toggl-test-signer

command module
v0.0.0-...-b0c9753 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 12, 2023 License: MIT Imports: 6 Imported by: 0

README

toggl-test-signer

How to Run?

Native

Requirements

  • Go 1.21.4
  • MySQL 8 running on port 13316.

Run make run and then navigate to http://localhost:8080

Docker

Run make docker and then navigate to http://localhost:8080

How to Use?

POST /api/v1/users/sign-answers
  1. Create a JWT (e.g. https://www.javainuse.com/jwtgenerator) with the payload containing userID. Use the value of JWT_SECRET from .env file as the secret.
{
  "userID": "123"
}
  1. Use this JWT as Authorization: BEARER eyJhbGciOiJIUzUxMiJ9.eyJ1c2VySUQiOjEyM30.LeNw5iobDHBW1rrdsW5-P38qfK0b6N2BOF-rfZKCXXMEVqqhGrAw7_rwVpFXVs6p2_0Y-sjMsHfG6FyErKqnsQ
  2. Make request.
{
    "answers": [
        {
            "questionID": 1,
            "answer": "answer 1"
        },
        {
            "questionID": 2,
            "answer": "answer 2"
        }
    ]
}

Response

{
    "userID": 123,
    "signature": "4e1fce5c292feabce21c053f18a3ea41b4b684127069bce0c84a33beaa2ec206"
}
  1. Error scenarios
{
  "status": "bad request",
  "status_code": 400,
  "error": "userID cannot be casted into int"
}
{
  "status": "bad request",
  "status_code": 400,
  "error": "userID is not found in JWT payload"
}
{
  "status": "bad request",
  "status_code": 400,
  "error": "retrieving JWT from context failed"
}
POST /api/v1/admin/verify-signature
  1. Use the signature from previous step.
  2. Make request.
{
    "userID": 123,
    "signature": "4e1fce5c292feabce21c053f18a3ea41b4b684127069bce0c84a33beaa2ec206"
}
  1. Check response
{
  "answers": [
    {
      "questionID": 1,
      "answer": "answer 1"
    },
    {
      "questionID": 2,
      "answer": "answer 2"
    }
  ],
  "signedAt": "2023-12-12T15:45:41Z"
}
  1. Error scenarios
{
    "status": "not found",
    "status_code": 404,
    "error": "record not found"
}

Design Considerations

Due to the time constraints,

  • The design of questions and answers tables is omitted. The signing is done by saving QAndA as a text column.
  • uesr table is not defined and there's foreign key with test table.

Testing

Didn't have time to setup integration tests. The test cases to be covered:

  • POST /api/v1/users/sign-answers

    • 400 - JWT generated with the wrong secret
    • 400 - JWT has invalid payload
    • 400 - JWT userID is not a number
    • 400 - Request is invalid
    • 500 - unknown internal errors
    • 200 - Success
  • POST /api/v1/admin/verify-signature

    • 400 - Request is invalid
    • 404 - cannot find the test with the userID and signature
    • 200 - OK

Documentation

The Go Gopher

There is no documentation for this package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL