feat: database user creation && readme explanation

idk but it did something
fix: add creation date upon user registration
2025-05-10 15:31:34 +02:00 · 2025-05-06 21:34:26 +01:00 · 2025-05-06 19:00:17 +02:00 · 2025-05-06 07:11:27 +00:00 · 2025-05-06 07:10:56 +00:00 · 2025-05-06 08:39:19 +02:00
13 changed files with 393 additions and 69 deletions
--- a/.env.example
+++ b/.env.example
@ -1 +1,16 @@
-IMAGE_PATH=
+IMAGE_PATH=/tmp
+REDIRECT_URI=http://localhost:8081/api/auth/callback
+CLIENT_ID=
+CLIENT_SECRET=
+
+# can be either postgres or sqlite
+DATABASE_TYPE=
+
+# database file, stereo.db by default.
+SQLITE_FILE=
+
+# postgres DSN, look at https://gorm.io/docs/connecting_to_the_database.html#PostgreSQL
+POSTGRES_DSN=
+
+# Random secret. Recommended length is 64 characters at minimum.
+JWT_SECRET=
--- a/.gitignore
+++ b/.gitignore
@ -1,2 +1,3 @@
 .env
-tmp
+tmp
+*.db
--- a/README.md
+++ b/README.md
@ -1,3 +1,8 @@
 # stereo.cat backend  
  
 written in Go, uses Gin.
+
+## database shit  
+  
+Instead of using Discord oAuth as a database, we instead use it as a login source, only using it to source a username/id, avatar data and a secure login/registration flow.  
+We store these attributes alongside stereo.cat specific attributes in our own database. There is a trade-off however: this means that avatar & username data is not updated in real-time, only when the oauth flow is executed.
--- a/go.mod
+++ b/go.mod
@ -2,7 +2,11 @@ module stereo.cat/backend

 go 1.24.2

-require github.com/gin-gonic/gin v1.10.0
+require (
+	github.com/gin-gonic/gin v1.10.0
+	github.com/joho/godotenv v1.5.1
+	gorm.io/gorm v1.26.0
+)

