init OPP auth

Author: tollsimy

.gitignore

@@ -0,0 +1 @@
+TODO

Containerfile

@@ -14,8 +14,8 @@ RUN go build -o /go/bin/opp-auth
 FROM alpine:latest AS production
 RUN apk --no-cache add ca-certificates tzdata
 WORKDIR /root/
-COPY --from=0 /go/bin/opp-auth .
-COPY --from=0 /go/src/app/api/openapi.yaml ./api/openapi.yaml
+COPY --from=builder /go/bin/opp-auth .
+COPY --from=builder /go/src/app/api/openapi.yaml ./api/openapi.yaml
 EXPOSE 8080
 
 CMD ["./opp-auth"]

Containerfile.dev

@@ -1,5 +1,5 @@
 FROM golang:1.22-alpine AS builder
-RUN apk add --no-cache git make gcc musl-dev curl
+RUN apk add --no-cache git make gcc musl-dev curl openssl
 WORKDIR /src
 RUN go install github.com/oapi-codegen/oapi-codegen/v2/cmd/oapi-codegen@latest
 ENTRYPOINT ["/src/entrypoint.sh"]

compose.yml

@@ -9,3 +9,19 @@ services:
       - .:/src/
     ports:
       - "8080:8080"
+    depends_on:
+      - postgres
+  postgres:
+    image: postgres:latest
+    environment:
+      POSTGRES_USER: user
+      POSTGRES_PASSWORD: password
+      POSTGRES_DB: db
+    ports:
+      - "5432:5432"
+    volumes:
+      - postgres_data:/var/lib/postgresql/data
+
+volumes:
+  postgres_data:
+    driver: local

entrypoint.sh

@@ -16,5 +16,11 @@ go generate && echo "API generated" || echo "API generation failed"
 echo "Building app..."
 go build -buildvcs=false -o /go/bin/opp-auth .
 
+mkdir -p /root/keys && \
+openssl genrsa -out /root/keys/private.pem 4096 && \
+openssl rsa -in /root/keys/private.pem -pubout -out /root/keys/public.pem
+export PRIVATE_KEY=$(cat /root/keys/private.pem | base64 -w 0)
+export PUBLIC_KEY=$(cat /root/keys/public.pem | base64 -w 0)
+
 echo "Starting app..."
 /go/bin/opp-auth

src/auth.go

@@ -1,23 +1,52 @@
-//go:generate oapi-codegen -include-tags=session -generate types,gin-server -o api/api.gen.go -package api api/openapi.yaml
+//go:generate oapi-codegen -include-tags=session,user -generate types,gin-server -o api/api.gen.go -package api api/openapi.yaml
 
 package main
 
 import (
 	"OPP/auth/api"
+	"OPP/auth/db"
 	"OPP/auth/handlers"
+	"OPP/auth/jwt"
+	"OPP/auth/rbac"
+	"context"
 	"fmt"
 	"log"
 	"os"
 
+	"github.com/getkin/kin-openapi/openapi3filter"
 	"github.com/gin-gonic/gin"
 	ginmiddleware "github.com/oapi-codegen/gin-middleware"
 	"github.com/oapi-codegen/oapi-codegen/v2/pkg/util"
 )
 
 var DEBUG_MODE = os.Getenv("DEBUG_MODE") == "true"
 
+type opp_handlers struct {
+	handlers.SessionHandlers
+	handlers.UserHandlers
+}
+
 func main() {
 
+	rbac := rbac.SetupRBAC()
+	if rbac == nil {
+		log.Panicf("Failed to setup RBAC")
+	}
+
+	if err := db.Init(); err != nil {
+		log.Panicf("Failed to initialize database: %v", err)
+	}
+	if db.GetDB() == nil {
+		log.Panicf("Failed to get database instance")
+	} else {
+		defer db.GetDB().Close()
+	}
+
+	opp_auth_handlers := &opp_handlers{
+		SessionHandlers: *handlers.NewSessionHandler(),
+		UserHandlers:    *handlers.NewUserHandler(),
+	}
+
 	r := gin.New()
 	r.Use(gin.Logger())
 	r.Use(gin.Recovery())
@@ -40,8 +69,14 @@ func main() {
 
