Compare commits

..

No commits in common. "9488f82b18b0a765fbb6ca42ac46ebbd20cf4c0a" and "61590f684ea0006bcbb858f916d68f98c1a0c7b4" have entirely different histories.

22 changed files with 38 additions and 42 deletions

View File

@ -12,6 +12,7 @@ steps:
- docker-compose down -v --remove-orphans -t0 - docker-compose down -v --remove-orphans -t0
- docker-compose build - docker-compose build
- docker-compose --profile tests build - docker-compose --profile tests build
- docker-compose run --rm db-migrations
- docker-compose up -d - docker-compose up -d
- docker-compose run --rm tests - docker-compose run --rm tests

View File

@ -33,12 +33,3 @@ Obtain an admin GWT: `curl -d '"api-key-goes-here"' -H "Content-Type: applicatio
Use a bearer token to make a call: `curl -H "Content-Type: application/json" -H "Authorization: bearer your-JWT-token-goes-here" -i http://localhost:4000/accounts/{accountID}` Use a bearer token to make a call: `curl -H "Content-Type: application/json" -H "Authorization: bearer your-JWT-token-goes-here" -i http://localhost:4000/accounts/{accountID}`
Create account: `curl -d '{"name": "Bosse", "password": "Hemligt", "fields": [{ "name":"role", "values":["user"]}]}' -H "Content-Type: application/json" -H "Authorization: bearer your-JWT-token-goes-here" -i http://localhost:4000/account` Create account: `curl -d '{"name": "Bosse", "password": "Hemligt", "fields": [{ "name":"role", "values":["user"]}]}' -H "Content-Type: application/json" -H "Authorization: bearer your-JWT-token-goes-here" -i http://localhost:4000/account`
## Development
For local development, run with .env like: `eval $(cat .env) go run src/main.go`
To regenerate the swagger docs folder:
1. Make sure you have swag installed: https://github.com/swaggo/swag
2. cd src && swag init

1
go.mod
View File

@ -9,6 +9,7 @@ require (
github.com/gofiber/fiber/v2 v2.44.0 github.com/gofiber/fiber/v2 v2.44.0
github.com/google/uuid v1.3.0 github.com/google/uuid v1.3.0
github.com/jackc/pgx/v4 v4.18.1 github.com/jackc/pgx/v4 v4.18.1
github.com/joho/godotenv v1.5.1
github.com/swaggo/swag v1.16.1 github.com/swaggo/swag v1.16.1
golang.org/x/crypto v0.8.0 golang.org/x/crypto v0.8.0
) )

2
go.sum
View File

@ -101,6 +101,8 @@ github.com/jackc/puddle v0.0.0-20190608224051-11cab39313c9/go.mod h1:m4B5Dj62Y0f
github.com/jackc/puddle v1.1.3/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk= github.com/jackc/puddle v1.1.3/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk=
github.com/jackc/puddle v1.3.0 h1:eHK/5clGOatcjX3oWGBO/MpxpbHzSwud5EWTSCI+MX0= github.com/jackc/puddle v1.3.0 h1:eHK/5clGOatcjX3oWGBO/MpxpbHzSwud5EWTSCI+MX0=
github.com/jackc/puddle v1.3.0/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk= github.com/jackc/puddle v1.3.0/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk=
github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0=
github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4=
github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY=
github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y=
github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU=

