Compare commits

..

No commits in common. "0c7c4d311e59003e2cacb5c54ae12081a92bf653" and "4981ef7f814500e5c6d70f9c19615bef8e282926" have entirely different histories.

24 changed files with 163 additions and 520 deletions

1
.gitignore vendored
View File

@ -10,7 +10,6 @@
*.dylib *.dylib
go-cook go-cook
*.db *.db
*.env
# Test binary, built with `go test -c` # Test binary, built with `go test -c`
*.test *.test

View File

@ -1,7 +0,0 @@
package domain
type UserDto struct {
Id int `json:"id"`
Name string `json:"name"`
Scopes string `json:"scopes"`
}

View File

@ -1,21 +0,0 @@
package domain
import "time"
type UserEntity struct {
Id int
CreatedAt time.Time
LastUpdated time.Time
Name string
Hash string
Scopes string
}
type RecipeEntity struct {
Id int32
CreatedAt time.Time
LastUpdated time.Time
Title string
Thumbnail string
Content string
}

View File

@ -1,6 +0,0 @@
package domain
type EnvConfig struct {
AdminToken string
JwtSecret string
}

View File

@ -1,10 +0,0 @@
package domain
type HelloBodyRequest struct {
Name string `json:"name" validate:"required"`
}
type UpdateScopesRequest struct {
Username string `json:"name"`
Scopes []string `json:"scopes" validate:"required"`
}

View File

@ -1,12 +0,0 @@
package domain
type ErrorResponse struct {
Success bool `json:"success"`
Message string `json:"message"`
}
type HelloWhoResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
Message string `json:"message"`
}

View File

@ -1,8 +0,0 @@
package domain
const (
ScopeAll = "all"
ScopeRecipeRead = "recipe:read"
ScopeRecipeCreate = "recipe:create"
ScopeRecipeDelete = "recipe:delete"
)

