Go backend #14

Merged
danieljsummers merged 16 commits from go-backend into master 2018-05-28 00:39:52 +00:00
31 changed files with 1484 additions and 3476 deletions

7
.gitignore vendored
View File

@ -254,7 +254,8 @@ paket-files/
# Compiled files / application
src/api/build
src/api/public/index.html
src/api/public/static
src/api/appsettings.json
src/public/index.html
src/public/static
src/config.json
/build
src/*.exe

View File

@ -1,35 +0,0 @@
'use strict'
const chalk = require('chalk')
const { env } = require('./appsettings.json') // process.env.NODE_ENV || 'dev'
if ('dev' === env) require('babel-register')
const src = (env === 'dev') ? './src' : './build'
const app = require(`${src}/index`).default
const db = require(`${src}/db`).default
const fullEnv = ('dev' === env) ? 'Development' : 'Production'
const { port } = require('./appsettings.json')
/**
* Log a start-up message for the app
* @param {string} status The status to display
*/
const startupMsg = (status) => {
console.log(chalk`{reset myPrayerJournal ${status} | Port: {bold ${port}} | Mode: {bold ${fullEnv}}}`)
}
// Ensure the database exists before starting up
db.verify()
.then(() => app.listen(port, () => startupMsg('ready')))
.catch(err => {
console.log(chalk`\n{reset {bgRed.white.bold || Error connecting to PostgreSQL }}`)
for (let key of Object.keys(err)) {
console.log(chalk`${key}: {reset {bold ${err[key]}}}`)
}
console.log('')
startupMsg('failed')
})

