auth-api/src/main.go

package main

import (
	"context"
	"os"
	"strings"
	"time"

	"gitea.larvit.se/pwrpln/auth-api/src/db"
	h "gitea.larvit.se/pwrpln/auth-api/src/handlers"
	"gitea.larvit.se/pwrpln/go_log"
	swagger "github.com/arsmn/fiber-swagger/v2"
	"github.com/gofiber/fiber/v2"
	"github.com/google/uuid"
	"github.com/jackc/pgx/v4/pgxpool"
	"github.com/joho/godotenv"

	// docs are generated by Swag CLI, you have to import them.
	_ "gitea.larvit.se/pwrpln/auth-api/src/docs"
)

// Don't put in utils, because it creates import cycle with db... just left it here for now
func createAdminAccount(Db db.Db, log go_log.Log) {
	adminAccountID, uuidErr := uuid.NewRandom()
	if uuidErr != nil {
		log.Error("Could not create new Uuid", "err", uuidErr.Error())
		os.Exit(1)
	}
	_, adminAccountErr := Db.AccountCreate(db.AccountCreateInput{
		ID:       adminAccountID,
		Name:     "admin",
		APIKey:   os.Getenv("ADMIN_API_KEY"),
		Password: "",
		Fields:   []db.AccountCreateInputFields{{Name: "role", Values: []string{"admin"}}},
	})
	if adminAccountErr != nil && strings.HasPrefix(adminAccountErr.Error(), "ERROR: duplicate key") {
		log.Verbose("Admin account already created, nothing written to database")
	} else if adminAccountErr != nil {
		log.Error("Could not create admin account", "err", adminAccountErr.Error())
		os.Exit(1)
	}
}

// @title JWT Auth API
// @version 0.1
// @description This is a tiny http API for auth. Register accounts, auth with api-key or name/password, renew JWT tokens...

// @contact.name Power Plan
// @contact.url https://pwrpln.com/
// @contact.email lilleman@larvit.se

// @license.name MIT

// @BasePath /
func main() {
	log := go_log.GetLog()

	err := godotenv.Load()
	if err != nil {
		log.Warn("Error loading .env file, this could be ok if the env file does not exist", "err", err.Error())
	}

	if os.Getenv("JWT_SHARED_SECRET") == "changeMe" {
		log.Warn("JWT_SHARED_SECRET ENV is not set, using very insecure \"changeMe\"")
	}
	if os.Getenv("ADMIN_API_KEY") == "changeMe" {
		log.Warn("ADMIN_API_KEY ENV is not set, using very insecure \"changeMe\"")
	}
	if os.Getenv("LOG_MIN_LVL") == "" {
		log.Info("LOG_MIN_LVL ENV is not set, using default \"Info\"")
		log.MinLogLvl = go_log.LogLvlFromStr("Info")
	} else {
		minLogLvl := go_log.LogLvlFromStr(os.Getenv("LOG_MIN_LVL"))

		if minLogLvl == 0 {
			log.Warn("Invalid LOG_MIN_LVL ENV, using default \"Info\"")
			log.MinLogLvl = go_log.LogLvlFromStr("Info")
		} else {
			log.MinLogLvl = minLogLvl
		}
	}
	jwtKey := []byte(os.Getenv("JWT_SHARED_SECRET"))

	dbPool, err := pgxpool.Connect(context.Background(), os.Getenv("DATABASE_URL"))
	for err != nil {
		log.Warn("Failed to open connection to PostgreSQL database, retrying in 1 second", "err", err.Error())
		time.Sleep(1 * time.Second)
		dbPool, err = pgxpool.Connect(context.Background(), os.Getenv("DATABASE_URL"))
	}
	log.Verbose("Connected to PostgreSQL database")
	defer dbPool.Close()

	app := fiber.New()

	Db := db.Db{DbPool: dbPool, Log: log}
	handlers := h.Handlers{Db: Db, JwtKey: jwtKey, Log: log}

	createAdminAccount(Db, log)

	// Log all requests
	app.Use(handlers.LogReq)

	// Always require application/json
	app.Use(handlers.RequireJSON)

	app.Get("/", func(c *fiber.Ctx) error { return c.Redirect("/swagger/index.html") })
	app.Get("/swagger", func(c *fiber.Ctx) error { return c.Redirect("/swagger/index.html") })
	app.Get("/swagger/*", swagger.HandlerDefault)

	app.Delete("/account/:accountID", handlers.AccountDel)
	app.Get("/account/:accountID", handlers.AccountGet)
	app.Post("/account", handlers.AccountCreate)
	// app.Get("/accounts", handlers.AccountsGet)
	app.Post("/auth/api-key", handlers.AccountAuthAPIKey)
	app.Post("/auth/password", handlers.AccountAuthPassword)
	app.Post("/renew-token", handlers.RenewToken)
	app.Put("/account/:accountID/fields", handlers.AccountUpdateFields)

	log.Info("Starting web server", "WEB_BIND_HOST", os.Getenv("WEB_BIND_HOST"))

	webBindHost := os.Getenv("WEB_BIND_HOST")
	err = app.Listen(webBindHost)
	for err != nil {
		log.Warn("Could not start web server", "err", err.Error(), "WEB_BIND_HOST", webBindHost)
		time.Sleep(1 * time.Second)
		err = app.Listen(webBindHost)
	}

	log.Info("Web server closed, shutting down")
}
Now accounts can be added 2021-01-02 12:09:16 +01:00			`package main`

			`import (`
			`"context"`
			`"os"`
			`"strings"`
Upgrades Better resilience against crashes Even better resilience against crashes Fixed stuff Renamed API service Fixed some paths Simplified error handling Updated README 2021-09-04 16:24:48 +02:00			`"time"`
Now accounts can be added 2021-01-02 12:09:16 +01:00
Updated module path to change to gitea 2022-01-22 15:43:33 +01:00			`"gitea.larvit.se/pwrpln/auth-api/src/db"`
			`h "gitea.larvit.se/pwrpln/auth-api/src/handlers"`
Updating versions and changing log system 2023-02-20 23:54:02 +01:00			`"gitea.larvit.se/pwrpln/go_log"`
Loads of updates 2021-06-22 22:52:48 +02:00			`swagger "github.com/arsmn/fiber-swagger/v2"`
Now accounts can be added 2021-01-02 12:09:16 +01:00			`"github.com/gofiber/fiber/v2"`
			`"github.com/google/uuid"`
			`"github.com/jackc/pgx/v4/pgxpool"`
			`"github.com/joho/godotenv"`
Loads of updates 2021-06-22 22:52:48 +02:00
			`// docs are generated by Swag CLI, you have to import them.`
Updated module path to change to gitea 2022-01-22 15:43:33 +01:00			`_ "gitea.larvit.se/pwrpln/auth-api/src/docs"`
Now accounts can be added 2021-01-02 12:09:16 +01:00			`)`

Loads of updates 2021-06-22 22:52:48 +02:00			`// Don't put in utils, because it creates import cycle with db... just left it here for now`
Updating versions and changing log system 2023-02-20 23:54:02 +01:00			`func createAdminAccount(Db db.Db, log go_log.Log) {`
Now accounts can be added 2021-01-02 12:09:16 +01:00			`adminAccountID, uuidErr := uuid.NewRandom()`
			`if uuidErr != nil {`
Updating versions and changing log system 2023-02-20 23:54:02 +01:00			`log.Error("Could not create new Uuid", "err", uuidErr.Error())`
			`os.Exit(1)`
Now accounts can be added 2021-01-02 12:09:16 +01:00			`}`
			`_, adminAccountErr := Db.AccountCreate(db.AccountCreateInput{`
Protected POST /account and fixed with JWT stuff in general 2021-01-03 18:21:42 +01:00			`ID: adminAccountID,`
			`Name: "admin",`
			`APIKey: os.Getenv("ADMIN_API_KEY"),`
			`Password: "",`
			`Fields: []db.AccountCreateInputFields{{Name: "role", Values: []string{"admin"}}},`
Now accounts can be added 2021-01-02 12:09:16 +01:00			`})`
			`if adminAccountErr != nil && strings.HasPrefix(adminAccountErr.Error(), "ERROR: duplicate key") {`
Updating versions and changing log system 2023-02-20 23:54:02 +01:00			`log.Verbose("Admin account already created, nothing written to database")`
Now accounts can be added 2021-01-02 12:09:16 +01:00			`} else if adminAccountErr != nil {`
Updating versions and changing log system 2023-02-20 23:54:02 +01:00			`log.Error("Could not create admin account", "err", adminAccountErr.Error())`
			`os.Exit(1)`
Now accounts can be added 2021-01-02 12:09:16 +01:00			`}`
			`}`