View File

@ -2,9 +2,10 @@ package v1
import ( import (
"errors" "errors"
"go-cook/api/domain" "go-cook/api/models"
"go-cook/api/repositories" "go-cook/api/repositories"
"net/http" "net/http"
"time"
"github.com/golang-jwt/jwt/v5" "github.com/golang-jwt/jwt/v5"
"github.com/labstack/echo/v4" "github.com/labstack/echo/v4"
@ -14,45 +15,61 @@ const (
ErrJwtMissing = "auth token is missing" ErrJwtMissing = "auth token is missing"
ErrJwtClaimsMissing = "claims missing on token" ErrJwtClaimsMissing = "claims missing on token"
ErrJwtExpired = "auth token has expired" ErrJwtExpired = "auth token has expired"
ErrJwtScopeMissing = "required scope is missing"
ErrUserNotFound = "requested user does not exist"
ErrUsernameAlreadyExists = "the requested username already exists"
) )
func (h *Handler) AuthRegister(c echo.Context) error { type JwtToken struct {
username := c.FormValue("username") Exp time.Time `json:"exp"`
password := c.FormValue("password") Authorized bool `json:"authorized"`
UserName string `json:"username"`
Token string `json:"token"`
jwt.RegisteredClaims
}
//username := c.QueryParam("username") func generateJwt(username string) (string, error) {
exists, err := h.userRepo.GetByName(username) //TODO use env here
secret := []byte("ThisIsABadSecretDontReallyUseThis")
token := jwt.New(jwt.SigningMethodHS256)
claims := token.Claims.(jwt.MapClaims)
claims["exp"] = time.Now().Add(10 * time.Minute)
claims["authorized"] = true
claims["username"] = username
tokenString, err := token.SignedString(secret)
if err != nil {
return "", err
}
return tokenString, nil
}
func (h *Handler) AuthRegister(c echo.Context) error {
username := c.QueryParam("username")
_, err := h.userRepo.GetByName(username)
if err != nil { if err != nil {
// if we have an err, validate that if its not user not found. // if we have an err, validate that if its not user not found.
// if the user is not found, we can use that name // if the user is not found, we can use that name
if err.Error() != repositories.ErrUserNotFound { if err.Error() != repositories.ErrUserNotFound {
return c.JSON(http.StatusInternalServerError, domain.ErrorResponse{ return c.JSON(http.StatusInternalServerError, models.ErrorResponse{
HttpCode: http.StatusInternalServerError,
Message: err.Error(), Message: err.Error(),
Success: true,
}) })
} }
} }
if exists.Name == username {
return h.InternalServerErrorResponse(c, ErrUsernameAlreadyExists)
}
//password := c.QueryParam("password") password := c.QueryParam("password")
err = h.UserService.CheckPasswordForRequirements(password) err = h.UserService.CheckPasswordForRequirements(password)
if err != nil { if err != nil {
return c.JSON(http.StatusInternalServerError, domain.ErrorResponse{ return c.JSON(http.StatusInternalServerError, models.ErrorResponse{
Success: false, HttpCode: http.StatusInternalServerError,
Message: err.Error(), Message: err.Error(),
}) })
} }
_, err = h.userRepo.Create(username, password, domain.ScopeRecipeRead) _, err = h.userRepo.Create(username, password)
if err != nil { if err != nil {
return c.JSON(http.StatusInternalServerError, domain.ErrorResponse{ return c.JSON(http.StatusInternalServerError, models.ErrorResponse{
Success: false, HttpCode: http.StatusInternalServerError,
Message: err.Error(), Message: err.Error(),
}) })
} }
@ -61,113 +78,29 @@ func (h *Handler) AuthRegister(c echo.Context) error {
} }
func (h *Handler) AuthLogin(c echo.Context) error { func (h *Handler) AuthLogin(c echo.Context) error {
username := c.FormValue("name") username := c.QueryParam("username")
password := c.FormValue("password") password := c.QueryParam("password")
// Check to see if they are trying to login with the admin token
if username == "" {
return h.validateAdminToken(c, password)
}
// check if the user exists // check if the user exists
err := h.UserService.DoesUserExist(username) err := h.UserService.DoesUserExist(username)
if err != nil { if err != nil {
return h.InternalServerErrorResponse(c, err.Error()) return c.JSON(http.StatusInternalServerError, err)
} }
// make sure the hash matches // make sure the hash matches
err = h.UserService.DoesPasswordMatchHash(username, password) err = h.UserService.DoesPasswordMatchHash(username, password)
if err != nil { if err != nil {
return h.InternalServerErrorResponse(c, err.Error()) return c.JSON(http.StatusInternalServerError, err)
} }
token, err := h.generateJwt(username) token, err := generateJwt(username)
if err != nil { if err != nil {
return h.InternalServerErrorResponse(c, err.Error()) return c.JSON(http.StatusInternalServerError, err)
} }
return c.JSON(http.StatusOK, token) return c.JSON(http.StatusOK, token)
} }
func (h *Handler) validateAdminToken(c echo.Context, password string) error {
// if the admin token is blank, then the admin wanted this disabled.
// this will fail right away and not progress.
if h.Config.AdminToken == "" {
return h.InternalServerErrorResponse(c, ErrUserNotFound)
}
if h.Config.AdminToken != password {
return h.ReturnUnauthorizedResponse(c, ErrUserNotFound)
}
token, err := h.generateAdminJwt("admin")
if err != nil {
return h.InternalServerErrorResponse(c, err.Error())
}
return c.JSON(http.StatusOK, token)
}
func (h *Handler) AddScopes(c echo.Context) error {
token, err := h.getJwtToken(c)
if err != nil {
return h.ReturnUnauthorizedResponse(c, err.Error())
}
err = token.IsValid(domain.ScopeAll)
if err != nil {
return h.ReturnUnauthorizedResponse(c, err.Error())
}
request := domain.UpdateScopesRequest{}
err = (&echo.DefaultBinder{}).BindBody(c, &request)
if err != nil {
return c.JSON(http.StatusBadRequest, domain.ErrorResponse{
Success: false,
Message: err.Error(),
})
}
err = h.UserService.AddScopes(request.Username, request.Scopes)
if err != nil {
return h.InternalServerErrorResponse(c, err.Error())
}
return c.JSON(http.StatusOK, domain.ErrorResponse{
Success: true,
})
}
func (h *Handler) RemoveScopes(c echo.Context) error {
token, err := h.getJwtToken(c)
if err != nil {
return h.ReturnUnauthorizedResponse(c, err.Error())
}
err = token.IsValid(domain.ScopeAll)
if err != nil {
return h.ReturnUnauthorizedResponse(c, err.Error())
}
request := domain.UpdateScopesRequest{}
err = (&echo.DefaultBinder{}).BindBody(c, &request)
if err != nil {
return c.JSON(http.StatusBadRequest, domain.ErrorResponse{
Success: false,
Message: err.Error(),
})
}
err = h.UserService.RemoveScopes(request.Username, request.Scopes)
if err != nil {
return h.InternalServerErrorResponse(c, err.Error())
}
return c.JSON(http.StatusOK, domain.ErrorResponse{
Success: true,
})
}
func (h *Handler) RefreshJwtToken(c echo.Context) error { func (h *Handler) RefreshJwtToken(c echo.Context) error {
return nil return nil
} }
@ -185,5 +118,11 @@ func (h *Handler) getJwtToken(c echo.Context) (JwtToken, error) {
return JwtToken{}, errors.New(ErrJwtClaimsMissing) return JwtToken{}, errors.New(ErrJwtClaimsMissing)
} }
// Check to see if the token has expired
hasExpired := claims.Exp.Compare(time.Now())
if hasExpired == -1 {
return JwtToken{}, errors.New(ErrJwtExpired)
}
return *claims, nil return *claims, nil
} }