 require (
 	github.com/bytedance/sonic v1.13.2 // indirect
@ -14,36 +18,34 @@ require (
 	github.com/go-playground/universal-translator v0.18.1 // indirect
 	github.com/go-playground/validator/v10 v10.26.0 // indirect
 	github.com/goccy/go-json v0.10.5 // indirect
-	github.com/golang/protobuf v1.5.4 // indirect
+	github.com/golang-jwt/jwt/v5 v5.2.2 // indirect
 	github.com/jackc/pgpassfile v1.0.0 // indirect
 	github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 // indirect
 	github.com/jackc/pgx/v5 v5.7.4 // indirect
 	github.com/jackc/puddle/v2 v2.2.2 // indirect
 	github.com/jinzhu/inflection v1.0.0 // indirect
 	github.com/jinzhu/now v1.1.5 // indirect
-	github.com/joho/godotenv v1.5.1 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
 	github.com/klauspost/cpuid/v2 v2.2.10 // indirect
+	github.com/kr/pretty v0.3.1 // indirect
 	github.com/leodido/go-urn v1.4.0 // indirect
-	github.com/markbates/goth v1.81.0 // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
 	github.com/mattn/go-sqlite3 v1.14.28 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/pelletier/go-toml/v2 v2.2.4 // indirect
+	github.com/rogpeppe/go-internal v1.12.0 // indirect
 	github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
 	github.com/ugorji/go/codec v1.2.12 // indirect
 	golang.org/x/arch v0.16.0 // indirect
 	golang.org/x/crypto v0.37.0 // indirect
 	golang.org/x/net v0.39.0 // indirect
-	golang.org/x/oauth2 v0.30.0 // indirect
-	golang.org/x/sync v0.13.0 // indirect
+	golang.org/x/sync v0.14.0 // indirect
 	golang.org/x/sys v0.32.0 // indirect
 	golang.org/x/text v0.24.0 // indirect
-	google.golang.org/appengine v1.6.8 // indirect
 	google.golang.org/protobuf v1.36.6 // indirect
+	gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 	gorm.io/driver/postgres v1.5.11 // indirect
 	gorm.io/driver/sqlite v1.5.7 // indirect
-	gorm.io/gorm v1.26.0 // indirect
 )
--- a/go.sum
+++ b/go.sum
@ -6,6 +6,7 @@ github.com/bytedance/sonic/loader v0.2.4/go.mod h1:N8A3vUdtUebEY2/VQC0MyhYeKUFos
 github.com/cloudwego/base64x v0.1.5 h1:XPciSp1xaq2VCSt6lF0phncD4koWyULpl5bUxbfCyP4=
 github.com/cloudwego/base64x v0.1.5/go.mod h1:0zlkT4Wn5C6NdauXdJRhSKRlJvmclQ1hhJgA0rcu/8w=
 github.com/cloudwego/iasm v0.2.0/go.mod h1:8rXZaNYT2n95jn+zTI1sDr+IgcD2GVs0nlbbQPiEFhY=
+github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
@ -25,10 +26,8 @@ github.com/go-playground/validator/v10 v10.26.0 h1:SP05Nqhjcvz81uJaRfEV0YBSSSGMc
 github.com/go-playground/validator/v10 v10.26.0/go.mod h1:I5QpIEbmr8On7W0TktmJAumgzX4CA1XNl4ZmDuVHKKo=
 github.com/goccy/go-json v0.10.5 h1:Fq85nIqj+gXn/S5ahsiTlK3TmC85qgirsdTP/+DeaC4=
 github.com/goccy/go-json v0.10.5/go.mod h1:oq7eo15ShAhp70Anwd5lgX2pLfOS3QCiwU/PULtXL6M=
-github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
-github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
-github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
-github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps=
+github.com/golang-jwt/jwt/v5 v5.2.2 h1:Rl4B7itRWVtYIHFrSNd7vhTiz9UpLdi6gZhZ3wEeDy8=
+github.com/golang-jwt/jwt/v5 v5.2.2/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
 github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU=
 github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
@ -52,10 +51,15 @@ github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa02
 github.com/klauspost/cpuid/v2 v2.2.10 h1:tBs3QSyvjDyFTq3uoc/9xFpCuOsJQFNPiAhYdw2skhE=
 github.com/klauspost/cpuid/v2 v2.2.10/go.mod h1:hqwkgyIinND0mEev00jJYCxPNVRVXFQeu1XKlok6oO0=
 github.com/knz/go-libedit v1.10.1/go.mod h1:MZTVkCWyz0oBc7JOWP3wNAzd002ZbM/5hgShxwh4x8M=
+github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
+github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
+github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
+github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
+github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
+github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
+github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
 github.com/leodido/go-urn v1.4.0 h1:WT9HwE9SGECu3lg4d/dIA+jxlljEa1/ffXKmRjqdmIQ=
 github.com/leodido/go-urn v1.4.0/go.mod h1:bvxc+MVxLKB4z00jd1z+Dvzr47oO32F/QSNjSBOlFxI=
-github.com/markbates/goth v1.81.0 h1:XVcCkeGWokynPV7MXvgb8pd2s3r7DS40P7931w6kdnE=
-github.com/markbates/goth v1.81.0/go.mod h1:+6z31QyUms84EHmuBY7iuqYSxyoN3njIgg9iCF/lR1k=
 github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
 github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
 github.com/mattn/go-sqlite3 v1.14.28 h1:ThEiQrnbtumT+QMknw63Befp/ce/nUPgBPMlRFEum7A=
@ -67,8 +71,12 @@ github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9G
 github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
 github.com/pelletier/go-toml/v2 v2.2.4 h1:mye9XuhQ6gvn5h28+VilKrrPoQVanw5PMw/TB0t5Ec4=
 github.com/pelletier/go-toml/v2 v2.2.4/go.mod h1:2gIqNv+qfxSVS7cM2xJQKtLSTLUE9V8t9Stt+h56mCY=
+github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs=
+github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8=
+github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
 github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
@ -83,56 +91,26 @@ github.com/twitchyliquid64/golang-asm v0.15.1 h1:SU5vSMR7hnwNxj24w34ZyCi/FmDZTkS
 github.com/twitchyliquid64/golang-asm v0.15.1/go.mod h1:a1lVb/DtPvCB8fslRZhAngC2+aY1QWCk3Cedj/Gdt08=
 github.com/ugorji/go/codec v1.2.12 h1:9LC83zGrHhuUA9l16C9AHXAqEV/2wBQ4nkvumAE65EE=
 github.com/ugorji/go/codec v1.2.12/go.mod h1:UNopzCgEMSXjBc6AOMqYvWC1ktqTAfzJZUZgYf6w6lg=
-github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
 golang.org/x/arch v0.16.0 h1:foMtLTdyOmIniqWCHjY6+JxuC54XP1fDwx4N0ASyW+U=
 golang.org/x/arch v0.16.0/go.mod h1:JmwW7aLIoRUKgaTzhkiEFxvcEiQGyOg9BMonBJUS7EE=
-golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
-golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.37.0 h1:kJNSjF/Xp7kU0iB2Z+9viTPMW4EqqsrywMXLJOOsXSE=
 golang.org/x/crypto v0.37.0/go.mod h1:vg+k43peMZ0pUMhYmVAWysMK35e6ioLh3wB8ZCAfbVc=
-golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
-golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
-golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
 golang.org/x/net v0.39.0 h1:ZCu7HMWDxpXpaiKdhzIfaltL9Lp31x/3fCP11bc6/fY=
 golang.org/x/net v0.39.0/go.mod h1:X7NRbYVEA+ewNkCNyJ513WmMdQ3BineSwVtN2zD/d+E=
-golang.org/x/oauth2 v0.30.0 h1:dnDm7JmhM45NNpd8FDDeLhK6FwqbOf4MLCM9zb1BOHI=
-golang.org/x/oauth2 v0.30.0/go.mod h1:B++QgG3ZKulg6sRPGD/mqlHQs5rB3Ml9erfeDY7xKlU=
-golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.13.0 h1:AauUjRAJ9OSnvULf/ARrrVywoJDy0YS2AwQ98I37610=
-golang.org/x/sync v0.13.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
-golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sync v0.14.0 h1:woo0S4Yywslg6hp4eUFjTVOyKt0RookbpAHG4c1HmhQ=
+golang.org/x/sync v0.14.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.32.0 h1:s77OFDvIQeibCmezSnk/q6iAfkdiQaJi4VzroCFrN20=
 golang.org/x/sys v0.32.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
-golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
-golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
-golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
-golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
-golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ=
 golang.org/x/text v0.24.0 h1:dd5Bzh4yt5KYA8f9CJHCP4FB4D51c2c6JvN37xJJkJ0=
 golang.org/x/text v0.24.0/go.mod h1:L8rBsPeo2pSS+xqN0d5u2ikmjtmoJbDBT1b7nHvFCdU=
-golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
-golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
-golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
-golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM=
-google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds=
-google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
-google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
 google.golang.org/protobuf v1.36.6 h1:z1NpPI8ku2WgiWnf+t9wTPsn6eP1L7ksHUlkfLvd9xY=
 google.golang.org/protobuf v1.36.6/go.mod h1:jduwjTPXsFjZGTmRluh+L6NjiWu7pchiJ2/5YcXBHnY=
-gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
+gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
--- a/internal/api/api.go
+++ b/internal/api/api.go
@ -8,4 +8,5 @@ import (
 func Register(cfg *types.StereoConfig) {
 	api := cfg.Router.Group("/api")
 	routes.RegisterUploadRoutes(cfg, api)
+	routes.RegisterAuthRoutes(cfg, api)
 }
--- a/internal/api/routes/auth.go
+++ b/internal/api/routes/auth.go
@ -0,0 +1,51 @@
+package routes
+
+import (
+	"net/http"
+	"time"
+
+	"github.com/gin-gonic/gin"
+	"stereo.cat/backend/internal/auth"
+	"stereo.cat/backend/internal/types"
+)
+
+func RegisterAuthRoutes(cfg *types.StereoConfig, api *gin.RouterGroup) {
+	api.GET("/auth/callback", func(c *gin.Context) {
+		code := c.Query("code")
+
+		t, err := cfg.Client.ExchangeCode(code)
+
+		if err != nil {
+			panic(err)
+		}
+
+		user, err := cfg.Client.GetUser(t)
+
+		if err != nil {
+			panic(err)
+		}
+
+		jwt, err := auth.GenerateJWT(cfg.JWTSecret, user, uint64(time.Now().Add(time.Second*time.Duration(t.ExpiresIn)).Unix()))
+
+		if err != nil {
+			panic(err)
+		}
+
+		res := cfg.Database.FirstOrCreate(&user)
+
+		if res.Error != nil {
+			panic(res.Error)
+		}
+
+		// TODO: redirect to dashboard
+		c.JSON(http.StatusOK, gin.H{
+			"jwt":   jwt,
+			"known": res.RowsAffected == 0,
+		})
+	})
+
+	api.GET("/auth/me", auth.JwtMiddleware(cfg.JWTSecret), func(c *gin.Context) {
+		claims, _ := c.Get("claims")
+		c.JSON(http.StatusOK, claims)
+	})
+}
--- a/internal/api/routes/upload.go
+++ b/internal/api/routes/upload.go
@ -21,4 +21,10 @@ func RegisterUploadRoutes(cfg *types.StereoConfig, api *gin.RouterGroup) {
 			return
 		}
 	})
+
+	api.GET("/:name", func(c *gin.Context) {
+		name := c.Param("name")
+		path := filepath.Join(cfg.ImagePath, name)
+		c.File(path)
+	})
 }
--- a/internal/auth/client/client.go
+++ b/internal/auth/client/client.go
@ -0,0 +1,117 @@
+package client
+
+import (
+	"encoding/json"
+	"errors"
+	"fmt"
+	"io"
+	"net/http"
+	"net/url"
+	"strings"
+	"time"
+
+	"stereo.cat/backend/internal/auth"
+)
+
+type Client struct {
+	RedirectUri  string
+	ClientSecret string
+	ClientId     string
+}
+
+const api = "https://discord.com/api/v10"
+
+func New(redirectUri, clientId, clientSecret string) Client {
+	return Client{
+		RedirectUri:  redirectUri,
+		ClientId:     clientId,
+		ClientSecret: clientSecret,
+	}
+}
+
+func (c Client) GetUser(t auth.TokenResponse) (auth.User, error) {
+	user := auth.User{
+		Blacklisted: false,
+		CreatedAt:   time.Now(),
+	}
+
+	req, err := http.NewRequest(http.MethodGet, fmt.Sprintf("%s/%s", api, "users/@me"), nil)
+
+	if err != nil {
+		return user, nil
+	}
+
+	req.Header.Add("Content-Type", "application/json")
+	req.Header.Add("Authorization", "Bearer "+t.AccessToken)
+
+	resp, err := http.DefaultClient.Do(req)
+
+	if resp.StatusCode != http.StatusOK {
+		bodyBytes, err := io.ReadAll(resp.Body)
+
+		if err != nil {
+			return user, err
+		}
+
+		return user, errors.New(string(bodyBytes))
+	}
+
+	if err != nil {
+		return user, err
+	}
+
+	defer resp.Body.Close()
+
+	err = json.NewDecoder(resp.Body).Decode(&user)
+
+	if err != nil {
+		return user, err
+	}
+
+	return user, nil
+}
+
+func (c Client) ExchangeCode(code string) (auth.TokenResponse, error) {
+	var tokenResponse auth.TokenResponse
+
+	requestBody := url.Values{
+		"grant_type":   {"authorization_code"},
+		"code":         {code},
+		"redirect_uri": {c.RedirectUri},
+	}
+
+	req, err := http.NewRequest(http.MethodPost, fmt.Sprintf("%s/%s", api, "/oauth2/token"), strings.NewReader(requestBody.Encode()))
+
+	if err != nil {
+		return tokenResponse, err
+	}
+
+	req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
+	req.SetBasicAuth(c.ClientId, c.ClientSecret)
+
+	resp, err := http.DefaultClient.Do(req)
+
+	if resp.StatusCode != http.StatusOK {
+		bodyBytes, err := io.ReadAll(resp.Body)
+
+		if err != nil {
+			return tokenResponse, err
+		}
+
+		return tokenResponse, errors.New(string(bodyBytes))
+	}
+
+	if err != nil {
+		return tokenResponse, err
+	}
+
+	defer resp.Body.Close()
+
+	err = json.NewDecoder(resp.Body).Decode(&tokenResponse)
+
+	if err != nil {
+		return tokenResponse, err
+	}
+
+	return tokenResponse, nil
+}
--- a/internal/auth/jwt.go
+++ b/internal/auth/jwt.go
@ -0,0 +1,83 @@
+package auth
+
+import (
+	"encoding/json"
+	"fmt"
+	"net/http"
+	"strings"
+
+	"github.com/gin-gonic/gin"
+	"github.com/golang-jwt/jwt/v5"
+)
+
+func GenerateJWT(key string, user User, expiryTimestamp uint64) (string, error) {
+	claims := jwt.MapClaims{
+		"user": user,
+		"exp":  expiryTimestamp,
+	}
+
+	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
+	return token.SignedString([]byte(key))
+}
+
+func invalidAuth(c *gin.Context) {
+	c.String(http.StatusUnauthorized, "Unauthorized.")
+	c.Abort()
+}
+
+func JwtMiddleware(secret string) gin.HandlerFunc {
+	return func(c *gin.Context) {
+		jwtSplit := strings.Split(c.GetHeader("Authorization"), " ")
+
+		if len(jwtSplit) < 2 || jwtSplit[0] != "Bearer" {
+			invalidAuth(c)
+			return
+		}
+
+		claims, err := ValidateJWT(jwtSplit[1], secret)
+		if err != nil {
+			invalidAuth(c)
+			return
+		}
+
+		if userClaims, ok := claims["user"].(map[string]interface{}); ok {
+			userJSON, err := json.Marshal(userClaims) // Convert map to JSON
+			if err != nil {
+				invalidAuth(c)
+				return
+			}
+
+			var user User
+			err = json.Unmarshal(userJSON, &user)
+			if err != nil {
+				invalidAuth(c)
+				return
+			}
+
+			claims["user"] = user
+		}
+
+		c.Set("claims", claims)
+		c.Next()
+	}
+}
+
+func ValidateJWT(jwtString, key string) (jwt.MapClaims, error) {
+	token, err := jwt.Parse(jwtString, func(token *jwt.Token) (any, error) {
+		if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
+			return nil, fmt.Errorf("Invalid signing method!")
+		}
+
+		return []byte(key), nil
+	})
+
+	if err != nil {
+		return nil, err
+	}
+
+	if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
+		return claims, nil
+	}
+
+	return nil, fmt.Errorf("Invalid token!")
+}
--- a/internal/auth/types.go
+++ b/internal/auth/types.go
@ -0,0 +1,30 @@
+package auth
+
+import "time"
+
+type TokenResponse struct {
+	AccessToken  string `json:"access_token"`
+	TokenType    string `json:"token_type"`
+	ExpiresIn    int64  `json:"expires_in"`
+	RefreshToken string `json:"refresh_token"`
+	Scope        string `json:"scope"`
+}
+
+type User struct {
+	ID          string    `json:"id" gorm:"primaryKey"`
+	Username    string    `json:"username"`
+	Blacklisted bool      `json:"blacklisted"`
+	Email       string    `json:"email"`
+	CreatedAt   time.Time `json:"created_at"`
+}
+
+type AvatarDecorationData struct {
+	Asset string
+	SkuID string
+}
+
+type ExchangeCodeRequest struct {
+	GrantType   string `json:"grant_type"`
+	Code        string `json:"code"`
+	RedirectUri string `json:"redirect_uri"`
+}
--- a/internal/types/types.go
+++ b/internal/types/types.go
@ -1,10 +1,9 @@
 package types

 import (
-	"time"
-
 	"github.com/gin-gonic/gin"
 	"gorm.io/gorm"
+	"stereo.cat/backend/internal/auth/client"
 )

 type Route struct {
@ -14,23 +13,9 @@ type Route struct {
 }

 type StereoConfig struct {
-	Router    *gin.Engine
 	ImagePath string
-}
-
-type User struct {
-	gorm.Model
-    ID               uint
-	Username         string
-	RegistrationDate time.Time
-    Blacklisted      bool
-    Email            string
-}
-
-func RegisterRoutes(groupName string, routes []Route, cfg *StereoConfig) {
-	group := cfg.Router.Group(groupName)
-
-	for _, route := range routes {
-		group.Handle(route.Method, route.Path, route.Exec(cfg))
-	}
+	Router    *gin.Engine
+	Client    client.Client
+    Database  *gorm.DB
+    JWTSecret string
 }
--- a/main.go
+++ b/main.go
@ -1,12 +1,19 @@
 package main

 import (
+	"errors"
+	"fmt"
 	"log"
 	"os"

 	"github.com/gin-gonic/gin"
 	"github.com/joho/godotenv"
+	"gorm.io/driver/postgres"
+	"gorm.io/driver/sqlite"
+	"gorm.io/gorm"
 	"stereo.cat/backend/internal/api"
+	"stereo.cat/backend/internal/auth"
+	"stereo.cat/backend/internal/auth/client"
 	"stereo.cat/backend/internal/types"
 )

@ -17,9 +24,18 @@ func getEnv(key, fallback string) string {
 	return fallback
 }

+func requireEnv(key string) string {
+	if value, ok := os.LookupEnv(key); ok {
+		return value
+	}
+	panic(errors.New(fmt.Sprintf("Environment variable %s is required but not specified. Exiting...", key)))
+}
+
 func main() {
 	_ = godotenv.Load()

+	databaseType := getEnv("DATABASE_TYPE", "sqlite")
+	sqliteFile := getEnv("SQLITE_FILE", "stereo.db")
 	imagePath := getEnv("IMAGE_PATH", os.TempDir())

 	if _, err := os.Stat(imagePath); err != nil {
@ -33,8 +49,42 @@ func main() {
 	c := types.StereoConfig{
 		Router:    gin.Default(),
 		ImagePath: imagePath,
+		Client: client.New(
+			requireEnv("REDIRECT_URI"),
+			requireEnv("CLIENT_ID"),
+			requireEnv("CLIENT_SECRET"),
+		),
+		JWTSecret: requireEnv("JWT_SECRET"),
 	}

+	switch databaseType {
+	case "sqlite":
+		db, err := gorm.Open(sqlite.Open(sqliteFile), &gorm.Config{})
+
+		c.Database = db
+
+		if err != nil {
+			panic(err)
+		}
+
+		break
+
+	case "postgres":
+		db, err := gorm.Open(postgres.Open(requireEnv("POSTGRES_DSN")), &gorm.Config{})
+
+		c.Database = db
+
+		if err != nil {
+			panic(err)
+		}
+
+		break
+	default:
+		panic(errors.New("Invalid database type was specified."))
+	}
+
+	c.Database.AutoMigrate(&auth.User{})
+
 	api.Register(&c)

 	c.Router.Run()
Author	SHA1	Message	Date
hex	0521b523c4	feat: database user creation && readme explanation	2025-05-10 15:31:34 +02:00
grngxd	fbd23fe2cf	idk but it did something	2025-05-06 21:34:26 +01:00
hex	95a94bfed5	fix: add creation date upon user registration	2025-05-06 19:00:17 +02:00
hexlocation	a0f58e0d44	Merge pull request 'authentication' (#2 ) from authentication into dev Reviewed-on: #2	2025-05-06 07:11:27 +00:00
hexlocation	59a49698a1	Merge branch 'dev' into authentication	2025-05-06 07:10:56 +00:00
hex	0b20a0d027	feat: auth middleware + /me endpoint	2025-05-06 08:39:19 +02:00
hex	b28b719b51	feat: jwt token generation (todo: create jwt validation middleware)	2025-05-05 23:04:50 +02:00
hex	d8caef7e5d	feat: basic auth shit + db init	2025-05-05 19:34:28 +02:00
grngxd	638f589837	whar	2025-05-05 15:27:15 +01:00
grngxd	e92e85b32e	Merge remote-tracking branch 'origin/dev' into file-serving	2025-05-05 15:22:31 +01:00
grngxd	b00e82e0e6	feat: file serving	2025-05-05 15:22:18 +01:00
grng	db49da5fd9	Merge pull request 'uploading' (#1 ) from uploading into dev Reviewed-on: #1	2025-05-05 13:59:12 +00:00