366
src/api/data/data.go Normal file
View File

@ -0,0 +1,366 @@
// Package data contains data access functions for myPrayerJournal.
package data
import (
"database/sql"
"fmt"
"log"
"time"
// Register the PostgreSQL driver.
_ "github.com/lib/pq"
"github.com/lucsky/cuid"
)
const (
currentRequestSQL = `
SELECT "requestId", "text", "asOf", "lastStatus"
FROM mpj.journal`
journalSQL = `
SELECT "requestId", "text", "asOf", "lastStatus"
FROM mpj.journal
WHERE "userId" = $1
AND "lastStatus" <> 'Answered'`
)
// db is a connection to the database for the entire application.
var db *sql.DB
// Settings holds the PostgreSQL configuration for myPrayerJournal.
type Settings struct {
Host string `json:"host"`
Port int `json:"port"`
User string `json:"user"`
Password string `json:"password"`
DbName string `json:"dbname"`
}
/* Data Access */
// Retrieve a basic request
func retrieveRequest(reqID, userID string) (*Request, bool) {
req := Request{}
err := db.QueryRow(`
SELECT "requestId", "enteredOn"
FROM mpj.request
WHERE "requestId" = $1
AND "userId" = $2`, reqID, userID).Scan(
&req.ID, &req.EnteredOn,
)
if err != nil {
if err != sql.ErrNoRows {
log.Print(err)
}
return nil, false
}
req.UserID = userID
return &req, true
}
// Unix time in JavaScript Date.now() precision.
func jsNow() int64 {
return time.Now().UnixNano() / int64(1000000)
}
// Loop through rows and create journal requests from them.
func makeJournal(rows *sql.Rows, userID string) []JournalRequest {
var out []JournalRequest
for rows.Next() {
req := JournalRequest{}
err := rows.Scan(&req.RequestID, &req.Text, &req.AsOf, &req.LastStatus)
if err != nil {
log.Print(err)
continue
}
out = append(out, req)
}
if rows.Err() != nil {
log.Print(rows.Err())
return nil
}
return out
}
// AddHistory creates a history entry for a prayer request, given the status and updated text.
func AddHistory(userID, reqID, status, text string) int {
if _, ok := retrieveRequest(reqID, userID); !ok {
return 404
}
_, err := db.Exec(`
INSERT INTO mpj.history
("requestId", "asOf", "status", "text")
VALUES
($1, $2, $3, NULLIF($4, ''))`,
reqID, jsNow(), status, text)
if err != nil {
log.Print(err)
return 500
}
return 204
}
// AddNew stores a new prayer request and its initial history record.
func AddNew(userID, text string) (*JournalRequest, bool) {
id := cuid.New()
now := jsNow()
tx, err := db.Begin()
if err != nil {
log.Print(err)
return nil, false
}
defer func() {
if err != nil {
log.Print(err)
tx.Rollback()
} else {
tx.Commit()
}
}()
_, err = tx.Exec(
`INSERT INTO mpj.request ("requestId", "enteredOn", "userId") VALUES ($1, $2, $3)`,
id, now, userID)
if err != nil {
return nil, false
}
_, err = tx.Exec(
`INSERT INTO mpj.history ("requestId", "asOf", "status", "text") VALUES ($1, $2, 'Created', $3)`,
id, now, text)
if err != nil {
return nil, false
}
return &JournalRequest{RequestID: id, Text: text, AsOf: now, LastStatus: `Created`}, true
}
// AddNote adds a note to a prayer request.
func AddNote(userID, reqID, note string) int {
if _, ok := retrieveRequest(reqID, userID); !ok {
return 404
}
_, err := db.Exec(`
INSERT INTO mpj.note
("requestId", "asOf", "notes")
VALUES
($1, $2, $3)`,
reqID, jsNow(), note)
if err != nil {
log.Print(err)
return 500
}
return 204
}
// Answered retrieves all answered requests for the given user.
func Answered(userID string) []JournalRequest {
rows, err := db.Query(currentRequestSQL+
` WHERE "userId" = $1
AND "lastStatus" = 'Answered'
ORDER BY "asOf" DESC`,
userID)
if err != nil {
log.Print(err)
return nil
}
defer rows.Close()
return makeJournal(rows, userID)
}
// ByID retrieves a journal request by its ID.
func ByID(userID, reqID string) (*JournalRequest, bool) {
req := JournalRequest{}
err := db.QueryRow(currentRequestSQL+
` WHERE "requestId" = $1
AND "userId" = $2`,
reqID, userID).Scan(
&req.RequestID, &req.Text, &req.AsOf, &req.LastStatus,
)
if err != nil {
if err == sql.ErrNoRows {
return nil, true
}
log.Print(err)
return nil, false
}
return &req, true
}
// Connect establishes a connection to the database.
func Connect(s *Settings) bool {
connStr := fmt.Sprintf("host=%s port=%d user=%s password=%s dbname=%s sslmode=disable",
s.Host, s.Port, s.User, s.Password, s.DbName)
var err error
db, err = sql.Open("postgres", connStr)
if err != nil {
log.Print(err)
return false
}
err = db.Ping()
if err != nil {
log.Print(err)
return false
}
log.Printf("Connected to postgres://%s@%s:%d/%s\n", s.User, s.Host, s.Port, s.DbName)
return true
}
// FullByID retrieves a journal request, including its full history and notes.
func FullByID(userID, reqID string) (*JournalRequest, bool) {
req, ok := ByID(userID, reqID)
if !ok {
return nil, false
}
hRows, err := db.Query(`
SELECT "asOf", "status", COALESCE("text", '') AS "text"
FROM mpj.history
WHERE "requestId" = $1
ORDER BY "asOf"`,
reqID)
if err != nil {
log.Print(err)
return nil, false
}
defer hRows.Close()
for hRows.Next() {
hist := History{}
err = hRows.Scan(&hist.AsOf, &hist.Status, &hist.Text)
if err != nil {
log.Print(err)
continue
}
req.History = append(req.History, hist)
}
if hRows.Err() != nil {
log.Print(hRows.Err())
return nil, false
}
req.Notes, err = NotesByID(userID, reqID)
if err != nil {
log.Print(err)
return nil, false
}
return req, true
}
// Journal retrieves the current user's active prayer journal.
func Journal(userID string) []JournalRequest {
rows, err := db.Query(journalSQL+` ORDER BY "asOf"`, userID)
if err != nil {
log.Print(err)
return nil
}
defer rows.Close()
return makeJournal(rows, userID)
}
// NotesByID retrieves the notes for a given prayer request
func NotesByID(userID, reqID string) ([]Note, error) {
if _, ok := retrieveRequest(reqID, userID); !ok {
return nil, sql.ErrNoRows
}
rows, err := db.Query(`
SELECT "asOf", "notes"
FROM mpj.note
WHERE "requestId" = $1
ORDER BY "asOf" DESC`,
reqID)
if err != nil {
log.Print(err)
return nil, err
}
defer rows.Close()
var notes []Note
for rows.Next() {
note := Note{}
err = rows.Scan(&note.AsOf, &note.Notes)
if err != nil {
log.Print(err)
continue
}
notes = append(notes, note)
}
if rows.Err() != nil {
log.Print(rows.Err())
return nil, err
}
return notes, nil
}
/* DDL */
// EnsureDB makes sure we have a known state of data structures.
func EnsureDB() {
tableSQL := func(table string) string {
return fmt.Sprintf(`SELECT 1 FROM pg_tables WHERE schemaname='mpj' AND tablename='%s'`, table)
}
indexSQL := func(table, index string) string {
return fmt.Sprintf(`SELECT 1 FROM pg_indexes WHERE schemaname='mpj' AND tablename='%s' AND indexname='%s'`,
table, index)
}
check := func(name, test, fix string) {
count := 0
err := db.QueryRow(test).Scan(&count)
if err != nil {
if err == sql.ErrNoRows {
log.Printf("Fixing up %s...\n", name)
_, err = db.Exec(fix)
if err != nil {
log.Fatal(err)
}
} else {
log.Fatal(err)
}
}
}
check(`myPrayerJournal Schema`, `SELECT 1 FROM pg_namespace WHERE nspname='mpj'`,
`CREATE SCHEMA mpj;
COMMENT ON SCHEMA mpj IS 'myPrayerJournal data'`)
if _, err := db.Exec(`SET search_path TO mpj`); err != nil {
log.Fatal(err)
}
check(`request Table`, tableSQL(`request`),
`CREATE TABLE mpj.request (
"requestId" varchar(25) PRIMARY KEY,
"enteredOn" bigint NOT NULL,
"userId" varchar(100) NOT NULL);
COMMENT ON TABLE mpj.request IS 'Requests'`)
check(`history Table`, tableSQL(`history`),
`CREATE TABLE mpj.history (
"requestId" varchar(25) NOT NULL REFERENCES mpj.request,
"asOf" bigint NOT NULL,
"status" varchar(25),
"text" text,
PRIMARY KEY ("requestId", "asOf"));
COMMENT ON TABLE mpj.history IS 'Request update history'`)
check(`note Table`, tableSQL(`note`),
`CREATE TABLE mpj.note (
"requestId" varchar(25) NOT NULL REFERENCES mpj.request,
"asOf" bigint NOT NULL,
"notes" text NOT NULL,
PRIMARY KEY ("requestId", "asOf"));
COMMENT ON TABLE mpj.note IS 'Notes regarding a request'`)
check(`request.userId Index`, indexSQL(`request`, `idx_request_userId`),
`CREATE INDEX "idx_request_userId" ON mpj.request ("userId");
COMMENT ON INDEX "idx_request_userId" IS 'Requests are retrieved by user'`)
check(`journal View`, `SELECT 1 FROM pg_views WHERE schemaname='mpj' AND viewname='journal'`,
`CREATE VIEW mpj.journal AS
SELECT
request."requestId",
request."userId",
(SELECT "text"
FROM mpj.history
WHERE history."requestId" = request."requestId"
AND "text" IS NOT NULL
ORDER BY "asOf" DESC
LIMIT 1) AS "text",
(SELECT "asOf"
FROM mpj.history
WHERE history."requestId" = request."requestId"
ORDER BY "asOf" DESC
LIMIT 1) AS "asOf",
(SELECT "status"
FROM mpj.history
WHERE history."requestId" = request."requestId"
ORDER BY "asOf" DESC
LIMIT 1) AS "lastStatus"
FROM mpj.request;
COMMENT ON VIEW mpj.journal IS 'Requests with latest text'`)
}

34
src/api/data/entities.go Normal file
View File

@ -0,0 +1,34 @@
package data
// History is a record of action taken on a prayer request, including updates to its text.
type History struct {
RequestID string `json:"requestId"`
AsOf int64 `json:"asOf"`
Status string `json:"status"`
Text string `json:"text"`
}
// Note is a note regarding a prayer request that does not result in an update to its text.
type Note struct {
RequestID string `json:"requestId"`
AsOf int64 `json:"asOf"`
Notes string `json:"notes"`
}
// Request is the identifying record for a prayer request.
type Request struct {
ID string `json:"requestId"`
EnteredOn int64 `json:"enteredOn"`
UserID string `json:"userId"`
}
// JournalRequest is the form of a prayer request returned for the request journal display. It also contains
// properties that may be filled for history and notes.
type JournalRequest struct {
RequestID string `json:"requestId"`
Text string `json:"text"`
AsOf int64 `json:"asOf"`
LastStatus string `json:"lastStatus"`
History []History `json:"history,omitempty"`
Notes []Note `json:"notes,omitempty"`
}

View File

@ -1,12 +0,0 @@
'use strict'
import fs from 'fs'
/**
* Read and parse a JSON file
* @param {string} path The path to the file
* @param {string} encoding The encoding of the file (defaults to UTF-8)
* @return {*} The parsed contents of the file
*/
export default (path, encoding = 'utf-8') =>
JSON.parse(fs.readFileSync(path, encoding))

View File

@ -1,45 +0,0 @@
{
"name": "my-prayer-journal-api",
"private": true,
"version": "0.9.2",
"description": "Server API for myPrayerJournal",
"main": "index.js",
"author": "Daniel J. Summers <daniel@bitbadger.solutions>",
"license": "MIT",
"dependencies": {
"chalk": "^2.1.0",
"cuid": "^1.3.8",
"jwks-rsa-koa": "^1.1.3",
"koa": "^2.3.0",
"koa-bodyparser": "^4.2.0",
"koa-jwt": "^3.2.2",
"koa-router": "^7.2.1",
"koa-send": "^4.1.0",
"koa-static": "^4.0.1",
"pg": "^7.3.0"
},
"scripts": {
"start": "node app.js",
"build": "babel src -d build",
"vue": "cd ../app && node build/build.js prod && cd ../api && node app.js"
},
"devDependencies": {
"babel": "^6.23.0",
"babel-cli": "^6.26.0",
"babel-preset-env": "^1.6.0",
"babel-register": "^6.26.0",
"koa-morgan": "^1.0.1"
},
"babel": {
"presets": [
[
"env",
{
"targets": {
"node": "current"
}
}
]
]
}
}

182
src/api/routes/handlers.go Normal file
View File

@ -0,0 +1,182 @@
package routes
import (
"database/sql"
"encoding/json"
"errors"
"log"
"net/http"
"strings"
"github.com/danieljsummers/myPrayerJournal/src/api/data"
jwt "github.com/dgrijalva/jwt-go"
routing "github.com/go-ozzo/ozzo-routing"
)
/* Support */
// Set the content type, the HTTP error code, and return the error message.
func sendError(c *routing.Context, err error) error {
w := c.Response
w.Header().Set("Content-Type", "application/json; encoding=UTF-8")
w.WriteHeader(http.StatusInternalServerError)
if err := json.NewEncoder(w).Encode(map[string]string{"error": err.Error()}); err != nil {
log.Print("Error creating error JSON: " + err.Error())
}
return err
}
// Set the content type and return the JSON to the user.
func sendJSON(c *routing.Context, result interface{}) error {
w := c.Response
w.Header().Set("Content-Type", "application/json; encoding=UTF-8")
w.WriteHeader(http.StatusOK)
if err := json.NewEncoder(w).Encode(result); err != nil {
return sendError(c, err)
}
return nil
}
// Send an HTTP 404 response.
func notFound(c *routing.Context) error {
c.Response.WriteHeader(404)
return nil
}
// Parse the request body as JSON.
func parseJSON(c *routing.Context) (map[string]interface{}, error) {
payload := make(map[string]interface{})
if err := json.NewDecoder(c.Request.Body).Decode(&payload); err != nil {
log.Println("Error decoding JSON:", err)
return payload, err
}
return payload, nil
}
// userID is a convenience function to extract the subscriber ID from the user's JWT.
// NOTE: Do not call this from public routes; there are a lot of type assertions that won't be true if the request
// hasn't gone through the authorization process.
func userID(c *routing.Context) string {
return c.Request.Context().Value("user").(*jwt.Token).Claims.(jwt.MapClaims)["sub"].(string)
}
/* Handlers */
// GET: /api/journal/
func journal(c *routing.Context) error {
reqs := data.Journal(userID(c))
if reqs == nil {
reqs = []data.JournalRequest{}
}
return sendJSON(c, reqs)
}
// POST: /api/request/
func requestAdd(c *routing.Context) error {
payload, err := parseJSON(c)
if err != nil {
return sendError(c, err)
}
result, ok := data.AddNew(userID(c), payload["requestText"].(string))
if !ok {
return sendError(c, errors.New("error adding request"))
}
return sendJSON(c, result)
}
// GET: /api/request/<id>
func requestGet(c *routing.Context) error {
request, ok := data.ByID(userID(c), c.Param("id"))
if !ok {
return sendError(c, errors.New("error retrieving request"))
}
if request == nil {
return notFound(c)
}
return sendJSON(c, request)
}
// GET: /api/request/<id>/complete
func requestGetComplete(c *routing.Context) error {
request, ok := data.FullByID(userID(c), c.Param("id"))
if !ok {
return sendError(c, errors.New("error retrieving request"))
}
var err error
request.Notes, err = data.NotesByID(userID(c), c.Param("id"))
if err != nil {
return sendError(c, err)
}
return sendJSON(c, request)
}
// GET: /api/request/<id>/full
func requestGetFull(c *routing.Context) error {
request, ok := data.FullByID(userID(c), c.Param("id"))
if !ok {
return sendError(c, errors.New("error retrieving request"))
}
return sendJSON(c, request)
}
// POST: /api/request/<id>/history
func requestAddHistory(c *routing.Context) error {
payload, err := parseJSON(c)
if err != nil {
return sendError(c, err)
}
c.Response.WriteHeader(
data.AddHistory(userID(c), c.Param("id"), payload["status"].(string), payload["updateText"].(string)))
return nil
}
// POST: /api/request/<id>/note
func requestAddNote(c *routing.Context) error {
payload, err := parseJSON(c)
if err != nil {
return sendError(c, err)
}
c.Response.WriteHeader(data.AddNote(userID(c), c.Param("id"), payload["notes"].(string)))
return nil
}
// GET: /api/request/<id>/notes
func requestGetNotes(c *routing.Context) error {
notes, err := data.NotesByID(userID(c), c.Param("id"))
if err != nil {
if err == sql.ErrNoRows {
return notFound(c)
}
return sendError(c, err)
}
if notes == nil {
notes = []data.Note{}
}
return sendJSON(c, notes)
}
// GET: /api/request/answered
func requestsAnswered(c *routing.Context) error {
reqs := data.Answered(userID(c))
if reqs == nil {
reqs = []data.JournalRequest{}
}
return sendJSON(c, reqs)
}
// GET: /*
func staticFiles(c *routing.Context) error {
// serve index for known routes handled client-side by the app
r := c.Request
w := c.Response
for _, prefix := range ClientPrefixes {
if strings.HasPrefix(r.URL.Path, prefix) {
w.Header().Add("Content-Type", "text/html")
http.ServeFile(w, r, "./public/index.html")
return nil
}
}
// 404 here is fine; quit hacking, y'all...
http.ServeFile(w, r, "./public"+r.URL.Path)
return nil
}

