Merge pull request #37 from samims/fix/bugs-about-user-association

Fix bugs and add feature about user association

Author: kernelshard

docker-compose.yml

@@ -40,6 +40,8 @@ services:
       - ./infra/postgres/init.sql:/docker-entrypoint-initdb.d/init.sql
     networks:
       - hcaas_backend_network
+    ports:
+      - "5432:5432"
 
   hcaas_prometheus:
     image: prom/prometheus:latest

services/auth/internal/handler/auth_handler.go

@@ -97,12 +97,23 @@ func (h *AuthHandler) Validate(w http.ResponseWriter, r *http.Request) {
 	}
 
 	token := strings.TrimPrefix(authHeader, "Bearer ")
-	userID, err := h.authSvc.ValidateToken(token)
+	userID, email, err := h.authSvc.ValidateToken(token)
 	if err != nil {
 		respondError(w, http.StatusUnauthorized, "invalid token")
 	}
 
-	resp := map[string]string{"user_id": userID}
+	resp := struct {
+		UserID string `json:"user_id"`
+		Email  string `json:"email"` // Alternative field name
+	}{
+		UserID: userID,
+		Email:  email, // Set both fields for backward compatibility
+	}
+
 	w.Header().Set("Content-Type", "application/json")
-	json.NewEncoder(w).Encode(resp)
+	if err := json.NewEncoder(w).Encode(resp); err != nil {
+		h.logger.Error("Failed to encode validation response",
+			slog.String("error", err.Error()))
+		http.Error(w, "Internal Server Error", http.StatusInternalServerError)
+	}
 }

services/auth/internal/middleware/auth.go

@@ -10,10 +10,13 @@ import (
 
 type key string
 
-const userIDKey key = "userID"
+const (
+	contextUserIDKey key = "user_id"
+	contextEmailKey
+)
 
 func UserIDFromContext(ctx context.Context) (string, bool) {
-	uid, ok := ctx.Value(userIDKey).(string)
+	uid, ok := ctx.Value(contextUserIDKey).(string)
 	return uid, ok
 }
 
@@ -27,13 +30,15 @@ func AuthMiddleware(tokenService service.TokenService) func(http.Handler) http.H
 			}
 
 			tokenStr := strings.TrimPrefix(authHeader, "Bearer ")
-			userID, err := tokenService.ValidateToken(tokenStr)
+			userID, email, err := tokenService.ValidateToken(tokenStr)
 			if err != nil {
 				http.Error(w, "invalid or expired token", http.StatusUnauthorized)
 				return
 			}
 
-			ctx := context.WithValue(r.Context(), userIDKey, userID)
+			ctx := context.WithValue(r.Context(), contextUserIDKey, userID)
+			ctx = context.WithValue(ctx, contextEmailKey, email)
+
 			next.ServeHTTP(w, r.WithContext(ctx))
 		})
 	}

services/auth/internal/service/auth_service.go

@@ -19,7 +19,7 @@ type AuthService interface {
 	Register(ctx context.Context, email, password string) (*model.User, error)
 	Login(ctx context.Context, email, password string) (*model.User, string, error)
 	GetUserByEmail(ctx context.Context, email string) (*model.User, error)
-	ValidateToken(token string) (string, error)
+	ValidateToken(token string) (string, string, error)
 }
 
 type authService struct {
@@ -109,13 +109,13 @@ func (s *authService) GetUserByEmail(ctx context.Context, email string) (*model.
 	return user, nil
 }
 
-func (s *authService) ValidateToken(token string) (string, error) {
+func (s *authService) ValidateToken(token string) (string, string, error) {
 	s.logger.Info("ValidateToken called")
-	userID, err := s.tokenSvc.ValidateToken(token)
+	userID, email, err := s.tokenSvc.ValidateToken(token)
 	if err != nil {
 		s.logger.Info("Token validation failed", slog.String("error", err.Error()))
-		return "", err
+		return "", "", err
 	}
-	return userID, nil
+	return userID, email, nil
 
