Merge pull request 'Refresh Token Support and package refactor based on best practice docs' (#18) from features/restructure-go-recommendations into main

Reviewed-on: #18

.vscode/launch.json

@@ -9,7 +9,7 @@
             "type": "go",
             "request": "launch",
             "mode": "auto",
-            "program": "main.go"
+            "program": "cmd/main.go"
         }
     ]
 }

.vscode/settings.json

@@ -3,6 +3,7 @@
         "echojwt",
         "glebarez",
         "gocook",
+        "godotenv",
         "huandu",
         "labstack",
         "sqlbuilder"

Justfile

@@ -1,5 +1,7 @@
+# Brings the database up to the current migration
 migrate-up:
-    GOOSE_DRIVER=sqlite3 GOOSE_DBSTRING=./gocook.db goose -dir ./api/migrations up
+    GOOSE_DRIVER=sqlite3 GOOSE_DBSTRING=./cmd/gocook.db goose -dir ./internal/migrations up
 
+# Rolls back one migration at a time
 migrate-down:
-    GOOSE_DRIVER=sqlite3 GOOSE_DBSTRING=./gocook.db goose -dir ./api/migrations down
+    GOOSE_DRIVER=sqlite3 GOOSE_DBSTRING=./cmd/gocook.db goose -dir ./internal/migrations down

cmd/main.go

@@ -5,8 +5,8 @@ import (
 	"log"
 	"net/http"
 
-	"git.jamestombleson.com/jtom38/go-cook/api/services"
+	v1 "git.jamestombleson.com/jtom38/go-cook/internal/handlers/v1"
-	v1 "git.jamestombleson.com/jtom38/go-cook/api/handlers/v1"
+	"git.jamestombleson.com/jtom38/go-cook/internal/services"
 
 	_ "github.com/glebarez/go-sqlite"
 	"github.com/go-playground/validator"
@@ -34,7 +34,7 @@ func main() {
 			panic(err)
 		}
 
-		err = goose.Up(db, "api/migrations")
+		err = goose.Up(db, "../internal/migrations")
 		if err != nil {
 			panic(err)
 		}

go.mod

@@ -7,6 +7,7 @@ require (
 	github.com/glebarez/go-sqlite v1.22.0
 	github.com/go-playground/validator v9.31.0+incompatible
 	github.com/golang-jwt/jwt/v5 v5.2.1
+	github.com/google/uuid v1.6.0
 	github.com/huandu/go-sqlbuilder v1.25.0
 	github.com/joho/godotenv v1.5.1
 	github.com/labstack/echo-jwt/v4 v4.2.0
@@ -22,7 +23,6 @@ require (
 	github.com/go-playground/locales v0.14.1 // indirect
 	github.com/go-playground/universal-translator v0.18.1 // indirect
 	github.com/golang-jwt/jwt v3.2.2+incompatible // indirect
-	github.com/google/uuid v1.6.0 // indirect
 	github.com/huandu/xstrings v1.3.2 // indirect
 	github.com/kr/text v0.2.0 // indirect
 	github.com/labstack/gommon v0.4.2 // indirect

internal/domain/entities.go

@@ -3,7 +3,7 @@ package domain
 import "time"
 
 type UserEntity struct {
-	Id          int
+	Id          int64
 	CreatedAt   time.Time
 	LastUpdated time.Time
 	Name        string
@@ -11,8 +11,16 @@ type UserEntity struct {
 	Scopes      string
 }
 
+type RefreshTokenEntity struct {
+	Id          int64
+	Username    string
+	Token       string
+	CreatedAt   time.Time
+	LastUpdated time.Time
+}
+
 type RecipeEntity struct {
-	Id          int32
+	Id          int64
 	CreatedAt   time.Time
 	LastUpdated time.Time
 	Title       string

internal/domain/requests.go

@@ -8,3 +8,9 @@ type UpdateScopesRequest struct {
 	Username string   `json:"username"`
 	Scopes   []string `json:"scopes" validate:"required"`
 }
+
+type RefreshTokenRequest struct {
+	Username     string `json:"username"`
+	RefreshToken string `json:"refreshToken"`
+	//ExpiresAt    time.Time `json:"expiresAt"`
+}

internal/domain/responses.go

@@ -1,19 +1,30 @@
 package domain
 
 type LoginResponse struct {
-	Success bool   `json:"success"`
+	BaseResponse
-	Token   string `json:"token"`
+	Token        string `json:"token"`
-	Type    string `json:"type"`
+	Type         string `json:"type"`
 	RefreshToken string `json:"refreshToken"`
 }
 
+// This /
+// /auth/refreshToken
+type TokenRefreshResponse struct {
+	ErrorResponse
+
+}
+
+type BaseResponse struct {
+	Success bool   `json:"success"`
+	Message string `json:"message"`
+}
+
 type ErrorResponse struct {
 	Success bool   `json:"success"`
 	Message string `json:"message"`
 }
 
 type HelloWhoResponse struct {
-	Success bool   `json:"success"`
+	BaseResponse
 	Error   string `json:"error"`
-	Message string `json:"message"`
 }

internal/handlers/v1/auth.go

@@ -3,9 +3,10 @@ package v1
 import (
 	"errors"
 	"net/http"
+	"time"
 
-	"git.jamestombleson.com/jtom38/go-cook/api/domain"
+	"git.jamestombleson.com/jtom38/go-cook/internal/domain"
-	"git.jamestombleson.com/jtom38/go-cook/api/repositories"
+	"git.jamestombleson.com/jtom38/go-cook/internal/repositories"
 
 	"github.com/golang-jwt/jwt/v5"
 	"github.com/labstack/echo/v4"
@@ -25,13 +26,12 @@ func (h *Handler) AuthRegister(c echo.Context) error {
 	password := c.FormValue("password")
 
 	//username := c.QueryParam("username")
-	exists, err := h.userRepo.GetByName(username)
+	exists, err := h.users.GetUser(username)
 	if err != nil {
 		// if we have an err, validate that if its not user not found.
 		// if the user is not found, we can use that name
 		if err.Error() != repositories.ErrUserNotFound {
 			return c.JSON(http.StatusInternalServerError, domain.ErrorResponse{
-
 				Message: err.Error(),
 				Success: true,
 			})
@@ -42,7 +42,7 @@ func (h *Handler) AuthRegister(c echo.Context) error {
 	}
 
 	//password := c.QueryParam("password")
-	err = h.UserService.CheckPasswordForRequirements(password)
+	err = h.users.CheckPasswordForRequirements(password)
 	if err != nil {
 		return c.JSON(http.StatusInternalServerError, domain.ErrorResponse{
 			Success: false,
@@ -50,7 +50,7 @@ func (h *Handler) AuthRegister(c echo.Context) error {
 		})
 	}
 
-	_, err = h.userRepo.Create(username, password, domain.ScopeRecipeRead)
+	_, err = h.users.Create(username, password, domain.ScopeRecipeRead)
 	if err != nil {
 		return c.JSON(http.StatusInternalServerError, domain.ErrorResponse{
 			Success: false,
@@ -73,27 +73,38 @@ func (h *Handler) AuthLogin(c echo.Context) error {
 	}
 
 	// check if the user exists
-	err := h.UserService.DoesUserExist(username)
+	err := h.users.DoesUserExist(username)
 	if err != nil {
 		return h.InternalServerErrorResponse(c, err.Error())
 	}
 
 	// make sure the hash matches
-	err = h.UserService.DoesPasswordMatchHash(username, password)
+	err = h.users.DoesPasswordMatchHash(username, password)
 	if err != nil {
 		return h.InternalServerErrorResponse(c, err.Error())
 	}
 