View File

@ -2,14 +2,20 @@ package v1
import ( import (
"fmt" "fmt"
"go-cook/api/domain" "go-cook/api/models"
"net/http" "net/http"
"github.com/labstack/echo/v4" "github.com/labstack/echo/v4"
) )
type HelloWhoResponse struct {
Success bool `json:"success"`
Error string `error:"error"`
Message string `json:"message"`
}
func (h *Handler) DemoHello(c echo.Context) error { func (h *Handler) DemoHello(c echo.Context) error {
return c.JSON(http.StatusOK, domain.HelloWhoResponse{ return c.JSON(http.StatusOK, HelloWhoResponse{
Success: true, Success: true,
Message: "Hello world!", Message: "Hello world!",
}) })
@ -17,23 +23,27 @@ func (h *Handler) DemoHello(c echo.Context) error {
func (h *Handler) HelloWho(c echo.Context) error { func (h *Handler) HelloWho(c echo.Context) error {
name := c.Param("who") name := c.Param("who")
return c.JSON(http.StatusOK, domain.HelloWhoResponse{ return c.JSON(http.StatusOK, HelloWhoResponse{
Success: true, Success: true,
Message: fmt.Sprintf("Hello, %s", name), Message: fmt.Sprintf("Hello, %s", name),
}) })
} }
type HelloBodyRequest struct {
Name string `json:"name" validate:"required"`
}
func (h *Handler) HelloBody(c echo.Context) error { func (h *Handler) HelloBody(c echo.Context) error {
request := domain.HelloBodyRequest{} request := HelloBodyRequest{}
err := (&echo.DefaultBinder{}).BindBody(c, &request) err := (&echo.DefaultBinder{}).BindBody(c, &request)
if err != nil { if err != nil {
return c.JSON(http.StatusBadRequest, domain.HelloWhoResponse{ return c.JSON(http.StatusBadRequest, HelloWhoResponse{
Success: false, Success: false,
Error: err.Error(), Error: err.Error(),
}) })
} }
return c.JSON(http.StatusOK, domain.HelloWhoResponse{ return c.JSON(http.StatusOK, HelloWhoResponse{
Success: true, Success: true,
Message: fmt.Sprintf("Hello, %s", request.Name), Message: fmt.Sprintf("Hello, %s", request.Name),
}) })
@ -42,12 +52,10 @@ func (h *Handler) HelloBody(c echo.Context) error {
func (h *Handler) ProtectedRoute(c echo.Context) error { func (h *Handler) ProtectedRoute(c echo.Context) error {
token, err := h.getJwtToken(c) token, err := h.getJwtToken(c)
if err != nil { if err != nil {
h.ReturnUnauthorizedResponse(c, err.Error()) return c.JSON(http.StatusForbidden, models.ErrorResponse{
} HttpCode: http.StatusForbidden,
Message: err.Error(),
err = token.IsValid(domain.ScopeRecipeRead) })
if err != nil {
h.ReturnUnauthorizedResponse(c, ErrJwtScopeMissing)
} }
return c.JSON(http.StatusOK, token) return c.JSON(http.StatusOK, token)

