feat: Implement JWT authentication and token generation for OAuth2 login

Author: idylicaro

README.md

@@ -81,11 +81,13 @@ An API designed to manage events, supporting features like event creation, user
 5. **Authentication** (Needs first deploy and a domain to simplify OAuth2 google configuration to test...)
    - [x] Configure in GCP.
    - [x] Implement OAuth2 login with Google using OpenID for authentication.
-   - [ ] Return the JWT token if the authentication is successful.
+   - [x] Return the JWT token if the authentication is successful.
+   - [ ] Refactor: Change to Struct-Based Controller,Service and Repository.
+   - [ ] Refresh token endpoint.
+   - [ ] Private routes.
 
 ### **Phase 2: Intermediate Features**
 1. **Event Management**
-   - [ ] Refactor: Change to Struct-Based Controller,Service and Repository
    - [ ] Update and delete events.
    - [ ] Add pagination for event listings.
    - [ ] Protect endpoints with Private endpoints.

config/config.go

@@ -23,6 +23,9 @@ type Config struct {
 	GoogleClientID     string
 	GoogleClientSecret string
 	GoogleRedirectURL  string
+
+	// JWT
+	JWTSecret string
 }
 
 func LoadConfig() *Config {
@@ -49,6 +52,8 @@ func LoadConfig() *Config {
 		GoogleClientID:     getEnv("GOOGLE_CLIENT_ID", ""),
 		GoogleClientSecret: getEnv("GOOGLE_CLIENT_SECRET", ""),
 		GoogleRedirectURL:  getEnv("GOOGLE_REDIRECT_URL", ""),
+
+		JWTSecret: getEnv("JWT_SECRET", ""),
 	}
 }
 

go.mod

@@ -49,6 +49,7 @@ require (
 require (
 	github.com/gin-contrib/cors v1.7.2
 	github.com/gin-gonic/gin v1.10.0
+	github.com/golang-jwt/jwt v3.2.2+incompatible
 	github.com/golang-jwt/jwt/v4 v4.5.1
 	github.com/jackc/pgpassfile v1.0.0 // indirect
 	github.com/jackc/pgservicefile v0.0.0-20200714003250-2b9c44734f2b // indirect

go.sum

@@ -42,6 +42,8 @@ github.com/go-playground/validator/v10 v10.23.0 h1:/PwmTwZhS0dPkav3cdK9kV1FsAmrL
 github.com/go-playground/validator/v10 v10.23.0/go.mod h1:dbuPbCMFw/DrkbEynArYaCwl3amGuJotoKCe95atGMM=
 github.com/goccy/go-json v0.10.4 h1:JSwxQzIqKfmFX1swYPpUThQZp/Ka4wzJdK0LWVytLPM=
 github.com/goccy/go-json v0.10.4/go.mod h1:oq7eo15ShAhp70Anwd5lgX2pLfOS3QCiwU/PULtXL6M=
+github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY=
+github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
 github.com/golang-jwt/jwt/v4 v4.5.1 h1:JdqV9zKUdtaa9gdPlywC3aeoEsR681PlKC+4F5gQgeo=
 github.com/golang-jwt/jwt/v4 v4.5.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
 github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=

internal/auth/auth_url/controller.go

@@ -8,7 +8,7 @@ import (
 )
 
 type Controller struct {
-	Service Service
+	Service *Service
 }
 
 // @Summary Get the authentication URL for a provider

internal/auth/callback/controller.go

@@ -8,7 +8,7 @@ import (
 )
 
 type Controller struct {
-	Service Service
+	Service *Service
 }
 
 // @Summary Handle the callback from the authentication provider
@@ -24,10 +24,10 @@ type Controller struct {
 func (c *Controller) HandleCallback(ctx *gin.Context) {
 	provider := ctx.Param("provider")
 	code := ctx.Query("code")
-	user, err := c.Service.ProcessCallback(ctx, provider, code)
+	tokenResponse, err := c.Service.ProcessCallback(ctx, provider, code)
 	if err != nil {
 		response.Error(ctx, http.StatusBadRequest, "auth.callback.failed", err.Error())
 		return
 	}
-	response.Success(ctx, http.StatusOK, "auth.callback.success", user, nil)
+	response.Success(ctx, http.StatusOK, "auth.callback.success", tokenResponse, nil)
 }

internal/auth/callback/repository.go

@@ -10,19 +10,15 @@ import (
 	"github.com/jackc/pgx/v5/pgxpool"
 )
 
-type Repository interface {
-	FindOrCreateUser(data providers.UserInfo) (models.User, error)
-}
-
-type repository struct {
+type Repository struct {
 	db *pgxpool.Pool
 }
 
-func NewRepository(db *pgxpool.Pool) Repository {
-	return &repository{db}
+func NewRepository(db *pgxpool.Pool) *Repository {
+	return &Repository{db}
 }
 