View File

@ -6,20 +6,21 @@ import (
"strings" "strings"
"time" "time"
"gitea.larvit.se/pwrpln/auth-api/src/db" "gitea.larvit.se/pwrpln/auth-api/pkgs/db"
h "gitea.larvit.se/pwrpln/auth-api/src/handlers" h "gitea.larvit.se/pwrpln/auth-api/pkgs/handlers"
"gitea.larvit.se/pwrpln/go_log" "gitea.larvit.se/pwrpln/go_log"
swagger "github.com/arsmn/fiber-swagger/v2" swagger "github.com/arsmn/fiber-swagger/v2"
"github.com/gofiber/fiber/v2" "github.com/gofiber/fiber/v2"
"github.com/google/uuid" "github.com/google/uuid"
"github.com/jackc/pgx/v4/pgxpool" "github.com/jackc/pgx/v4/pgxpool"
"github.com/joho/godotenv"
// docs are generated by Swag CLI, you have to import them. // docs are generated by Swag CLI, you have to import them.
_ "gitea.larvit.se/pwrpln/auth-api/src/docs" _ "gitea.larvit.se/pwrpln/auth-api/docs"
) )
// Don't put in utils, because it creates import cycle with db... just left it here for now // Don't put in utils, because it creates import cycle with db... just left it here for now
func createAdminAccount(Db db.Db, log go_log.Log, ADMIN_API_KEY string) { func createAdminAccount(Db db.Db, log go_log.Log) {
adminAccountID, uuidErr := uuid.NewRandom() adminAccountID, uuidErr := uuid.NewRandom()
if uuidErr != nil { if uuidErr != nil {
log.Error("Could not create new Uuid", "err", uuidErr.Error()) log.Error("Could not create new Uuid", "err", uuidErr.Error())
@ -28,7 +29,7 @@ func createAdminAccount(Db db.Db, log go_log.Log, ADMIN_API_KEY string) {
_, adminAccountErr := Db.AccountCreate(db.AccountCreateInput{ _, adminAccountErr := Db.AccountCreate(db.AccountCreateInput{
ID: adminAccountID, ID: adminAccountID,
Name: "admin", Name: "admin",
APIKey: ADMIN_API_KEY, APIKey: os.Getenv("ADMIN_API_KEY"),
Password: "", Password: "",
Fields: []db.AccountCreateInputFields{{Name: "role", Values: []string{"admin"}}}, Fields: []db.AccountCreateInputFields{{Name: "role", Values: []string{"admin"}}},
}) })
@ -54,6 +55,11 @@ func createAdminAccount(Db db.Db, log go_log.Log, ADMIN_API_KEY string) {
func main() { func main() {
log := go_log.GetLog() log := go_log.GetLog()
err := godotenv.Load()
if err != nil {
log.Warn("Error loading .env file, this could be ok if the env file does not exist", "err", err.Error())
}
if os.Getenv("JWT_SHARED_SECRET") == "changeMe" { if os.Getenv("JWT_SHARED_SECRET") == "changeMe" {
log.Warn("JWT_SHARED_SECRET ENV is not set, using very insecure \"changeMe\"") log.Warn("JWT_SHARED_SECRET ENV is not set, using very insecure \"changeMe\"")
} }
@ -73,18 +79,13 @@ func main() {
log.MinLogLvl = minLogLvl log.MinLogLvl = minLogLvl
} }
} }
ADMIN_API_KEY := os.Getenv("ADMIN_API_KEY")
WEB_BIND_HOST := os.Getenv("WEB_BIND_HOST")
DATABASE_URL := os.Getenv("DATABASE_URL")
jwtKey := []byte(os.Getenv("JWT_SHARED_SECRET")) jwtKey := []byte(os.Getenv("JWT_SHARED_SECRET"))
dbPool, err := pgxpool.Connect(context.Background(), DATABASE_URL) dbPool, err := pgxpool.Connect(context.Background(), os.Getenv("DATABASE_URL"))
for err != nil { for err != nil {
log.Warn("Failed to open connection to PostgreSQL database, retrying in 1 second", "err", err.Error()) log.Warn("Failed to open connection to PostgreSQL database, retrying in 1 second", "err", err.Error())
time.Sleep(1 * time.Second) time.Sleep(1 * time.Second)
dbPool, err = pgxpool.Connect(context.Background(), DATABASE_URL) dbPool, err = pgxpool.Connect(context.Background(), os.Getenv("DATABASE_URL"))
} }
log.Verbose("Connected to PostgreSQL database") log.Verbose("Connected to PostgreSQL database")
defer dbPool.Close() defer dbPool.Close()
@ -94,7 +95,7 @@ func main() {
Db := db.Db{DbPool: dbPool, Log: log} Db := db.Db{DbPool: dbPool, Log: log}
handlers := h.Handlers{Db: Db, JwtKey: jwtKey, Log: log} handlers := h.Handlers{Db: Db, JwtKey: jwtKey, Log: log}
createAdminAccount(Db, log, ADMIN_API_KEY) createAdminAccount(Db, log)
// Log all requests // Log all requests
app.Use(handlers.LogReq) app.Use(handlers.LogReq)
@ -115,13 +116,14 @@ func main() {
app.Post("/renew-token", handlers.RenewToken) app.Post("/renew-token", handlers.RenewToken)
app.Put("/accounts/:accountID/fields", handlers.AccountUpdateFields) app.Put("/accounts/:accountID/fields", handlers.AccountUpdateFields)
log.Info("Starting web server", "WEB_BIND_HOST", WEB_BIND_HOST) log.Info("Starting web server", "WEB_BIND_HOST", os.Getenv("WEB_BIND_HOST"))
err = app.Listen(WEB_BIND_HOST) webBindHost := os.Getenv("WEB_BIND_HOST")
err = app.Listen(webBindHost)
for err != nil { for err != nil {
log.Warn("Could not start web server", "err", err.Error(), "WEB_BIND_HOST", WEB_BIND_HOST) log.Warn("Could not start web server", "err", err.Error(), "WEB_BIND_HOST", webBindHost)
time.Sleep(1 * time.Second) time.Sleep(1 * time.Second)
err = app.Listen(WEB_BIND_HOST) err = app.Listen(webBindHost)
} }
log.Info("Web server closed, shutting down") log.Info("Web server closed, shutting down")