View File

@ -2,10 +2,8 @@ package v1
import ( import (
"database/sql" "database/sql"
"go-cook/api/domain"
"go-cook/api/repositories" "go-cook/api/repositories"
"go-cook/api/services" "go-cook/api/services"
"net/http"
"github.com/golang-jwt/jwt/v5" "github.com/golang-jwt/jwt/v5"
echojwt "github.com/labstack/echo-jwt/v4" echojwt "github.com/labstack/echo-jwt/v4"
@ -13,16 +11,13 @@ import (
) )
type Handler struct { type Handler struct {
Config domain.EnvConfig
UserService services.UserService UserService services.UserService
userRepo repositories.IUserTable userRepo repositories.IUserTable
recipeRepo repositories.IRecipeTable recipeRepo repositories.IRecipeTable
} }
func NewHandler(conn *sql.DB, cfg domain.EnvConfig) *Handler { func NewHandler(conn *sql.DB) *Handler {
return &Handler{ return &Handler{
Config: cfg,
UserService: services.NewUserService(conn), UserService: services.NewUserService(conn),
userRepo: repositories.NewUserRepository(conn), userRepo: repositories.NewUserRepository(conn),
recipeRepo: repositories.NewRecipeRepository(conn), recipeRepo: repositories.NewRecipeRepository(conn),
@ -34,17 +29,13 @@ func (h *Handler) Register(v1 *echo.Group) {
NewClaimsFunc: func(c echo.Context) jwt.Claims { NewClaimsFunc: func(c echo.Context) jwt.Claims {
return new(JwtToken) return new(JwtToken)
}, },
SigningKey: []byte(h.Config.JwtSecret), SigningKey: []byte("ThisIsABadSecretDontReallyUseThis"),
} }
auth := v1.Group("/auth") v1.POST("/login", h.AuthLogin)
auth.POST("/login", h.AuthLogin) v1.POST("/register", h.AuthRegister)
auth.POST("/register", h.AuthRegister)
auth.Use(echojwt.WithConfig(jwtConfig))
auth.POST("/scopes/add", h.AddScopes)
auth.POST("/scopes/remove", h.RemoveScopes)
demo := v1.Group("/demo") demo := v1.Group("/demo")
demo.GET("/hello", h.DemoHello) demo.GET("/hello", h.DemoHello)
demo.GET("/hello/:who", h.HelloWho) demo.GET("/hello/:who", h.HelloWho)
@ -62,17 +53,3 @@ func (h *Handler) Register(v1 *echo.Group) {
//users.POST("/login", h.LoginUser) //users.POST("/login", h.LoginUser)
//users.POST("/update/password", h.UpdatePassword) //users.POST("/update/password", h.UpdatePassword)
} }
func (h *Handler) ReturnUnauthorizedResponse(c echo.Context, message string) error {
return c.JSON(http.StatusUnauthorized, domain.ErrorResponse{
Success: false,
Message: message,
})
}
func (h *Handler) InternalServerErrorResponse(c echo.Context, message string) error {
return c.JSON(http.StatusServiceUnavailable, domain.ErrorResponse{
Success: false,
Message: message,
})
}

View File

@ -1,98 +0,0 @@
package v1
import (
"errors"
"go-cook/api/domain"
"strings"
"time"
"github.com/golang-jwt/jwt/v5"
)
type JwtToken struct {
Exp time.Time `json:"exp"`
Iss string `json:"iss"`
Authorized bool `json:"authorized"`
UserName string `json:"username"`
Scopes []string `json:"scopes"`
jwt.RegisteredClaims
}
func (j JwtToken) IsValid(scope string) error {
err := j.hasExpired()
if err != nil {
return err
}
err = j.hasScope(scope)
if err != nil {
return err
}
return nil
}
func (j JwtToken) hasExpired() error {
// Check to see if the token has expired
hasExpired := j.Exp.Compare(time.Now())
if hasExpired == -1 {
return errors.New(ErrJwtExpired)
}
return nil
}
func (j JwtToken) hasScope(scope string) error {
// they have the scope to access everything, so let them pass.
if strings.Contains(domain.ScopeAll, scope) {
return nil
}
for _, s := range j.Scopes {
if strings.Contains(s, scope) {
return nil
}
}
return errors.New(ErrJwtScopeMissing)
}
func (h *Handler) generateJwt(username string) (string, error) {
secret := []byte(h.Config.JwtSecret)
token := jwt.New(jwt.SigningMethodHS256)
claims := token.Claims.(jwt.MapClaims)
claims["exp"] = time.Now().Add(10 * time.Minute)
claims["authorized"] = true
claims["username"] = username
var scopes []string
scopes = append(scopes, domain.ScopeRecipeRead)
claims["scopes"] = scopes
tokenString, err := token.SignedString(secret)
if err != nil {
return "", err
}
return tokenString, nil
}
func (h *Handler) generateAdminJwt(username string) (string, error) {
secret := []byte(h.Config.JwtSecret)
token := jwt.New(jwt.SigningMethodHS256)
claims := token.Claims.(jwt.MapClaims)
claims["exp"] = time.Now().Add(10 * time.Minute)
claims["authorized"] = true
claims["username"] = username
var scopes []string
scopes = append(scopes, domain.ScopeAll)
claims["scopes"] = scopes
tokenString, err := token.SignedString(secret)
if err != nil {
return "", err
}
return tokenString, nil
}