123
src/api/routes/router.go Normal file
View File

@ -0,0 +1,123 @@
package routes
import (
"encoding/json"
"errors"
"fmt"
"io/ioutil"
"log"
"net/http"
"github.com/auth0/go-jwt-middleware"
jwt "github.com/dgrijalva/jwt-go"
"github.com/go-ozzo/ozzo-routing"
"github.com/go-ozzo/ozzo-routing/access"
"github.com/go-ozzo/ozzo-routing/fault"
)
// AuthConfig contains the Auth0 configuration passed from the "auth" JSON object.
type AuthConfig struct {
Domain string `json:"domain"`
ClientID string `json:"id"`
ClientSecret string `json:"secret"`
}
// JWKS is a structure into which the JSON Web Key Set is unmarshaled.
type JWKS struct {
Keys []JWK `json:"keys"`
}
// JWK is a structure into which a single JSON Web Key is unmarshaled.
type JWK struct {
Kty string `json:"kty"`
Kid string `json:"kid"`
Use string `json:"use"`
N string `json:"n"`
E string `json:"e"`
X5c []string `json:"x5c"`
}
// authCfg is the Auth0 configuration provided at application startup.
var authCfg *AuthConfig
// jwksBytes is a cache of the JSON Web Key Set for this domain.
var jwksBytes = make([]byte, 0)
// getPEMCert is a function to get the applicable certificate for a JSON Web Token.
func getPEMCert(token *jwt.Token) (string, error) {
cert := ""
if len(jwksBytes) == 0 {
resp, err := http.Get(fmt.Sprintf("https://%s/.well-known/jwks.json", authCfg.Domain))
if err != nil {
return cert, err
}
defer resp.Body.Close()
if jwksBytes, err = ioutil.ReadAll(resp.Body); err != nil {
return cert, err
}
}
jwks := JWKS{}
if err := json.Unmarshal(jwksBytes, &jwks); err != nil {
return cert, err
}
for k, v := range jwks.Keys[0].X5c {
if token.Header["kid"] == jwks.Keys[k].Kid {
cert = fmt.Sprintf("-----BEGIN CERTIFICATE-----\n%s\n-----END CERTIFICATE-----", v)
}
}
if cert == "" {
err := errors.New("unable to find appropriate key")
return cert, err
}
return cert, nil
}
// authZero is an instance of Auth0's JWT middlware. Since it doesn't support the http.HandlerFunc sig, it is wrapped
// below; it's defined outside that function, though, so it does not get recreated every time.
var authZero = jwtmiddleware.New(jwtmiddleware.Options{
ValidationKeyGetter: func(token *jwt.Token) (interface{}, error) {
if checkAud := token.Claims.(jwt.MapClaims).VerifyAudience(authCfg.ClientID, false); !checkAud {
return token, errors.New("invalid audience")
}
iss := fmt.Sprintf("https://%s/", authCfg.Domain)
if checkIss := token.Claims.(jwt.MapClaims).VerifyIssuer(iss, false); !checkIss {
return token, errors.New("invalid issuer")
}
cert, err := getPEMCert(token)
if err != nil {
panic(err.Error())
}
result, _ := jwt.ParseRSAPublicKeyFromPEM([]byte(cert))
return result, nil
},
SigningMethod: jwt.SigningMethodRS256,
})
// authMiddleware is a wrapper for the Auth0 middleware above with a signature ozzo-routing recognizes.
func authMiddleware(c *routing.Context) error {
return authZero.CheckJWT(c.Response, c.Request)
}
// NewRouter returns a configured router to handle all incoming requests.
func NewRouter(cfg *AuthConfig) *routing.Router {
authCfg = cfg
router := routing.New()
router.Use(
access.Logger(log.Printf), // TODO: remove before go-live
fault.Recovery(log.Printf),
)
for _, route := range routes {
if route.IsPublic {
router.To(route.Method, route.Pattern, route.Func)
} else {
router.To(route.Method, route.Pattern, authMiddleware, route.Func)
}
}
return router
}

99
src/api/routes/routes.go Normal file
View File

@ -0,0 +1,99 @@
// Package routes contains endpoint handlers for the myPrayerJournal API.
package routes
import (
"net/http"
routing "github.com/go-ozzo/ozzo-routing"
)
// Route is a route served in the application.
type Route struct {
Name string
Method string
Pattern string
Func routing.Handler
IsPublic bool
}
// Routes is the collection of all routes served in the application.
type Routes []Route
// routes is the actual list of routes for the application.
var routes = Routes{
Route{
"Journal",
http.MethodGet,
"/api/journal/",
journal,
false,
},
Route{
"AddNewRequest",
http.MethodPost,
"/api/request/",
requestAdd,
false,
},
// Must be above GetRequestByID
Route{
"GetAnsweredRequests",
http.MethodGet,
"/api/request/answered",
requestsAnswered,
false,
},
Route{
"GetRequestByID",
http.MethodGet,
"/api/request/<id>",
requestGet,
false,
},
Route{
"GetCompleteRequestByID",
http.MethodGet,
"/api/request/<id>/complete",
requestGetComplete,
false,
},
Route{
"GetFullRequestByID",
http.MethodGet,
"/api/request/<id>/full",
requestGetFull,
false,
},
Route{
"AddNewHistoryEntry",
http.MethodPost,
"/api/request/<id>/history",
requestAddHistory,
false,
},
Route{
"AddNewNote",
http.MethodPost,
"/api/request/<id>/note",
requestAddNote,
false,
},
Route{
"GetNotesForRequest",
http.MethodGet,
"/api/request/<id>/notes",
requestGetNotes,
false,
},
// keep this route last
Route{
"StaticFiles",
http.MethodGet,
"/*",
staticFiles,
true,
},
}
// ClientPrefixes is a list of known route prefixes handled by the Vue app.
var ClientPrefixes = []string{"/answered", "/journal", "/user"}

