legalgonews/legalgo-BE-go
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: legalgonews:c23ee933c11fcd6a748ebf68047404cbd532fcf5
Branches Tags
legalgonews:main
legalgonews:dev
legalgonews:feature-test
..
compare: legalgonews:4ec50cee8a6d1c65483710a2e559056fe2d3bb9e
Branches Tags
legalgonews:dev
legalgonews:main
legalgonews:feature-test

No commits in common. "c23ee933c11fcd6a748ebf68047404cbd532fcf5" and "4ec50cee8a6d1c65483710a2e559056fe2d3bb9e" have entirely different histories.
c23ee933c1 ... 4ec50cee8a

15 changed files with 44 additions and 234 deletions
Show Stats Expand all files Collapse all files

23
config/conf.go
View File

@ -1,5 +1,9 @@
package config
import (
"legalgo-BE-go/internal/utilities/utils"
)
var (
APP_PORT int
GRACEFULL_TIMEOUT int
@ -9,19 +13,16 @@ var (
DB_USER,
DB_PASSWORD,
DB_NAME,
DB_PORT,
SALT_SECURITY string
DB_PORT string
)
func InitEnv() {
DB_HOST = GetOrDefault("DB_HOST", "localhost")
DB_USER = GetOrDefault("DB_USER", "")
DB_PASSWORD = GetOrDefault("DB_PASSWORD", "")
DB_NAME = GetOrDefault("DB_NAME", "")
DB_PORT = GetOrDefault("DB_PORT", "")
DB_HOST = utils.GetOrDefault("DB_HOST", "localhost")
DB_USER = utils.GetOrDefault("DB_USER", "")
DB_PASSWORD = utils.GetOrDefault("DB_PASSWORD", "")
DB_NAME = utils.GetOrDefault("DB_NAME", "")
DB_PORT = utils.GetOrDefault("DB_PORT", "")
SALT_SECURITY = GetOrDefault("SALT_SECURITY", "legalgo")
APP_PORT = GetOrDefault("APP_PORT", 3000)
GRACEFULL_TIMEOUT = GetOrDefault("GRACEFULL_TIMEOUT", 10)
APP_PORT = utils.GetOrDefault("APP_PORT", 3000)
GRACEFULL_TIMEOUT = utils.GetOrDefault("GRACEFULL_TIMEOUT", 10)
}

29
internal/accessor/user_repository/get_user_profile.go
View File

@ -1,29 +0,0 @@
package userrepository
import (
"errors"
authdomain "legalgo-BE-go/internal/domain/auth"
"gorm.io/gorm"
)
func (ur *UserRepository) GetUserProfile(email string) (*authdomain.UserProfile, error) {
var users []authdomain.UserProfile
if email == "" {
return nil, errors.New("email is empty")
}
if err := ur.DB.Table("users u").
Select("u.email, u.id, s.status as subscribe_status, sp.code as subscribe_plan_code, sp.name as subscribe_plan_name").
Joins("join subscribes s on s.id = u.subscribe_id").
Joins("join subscribe_plans sp on s.subscribe_plan_id = sp.id").
Scan(&users).Error; err != nil {
if errors.Is(err, gorm.ErrRecordNotFound) {
return nil, errors.New("user not found")
}
return nil, err
}
return &users[0], nil
}

1
internal/accessor/user_repository/impl.go
View File

@ -12,7 +12,6 @@ type UserRepository struct {
type UserIntf interface {
GetUserByEmail(string) (*authdomain.User, error)
GetUserByID(string) (*authdomain.UserProfile, error)
GetUserProfile(string) (*authdomain.UserProfile, error)
CreateUser(*authdomain.User) (*authdomain.User, error)
}