View File

@ -1,10 +0,0 @@
-- +goose Up
-- +goose StatementBegin
SELECT 'up SQL query';
ALTER Table USERS ADD Scopes TEXT;
-- +goose StatementEnd
-- +goose Down
-- +goose StatementBegin
SELECT 'down SQL query';
ALTER TABLE USERS DROP COLUMN Scopes;
-- +goose StatementEnd

12
api/models/recipe.go Normal file
View File

@ -0,0 +1,12 @@
package models
import "time"
type RecipeModel struct {
Id int32
Title string
Thumbnail string
Content string
CreatedAt time.Time
LastUpdated time.Time
}

6
api/models/std.go Normal file
View File

@ -0,0 +1,6 @@
package models
type ErrorResponse struct {
HttpCode int `json:"code"`
Message string `json:"message"`
}

15
api/models/users.go Normal file
View File

@ -0,0 +1,15 @@
package models
import "time"
type UserModel struct {
Id int
Name string
Hash string
CreatedAt time.Time
LastUpdated time.Time
}
type UserDto struct {
}

View File

@ -3,14 +3,14 @@ package repositories
import ( import (
"database/sql" "database/sql"
"errors" "errors"
"go-cook/api/domain" "go-cook/api/models"
) )
type IRecipeTable interface { type IRecipeTable interface {
Create(domain.RecipeEntity) error Create(models.RecipeModel) error
List() ([]domain.RecipeEntity, error) List() ([]models.RecipeModel, error)
Get(id int) (domain.RecipeEntity, error) Get(id int) (models.RecipeModel, error)
Update(id int, entity domain.RecipeEntity) error Update(id int, entity models.RecipeModel) error
Delete(id int) error Delete(id int) error
} }
@ -24,19 +24,19 @@ func NewRecipeRepository(client *sql.DB) RecipeRepository {
} }
} }
func (rr RecipeRepository) Create(domain.RecipeEntity) error { func (rr RecipeRepository) Create(models.RecipeModel) error {
return errors.New("not implemented") return errors.New("not implemented")
} }
func (rr RecipeRepository) List() ([]domain.RecipeEntity, error) { func (rr RecipeRepository) List() ([]models.RecipeModel, error) {
return []domain.RecipeEntity{}, errors.New("not implemented") return []models.RecipeModel{}, errors.New("not implemented")
} }
func (rr RecipeRepository) Get(id int) (domain.RecipeEntity, error) { func (rr RecipeRepository) Get(id int) (models.RecipeModel, error) {
return domain.RecipeEntity{}, errors.New("not implemented") return models.RecipeModel{}, errors.New("not implemented")
} }
func (rr RecipeRepository) Update(id int, entity domain.RecipeEntity) error { func (rr RecipeRepository) Update(id int, entity models.RecipeModel) error {
return errors.New("not implemented") return errors.New("not implemented")
} }

