- Default environment variable is in .env file (which is checked-in just for the reference)
- Sqlite3 is used as a database
- Default Admin user and table schema is inserted as a part of db script present in ./scripts/db_schema.sql
- User need to be logged-in to access the private routes i.e.
- api/v1/genToken
- api/v1/getAllToken
- api/v1/invalidateToken
- Below are the public routes and both of them are rate limited with 5 request at a time, after that user has to wait for 60Sec and for full reset user has to wait for 1 hour to make another request, currently this values are hardcoded in the code which can be made configurable
- /login
- /validatetoken
- App Token EXPIRE_IN_DAYS is passed though env file
To run the application do
$ go mod download
$ go run main.go- User tried to generate token without login
request :-> curl --location --request GET 'http://localhost:8080/api/v1/genToken'
response:-> token not present
- User has logged-in with the username and password inserted in default db script
request :-> curl --location --request POST 'http://localhost:8080/login' \
--header 'Content-Type: application/json' \
--data-raw '{
"username" : "admin",
"password" : "admin"
}'
response:-> {
"role": "ADMIN",
"username": "admin",
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdXRob3JpemVkIjp0cnVlLCJleHAiOjE2Mjk2MDQyMjQsInJvbGUiOiJBRE1JTiIsInVzZXJuYW1lIjoiYWRtaW4ifQ.bSSPrJF1bubv2IcMsMSfE7S4_-TUVGy8i8EkT_cQ15A"
}
- User the above token to access the private routes, To generate the token
request :-> curl --location --request GET 'http://localhost:8080/api/v1/genToken' \
--header 'Token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdXRob3JpemVkIjp0cnVlLCJleHAiOjE2Mjk2MDQyMjQsInJvbGUiOiJBRE1JTiIsInVzZXJuYW1lIjoiYWRtaW4ifQ.bSSPrJF1bubv2IcMsMSfE7S4_-TUVGy8i8EkT_cQ15A'
response:-> "PpPRm3p9GyN"
- Validate the app token
request :-> curl --location --request GET 'http://localhost:8080/validatetoken/GDVTL8ipbZS'
response:-> true
- Check if error message is sent when invalid app token is passed
request :-> curl --location --request GET 'http://localhost:8080/validatetoken/sdgfasdg'
response:-> record not found , 400
- Check if length of app token is incorrect
request :-> curl --location --request GET 'http://localhost:8080/validatetoken/12345'
response:-> invalid app token, 400
- Get all token Active and Inactive
request :-> curl --location --request GET 'http://localhost:8080/api/v1/getAllToken' \
--header 'Token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdXRob3JpemVkIjp0cnVlLCJleHAiOjE2Mjk2MzEyMzgsInJvbGUiOiJBRE1JTiIsInVzZXJuYW1lIjoiYWRtaW4ifQ.LZRjU6W_gdbscmjfNfzWuqecYpvCDPxWV2nnzJpZqBs'
response:-> [
{
"id": "af0ba00b-570b-47a0-91b3-41766bd3e16a",
"username": "admin",
"token": "PpPRm3p9GyN",
"exp_date": "2021-08-29T09:06:30.664079087+05:30",
"is_active": true
},
{
"id": "5fa9b709-e230-4df4-82b4-313cdddcc7ce",
"username": "admin",
"token": "HAQYVEwhbsq",
"exp_date": "2021-08-22T09:37:47.114203267+05:30",
"is_active": false
},
{
"id": "051dd1b7-a3d5-4427-8910-09c3be45296c",
"username": "admin",
"token": "ZKww2WFHQfL",
"exp_date": "2021-08-23T09:38:33.435709572+05:30",
"is_active": true
}
]
- Deactivate the token
request :-> curl --location --request PATCH 'http://localhost:8080/api/v1/invalidateToken' \
--header 'Token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdXRob3JpemVkIjp0cnVlLCJleHAiOjE2Mjk2MzEyMzgsInJvbGUiOiJBRE1JTiIsInVzZXJuYW1lIjoiYWRtaW4ifQ.LZRjU6W_gdbscmjfNfzWuqecYpvCDPxWV2nnzJpZqBs' \
--header 'Content-Type: application/json' \
--data-raw '{
"appToken" : "pbSKYdfHllo"
}'
response :-> {
"id": "0a9b454b-df74-436f-a809-0b6cd6203408",
"username": "admin",
"token": "pbSKYdfHllo",
"exp_date": "2021-08-23T16:24:57.350421438+05:30",
"is_active": false
}