golang-saas-starter-kit/cmd/web-api/handlers/routes.go

package handlers

import (
	"log"
	"net/http"
	"os"

	"geeks-accelerator/oss/saas-starter-kit/internal/mid"
	saasSwagger "geeks-accelerator/oss/saas-starter-kit/internal/mid/saas-swagger"
	"geeks-accelerator/oss/saas-starter-kit/internal/platform/auth"
	"geeks-accelerator/oss/saas-starter-kit/internal/platform/web"
	"geeks-accelerator/oss/saas-starter-kit/internal/platform/web/webcontext"
	_ "geeks-accelerator/oss/saas-starter-kit/internal/platform/web/weberror"
	_ "geeks-accelerator/oss/saas-starter-kit/internal/signup"

	"github.com/jmoiron/sqlx"
	"gopkg.in/DataDog/dd-trace-go.v1/contrib/go-redis/redis"
)

type AppContext struct {
	Log               *log.Logger
	Env               webcontext.Env
	MasterDB          *sqlx.DB
	Redis             *redis.Client
	UserRepo          UserRepository
	UserAccountRepo   UserAccountRepository
	AccountRepo       AccountRepository
	AccountPrefRepo   AccountPrefRepository
	AuthRepo          UserAuthRepository
	SignupRepo        SignupRepository
	InviteRepo        UserInviteRepository
	ProjectRepo       ProjectRepository
	Authenticator     *auth.Authenticator
	PreAppMiddleware  []web.Middleware
	PostAppMiddleware []web.Middleware
}

// API returns a handler for a set of routes.
func API(shutdown chan os.Signal, appCtx *AppContext) http.Handler {

	// Include the pre middlewares first.
	middlewares := appCtx.PreAppMiddleware

	// Define app middlewares applied to all requests.
	middlewares = append(middlewares,
		mid.Trace(),
		mid.Logger(appCtx.Log),
		mid.Errors(appCtx.Log, nil),
		mid.Metrics(),
		mid.Panics())

	// Append any global middlewares that should be included after the app middlewares.
	if len(appCtx.PostAppMiddleware) > 0 {
		middlewares = append(middlewares, appCtx.PostAppMiddleware...)
	}

	// Construct the web.App which holds all routes as well as common Middleware.
	app := web.NewApp(shutdown, appCtx.Log, appCtx.Env, middlewares...)

	// Register health check endpoint. This route is not authenticated.
	check := Check{
		MasterDB: appCtx.MasterDB,
		Redis:    appCtx.Redis,
	}
	app.Handle("GET", "/v1/health", check.Health)
	app.Handle("GET", "/ping", check.Ping)

	// Register example endpoints.
	ex := Example{
		Project: appCtx.ProjectRepo,
	}
	app.Handle("GET", "/v1/examples/error-response", ex.ErrorResponse)

	// Register user management and authentication endpoints.
	u := Users{
		UserRepo: appCtx.UserRepo,
		AuthRepo: appCtx.AuthRepo,
	}
	app.Handle("GET", "/v1/users", u.Find, mid.AuthenticateHeader(appCtx.Authenticator))
	app.Handle("POST", "/v1/users", u.Create, mid.AuthenticateHeader(appCtx.Authenticator), mid.HasRole(auth.RoleAdmin))
	app.Handle("GET", "/v1/users/:id", u.Read, mid.AuthenticateHeader(appCtx.Authenticator))
	app.Handle("PATCH", "/v1/users", u.Update, mid.AuthenticateHeader(appCtx.Authenticator))
	app.Handle("PATCH", "/v1/users/password", u.UpdatePassword, mid.AuthenticateHeader(appCtx.Authenticator))
	app.Handle("PATCH", "/v1/users/archive", u.Archive, mid.AuthenticateHeader(appCtx.Authenticator), mid.HasRole(auth.RoleAdmin))
	app.Handle("DELETE", "/v1/users/:id", u.Delete, mid.AuthenticateHeader(appCtx.Authenticator), mid.HasRole(auth.RoleAdmin))
	app.Handle("PATCH", "/v1/users/switch-account/:account_id", u.SwitchAccount, mid.AuthenticateHeader(appCtx.Authenticator))

	// This route is not authenticated
	app.Handle("POST", "/v1/oauth/token", u.Token)

	// Register user account management endpoints.
	ua := UserAccount{
		Repository: appCtx.UserAccountRepo,
	}
	app.Handle("GET", "/v1/user_accounts", ua.Find, mid.AuthenticateHeader(appCtx.Authenticator))
	app.Handle("POST", "/v1/user_accounts", ua.Create, mid.AuthenticateHeader(appCtx.Authenticator), mid.HasRole(auth.RoleAdmin))
	app.Handle("GET", "/v1/user_accounts/:user_id/:account_id", ua.Read, mid.AuthenticateHeader(appCtx.Authenticator))
	app.Handle("PATCH", "/v1/user_accounts", ua.Update, mid.AuthenticateHeader(appCtx.Authenticator))
	app.Handle("PATCH", "/v1/user_accounts/archive", ua.Archive, mid.AuthenticateHeader(appCtx.Authenticator), mid.HasRole(auth.RoleAdmin))
	app.Handle("DELETE", "/v1/user_accounts", ua.Delete, mid.AuthenticateHeader(appCtx.Authenticator), mid.HasRole(auth.RoleAdmin))

	// Register account endpoints.
	a := Accounts{
		Repository: appCtx.AccountRepo,
	}
	app.Handle("GET", "/v1/accounts/:id", a.Read, mid.AuthenticateHeader(appCtx.Authenticator))
	app.Handle("PATCH", "/v1/accounts", a.Update, mid.AuthenticateHeader(appCtx.Authenticator), mid.HasRole(auth.RoleAdmin))

	// Register signup endpoints.
	s := Signup{
		Repository: appCtx.SignupRepo,
	}
	app.Handle("POST", "/v1/signup", s.Signup)

	// Register project.
	p := Projects{
		Repository: appCtx.ProjectRepo,
	}
	app.Handle("GET", "/v1/projects", p.Find, mid.AuthenticateHeader(appCtx.Authenticator))
	app.Handle("POST", "/v1/projects", p.Create, mid.AuthenticateHeader(appCtx.Authenticator), mid.HasRole(auth.RoleAdmin))
	app.Handle("GET", "/v1/projects/:id", p.Read, mid.AuthenticateHeader(appCtx.Authenticator))
	app.Handle("PATCH", "/v1/projects", p.Update, mid.AuthenticateHeader(appCtx.Authenticator), mid.HasRole(auth.RoleAdmin))
	app.Handle("PATCH", "/v1/projects/archive", p.Archive, mid.AuthenticateHeader(appCtx.Authenticator), mid.HasRole(auth.RoleAdmin))
	app.Handle("DELETE", "/v1/projects/:id", p.Delete, mid.AuthenticateHeader(appCtx.Authenticator), mid.HasRole(auth.RoleAdmin))

	// Register swagger documentation.
	// TODO: Add authentication. Current authenticator requires an Authorization header
	// 		 which breaks the browser experience.
	app.Handle("GET", "/docs/", saasSwagger.WrapHandler)
	app.Handle("GET", "/docs/*", saasSwagger.WrapHandler)

	return app
}

// Types godoc
// @Summary List of types.
// @Param data body weberror.FieldError false "Field Error"
// @Param data body web.TimeResponse false "Time Response"
// @Param data body web.EnumResponse false "Enum Response"
// @Param data body web.EnumMultiResponse false "Enum Multi Response"
// @Param data body web.EnumOption false "Enum Option"
// @Param data body signup.SignupAccount false "SignupAccount"
// @Param data body signup.SignupUser false "SignupUser"
// To support nested types not parsed by swag.
func Types() {}
Imported github.com/ardanlabs/service as base example project 2019-05-16 10:39:25 -04:00			`package handlers`

			`import (`
			`"log"`
			`"net/http"`
			`"os"`

Completed removing example-project directory and moving all files back a a directory 2019-07-13 12:16:28 -08:00			`"geeks-accelerator/oss/saas-starter-kit/internal/mid"`
			`saasSwagger "geeks-accelerator/oss/saas-starter-kit/internal/mid/saas-swagger"`
			`"geeks-accelerator/oss/saas-starter-kit/internal/platform/auth"`
			`"geeks-accelerator/oss/saas-starter-kit/internal/platform/web"`
moved auth from user package and added timezone to context values 2019-08-04 14:48:43 -08:00			`"geeks-accelerator/oss/saas-starter-kit/internal/platform/web/webcontext"`
fix api route for app page for docs 2019-08-05 19:49:30 -08:00			`_ "geeks-accelerator/oss/saas-starter-kit/internal/platform/web/weberror"`
Completed removing example-project directory and moving all files back a a directory 2019-07-13 12:16:28 -08:00			`_ "geeks-accelerator/oss/saas-starter-kit/internal/signup"`
Use interface in the handlers of web-api/web-app 2019-08-17 11:03:48 +07:00
go fmt 2019-05-23 14:32:24 -05:00			`"github.com/jmoiron/sqlx"`
authenticator storage engines Created a storage interface used by authenticator to support multiple types of storage types for private keys. Added a new file storage engine which is now the default for web-api. Migrated aws secrets manager to be optional. 2019-06-24 17:36:42 -08:00			`"gopkg.in/DataDog/dd-trace-go.v1/contrib/go-redis/redis"`
Imported github.com/ardanlabs/service as base example project 2019-05-16 10:39:25 -04:00			`)`

WIP: not sure how to solve user_account calling account.CanModifyAccount 2019-08-13 23:41:06 -08:00			`type AppContext struct {`
completed updating web-api 2019-08-14 12:53:40 -08:00			`Log *log.Logger`
			`Env webcontext.Env`
			`MasterDB *sqlx.DB`
			`Redis *redis.Client`
Use interface in the handlers of web-api/web-app 2019-08-17 11:03:48 +07:00			`UserRepo UserRepository`
			`UserAccountRepo UserAccountRepository`
			`AccountRepo AccountRepository`
			`AccountPrefRepo AccountPrefRepository`
			`AuthRepo UserAuthRepository`
			`SignupRepo SignupRepository`
			`InviteRepo UserInviteRepository`
			`ProjectRepo ProjectRepository`
completed updating web-api 2019-08-14 12:53:40 -08:00			`Authenticator *auth.Authenticator`
			`PreAppMiddleware []web.Middleware`
WIP: not sure how to solve user_account calling account.CanModifyAccount 2019-08-13 23:41:06 -08:00			`PostAppMiddleware []web.Middleware`
			`}`

Imported github.com/ardanlabs/service as base example project 2019-05-16 10:39:25 -04:00			`// API returns a handler for a set of routes.`
completed updating web-api 2019-08-14 12:53:40 -08:00			`func API(shutdown chan os.Signal, appCtx *AppContext) http.Handler {`
finish redirect middlewares 2019-07-12 11:41:41 -08:00
WIP: not sure how to solve user_account calling account.CanModifyAccount 2019-08-13 23:41:06 -08:00			`// Include the pre middlewares first.`
completed updating web-api 2019-08-14 12:53:40 -08:00			`middlewares := appCtx.PreAppMiddleware`
WIP: not sure how to solve user_account calling account.CanModifyAccount 2019-08-13 23:41:06 -08:00
			`// Define app middlewares applied to all requests.`
			`middlewares = append(middlewares,`
			`mid.Trace(),`
completed updating web-api 2019-08-14 12:53:40 -08:00			`mid.Logger(appCtx.Log),`
			`mid.Errors(appCtx.Log, nil),`
WIP: not sure how to solve user_account calling account.CanModifyAccount 2019-08-13 23:41:06 -08:00			`mid.Metrics(),`
			`mid.Panics())`
finish redirect middlewares 2019-07-12 11:41:41 -08:00
WIP: not sure how to solve user_account calling account.CanModifyAccount 2019-08-13 23:41:06 -08:00			`// Append any global middlewares that should be included after the app middlewares.`
completed updating web-api 2019-08-14 12:53:40 -08:00			`if len(appCtx.PostAppMiddleware) > 0 {`
			`middlewares = append(middlewares, appCtx.PostAppMiddleware...)`
finish redirect middlewares 2019-07-12 11:41:41 -08:00			`}`
Imported github.com/ardanlabs/service as base example project 2019-05-16 10:39:25 -04:00
			`// Construct the web.App which holds all routes as well as common Middleware.`
completed updating web-api 2019-08-14 12:53:40 -08:00			`app := web.NewApp(shutdown, appCtx.Log, appCtx.Env, middlewares...)`
Imported github.com/ardanlabs/service as base example project 2019-05-16 10:39:25 -04:00
			`// Register health check endpoint. This route is not authenticated.`
			`check := Check{`
completed updating web-api 2019-08-14 12:53:40 -08:00			`MasterDB: appCtx.MasterDB,`
			`Redis: appCtx.Redis,`
Imported github.com/ardanlabs/service as base example project 2019-05-16 10:39:25 -04:00			`}`
			`app.Handle("GET", "/v1/health", check.Health)`
checkpoint 2019-07-10 16:24:10 -08:00			`app.Handle("GET", "/ping", check.Ping)`
Imported github.com/ardanlabs/service as base example project 2019-05-16 10:39:25 -04:00
completed updating web-api 2019-08-14 12:53:40 -08:00			`// Register example endpoints.`
			`ex := Example{`
			`Project: appCtx.ProjectRepo,`
			`}`
			`app.Handle("GET", "/v1/examples/error-response", ex.ErrorResponse)`