View File

@ -4,7 +4,7 @@ import (
"database/sql" "database/sql"
"errors" "errors"
"fmt" "fmt"
"go-cook/api/domain" "go-cook/api/models"
"time" "time"
"github.com/huandu/go-sqlbuilder" "github.com/huandu/go-sqlbuilder"
@ -17,12 +17,11 @@ const (
) )
type IUserTable interface { type IUserTable interface {
GetByName(name string) (domain.UserEntity, error) GetByName(name string) (models.UserModel, error)
Create(name, password, scope string) (int64, error) Create(name, password string) (int64, error)
Update(id int, entity domain.UserEntity) error Update(id int, entity models.UserModel) error
UpdatePassword(name, password string) error UpdatePassword(name, password string) error
CheckUserHash(name, password string) error CheckUserHash(name, password string) error
UpdateScopes(name, scope string) error
} }
// Creates a new instance of UserRepository with the bound sql // Creates a new instance of UserRepository with the bound sql
@ -36,7 +35,7 @@ type UserRepository struct {
connection *sql.DB connection *sql.DB
} }
func (ur UserRepository) GetByName(name string) (domain.UserEntity, error) { func (ur UserRepository) GetByName(name string) (models.UserModel, error) {
builder := sqlbuilder.NewSelectBuilder() builder := sqlbuilder.NewSelectBuilder()
builder.Select("*").From("users").Where( builder.Select("*").From("users").Where(
builder.E("Name", name), builder.E("Name", name),
@ -45,18 +44,18 @@ func (ur UserRepository) GetByName(name string) (domain.UserEntity, error) {
rows, err := ur.connection.Query(query, args...) rows, err := ur.connection.Query(query, args...)
if err != nil { if err != nil {
return domain.UserEntity{}, err return models.UserModel{}, err
} }
data := ur.processRows(rows) data := ur.processRows(rows)
if len(data) == 0 { if (len(data) == 0) {
return domain.UserEntity{}, errors.New(ErrUserNotFound) return models.UserModel{}, errors.New(ErrUserNotFound)
} }
return data[0], nil return data[0], nil
} }
func (ur UserRepository) Create(name, password, scope string) (int64, error) { func (ur UserRepository) Create(name, password string) (int64, error) {
passwordBytes := []byte(password) passwordBytes := []byte(password)
hash, err := bcrypt.GenerateFromPassword(passwordBytes, bcrypt.DefaultCost) hash, err := bcrypt.GenerateFromPassword(passwordBytes, bcrypt.DefaultCost)
if err != nil { if err != nil {
@ -66,8 +65,8 @@ func (ur UserRepository) Create(name, password, scope string) (int64, error) {
dt := time.Now() dt := time.Now()
queryBuilder := sqlbuilder.NewInsertBuilder() queryBuilder := sqlbuilder.NewInsertBuilder()
queryBuilder.InsertInto("users") queryBuilder.InsertInto("users")
queryBuilder.Cols("Name", "Hash", "LastUpdated", "CreatedAt", "Scopes") queryBuilder.Cols("Name", "Hash", "LastUpdated", "CreatedAt")
queryBuilder.Values(name, string(hash), dt, dt, scope) queryBuilder.Values(name, string(hash), dt, dt)
query, args := queryBuilder.Build() query, args := queryBuilder.Build()
_, err = ur.connection.Exec(query, args...) _, err = ur.connection.Exec(query, args...)
@ -78,7 +77,7 @@ func (ur UserRepository) Create(name, password, scope string) (int64, error) {
return 1, nil return 1, nil
} }
func (ur UserRepository) Update(id int, entity domain.UserEntity) error { func (ur UserRepository) Update(id int, entity models.UserModel) error {
return errors.New("not implemented") return errors.New("not implemented")
} }
@ -110,26 +109,8 @@ func (ur UserRepository) CheckUserHash(name, password string) error {
return nil return nil
} }
func (ur UserRepository) UpdateScopes(name, scope string) error { func (ur UserRepository) processRows(rows *sql.Rows) []models.UserModel {
builder := sqlbuilder.NewUpdateBuilder() items := []models.UserModel{}
builder.Update("users")
builder.Set (
builder.Assign("Scopes", scope),
)
builder.Where(
builder.Equal("Name", name),
)
query, args := builder.Build()
_, err := ur.connection.Exec(query, args...)
if err != nil {
return err
}
return nil
}
func (ur UserRepository) processRows(rows *sql.Rows) []domain.UserEntity {
items := []domain.UserEntity{}
for rows.Next() { for rows.Next() {
var id int var id int
@ -137,17 +118,15 @@ func (ur UserRepository) processRows(rows *sql.Rows) []domain.UserEntity {
var hash string var hash string
var createdAt time.Time var createdAt time.Time
var lastUpdated time.Time var lastUpdated time.Time
var scopes string err := rows.Scan(&id, &name, &hash, &createdAt, &lastUpdated)
err := rows.Scan(&id, &name, &hash, &createdAt, &lastUpdated, &scopes)
if err != nil { if err != nil {
fmt.Println(err) fmt.Println(err)
} }
items = append(items, domain.UserEntity{ items = append(items, models.UserModel{
Id: id, Id: id,
Name: name, Name: name,
Hash: hash, Hash: hash,
Scopes: scopes,
CreatedAt: createdAt, CreatedAt: createdAt,
LastUpdated: lastUpdated, LastUpdated: lastUpdated,
}) })

