Merge branch 'development' of https://github.com/hammercode-dev/lms-be into be-02/login-logout

Author: FarhanSaleh

.github/workflows/development.yml

@@ -11,12 +11,12 @@ jobs:
 
         steps:
             - name: Checkout Code
-              uses: actions/checkout@v2
+              uses: actions/checkout@v4
 
             - name: Set up Go
-              uses: actions/setup-go@v2
+              uses: actions/setup-go@v5
               with:
-                  go-version: '1.20'
+                  go-version: '1.24'
 
             - name: Test
               run: go test -v ./...
@@ -28,7 +28,7 @@ jobs:
               run: tar -czvf main.tar.gz main
 
             - name: Upload Artifact
-              uses: actions/upload-artifact@v3
+              uses: actions/upload-artifact@v4
               with:
                 name: build-artifact
                 path: main.tar.gz
@@ -39,10 +39,10 @@ jobs:
         environment: development
         steps:
             - name: Checkout Code
-              uses: actions/checkout@v2
+              uses: actions/checkout@v4
 
             - name: Download Build Artifact
-              uses: actions/download-artifact@v3
+              uses: actions/download-artifact@v4
               with:
                 name: build-artifact
 

app/app.go

@@ -44,7 +44,7 @@ func InitApp(
 	middleware := middlewares.InitMiddleware(jwtInstance, userRepo)
 
 	// usecase
-	userUsecase := users.InitUsecase(userRepo, dbTx, jwtInstance)
+	userUsecase := users.InitUsecase(cfg, userRepo, dbTx, jwtInstance)
 	newsletterUC := newsletters.InitUsecase(cfg, newsletterRepo, dbTx, jwt.NewJwt(cfg.JWT_SECRET_KEY))
 	eventUC := events.InitUsecase(eventRepo, imgRepo, dbTx)
 	imgUc := images.InitUsecase(imgRepo, dbTx)

app/middlewares/auth_middleware.go

@@ -8,41 +8,62 @@ import (
 	"github.com/hammer-code/lms-be/utils"
 )
 
-func (m *Middleware) AuthMiddleware(next http.Handler) http.Handler {
-	return http.HandlerFunc(func(writer http.ResponseWriter, request *http.Request) {
-		token := utils.ExtractBearerToken(request)
-		if len(*token) < 5 {
-			utils.Response(domain.HttpResponse{
-				Code:    401,
-				Message: "Forbidden",
-				Data:    nil,
-			}, writer)
-			return
-		}
-
-		verifyToken, err := m.Jwt.VerifyToken(*token)
-		if err != nil {
-			utils.Response(domain.HttpResponse{
-				Code:    500,
-				Message: err.Error(),
-				Data:    nil,
-			}, writer)
-			return
-		}
-
-		user, err := m.UserRepo.FindByEmail(request.Context(), verifyToken.Email)
-		if err != nil {
-			utils.Response(domain.HttpResponse{
-				Code:    401,
-				Message: "Forbidden",
-				Data:    nil,
-			}, writer)
-			return
-		}
-
-		writer.Header().Set("x-user-id", strconv.Itoa(user.ID))
-		writer.Header().Set("x-username", user.Username)
-
-		next.ServeHTTP(writer, request)
-	})
+func (m *Middleware) AuthMiddleware(allowedRole string) domain.MiddlewareFunc {
+	return func(next http.Handler) http.Handler {
+		return http.HandlerFunc(func(writer http.ResponseWriter, request *http.Request) {
+			token := utils.ExtractBearerToken(request)
+			if len(*token) < 5 {
+				utils.Response(domain.HttpResponse{
+					Code:    401,
+					Message: "Unauthorized",
+					Data:    nil,
+				}, writer)
+				return
+			}
+	
+			verifyToken, err := m.Jwt.VerifyToken(*token)
+			if err != nil {
+				utils.Response(domain.HttpResponse{
+					Code:    500,
+					Message: "failed to verify token",
+					Data:    nil,
+				}, writer)
+				return
+			}
+	
+			// tokenLogoutErr := m.UserRepo.ExpiredToken(request.Context(), *token)
+			// if tokenLogoutErr == nil {
+			// 	utils.Response(domain.HttpResponse{
+			// 		Code:    401,
+			// 		Message: "Token expired",
+			// 		Data:    nil,
+			// 	}, writer)
+			// 	return
+			// }
+	
+			user, err := m.UserRepo.FindByEmail(request.Context(), verifyToken.Email)
+			if err != nil {
+				utils.Response(domain.HttpResponse{
+					Code:    401,
+					Message: "Unauthorized",
+					Data:    nil,
+				}, writer)
+				return
+			}
+	
+			if user.Role != allowedRole {
+				utils.Response(domain.HttpResponse{
+					Code:    401,
+					Message: "Unauthorized",
+					Data:    nil,
+				}, writer)
+				return
+			}
+	
+			writer.Header().Set("x-user-id", strconv.Itoa(user.ID))
+			writer.Header().Set("x-username", user.Username)
+	
+			next.ServeHTTP(writer, request)
+		})
+	}
 }