-	token, err := h.generateJwt(username, h.Config.ApiUri)
+	// TODO think about moving this down some?
+	expiresAt := time.Now().Add(time.Hour * 48)
+
+	jwt, err := h.generateJwtWithExp(username, h.Config.ApiUri, expiresAt)
+	if err != nil {
+		return h.InternalServerErrorResponse(c, err.Error())
+	}
+
+	refresh, err := h.refreshTokens.Create(username)
 	if err != nil {
 		return h.InternalServerErrorResponse(c, err.Error())
 	}
 
 	return c.JSON(http.StatusOK, domain.LoginResponse{
-		Success:      true,
+		BaseResponse: domain.BaseResponse{
-		Token:        token,
+			Success: true,
+			Message: "OK",
+		},
+		Token:        jwt,
 		Type:         "Bearer",
-		RefreshToken: "",
+		RefreshToken: refresh,
 	})
 }
 
@@ -108,7 +119,7 @@ func (h *Handler) validateAdminToken(c echo.Context, password string) error {
 		return h.ReturnUnauthorizedResponse(c, ErrUserNotFound)
 	}
 
-	token, err := h.generateAdminJwt("admin")
+	token, err := h.generateJwt("admin", h.Config.ApiUri)
 	if err != nil {
 		return h.InternalServerErrorResponse(c, err.Error())
 	}
@@ -116,6 +127,41 @@ func (h *Handler) validateAdminToken(c echo.Context, password string) error {
 	return c.JSON(http.StatusOK, token)
 }
 
+// This will take collect some information about the requested refresh, validate and then return a new jwt token if approved.
+func (h *Handler) RefreshJwtToken(c echo.Context) error {
+	// Check the context for the refresh token
+	var request domain.RefreshTokenRequest
+	err := (&echo.DefaultBinder{}).BindBody(c, &request)
+	if err != nil {
+		return h.InternalServerErrorResponse(c, err.Error())
+	}
+
+	err = h.refreshTokens.IsRequestValid(request.Username, request.RefreshToken)
+	if err != nil {
+		return h.InternalServerErrorResponse(c, err.Error())
+	}
+
+	jwt, err := h.generateJwtWithExp(request.Username, h.Config.ApiUri, time.Now().Add(time.Hour * 48))
+	if err!= nil {
+		return h.InternalServerErrorResponse(c, err.Error())
+	}
+
+	newRefreshToken, err := h.refreshTokens.Create(request.Username)
+	if err != nil {
+		return h.InternalServerErrorResponse(c, err.Error())
+	}
+
+	return c.JSON(http.StatusOK, domain.LoginResponse{
+		BaseResponse: domain.BaseResponse{
+			Success: true,
+			Message: "OK",
+		},
+		Token:        jwt,
+		Type:         "Bearer",
+		RefreshToken: newRefreshToken,
+	})
+}
+
 func (h *Handler) AddScopes(c echo.Context) error {
 	token, err := h.getJwtToken(c)
 	if err != nil {
@@ -136,7 +182,7 @@ func (h *Handler) AddScopes(c echo.Context) error {
 		})
 	}
 
-	err = h.UserService.AddScopes(request.Username, request.Scopes)
+	err = h.users.AddScopes(request.Username, request.Scopes)
 	if err != nil {
 		return h.InternalServerErrorResponse(c, err.Error())
 	}
@@ -166,7 +212,7 @@ func (h *Handler) RemoveScopes(c echo.Context) error {
 		})
 	}
 
-	err = h.UserService.RemoveScopes(request.Username, request.Scopes)
+	err = h.users.RemoveScopes(request.Username, request.Scopes)
 	if err != nil {
 		return h.InternalServerErrorResponse(c, err.Error())
 	}
@@ -176,10 +222,6 @@ func (h *Handler) RemoveScopes(c echo.Context) error {
 	})
 }
 
-func (h *Handler) RefreshJwtToken(c echo.Context) error {
-	return nil
-}
-
 func (h *Handler) getJwtToken(c echo.Context) (JwtToken, error) {
 	// Make sure that the request came with a jwtToken
 	token, ok := c.Get("user").(*jwt.Token)

internal/handlers/v1/auth_test.go

@@ -8,8 +8,8 @@ import (
 	"strings"
 	"testing"
 
-	v1 "git.jamestombleson.com/jtom38/go-cook/api/handlers/v1"
+	v1 "git.jamestombleson.com/jtom38/go-cook/internal/handlers/v1"
-	"git.jamestombleson.com/jtom38/go-cook/api/domain"
+	"git.jamestombleson.com/jtom38/go-cook/internal/domain"
 