Loads of updates 2021-06-22 22:52:48 +02:00			`// @title JWT Auth API`
			`// @version 0.1`
			`// @description This is a tiny http API for auth. Register accounts, auth with api-key or name/password, renew JWT tokens...`

			`// @contact.name Power Plan`
Added more proper documentation 2021-06-22 23:49:11 +02:00			`// @contact.url https://pwrpln.com/`
Loads of updates 2021-06-22 22:52:48 +02:00			`// @contact.email lilleman@larvit.se`

			`// @license.name MIT`

			`// @BasePath /`
Now accounts can be added 2021-01-02 12:09:16 +01:00			`func main() {`
Updating versions and changing log system 2023-02-20 23:54:02 +01:00			`log := go_log.GetLog()`
Loads of updates 2021-06-22 22:52:48 +02:00
Now accounts can be added 2021-01-02 12:09:16 +01:00			`err := godotenv.Load()`
			`if err != nil {`
Loads of updates 2021-06-22 22:52:48 +02:00			`log.Warn("Error loading .env file, this could be ok if the env file does not exist", "err", err.Error())`
Now accounts can be added 2021-01-02 12:09:16 +01:00			`}`

Protected POST /account and fixed with JWT stuff in general 2021-01-03 18:21:42 +01:00			`if os.Getenv("JWT_SHARED_SECRET") == "changeMe" {`
Updating versions and changing log system 2023-02-20 23:54:02 +01:00			`log.Warn("JWT_SHARED_SECRET ENV is not set, using very insecure \"changeMe\"")`
Protected POST /account and fixed with JWT stuff in general 2021-01-03 18:21:42 +01:00			`}`
			`if os.Getenv("ADMIN_API_KEY") == "changeMe" {`
Updating versions and changing log system 2023-02-20 23:54:02 +01:00			`log.Warn("ADMIN_API_KEY ENV is not set, using very insecure \"changeMe\"")`
			`}`
			`if os.Getenv("LOG_MIN_LVL") == "" {`
			`log.Info("LOG_MIN_LVL ENV is not set, using default \"Info\"")`
			`log.MinLogLvl = go_log.LogLvlFromStr("Info")`
			`} else {`
			`minLogLvl := go_log.LogLvlFromStr(os.Getenv("LOG_MIN_LVL"))`

			`if minLogLvl == 0 {`
			`log.Warn("Invalid LOG_MIN_LVL ENV, using default \"Info\"")`
			`log.MinLogLvl = go_log.LogLvlFromStr("Info")`
			`} else {`
			`log.MinLogLvl = minLogLvl`
			`}`
Protected POST /account and fixed with JWT stuff in general 2021-01-03 18:21:42 +01:00			`}`
			`jwtKey := []byte(os.Getenv("JWT_SHARED_SECRET"))`

Now accounts can be added 2021-01-02 12:09:16 +01:00			`dbPool, err := pgxpool.Connect(context.Background(), os.Getenv("DATABASE_URL"))`
Upgrades Better resilience against crashes Even better resilience against crashes Fixed stuff Renamed API service Fixed some paths Simplified error handling Updated README 2021-09-04 16:24:48 +02:00			`for err != nil {`
Updating versions and changing log system 2023-02-20 23:54:02 +01:00			`log.Warn("Failed to open connection to PostgreSQL database, retrying in 1 second", "err", err.Error())`
Upgrades Better resilience against crashes Even better resilience against crashes Fixed stuff Renamed API service Fixed some paths Simplified error handling Updated README 2021-09-04 16:24:48 +02:00			`time.Sleep(1 * time.Second)`
			`dbPool, err = pgxpool.Connect(context.Background(), os.Getenv("DATABASE_URL"))`
Now accounts can be added 2021-01-02 12:09:16 +01:00			`}`
Updating versions and changing log system 2023-02-20 23:54:02 +01:00			`log.Verbose("Connected to PostgreSQL database")`
Now accounts can be added 2021-01-02 12:09:16 +01:00			`defer dbPool.Close()`

