micro-services/cmd/auth/main.go

package main

import (
	"encoding/json"
	"io/ioutil"
	"log"
	"net/http"

	"github.com/andreanidouglas/auth-go/dao"
	"github.com/andreanidouglas/auth-go/internals"

	model "github.com/andreanidouglas/auth-go/model"
)

type ResponseLogin struct {
	Authenticated bool           `json:"authenticated"`
	User          model.AuthUser `json:"user,omitempty"`
}

type ResponseSignup struct {
	Created bool           `json:"created"`
	User    model.CreateUser `json:"user,omitempty"`
}

func (r *ResponseSignup) JsonResponseSignInSetAndWrite(rw http.ResponseWriter, authenticated bool, u *model.CreateUser) error {
	r.Created = authenticated
	r.User = *u
	b, err := json.Marshal(r)
	if err != nil {
		return err
	}

	_, err = rw.Write(append(b, '\n'))
	return err

}

func (r *ResponseLogin) JsonResponseSetAndWrite(rw http.ResponseWriter, authenticated bool, u *model.AuthUser) error {
	r.Authenticated = authenticated
	u.PasswordHash = ""
	r.User = *u
	b, err := json.Marshal(r)
	if err != nil {
		return err
	}

	_, err = rw.Write(append(b, '\n'))
	return err

}

func setupRoute() {

	dao := dao.NewUserRepository()
	crypt := internals.NewCrypt()

	http.HandleFunc("/all", func(rw http.ResponseWriter, r *http.Request) {
		var authUser model.GetUser

		if r.Method == "POST" {
			rw.WriteHeader(http.StatusMethodNotAllowed)
			return
		}

		all, err := authUser.GetAllUsers(dao)
		if err != nil {
			rw.WriteHeader(http.StatusInternalServerError)
			return
		}
		jsonRes, err := json.Marshal(all)
		if err != nil {
			rw.WriteHeader(http.StatusInternalServerError)
			return
		}

		rw.WriteHeader(http.StatusOK)
		rw.Write(jsonRes)

	})

	http.HandleFunc("/signup", func(rw http.ResponseWriter, r *http.Request) {
		var newUser model.CreateUser

		res := &ResponseSignup{Created: false}

		if r.Method == "GET" {
			rw.WriteHeader(http.StatusMethodNotAllowed)
			return
		}

		reqBody, err := ioutil.ReadAll(r.Body)
		if err != nil {
			rw.WriteHeader(http.StatusBadRequest)
			return
		}

		err = json.Unmarshal(reqBody, &newUser)
		if err != nil {
			rw.WriteHeader(http.StatusBadRequest)
			return
		}

		_, err = newUser.CreateUser(dao, crypt)
		if err != nil {
			rw.WriteHeader(http.StatusBadRequest)
			res.JsonResponseSignInSetAndWrite(rw, false, &model.CreateUser{})
			return
		}


		rw.WriteHeader(http.StatusOK)
		rw.Header().Add("Content-Type", "application/json")
		if err = res.JsonResponseSignInSetAndWrite(rw, true, &newUser); err != nil {
			log.Fatalf("could not write back to client: %v", err)
		}

	})

	http.HandleFunc("/login", func(rw http.ResponseWriter, r *http.Request) {
		var authUser model.AuthUser

        rw.Header().Add("Access-Control-Allow-Origin", "*")

		res := &ResponseLogin{Authenticated: false}

		if r.Method == "GET" {
			rw.WriteHeader(http.StatusMethodNotAllowed)
			return
		}

		reqBody, err := ioutil.ReadAll(r.Body)
		if err != nil {
			rw.WriteHeader(http.StatusBadRequest)
			return
		}

		err = json.Unmarshal(reqBody, &authUser)
		if err != nil {
			rw.WriteHeader(http.StatusBadRequest)
			return
		}

		id, err := authUser.AuthenticateUser(dao, crypt)
		if err != nil {
			log.Printf("could not authenticate user: %v", err)
			rw.WriteHeader(http.StatusUnauthorized)
			res.JsonResponseSetAndWrite(rw, false, &model.AuthUser{})
			return
		}

		authUser.Id = id

		rw.Header().Add("Content-Type", "application/json")
 
        // TODO: This wont work on http connection. Needs to update the server to https
        //rw.Header().Add("Set-Cookie", "jwt=1234567; Expires: Wed, 24 Aug 2022 00:00:00 GMT; Secure; HttpOnly")

		rw.WriteHeader(http.StatusOK)
		if err = res.JsonResponseSetAndWrite(rw, true, &authUser); err != nil {
			log.Fatalf("could not write back to client: %v", err)
		}
	})
}

func main() {
	setupRoute()
	log.Fatal(http.ListenAndServe("192.168.100.227:8080", nil))
}