app/users/delivery/http/forgot_password_user.go

@@ -0,0 +1,57 @@
+package http
+
+import (
+	"encoding/json"
+	"io"
+	"net/http"
+	"regexp"
+
+	"github.com/hammer-code/lms-be/domain"
+	"github.com/hammer-code/lms-be/utils"
+)
+
+func (h Handler) ForgotPassword(w http.ResponseWriter, r *http.Request) {
+	reEmail := regexp.MustCompile(`^[a-z0-9._%+\-]+@[a-z0-9.\-]+\.[a-z]{2,}$`)
+
+	bodyBytes, err := io.ReadAll(r.Body)
+	if err != nil {
+		utils.Response(domain.HttpResponse{
+			Code:    500,
+			Message: err.Error(),
+			Data:    nil,
+		}, w)
+		return
+	}
+
+	forgotPassword := domain.ForgotPassword{}
+	if err = json.Unmarshal(bodyBytes, &forgotPassword); err != nil {
+		utils.Response(domain.HttpResponse{
+			Code:    500,
+			Message: err.Error(),
+		}, w)
+		return
+	}
+
+	if isValidEmail := reEmail.MatchString(forgotPassword.Email); !isValidEmail {
+		utils.Response(domain.HttpResponse{
+			Code:    400,
+			Message: "Email is not valid",
+		}, w)
+		return
+	}
+
+	if err := h.usecase.ForgotPassword(r.Context(), forgotPassword); err != nil {
+		utils.Response(domain.HttpResponse{
+			Code:    500,
+			Message: err.Error(),
+		}, w)
+		return
+	}
+
+	utils.Response(domain.HttpResponse{
+		Code:    200,
+		Message: "Request reset password success check your email",
+		Data:    nil,
+	}, w)
+
+}

app/users/delivery/http/register_users.go

@@ -2,6 +2,7 @@ package http
 
 import (
 	"encoding/json"
+	"fmt"
 	"io"
 	"net/http"
 
@@ -50,17 +51,17 @@ func (h Handler) Register(w http.ResponseWriter, r *http.Request) {
 	}
 
 	userInput := domain.RegistToUser(user)
-	resultUser, err := h.usecase.Register(r.Context(), userInput)
+	_, err = h.usecase.Register(r.Context(), userInput)
 	if err != nil {
 		logrus.Error("userUsecase: failed to register user")
 		resp := utils.CostumErr(err.Error())
 		utils.Response(resp, w)
 		return
 	}
+	message := fmt.Sprintf("User %s has been registered", user.Username)
 
 	utils.Response(domain.HttpResponse{
 		Code:    200,
-		Message: "success",
-		Data:    resultUser,
+		Message: message,
 	}, w)
 }

app/users/delivery/http/reset_password.go

@@ -0,0 +1,65 @@
+package http
+
+import (
+	"encoding/json"
+	"io"
+	"net/http"
+	"regexp"
+
+	"github.com/hammer-code/lms-be/domain"
+	"github.com/hammer-code/lms-be/utils"
+)
+
+func (h Handler) ResetPassword(w http.ResponseWriter, r *http.Request) {
+
+	passwordRegex := regexp.MustCompile(`^[a-zA-Z\d]{8,}$`)
+
+	bodyBytes, err := io.ReadAll(r.Body)
+	if err != nil {
+		utils.Response(domain.HttpResponse{
+			Code:    500,
+			Message: "Failed to read request body :" + err.Error(),
+		}, w)
+		return
+	}
+
+	forgotPasswordInstance := domain.ForgotPassword{}
+
+	if err := json.Unmarshal(bodyBytes, &forgotPasswordInstance); err != nil {
+		utils.Response(domain.HttpResponse{
+			Code:    500,
+			Message: "Failed to unmarshal request body :" + err.Error(),
+		}, w)
+		return
+	}
+
+	if forgotPasswordInstance.Password != forgotPasswordInstance.ConfirmPassword {
+		utils.Response(domain.HttpResponse{
+			Code:    400,
+			Message: "Password and confirm password must be the same",
+		}, w)
+		return
+	}
+
+	if isValidPass := passwordRegex.MatchString(forgotPasswordInstance.Password); !isValidPass {
+		utils.Response(domain.HttpResponse{
+			Code:    400,
+			Message: "Password must contain at least 8 characters, one uppercase letter, one lowercase letter, and one number",
+		}, w)
+		return
+	}
+
+	if err := h.usecase.ResetPassword(r.Context(), forgotPasswordInstance); err != nil {
+		utils.Response(domain.HttpResponse{
+			Code:    500,
+			Message: "Failed to reset password :" + err.Error(),
+		}, w)
+		return
+
+	}
+
+	utils.Response(domain.HttpResponse{
+		Code:    200,
+		Message: "Reset password success",
+	}, w)
+}

app/users/repository/forgot_password.go

@@ -0,0 +1,23 @@
+package repository
+
+import (
+	"context"
+	"time"
+
+	"github.com/hammer-code/lms-be/domain"
+	"github.com/sirupsen/logrus"
+)
+
+func (repo *repository) ForgotPassword(ctx context.Context, token string, expiredAt time.Time, user domain.User) (err error) {
+	err = repo.db.DB(ctx).Create(&domain.ResetPasswordToken{
+		Token:      token,
+		UserID:     uint64(user.ID),
+		ExpiryDate: expiredAt,
+	}).Error
+	if err != nil {
+		logrus.Error("repo.ForgotPassword : failed to create reset password token")
+		return err
+	}
+
+	return nil
+}

app/users/repository/reset_password.go

@@ -0,0 +1,39 @@
+package repository
+
+import (
+	"context"
+	"errors"
+
+	"github.com/hammer-code/lms-be/domain"
+	"github.com/sirupsen/logrus"
+)
+
+func (repo *repository) ResetPassword(ctx context.Context, email, password, token string) error {
+	if err := repo.db.StartTransaction(ctx, func(ctx context.Context) error {
+		resetPasswordTokenInstance := domain.ResetPasswordToken{}
+		if err := repo.db.DB(ctx).Model(resetPasswordTokenInstance).Where("token = ?", token).First(&resetPasswordTokenInstance).Error; err != nil {
+			logrus.Error("repo.ResetPassword: failed to find token")
+			return err
+		}
+
+		if resetPasswordTokenInstance.IsUsed {
+			logrus.Error("repo.ResetPassword: token already used")
+			return errors.New("token already used")
+		}
+
+		if err := repo.db.DB(ctx).Model(domain.User{}).Where("email = ?", email).Update("password", password).Error; err != nil {
+			logrus.Error("repo.ResetPassword: failed to update password")
+			return err
+		}
+
+		if err := repo.db.DB(ctx).Model(domain.ResetPasswordToken{}).Where("token = ?", token).Update("is_used", true).Error; err != nil {
+			logrus.Error("repo.ResetPassword: failed to update token state")
+			return err
+		}
+		return nil
+	}); err != nil {
+		logrus.Error("repo.ResetPassword: failed to reset password")
+		return err
+	}
+	return nil
+}