Imported github.com/ardanlabs/service as base example project 2019-05-16 10:39:25 -04:00			`// Register user management and authentication endpoints.`
Use interface in the handlers of web-api/web-app 2019-08-17 11:03:48 +07:00			`u := Users{`
			`UserRepo: appCtx.UserRepo,`
			`AuthRepo: appCtx.AuthRepo,`
Imported github.com/ardanlabs/service as base example project 2019-05-16 10:39:25 -04:00			`}`
completed updating web-api 2019-08-14 12:53:40 -08:00			`app.Handle("GET", "/v1/users", u.Find, mid.AuthenticateHeader(appCtx.Authenticator))`
			`app.Handle("POST", "/v1/users", u.Create, mid.AuthenticateHeader(appCtx.Authenticator), mid.HasRole(auth.RoleAdmin))`
			`app.Handle("GET", "/v1/users/:id", u.Read, mid.AuthenticateHeader(appCtx.Authenticator))`
			`app.Handle("PATCH", "/v1/users", u.Update, mid.AuthenticateHeader(appCtx.Authenticator))`
			`app.Handle("PATCH", "/v1/users/password", u.UpdatePassword, mid.AuthenticateHeader(appCtx.Authenticator))`
			`app.Handle("PATCH", "/v1/users/archive", u.Archive, mid.AuthenticateHeader(appCtx.Authenticator), mid.HasRole(auth.RoleAdmin))`
			`app.Handle("DELETE", "/v1/users/:id", u.Delete, mid.AuthenticateHeader(appCtx.Authenticator), mid.HasRole(auth.RoleAdmin))`
			`app.Handle("PATCH", "/v1/users/switch-account/:account_id", u.SwitchAccount, mid.AuthenticateHeader(appCtx.Authenticator))`
Imported github.com/ardanlabs/service as base example project 2019-05-16 10:39:25 -04:00
			`// This route is not authenticated`
fixed internal package unittests 2019-06-24 22:41:21 -08:00			`app.Handle("POST", "/v1/oauth/token", u.Token)`
Imported github.com/ardanlabs/service as base example project 2019-05-16 10:39:25 -04:00
checkpoint 2019-06-26 20:21:00 -08:00			`// Register user account management endpoints.`
			`ua := UserAccount{`
completed updating web-api 2019-08-14 12:53:40 -08:00			`Repository: appCtx.UserAccountRepo,`
checkpoint 2019-06-26 20:21:00 -08:00			`}`
completed updating web-api 2019-08-14 12:53:40 -08:00			`app.Handle("GET", "/v1/user_accounts", ua.Find, mid.AuthenticateHeader(appCtx.Authenticator))`
			`app.Handle("POST", "/v1/user_accounts", ua.Create, mid.AuthenticateHeader(appCtx.Authenticator), mid.HasRole(auth.RoleAdmin))`
			`app.Handle("GET", "/v1/user_accounts/:user_id/:account_id", ua.Read, mid.AuthenticateHeader(appCtx.Authenticator))`
			`app.Handle("PATCH", "/v1/user_accounts", ua.Update, mid.AuthenticateHeader(appCtx.Authenticator))`
			`app.Handle("PATCH", "/v1/user_accounts/archive", ua.Archive, mid.AuthenticateHeader(appCtx.Authenticator), mid.HasRole(auth.RoleAdmin))`
			`app.Handle("DELETE", "/v1/user_accounts", ua.Delete, mid.AuthenticateHeader(appCtx.Authenticator), mid.HasRole(auth.RoleAdmin))`
checkpoint 2019-06-26 20:21:00 -08:00
authenticator storage engines Created a storage interface used by authenticator to support multiple types of storage types for private keys. Added a new file storage engine which is now the default for web-api. Migrated aws secrets manager to be optional. 2019-06-24 17:36:42 -08:00			`// Register account endpoints.`
Use interface in the handlers of web-api/web-app 2019-08-17 11:03:48 +07:00			`a := Accounts{`
completed updating web-api 2019-08-14 12:53:40 -08:00			`Repository: appCtx.AccountRepo,`
authenticator storage engines Created a storage interface used by authenticator to support multiple types of storage types for private keys. Added a new file storage engine which is now the default for web-api. Migrated aws secrets manager to be optional. 2019-06-24 17:36:42 -08:00			`}`
completed updating web-api 2019-08-14 12:53:40 -08:00			`app.Handle("GET", "/v1/accounts/:id", a.Read, mid.AuthenticateHeader(appCtx.Authenticator))`
			`app.Handle("PATCH", "/v1/accounts", a.Update, mid.AuthenticateHeader(appCtx.Authenticator), mid.HasRole(auth.RoleAdmin))`
authenticator storage engines Created a storage interface used by authenticator to support multiple types of storage types for private keys. Added a new file storage engine which is now the default for web-api. Migrated aws secrets manager to be optional. 2019-06-24 17:36:42 -08:00
Completed signup package and hooked up to web-api. Can use the swagger ui to signup a new account. 2019-06-25 02:40:29 -08:00			`// Register signup endpoints.`
			`s := Signup{`
completed updating web-api 2019-08-14 12:53:40 -08:00			`Repository: appCtx.SignupRepo,`
Completed signup package and hooked up to web-api. Can use the swagger ui to signup a new account. 2019-06-25 02:40:29 -08:00			`}`
			`app.Handle("POST", "/v1/signup", s.Signup)`

