auth-api/src/main.go

package main

import (
	"context"
	"os"
	"strings"
	"time"

	"gitea.larvit.se/pwrpln/auth-api/src/db"
	h "gitea.larvit.se/pwrpln/auth-api/src/handlers"
	"gitea.larvit.se/pwrpln/auth-api/src/utils"
	swagger "github.com/arsmn/fiber-swagger/v2"
	"github.com/gofiber/fiber/v2"
	"github.com/google/uuid"
	"github.com/jackc/pgx/v4/pgxpool"
	"github.com/joho/godotenv"
	"go.uber.org/zap"

	// docs are generated by Swag CLI, you have to import them.
	_ "gitea.larvit.se/pwrpln/auth-api/src/docs"
)

// Don't put in utils, because it creates import cycle with db... just left it here for now
func createAdminAccount(Db db.Db, log *zap.SugaredLogger) {
	adminAccountID, uuidErr := uuid.NewRandom()
	if uuidErr != nil {
		log.Fatal("Could not create new Uuid", "err", uuidErr.Error())
	}
	_, adminAccountErr := Db.AccountCreate(db.AccountCreateInput{
		ID:       adminAccountID,
		Name:     "admin",
		APIKey:   os.Getenv("ADMIN_API_KEY"),
		Password: "",
		Fields:   []db.AccountCreateInputFields{{Name: "role", Values: []string{"admin"}}},
	})
	if adminAccountErr != nil && strings.HasPrefix(adminAccountErr.Error(), "ERROR: duplicate key") {
		log.Info("Admin account already created, nothing written to database")
	} else if adminAccountErr != nil {
		log.Fatal("Could not create admin account", "err", adminAccountErr.Error())
	}
}

// @title JWT Auth API
// @version 0.1
// @description This is a tiny http API for auth. Register accounts, auth with api-key or name/password, renew JWT tokens...

// @contact.name Power Plan
// @contact.url https://pwrpln.com/
// @contact.email lilleman@larvit.se

// @license.name MIT

// @BasePath /
func main() {
	log := utils.GetLog()

	err := godotenv.Load()
	if err != nil {
		log.Warn("Error loading .env file, this could be ok if the env file does not exist", "err", err.Error())
	}

	if os.Getenv("JWT_SHARED_SECRET") == "changeMe" {
		log.Error("JWT_SHARED_SECRET ENV is not set, using very insecure \"changeMe\"")
	}
	if os.Getenv("ADMIN_API_KEY") == "changeMe" {
		log.Error("ADMIN_API_KEY ENV is not set, using very insecure \"changeMe\"")
	}
	jwtKey := []byte(os.Getenv("JWT_SHARED_SECRET"))

	dbPool, err := pgxpool.Connect(context.Background(), os.Getenv("DATABASE_URL"))
	for err != nil {
		log.Error("Failed to open connection to PostgreSQL database, retrying in 1 second", "err", err.Error())
		time.Sleep(1 * time.Second)
		dbPool, err = pgxpool.Connect(context.Background(), os.Getenv("DATABASE_URL"))
	}
	log.Info("Connected to PostgreSQL database")
	defer dbPool.Close()

	app := fiber.New()

	Db := db.Db{DbPool: dbPool, Log: log}
	handlers := h.Handlers{Db: Db, JwtKey: jwtKey, Log: log}

	createAdminAccount(Db, log)

	// Log all requests
	app.Use(handlers.LogReq)

	// Always require application/json
	app.Use(handlers.RequireJSON)

	app.Get("/", func(c *fiber.Ctx) error { return c.Redirect("/swagger/index.html") })
	app.Get("/swagger", func(c *fiber.Ctx) error { return c.Redirect("/swagger/index.html") })
	app.Get("/swagger/*", swagger.HandlerDefault)

	app.Delete("/account/:accountID", handlers.AccountDel)
	app.Get("/account/:accountID", handlers.AccountGet)
	app.Post("/account", handlers.AccountCreate)
	app.Post("/auth/api-key", handlers.AccountAuthAPIKey)
	app.Post("/auth/password", handlers.AccountAuthPassword)
	app.Post("/renew-token", handlers.RenewToken)
	app.Put("/account/:accountID/fields", handlers.AccountUpdateFields)
	// app.Put("")

	log.Info("Trying to start web server", "WEB_BIND_HOST", os.Getenv("WEB_BIND_HOST"))

	webBindHost := os.Getenv("WEB_BIND_HOST")
	err = app.Listen(webBindHost)
	for err != nil {
		log.Error("Could not start web server", "err", err.Error(), "WEB_BIND_HOST", webBindHost)
		time.Sleep(1 * time.Second)
		err = app.Listen(webBindHost)
	}

	log.Info("Webb server closed, shutting down")
}
Now accounts can be added 2021-01-02 12:09:16 +01:00			`package main`

			`import (`
			`"context"`
			`"os"`
			`"strings"`
Upgrades Better resilience against crashes Even better resilience against crashes Fixed stuff Renamed API service Fixed some paths Simplified error handling Updated README 2021-09-04 16:24:48 +02:00			`"time"`
Now accounts can be added 2021-01-02 12:09:16 +01:00
Updated module path to change to gitea 2022-01-22 15:43:33 +01:00			`"gitea.larvit.se/pwrpln/auth-api/src/db"`
			`h "gitea.larvit.se/pwrpln/auth-api/src/handlers"`
			`"gitea.larvit.se/pwrpln/auth-api/src/utils"`
Loads of updates 2021-06-22 22:52:48 +02:00			`swagger "github.com/arsmn/fiber-swagger/v2"`
Now accounts can be added 2021-01-02 12:09:16 +01:00			`"github.com/gofiber/fiber/v2"`
			`"github.com/google/uuid"`
			`"github.com/jackc/pgx/v4/pgxpool"`
			`"github.com/joho/godotenv"`
Loads of updates 2021-06-22 22:52:48 +02:00			`"go.uber.org/zap"`

			`// docs are generated by Swag CLI, you have to import them.`
Updated module path to change to gitea 2022-01-22 15:43:33 +01:00			`_ "gitea.larvit.se/pwrpln/auth-api/src/docs"`
Now accounts can be added 2021-01-02 12:09:16 +01:00			`)`

Loads of updates 2021-06-22 22:52:48 +02:00			`// Don't put in utils, because it creates import cycle with db... just left it here for now`
			`func createAdminAccount(Db db.Db, log *zap.SugaredLogger) {`
Now accounts can be added 2021-01-02 12:09:16 +01:00			`adminAccountID, uuidErr := uuid.NewRandom()`
			`if uuidErr != nil {`
Loads of updates 2021-06-22 22:52:48 +02:00			`log.Fatal("Could not create new Uuid", "err", uuidErr.Error())`
Now accounts can be added 2021-01-02 12:09:16 +01:00			`}`
			`_, adminAccountErr := Db.AccountCreate(db.AccountCreateInput{`
Protected POST /account and fixed with JWT stuff in general 2021-01-03 18:21:42 +01:00			`ID: adminAccountID,`
			`Name: "admin",`
			`APIKey: os.Getenv("ADMIN_API_KEY"),`
			`Password: "",`
			`Fields: []db.AccountCreateInputFields{{Name: "role", Values: []string{"admin"}}},`
Now accounts can be added 2021-01-02 12:09:16 +01:00			`})`
			`if adminAccountErr != nil && strings.HasPrefix(adminAccountErr.Error(), "ERROR: duplicate key") {`
			`log.Info("Admin account already created, nothing written to database")`
			`} else if adminAccountErr != nil {`
Loads of updates 2021-06-22 22:52:48 +02:00			`log.Fatal("Could not create admin account", "err", adminAccountErr.Error())`
Now accounts can be added 2021-01-02 12:09:16 +01:00			`}`
			`}`

Loads of updates 2021-06-22 22:52:48 +02:00			`// @title JWT Auth API`
			`// @version 0.1`
			`// @description This is a tiny http API for auth. Register accounts, auth with api-key or name/password, renew JWT tokens...`

			`// @contact.name Power Plan`
Added more proper documentation 2021-06-22 23:49:11 +02:00			`// @contact.url https://pwrpln.com/`
Loads of updates 2021-06-22 22:52:48 +02:00			`// @contact.email lilleman@larvit.se`

			`// @license.name MIT`

			`// @BasePath /`
Now accounts can be added 2021-01-02 12:09:16 +01:00			`func main() {`
Loads of updates 2021-06-22 22:52:48 +02:00			`log := utils.GetLog()`

Now accounts can be added 2021-01-02 12:09:16 +01:00			`err := godotenv.Load()`
			`if err != nil {`
Loads of updates 2021-06-22 22:52:48 +02:00			`log.Warn("Error loading .env file, this could be ok if the env file does not exist", "err", err.Error())`
Now accounts can be added 2021-01-02 12:09:16 +01:00			`}`

Protected POST /account and fixed with JWT stuff in general 2021-01-03 18:21:42 +01:00			`if os.Getenv("JWT_SHARED_SECRET") == "changeMe" {`
Upgrades Better resilience against crashes Even better resilience against crashes Fixed stuff Renamed API service Fixed some paths Simplified error handling Updated README 2021-09-04 16:24:48 +02:00			`log.Error("JWT_SHARED_SECRET ENV is not set, using very insecure \"changeMe\"")`
Protected POST /account and fixed with JWT stuff in general 2021-01-03 18:21:42 +01:00			`}`
			`if os.Getenv("ADMIN_API_KEY") == "changeMe" {`
Upgrades Better resilience against crashes Even better resilience against crashes Fixed stuff Renamed API service Fixed some paths Simplified error handling Updated README 2021-09-04 16:24:48 +02:00			`log.Error("ADMIN_API_KEY ENV is not set, using very insecure \"changeMe\"")`
Protected POST /account and fixed with JWT stuff in general 2021-01-03 18:21:42 +01:00			`}`
			`jwtKey := []byte(os.Getenv("JWT_SHARED_SECRET"))`

Now accounts can be added 2021-01-02 12:09:16 +01:00			`dbPool, err := pgxpool.Connect(context.Background(), os.Getenv("DATABASE_URL"))`
Upgrades Better resilience against crashes Even better resilience against crashes Fixed stuff Renamed API service Fixed some paths Simplified error handling Updated README 2021-09-04 16:24:48 +02:00			`for err != nil {`
			`log.Error("Failed to open connection to PostgreSQL database, retrying in 1 second", "err", err.Error())`
			`time.Sleep(1 * time.Second)`
			`dbPool, err = pgxpool.Connect(context.Background(), os.Getenv("DATABASE_URL"))`
Now accounts can be added 2021-01-02 12:09:16 +01:00			`}`
Upgrades Better resilience against crashes Even better resilience against crashes Fixed stuff Renamed API service Fixed some paths Simplified error handling Updated README 2021-09-04 16:24:48 +02:00			`log.Info("Connected to PostgreSQL database")`
Now accounts can be added 2021-01-02 12:09:16 +01:00			`defer dbPool.Close()`

			`app := fiber.New()`

Loads of updates 2021-06-22 22:52:48 +02:00			`Db := db.Db{DbPool: dbPool, Log: log}`
			`handlers := h.Handlers{Db: Db, JwtKey: jwtKey, Log: log}`
Now accounts can be added 2021-01-02 12:09:16 +01:00
Loads of updates 2021-06-22 22:52:48 +02:00			`createAdminAccount(Db, log)`
Now accounts can be added 2021-01-02 12:09:16 +01:00
Protected POST /account and fixed with JWT stuff in general 2021-01-03 18:21:42 +01:00			`// Log all requests`
Loads of updates 2021-06-22 22:52:48 +02:00			`app.Use(handlers.LogReq)`
Protected POST /account and fixed with JWT stuff in general 2021-01-03 18:21:42 +01:00
Now accounts can be added 2021-01-02 12:09:16 +01:00			`// Always require application/json`
			`app.Use(handlers.RequireJSON)`

Loads of updates 2021-06-22 22:52:48 +02:00			`app.Get("/", func(c *fiber.Ctx) error { return c.Redirect("/swagger/index.html") })`
			`app.Get("/swagger", func(c *fiber.Ctx) error { return c.Redirect("/swagger/index.html") })`
Updated all Go dependencies 2022-02-18 19:38:35 +01:00			`app.Get("/swagger/*", swagger.HandlerDefault)`
Loads of updates 2021-06-22 22:52:48 +02:00
More tests and DELETE account 2021-06-24 00:42:54 +02:00			`app.Delete("/account/:accountID", handlers.AccountDel)`
Now accounts can be added 2021-01-02 12:09:16 +01:00			`app.Get("/account/:accountID", handlers.AccountGet)`
			`app.Post("/account", handlers.AccountCreate)`
			`app.Post("/auth/api-key", handlers.AccountAuthAPIKey)`
Added endpoint to auth with username and password 2021-01-05 16:23:18 +01:00			`app.Post("/auth/password", handlers.AccountAuthPassword)`
Loads of updates 2021-06-22 22:52:48 +02:00			`app.Post("/renew-token", handlers.RenewToken)`
Added PUT /account/{id}/fields 2021-06-24 01:55:47 +02:00			`app.Put("/account/:accountID/fields", handlers.AccountUpdateFields)`
			`// app.Put("")`
Now accounts can be added 2021-01-02 12:09:16 +01:00
Loads of updates 2021-06-22 22:52:48 +02:00			`log.Info("Trying to start web server", "WEB_BIND_HOST", os.Getenv("WEB_BIND_HOST"))`
Now accounts can be added 2021-01-02 12:09:16 +01:00
Upgrades Better resilience against crashes Even better resilience against crashes Fixed stuff Renamed API service Fixed some paths Simplified error handling Updated README 2021-09-04 16:24:48 +02:00			`webBindHost := os.Getenv("WEB_BIND_HOST")`
			`err = app.Listen(webBindHost)`
			`for err != nil {`
			`log.Error("Could not start web server", "err", err.Error(), "WEB_BIND_HOST", webBindHost)`
			`time.Sleep(1 * time.Second)`
			`err = app.Listen(webBindHost)`
Now accounts can be added 2021-01-02 12:09:16 +01:00			`}`

			`log.Info("Webb server closed, shutting down")`
			`}`