f81e4eaa47
feat: NewWishListService constructor implemented
Nikolai Papin2025-09-01 18:47:30 +03:00
14bad8e7ef
feat: Implemented create wish method for wish list service
Nikolai Papin2025-09-01 18:46:08 +03:00
3198612e16
refactor: sql queries related to privacy-accounting; chore: regenerated swagger; feat: utilizing new 410 error when user is banned/unavailable/deleted
Nikolai Papin2025-08-23 19:17:05 +03:00
dd2960a742
refactor: began refactoring access control in sql
Nikolai Papin2025-08-16 22:21:41 +03:00
c7a440e38f
feat: database method to move wish to another list
Nikolai Papin2025-08-15 14:34:28 +03:00
d12162fc3b
feat: mapper function for wish dto; refactor: made guid foreign key for wish object for more ease of use
Nikolai Papin2025-08-15 13:53:02 +03:00
711b1ad5d1
feat: mapper function for wishlist dto; refactor: made database fields for wishlist object not null
Nikolai Papin2025-08-13 21:22:18 +03:00
bd90fb339f
feat: mapstructure tags for wishlist service dtos
Nikolai Papin2025-08-07 14:37:11 +03:00
e4c879db36
feat: dtos for wishList service; feat: validator for guid; feat: created interface for wishlist service
Nikolai Papin2025-08-06 17:36:31 +03:00
ffcbff5294
Merge pull request 'feat: implement wish list and wish features including creation, retrieval, and updates;' (#7) from feat-sql into ml2
Николай2025-08-04 21:19:00 +03:00
d7d18f1284
fix: corrected redis logic to prevent temporary lock-outs on failed database transactions; fix: ChangePassword transaction isolation; chore: highlighted issues
Nikolai Papin2025-08-04 21:17:06 +03:00
b1125d3f6a
feat: implement wish list and wish features including creation, retrieval, and updates; fix: modify ban logic to respect expiration timestamps and pardon flags; refactor: change boolean fields to non-nullable in models and use COALESCE for optional updates in SQL
Nikolai Papin2025-08-04 20:26:51 +03:00
3bcd8af100
Merge pull request 'Backend: finishing the first milestone' (#6) from feat-profile_service into main
Николай2025-08-03 00:25:04 +03:00
b24ffcf3f8
feat: birthday validation integrated into profile
Nikolai Papin2025-08-03 00:22:01 +03:00
3a63a14c4d
refactor: implemented privacy checks in the GetProfileByUsername method; refactor: reworked sql request for privacy-checking profile getter
Nikolai Papin2025-08-02 23:37:16 +03:00
5ed75c350a
feat: remove authentication requirement for avatar and image upload endpoints; fix: remove 500 error responses from upload endpoints; fix: return validation error strings instead of error lists; fix: handle invalid avatar upload IDs with 400 Bad Request response; fix: add missing S3Controller to controller initialization; fix: change avatar_upload_id to string type and update validation rules; chore: add license header to smtp.go; refactor: replace manual proxy implementation with httputil.ReverseProxy; fix: inject S3Service dependency into ProfileService; fix: set color and color_grad fields during profile update; fix: correct DTO mapping for profile and settings; fix: check object existence before copying in SaveUpload; fix: adjust profile DTO mapping function for proper pointer handling
Nikolai Papin2025-08-02 03:47:56 +03:00
669349e020
chore: remove direct avatar upload endpoint (POST /profile/avatar); feat: add endpoints for presigned upload URLs (GET /upload/avatar, GET /upload/image); refactor: replace ProfileDto with NewProfileDto in update profile endpoint; feat: implement S3 integration for avatar management; fix: update database queries to handle new avatar upload flow; chore: add new dependencies for S3 handling (golang.org/x/time); refactor: rename UploadService to S3Service; refactor: change return type for func LocalizeS3Url(originalURL string) (*url.URL, error); feat: add custom validator for upload_id
Nikolai Papin2025-08-01 04:34:06 +03:00
8dba0f79aa
feat: UploadService controller with ratelimit middleware
Nikolai Papin2025-07-31 18:10:45 +03:00
08b3942d35
feat: UploadService for acquiring temporary file upload urls for different objects (currently avatars and general images)
Nikolai Papin2025-07-31 17:46:47 +03:00
0a38267cb0
feat: configuration parameters for minio host, port, timeout; refactor: renamed buckets; fix: corrected Host header changing behavior in minio gin endpoint; feat: function to convert local minio url to /s3/ path url with the backend host
Nikolai Papin2025-07-30 14:26:27 +03:00
ed044590a0
feat: setup direct access to minio endpoint to images and avatars buckets through /s3/ path
Nikolai Papin2025-07-29 20:57:36 +03:00
e15ee90a62
feat: Automatic creation of buckets and setting expiration rules
Nikolai Papin2025-07-28 01:41:01 +03:00
d14f90d628
feat: complete profile update and settings management refactor: change profile update endpoints to PUT refactor: changed profile settings update query to use username chore: update SQL queries for profile operations
Nikolai Papin2025-07-23 17:46:59 +03:00
705b420b9e
feat: implemented own profile getter; experiment: using custom automapper function to map profile to profileDto; refactor: adjusted ProfileService to use pointer return types with models
Nikolai Papin2025-07-20 21:39:21 +03:00
df54829a67
fix: change avatar upload response to JSON object with URL; feat: add UrlDto for standardized URL responses; refactor: update avatar upload endpoint to return UrlDto; docs: regenerate Swagger; chore: add comments for untested profile controller methods
Nikolai Papin2025-07-19 23:23:56 +03:00
f65439fb50
feat: fully implement profile controller; feat: implement file upload handling in controller with size and type validation; feat: add custom validation rules for bio and color hex fields; refactor: enhance request handling with dedicated client info extraction; chore: update profile DTOs with validation tags; docs: profile controller swagger
Nikolai Papin2025-07-19 22:57:44 +03:00
fc0c73aa5b
feat: added go-automapper for mapping dtos; feat: implemented mapspecial package for mapping dtos that are not possible to automap by default; initialized profile service; added dtos for profile and profileSettings
Nikolai Papin2025-07-19 11:44:15 +03:00
6588190e8b
refactor: renamed claims file; chore: removed more unused stuff
Nikolai Papin2025-07-18 00:10:52 +03:00
8f04566b5a
chore: regenerated swagger; chore: removed deprecated and unused stuff
Nikolai Papin2025-07-17 23:15:14 +03:00
f2274f6c58
Merge pull request 'refactor-controllers' (#5) from refactor-controllers into main
Николай2025-07-17 22:39:19 +03:00
feb0524d39
Merge pull request 'refactor: declaring controller methods externally because the big idiot swaggo does not want to work unless the comments are attached to a gin handler func;' (#4) from fix-swaggo into refactor-controllers
Николай2025-07-17 22:38:34 +03:00
f2753e1495
refactor: declaring controller methods externally because the big idiot swaggo does not want to work unless the comments are attached to a gin handler func; fix: swagger docs work now; chore: remove incomplete account and profile controllers; fix: correct client info type in request middleware
Nikolai Papin2025-07-17 22:37:07 +03:00
d6e2d02bff
refactor: transitioned auth controller to use the new controller structure; feat: setup DI for controllers; refactor: marked old utils and routes package parts as deprecated
Nikolai Papin2025-07-17 21:42:47 +03:00
f9d7439def
fix: Setup interface mismatch; refactor: GetRequest now panics on missing client_info since it is only supposed to be used on handlers behind AuthMiddleware
Nikolai Papin2025-07-17 17:52:12 +03:00
7298ab662f
experiment: prototyping new ASP.NET-like controllers; feat: ControllerMethod struct for storing data about an individual API endpoint; feat: controllerImpl struct for setting up a controller; feat: GetRequest method for parsing and validating a request with automatic abortion on binding/validation errors
Nikolai Papin2025-07-17 17:20:48 +03:00
ec56f64420
fix: wrong role 'guest' instead of 'user' defaulting in schema
Nikolai Papin2025-07-17 04:34:53 +03:00
249bbe4a98
feat: add user role support to database and queries; fix: add max length validation for refresh token in RefreshRequest; refactor: use named constants for cache durations in AuthService; refactor: select all user columns in GetValidUserByLoginCredentials query;
Nikolai Papin2025-07-17 04:31:25 +03:00
b986d45d82
fix: handle large terminated sessions caching with pagination to prevent RAM overflow;
Nikolai Papin2025-07-17 04:09:15 +03:00
827928178e
feat: add change password endpoint using old password; feat: implement change password service method with validation; fix: correct ErrorIsOneOf function logic to return true on match; refactor: rename 'log_out_accounts' to 'log_out_sessions' for clarity; refactor: update session termination to return GUIDs and cache in Redis; fix: ensure RollbackOnError only rolls back uncommitted transactions; fix: handle transaction commit errors properly in dbHelper; refactor: add helper methods for session termination and registration; refactor: pass client info to login and registration complete methods; fix: improve token validation error handling in refresh endpoint; refactor: update auth middleware to set session info correctly; chore: remove unused ClientInfo DTO; fix: correct password reset complete to use session termination helper; refactor: adjust database queries for session management; chore: update SQL schema and queries for sessions; docs: update swagger docs with new endpoint and model changes
Nikolai Papin2025-07-17 03:44:22 +03:00
8b558eaf5f
feat: fully implemented Refresh method; fix: Improve error handling in Refresh method for token validation; fix: Update Refresh route to use correct request model; fix: Correct request model for password reset complete route; fix: Redis pipeline error handling in AuthService constructor; fix: Refresh method wanted access token; refactor: Enhance error handling for unexpected token validation errors; refactor: Simplify claims extraction in ValidateToken method; fix: Ensure session termination state is correctly dereferenced; refactor: Return structured session info in ValidateToken method; feat: New util method to check if an error is one of multiple given ones;
Nikolai Papin2025-07-15 23:32:25 +03:00
e465da6854
refactor: Simplify AuthMiddleware; refactor: Move token validation logic to AuthService; refactor: Remove Redis cache checks from middleware; fix: Improve error handling for token validation; refactor: Update Refresh method to use new validation logic; chore: Clean up unused imports and comments
Nikolai Papin2025-07-15 22:37:41 +03:00
a582b75c82
feat: new ValidateToken method for AuthService, based on code from the monolithic implementation of auth middleware; feat: add detailed authentication error types;
Nikolai Papin2025-07-15 21:59:05 +03:00
b3a405016e
refactor: introduce DTOs for claims, session, and request handling feat: add token validation service method refactor: update middleware to use structured DTOs feat: implement session info propagation through context refactor: replace ad-hoc structs with DTOs in middleware chore: organize auth-related data structures
Nikolai Papin2025-07-15 20:54:12 +03:00
ee6cff4104
feat: add registration attempt rate limiting with Redis feat: prevent email enumeration by caching registration state fix: correct Redis key formatting for session termination cache refactor: improve registration flow with Redis cooldown checks chore: add Redis caching for registration in-progress state
Nikolai Papin2025-07-15 02:55:26 +03:00
d8ea9f79c6
feat: add session expiration tracking and validation feat: implement Redis caching for terminated sessions feat: add new session GUID queries for validation refactor: extend Session model with last_refresh_exp_time refactor: update token generation to include role and session refactor: modify auth middleware to validate session status refactor: replace GetUserSessions with GetValidUserSessions chore: add uuid/v5 dependency fix: update router to pass dependencies to auth middleware chore: update SQL schema and queries for new expiration field
Nikolai Papin2025-07-14 20:44:30 +03:00
24cb8ecb6e
feat: implemented controller methods for passwordresetcomplete, refresh in auth controller
Nikolai Papin2025-07-13 20:58:36 +03:00
95294686b7
feat: PasswordResetBegin of auth controller; fix: sql query updateLoginInformationByUsername used in-database hashing; refactor: renamed LogOutAccounts into LogOutSessions in models/auth; refactor: added error checks on opening transactions for all auth service methods; refactor: added error checks on commiting transactions likewise; refactor: simplified PasswordResetBegin logic; feat: implemented PasswordResetComplete method of auth service;
Nikolai Papin2025-07-13 19:10:34 +03:00
65ea47dbb6
feat: new RollbackOnError method added for transactional db helper and integrated into auth service
Nikolai Papin2025-07-13 15:57:34 +03:00
a3bebd89be
chore: todo comments; fix: txless creation of confirmation code in passwordresetbegin
Nikolai Papin2025-07-13 02:18:46 +03:00
a2dd8993a6
feat: auth service logic for purging expired unverified accounts upon registration, new sql queries for this purpose
Nikolai Papin2025-07-13 01:57:19 +03:00
8fa57eddb1
feat: implemented PasswordResetBegin method in auth service with cooldown for each email being stored in redis
Nikolai Papin2025-07-12 19:32:53 +03:00
c988a16783
refactor: removed error logs from smtp service since they are redundant
Nikolai Papin2025-07-10 12:21:23 +03:00
f59b647b27
feat: development compose file; fix: smtp service
Nikolai Papin2025-07-10 01:41:54 +03:00
15c140db31
feat: implemented smtp service; feat: implemented registration emails; fix: config variables for password length used the same env variable; refactor: all available config variables added to docker-compose.yml
Nikolai Papin2025-07-09 23:26:30 +03:00
63b63038d1
feat: initialized smtp service; refactor: config now returns a copy of a struct to prevent editing; chore: corrected identation
Nikolai Papin2025-07-08 23:21:00 +03:00
b5fdcd5dca
feat: smtp config; chore: added license comment blocks to the rest of backend and to sqlc schema & queries
Nikolai Papin2025-07-07 01:31:21 +03:00
72a512bb4f
feat: automatic termination of older sessions on login (temporary until release 4); fix: login controller method not returning tokens
Nikolai Papin2025-07-06 14:45:36 +03:00
bc9f5c6d3c
fix: unique user id in user session; feat: login controller method; fix: name validation hander
Nikolai Papin2025-07-06 14:00:59 +03:00
333817c9e1
refactor: moved hashing logic into application layer for security; fix: error handling in auth service for database; refactor: removed redundant taken email check; chore: removed todos that were completed/not needed; fix: leaking transactions in complete registration and login on error; refactor: got rid of txless requests during transactions;
Nikolai Papin2025-07-06 13:01:00 +03:00
5e32c3cbd3
refactor: password requirements variables; refactor: password validation function moved to custom validators; refactor: adjusted model's validation fields
Nikolai Papin2025-07-05 17:50:01 +03:00
8319afc7ea
refactor/fix: now using pgx errors for postgres error checking instead of trying to look up the error code; feat: implemented working custom validation; fix: authservice begin/complete registration
Nikolai Papin2025-07-05 03:08:00 +03:00
0a51727af8
refactor: updated swagger; feat: helper function in errors for checking postgres error types; feat: sql query method for finding users by their email; feat: registration begin/complete with checking existing username/email; refactor: error handling in controller
Nikolai Papin2025-07-03 04:33:25 +03:00
96e41efdec
feat: added session guid and token type fields to jwt tokens; feat: very minimal implementation of registration functions; refactor: login function now uses the transactional db helper function and creates a session; feat: enum for jwt token type
Nikolai Papin2025-07-01 14:17:50 +03:00
284d959bc3
feat: new general and auth errors; feat: NewPointer helper function in utils; refactor: length validation in auth models
Nikolai Papin2025-06-30 01:34:59 +03:00
e2d83aa779
refactor: database update methods use coalesce to omit nil fields
Nikolai Papin2025-06-27 13:30:03 +03:00
cbcfb8a286
feat: middleware for request body parsing, validation and authentication; feat: helper function for getting request info from gin context
Nikolai Papin2025-06-24 17:31:48 +03:00
c2059dcd6e
feat: middlewares for authorization and automatic request parsing; feat: roles enum
Nikolai Papin2025-06-24 13:57:39 +03:00
be9aee7145
chore: GPL-3.0 license propagated into *.go files in backend
Nikolai Papin2025-06-24 01:36:25 +03:00
e5d245519a
feat: preparing structures for validation features; feat: config variables for password requirements; feat: util function for validating passwords
Nikolai Papin2025-06-24 00:25:59 +03:00
0a00a5ee2b
feat: registrationBegin method without email; fix: missing sqlc query parameter name; feat: util for generating security codes; feat: enums package
Nikolai Papin2025-06-23 16:23:46 +03:00
1b55498b00
refactor: a better DI-friendy logger implementation that doesn't suck
Nikolai Papin2025-06-23 14:18:25 +03:00
ea3743cb04
fixed: error handling in commit; refactor: exposed untransactional queries for transactional db helper again but with a clearer name this time since it still may be useful
Nikolai Papin2025-06-22 12:41:22 +03:00
613deae8e2
feat: db regular and transactional helpers to reduce boilerplate
Nikolai Papin2025-06-21 20:04:20 +03:00
e1df58b434
Merge pull request 'fix: viper not unmarshalling env variables into the struct' (#3) from fix-config into main
Николай2025-06-21 16:20:46 +03:00
ad118cc832
chore: removed database url print in config
Nikolai Papin2025-06-21 16:20:20 +03:00
a9b28c860f
fix: viper not unmarshalling env variables into the struct
Nikolai Papin2025-06-21 16:18:56 +03:00
b2a96c3b84
Merge pull request 'feat-db_abstraction' (#2) from feat-db_abstraction into main
Николай2025-06-21 02:28:17 +03:00
0c4d618fa4
feat: dbcontext abstraction via dependency
Nikolai Papin2025-06-21 02:27:23 +03:00
03c072e67b
feat: dbcontext implements DBTX interface
Nikolai Papin2025-06-20 20:32:18 +03:00
1dc24df037
Merge pull request 'experiment-service_controller_pattern' (#1) from experiment-service_controller_pattern into main
Николай2025-06-20 17:57:11 +03:00
b72645852b
refactor: profile controller; experiment: figured out a way to add auth middleware to individual methods in controllers, bypassing route group middleware if needed
Nikolai Papin2025-06-20 17:53:11 +03:00
Nikolai Papin