pomme/cmd/pomme/main.go

package main

import (
	"fmt"
	"log"
	"net/http"
	"strings"
	"time"

	"git.freecumextremist.com/grumbulon/pomme/internal/api"
	"github.com/go-chi/chi/v5"
	"github.com/go-chi/chi/v5/middleware"
	"github.com/go-pkgz/auth"
	"github.com/go-pkgz/auth/avatar"
	"github.com/go-pkgz/auth/provider"
	"github.com/go-pkgz/auth/token"
)

func main() {
	options := auth.Opts{
		SecretReader: token.SecretFunc(func(id string) (string, error) { // secret key for JWT
			return "secret", nil
		}),
		TokenDuration:  time.Minute * 5, // token expires in 5 minutes
		CookieDuration: time.Hour * 24,  // cookie expires in 1 day and will enforce re-login
		Issuer:         "pomme",
		URL:            "http://127.0.0.1:8080",
		AvatarStore:    avatar.NewLocalFS("/tmp"),
		Validator: token.ValidatorFunc(func(_ string, claims token.Claims) bool {
			// allow only dev_* names
			return claims.User != nil && strings.HasPrefix(claims.User.Name, "dev_")
		}),
	}
	service := auth.NewService(options)
	service.AddDirectProvider("local", provider.CredCheckerFunc(func(user, password string) (ok bool, err error) {
		ok, err = api.Login(user, password)
		return ok, err
	}))

	m := service.Middleware()

	pomme := chi.NewRouter()
	pomme.Use(middleware.Logger)
	pomme.Get("/", func(w http.ResponseWriter, r *http.Request) {
		w.Write([]byte("welcome"))
	})
	pomme.Get("/create", api.NewUser)
	pomme.Post("/check", api.Ingest)
	pomme.With(m.Auth).Get("/private", api.AuthTest)
	authRoutes, avaRoutes := service.Handlers()
	pomme.Mount("/auth", authRoutes)  // add auth handlers
	pomme.Mount("/avatar", avaRoutes) // add avatar handler
	log.Println("\t-------------------------------------")
	log.Println("\t\tRunning on port 3000")
	log.Println("\t-------------------------------------")
	log.Fatal(http.ListenAndServe(fmt.Sprintf(":%v", 3000), pomme))
}