auth-api/src/main.go

package main

import (
	"context"
	"os"
	"strings"

	swagger "github.com/arsmn/fiber-swagger/v2"
	"github.com/gofiber/fiber/v2"
	"github.com/google/uuid"
	"github.com/jackc/pgx/v4/pgxpool"
	"github.com/joho/godotenv"
	"gitlab.larvit.se/power-plan/auth/src/db"
	h "gitlab.larvit.se/power-plan/auth/src/handlers"
	"gitlab.larvit.se/power-plan/auth/src/utils"
	"go.uber.org/zap"

	// docs are generated by Swag CLI, you have to import them.
	_ "gitlab.larvit.se/power-plan/auth/src/docs"
)

// Don't put in utils, because it creates import cycle with db... just left it here for now
func createAdminAccount(Db db.Db, log *zap.SugaredLogger) {
	adminAccountID, uuidErr := uuid.NewRandom()
	if uuidErr != nil {
		log.Fatal("Could not create new Uuid", "err", uuidErr.Error())
	}
	_, adminAccountErr := Db.AccountCreate(db.AccountCreateInput{
		ID:       adminAccountID,
		Name:     "admin",
		APIKey:   os.Getenv("ADMIN_API_KEY"),
		Password: "",
		Fields:   []db.AccountCreateInputFields{{Name: "role", Values: []string{"admin"}}},
	})
	if adminAccountErr != nil && strings.HasPrefix(adminAccountErr.Error(), "ERROR: duplicate key") {
		log.Info("Admin account already created, nothing written to database")
	} else if adminAccountErr != nil {
		log.Fatal("Could not create admin account", "err", adminAccountErr.Error())
	}
}

// @title JWT Auth API
// @version 0.1
// @description This is a tiny http API for auth. Register accounts, auth with api-key or name/password, renew JWT tokens...

// @contact.name Power Plan
// @contact.url https://http://pwrpln.com/
// @contact.email lilleman@larvit.se

// @license.name MIT

// @host localhost:3000
// @BasePath /
func main() {
	log := utils.GetLog()

	err := godotenv.Load()
	if err != nil {
		log.Warn("Error loading .env file, this could be ok if the env file does not exist", "err", err.Error())
	}

	if os.Getenv("JWT_SHARED_SECRET") == "changeMe" {
		log.Fatal("You must change JWT_SHARED_SECRET in .env")
	}
	if os.Getenv("ADMIN_API_KEY") == "changeMe" {
		log.Fatal("You must change ADMIN_API_KEY in .env")
	}
	jwtKey := []byte(os.Getenv("JWT_SHARED_SECRET"))

	dbPool, err := pgxpool.Connect(context.Background(), os.Getenv("DATABASE_URL"))
	if err != nil {
		log.Fatal("Failed to open DB connection", "err", err.Error())
	} else {
		log.Info("Connected to PostgreSQL database")
	}
	defer dbPool.Close()

	app := fiber.New()

	Db := db.Db{DbPool: dbPool, Log: log}
	handlers := h.Handlers{Db: Db, JwtKey: jwtKey, Log: log}

	createAdminAccount(Db, log)

	// Log all requests
	app.Use(handlers.LogReq)

	// Always require application/json
	app.Use(handlers.RequireJSON)

	app.Get("/", func(c *fiber.Ctx) error { return c.Redirect("/swagger/index.html") })
	app.Get("/swagger", func(c *fiber.Ctx) error { return c.Redirect("/swagger/index.html") })
	app.Get("/swagger/*", swagger.Handler)

	app.Get("/account/:accountID", handlers.AccountGet)
	app.Post("/account", handlers.AccountCreate)
	app.Post("/auth/api-key", handlers.AccountAuthAPIKey)
	app.Post("/auth/password", handlers.AccountAuthPassword)
	app.Post("/renew-token", handlers.RenewToken)

	log.Info("Trying to start web server", "WEB_BIND_HOST", os.Getenv("WEB_BIND_HOST"))

	if err := app.Listen(os.Getenv("WEB_BIND_HOST")); err != nil {
		log.Fatal("Could not start web server", "err", err.Error())
	}

	log.Info("Webb server closed, shutting down")
}
Now accounts can be added 2021-01-02 12:09:16 +01:00			`package main`

			`import (`
			`"context"`
			`"os"`
			`"strings"`

Loads of updates 2021-06-22 22:52:48 +02:00			`swagger "github.com/arsmn/fiber-swagger/v2"`
Now accounts can be added 2021-01-02 12:09:16 +01:00			`"github.com/gofiber/fiber/v2"`
			`"github.com/google/uuid"`
			`"github.com/jackc/pgx/v4/pgxpool"`
			`"github.com/joho/godotenv"`
			`"gitlab.larvit.se/power-plan/auth/src/db"`
			`h "gitlab.larvit.se/power-plan/auth/src/handlers"`
Loads of updates 2021-06-22 22:52:48 +02:00			`"gitlab.larvit.se/power-plan/auth/src/utils"`
			`"go.uber.org/zap"`

			`// docs are generated by Swag CLI, you have to import them.`
			`_ "gitlab.larvit.se/power-plan/auth/src/docs"`
Now accounts can be added 2021-01-02 12:09:16 +01:00			`)`

