetModpackByName возвращает модпак по имени.
+func (r *ModpackRepository) GetModpackByName(ctx context.Context, name string) (*models.Modpack, error) {
+	query := `
+		SELECT id, name, display_name, minecraft_version, is_active, created_at, updated_at
+		FROM modpacks
+		WHERE name = $1`
+
+	var m models.Modpack
+	err := r.DB.QueryRow(ctx, query, name).Scan(&m.ID, &m.Name, &m.DisplayName, &m.MinecraftVersion, &m.IsActive, &m.CreatedAt, &m.UpdatedAt)
+	if err != nil {
+		return nil, err
+	}
+
+	return &m, nil
+}
--- a/internal/database/server_repository.go
+++ b/internal/database/server_repository.go
@@ -47,7 +47,7 @@ func (r *ServerRepository) UpdateServerStatus(ctx context.Context, id int, statu
 func (r *ServerRepository) GetAllWithStatus(ctx context.Context) ([]*models.GameServer, error) {
 	query := `
 		SELECT id, name, address, is_enabled, last_polled_at, motd,
-		player_count, max_players, version_name, ping_backend_server
+		player_count, max_players, version_name, ping_backend_server, bluemap_url
 		FROM game_servers WHERE is_enabled = TRUE ORDER BY name`
 	rows, err := r.DB.Query(ctx, query)
 	if err != nil {
@@ -59,7 +59,7 @@ func (r *ServerRepository) GetAllWithStatus(ctx context.Context) ([]*models.Game
 	for rows.Next() {
 		s := &models.GameServer{}
 		if err := rows.Scan(&s.ID, &s.Name, &s.Address, &s.IsEnabled, &s.LastPolledAt,
-			&s.Motd, &s.PlayerCount, &s.MaxPlayers, &s.VersionName, &s.PingBackendServer); err != nil {
+			&s.Motd, &s.PlayerCount, &s.MaxPlayers, &s.VersionName, &s.PingBackendServer, &s.BlueMapURL); err != nil {
 			return nil, err
 		}
 		servers = append(servers, s)
--- a/internal/database/user_repository.go
+++ b/internal/database/user_repository.go
@@ -227,3 +227,24 @@ func (r *UserRepository) UpdateUserRole(ctx context.Context, userID int, newRole
 	}
 	return nil
 }
+
+// GetUserByID находит пользователя по его ID.
+func (r *UserRepository) GetUserByID(ctx context.Context, userID int) (*models.User, error) {
+	user := &models.User{}
+	var userUUID string
+
+	query := "SELECT id, uuid, username, email, password_hash, role, created_at, updated_at FROM users WHERE id = $1"
+	err := r.DB.QueryRow(ctx, query, userID).Scan(
+		&user.ID, &userUUID, &user.Username, &user.Email, &user.PasswordHash, &user.Role, &user.CreatedAt, &user.UpdatedAt,
+	)
+
+	if err != nil {
+		if errors.Is(err, pgx.ErrNoRows) {
+			return nil, ErrUserNotFound
+		}
+		return nil, err
+	}
+
+	user.UUID, _ = uuid.Parse(userUUID)
+	return user, nil
+}
--- a/internal/models/auth.go
+++ b/internal/models/auth.go
@@ -9,8 +9,8 @@ type Agent struct {
 // AuthenticateRequest - это тело запроса на /authserver/authenticate
 type AuthenticateRequest struct {
 	Agent       Agent  `json:"agent"`
-	Username    string `json:"username"`
-	Password    string `json:"password"`
+	Username    string `json:"username" validate:"required"`
+	Password    string `json:"password" validate:"required"`
 	ClientToken string `json:"clientToken"`
 }

@@ -70,15 +70,15 @@ type SessionProfileResponse struct {

 // JoinRequest - это тело запроса на /sessionserver/session/minecraft/join
 type JoinRequest struct {
-	AccessToken     string `json:"accessToken"`
-	SelectedProfile string `json:"selectedProfile"` // UUID пользователя без дефисов
-	ServerID        string `json:"serverId"`
+	AccessToken     string `json:"accessToken" validate:"required"`
+	SelectedProfile string `json:"selectedProfile" validate:"required"` // UUID пользователя без дефисов
+	ServerID        string `json:"serverId" validate:"required"`
 }

