Add Login API

go.mod

@@ -12,8 +12,10 @@ require (
 )
 
 require (
+	github.com/MicahParks/keyfunc/v2 v2.1.0 // indirect
 	github.com/andybalholm/brotli v1.0.6 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/gofiber/contrib/jwt v1.0.7 // indirect
 	github.com/golang-jwt/jwt/v5 v5.0.0 // indirect
 	github.com/google/uuid v1.4.0 // indirect
 	github.com/jackc/pgpassfile v1.0.0 // indirect

go.sum

@@ -1,3 +1,5 @@
+github.com/MicahParks/keyfunc/v2 v2.1.0 h1:6ZXKb9Rp6qp1bDbJefnG7cTH8yMN1IC/4nf+GVjO99k=
+github.com/MicahParks/keyfunc/v2 v2.1.0/go.mod h1:rW42fi+xgLJ2FRRXAfNx9ZA8WpD4OeE/yHVMteCkw9k=
 github.com/andybalholm/brotli v1.0.5 h1:8uQZIdzKmjc/iuPu7O2ioW48L81FgatrcpfFmiq/cCs=
 github.com/andybalholm/brotli v1.0.5/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig=
 github.com/andybalholm/brotli v1.0.6 h1:Yf9fFpf49Zrxb9NlQaluyE92/+X7UVHlhMNJN2sxfOI=
@@ -6,6 +8,8 @@ github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ3
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/gofiber/contrib/jwt v1.0.7 h1:LZuCnjEq8AjiDTUjBQSd2zg3H5uDWjHxSXjo7nj9iAc=
+github.com/gofiber/contrib/jwt v1.0.7/go.mod h1:fA1apg9zQlUhax+Foc0BHATCDzBsemga1Yr9X0KSvrQ=
 github.com/gofiber/fiber/v2 v2.50.0 h1:ia0JaB+uw3GpNSCR5nvC5dsaxXjRU5OEu36aytx+zGw=
 github.com/gofiber/fiber/v2 v2.50.0/go.mod h1:21eytvay9Is7S6z+OgPi7c7n4++tnClWmhpimVHMimw=
 github.com/golang-jwt/jwt/v5 v5.0.0 h1:1n1XNM9hk7O9mnQoNBGolZvzebBQ7p93ULHRc28XJUE=

src/auth/jwt.go

@@ -1,11 +1,12 @@
 package auth
 
 import (
-	"github.com/golang-jwt/jwt/v5"
-	"github.com/samber/lo"
 	"onepixel_backend/src/models"
 	"strconv"
 	"time"
+
+	"github.com/golang-jwt/jwt/v5"
+	"github.com/samber/lo"
 )
 
 // TODO: pick JWT_KEY from config

src/auth/middlewares.go

@@ -1,6 +1,8 @@
 package auth
 
-import "github.com/gofiber/fiber/v2"
+import (
+	"github.com/gofiber/fiber/v2"
+)
 
 func MandatoryAuthMiddleware(c *fiber.Ctx) error {
 	authHeader := c.Get("Authorization")

src/controllers/users.go

@@ -41,3 +41,15 @@ func (c *UsersController) FindUserByEmail(email string) (*models.User, error) {
 	}
 	return user, nil
 }
+
+// Get user by ID
+func (c *UsersController) FindUserById(id uint) (*models.User, error) {
+	user := &models.User{
+		ID: id,
+	}
+	res := c.db.First(user)
+	if res.Error != nil {
+		return nil, res.Error
+	}
+	return user, nil
+}

src/dtos/http_requests.go

@@ -4,3 +4,8 @@ type CreateUserRequest struct {
 	Email    string `json:"email"`
 	Password string `json:"password"`
 }
+
+type LoginUserRequest struct {
+	Email    string `json:"email"`
+	Password string `json:"password"`
+}

src/dtos/http_responses.go

@@ -7,9 +7,29 @@ type UserResponse struct {
 	Email string `json:"email"`
 }
 
+type LoginResponse struct {
+	Token string `json:"token"`
+}
+
+type ErrorResponse struct {
+	Message string `json:"message"`
+}
+
 func UserResponseFromUser(user *models.User) UserResponse {
 	return UserResponse{
 		ID:    user.ID,
 		Email: user.Email,
 	}
 }
+
+func LoginResponseFromUser(token string) LoginResponse {
+	return LoginResponse{
+		Token: token,
+	}
+}
+
+func ErrorResponseFromServer(message string) ErrorResponse {
+	return ErrorResponse{
+		Message: message,
+	}
+}

src/main.go

@@ -1,10 +1,11 @@
 package main
 
 import (
-	"github.com/samber/lo"
 	"log"
 	"onepixel_backend/src/db"
 	"onepixel_backend/src/server"
+
+	"github.com/samber/lo"
 )
 
 func main() {

src/routes/api/users.go

@@ -2,11 +2,12 @@ package api
 
 import (
 	"errors"
-	"gorm.io/gorm"
 	"onepixel_backend/src/auth"
 	"onepixel_backend/src/controllers"
 	"onepixel_backend/src/dtos"
 