 }

services/auth/internal/service/token_service.go

@@ -12,7 +12,7 @@ import (
 
 type TokenService interface {
 	GenerateToken(user *model.User) (string, error)
-	ValidateToken(tokenStr string) (string, error)
+	ValidateToken(tokenStr string) (string, string, error)
 }
 
 type jwtService struct {
@@ -42,25 +42,27 @@ func (s *jwtService) GenerateToken(user *model.User) (string, error) {
 	return token.SignedString([]byte(s.secret))
 }
 
-func (s *jwtService) ValidateToken(tokenStr string) (string, error) {
+func (s *jwtService) ValidateToken(tokenStr string) (string, string, error) {
 	token, err := jwt.Parse(tokenStr, func(token *jwt.Token) (any, error) {
 		return []byte(s.secret), nil
 	})
 
 	if err != nil || !token.Valid {
 		s.logger.Error("Invalid token ")
-		return "", err
+		return "", "", err
 	}
 
 	claims, ok := token.Claims.(jwt.MapClaims)
 	if !ok {
 		s.logger.Error("token verification failed malformed")
-		return "", jwt.ErrTokenMalformed
+		return "", "", jwt.ErrTokenMalformed
 	}
-	sub, ok := claims["sub"].(string)
+	userID, ok := claims["sub"].(string)
 	if !ok {
 		s.logger.Error("token verification failed malformed!")
-		return "", jwt.ErrTokenMalformed
+		return "", "", jwt.ErrTokenMalformed
 	}
-	return sub, nil
+	email, ok := claims["email"].(string)
+
+	return userID, email, nil
 }

services/url/internal/handler/url.go

@@ -24,13 +24,23 @@ func NewURLHandler(s service.URLService, logger *slog.Logger) *URLHandler {
 func (h *URLHandler) GetAll(w http.ResponseWriter, r *http.Request) {
 	urls, err := h.svc.GetAll(r.Context())
 	if err != nil {
-		h.logger.Error("GetAll failed", "error", err)
+		h.logger.Error("GetAll failed", slog.Any("error", err))
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	json.NewEncoder(w).Encode(urls)
 }
 
+func (h *URLHandler) GetAllByUserID(w http.ResponseWriter, r *http.Request) {
+	urls, err := h.svc.GetAllByUserID(r.Context())
+	if err != nil {
+		h.logger.Error("GetAllByUSerID failed", slog.Any("error", err))
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+	}
+
+	json.NewEncoder(w).Encode(urls)
+}
+
 func (h *URLHandler) GetByID(w http.ResponseWriter, r *http.Request) {
 	id := chi.URLParam(r, "id")
 	url, err := h.svc.GetByID(r.Context(), id)

services/url/internal/middleware/auth.go

@@ -7,6 +7,8 @@ import (
 	"log/slog"
 	"net/http"
 	"strings"
+
+	"github.com/samims/hcaas/services/url/internal/model"
 )
 
 func AuthMiddleware(authServiceURL string, logger *slog.Logger) func(http.Handler) http.Handler {
@@ -20,7 +22,13 @@ func AuthMiddleware(authServiceURL string, logger *slog.Logger) func(http.Handle
 			}
 			token := strings.TrimPrefix(authHeader, "Bearer ")
 
-			req, err := http.NewRequest(http.MethodGet, authServiceURL+"auth/validate", nil)
+			validateURL := authServiceURL + "auth/validate"
+			logger.Debug("Calling auth service validation endpoint",
+				"url", validateURL,
+				"method", r.Method,
+				"path", r.URL.Path)
+
+			req, err := http.NewRequest(http.MethodGet, validateURL, nil)
 			if err != nil {
 				logger.Error("Failed to create request to auth service", "error", err)
 				http.Error(w, "Unauthorized", http.StatusUnauthorized)
@@ -43,16 +51,53 @@ func AuthMiddleware(authServiceURL string, logger *slog.Logger) func(http.Handle
 				return
 			}
 