 	_ "github.com/glebarez/go-sqlite"
 	"github.com/labstack/echo/v4"

internal/handlers/v1/demo.go

@@ -4,23 +4,27 @@ import (
 	"fmt"
 	"net/http"
 
-	"git.jamestombleson.com/jtom38/go-cook/api/domain"
+	"git.jamestombleson.com/jtom38/go-cook/internal/domain"
 
 	"github.com/labstack/echo/v4"
 )
 
 func (h *Handler) DemoHello(c echo.Context) error {
 	return c.JSON(http.StatusOK, domain.HelloWhoResponse{
-		Success: true,
+		BaseResponse: domain.BaseResponse{
-		Message: "Hello world!",
+			Success: true,
+			Message: "Hello world!",
+		},
 	})
 }
 
 func (h *Handler) HelloWho(c echo.Context) error {
 	name := c.Param("who")
 	return c.JSON(http.StatusOK, domain.HelloWhoResponse{
-		Success: true,
+		BaseResponse: domain.BaseResponse{
-		Message: fmt.Sprintf("Hello, %s", name),
+			Success: true,
+			Message: fmt.Sprintf("Hello, %s", name),
+		},
 	})
 }
 
@@ -28,15 +32,14 @@ func (h *Handler) HelloBody(c echo.Context) error {
 	request := domain.HelloBodyRequest{}
 	err := (&echo.DefaultBinder{}).BindBody(c, &request)
 	if err != nil {
-		return c.JSON(http.StatusBadRequest, domain.HelloWhoResponse{
+		return h.InternalServerErrorResponse(c, err.Error())
-			Success: false,
-			Error:   err.Error(),
-		})
 	}
 
 	return c.JSON(http.StatusOK, domain.HelloWhoResponse{
-		Success: true,
+		BaseResponse: domain.BaseResponse{
-		Message: fmt.Sprintf("Hello, %s", request.Name),
+			Success: true,
+			Message: fmt.Sprintf("Hello, %s", request.Name),
+		},
 	})
 }
 

internal/handlers/v1/handler.go

@@ -4,9 +4,8 @@ import (
 	"database/sql"
 	"net/http"
 
-	"git.jamestombleson.com/jtom38/go-cook/api/repositories"
+	"git.jamestombleson.com/jtom38/go-cook/internal/domain"
-	"git.jamestombleson.com/jtom38/go-cook/api/services"
+	"git.jamestombleson.com/jtom38/go-cook/internal/services"
-	"git.jamestombleson.com/jtom38/go-cook/api/domain"
 
 	"github.com/golang-jwt/jwt/v5"
 	echojwt "github.com/labstack/echo-jwt/v4"
@@ -16,17 +15,18 @@ import (
 type Handler struct {
 	Config domain.EnvConfig
 
-	UserService services.UserService
+	users         services.UserService
-	userRepo    repositories.IUserTable
+	recipes       services.Recipes
-	recipeRepo  repositories.IRecipeTable
+	refreshTokens services.RefreshToken
 }
 
 func NewHandler(conn *sql.DB, cfg domain.EnvConfig) *Handler {
 	return &Handler{
-		Config:      cfg,
+		Config: cfg,
-		UserService: services.NewUserService(conn),
+
-		userRepo:    repositories.NewUserRepository(conn),
+		users:         services.NewUserService(conn),
-		recipeRepo:  repositories.NewRecipeRepository(conn),
+		recipes:       services.NewRecipesService(conn),
+		refreshTokens: services.NewRefreshTokenService(conn),
 	}
 }
 
@@ -44,6 +44,7 @@ func (h *Handler) Register(v1 *echo.Group) {
 	auth.Use(echojwt.WithConfig(jwtConfig))
 	auth.POST("/scopes/add", h.AddScopes)
 	auth.POST("/scopes/remove", h.RemoveScopes)
+	auth.POST("/refreshToken", h.RefreshJwtToken)
 
 	demo := v1.Group("/demo")
 	demo.GET("/hello", h.DemoHello)

internal/handlers/v1/jwt.go

@@ -5,7 +5,7 @@ import (
 	"strings"
 	"time"
 