View File

@ -2,7 +2,6 @@ package repositories_test
import ( import (
"database/sql" "database/sql"
"go-cook/api/domain"
"go-cook/api/repositories" "go-cook/api/repositories"
"log" "log"
"testing" "testing"
@ -21,7 +20,7 @@ func TestCanCreateNewUser(t *testing.T) {
defer db.Close() defer db.Close()
repo := repositories.NewUserRepository(db) repo := repositories.NewUserRepository(db)
updated, err := repo.Create("testing", "NotSecure", domain.ScopeRecipeRead) updated, err := repo.Create("testing", "NotSecure")
if err != nil { if err != nil {
log.Println(err) log.Println(err)
t.FailNow() t.FailNow()

View File

@ -1,21 +0,0 @@
package services
import (
"go-cook/api/domain"
"log"
"os"
"github.com/joho/godotenv"
)
func NewEnvConfig() domain.EnvConfig {
err := godotenv.Load()
if err != nil {
log.Println(err)
}
return domain.EnvConfig{
AdminToken: os.Getenv("AdminToken"),
JwtSecret: os.Getenv("JwtSecret"),
}
}

View File

@ -3,7 +3,7 @@ package services
import ( import (
"database/sql" "database/sql"
"errors" "errors"
"go-cook/api/domain" "go-cook/api/models"
"go-cook/api/repositories" "go-cook/api/repositories"
"strings" "strings"
@ -36,6 +36,12 @@ func (us UserService) DoesUserExist(username string) error {
} }
func (us UserService) DoesPasswordMatchHash(username, password string) error { func (us UserService) DoesPasswordMatchHash(username, password string) error {
//passwordBytes := []byte(password)
//hash, err := bcrypt.GenerateFromPassword(passwordBytes, bcrypt.DefaultCost)
//if err != nil {
// return err
//}
model, err := us.GetUser(username) model, err := us.GetUser(username)
if err != nil { if err != nil {
return err return err
@ -49,75 +55,18 @@ func (us UserService) DoesPasswordMatchHash(username, password string) error {
return nil return nil
} }
func (us UserService) GetUser(username string) (domain.UserEntity, error) { func (us UserService) GetUser(username string) (models.UserModel, error) {
return us.repo.GetByName(username) return us.repo.GetByName(username)
} }
func (us UserService) AddScopes(username string, scopes []string) error { func (us UserService) CreateNewUser(name, password string) (models.UserModel, error) {
usr, err := us.repo.GetByName(username)
if err != nil {
return err
}
if usr.Name != username {
return errors.New(repositories.ErrUserNotFound)
}
currentScopes := strings.Split(usr.Scopes, ",")
// check the current scopes
for _, item := range scopes {
if !strings.Contains(usr.Scopes, item) {
currentScopes = append(currentScopes, item)
}
}
return us.repo.UpdateScopes(username, strings.Join(currentScopes, ","))
}
func (us UserService) RemoveScopes(username string, scopes []string) error {
usr, err := us.repo.GetByName(username)
if err != nil {
return err
}
if usr.Name != username {
return errors.New(repositories.ErrUserNotFound)
}
var newScopes []string
// check all the scopes that are currently assigned
for _, item := range strings.Split(usr.Scopes, ",") {
// check the scopes given, if one matches skip it
if us.doesScopeExist(scopes, item) {
continue
}
// did not match, add it
newScopes = append(newScopes, item)
}
return us.repo.UpdateScopes(username, strings.Join(newScopes, ","))
}
func (us UserService) doesScopeExist(scopes []string, target string) bool {
for _, item := range scopes {
if item == target {
return true
}
}
return false
}
func (us UserService) CreateNewUser(name, password, scope string) (domain.UserEntity, error) {
err := us.CheckPasswordForRequirements(password) err := us.CheckPasswordForRequirements(password)
if err != nil { if err != nil {
return domain.UserEntity{}, err return models.UserModel{}, err
} }
us.repo.Create(name, password, domain.ScopeRecipeRead) us.repo.Create(name, password)
return domain.UserEntity{}, nil return models.UserModel{}, nil
} }
func (us UserService) CheckPasswordForRequirements(password string) error { func (us UserService) CheckPasswordForRequirements(password string) error {