 // LoginRequest - это тело запроса на /api/login
 type LoginRequest struct {
-	Login    string `json:"login"`
-	Password string `json:"password"`
+	Login    string `json:"login" validate:"required"`
+	Password string `json:"password" validate:"required"`
 }

 // LoginResponse - это тело успешного ответа с JWT
--- a/internal/models/job.go
+++ b/internal/models/job.go
@@ -0,0 +1,24 @@
+package models
+
+import "time"
+
+// ImportJobStatus определяет возможные статусы задачи импорта
+type ImportJobStatus string
+
+const (
+	JobStatusPending     ImportJobStatus = "pending"
+	JobStatusDownloading ImportJobStatus = "downloading"
+	JobStatusProcessing  ImportJobStatus = "processing"
+	JobStatusCompleted   ImportJobStatus = "completed"
+	JobStatusFailed      ImportJobStatus = "failed"
+)
+
+// ImportJob представляет задачу на импорт модпака
+type ImportJob struct {
+	ID           int             `json:"id"`
+	Status       ImportJobStatus `json:"status"`
+	Progress     int             `json:"progress"` // 0-100
+	ErrorMessage string          `json:"error_message,omitempty"`
+	CreatedAt    time.Time       `json:"created_at"`
+	UpdatedAt    time.Time       `json:"updated_at"`
+}
--- a/internal/models/modpack.go
+++ b/internal/models/modpack.go
@@ -10,6 +10,13 @@ type Modpack struct {
 	MinecraftVersion string    `json:"minecraft_version"`
 	IsActive         bool      `json:"is_active"`
 	CreatedAt        time.Time `json:"created_at"`
+	UpdatedAt        time.Time `json:"updated_at"`
+}
+
+// ModpackSummary используется лаунчером для проверки наличия обновлений
+type ModpackSummary struct {
+	Name      string    `json:"name"`
+	UpdatedAt time.Time `json:"updated_at"`
 }

 // ModpackFile представляет метаданные одного файла в модпаке
--- a/internal/models/server.go
+++ b/internal/models/server.go
@@ -14,6 +14,7 @@ type GameServer struct {
 	MaxPlayers        *int       `json:"max_players"`
 	VersionName       *string    `json:"version_name"`
 	PingBackendServer *int       `json:"ping_proxy_server"`
+	BlueMapURL        *string    `json:"bluemap_url"`
 }

 type ServerStatus struct {
--- a/internal/models/user.go
+++ b/internal/models/user.go
@@ -20,9 +20,9 @@ type User struct {

 // RegisterRequest определяет структуру JSON-запроса на регистрацию
 type RegisterRequest struct {
-	Username string `json:"username"`
-	Email    string `json:"email"`
-	Password string `json:"password"`
+	Username string `json:"username" validate:"required,min=3,max=16,alphanum"`
+	Email    string `json:"email" validate:"required,email"`
+	Password string `json:"password" validate:"required,min=8"`
 }
 type Profile struct {
 	ID        int       `json:"-"`
--- a/internal/utils/validator.go
+++ b/internal/utils/validator.go
@@ -0,0 +1,47 @@
+package utils
+
+import (
+	"fmt"
+	"strings"
+
+	"github.com/go-playground/validator/v10"
+)
+
+var validate *validator.Validate
+
+func init() {
+	validate = validator.New()
+}
+
+// ValidationErrorResponse represents the structure of validation errors returned to the client
+type ValidationErrorResponse struct {
+	Errors map[string]string `json:"errors"`
+}
+
+// ValidateStruct validates a struct based on its tags using go-playground/validator
+func ValidateStruct(s interface{}) *ValidationErrorResponse {
+	err := validate.Struct(s)
+	if err != nil {
+		var errorsMap = make(map[string]string)
+		for _, err := range err.(validator.ValidationErrors) {
+			// Simpler error messages for now. Can be enhanced with universal-translator.
+			fieldName := strings.ToLower(err.Field())
+			switch err.Tag() {
+			case "required":
+				errorsMap[fieldName] = fmt.Sprintf("Field '%s' is required", fieldName)
+			case "email":
+				errorsMap[fieldName] = fmt.Sprintf("Field '%s' must be a valid email", fieldName)
+			case "min":
+				errorsMap[fieldName] = fmt.Sprintf("Field '%s' must be at least %s characters long", fieldName, err.Param())
+			case "max":
+				errorsMap[fieldName] = fmt.Sprintf("Field '%s' must be at most %s characters long", fieldName, err.Param())
+			case "alphanum":
+				errorsMap[fieldName] = fmt.Sprintf("Field '%s' must contain only alphanumeric characters", fieldName)
+			default:
+				errorsMap[fieldName] = fmt.Sprintf("Field '%s' failed validation on '%s' tag", fieldName, err.Tag())
+			}
+		}
+		return &ValidationErrorResponse{Errors: errorsMap}
+	}
+	return nil
+}
--- a/internal/ws/hub.go
+++ b/internal/ws/hub.go
@@ -0,0 +1,179 @@
+package ws
+
+import (
+	"log/slog"
+	"net/http"
+	"sync"
+	"time"
+
+	"github.com/gorilla/websocket"
+)
+
+const (
+	// Time allowed to write a message to the peer.
+	writeWait = 10 * time.Second
+
+	// Time allowed to read the next pong message from the peer.
+	pongWait = 60 * time.Second
+
+	// Send pings to peer with this period. Must be less than pongWait.
+	pingPeriod = (pongWait * 9) / 10
+)
+
+var upgrader = websocket.Upgrader{
+	ReadBufferSize:  1024,
+	WriteBufferSize: 1024,
+	// Разрешаем CORS для разработки (в продакшене лучше ограничить)
+	CheckOrigin: func(r *http.Request) bool {
+		return true
+	},
+}
+
+// Hub maintains the set of active clients and broadcasts messages to the clients.
+type Hub struct {
+	// Registered clients.
+	clients map[*Client]bool
+
+	// Inbound messages from the clients (not used for now, only broadcast).
+	broadcast chan []byte
+
+	// Register requests from the clients.
+	register chan *Client
+
+	// Unregister requests from clients.
+	unregister chan *Client
+
+	mu sync.Mutex
+}
+
+func NewHub() *Hub {
+	return &Hub{
+		broadcast:  make(chan []byte),
+		register:   make(chan *Client),
+		unregister: make(chan *Client),
+		clients:    make(map[*Client]bool),
+	}
+}
+
+func (h *Hub) Run() {
+	for {
+		select {
+		case client := <-h.register:
+			h.mu.Lock()
+			h.clients[client] = true
+			h.mu.Unlock()
+			slog.Debug("WS: Client registered")
+
+		case client := <-h.unregister:
+			h.mu.Lock()
+			if _, ok := h.clients[client]; ok {
+				delete(h.clients, client)
+				close(client.send)
+				slog.Debug("WS: Client unregistered")
+			}
+			h.mu.Unlock()
+
+		case message := <-h.broadcast:
+			h.mu.Lock()
+			for client := range h.clients {
+				select {
+				case client.send <- message:
+				default:
+					close(client.send)
+					delete(h.clients, client)
+				}
+			}
+			h.mu.Unlock()
+		}
+	}
+}
+
