backend moved to separate directory

backend: deleted the old structure

.gitignore

@@ -40,7 +40,6 @@ go.work
 !go.sum
 !go.mod
 #!*.sql
-
 !README.md
 !LICENSE
 

compose.yml

@@ -1,10 +1,10 @@
 services:
   app:
-    build: .
+    build: ./go-backend
     container_name: carsharingBackend
     ports:
       - "8080:8080"
     volumes:
-      - ./configs/config.json:/root/configs/config.json:ro
-      - ./data/db.sqlite3:/root/data/db.sqlite3
-      - ./templates:/root/templates:ro
+      - ./go-backend/configs/config.json:/root/configs/config.json:ro
+      - ./go-backend/data/db.sqlite3:/root/data/db.sqlite3
+      - ./go-backend/templates:/root/templates:ro

go-backend/cmd/membership/main.go

@@ -0,0 +1,56 @@
+package main
+
+import (
+	"GoMembership/internal/config"
+	"GoMembership/internal/database"
+	"GoMembership/internal/server"
+	"GoMembership/pkg/logger"
+	"context"
+	"os"
+	"os/signal"
+	"syscall"
+	"time"
+)
+
+func main() {
+
+	logger.Info.Println("startup...")
+
+	config.LoadConfig()
+
+	err := database.Open(config.DB.Path, config.Recipients.AdminEmail)
+	if err != nil {
+		logger.Error.Fatalf("Couldn't init database: %v", err)
+	}
+
+	defer func() {
+		if err := database.Close(); err != nil {
+			logger.Error.Fatalf("Failed to close database: %v", err)
+		}
+	}()
+
+	go server.Run()
+
+	gracefulShutdown()
+}
+
+func gracefulShutdown() {
+	// Create a channel to listen for OS signals
+	stop := make(chan os.Signal, 1)
+	signal.Notify(stop, os.Interrupt, syscall.SIGTERM)
+
+	// Block until a signal is received
+	<-stop
+	logger.Info.Println("Received shutdown signal")
+
+	// Create a context with a timeout for the shutdown process
+	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
+	defer cancel()
+
+	// Call the server's shutdown function
+	if err := server.Shutdown(ctx); err != nil {
+		logger.Error.Fatalf("Error during  Server  shutdown: %#v", err)
+	} else {
+		logger.Info.Println("Server gracefully stopped")
+	}
+}

go-backend/configs/config.template.json

@@ -0,0 +1,37 @@
+{
+  "site": {
+    "WebsiteTitle": "My Carsharing Site",
+    "BaseUrl": "https://domain.de",
+    "AllowOrigins": "https://domain.de"
+  },
+  "Environment": "dev",
+  "db": {
+    "Path": "data/db.sqlite3"
+  },
+  "smtp": {
+    "Host": "mail.server.com",
+    "User": "username",
+    "Password": "password",
+    "Port": 465
+  },
+  "templates": {
+    "MailPath": "templates/email",
+    "HTMLPath": "templates/html",
+    "StaticPath": "templates/css",
+    "LogoURI": "/assets/LOGO.png"
+  },
+  "auth": {
+    "APIKey": ""
+  },
+  "recipients": {
+    "ContactForm": "contacts@server.com",
+    "UserRegistration": "registration@server.com",
+    "AdminEmail": "admin@server.com"
+  },
+  "security": {
+    "RateLimits": {
+      "Limit": 1,
+      "Burst": 60
+    }
+  }
+}

go-backend/data/README.md

@@ -0,0 +1 @@
+Database Folder according to the project structure and the template configuration

go-backend/internal/controllers/user_Password.go

@@ -72,7 +72,9 @@ func (uc *UserController) ChangePassword(c *gin.Context) {
 	verification, err := uc.Service.VerifyUser(&input.Token, &constants.VerificationTypes.Password)
 	if err != nil || uint(userIDint) != verification.UserID {
 		if err == errors.ErrAlreadyVerified {
-			utils.RespondWithError(c, err, "User already verified", http.StatusConflict, errors.Responses.Fields.User, errors.Responses.Keys.PasswordAlreadyChanged)
+			utils.RespondWithError(c, err, "User already changed password", http.StatusConflict, errors.Responses.Fields.User, errors.Responses.Keys.PasswordAlreadyChanged)
+		} else if err.Error() == "record not found" {
+			utils.RespondWithError(c, err, "Couldn't find verification. This is most probably a outdated token.", http.StatusGone, errors.Responses.Fields.User, errors.Responses.Keys.NoAuthToken)
 		} else {
 			utils.RespondWithError(c, err, "Couldn't verify user", http.StatusInternalServerError, errors.Responses.Fields.General, errors.Responses.Keys.InternalServerError)
 		}

go-backend/internal/controllers/user_controller.go

@@ -256,7 +256,7 @@ func (uc *UserController) LoginHandler(c *gin.Context) {
 func (uc *UserController) RegisterUser(c *gin.Context) {
 
 	var regData RegistrationData
-
+	logger.Error.Printf("registering user...")
 	if err := c.ShouldBindJSON(&regData); err != nil {
 		utils.HandleValidationError(c, err)
 		return

go-backend/internal/middlewares/cors.go

@@ -13,7 +13,7 @@ func CORSMiddleware() gin.HandlerFunc {
 	logger.Info.Print("Applying CORS")
 	return cors.New(cors.Config{
 		AllowOrigins:     strings.Split(config.Site.AllowOrigins, ","),
-		AllowMethods:     []string{"GET", "POST", "PATCH", "PUT"},
+		AllowMethods:     []string{"GET", "POST", "PATCH", "PUT", "OPTIONS"},
 		AllowHeaders:     []string{"Origin", "Content-Type", "Accept", "Authorization", "X-Requested-With", "X-CSRF-Token"},
 		ExposeHeaders:    []string{"Content-Length"},
 		AllowCredentials: true,

go-backend/internal/middlewares/csp.go

@@ -9,6 +9,7 @@ import (
 )
 
 func CSPMiddleware() gin.HandlerFunc {
+	logger.Error.Printf("applying CSP")
 	return func(c *gin.Context) {
 		policy := "default-src 'self'; " +
 			"script-src 'self' 'unsafe-inline'" +

go-backend/internal/middlewares/headers.go

@@ -1,8 +1,13 @@
 package middlewares
 
-import "github.com/gin-gonic/gin"
+import (
+	"GoMembership/pkg/logger"
+
+	"github.com/gin-gonic/gin"
+)
 
 func SecurityHeadersMiddleware() gin.HandlerFunc {
+	logger.Error.Printf("applying headers")
 	return func(c *gin.Context) {
 		c.Header("X-Frame-Options", "DENY")
 		c.Header("X-Content-Type-Options", "nosniff")

go-backend/pkg/errors/errors.go

@@ -14,6 +14,7 @@ type ValidationKeys struct {
 	InvalidUserID             string
 	PasswordAlreadyChanged    string
 	UserDisabled              string
+	NoAuthToken               string
 }
 
 type ValidationFields struct {
@@ -63,6 +64,7 @@ var Responses = struct {
 		Duplicate:                 "server.validation.duplicate",
 		UserDisabled:              "server.validation.user_disabled",
 		PasswordAlreadyChanged:    "server.validation.password_already_changed",
+		NoAuthToken:               "server.error.no_auth_token",
 	},
 	Fields: ValidationFields{
 		General:            "general",