View File

@ -1,108 +0,0 @@
'use strict'
import { Pool } from 'pg'
/**
* SQL to check the existence of a table in the mpj schema
* @param {string} table The name of the table whose existence should be checked
*/
const tableSql = table => `SELECT 1 FROM pg_tables WHERE schemaname='mpj' AND tablename='${table}'`
/**
* SQL to determine if an index exists
* @param {string} table The name of the table which the given index indexes
* @param {string} index The name of the index
*/
const indexSql = (table, index) =>
`SELECT 1 FROM pg_indexes WHERE schemaname='mpj' AND tablename='${table}' AND indexname='${index}'`
const ddl = [
{
name: 'myPrayerJournal Schema',
check: `SELECT 1 FROM pg_namespace WHERE nspname='mpj'`,
fix: `
CREATE SCHEMA mpj;
COMMENT ON SCHEMA mpj IS 'myPrayerJournal data'`
},
{
name: 'request Table',
check: tableSql('request'),
fix: `
CREATE TABLE mpj.request (
"requestId" varchar(25) PRIMARY KEY,
"enteredOn" bigint NOT NULL,
"userId" varchar(100) NOT NULL);
COMMENT ON TABLE mpj.request IS 'Requests'`
},
{
name: 'history Table',
check: tableSql('history'),
fix: `
CREATE TABLE mpj.history (
"requestId" varchar(25) NOT NULL REFERENCES mpj.request,
"asOf" bigint NOT NULL,
"status" varchar(25),
"text" text,
PRIMARY KEY ("requestId", "asOf"));
COMMENT ON TABLE mpj.history IS 'Request update history'`
},
{
name: 'note Table',
check: tableSql('note'),
fix: `
CREATE TABLE mpj.note (
"requestId" varchar(25) NOT NULL REFERENCES mpj.request,
"asOf" bigint NOT NULL,
"notes" text NOT NULL,
PRIMARY KEY ("requestId", "asOf"));
COMMENT ON TABLE mpj.note IS 'Notes regarding a request'`
},
{
name: 'request.userId Index',
check: indexSql('request', 'idx_request_userId'),
fix: `
CREATE INDEX "idx_request_userId" ON mpj.request ("userId");
COMMENT ON INDEX "idx_request_userId" IS 'Requests are retrieved by user'`
},
{
name: 'journal View',
check: `SELECT 1 FROM pg_views WHERE schemaname='mpj' AND viewname='journal'`,
fix: `
CREATE VIEW mpj.journal AS
SELECT
request."requestId",
request."userId",
(SELECT "text"
FROM mpj.history
WHERE history."requestId" = request."requestId"
AND "text" IS NOT NULL
ORDER BY "asOf" DESC
LIMIT 1) AS "text",
(SELECT "asOf"
FROM mpj.history
WHERE history."requestId" = request."requestId"
ORDER BY "asOf" DESC
LIMIT 1) AS "asOf",
(SELECT "status"
FROM mpj.history
WHERE history."requestId" = request."requestId"
ORDER BY "asOf" DESC
LIMIT 1) AS "lastStatus"
FROM mpj.request;
COMMENT ON VIEW mpj.journal IS 'Requests with latest text'`
}
]
export default function (query) {
return {
/**
* Ensure that the database schema, tables, and indexes exist
*/
ensureDatabase: async () => {
for (let item of ddl) {
const result = await query(item.check, [])
if (1 > result.rowCount) await query(item.fix, [])
}
}
}
}

View File

@ -1,27 +0,0 @@
'use strict'
import { Pool, types } from 'pg'
import appConfig from '../../appsettings.json'
import ddl from './ddl'
import request from './request'
/** Pooled PostgreSQL instance */
const pool = new Pool(appConfig.pgPool)
// Return "bigint" (int8) instances as number instead of strings
// ref: https://github.com/brianc/node-pg-types
types.setTypeParser(20, val => parseInt(val))
/**
* Run a SQL query
* @param {string} text The SQL command
* @param {*[]} params The parameters for the query
*/
const query = (text, params) => pool.query(text, params)
export default {
query: query,
request: request(pool),
verify: ddl(query).ensureDatabase
}

