add authentication middleware; leave login endpoint unsecured to requ…

…est token and secure the rest of the endoints
mezdelex · Oct 19, 2023 · dda5ce5 · dda5ce5
1 parent 10e6984
commit dda5ce5
Show file tree

Hide file tree

Showing 5 changed files with 31 additions and 14 deletions.
diff --git a/application/services/login_service_impl.go b/application/services/login_service_impl.go
@@ -2,7 +2,6 @@ package services
 
 import (
 	"context"
-	"fmt"
 	"os"
 	"time"
 
@@ -39,8 +38,6 @@ func (ls *LoginServiceImpl) Login(context context.Context, login *dtos.LoginDTO)
 }
 
 func (ls *LoginServiceImpl) GenerateToken(login *dtos.LoginDTO) error {
-	fmt.Println(ls.config.PrivateKeyPath)
-	fmt.Println("Llego aquí")
 	encodedKey, error := os.ReadFile(ls.config.PrivateKeyPath)
 	if error != nil {
 		return errors.Errors{}.CannotReadFileError("OPENSSH private key")

diff --git a/configuration/config.go b/configuration/config.go
@@ -2,7 +2,6 @@ package configuration
 
 import (
 	"encoding/json"
-	"fmt"
 	"log"
 	"os"
 
@@ -15,9 +14,5 @@ func LoadCfg(config *models.Config) error {
 		log.Fatal("Configuration could not be loaded.")
 	}
 
-	error = json.Unmarshal(configFile, config)
-	fmt.Println("Estoy en la config")
-	fmt.Println(config)
-
-	return error
+	return json.Unmarshal(configFile, config)
 }
diff --git a/main.go b/main.go
@@ -3,9 +3,12 @@ package main
 import (
 	"encoding/json"
 	"log"
+	"os"
 
+	jwtware "github.com/gofiber/contrib/jwt"
 	"github.com/gofiber/fiber/v2"
 	"github.com/gofiber/fiber/v2/middleware/logger"
+	"github.com/golang-jwt/jwt/v5"
 	"todoapp.com/application/services"
 	"todoapp.com/configuration"
 	"todoapp.com/domain/models"
@@ -27,10 +30,19 @@ func main() {
 		log.Fatal("Error decoding loaded configuration file.")
 	}
 
-	db := connectors.Postgre{}.Connect()
+	encodedKey, error := os.ReadFile(config.PrivateKeyPath)
+	if error != nil {
+		log.Fatal("Error accessing OPENSSH public key.")
+	}
+
+	privateKey, error := jwt.ParseRSAPrivateKeyFromPEM(encodedKey)
+	if error != nil {
+		log.Fatal("Error parsing OPENSSH public key.")
+	}
 
 	app := fiber.New(fiber.Config{JSONEncoder: json.Marshal, JSONDecoder: json.Unmarshal})
-	api := app.Group("/api", logger.New())
+
+	db := connectors.Postgre{}.Connect()
 
 	// repositories
 	todosRepository := repositories.NewTodosRepository(db)
@@ -46,10 +58,19 @@ func main() {
 	usersController := controllers.NewUsersController(usersService)
 	loginController := controllers.NewLoginController(loginService)
 
-	// routes
+	// unsecured routes
+	loginController.Route(app.Group("/api", logger.New()))
+
+	// secured routes
+	app.Use(jwtware.New(jwtware.Config{
+		SigningKey: jwtware.SigningKey{
+			JWTAlg: jwtware.RS256,
+			Key:    privateKey.Public(),
+		},
+	}))
+	api := app.Group("/api", logger.New())
 	todosController.Route(api)
 	usersController.Route(api)
-	loginController.Route(api)
 
 	app.Listen(":3000")
 }
diff --git a/presentation/controllers/users_controller.go b/presentation/controllers/users_controller.go
@@ -1,9 +1,11 @@
 package controllers
 
 import (
+	// "fmt"
 	"strconv"
 
 	"github.com/gofiber/fiber/v2"
+	// "github.com/golang-jwt/jwt/v5"
 	"todoapp.com/application/dtos"
 	"todoapp.com/domain/interfaces"
 	customErrors "todoapp.com/presentation/errors"
@@ -29,6 +31,8 @@ func (uc *UsersController) Route(router fiber.Router) {
 }
 
 func (uc *UsersController) GetAll(context *fiber.Ctx) error {
+	// fmt.Println(context.Locals("email"))
+
 	userDTOs := uc.usersService.GetAll(context.Context())
 
 	if len(userDTOs) == 0 {

diff --git a/presentation/messages/messages.go b/presentation/messages/messages.go
@@ -10,7 +10,7 @@ func (_ Messages) CollectionEmptyMessage(itemName string) string { return fmt.Sp
 func (_ Messages) IdConflictErrorMessage(itemName string) string { return fmt.Sprintf("The route id and the %s's id are not equal.", itemName) }
 func (_ Messages) ItemCreatedSuccessfullyMessage(item interface{}) string { return fmt.Sprintf("%v was created successfully.", item) }
 func (_ Messages) ItemDeletedSuccessfullyMessage(itemName string, id uint) string { return fmt.Sprintf("%s with id %d was deleted successfully.", itemName , id) }
-func (_ Messages) LoggedInSuccessfullyMessage() string { return fmt.Sprintln("Logged in successfully.") }
+func (_ Messages) LoggedInSuccessfullyMessage() string { return fmt.Sprint("Logged in successfully.") }
 func (_ Messages) ParsingErrorMessage(itemName string) string { return fmt.Sprintf("The provided %s could not be parsed.", itemName) }
 func (_ Messages) ReturningItemsSuccessfullyMessage(length int, itemName string) string { return fmt.Sprintf("Returning %d %s(s).", length, itemName) }
 func (_ Messages) RouteFormatErrorMessage(parameter string) string { return fmt.Sprintf("Incorrect format in route's '%s' parameter.", parameter) }