From 90a60c185b1f470e08cce63c27f5c0903242b34b Mon Sep 17 00:00:00 2001 From: Nabil Ould Hamou Date: Thu, 15 Feb 2024 00:36:17 +0100 Subject: [PATCH] Initial commit --- .env | 3 + api/api.go | 11 +++ controllers/authController.go | 159 ++++++++++++++++++++++++++++++++++ controllers/userController.go | 77 ++++++++++++++++ go.mod | 42 +++++++++ go.sum | 103 ++++++++++++++++++++++ initializers/assets.go | 15 ++++ initializers/database.go | 19 ++++ initializers/loadEnv.go | 14 +++ main.go | 40 +++++++++ middleware/requireAuth.go | 36 ++++++++ migrate/migration.go | 26 ++++++ models/userModel.go | 20 +++++ tokens/tokenParser.go | 44 ++++++++++ 14 files changed, 609 insertions(+) create mode 100644 .env create mode 100644 api/api.go create mode 100644 controllers/authController.go create mode 100644 controllers/userController.go create mode 100644 go.mod create mode 100644 go.sum create mode 100644 initializers/assets.go create mode 100644 initializers/database.go create mode 100644 initializers/loadEnv.go create mode 100644 main.go create mode 100644 middleware/requireAuth.go create mode 100644 migrate/migration.go create mode 100644 models/userModel.go create mode 100644 tokens/tokenParser.go diff --git a/.env b/.env new file mode 100644 index 0000000..49f2c83 --- /dev/null +++ b/.env @@ -0,0 +1,3 @@ +DSN="" +JWT_SECRET="" +GIN_MODE="debug" diff --git a/api/api.go b/api/api.go new file mode 100644 index 0000000..ab441bf --- /dev/null +++ b/api/api.go @@ -0,0 +1,11 @@ +package api + +import "github.com/gin-gonic/gin" + +var Router *gin.Engine +var Api *gin.RouterGroup + +func CreateRouter() { + Router = gin.Default() + Api = Router.Group("/api") +} diff --git a/controllers/authController.go b/controllers/authController.go new file mode 100644 index 0000000..6456e17 --- /dev/null +++ b/controllers/authController.go @@ -0,0 +1,159 @@ +package controllers + +import ( + "errors" + "github.com/gin-gonic/gin" + "github.com/golang-jwt/jwt" + "github.com/google/uuid" + "go-backend-starter-project/initializers" + "go-backend-starter-project/models" + "go-backend-starter-project/tokens" + "golang.org/x/crypto/bcrypt" + "gorm.io/gorm" + "net/http" + "os" + "time" +) + +func Signup(c *gin.Context) { + var body struct { + Username string + Email string + Password string + } + + if err := c.Bind(&body); err != nil { + c.JSON(http.StatusBadRequest, gin.H{"error": "Invalid request format"}) + return + } + + if body.Username == "" || body.Email == "" || body.Password == "" { + c.JSON(http.StatusBadRequest, gin.H{"error": "Missing required fields"}) + return + } + + hashedPassword, err := bcrypt.GenerateFromPassword([]byte(body.Password), bcrypt.DefaultCost) + if err != nil { + c.Status(http.StatusInternalServerError) + } + + user := models.User{ + Email: body.Email, + Password: string(hashedPassword), + } + result := initializers.DB.Create(&user) + + if result.Error != nil { + c.JSON(http.StatusBadRequest, gin.H{ + "error": "An account already exists with that email.", + }) + return + } + + tokenString, err := createToken(user.ID) + if err != nil { + c.JSON(http.StatusInternalServerError, gin.H{ + "error": err, + }) + return + } + c.SetSameSite(http.SameSiteLaxMode) + c.SetCookie("Authorization", tokenString, 3600*24*30, "", "", false, true) + + c.JSON(http.StatusAccepted, gin.H{ + "user": user, + "token": tokenString, + }) +} + +func Login(c *gin.Context) { + var body struct { + Email string + Password string + } + + if err := c.Bind(&body); err != nil { + c.JSON(http.StatusBadRequest, gin.H{"error": "Invalid request format"}) + return + } + + if body.Email == "" || body.Password == "" { + c.JSON(http.StatusBadRequest, gin.H{"error": "Missing required fields"}) + return + } + + var user models.User + result := initializers.DB.First(&user, "email = ?", body.Email) + + if result.Error != nil { + if errors.Is(result.Error, gorm.ErrRecordNotFound) { + c.JSON(http.StatusBadRequest, gin.H{"error": "Email/Password is invalid."