-	"git.jamestombleson.com/jtom38/go-cook/api/domain"
+	"git.jamestombleson.com/jtom38/go-cook/internal/domain"
 
 	"github.com/golang-jwt/jwt/v5"
 )
@@ -57,40 +57,28 @@ func (j JwtToken) hasScope(scope string) error {
 }
 
 func (h *Handler) generateJwt(username, issuer string) (string, error) {
+	return h.generateJwtWithExp(username, issuer, time.Now().Add(10 * time.Minute))
+}
+
+func (h *Handler) generateJwtWithExp(username, issuer string, expiresAt time.Time) (string, error) {
 	secret := []byte(h.Config.JwtSecret)
 
 	// Anyone who wants to decrypt the key needs to use the same method
 	token := jwt.New(jwt.SigningMethodHS256)
 	claims := token.Claims.(jwt.MapClaims)
-	claims["exp"] = time.Now().Add(10 * time.Minute)
+	claims["exp"] = expiresAt
 	claims["authorized"] = true
 	claims["username"] = username
 	claims["iss"] = issuer
 
 	var scopes []string
-	scopes = append(scopes, domain.ScopeRecipeRead)
+	if (username == "admin") {
-	claims["scopes"] = scopes
+		scopes = append(scopes, domain.ScopeAll)
-
+		claims["scopes"] = scopes
-	tokenString, err := token.SignedString(secret)
+	} else {
-	if err != nil {
+		scopes = append(scopes, domain.ScopeRecipeRead)
-		return "", err
+		claims["scopes"] = scopes
-	}
+	}
-
-	return tokenString, nil
-}
-
-func (h *Handler) generateAdminJwt(username string) (string, error) {
-	secret := []byte(h.Config.JwtSecret)
-
-	token := jwt.New(jwt.SigningMethodHS256)
-	claims := token.Claims.(jwt.MapClaims)
-	claims["exp"] = time.Now().Add(10 * time.Minute)
-	claims["authorized"] = true
-	claims["username"] = username
-
-	var scopes []string
-	scopes = append(scopes, domain.ScopeAll)
-	claims["scopes"] = scopes
 
 	tokenString, err := token.SignedString(secret)
 	if err != nil {

internal/migrations/20240416180636_refreshtoken.sql

@@ -0,0 +1,16 @@
+-- +goose Up
+-- +goose StatementBegin
+SELECT 'up SQL query';
+CREATE TABLE RefreshTokens (
+    ID          INTEGER     PRIMARY KEY AUTOINCREMENT,
+    Username    TEXT        NOT NULL,
+    Token       TEXT        NOT NULL,
+    CreatedAt   DATETIME    NOT NULL,
+    LastUpdated DATETIME    NOT NULL
+) 
+-- +goose StatementEnd
+-- +goose Down
+-- +goose StatementBegin
+SELECT 'down SQL query';
+DROP TABLE IF EXISTS RefreshTokens;
+-- +goose StatementEnd

internal/repositories/recipe.go

@@ -4,7 +4,7 @@ import (
 	"database/sql"
 	"errors"
 
-	"git.jamestombleson.com/jtom38/go-cook/api/domain"
+	"git.jamestombleson.com/jtom38/go-cook/internal/domain"
 )
 