authenticator storage engines Created a storage interface used by authenticator to support multiple types of storage types for private keys. Added a new file storage engine which is now the default for web-api. Migrated aws secrets manager to be optional. 2019-06-24 17:36:42 -08:00			`// Register project.`
Use interface in the handlers of web-api/web-app 2019-08-17 11:03:48 +07:00			`p := Projects{`
completed updating web-api 2019-08-14 12:53:40 -08:00			`Repository: appCtx.ProjectRepo,`
Imported github.com/ardanlabs/service as base example project 2019-05-16 10:39:25 -04:00			`}`
completed updating web-api 2019-08-14 12:53:40 -08:00			`app.Handle("GET", "/v1/projects", p.Find, mid.AuthenticateHeader(appCtx.Authenticator))`
			`app.Handle("POST", "/v1/projects", p.Create, mid.AuthenticateHeader(appCtx.Authenticator), mid.HasRole(auth.RoleAdmin))`
			`app.Handle("GET", "/v1/projects/:id", p.Read, mid.AuthenticateHeader(appCtx.Authenticator))`
			`app.Handle("PATCH", "/v1/projects", p.Update, mid.AuthenticateHeader(appCtx.Authenticator), mid.HasRole(auth.RoleAdmin))`
			`app.Handle("PATCH", "/v1/projects/archive", p.Archive, mid.AuthenticateHeader(appCtx.Authenticator), mid.HasRole(auth.RoleAdmin))`
			`app.Handle("DELETE", "/v1/projects/:id", p.Delete, mid.AuthenticateHeader(appCtx.Authenticator), mid.HasRole(auth.RoleAdmin))`
Added api example error responses and some minor bug fixes 2019-08-07 16:17:17 -08:00
authenticator storage engines Created a storage interface used by authenticator to support multiple types of storage types for private keys. Added a new file storage engine which is now the default for web-api. Migrated aws secrets manager to be optional. 2019-06-24 17:36:42 -08:00			`// Register swagger documentation.`
fixed internal package unittests 2019-06-24 22:41:21 -08:00			`// TODO: Add authentication. Current authenticator requires an Authorization header`
			`// which breaks the browser experience.`
updated readme 2019-07-14 17:59:06 -08:00			`app.Handle("GET", "/docs/", saasSwagger.WrapHandler)`
			`app.Handle("GET", "/docs/*", saasSwagger.WrapHandler)`
Imported github.com/ardanlabs/service as base example project 2019-05-16 10:39:25 -04:00
			`return app`
			`}`
Completed API documentation for swagger 2019-06-25 22:31:54 -08:00
			`// Types godoc`
			`// @Summary List of types.`
fix api route for app page for docs 2019-08-05 19:49:30 -08:00			`// @Param data body weberror.FieldError false "Field Error"`
Completed API documentation for swagger 2019-06-25 22:31:54 -08:00			`// @Param data body web.TimeResponse false "Time Response"`
			`// @Param data body web.EnumResponse false "Enum Response"`
fix api route for app page for docs 2019-08-05 19:49:30 -08:00			`// @Param data body web.EnumMultiResponse false "Enum Multi Response"`
Completed API documentation for swagger 2019-06-25 22:31:54 -08:00			`// @Param data body web.EnumOption false "Enum Option"`
checkpoint for api handler tests 2019-06-26 01:16:57 -08:00			`// @Param data body signup.SignupAccount false "SignupAccount"`
			`// @Param data body signup.SignupUser false "SignupUser"`
Completed API documentation for swagger 2019-06-25 22:31:54 -08:00			`// To support nested types not parsed by swag.`
			`func Types() {}`