1
go.mod
View File

@ -25,7 +25,6 @@ require (
github.com/google/uuid v1.5.0 // indirect github.com/google/uuid v1.5.0 // indirect
github.com/huandu/go-sqlbuilder v1.25.0 // indirect github.com/huandu/go-sqlbuilder v1.25.0 // indirect
github.com/huandu/xstrings v1.3.2 // indirect github.com/huandu/xstrings v1.3.2 // indirect
github.com/joho/godotenv v1.5.1 // indirect
github.com/josharian/intern v1.0.0 // indirect github.com/josharian/intern v1.0.0 // indirect
github.com/labstack/echo-jwt/v4 v4.2.0 // indirect github.com/labstack/echo-jwt/v4 v4.2.0 // indirect
github.com/labstack/echo/v4 v4.11.4 // indirect github.com/labstack/echo/v4 v4.11.4 // indirect

2
go.sum
View File

@ -43,8 +43,6 @@ github.com/huandu/go-sqlbuilder v1.25.0 h1:h1l+6CqeCviPJCnkEZoRGNdfZ5RO9BKMvG3A+
github.com/huandu/go-sqlbuilder v1.25.0/go.mod h1:nUVmMitjOmn/zacMLXT0d3Yd3RHoO2K+vy906JzqxMI= github.com/huandu/go-sqlbuilder v1.25.0/go.mod h1:nUVmMitjOmn/zacMLXT0d3Yd3RHoO2K+vy906JzqxMI=
github.com/huandu/xstrings v1.3.2 h1:L18LIDzqlW6xN2rEkpdV8+oL/IXWJ1APd+vsdYy4Wdw= github.com/huandu/xstrings v1.3.2 h1:L18LIDzqlW6xN2rEkpdV8+oL/IXWJ1APd+vsdYy4Wdw=
github.com/huandu/xstrings v1.3.2/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= github.com/huandu/xstrings v1.3.2/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE=
github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0=
github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4=
github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY=
github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y=
github.com/kisielk/sqlstruct v0.0.0-20201105191214-5f3e10d3ab46/go.mod h1:yyMNCyc/Ib3bDTKd379tNMpB/7/H5TjM2Y9QJ5THLbE= github.com/kisielk/sqlstruct v0.0.0-20201105191214-5f3e10d3ab46/go.mod h1:yyMNCyc/Ib3bDTKd379tNMpB/7/H5TjM2Y9QJ5THLbE=

View File

@ -3,7 +3,6 @@ package main
import ( import (
"database/sql" "database/sql"
v1 "go-cook/api/handlers/v1" v1 "go-cook/api/handlers/v1"
"go-cook/api/services"
"log" "log"
"net/http" "net/http"
@ -22,8 +21,6 @@ func main() {
log.Fatal(err) log.Fatal(err)
} }
cfg := services.NewEnvConfig()
e := echo.New() e := echo.New()
e.Validator = &CustomValidator{ e.Validator = &CustomValidator{
validator: validator.New(), validator: validator.New(),
@ -33,7 +30,7 @@ func main() {
e.Pre(middleware.Recover()) e.Pre(middleware.Recover())
v1Group := e.Group("/api/v1") v1Group := e.Group("/api/v1")
v1Api := v1.NewHandler(db, cfg) v1Api := v1.NewHandler(db)
v1Api.Register(v1Group) v1Api.Register(v1Group)
e.Logger.Fatal(e.Start(":1323")) e.Logger.Fatal(e.Start(":1323"))

View File

@ -1,48 +1,7 @@
### Create a standard User
POST http://localhost:1323/api/v1/auth/register
Content-Type: application/x-www-form-urlencoded
name=test&password=test1234!
### Login with user
POST http://localhost:1323/api/v1/auth/login
Content-Type: application/x-www-form-urlencoded
name=test&password=test1234!
### Login with the admin token
POST http://localhost:1323/api/v1/auth/login
Content-Type: application/x-www-form-urlencoded
password=lol
### Add Scope to test user
POST http://localhost:1323/api/v1/auth/scopes/add
Content-Type: application/json
Authorization: Bearer
{
"name": "test",
"scopes": [
"recipe:create"
]
}
### Remove scope from test user
POST http://localhost:1323/api/v1/auth/scopes/remove
Content-Type: application/json
Authorization: Bearer
{
"name": "test",
"scopes": [
"recipe:create"
]
}
### ###
POST http://localhost:1323/api/v1/ POST http://localhost:1323/api/v1/register?username=test&password=test1234!
###
POST http://localhost:1323/api/v1/login?username=test&password=test1234!
### ###
GET http://localhost:1323/api/v1/demo/hello GET http://localhost:1323/api/v1/demo/hello
### ###