-			var data struct {
+			bodyBytes, err := io.ReadAll(resp.Body)
+			if err != nil {
+				logger.Error("Failed to read auth response body", "error", err)
+				http.Error(w, "Unauthorized", http.StatusUnauthorized)
+				return
+			}
+
+			logger.Debug("Auth service response", "body", string(bodyBytes))
+
+			var authResponse struct {
 				UserID string `json:"user_id"`
+				Email  string `json:"email"`
 			}
-			if err := json.NewDecoder(resp.Body).Decode(&data); err != nil {
-				logger.Error("Failed to decode auth service response", "error", err)
+
+			if err := json.Unmarshal(bodyBytes, &authResponse); err != nil {
+				logger.Error("Failed to decode auth service response",
+					"error", err,
+					"response", string(bodyBytes))
 				http.Error(w, "Unauthorized", http.StatusUnauthorized)
 				return
 			}
 
-			ctx := context.WithValue(r.Context(), "userID", data.UserID)
+			if authResponse.UserID == "" {
+				logger.Error("No user identifier found in auth response",
+					slog.String("response", string(bodyBytes)))
+				http.Error(w, "Unauthorized", http.StatusUnauthorized)
+				return
+			}
+
+			if authResponse.Email == "" {
+				logger.Error("No email found in auth response", slog.String("response", string(bodyBytes)))
+			}
+
+			ctx := context.WithValue(r.Context(), model.ContextUserIDKey, authResponse.UserID)
+			ctx = context.WithValue(ctx, model.ContextEmailKey, authResponse.Email)
+			logger.Info("User authenticated",
+				"user_id", authResponse.UserID,
+				"method", r.Method,
+				"path", r.URL.Path)
+
+			// Verify context value is set correctly
+			if ctx.Value(model.ContextUserIDKey) == nil {
+				logger.Error("Failed to set user_id in context")
+				http.Error(w, "Internal Server Error", http.StatusInternalServerError)
+				return
+			}
+
 			next.ServeHTTP(w, r.WithContext(ctx))
 		})
 	}

services/url/internal/model/url.go

@@ -2,8 +2,14 @@ package model
 
 import "time"
 
+const (
+	ContextUserIDKey = "user_id"
+	ContextEmailKey  = "email"
+)
+
 type URL struct {
 	ID        string    `json:"id"`
+	UserID    string    `json:"user_id"`
 	Address   string    `json:"address"`
 	Status    string    `json:"status"`     // "up" or "down"
 	CheckedAt time.Time `json:"checked_at"` // last checked time

services/url/internal/router/router.go

@@ -27,11 +27,12 @@ func NewRouter(h *handler.URLHandler, healthHandler *handler.HealthHandler, logg
 	r.Use(middleware.Recoverer)
 	r.Use(middleware.Timeout(30 * time.Second))
 
-	r.With(authMiddleware).Route("/urls", func(r chi.Router) {
+	r.Route("/urls", func(r chi.Router) {
+		r.Use(authMiddleware)
 		r.Get("/", h.GetAll)
 		r.Get("/{id}", h.GetByID)
+		r.Get("/me", h.GetAllByUserID)
 		r.Post("/", h.Add)
-		r.Put("/{id}", h.UpdateStatus)
 	})
 
 	// Health & Readiness Routes

services/url/internal/service/health.go

@@ -14,7 +14,7 @@ type HealthService interface {
 }
 
 type healthService struct {
-	store  storage.HealthCheckStorage
+	store  storage.Storage
 	logger *slog.Logger
 }
 
@@ -38,7 +38,7 @@ func (s healthService) Readiness(ctx context.Context) error {
 	return nil
 }
 
-func NewHealthService(store storage.HealthCheckStorage, logger *slog.Logger) HealthService {
+func NewHealthService(store storage.Storage, logger *slog.Logger) HealthService {
 	l := logger.With("layer", "service", "component", "healthService")
 	return &healthService{store: store, logger: l}
 }