 type IRecipeTable interface {

internal/repositories/refreshTokens.go

@@ -0,0 +1,112 @@
+package repositories
+
+import (
+	"database/sql"
+	"errors"
+	"fmt"
+	"time"
+
+	"git.jamestombleson.com/jtom38/go-cook/internal/domain"
+	"github.com/huandu/go-sqlbuilder"
+)
+
+const (
+	refreshTokenTableName = "RefreshTokens"
+)
+
+type RefreshTokenTable interface {
+	Create(username string, token string) (int64, error)
+	GetByUsername(name string) (domain.RefreshTokenEntity, error)
+	DeleteById(id int64) (int64, error)
+}
+
+type RefreshTokenRepository struct {
+	connection *sql.DB
+}
+
+func NewRefreshTokenRepository(conn *sql.DB) RefreshTokenRepository {
+	return RefreshTokenRepository{
+		connection: conn,
+	}
+}
+
+func (rt RefreshTokenRepository) Create(username string, token string) (int64, error) {
+	dt := time.Now()
+	builder := sqlbuilder.NewInsertBuilder()
+	builder.InsertInto(refreshTokenTableName)
+	builder.Cols("Username", "Token", "CreatedAt", "LastUpdated")
+	builder.Values(username, token, dt, dt)
+	query, args := builder.Build()
+
+	_, err := rt.connection.Exec(query, args...)
+	if err != nil {
+		return 0, err
+	}
+
+	return 1, nil
+}
+
+func (rt RefreshTokenRepository) GetByUsername(name string) (domain.RefreshTokenEntity, error) {
+	builder := sqlbuilder.NewSelectBuilder()
+	builder.Select("*").From(refreshTokenTableName).Where(
+		builder.E("Username", name),
+	)
+
+	query, args := builder.Build()
+	rows, err := rt.connection.Query(query, args...)
+	if err != nil {
+		return domain.RefreshTokenEntity{}, err
+	}
+
+	data := rt.processRows(rows)
+	if len(data) == 0 {
+		return domain.RefreshTokenEntity{}, errors.New("no token found for user")
+	}
+
+	return data[0], nil
+}
+
+func (rt RefreshTokenRepository) DeleteById(id int64) (int64, error) {
+	builder := sqlbuilder.NewDeleteBuilder()
+	builder.DeleteFrom(refreshTokenTableName)
+	builder.Where(
+		builder.EQ("Id", id),
+	)
+
+	query, args := builder.Build()
+	rows, err := rt.connection.Exec(query, args...)
+	if err != nil {
+		return -1, err
+	}
+
+	return rows.RowsAffected()
+}
+
+func (rd RefreshTokenRepository) processRows(rows *sql.Rows) []domain.RefreshTokenEntity {
+	items := []domain.RefreshTokenEntity{}
+
+	for rows.Next() {
+		var id int64
+		var username string
+		var token string
+		var createdAt time.Time
+		var lastUpdated time.Time
+
+		err := rows.Scan(&id, &username, &token, &createdAt, &lastUpdated)
+		if err != nil {
+			fmt.Println(err)
+		}
+
+		items = append(items, domain.RefreshTokenEntity{
+			Id:          id,
+			Username:    username,
+			Token:       token,
+			CreatedAt:   createdAt,
+			LastUpdated: lastUpdated,
+		})
+	}
+
+	return items
+}
+
+//func (rt RefreshTokenRepository) Delete()

internal/repositories/refreshTokens_test.go

@@ -0,0 +1,110 @@
+package repositories_test
+
+import (
+	"database/sql"
+	"testing"
+
+	"git.jamestombleson.com/jtom38/go-cook/internal/repositories"
+	_ "github.com/glebarez/go-sqlite"
+	"github.com/pressly/goose/v3"
+)
+
+func TestRefreshTokenCreate(t *testing.T) {
+	conn, err := setupInMemoryDb()
+	if err != nil {
+		t.Log(err)
+		t.FailNow()
+	}
+
+	client := repositories.NewRefreshTokenRepository(conn)
+	rows, err := client.Create("tester", "BadTokenDontUse")
+	if err != nil {
+		t.Log(err)
+		t.FailNow()
+	}
+
+	if rows == 0 {
+		t.Log("expected one row to come back but got 0")
+	}
+}
+
+func TestRefreshTokenGetByUsername(t *testing.T) {
+	conn, err := setupInMemoryDb()
+	if err != nil {
+		t.Log(err)
+		t.FailNow()
+	}
+
+	client := repositories.NewRefreshTokenRepository(conn)
+	rows, err := client.Create("tester", "BadTokenDoNotUse")
+	if err != nil {
+		t.Log(err)
+		t.FailNow()
+	}
+
+	if rows != 1 {
+		t.Log("expected a row to be added but not the wrong value back")
+		t.FailNow()
+	}
+
+	model, err := client.GetByUsername("tester")
+	if err != nil {
+		t.Log(err)
+		t.FailNow()
+	}
+
+	if model.Username != "tester" {
+		t.Log("got the wrong user back")
+		t.FailNow()
+	}
+}
+
+func TestRefreshTokenDeleteById(t *testing.T) {
+	conn, err := setupInMemoryDb()
+	if err != nil {
+		t.Log(err)
+		t.FailNow()
+	}
+
+	client := repositories.NewRefreshTokenRepository(conn)
+	_, err = client.Create("tester", "BadTokenDoNotUse")
+	if err != nil {
+		t.Log(err)
+		t.FailNow()
+	}
+
+	model, err := client.GetByUsername("tester")
+	if err != nil {
+		t.Log(err)
+		t.FailNow()
+	}
+
+	updated, err := client.DeleteById(model.Id)
+	if err != nil {
+		t.Log(err)
+		t.FailNow()
+	}
+
+	if updated != 1 {
+		t.Log("deleted the wrong number of records")
+		t.FailNow()
+	}
+}
+
+func setupInMemoryDb() (*sql.DB, error) {
+	db, err := sql.Open("sqlite", ":memory:")
+	if err != nil {
+		return nil, err
+	}
+
+	err = goose.SetDialect("sqlite3")
+	if err != nil {
+		return nil, err
+	}
+
+	err = goose.Up(db, "../migrations")
+	if err != nil {
+		return nil, err
+	}
+	return db, nil
+}

internal/repositories/users.go

@@ -6,7 +6,7 @@ import (
 	"fmt"
 	"time"
 
-	"git.jamestombleson.com/jtom38/go-cook/api/domain"
+	"git.jamestombleson.com/jtom38/go-cook/internal/domain"
 
 	"github.com/huandu/go-sqlbuilder"
 	"golang.org/x/crypto/bcrypt"
@@ -133,7 +133,7 @@ func (ur UserRepository) processRows(rows *sql.Rows) []domain.UserEntity {
 	items := []domain.UserEntity{}
 
 	for rows.Next() {
-		var id int
+		var id int64
 		var name string
 		var hash string
 		var createdAt time.Time

internal/repositories/users_test.go

@@ -5,8 +5,8 @@ import (
 	"log"
 	"testing"
 
-	"git.jamestombleson.com/jtom38/go-cook/api/repositories"
+	"git.jamestombleson.com/jtom38/go-cook/internal/repositories"
-	"git.jamestombleson.com/jtom38/go-cook/api/domain"
+	"git.jamestombleson.com/jtom38/go-cook/internal/domain"
 
 	"github.com/DATA-DOG/go-sqlmock"
 	_ "github.com/glebarez/go-sqlite"

internal/services/env.go

@@ -5,7 +5,7 @@ import (
 	"os"
 	"strconv"
 
-	"git.jamestombleson.com/jtom38/go-cook/api/domain"
+	"git.jamestombleson.com/jtom38/go-cook/internal/domain"
 
 	"github.com/joho/godotenv"
 )