View File

@ -1,188 +0,0 @@
'use strict'
import { Pool } from 'pg'
import cuid from 'cuid'
const currentRequestSql = `
SELECT "requestId", "text", "asOf", "lastStatus"
FROM mpj.journal`
const journalSql = `${currentRequestSql}
WHERE "userId" = $1
AND "lastStatus" <> 'Answered'`
const requestNotFound = {
requestId: '',
text: 'Not Found',
asOf: 0
}
export default function (pool) {
/**
* Retrieve basic information about a single request
* @param {string} requestId The Id of the request to retrieve
* @param {string} userId The Id of the user to whom the request belongs
*/
let retrieveRequest = (requestId, userId) =>
pool.query(`
SELECT "requestId", "enteredOn"
FROM mpj.request
WHERE "requestId" = $1
AND "userId" = $2`,
[ requestId, userId ])
return {
/**
* Add a history entry for this request
* @param {string} userId The Id of the user to whom this request belongs
* @param {string} requestId The Id of the request to which the update applies
* @param {string} status The status for this history entry
* @param {string} updateText The updated text for the request (pass blank if no update)
* @return {number} 404 if the request is not found or does not belong to the given user, 204 if successful
*/
addHistory: async (userId, requestId, status, updateText) => {
const req = retrieveRequest(requestId, userId)
if (req.rowCount === 0) {
return 404
}
await pool.query(`
INSERT INTO mpj.history
("requestId", "asOf", "status", "text")
VALUES
($1, $2, $3, NULLIF($4, ''))`,
[ requestId, Date.now(), status, updateText ])
return 204
},
/**
* Add a new prayer request
* @param {string} userId The Id of the user
* @param {string} requestText The text of the request
* @return The created request
*/
addNew: async (userId, requestText) => {
const id = cuid()
const enteredOn = Date.now()
return (async () => {
const client = await pool.connect()
try {
await client.query('BEGIN')
await client.query(
'INSERT INTO mpj.request ("requestId", "enteredOn", "userId") VALUES ($1, $2, $3)',
[ id, enteredOn, userId ])
await client.query(
`INSERT INTO mpj.history ("requestId", "asOf", "status", "text") VALUES ($1, $2, 'Created', $3)`,
[ id, enteredOn, requestText ])
await client.query('COMMIT')
} catch (e) {
await client.query('ROLLBACK')
throw e
} finally {
client.release()
}
return { requestId: id, text: requestText, asOf: enteredOn, lastStatus: 'Created' }
})().catch(e => {
console.error(e.stack)
return { requestId: '', text: 'error', asOf: 0, lastStatus: 'Errored' }
})
},
/**
* Add a note about a prayer request
* @param {string} userId The Id of the user to whom the request belongs
* @param {string} requestId The Id of the request to which the note applies
* @param {string} note The notes to add
* @return {number} 404 if the request is not found or does not belong to the given user, 204 if successful
*/
addNote: async (userId, requestId, note) => {
const req = retrieveRequest(requestId, userId)
if (req.rowCount === 0) {
return 404
}
await pool.query(`
INSERT INTO mpj.note
("requestId", "asOf", "notes")
VALUES
($1, $2, $3)`,
[ requestId, Date.now(), note ])
return 204
},
/**
* Get all answered requests with their text as of the "Answered" status
* @param {string} userId The Id of the user for whom requests should be retrieved
* @return All requests
*/
answered: async (userId) =>
(await pool.query(`${currentRequestSql}
WHERE "userId" = $1
AND "lastStatus" = 'Answered'
ORDER BY "asOf" DESC`,
[ userId ])).rows,
/**
* Get the "current" version of a request by its Id
* @param {string} requestId The Id of the request to retrieve
* @param {string} userId The Id of the user to which the request belongs
* @return The request, or a request-like object indicating that the request was not found
*/
byId: async (userId, requestId) => {
const reqs = await pool.query(`${currentRequestSql}
WHERE "requestId" = $1
AND "userId" = $2`,
[ requestId, userId ])
return (0 < reqs.rowCount) ? reqs.rows[0] : requestNotFound
},
/**
* Get a prayer request, including its full history, by its Id
* @param {string} userId The Id of the user to which the request belongs
* @param {string} requestId The Id of the request to retrieve
* @return The request, or a request-like object indicating that the request was not found
*/
fullById: async (userId, requestId) => {
const reqResults = await retrieveRequest(requestId, userId)
if (0 === reqResults.rowCount) {
return requestNotFound
}
const req = reqResults.rows[0]
const history = await pool.query(`
SELECT "asOf", "status", COALESCE("text", '') AS "text"
FROM mpj.history
WHERE "requestId" = $1
ORDER BY "asOf"`,
[ requestId ])
req.history = history.rows
return req
},
/**
* Get the current requests for a user (i.e., their complete current journal)
* @param {string} userId The Id of the user
* @return The requests that make up the current journal
*/
journal: async userId => (await pool.query(`${journalSql} ORDER BY "asOf"`, [ userId ])).rows,
/**
* Get the notes for a request, most recent first
* @param {string} userId The Id of the user to whom the request belongs
* @param {string} requestId The Id of the request whose notes should be retrieved
* @return The notes for the request
*/
notesById: async (userId, requestId) => {
const reqResults = await retrieveRequest(requestId, userId)
if (0 === reqResults.rowCount) {
return requestNotFound
}
const notes = await pool.query(`
SELECT "asOf", "notes"
FROM mpj.note
WHERE "requestId" = $1
ORDER BY "asOf" DESC`,
[ requestId ])
return notes.rows
}
}
}

View File

@ -1,36 +0,0 @@
'use strict'
import Koa from 'koa'
import bodyParser from 'koa-bodyparser'
import morgan from 'koa-morgan'
import send from 'koa-send'
import serveFrom from 'koa-static'
import appConfig from '../appsettings.json'
import router from './routes'
/** Koa app */
const app = new Koa()
if (appConfig.env === 'dev') app.use(morgan('dev'))
export default app
// Serve the Vue files from /public
.use(serveFrom('public'))
// Parse the body into ctx.request.body, if present
.use(bodyParser())
// Tie in all the routes
.use(router.routes())
.use(router.allowedMethods())
// Send the index.html file for what would normally get a 404
.use(async (ctx, next) => {
if (ctx.url.indexOf('/api') === -1) {
try {
await send(ctx, 'index.html', { root: __dirname + '/../public/' })
}
catch (err) {
return await next(err)
}
}
return await next()
})

View File

@ -1,39 +0,0 @@
'use strict'
import jwt from 'koa-jwt'
import jwksRsa from 'jwks-rsa-koa'
import Router from 'koa-router'
import appConfig from '../../appsettings.json'
import journal from './journal'
import request from './request'
/** Authentication middleware to verify the access token against the Auth0 JSON Web Key Set */
const checkJwt = jwt({
// Dynamically provide a signing key
// based on the kid in the header and
// the singing keys provided by the JWKS endpoint.
secret: jwksRsa.koaJwt2Key({
cache: true,
rateLimit: true,
jwksRequestsPerMinute: 5,
jwksUri: `https://${appConfig.auth0.domain}/.well-known/jwks.json`
}),
// Validate the audience and the issuer.
audience: appConfig.auth0.clientId,
issuer: `https://${appConfig.auth0.domain}/`,
algorithms: ['RS256']
})
/** /api/journal routes */
const journalRoutes = journal(checkJwt)
/** /api/request routes */
const requestRoutes = request(checkJwt)
/** Combined router */
const router = new Router({ prefix: '/api' })
router.use('/journal', journalRoutes.routes(), journalRoutes.allowedMethods())
router.use('/request', requestRoutes.routes(), requestRoutes.allowedMethods())
export default router

View File

@ -1,16 +0,0 @@
'use strict'
import Router from 'koa-router'
import db from '../db'
const router = new Router()
export default function (checkJwt) {
router.get('/', checkJwt, async (ctx, next) => {
const reqs = await db.request.journal(ctx.state.user.sub)
ctx.body = reqs
return await next()
})
return router
}

