Example of a simple CRUD microservice written in Go.
- JWT-token is provided with each request
- Users can't delete themselves
- Users can have permissions to create/delete/update other users
- The repository uses soft deletion of user records
- Currently, there is no check if the JWT-token's owner is in the repository
make install-tools
make build
Set the following environmental variables before running the service:
USERS_LOG_LEVEL (possible values: debug, info, warn, error, panic, fatal; default is "info")
USERS_REPOSITORY_URI
USERS_JWT_SECRET
USERS_JWT_ISSUER
USERS_HTTP_BIND_ADDRESS (default is ":8080")
docker-compose up
HTTP port 8088
is exposed by the container.
Go to localhost:8088/docs
to see the OpenAPI specification for the available endpoints.
For the test purposes, the following JWT-token can be used (user with full permissions to create, view, update, delete users):
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJ1c2VyX2F1dGhlbnRpY2F0aW9uIiwidXNlcl9pZCI6MTIzNDU2Nzg5LCJjYW5fY3JlYXRlX3VzZXJzIjp0cnVlLCJjYW5fZGVsZXRlX3VzZXJzIjp0cnVlLCJjYW5fdXBkYXRlX3VzZXJzIjp0cnVlLCJjYW5fdmlld191c2VycyI6dHJ1ZSwiaWF0IjoxNTE2MjM5MDIyLCJleHAiOjE3NjE4OTg2MjEsImlzcyI6ImxvY2FsaG9zdCJ9.HVQMV6ENzpU8SIBPi_fsBn_d5FdyW1ej-a0_0qkAYqA
If you prefer Postman use the following settings on the Authorization
tab:
- Algorithm:
HS256
- Secret:
supersecret
- Payload
{
"sub": "user_authentication",
"user_id": 123456789,
"can_create_users": true,
"can_delete_users": true,
"can_update_users": true,
"can_view_users": true,
"iat": 1516239022,
"exp": 1761898621,
"iss": "localhost"
}
- Request header prefix:
Bearer