+	"gorm.io/gorm"
+
 	"github.com/gofiber/fiber/v2"
 	"github.com/samber/lo"
 )
@@ -17,8 +18,11 @@ var usersController *controllers.UsersController
 func UsersRoute(db *gorm.DB) func(router fiber.Router) {
 	usersController = controllers.NewUsersController(db)
 	return func(router fiber.Router) {
+		// Public Routes
 		router.Post("/", registerUser)
 		router.Post("/login", loginUser)
+
+		// Private Routes
 		router.Get("/:id", auth.MandatoryAuthMiddleware, getUserInfo)
 		router.Patch("/:id", auth.MandatoryAuthMiddleware, updateUserInfo)
 	}
@@ -43,7 +47,15 @@ func registerUser(ctx *fiber.Ctx) error {
 }
 
 func loginUser(ctx *fiber.Ctx) error {
-	return ctx.SendString("LoginUser")
+	var u = new(dtos.CreateUserRequest)
+	lo.Must0(ctx.BodyParser(u))
+	savedUser := lo.Must(usersController.FindUserByEmail(u.Email))
+
+	if u.Password != savedUser.Password {
+		return ctx.Status(fiber.StatusUnauthorized).JSON(dtos.ErrorResponseFromServer("Incorrect credentials"))
+	}
+	token := auth.CreateJWTFromUser(savedUser)
+	return ctx.Status(fiber.StatusOK).JSON(dtos.LoginResponseFromUser(token))
 }
 
 func getUserInfo(ctx *fiber.Ctx) error {

src/server/server.go

@@ -1,13 +1,16 @@
 package server
 
 import (
+	"onepixel_backend/src/routes/api"
+
 	"github.com/gofiber/fiber/v2"
+	"github.com/gofiber/fiber/v2/middleware/recover"
 	"gorm.io/gorm"
-	"onepixel_backend/src/routes/api"
 )
 
 func CreateApp(db *gorm.DB) *fiber.App {
 	app := fiber.New()
+	app.Use(recover.New())
 
 	app.Get("/", func(c *fiber.Ctx) error {
 		return c.SendString("Hello, World 👋!")

tests/routes/api/users_test.go

@@ -2,33 +2,60 @@ package api
 
 import (
 	"bytes"
-	"github.com/samber/lo"
-	"github.com/stretchr/testify/assert"
+	"encoding/json"
+	"fmt"
+	"io"
 	"net/http/httptest"
 	"onepixel_backend/src/auth"
 	"onepixel_backend/src/db"
+	"onepixel_backend/src/dtos"
 	"onepixel_backend/src/models"
 	"onepixel_backend/src/server"
 	"testing"
+
+	"github.com/samber/lo"
+	"github.com/stretchr/testify/assert"
 )
 
 var app = server.CreateApp(lo.Must(db.InitDBTest()))
+var USER_EMAIL = "[email protected]"
+var USER_PASSWORD = "test1234"
 
 func TestUsersRoute_RegisterUser(t *testing.T) {
 
-	reqBody := []byte(`{"email": "[email protected]", "password": "123456"}`)
+	reqBody := []byte(fmt.Sprintf(`{"email": "%s", "password": "%s"}`, USER_EMAIL, USER_PASSWORD))
 
 	req := httptest.NewRequest("POST", "/api/v1/users", bytes.NewBuffer(reqBody))
 	req.Header.Set("Content-Type", "application/json; charset=UTF-8")
 
 	resp := lo.Must(app.Test(req))
 
 	assert.Equal(t, 201, resp.StatusCode)
+}
+
+func TestUsersRoute_LoginUser(t *testing.T) {
+	var responseStruct dtos.LoginResponse
+	reqBody := []byte(fmt.Sprintf(`{"email": "%s", "password": "%s"}`, USER_EMAIL, USER_PASSWORD))
+	req := httptest.NewRequest("POST", "/api/v1/users/login", bytes.NewBuffer(reqBody))
+	req.Header.Set("Content-Type", "application/json; charset=UTF-8")
+	resp := lo.Must(app.Test(req))
+
+	assert.Equal(t, 200, resp.StatusCode)
+
+	body, err := io.ReadAll(resp.Body)
+	assert.Equal(t, err, nil)
+
+	err = json.Unmarshal(body, &responseStruct)
+	assert.Equal(t, err, nil)
+	assert.NotEqual(t, responseStruct.Token, "")
 
+	user, err := auth.ValidateJWT(responseStruct.Token)
+	assert.Equal(t, err, nil)
+	assert.Equal(t, user.ID, uint(1))
 }
 
 func TestUsersRoute_RegisterUserDuplicateFail(t *testing.T) {
-	reqBody := []byte(`{"email": "[email protected]", "password": "123456"}`)
+	reqBody := []byte(fmt.Sprintf(`{"email": "%s", "password": "%s"}`, USER_EMAIL, USER_PASSWORD))
 	req := httptest.NewRequest("POST", "/api/v1/users", bytes.NewBuffer(reqBody))
 	req.Header.Set("Content-Type", "application/json; charset=UTF-8")
 	resp := lo.Must(app.Test(req))