internal/services/refreshTokenService.go

@@ -0,0 +1,86 @@
+package services
+
+import (
+	"database/sql"
+	"errors"
+
+	"git.jamestombleson.com/jtom38/go-cook/internal/domain"
+	"git.jamestombleson.com/jtom38/go-cook/internal/repositories"
+	"github.com/google/uuid"
+)
+
+const (
+	ErrUnexpectedAmountOfRowsUpdated = "got a unexpected of rows updated"
+)
+
+type RefreshToken interface {
+	Create(username string) (string, error)
+	GetByName(name string) (domain.RefreshTokenEntity, error)
+	Delete(id int64) (int64, error)
+	IsRequestValid(username, refreshToken string) error
+}
+
+// A new jwt token can be made if the user has the correct refresh token for the user.
+// It will also require the old JWT token so the expire time is pulled and part of the validation
+type RefreshTokenService struct {
+	table repositories.RefreshTokenTable
+}
+
+func NewRefreshTokenService(conn *sql.DB) RefreshTokenService {
+	return RefreshTokenService{
+		table: repositories.NewRefreshTokenRepository(conn),
+	}
+}
+
+func (rt RefreshTokenService) Create(username string) (string, error) {
+	//if a refresh token already exists for a user, reuse
+	existingToken, err := rt.GetByName(username)
+	if err == nil {
+		rowsRemoved, err := rt.Delete(existingToken.Id)
+		if err != nil {
+			return "", err
+		}
+
+		if rowsRemoved != 1 {
+			return "", errors.New(ErrUnexpectedAmountOfRowsUpdated)
+		}
+	}
+
+	token, err := uuid.NewV7()
+	if err != nil {
+		return "", err
+	}
+
+	rows, err := rt.table.Create(username, token.String())
+	if err != nil {
+		return "", err
+	}
+
+	if rows != 1 {
+		return "", errors.New("expected one row but got none")
+	}
+	return token.String(), nil
+}
+
+// Find the saved refresh token for a user and return it if it exists
+func (rt RefreshTokenService) GetByName(name string) (domain.RefreshTokenEntity, error) {
+	return rt.table.GetByUsername(name)
+}
+
+// This will request that a object is removed from the database
+func (rt RefreshTokenService) Delete(id int64) (int64, error) {
+	return rt.table.DeleteById(id)
+}
+
+func (rt RefreshTokenService) IsRequestValid(username, refreshToken string) error {
+	token, err := rt.GetByName(username)
+	if err != nil {
+		return err
+	}
+
+	if token.Token != refreshToken {
+		return errors.New("the refresh token given does not match")
+	}
+
+	return nil
+}

internal/services/userService.go

@@ -5,8 +5,8 @@ import (
 	"errors"
 	"strings"
 
-	"git.jamestombleson.com/jtom38/go-cook/api/domain"
+	"git.jamestombleson.com/jtom38/go-cook/internal/domain"
-	"git.jamestombleson.com/jtom38/go-cook/api/repositories"
+	"git.jamestombleson.com/jtom38/go-cook/internal/repositories"
 
 	"golang.org/x/crypto/bcrypt"
 )
@@ -17,6 +17,16 @@ const (
 	ErrInvalidPassword                 = "invalid password"
 )
 
+type Users interface {
+	DoesUserExist(username string) error
+	DoesPasswordMatchHash(username, password string) error
+	GetUser(username string) (domain.UserEntity, error)
+	AddScopes(username string, scopes []string) error
+	RemoveScopes(username string, scopes []string) error
+	Create(name, password, scope string) (domain.UserEntity, error)
+	CheckPasswordForRequirements(password string) error
+}
+
 // This will handle operations that are user related, but one layer higher then the repository
 type UserService struct {
 	repo repositories.IUserTable
@@ -111,7 +121,7 @@ func (us UserService) doesScopeExist(scopes []string, target string) bool {
 	return false
 }
 
-func (us UserService) CreateNewUser(name, password, scope string) (domain.UserEntity, error) {
+func (us UserService) Create(name, password, scope string) (domain.UserEntity, error) {
 	err := us.CheckPasswordForRequirements(password)
 	if err != nil {
 		return domain.UserEntity{}, err

internal/services/userService_test.go

@@ -3,7 +3,7 @@ package services_test
 import (
 	"testing"
 
-	"git.jamestombleson.com/jtom38/go-cook/api/services"
+	"git.jamestombleson.com/jtom38/go-cook/internal/services"
 
 	"github.com/DATA-DOG/go-sqlmock"
 )

rest.http

@@ -16,6 +16,15 @@ Content-Type: application/x-www-form-urlencoded
 
 password=lol
 
+### Try to refresh the token
+POST http://localhost:1323/api/v1/auth/refreshToken
+Content-Type: application/json
+Authorization: Bearer 
+
+{
+    "username": "test",
+    "refreshToken": ""
+}
 
 ### Add Scope to test user
 POST http://localhost:1323/api/v1/auth/scopes/add