View File

@ -3,7 +3,7 @@ package db
import ( import (
"context" "context"
"gitea.larvit.se/pwrpln/auth-api/src/utils" "gitea.larvit.se/pwrpln/auth-api/pkgs/utils"
) )
// RenewalTokenCreate obtain a new renewal token // RenewalTokenCreate obtain a new renewal token

View File

@ -37,10 +37,9 @@ func (h Handlers) AccountDel(c *fiber.Ctx) error {
err := h.Db.AccountDel(accountID) err := h.Db.AccountDel(accountID)
if err != nil { if err != nil {
if err.Error() == "no account found for given accountID" { if err.Error() == "No account found for given accountID" {
return c.Status(404).JSON([]ResJSONError{{Error: err.Error()}}) return c.Status(404).JSON([]ResJSONError{{Error: err.Error()}})
} else { } else {
h.Log.Error("Database error when trying to remove account", "err", err.Error())
return c.Status(500).JSON([]ResJSONError{{Error: "Database error when trying to remove account"}}) return c.Status(500).JSON([]ResJSONError{{Error: "Database error when trying to remove account"}})
} }
} }

View File

@ -5,7 +5,7 @@ import (
"strings" "strings"
"time" "time"
"gitea.larvit.se/pwrpln/auth-api/src/db" "gitea.larvit.se/pwrpln/auth-api/pkgs/db"
jwt "github.com/dgrijalva/jwt-go" jwt "github.com/dgrijalva/jwt-go"
"github.com/gofiber/fiber/v2" "github.com/gofiber/fiber/v2"
) )

View File

@ -3,8 +3,8 @@ package handlers
import ( import (
"strings" "strings"
"gitea.larvit.se/pwrpln/auth-api/src/db" "gitea.larvit.se/pwrpln/auth-api/pkgs/db"
"gitea.larvit.se/pwrpln/auth-api/src/utils" "gitea.larvit.se/pwrpln/auth-api/pkgs/utils"
"github.com/gofiber/fiber/v2" "github.com/gofiber/fiber/v2"
"github.com/google/uuid" "github.com/google/uuid"
) )

View File

@ -1,7 +1,7 @@
package handlers package handlers
import ( import (
"gitea.larvit.se/pwrpln/auth-api/src/db" "gitea.larvit.se/pwrpln/auth-api/pkgs/db"
"github.com/gofiber/fiber/v2" "github.com/gofiber/fiber/v2"
"github.com/google/uuid" "github.com/google/uuid"
) )

View File

@ -1,7 +1,7 @@
package handlers package handlers
import ( import (
"gitea.larvit.se/pwrpln/auth-api/src/db" "gitea.larvit.se/pwrpln/auth-api/pkgs/db"
"gitea.larvit.se/pwrpln/go_log" "gitea.larvit.se/pwrpln/go_log"
jwt "github.com/dgrijalva/jwt-go" jwt "github.com/dgrijalva/jwt-go"
) )

View File

@ -1,3 +1,3 @@
ADMIN_API_KEY=hihi ADMIN_API_KEY=hihi
AUTH_URL=http://127.0.0.1:4000 AUTH_URL=http://localhost:4000
JWT_SHARED_SECRET=hihi JWT_SHARED_SECRET=hihi

View File

@ -6,7 +6,7 @@ import setConfig from '../test-helpers/config.js';
test('test-cases/00start.js: Wait for auth API to be ready', async t => { test('test-cases/00start.js: Wait for auth API to be ready', async t => {
setConfig({ printConfig: true }); setConfig({ printConfig: true });
const backendHealthCheck = await got(process.env.AUTH_URL, { retry: { limit: 2000 }}); const backendHealthCheck = await got(process.env.AUTH_URL, { retry: 2000 });
t.equal(backendHealthCheck.statusCode, 200, 'Auth API should answer with status code 200'); t.equal(backendHealthCheck.statusCode, 200, 'Auth API should answer with status code 200');
}); });

View File

@ -54,7 +54,7 @@ test('test-cases/01basic.js: GETting the admin account, with the token we just o
}); });
test('test-cases/01basic.js: Creating a new account', async t => { test('test-cases/01basic.js: Creating a new account', async t => {
const res = await got.post(`${process.env.AUTH_URL}/accounts`, { const res = await got.post(`${process.env.AUTH_URL}/account`, {
headers: { 'Authorization': `bearer ${adminJWTString}`}, headers: { 'Authorization': `bearer ${adminJWTString}`},
json: { json: {
fields: [ fields: [
@ -79,7 +79,7 @@ test('test-cases/01basic.js: Creating a new account', async t => {
t.notEqual(user.apiKey, undefined, 'The new account should have an apiKey'); t.notEqual(user.apiKey, undefined, 'The new account should have an apiKey');
try { try {
await got.post(`${process.env.AUTH_URL}/accounts`, { await got.post(`${process.env.AUTH_URL}/account`, {
headers: { 'Authorization': `bearer ${adminJWTString}`}, headers: { 'Authorization': `bearer ${adminJWTString}`},
json: { json: {
fields: [{name: 'role',values: ['user'],}], fields: [{name: 'role',values: ['user'],}],
@ -187,7 +187,7 @@ test('test-cases/01basic.js: Remove an account', async t => {
await got.delete(`${process.env.AUTH_URL}/accounts/a423e690-74b9-4f37-9976-f5bf75a5ea32`, { await got.delete(`${process.env.AUTH_URL}/accounts/a423e690-74b9-4f37-9976-f5bf75a5ea32`, {
headers: { 'Authorization': `bearer ${adminJWTString}`}, headers: { 'Authorization': `bearer ${adminJWTString}`},
responseType: 'json', responseType: 'json',
retry: { limit: 0 }, retry: 0,
}); });
t.fail('Response status for DELETing an account that does not exist should be 404'); t.fail('Response status for DELETing an account that does not exist should be 404');
} catch (err) { } catch (err) {
@ -197,7 +197,7 @@ test('test-cases/01basic.js: Remove an account', async t => {
const delRes = await got.delete(`${process.env.AUTH_URL}/accounts/${user.id}`, { const delRes = await got.delete(`${process.env.AUTH_URL}/accounts/${user.id}`, {
headers: { 'Authorization': `bearer ${adminJWTString}`}, headers: { 'Authorization': `bearer ${adminJWTString}`},
responseType: 'json', responseType: 'json',
retry: { limit: 0 }, retry: 0,
}); });
t.equal(delRes.statusCode, 204, 'Response status for DELETE should be 204'); t.equal(delRes.statusCode, 204, 'Response status for DELETE should be 204');
@ -206,7 +206,7 @@ test('test-cases/01basic.js: Remove an account', async t => {
await got(`${process.env.AUTH_URL}/accounts/${user.id}`, { await got(`${process.env.AUTH_URL}/accounts/${user.id}`, {
headers: { 'Authorization': `bearer ${adminJWTString}`}, headers: { 'Authorization': `bearer ${adminJWTString}`},
responseType: 'json', responseType: 'json',
retry: { limit: 0 }, retry: 0,
}); });
t.fail('Response status for GETing the account again should be 404'); t.fail('Response status for GETing the account again should be 404');
} catch (err) { } catch (err) {