+// Broadcast отправляет сообщение всем подключенным клиентам
+func (h *Hub) BroadcastMessage(msg []byte) {
+	h.broadcast <- msg
+}
+
+// Client is a middleman between the websocket connection and the hub.
+type Client struct {
+	hub *Hub
+
+	// The websocket connection.
+	conn *websocket.Conn
+
+	// Buffered channel of outbound messages.
+	send chan []byte
+}
+
+// writePump pumps messages from the hub to the websocket connection.
+func (c *Client) writePump() {
+	ticker := time.NewTicker(pingPeriod)
+	defer func() {
+		ticker.Stop()
+		c.conn.Close()
+	}()
+
+	for {
+		select {
+		case message, ok := <-c.send:
+			c.conn.SetWriteDeadline(time.Now().Add(writeWait))
+			if !ok {
+				// The hub closed the channel.
+				c.conn.WriteMessage(websocket.CloseMessage, []byte{})
+				return
+			}
+
+			w, err := c.conn.NextWriter(websocket.TextMessage)
+			if err != nil {
+				return
+			}
+			w.Write(message)
+
+			if err := w.Close(); err != nil {
+				return
+			}
+
+		case <-ticker.C:
+			c.conn.SetWriteDeadline(time.Now().Add(writeWait))
+			if err := c.conn.WriteMessage(websocket.PingMessage, nil); err != nil {
+				return
+			}
+		}
+	}
+}
+
+// readPump pumps messages from the websocket connection to the hub.
+// (Needed to process PONGs and detect disconnects)
+func (c *Client) readPump() {
+	defer func() {
+		c.hub.unregister <- c
+		c.conn.Close()
+	}()
+	c.conn.SetReadLimit(512)
+	c.conn.SetReadDeadline(time.Now().Add(pongWait))
+	c.conn.SetPongHandler(func(string) error { c.conn.SetReadDeadline(time.Now().Add(pongWait)); return nil })
+	for {
+		_, _, err := c.conn.ReadMessage()
+		if err != nil {
+			if websocket.IsUnexpectedCloseError(err, websocket.CloseGoingAway, websocket.CloseAbnormalClosure) {
+				slog.Error("WS: error", "error", err)
+			}
+			break
+		}
+	}
+}
+
+// ServeWs handles websocket requests from the peer.
+func ServeWs(hub *Hub, w http.ResponseWriter, r *http.Request) {
+	conn, err := upgrader.Upgrade(w, r, nil)
+	if err != nil {
+		slog.Error("WS: Failed to upgrade connection", "error", err)
+		return
+	}
+	client := &Client{hub: hub, conn: conn, send: make(chan []byte, 256)}
+	client.hub.register <- client
+
+	// Allow collection of memory referenced by the caller by doing all work in
+	// new goroutines.
+	go client.writePump()
+	go client.readPump()
+}
--- a/BIN
+++ b/BIN
Author	SHA1	Message	Date
Vladimir Zagainov	a1e022e966	remove varbose build log	2026-01-16 19:05:08 +03:00
Vladimir Zagainov	2f6d08d7c4	add verbose logging for image build	2026-01-14 16:41:22 +03:00
Vladimir Zagainov	ec0a9efeb4	build: install git to support go mod download	2026-01-12 17:57:31 +03:00
Vladimir Zagainov	72875a6256	build: use GOPROXY=direct to bypass network issues	2026-01-12 17:23:21 +03:00
Vladimir Zagainov	463b04bff0	sync	2026-01-12 17:17:18 +03:00
Vladimir Zagainov	3fee913c1c	docs: add openapi specification	2026-01-06 19:26:21 +03:00
Vladimir Zagainov	0e5d98cff7	feat: add rate limiting to public API endpoints	2026-01-06 19:20:47 +03:00
Vladimir Zagainov	2dcb1e7735	feat: add modpack update functionality	2026-01-06 19:17:18 +03:00
Vladimir Zagainov	1cdfe9fefc	feat: add modpack versions API endpoint	2026-01-06 19:09:15 +03:00
Vladimir Zagainov	9e2657c709	feat: add data validation and structured logging	2026-01-05 18:24:11 +03:00
Vladimir Zagainov	9bf2a15045	feat: implement async modpack import with websockets	2026-01-05 18:06:54 +03:00
Vladimir Zagainov	0751ddb88a	refactor: impl health checks, graceful shutdown & structured logging	2026-01-04 15:06:35 +03:00
Vladimir Zagainov	192ec80010	feat: implement Modrinth modpack importer (.mrpack)	2026-01-04 14:47:24 +03:00
Vladimir Zagainov	275c1f2d50	feat: add updated_at to modpacks and /api/launcher/modpacks/summary endpoint	2026-01-04 14:38:21 +03:00
Vladimir Zagainov	e98d10ae1d	feat: add /api/user/me endpoint for session restoration	2026-01-04 14:31:34 +03:00
Vladimir Zagainov	58aa72f9bb	fix(importer): gracefully skip files with no download url	2025-06-19 18:10:43 +03:00
Vladimir Zagainov	119863b816	fix(importer): correctly define importer struct with long timeout client	2025-06-19 18:00:12 +03:00