Loads of updates 2021-06-22 22:52:48 +02:00			`// Don't put in utils, because it creates import cycle with db... just left it here for now`
			`func createAdminAccount(Db db.Db, log *zap.SugaredLogger) {`
Now accounts can be added 2021-01-02 12:09:16 +01:00			`adminAccountID, uuidErr := uuid.NewRandom()`
			`if uuidErr != nil {`
Loads of updates 2021-06-22 22:52:48 +02:00			`log.Fatal("Could not create new Uuid", "err", uuidErr.Error())`
Now accounts can be added 2021-01-02 12:09:16 +01:00			`}`
			`_, adminAccountErr := Db.AccountCreate(db.AccountCreateInput{`
Protected POST /account and fixed with JWT stuff in general 2021-01-03 18:21:42 +01:00			`ID: adminAccountID,`
			`Name: "admin",`
			`APIKey: os.Getenv("ADMIN_API_KEY"),`
			`Password: "",`
			`Fields: []db.AccountCreateInputFields{{Name: "role", Values: []string{"admin"}}},`
Now accounts can be added 2021-01-02 12:09:16 +01:00			`})`
			`if adminAccountErr != nil && strings.HasPrefix(adminAccountErr.Error(), "ERROR: duplicate key") {`
			`log.Info("Admin account already created, nothing written to database")`
			`} else if adminAccountErr != nil {`
Loads of updates 2021-06-22 22:52:48 +02:00			`log.Fatal("Could not create admin account", "err", adminAccountErr.Error())`
Now accounts can be added 2021-01-02 12:09:16 +01:00			`}`
			`}`

Loads of updates 2021-06-22 22:52:48 +02:00			`// @title JWT Auth API`
			`// @version 0.1`
			`// @description This is a tiny http API for auth. Register accounts, auth with api-key or name/password, renew JWT tokens...`

			`// @contact.name Power Plan`
			`// @contact.url https://http://pwrpln.com/`
			`// @contact.email lilleman@larvit.se`

			`// @license.name MIT`

			`// @host localhost:3000`
			`// @BasePath /`
Now accounts can be added 2021-01-02 12:09:16 +01:00			`func main() {`
Loads of updates 2021-06-22 22:52:48 +02:00			`log := utils.GetLog()`

Now accounts can be added 2021-01-02 12:09:16 +01:00			`err := godotenv.Load()`
			`if err != nil {`
Loads of updates 2021-06-22 22:52:48 +02:00			`log.Warn("Error loading .env file, this could be ok if the env file does not exist", "err", err.Error())`
Now accounts can be added 2021-01-02 12:09:16 +01:00			`}`

Protected POST /account and fixed with JWT stuff in general 2021-01-03 18:21:42 +01:00			`if os.Getenv("JWT_SHARED_SECRET") == "changeMe" {`
			`log.Fatal("You must change JWT_SHARED_SECRET in .env")`
			`}`
			`if os.Getenv("ADMIN_API_KEY") == "changeMe" {`
			`log.Fatal("You must change ADMIN_API_KEY in .env")`
			`}`
			`jwtKey := []byte(os.Getenv("JWT_SHARED_SECRET"))`

Now accounts can be added 2021-01-02 12:09:16 +01:00			`dbPool, err := pgxpool.Connect(context.Background(), os.Getenv("DATABASE_URL"))`
			`if err != nil {`
Loads of updates 2021-06-22 22:52:48 +02:00			`log.Fatal("Failed to open DB connection", "err", err.Error())`
Now accounts can be added 2021-01-02 12:09:16 +01:00			`} else {`
			`log.Info("Connected to PostgreSQL database")`
			`}`
			`defer dbPool.Close()`

			`app := fiber.New()`

Loads of updates 2021-06-22 22:52:48 +02:00			`Db := db.Db{DbPool: dbPool, Log: log}`
			`handlers := h.Handlers{Db: Db, JwtKey: jwtKey, Log: log}`
Now accounts can be added 2021-01-02 12:09:16 +01:00
Loads of updates 2021-06-22 22:52:48 +02:00			`createAdminAccount(Db, log)`
Now accounts can be added 2021-01-02 12:09:16 +01:00
Protected POST /account and fixed with JWT stuff in general 2021-01-03 18:21:42 +01:00			`// Log all requests`
Loads of updates 2021-06-22 22:52:48 +02:00			`app.Use(handlers.LogReq)`
Protected POST /account and fixed with JWT stuff in general 2021-01-03 18:21:42 +01:00
Now accounts can be added 2021-01-02 12:09:16 +01:00			`// Always require application/json`
			`app.Use(handlers.RequireJSON)`

Loads of updates 2021-06-22 22:52:48 +02:00			`app.Get("/", func(c *fiber.Ctx) error { return c.Redirect("/swagger/index.html") })`
			`app.Get("/swagger", func(c *fiber.Ctx) error { return c.Redirect("/swagger/index.html") })`
			`app.Get("/swagger/*", swagger.Handler)`

Now accounts can be added 2021-01-02 12:09:16 +01:00			`app.Get("/account/:accountID", handlers.AccountGet)`
			`app.Post("/account", handlers.AccountCreate)`
			`app.Post("/auth/api-key", handlers.AccountAuthAPIKey)`
Added endpoint to auth with username and password 2021-01-05 16:23:18 +01:00			`app.Post("/auth/password", handlers.AccountAuthPassword)`
Loads of updates 2021-06-22 22:52:48 +02:00			`app.Post("/renew-token", handlers.RenewToken)`
Now accounts can be added 2021-01-02 12:09:16 +01:00
Loads of updates 2021-06-22 22:52:48 +02:00			`log.Info("Trying to start web server", "WEB_BIND_HOST", os.Getenv("WEB_BIND_HOST"))`
Now accounts can be added 2021-01-02 12:09:16 +01:00
			`if err := app.Listen(os.Getenv("WEB_BIND_HOST")); err != nil {`
Loads of updates 2021-06-22 22:52:48 +02:00			`log.Fatal("Could not start web server", "err", err.Error())`
Now accounts can be added 2021-01-02 12:09:16 +01:00			`}`

			`log.Info("Webb server closed, shutting down")`
			`}`