100
internal/api/http/auth/profile.go
View File

@ -4,9 +4,7 @@ import (
"errors"
authsvc "legalgo-BE-go/internal/services/auth"
"legalgo-BE-go/internal/utilities/response"
"legalgo-BE-go/internal/utilities/utils"
"net/http"
"strings"
"github.com/go-chi/chi/v5"
)
@ -15,15 +13,14 @@ func GetStaffProfile(
router chi.Router,
authSvc authsvc.AuthIntf,
) {
router.Get("/staff/profile", func(w http.ResponseWriter, r *http.Request) {
router.Get("/staff/{id}/profile", func(w http.ResponseWriter, r *http.Request) {
ctx := r.Context()
authHeader := r.Header.Get("Authorization")
if authHeader == "" {
id := chi.URLParam(r, "id")
if id == "" {
response.ResponseWithErrorCode(
ctx,
w,
errors.New("provided auth is empty"),
errors.New("provided id is empty"),
response.ErrBadRequest.Code,
response.ErrBadRequest.HttpCode,
"required params is not provided",
@ -31,45 +28,7 @@ func GetStaffProfile(
return
}
if !strings.HasPrefix(authHeader, "Bearer") {
response.ResponseWithErrorCode(
ctx,
w,
errors.New("invalid authorization token"),
response.ErrBadRequest.Code,
response.ErrBadRequest.HttpCode,
"invalid required token",
)
return
}
token := strings.Split(authHeader, " ")
if len(token) < 2 {
response.ResponseWithErrorCode(
ctx,
w,
errors.New("invalid authorization"),
response.ErrBadRequest.Code,
response.ErrBadRequest.HttpCode,
"invalid required token",
)
return
}
destructedToken, err := utils.DestructToken(token[1])
if err != nil {
response.ResponseWithErrorCode(
ctx,
w,
err,
response.ErrBadRequest.Code,
response.ErrBadRequest.HttpCode,
err.Error(),
)
return
}
staffProfile, err := authSvc.GetStaffProfile(destructedToken.Email)
staffProfile, err := authSvc.GetStaffProfile(id)
if err != nil {
response.ResponseWithErrorCode(
ctx,
@ -90,15 +49,14 @@ func GetUserProfile(
router chi.Router,
authSvc authsvc.AuthIntf,
) {
router.Get("/user/profile", func(w http.ResponseWriter, r *http.Request) {
router.Get("/user/{id}/profile", func(w http.ResponseWriter, r *http.Request) {
ctx := r.Context()
authHeader := r.Header.Get("Authorization")
if authHeader == "" {
id := chi.URLParam(r, "id")
if id == "" {
response.ResponseWithErrorCode(
ctx,
w,
errors.New("provided auth is empty"),
errors.New("provided id is empty"),
response.ErrBadRequest.Code,
response.ErrBadRequest.HttpCode,
"required params is not provided",
@ -106,45 +64,7 @@ func GetUserProfile(
return
}
if !strings.HasPrefix(authHeader, "Bearer") {
response.ResponseWithErrorCode(
ctx,
w,
errors.New("invalid authorization token"),
response.ErrBadRequest.Code,
response.ErrBadRequest.HttpCode,
"invalid required token",
)
return
}
token := strings.Split(authHeader, " ")
if len(token) < 2 {
response.ResponseWithErrorCode(
ctx,
w,
errors.New("invalid authorization"),
response.ErrBadRequest.Code,
response.ErrBadRequest.HttpCode,
"invalid required token",
)
return
}
destructedToken, err := utils.DestructToken(token[1])
if err != nil {
response.ResponseWithErrorCode(
ctx,
w,
err,
response.ErrBadRequest.Code,
response.ErrBadRequest.HttpCode,
err.Error(),
)
return
}
userProfile, err := authSvc.GetUserProfile(destructedToken.Email)
userProfile, err := authSvc.GetUserProfile(id)
if err != nil {
response.ResponseWithErrorCode(
ctx,

6
internal/domain/auth/token.go
View File

@ -1,6 +0,0 @@
package authdomain
type AuthToken struct {
Email string
SessionID string
}

2
internal/enums/jwt/jwt_claims.go
View File

@ -4,7 +4,7 @@ type JWTClaim string
const (
TYPE JWTClaim = "type"
EMAIL JWTClaim = "email"
USERNAME JWTClaim = "username"
EXPIRED_AT JWTClaim = "exp"
SESSION_ID JWTClaim = "sid"
ISSUED_AT JWTClaim = "iat"

4
internal/services/auth/get_staff.go
View File

@ -2,8 +2,8 @@ package authsvc
import authdomain "legalgo-BE-go/internal/domain/auth"
func (as *AuthSvc) GetStaffProfile(email string) (*authdomain.StaffProfile, error) {
staff, err := as.staffRepo.GetStaffByEmail(email)
func (as *AuthSvc) GetStaffProfile(id string) (*authdomain.StaffProfile, error) {
staff, err := as.staffRepo.GetStaffByID(id)
if err != nil {
return nil, err
}

4
internal/services/auth/get_user.go
View File

@ -2,8 +2,8 @@ package authsvc
import authdomain "legalgo-BE-go/internal/domain/auth"
func (as *AuthSvc) GetUserProfile(email string) (*authdomain.UserProfile, error) {
user, err := as.userRepo.GetUserProfile(email)
func (as *AuthSvc) GetUserProfile(id string) (*authdomain.UserProfile, error) {
user, err := as.userRepo.GetUserByID(id)
if err != nil {
return nil, err
}

9
internal/services/auth/login_as_staff.go
View File

@ -5,8 +5,6 @@ import (
authdomain "legalgo-BE-go/internal/domain/auth"
"legalgo-BE-go/internal/utilities/utils"
"github.com/google/uuid"
)
func (sv *AuthSvc) LoginAsStaff(spec authdomain.LoginReq) (string, error) {
@ -20,12 +18,7 @@ func (sv *AuthSvc) LoginAsStaff(spec authdomain.LoginReq) (string, error) {
return "", errors.New("wrong password")
}
authToken := authdomain.AuthToken{
Email: staff.Email,
SessionID: uuid.NewString(),
}
token, err := utils.GenerateToken(authToken)
token, err := utils.GenerateToken(staff.Email)
if err != nil {
return "", errors.New(err.Error())
}