			`app := fiber.New()`

Loads of updates 2021-06-22 22:52:48 +02:00			`Db := db.Db{DbPool: dbPool, Log: log}`
			`handlers := h.Handlers{Db: Db, JwtKey: jwtKey, Log: log}`
Now accounts can be added 2021-01-02 12:09:16 +01:00
Loads of updates 2021-06-22 22:52:48 +02:00			`createAdminAccount(Db, log)`
Now accounts can be added 2021-01-02 12:09:16 +01:00
Protected POST /account and fixed with JWT stuff in general 2021-01-03 18:21:42 +01:00			`// Log all requests`
Loads of updates 2021-06-22 22:52:48 +02:00			`app.Use(handlers.LogReq)`
Protected POST /account and fixed with JWT stuff in general 2021-01-03 18:21:42 +01:00
Now accounts can be added 2021-01-02 12:09:16 +01:00			`// Always require application/json`
			`app.Use(handlers.RequireJSON)`

Loads of updates 2021-06-22 22:52:48 +02:00			`app.Get("/", func(c *fiber.Ctx) error { return c.Redirect("/swagger/index.html") })`
			`app.Get("/swagger", func(c *fiber.Ctx) error { return c.Redirect("/swagger/index.html") })`
Updated all Go dependencies 2022-02-18 19:38:35 +01:00			`app.Get("/swagger/*", swagger.HandlerDefault)`
Loads of updates 2021-06-22 22:52:48 +02:00
More tests and DELETE account 2021-06-24 00:42:54 +02:00			`app.Delete("/account/:accountID", handlers.AccountDel)`
Now accounts can be added 2021-01-02 12:09:16 +01:00			`app.Get("/account/:accountID", handlers.AccountGet)`
			`app.Post("/account", handlers.AccountCreate)`
Updating versions and changing log system 2023-02-20 23:54:02 +01:00			`// app.Get("/accounts", handlers.AccountsGet)`
Now accounts can be added 2021-01-02 12:09:16 +01:00			`app.Post("/auth/api-key", handlers.AccountAuthAPIKey)`
Added endpoint to auth with username and password 2021-01-05 16:23:18 +01:00			`app.Post("/auth/password", handlers.AccountAuthPassword)`
Loads of updates 2021-06-22 22:52:48 +02:00			`app.Post("/renew-token", handlers.RenewToken)`
Added PUT /account/{id}/fields 2021-06-24 01:55:47 +02:00			`app.Put("/account/:accountID/fields", handlers.AccountUpdateFields)`
Now accounts can be added 2021-01-02 12:09:16 +01:00
Updating versions and changing log system 2023-02-20 23:54:02 +01:00			`log.Info("Starting web server", "WEB_BIND_HOST", os.Getenv("WEB_BIND_HOST"))`
Now accounts can be added 2021-01-02 12:09:16 +01:00
Upgrades Better resilience against crashes Even better resilience against crashes Fixed stuff Renamed API service Fixed some paths Simplified error handling Updated README 2021-09-04 16:24:48 +02:00			`webBindHost := os.Getenv("WEB_BIND_HOST")`
			`err = app.Listen(webBindHost)`
			`for err != nil {`
Updating versions and changing log system 2023-02-20 23:54:02 +01:00			`log.Warn("Could not start web server", "err", err.Error(), "WEB_BIND_HOST", webBindHost)`
Upgrades Better resilience against crashes Even better resilience against crashes Fixed stuff Renamed API service Fixed some paths Simplified error handling Updated README 2021-09-04 16:24:48 +02:00			`time.Sleep(1 * time.Second)`
			`err = app.Listen(webBindHost)`
Now accounts can be added 2021-01-02 12:09:16 +01:00			`}`

Updating versions and changing log system 2023-02-20 23:54:02 +01:00			`log.Info("Web server closed, shutting down")`
Now accounts can be added 2021-01-02 12:09:16 +01:00			`}`