View File

@ -1,79 +0,0 @@
'use strict'
import Router from 'koa-router'
import db from '../db'
const router = new Router()
export default function (checkJwt) {
router
// Add a new request
.post('/', checkJwt, async (ctx, next) => {
ctx.body = await db.request.addNew(ctx.state.user.sub, ctx.request.body.requestText)
await next()
})
// Add a request history entry (prayed, updated, answered, etc.)
.post('/:id/history', checkJwt, async (ctx, next) => {
const body = ctx.request.body
ctx.response.status = await db.request.addHistory(ctx.state.user.sub, ctx.params.id, body.status, body.updateText)
await next()
})
// Add a note to a request
.post('/:id/note', checkJwt, async (ctx, next) => {
const body = ctx.request.body
ctx.response.status = await db.request.addNote(ctx.state.user.sub, ctx.params.id, body.notes)
await next()
})
// Get a journal-style request by its Id
.get('/:id', checkJwt, async (ctx, next) => {
const req = await db.request.byId(ctx.state.user.sub, ctx.params.id)
if ('Not Found' === req.text) {
ctx.response.status = 404
} else {
ctx.body = req
}
await next()
})
// Get a request, along with its full history
.get('/:id/full', checkJwt, async (ctx, next) => {
const req = await db.request.fullById(ctx.state.user.sub, ctx.params.id)
if ('Not Found' === req.text) {
ctx.response.status = 404
} else {
ctx.body = req
}
await next()
})
// Get the notes for a request
.get('/:id/notes', checkJwt, async (ctx, next) => {
const notes = await db.request.notesById(ctx.state.user.sub, ctx.params.id)
if (notes.text && 'Not Found' === notes.text) {
ctx.response.status = 404
} else {
ctx.body = notes
ctx.response.status = 200
}
await next()
})
// Get a complete request; equivalent to full + notes
.get('/:id/complete', checkJwt, async (ctx, next) => {
const req = await db.request.fullById(ctx.state.user.sub, ctx.params.id)
if ('Not Found' === req.text) {
ctx.response.status = 404
} else {
ctx.response.status = 200
req.notes = await db.request.notesById(ctx.state.user.sub, ctx.params.id)
ctx.body = req
}
await next()
})
// Get all answered requests
.get('/answered', checkJwt, async (ctx, next) => {
ctx.body = await db.request.answered(ctx.state.user.sub)
ctx.response.status = 200
await next()
})
return router
}

File diff suppressed because it is too large Load Diff

View File

@ -4,8 +4,8 @@ var path = require('path')
module.exports = {
build: {
env: require('./prod.env'),
index: path.resolve(__dirname, '../../api/public/index.html'),
assetsRoot: path.resolve(__dirname, '../../api/public'),
index: path.resolve(__dirname, '../../public/index.html'),
assetsRoot: path.resolve(__dirname, '../../public'),
assetsSubDirectory: 'static',
assetsPublicPath: '/',
productionSourceMap: true,

View File

@ -1,6 +1,6 @@
{
"name": "my-prayer-journal",
"version": "0.9.2",
"version": "0.9.3",
"description": "myPrayerJournal - Front End",
"author": "Daniel J. Summers <daniel@bitbadger.solutions>",
"private": true,
@ -11,7 +11,9 @@
"unit": "cross-env BABEL_ENV=test karma start test/unit/karma.conf.js --single-run",
"e2e": "node test/e2e/runner.js",
"test": "npm run unit && npm run e2e",
"lint": "eslint --ext .js,.vue src test/unit/specs test/e2e/specs"
"lint": "eslint --ext .js,.vue src test/unit/specs test/e2e/specs",
"apistart": "cd .. && go build -o mpj-api.exe && mpj-api.exe",
"vue": "node build/build.js prod && cd .. && go build -o mpj-api.exe && mpj-api.exe"
},
"dependencies": {
"auth0-js": "^9.3.3",

View File

@ -10,6 +10,8 @@
| myPrayerJournal v{{ version }}
br
em: small.
#[router-link(:to="{ name: 'PrivacyPolicy' }") Privacy Policy] &bull;
#[router-link(:to="{ name: 'TermsOfService' }") Terms of Service] &bull;
#[a(href='https://github.com/danieljsummers/myprayerjournal') Developed] and hosted by
#[a(href='https://bitbadger.solutions') Bit Badger Solutions]
</template>

View File

@ -3,6 +3,8 @@ article
page-title(title='Answered Requests')
p(v-if='!loaded') Loading answered requests...
div(v-if='loaded').mpj-answered-list
p.text-center(v-if='requests.length === 0'): em.
No answered requests found; once you have marked one as &ldquo;Answered&rdquo;, it will appear here
p.mpj-request-text(v-for='req in requests' :key='req.requestId')
| {{ req.text }}
br

View File

@ -48,7 +48,7 @@ export default {
.sort(asOfDesc)[0].text
},
log () {
return this.request.notes
return (this.request.notes || [])
.map(note => ({ asOf: note.asOf, text: note.notes, status: 'Notes' }))
.concat(this.request.history)
.sort(asOfDesc)

View File

@ -9,8 +9,8 @@ article
individuals to review their answered prayers.
p.
This site is currently in beta, but it is open and available to the general public. To get started, simply click
the "Log On" link above, and log on with either a Microsoft or Google account. You can also learn more about the
site at the "Docs" link, also above.
the &ldquo;Log On&rdquo; link above, and log on with either a Microsoft or Google account. You can also learn more
about the site at the &ldquo;Docs&rdquo; link, also above.
</template>
<script>

View File

@ -11,7 +11,8 @@ article
:request='request'
:events='eventBus'
:toast='toast')
p.text-center(v-if='journal.length === 0'): em No requests found; click the "Add a New Request" button to add one
p.text-center(v-if='journal.length === 0'): em.
No requests found; click the &ldquo;Add a New Request&rdquo; button to add one
edit-request(:events='eventBus'
:toast='toast')
notes-edit(:events='eventBus'
@ -50,7 +51,7 @@ export default {
},
computed: {
title () {
return `${this.user.given_name}'s Prayer Journal`
return `${this.user.given_name}&rsquo;s Prayer Journal`
},
journalCardRows () {
return chunk(this.journal, 3)

View File

@ -9,7 +9,7 @@ b-navbar(toggleable='sm'
span(style='font-weight:600;') Prayer
span(style='font-weight:700;') Journal
b-collapse#nav_collapse(is-nav)
b-nav(is-nav-bar)
b-navbar-nav
b-nav-item(v-if='isAuthenticated'
to='/journal') Journal
b-nav-item(v-if='isAuthenticated'

View File

@ -18,11 +18,11 @@ export default {
},
watch: {
title () {
document.title = `${this.title} « myPrayerJournal`
document.title = `${this.title.replace('&rsquo;', "'")} « myPrayerJournal`
}
},
created () {
document.title = `${this.title} « myPrayerJournal`
document.title = `${this.title.replace('&rsquo;', "'")} « myPrayerJournal`
}
}
</script>

View File

@ -0,0 +1,54 @@
<template lang="pug">
article
page-title(title='Privacy Policy')
p: small: em (as of May 21, 2018)
p.
The nature of the service is one where privacy is a must. The items below will help you understand the data we
collect, access, and store on your behalf as you use this service.
hr
h3 Third Party Services
p.
myPrayerJournal utilizes a third-party authentication and identity provider. You should familiarize yourself with
the privacy policy for #[a(href='https://auth0.com/privacy' target='_blank') Auth0], as well as your chosen provider
(#[a(href='https://privacy.microsoft.com/en-us/privacystatement' target='_blank') Microsoft] or
#[a(href='https://policies.google.com/privacy' target='_blank') Google]).
hr
h3 What We Collect
h4 Identifying Data
ul
li.
The only identifying data myPrayerJournal stores is the subscriber (&ldquo;sub&rdquo;) field from the token we
receive from Auth0, once you have signed in through their hosted service. All information is associated with you
via this field.
li.
While you are signed in, within your browser, the service has access to your first and last names, along with a
URL to the profile picture (provided by your selected identity provider). This information is not transmitted to
the server, and is removed when &ldquo;Log Off&rdquo; is clicked.
h4 User Provided Data
ul
li.
myPrayerJournal stores the information you provide, including the text of prayer requests, updates, and notes;
and the date/time when certain actions are taken.
hr
h3 How Your Data Is Accessed / Secured
ul
li.
Your provided data is returned to you, as required, to display your journal or your answered requests.
On the server, it is stored in a controlled-access database.
li.
Your data is backed up, along with other Bit Badger Solutions hosted systems, in a rolling manner; backups are
preserved for the prior 7 days, and backups from the 1st and 15th are preserved for 3 months. These backups are
stored in a private cloud data repository.
li.
The data collected and stored is the absolute minimum necessary for the functionality of the service. There are
no plans to &ldquo;monetize&rdquo; this service, and storing the minimum amount of information means that the
data we have is not interesting to purchasers (or those who may have more nefarious purposes).
li Access to servers and backups is strictly controlled and monitored for unauthorized access attempts.
hr
h3 Removing Your Data
p.
At any time, you may choose to discontinue using this service. Both Microsoft and Google provide ways to revoke
access from this application. However, if you want your data removed from the database, please contact daniel at
bitbadger.solutions (via e-mail, replacing at with @) prior to doing so, to ensure we can determine which
subscriber ID belongs to you.
</template>

View File

@ -0,0 +1,35 @@
<template lang="pug">
article
page-title(title='Terms of Service')
p: small: em (as of May 21, 2018)
h3 1. Acceptance of Terms
p.
By accessing this web site, you are agreeing to be bound by these Terms and Conditions, and that you are
responsible to ensure that your use of this site complies with all applicable laws. Your continued use of this
site implies your acceptance of these terms.
h3 2. Description of Service and Registration
p.
myPrayerJournal is a service that allows individuals to enter and amend their prayer requests. It requires no
registration by itself, but access is granted based on a successful login with an external identity provider. See
#[router-link(:to="{ name: 'PrivacyPolicy' }") our privacy policy] for details on how that information is accessed
and stored.
h3 3. Third Party Services
p.
This service utilizes a third-party service provider for identity management. Review the terms of service for
#[a(href='https://auth0.com/terms' target='_blank') Auth0], as well as those for the selected authorization
provider (#[a(href='https://www.microsoft.com/en-us/servicesagreement' target='_blank') Microsoft] or
#[a(href='https://policies.google.com/terms' target='_blank') Google]).
h3 4. Liability
p.
This service is provided "as is", and no warranty (express or implied) exists. The service and its developers may
not be held liable for any damages that may arise through the use of this service.
h3 5. Updates to Terms
p.
These terms and conditions may be updated at any time, and this service does not have the capability to notify
users when these change. The date at the top of the page will be updated when any of the text of these terms is
updated.
hr
p.
You may also wish to review our #[router-link(:to="{ name: 'PrivacyPolicy' }") privacy policy] to learn how we
handle your data.
</template>

View File

@ -6,6 +6,8 @@ import AnsweredDetail from '@/components/AnsweredDetail'
import Home from '@/components/Home'
import Journal from '@/components/Journal'
import LogOn from '@/components/user/LogOn'
import PrivacyPolicy from '@/components/legal/PrivacyPolicy'
import TermsOfService from '@/components/legal/TermsOfService'
Vue.use(Router)
@ -33,6 +35,16 @@ export default new Router({
name: 'Journal',
component: Journal
},
{
path: '/legal/privacy-policy',
name: 'PrivacyPolicy',
component: PrivacyPolicy
},
{
path: '/legal/terms-of-service',
name: 'TermsOfService',
component: TermsOfService
},
{
path: '/user/log-on',
name: 'LogOn',

File diff suppressed because it is too large Load Diff

48
src/my-prayer-journal.go Normal file
View File

@ -0,0 +1,48 @@
// myPrayerJournal API Server
package main
import (
"encoding/json"
"log"
"net/http"
"os"
"github.com/danieljsummers/myPrayerJournal/src/api/data"
"github.com/danieljsummers/myPrayerJournal/src/api/routes"
)
// Web contains configuration for the web server.
type Web struct {
Port string `json:"port"`
}
// Settings contains configuration for the myPrayerJournal API.
type Settings struct {
Data *data.Settings `json:"data"`
Web *Web `json:"web"`
Auth *routes.AuthConfig `json:"auth"`
}
// readSettings parses the JSON configuration file into the Settings struct.
func readSettings(f string) *Settings {
config, err := os.Open(f)
if err != nil {
log.Fatal(err)
}
defer config.Close()
settings := Settings{}
if err = json.NewDecoder(config).Decode(&settings); err != nil {
log.Fatal(err)
}
return &settings
}
func main() {
cfg := readSettings("config.json")
if ok := data.Connect(cfg.Data); !ok {
log.Fatal("Unable to connect to database; exiting")
}
data.EnsureDB()
log.Printf("myPrayerJournal API listening on %s", cfg.Web.Port)
log.Fatal(http.ListenAndServe(cfg.Web.Port, routes.NewRouter(cfg.Auth)))
}