-func (r *repository) FindOrCreateUser(data providers.UserInfo) (models.User, error) {
+func (r *Repository) FindOrCreateUser(data providers.UserInfo) (models.User, error) {
 	var user models.User
 	query := `SELECT id, email, name, profile_picture_url, role, created_at, updated_at FROM users WHERE email = $1`
 	err := r.db.QueryRow(context.Background(), query, data.Email).Scan(&user.ID, &user.Email, &user.Name, &user.ProfilePictureURL, &user.Role, &user.CreatedAt, &user.UpdatedAt)

internal/auth/callback/service.go

@@ -4,37 +4,52 @@ import (
 	"context"
 	"errors"
 
+	"github.com/idylicaro/event-management/internal/auth/jwt"
 	"github.com/idylicaro/event-management/internal/auth/providers"
-	"github.com/idylicaro/event-management/internal/models"
+	dto "github.com/idylicaro/event-management/internal/dto/auth"
 )
 
 type Service struct {
 	Providers  map[string]providers.OAuthProvider
-	Repository Repository
+	Repository *Repository
+	JWTService *jwt.Service
 }
 
-func (s *Service) ProcessCallback(ctx context.Context, providerName, code string) (models.User, error) {
+func (s *Service) ProcessCallback(ctx context.Context, providerName, code string) (*dto.TokenResponse, error) {
 	provider, exists := s.Providers[providerName]
 	if !exists {
-		return models.User{}, errors.New("provider not supported")
+		return nil, errors.New("provider not supported")
 	}
 
 	tokens, err := provider.ExchangeCode(ctx, code)
 	if err != nil {
-		return models.User{}, err
+		return nil, err
 	}
 
 	// Exchange the code for a token and fetch user data
 	userData, err := provider.GetUserInfo(tokens.AccessToken)
 	if err != nil {
-		return models.User{}, err
+		return nil, err
 	}
 
 	// Create or find the user in the database
 	user, err := s.Repository.FindOrCreateUser(userData)
 	if err != nil {
-		return models.User{}, err
+		return nil, err
 	}
 
-	return user, nil
+	accessToken, err := s.JWTService.GenerateAccessToken(user)
+	if err != nil {
+		return nil, err
+	}
+
+	refreshToken, err := s.JWTService.GenerateRefreshToken(user)
+	if err != nil {
+		return nil, err
+	}
+
+	return &dto.TokenResponse{
+		AccessToken:  accessToken,
+		RefreshToken: refreshToken,
+	}, nil
 }

internal/auth/jwt/service.go

@@ -0,0 +1,49 @@
+package jwt
+
+import (
+	"time"
+
+	"github.com/golang-jwt/jwt"
+	"github.com/idylicaro/event-management/internal/models"
+)
+
+// Constants for token durations
+const (
+	AccessTokenDuration  = time.Hour * 1
+	RefreshTokenDuration = time.Hour * 24 * 7
+)
+
+type Service struct {
+	SecretKey []byte
+}
+
+// NewService creates a new instance of the JWT Service
+func NewService(secretKey []byte) *Service {
+	return &Service{SecretKey: secretKey}
+}
+
+// GenerateAccessToken generates an access token for the user
+func (s *Service) GenerateAccessToken(user models.User) (string, error) {
+	return s.generateToken(user, AccessTokenDuration)
+}
+
+// GenerateRefreshToken generates a refresh token for the user
+func (s *Service) GenerateRefreshToken(user models.User) (string, error) {
+	return s.generateToken(user, RefreshTokenDuration)
+}
+
+// generateToken is a helper function to generate JWT tokens
+func (s *Service) generateToken(user models.User, duration time.Duration) (string, error) {
+	claims := jwt.MapClaims{
+		"user_id": user.ID,
+		"exp":     time.Now().Add(duration).Unix(),
+	}
+
+	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
+	tokenString, err := token.SignedString(s.SecretKey)
+	if err != nil {
+		return "", err
+	}
+
+	return tokenString, nil
+}

internal/auth/routes.go

@@ -5,6 +5,7 @@ import (
 	"github.com/idylicaro/event-management/config"
 	"github.com/idylicaro/event-management/internal/auth/auth_url"
 	"github.com/idylicaro/event-management/internal/auth/callback"
+	"github.com/idylicaro/event-management/internal/auth/jwt"
 	"github.com/idylicaro/event-management/internal/auth/providers"
 	"github.com/jackc/pgx/v5/pgxpool"
 )
@@ -18,12 +19,13 @@ func RegisterAuthRoutes(router *gin.RouterGroup, db *pgxpool.Pool, cfg config.Co
 		),
 	}
 
-	authUrlService := auth_url.Service{Providers: providers}
-	authUrlController := auth_url.Controller{Service: authUrlService}
+	authUrlService := &auth_url.Service{Providers: providers}
+	authUrlController := &auth_url.Controller{Service: authUrlService}
 	router.GET("/:provider/url", authUrlController.GetAuthURL)
 
+	jwtService := jwt.NewService([]byte(cfg.JWTSecret))
 	callbackRepo := callback.NewRepository(db)
-	callbackService := callback.Service{Providers: providers, Repository: callbackRepo}
-	callbackController := callback.Controller{Service: callbackService}
+	callbackService := &callback.Service{Providers: providers, Repository: callbackRepo, JWTService: jwtService}
+	callbackController := &callback.Controller{Service: callbackService}
 	router.GET("/:provider/callback", callbackController.HandleCallback)
 }