Simple rest api golang video 4

.gitignore

@@ -1 +1,2 @@
 Episode_*/
+.idea

Project1_Simple_REST_API/.gitignore

@@ -0,0 +1 @@
+.idea/

Project1_Simple_REST_API/Golang_Gorilla/golang_rest_api/auth/token.go

@@ -0,0 +1,100 @@
+package auth
+
+import (
+"encoding/json"
+"fmt"
+"log"
+"net/http"
+"strconv"
+"strings"
+"time"
+
+jwt "github.com/dgrijalva/jwt-go"
+)
+
+var AccessSecret = []byte("my-super-secret-access-secret")
+var RefreshSecret = []byte("my-super-secret-refresh-secret")
+
+func CreateAccessToken(userId uint) (string, error) {
+	claims := jwt.MapClaims{}
+	claims["authorized"] = true
+	claims["user_id"] = userId
+	claims["exp"] = time.Now().Add(time.Minute * 3).Unix()
+	claims["iat"] = time.Now().Unix()
+	claims["type"] = "AccessToken"
+	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
+	return token.SignedString(AccessSecret)
+}
+
+func CreateRefreshToken(userId uint) (string, error) {
+	claims := jwt.MapClaims{}
+	claims["authorized"] = true
+	claims["user_id"] = userId
+	claims["exp"] = time.Now().Add(time.Hour * 3).Unix()
+	claims["iat"] = time.Now().Unix()
+	claims["type"] = "RefreshToken"
+	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
+	return token.SignedString(RefreshSecret)
+}
+
+func TokenValid(r *http.Request) (*jwt.Token, error) {
+	tokenString := ExtractToken(r)
+	token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
+		if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
+			return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"])
+		}
+		return AccessSecret, nil
+	})
+	if err != nil {
+		return nil, err
+	}
+	if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
+		Pretty(claims)
+	}
+	return token, nil
+}
+
+func ExtractToken(r *http.Request) string {
+	keys := r.URL.Query()
+	token := keys.Get("token")
+	if token != "" {
+		return token
+	}
+	bearerToken := r.Header.Get("Authorization")
+	if len(strings.Split(bearerToken, " ")) == 2 {
+		return strings.Split(bearerToken, " ")[1]
+	}
+	return ""
+}
+
+func ExtractTokenID(r *http.Request) (uint, error) {
+	tokenString := ExtractToken(r)
+	token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
+		if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
+			return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"])
+		}
+		return AccessSecret, nil
+	})
+	if err != nil {
+		return 0, err
+	}
+	claims, ok := token.Claims.(jwt.MapClaims)
+	if ok && token.Valid {
+		uid, err := strconv.ParseUint(fmt.Sprintf("%.0f", claims["user_id"]), 10, 64)
+		if err != nil {
+			return 0, err
+		}
+		return uint(uid), nil
+	}
+	return 0, nil
+}
+
+//Pretty display the claims nicely in the terminal
+func Pretty(data interface{}) {
+	b, err := json.MarshalIndent(data, "", " ")
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	fmt.Println(string(b))
+}

Project1_Simple_REST_API/Golang_Gorilla/golang_rest_api/controllers/delete.go

@@ -1,8 +1,8 @@
 package controllers
 
 import (
-	"golang_restful_api/models"
-	"golang_restful_api/utils"
+	"golang_rest_api/models"
+	"golang_rest_api/utils"
 	"net/http"
 )
 
@@ -28,6 +28,32 @@ func (a *Users) Delete(w http.ResponseWriter, r *http.Request) {
 		utils.Respond(w, &GenericError{Message: err.Error()})
 		return
 	}
-
 	w.WriteHeader(http.StatusNoContent)
 }
+
+// Delete handles DELETE requests and removes items from the database
+func (t *Todos) Delete(w http.ResponseWriter, r *http.Request) {
+	acc, err := t.getTokenAndUser(w, r)
+
+	tid := getTodoID(r)
+	t.l.Println("[DEBUG] deleting record id", tid)
+
+	err = t.ts.DeleteTodo(acc, tid)
+	if err == models.ErrNotFound {
+		t.l.Println("[ERROR] deleting record id does not exist")
+
+		w.WriteHeader(http.StatusNotFound)
+		utils.Respond(w, &GenericError{Message: err.Error()})
+		return
+	}
+
+	if err != nil {
+		t.l.Println("[ERROR] deleting record", err)
+
+		w.WriteHeader(http.StatusInternalServerError)
+		utils.Respond(w, &GenericError{Message: err.Error()})
+		return
+	}
+
+	w.WriteHeader(http.StatusNoContent)
+}

Project1_Simple_REST_API/Golang_Gorilla/golang_rest_api/controllers/get.go

@@ -1,15 +1,14 @@
 package controllers
 
 import (
-	"golang_restful_api/models"
-	"golang_restful_api/utils"
+	"golang_rest_api/models"
+	"golang_rest_api/utils"
 	"net/http"
 )
 
 // ListAll handles GET requests and returns all current users
 func (a *Users) ListAll(w http.ResponseWriter, r *http.Request) {
 	a.l.Println("[DEBUG] get all records")
-
 	accs, err := a.us.GetUsers()
 	switch err {
 	case nil:
@@ -67,3 +66,50 @@ func (a *Users) ListSingle(w http.ResponseWriter, r *http.Request) {
 		a.l.Println("[ERROR] serializing user", err)
 	}
 }
+
+// ListAll handles GET requests and returns all current todos for a given user
+func (t *Todos) ListAll(w http.ResponseWriter, r *http.Request) {
+	t.l.Println("[DEBUG] get all records")
+	acc, err := t.getTokenAndUser(w, r)
+	todos, err := t.ts.GetTodos(acc)
+	if err != nil {
+		// TODO: do better error checking
+		t.l.Println("[ERROR] fetching todos", err)
+		w.WriteHeader(http.StatusInternalServerError)
+		utils.Respond(w, &GenericError{Message: err.Error()})
+	}
+
+	err = utils.Respond(w, todos)
+	if err != nil {
+		// we should never be here but log the error just incase
+		t.l.Println("[ERROR] serializing todos", err)
+	}
+}
+
+// ListSingle handles GET requests
+func (t *Todos) ListSingle(w http.ResponseWriter, r *http.Request) {
+	acc, err := t.getTokenAndUser(w, r)
+	tid := getTodoID(r)
+	todo, err := t.ts.GetTodoByID(acc, tid)
+	switch err {
+	case nil:
+
+	case models.ErrNotFound:
+		t.l.Println("[ERROR] fetching todo", err)
+
+		w.WriteHeader(http.StatusNotFound)
+		utils.Respond(w, &GenericError{Message: err.Error()})
+		return
+	default:
+		t.l.Println("[ERROR] fetching todo", err)
+
+		w.WriteHeader(http.StatusInternalServerError)
+		utils.Respond(w, &GenericError{Message: err.Error()})
+		return
+	}
+	err = utils.Respond(w, todo)
+	if err != nil {
+		// we should never be here but log the error just incase
+		t.l.Println("[ERROR] serializing todos", err)
+	}
+}

Project1_Simple_REST_API/Golang_Gorilla/golang_rest_api/controllers/login.go

@@ -0,0 +1,44 @@
+package controllers
+
+import (
+	"golang_rest_api/auth"
+	"golang_rest_api/models"
+	"golang_rest_api/utils"
+	"net/http"
+)
+
+type KeyLogin struct{}
+
+func (us *Users) Login(w http.ResponseWriter, r *http.Request) {
+	login := r.Context().Value(KeyLogin{}).(*models.Login)
+	foundUser, err := us.us.Authenticate(login.Email, login.Password)
+	if err != nil {
+		us.l.Println("[ERROR] Something went wrong with user authentication", err)
+		w.WriteHeader(http.StatusBadRequest)
+		utils.Respond(w, &GenericError{Message: "Something went wrong with user authentication"})
+		return
+	}
+	accessToken, err := auth.CreateAccessToken(foundUser.ID)
+	if err != nil {
+		us.l.Println("[ERROR] Something went wrong with user Access token creation", err)
+		w.WriteHeader(http.StatusUnprocessableEntity)
+		utils.Respond(w, &GenericError{Message: "Something went wrong with user Access token creation"})
+		return
+	}
+
+	refreshToken, err := auth.CreateRefreshToken(foundUser.ID)
+	if err != nil {
+		us.l.Println("[ERROR] Something went wrong with user Refresh token creation", err)
+		w.WriteHeader(http.StatusUnprocessableEntity)
+		utils.Respond(w, &GenericError{Message: "Something went wrong with user Refresh token creation"})
+		return
+	}
+	tokens := map[string]string {
+		"AccessToken": accessToken,
+		"RefreshToken": refreshToken,
+	}
+	err = utils.Respond(w, tokens)
+	if err != nil {
+		us.l.Println("[ERROR] serializing tokens", err)
+	}
+}