 	// Set up the authentication function
 	validatorOptions := &ginmiddleware.Options{
+		Options: openapi3filter.Options{
+			AuthenticationFunc: func(ctx context.Context, input *openapi3filter.AuthenticationInput) error {
+				return jwt.AuthenticationFunc(ctx, input)
+			},
+		},
 		SilenceServersWarning: silenceServersWarning,
 	}
+
 	validator := ginmiddleware.OapiRequestValidatorWithOptions(spec, validatorOptions)
 	if err != nil {
 		log.Panicf("Failed to create validator: %v", err)
@@ -55,8 +90,7 @@ func main() {
 		ErrorHandler: nil,
 	}
 
-	SessionHandler := handlers.NewSessionHandler()
-	api.RegisterHandlersWithOptions(r, SessionHandler, options)
+	api.RegisterHandlersWithOptions(r, opp_auth_handlers, options)
 
 	fmt.Println("OPP Backend starting on :8080")
 	log.Fatal(r.Run(":8080"))

src/dao/user.go

@@ -0,0 +1,165 @@
+package dao
+
+import (
+	"OPP/auth/api"
+	"OPP/auth/db"
+	"context"
+	"errors"
+	"fmt"
+	"strings"
+)
+
+var (
+	ErrUserAlreadyExists = errors.New("user already exists")
+	ErrInvalidUser       = errors.New("invalid user data")
+	ErrUserNotFound      = errors.New("user not found")
+	ErrInvalidPassword   = errors.New("invalid password")
+)
+
+type UserDao struct {
+	db db.DB
+}
+
+func NewUserDao() *UserDao {
+	return &UserDao{
+		db: *db.GetDB(),
+	}
+}
+
+func (d *UserDao) GetUsers(c context.Context, limit *int, offset *int) []api.UserResponse {
+	query := "SELECT username, name, surname, email FROM users LIMIT $1 OFFSET $2"
+	params := []any{20, 0}
+	if limit != nil {
+		params[0] = *limit
+	}
+	if offset != nil {
+		params[1] = *offset
+	}
+
+	var users []api.UserResponse
+	rows, err := d.db.Query(c, query, params...)
+	if err != nil {
+		fmt.Printf("db error: %v\n", err.Error())
+		return users
+	}
+	defer rows.Close()
+
+	for rows.Next() {
+		var user api.UserResponse
+		if err := rows.Scan(&user.Username, &user.Name, &user.Surname, &user.Email); err != nil {
+			fmt.Printf("row scan error: %v\n", err.Error())
+			continue
+		}
+		users = append(users, user)
+	}
+	return users
+}
+
+func (d *UserDao) AddUser(c context.Context, user api.UserRequest) error {
+	query := "INSERT INTO users (username, name, surname, email, password, role) VALUES ($1, $2, $3, $4, $5, $6)"
+	_, err := d.db.Exec(c, query, user.Username, user.Name, user.Surname, user.Email, user.Password, user.Role)
+	if err != nil {
+		if strings.Contains(err.Error(), "UNIQUE constraint failed") {
+			return ErrUserAlreadyExists
+		}
+		return fmt.Errorf("failed to add user: %w", err)
+	}
+	return nil
+}
+
+func (d *UserDao) GetUser(c context.Context, username string) (*api.UserResponse, error) {
+	query := "SELECT username, name, surname, email FROM users WHERE username = $1"
+	rows, err := d.db.Query(c, query, username)
+	if err != nil {
+		return nil, fmt.Errorf("db error: %w", err)
+	}
+	defer rows.Close()
+
+	var user api.UserResponse
+	if rows.Next() {
+		if err := rows.Scan(&user.Username, &user.Name, &user.Surname, &user.Email); err != nil {
+			return nil, fmt.Errorf("failed to scan user: %w", err)
+		}
+		return &user, nil
+	}
+	return nil, ErrUserNotFound
+}
+
+func (d *UserDao) GetUserRole(c context.Context, username string) (api.UserRequestRole, error) {
+	query := "SELECT role FROM users WHERE username = $1"
+	rows, err := d.db.Query(c, query, username)
+	if err != nil {
+		return "", fmt.Errorf("db error: %w", err)
+	}
+	defer rows.Close()
+
+	var role api.UserRequestRole
+	if rows.Next() {
+		if err := rows.Scan(&role); err != nil {
+			return "", fmt.Errorf("failed to scan user role: %w", err)
+		}
+		return role, nil
+	}
+	return "", ErrUserNotFound
+}
+
+func (d *UserDao) CheckPassword(c context.Context, username string, password string) error {
+	query := "SELECT password FROM users WHERE username = $1"
+	rows, err := d.db.Query(c, query, username)
+	if err != nil {
+		return fmt.Errorf("db error: %w", err)
+	}
+	defer rows.Close()
+
+	var storedPassword string
+	if rows.Next() {
+		if err := rows.Scan(&storedPassword); err != nil {
+			return fmt.Errorf("failed to scan password: %w", err)
+		}
+		if storedPassword != password {
+			return ErrInvalidPassword
+		}
+		return nil
+	}
+	return ErrUserNotFound
+}
+
+func (d *UserDao) DeleteAllUsers(c context.Context) error {
+	query := "DELETE FROM users"
+	_, err := d.db.Exec(c, query)
+	if err != nil {
+		return fmt.Errorf("failed to delete all users: %w", err)
+	}
+	return nil
+}
+
+func (d *UserDao) DeleteUser(c context.Context, username string) error {
+	query := "DELETE FROM users WHERE username = $1"
+	result, err := d.db.Exec(c, query, username)
+	if err != nil {
+		return fmt.Errorf("failed to delete user: %w", err)
+	}
+
+	rowsAffected := result.RowsAffected()
+	if rowsAffected == 0 {
+		return ErrUserNotFound
+	}
+	return nil
+}
+
+func (d *UserDao) UpdateUser(c context.Context, username string, user api.UserRequest) error {
+	query := "UPDATE users SET name = $1, surname = $2, email = $3 WHERE username = $4"
+	result, err := d.db.Exec(c, query, user.Name, user.Surname, user.Email, username)
+	if err != nil {
+		if strings.Contains(err.Error(), "UNIQUE constraint failed") {
+			return ErrUserAlreadyExists
+		}
+		return fmt.Errorf("failed to update user: %w", err)
+	}
+
+	rowsAffected := result.RowsAffected()
+	if rowsAffected == 0 {
+		return ErrUserNotFound
+	}
+	return nil
+}

src/db/db.go

@@ -0,0 +1,94 @@
+package db
+
+import (
+	"context"
+	"fmt"
+	"os"
+	"sync"
+	"time"
+
+	"github.com/jackc/pgx/v5"
+	"github.com/jackc/pgx/v5/pgconn"
+	"github.com/jackc/pgx/v5/pgxpool"
+)
+
+type DB struct {
+	pool *pgxpool.Pool
+}
+
+// Singleton instance of DB
+var instance *DB
+var once sync.Once
+var initErr error
+
+var schemaPath = "postegres_schema_v1.sql"
+
+func Init() error {
+	once.Do(func() {
+		ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
+		defer cancel()
+
+		pool, err := pgxpool.New(ctx, "postgres://user:password@172.17.0.1:5432/db")
+		if err != nil {
+			initErr = fmt.Errorf("unable to create connection pool: %w", err)
+			return
+		}
+		if err := pool.Ping(ctx); err != nil {
+			pool.Close()
+			initErr = fmt.Errorf("database ping failed: %w", err)
+			return
+		}
+
+		// Read schema file
+		schemaSQL, err := os.ReadFile("db/" + schemaPath)
+		if err != nil {
+			pool.Close()
+			initErr = fmt.Errorf("failed to read schema file: %w", err)
+			return
+		}
+		// Apply schema
+		_, err = pool.Exec(ctx, string(schemaSQL))
+		if err != nil {
+			pool.Close()
+			initErr = fmt.Errorf("failed to apply database schema: %w", err)
+			return
+		}
+
+		instance = &DB{pool: pool}
+		fmt.Println("Database connection pool created successfully")
+	})
+
+	return initErr
+}
+
+func GetDB() *DB {
+	return instance
+}
+
+func (d *DB) Close() {
+	if d.pool != nil {
+		d.pool.Close()
+		d.pool = nil
+	}
+}
+
+func (d *DB) Query(ctx context.Context, query string, args ...any) (pgx.Rows, error) {
+	if d.pool == nil {
+		return nil, pgx.ErrTxClosed
+	}
+	return d.pool.Query(ctx, query, args...)
+}
+
+func (d *DB) QueryRow(ctx context.Context, query string, args ...any) pgx.Row {
+	if d.pool == nil {
+		return nil
+	}
+	return d.pool.QueryRow(ctx, query, args...)
+}
+
+func (d *DB) Exec(ctx context.Context, query string, args ...any) (pgconn.CommandTag, error) {
+	if d.pool == nil {
+		return pgconn.CommandTag{}, pgx.ErrTxClosed
+	}
+	return d.pool.Exec(ctx, query, args...)
+}