}) + } else { + c.JSON(http.StatusInternalServerError, gin.H{"error": "Database error"}) + } + return + } + + err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(body.Password)) + if err != nil { + c.JSON(http.StatusBadRequest, gin.H{"error": "Email/Password is invalid."}) + return + } + + tokenString, err := createToken(user.ID) + if err != nil { + c.JSON(http.StatusInternalServerError, gin.H{ + "error": err, + }) + return + } + c.SetSameSite(http.SameSiteLaxMode) + c.SetCookie("Authorization", tokenString, 3600*24*30, "", "", false, true) + + c.JSON(http.StatusAccepted, gin.H{ + "user": user, + "token": tokenString, + }) +} + +func createToken(userId uuid.UUID) (string, error) { + newToken := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{ + "bearer": userId, + "expiresAt": time.Now().Add(time.Hour * 24 * 30).Unix(), + }) + + tokenString, err := newToken.SignedString([]byte(os.Getenv("JWT_SECRET"))) + if err != nil { + return "", errors.New("could not create token") + } + + return tokenString, nil +} + +func Logout(c *gin.Context) { + c.SetCookie("Authorization", "", -1, "", "", false, true) + c.Status(http.StatusOK) +} + +func ValidateToken(c *gin.Context) { + + parsedToken, err := tokens.ParseToken(c) + if err != nil { + c.AbortWithStatus(http.StatusUnauthorized) + return + } + + if time.Now().Unix() > parsedToken.ExpiresAt.Unix() { + c.AbortWithStatus(http.StatusUnauthorized) + return + } + + var user models.User + initializers.DB.First(&user, "id = ?", parsedToken.Bearer) + if user.ID == uuid.Nil { + c.AbortWithStatus(http.StatusUnauthorized) + return + } + + c.Status(http.StatusAccepted) +} diff --git a/controllers/userController.go b/controllers/userController.go new file mode 100644 index 0000000..3e2c1b5 --- /dev/null +++ b/controllers/userController.go @@ -0,0 +1,77 @@ +package controllers + +import ( + "errors" + "go-backend-starter-project/initializers" + "go-backend-starter-project/models" + token "go-backend-starter-project/tokens" + "net/http" + + "github.com/gin-gonic/gin" + "github.com/google/uuid" + "gorm.io/gorm" +) + +func GetUserById(c *gin.Context) { + userId := c.Param("id") + + uniqueId, err := uuid.Parse(userId) + if err != nil { + c.JSON(http.StatusBadRequest, gin.H{"error": "Invalid user ID format"}) + return + } + + var user models.User + result := initializers.DB.First(&user, "id = ?", uniqueId) + + if result.Error != nil { + if errors.Is(result.Error, gorm.ErrRecordNotFound) { + c.JSON(http.StatusNotFound, gin.H{"error": "User not found"}) + } else { + c.JSON(http.StatusInternalServerError, gin.H{"error": "Unknown database error"}) + } + return + } + + c.JSON(http.StatusOK, user) +} + +func GetUsers(c *gin.Context) { + var users []models.User + + result := initializers.DB.Find(&users) + if result.Error != nil { + c.Status(http.StatusBadRequest) + return + } + + c.JSON(http.StatusAccepted, gin.H{ + "users": users, + }) +} + +func DeleteUser(c *gin.Context) { + + session, err := token.ParseToken(c) + if err != nil { + c.Status(http.StatusInternalServerError) + return + } + + var user models.User + result := initializers.DB.First(&user, "id = ?", session.Bearer) + if result.Error != nil { + c.JSON(http.StatusInternalServerError, gin.H{"error": "Unknown database error"}) + return + } + result = initializers.DB.Delete(&user) + if result.Error != nil { + c.JSON(http.StatusInternalServerError, gin.H{"error": "Unknown database error"}) + return + } + + c.SetCookie("Authorization", "", -1, "", "", false, true) + c.JSON(http.StatusAccepted, gin.H{ + "success": "Account deleted.", + }) +} diff --git a/go.mod b/go.mod new file mode 100644 index 0000000..9026922 --- /dev/null +++ b/go.mod @@ -0,0 +1,42 @@ +module go-backend-starter-project + +go 1.22.0 + +require ( + github.com/gin-gonic/gin v1.9.1 + github.com/golang-jwt/jwt v3.2.2+incompatible + github.com/google/uuid v1.6.0 + github.com/joho/godotenv v1.5.1 + golang.org/x/crypto v0.19.0 + gorm.io/driver/mysql v1.5.4 + gorm.io/gorm v1.25.7 +) + +require ( + github.com/bytedance/sonic v1.9.1 // indirect + github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311 // indirect + github.com/gabriel-vasile/mimetype v1.4.2 // indirect + github.com/gin-contrib/sse v0.1.0 // indirect + github.com/go-playground/locales v0.14.1 // indirect + github.com/go-playground/universal-translator v0.18.1 // indirect + github.com/go-playground/validator/v10 v10.14.0 // indirect + github.com/go-sql-driver/mysql v1.7.0 // indirect + github.com/goccy/go-json v0.10.2 // indirect + github.com/jinzhu/inflection v1.0.0 // indirect + github.com/jinzhu/now v1.1.5 // indirect + github.com/json-iterator/go v1.1.12 // indirect + github.com/klauspost/cpuid/v2 v2.2.4 // indirect + github.com/leodido/go-urn v1.2.4 // indirect + github.com/mattn/go-isatty v0.0.19 // indirect + github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect + github.com/modern-go/reflect2 v1.0.2 // indirect + github.com/pelletier/go-toml/v2 v2.0.8 // indirect + github.com/twitchyliquid64/golang-asm v0.15.1 // indirect + github.com/ugorji/go/codec v1.2.11 // indirect + golang.org/x/arch v0.3.0 // indirect + golang.org/x/net v0.10.0 // indirect + golang.org/x/sys v0.17.0 // indirect + golang.org/x/text v0.14.0 // indirect + google.golang.org/protobuf v1.30.0 // indirect + gopkg.in/yaml.v3 v3.0.1 // indirect +) diff --git a/go.sum b/go.sum new file mode 100644 index 0000000..8c5aec6 --- /dev/null +++ b/go.sum @@ -0,0 +1,103 @@ +github.com/bytedance/sonic v1.5.0/go.mod h1:ED5hyg4y6t3/9Ku1R6dU/4KyJ48DZ4jPhfY1O2AihPM= +github.com/bytedance/sonic v1.9.1 h1:6iJ6NqdoxCDr6mbY8h18oSO+cShGSMRGCEo7F2h0x8s= +github.com/bytedance/sonic v1.9.1/go.mod h1:i736AoUSYt75HyZLoJW9ERYxcy6eaN6h4BZXU064P/U= +github.com/chenzhuoyu/base64x v0.0.0-20211019084208-fb5309c8db06/go.mod h1:DH46F32mSOjUmXrMHnKwZdA8wcEefY7UVqBKYGjpdQY= +github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311 h1:qSGYFH7+jGhDF8vLC+iwCD4WpbV1EBDSzWkJODFLams= +github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311/go.mod h1:b583jCggY9gE99b6G5LEC39OIiVsWj+R97kbl5odCEk= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/gabriel-vasile/mimetype v1.4.2 h1:w5qFW6JKBz9Y393Y4q372O9A7cUSequkh1Q7OhCmWKU= +github.com/gabriel-vasile/mimetype v1.4.2/go.mod h1:zApsH/mKG4w07erKIaJPFiX0Tsq9BFQgN3qGY5GnNgA= +github.com/gin-contrib/sse v0.1.0 h1:Y/yl/+YNO8GZSjAhjMsSuLt29uWRFHdHYUb5lYOV9qE= +github.com/gin-contrib/sse v0.1.0/go.mod h1:RHrZQHXnP2xjPF+u1gW/2HnVO7nvIa9PG3Gm+fLHvGI= +github.com/gin-gonic/gin v1.9.1 h1:4idEAncQnU5cB7BeOkPtxjfCSye0AAm1R0RVIqJ+Jmg= +github.com/gin-gonic/gin v1.9.1/go.mod h1:hPrL7YrpYKXt5YId3A/Tnip5kqbEAP+KLuI3SUcPTeU= +github.com/go-playground/assert/v2 v2.2.0 h1:JvknZsQTYeFEAhQwI4qEt9cyV5ONwRHC+lYKSsYSR8s= +github.com/go-playground/assert/v2 v2.2.0/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4= +github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/oXslEjJA= +github.com/go-playground/locales v0.14.1/go.mod h1:hxrqLVvrK65+Rwrd5Fc6F2O76J/NuW9t0sjnWqG1slY= +github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJnYK9S473LQFuzCbDbfSFY= +github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY= +github.com/go-playground/validator/v10 v10.14.0 h1:vgvQWe3XCz3gIeFDm/HnTIbj6UGmg/+t63MyGU2n5js= +github.com/go-playground/validator/v10 v10.14.0/go.mod h1:9iXMNT7sEkjXb0I+enO7QXmzG6QCsPWY4zveKFVRSyU= +github.com/go-sql-driver/mysql v1.7.0 h1:ueSltNNllEqE3qcWBTD0iQd3IpL/6U+mJxLkazJ7YPc= +github.com/go-sql-driver/mysql v1.7.0/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI= +github.com/goccy/go-json v0.10.2 h1:CrxCmQqYDkv1z7lO7Wbh2HN93uovUHgrECaO5ZrCXAU= +github.com/goccy/go-json v0.10.2/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I= +github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY= +github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I= +github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= +github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU= +github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= +github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/jinzhu/inflection v1.0.0 h1:K317FqzuhWc8YvSVlFMCCUb36O/S9MCKRDI7QkRKD/E= +github.com/jinzhu/inflection v1.0.0/go.mod h1:h+uFLlag+Qp1Va5pdKtLDYj+kHp5pxUVkryuEj+Srlc= +github.com/jinzhu/now v1.1.5 h1:/o9tlHleP7gOFmsnYNz3RGnqzefHA47wQpKrrdTIwXQ= +github.com/jinzhu/now v1.1.5/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/z8= +github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0= +github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4= +github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= +github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= +github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg= +github.com/klauspost/cpuid/v2 v2.2.4 h1:acbojRNwl3o09bUq+yDCtZFc1aiwaAAxtcn8YkZXnvk= +github.com/klauspost/cpuid/v2 v2.2.4/go.mod h1:RVVoqg1df56z8g3pUjL/3lE5UfnlrJX8tyFgg4nqhuY= +github.com/leodido/go-urn v1.2.4 h1:XlAE/cm/ms7TE/VMVoduSpNBoyc2dOxHs5MZSwAN63Q= +github.com/leodido/go-urn v1.2.4/go.mod h1:7ZrI8mTSeBSHl/UaRyKQW1qZeMgak41ANeCNaVckg+4= +github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA= +github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= +github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= +github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= +github.com/pelletier/go-toml/v2 v2.0.8 h1:0ctb6s9mE31h0/lhu+J6OPmVeDxJn+kYnJc2jZR9tGQ= +github.com/pelletier/go-toml/v2 v2.0.8/go.mod h1:vuYfssBdrU2XDZ9bYydBu6t+6a6PYNcZljzZR9VXg+4= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= +github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= +github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= +github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= +github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stretchr/testify v1.8.3 h1:RP3t2pwF7cMEbC1dqtB6poj3niw/9gnV4Cjg5oW5gtY= +github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +github.com/twitchyliquid64/golang-asm v0.15.1 h1:SU5vSMR7hnwNxj24w34ZyCi/FmDZTkS4MhqMhdFk5YI= +github.com/twitchyliquid64/golang-asm v0.15.1/go.mod h1:a1lVb/DtPvCB8fslRZhAngC2+aY1QWCk3Cedj/Gdt08= +github.com/ugorji/go/codec v1.2.11 h1:BMaWp1Bb6fHwEtbplGBGJ498wD+LKlNSl25MjdZY4dU= +github.com/ugorji/go/codec v1.2.11/go.mod h1:UNopzCgEMSXjBc6AOMqYvWC1ktqTAfzJZUZgYf6w6lg= +golang.org/x/arch v0.0.0-20210923205945-b76863e36670/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8= +golang.org/x/arch v0.3.0 h1:02VY4/ZcO/gBOH6PUaoiptASxtXU10jazRCP865E97k= +golang.org/x/arch v0.3.0/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8= +golang.org/x/crypto v0.19.0 h1:ENy+Az/9Y1vSrlrvBSyna3PITt4tiZLf7sgCjZBX7Wo= +golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= +golang.org/x/net v0.10.0 h1:X2//UzNDwYmtCLn7To6G58Wr6f5ahEAQgKNzv9Y951M= +golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= +golang.org/x/sys v0.0.0-20220704084225-05e143d24a9e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.17.0 h1:25cE3gD+tdBA7lp7QfhuV+rJiE9YXTcS3VG1SqssI/Y= +golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= +golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= +golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4= +golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= +google.golang.org/protobuf v1.30.0 h1:kPPoIgf3TsEvrm0PFe15JQ+570QVxYzEvvHqChK+cng= +google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= +gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gorm.io/driver/mysql v1.5.4 h1:igQmHfKcbaTVyAIHNhhB888vvxh8EdQ2uSUT0LPcBso= +gorm.io/driver/mysql v1.5.4/go.mod h1:9rYxJph/u9SWkWc9yY4XJ1F/+xO0S/ChOmbk3+Z5Tvs= +gorm.io/gorm v1.25.7-0.20240204074919-46816ad31dde/go.mod h1:hbnx/Oo0ChWMn1BIhpy1oYozzpM15i4YPuHDmfYtwg8= +gorm.io/gorm v1.25.7 h1:VsD6acwRjz2zFxGO50gPO6AkNs7KKnvfzUjHQhZDz/A= +gorm.io/gorm v1.25.7/go.mod h1:hbnx/Oo0ChWMn1BIhpy1oYozzpM15i4YPuHDmfYtwg8= +rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4= diff --git a/initializers/assets.go b/initializers/assets.go new file mode 100644 index 0000000..691c31e --- /dev/null +++ b/initializers/assets.go @@ -0,0 +1,15 @@ +package initializers + +import ( + "log" + "os" +) + +func CreateAssetsFolders() { + + if _, err := os.Stat("assets"); os.IsNotExist(err) { + if err := os.MkdirAll("assets", os.ModePerm); err != nil { + log.Fatal(err) + } + } +} diff --git a/initializers/database.go b/initializers/database.go new file mode 100644 index 0000000..cdb8f6c --- /dev/null +++ b/initializers/database.go @@ -0,0 +1,19 @@ +package initializers + +import ( + "gorm.io/driver/mysql" + "gorm.io/gorm" + "log" + "os" +) + +var DB *gorm.DB + +func ConnectToDB() { + dsn := os.Getenv("DSN") + var err error + DB, err = gorm.Open(mysql.Open(dsn), &gorm.Config{}) + if err != nil { + log.Fatal("Could not connect to database:\n" + err.Error()) + } +} diff --git a/initializers/loadEnv.go b/initializers/loadEnv.go new file mode 100644 index 0000000..85116e2 --- /dev/null +++ b/initializers/loadEnv.go @@ -0,0 +1,14 @@ +package initializers + +import ( + "github.com/joho/godotenv" + "log" +) + +func LoadEnv() { + err := godotenv.Load() + + if err != nil { + log.Fatal("Could not load .env file") + } +} diff --git a/main.go b/main.go new file mode 100644 index 0000000..c754f74 --- /dev/null +++ b/main.go @@ -0,0 +1,40 @@ +package main + +import ( + "go-backend-starter-project/api" + "go-backend-starter-project/controllers" + "go-backend-starter-project/initializers" + "go-backend-starter-project/middleware" + "log" + "os" + + "github.com/gin-gonic/gin" +) + +func init() { + initializers.LoadEnv() + initializers.ConnectToDB() +} + +func main() { + gin.SetMode(os.Getenv("GIN_MODE")) + api.CreateRouter() + + // Basic auth + api.Api.POST("/auth/signup", controllers.Signup) + api.Api.POST("/auth/login", controllers.Login) + api.Api.POST("/auth/logout", controllers.Logout) + api.Api.GET("/auth/validate", controllers.ValidateToken) + + // Basic user + api.Api.GET("/users", controllers.GetUsers) + api.Api.GET("/users/:id", controllers.GetUserById) + api.Api.DELETE("/users", middleware.RequireAuth, controllers.DeleteUser) + + log.Println("Starting server...") + + err := api.Router.Run() + if err != nil { + log.Fatal("Router could not be created.") + } +} diff --git a/middleware/requireAuth.go b/middleware/requireAuth.go new file mode 100644 index 0000000..d112301 --- /dev/null +++ b/middleware/requireAuth.go @@ -0,0 +1,36 @@ +package middleware + +import ( + "go-backend-starter-project/initializers" + "go-backend-starter-project/models" + "go-backend-starter-project/tokens" + "net/http" + "time" + + "github.com/gin-gonic/gin" + "github.com/google/uuid" +) + +func RequireAuth(c *gin.Context) { + + parsedToken, err := tokens.ParseToken(c) + if err != nil { + c.AbortWithStatus(http.StatusUnauthorized) + return + } + + if time.Now().Unix() > parsedToken.ExpiresAt.Unix() { + c.AbortWithStatus(http.StatusUnauthorized) + return + } + + var user models.User + initializers.DB.First(&user, "id = ?", parsedToken.Bearer) + if user.ID == uuid.Nil { + c.AbortWithStatus(http.StatusUnauthorized) + return + } + + c.Set("user", user) + c.Next() +} diff --git a/migrate/migration.go b/migrate/migration.go new file mode 100644 index 0000000..ed1f637 --- /dev/null +++ b/migrate/migration.go @@ -0,0 +1,26 @@ +package main + +import ( + "go-backend-starter-project/initializers" + "go-backend-starter-project/models" + "log" +) + +func init() { + initializers.LoadEnv() + initializers.ConnectToDB() +} + +func main() { + log.Println("Migrating models to DB...") + + err := initializers.DB.AutoMigrate( + &models.User{}, + ) + + if err != nil { + log.Fatalf("Automatic migration has failed: %v", err) + } + + log.Println("Migration sucessful!") +} diff --git a/models/userModel.go b/models/userModel.go new file mode 100644 index 0000000..32aba40 --- /dev/null +++ b/models/userModel.go @@ -0,0 +1,20 @@ +package models + +import ( + "github.com/google/uuid" + "gorm.io/gorm" + "time" +) + +type User struct { + ID uuid.UUID `gorm:"type:char(36);primary_key;"` + CreatedAt time.Time + UpdatedAt time.Time + Email string + Password string `json:"-"` +} + +func (user *User) BeforeCreate(tx *gorm.DB) (err error) { + user.ID = uuid.New() + return +} diff --git a/tokens/tokenParser.go b/tokens/tokenParser.go new file mode 100644 index 0000000..75f500d --- /dev/null +++ b/tokens/tokenParser.go @@ -0,0 +1,44 @@ +package tokens + +import ( + "errors" + "fmt" + "github.com/gin-gonic/gin" + "github.com/golang-jwt/jwt" + "github.com/google/uuid" + "go-backend-starter-project/initializers" + "go-backend-starter-project/models" + "math" + "os" + "time" +) + +type UserSession struct { + Bearer uuid.UUID + ExpiresAt time.Time +} + +func ParseToken(c *gin.Context) (UserSession, error) { + tokenString, err := c.Cookie("Authorization") + if len(tokenString) == 0 || err != nil { + return UserSession{}, errors.New("Cookie not found") + } + + token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) { + if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok { + return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"]) + } + return []byte(os.Getenv("JWT_SECRET")), nil + }) + + if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid { + var user models.User + initializers.DB.Find(&user, "id = ?", claims["bearer"]) + + sec, dec := math.Modf(claims["expiresAt"].(float64)) + + return UserSession{Bearer: user.ID, ExpiresAt: time.Unix(int64(sec), int64(dec*(1e9)))}, nil + } + + return UserSession{}, errors.New("Token is not valid") +}