9
internal/services/auth/login_as_user.go
View File

@ -5,8 +5,6 @@ import (
authdomain "legalgo-BE-go/internal/domain/auth"
"legalgo-BE-go/internal/utilities/utils"
"github.com/google/uuid"
)
func (a *AuthSvc) LoginAsUser(spec authdomain.LoginReq) (string, error) {
@ -20,12 +18,7 @@ func (a *AuthSvc) LoginAsUser(spec authdomain.LoginReq) (string, error) {
return "", errors.New("wrong password")
}
authToken := authdomain.AuthToken{
Email: user.Email,
SessionID: uuid.NewString(),
}
token, err := utils.GenerateToken(authToken)
token, err := utils.GenerateToken(user.Email)
if err != nil {
return "", errors.New(err.Error())
}

11
internal/services/auth/register_staff.go
View File

@ -19,24 +19,19 @@ func (a *AuthSvc) RegisterStaff(spec authdomain.RegisterStaffReq) (string, error
return "", err
}
staff := authdomain.Staff{
user := authdomain.Staff{
ID: uuid.NewString(),
Email: spec.Email,
Password: hashedPwd,
Username: spec.Username,
}
_, err = a.staffRepo.Create(&staff)
_, err = a.staffRepo.Create(&user)
if err != nil {
return "", errors.New(err.Error())
}
authToken := authdomain.AuthToken{
Email: staff.Email,
SessionID: uuid.NewString(),
}
token, err := utils.GenerateToken(authToken)
token, err := utils.GenerateToken(spec.Email)
if err != nil {
return "", errors.New(err.Error())
}

7
internal/services/auth/register_user.go
View File

@ -48,12 +48,7 @@ func (a *AuthSvc) RegisterUser(spec authdomain.RegisterUserReq) (string, error)
return "", errors.New(err.Error())
}
authToken := authdomain.AuthToken{
Email: user.Email,
SessionID: uuid.NewString(),
}
token, err := utils.GenerateToken(authToken)
token, err := utils.GenerateToken(spec.Email)
if err != nil {
return "", errors.New(err.Error())
}

2
config/get_or_default.go → internal/utilities/utils/get_or_default.go
View File

@ -1,4 +1,4 @@
package config
package utils
import (
"os"

67
internal/utilities/utils/jwt.go
View File

@ -1,18 +1,15 @@
package utils
import (
"errors"
"fmt"
"time"
"legalgo-BE-go/config"
authdomain "legalgo-BE-go/internal/domain/auth"
jwtclaimenum "legalgo-BE-go/internal/enums/jwt"
timeutils "legalgo-BE-go/internal/utilities/time_utils"
"github.com/golang-jwt/jwt/v5"
)
var jwtSecret = []byte("secret jwt key") // TODO: change later from env
type ClaimOption func(options jwt.MapClaims)
// func GenerateToken(options ...ClaimOption) (string, error) {
@ -31,60 +28,12 @@ type ClaimOption func(options jwt.MapClaims)
// return token.SignedString(jwtSecret)
// }
func GenerateToken(data authdomain.AuthToken) (string, error) {
func GenerateToken(email string) (string, error) {
now := timeutils.Now()
token := jwt.New(jwt.SigningMethodHS256)
claims := token.Claims.(jwt.MapClaims)
claims["email"] = email
claims["exp"] = now.Add(time.Hour).Unix()
claims := jwt.MapClaims{
"email": data.Email,
"session_id": data.SessionID,
"exp": now.Add(1 * time.Hour).Unix(),
}
token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
return token.SignedString([]byte(config.SALT_SECURITY))
}
func parseToken(s string) (*jwt.Token, error) {
return jwt.Parse(s, func(t *jwt.Token) (any, error) {
if _, ok := t.Method.(*jwt.SigningMethodHMAC); !ok {
errMsg := fmt.Sprintf("unexpected signing method: %v", t.Header["alg"])
return nil, errors.New(errMsg)
}
return []byte(config.SALT_SECURITY), nil
})
}
func DestructToken(s string) (authdomain.AuthToken, error) {
var data authdomain.AuthToken
token, err := parseToken(s)
if err != nil {
return data, err
}
claims, ok := token.Claims.(jwt.MapClaims)
if !ok {
return data, errors.New("failed to parse token")
}
if !token.Valid {
return data, errors.New("invalid token")
}
email, ok := claims[string(jwtclaimenum.EMAIL)].(string)
if !ok {
return data, errors.New("invalid email")
}
sessionId, ok := claims[string(jwtclaimenum.SESSION_ID)].(string)
data = authdomain.AuthToken{
Email: email,
SessionID: sessionId,
}
return data, nil
return token.SignedString(jwtSecret)
}

4
openapi.yml
View File

@ -120,7 +120,7 @@ paths:
message:
type: string
/staff/profile:
/staff/{id}/profile:
get:
summary: "get staff profile"
tags:
@ -164,7 +164,7 @@ paths:
message:
type: string
/user/profile:
/user/{id}/profile:
get:
summary: "get staff profile"
tags: