wip

mangezmieux-backend/internal/acl/handler.go

@@ -0,0 +1,71 @@
+package acl
+
+import (
+	"errors"
+	"github.com/go-playground/validator/v10"
+	"mangezmieux-backend/internal/acl/service"
+	"mangezmieux-backend/internal/logger"
+	"mangezmieux-backend/internal/middleware"
+	"mangezmieux-backend/internal/responses"
+	"mangezmieux-backend/internal/users/model"
+
+	"github.com/gin-gonic/gin"
+	"net/http"
+)
+
+type Handler struct {
+	service   service.Service
+	Validator *validator.Validate
+}
+
+const (
+	rolePathParam   = "roleName"
+	roleIdPathParam = "roleId"
+)
+
+func NewHandler(service service.Service, validator *validator.Validate) *Handler {
+	return &Handler{
+		service:   service,
+		Validator: validator,
+	}
+}
+
+func (h Handler) GetAllRole(context *gin.Context) {
+	roles, err := h.service.GetAllRole()
+	if err != nil {
+		logger.GetLogger().Error(err)
+		var apiError *responses.APIError
+		if errors.As(err, &apiError) {
+			responses.JSONError(context.Writer, *apiError)
+			return
+		}
+		responses.JSONErrorWithMessage(context.Writer, responses.ErrInternalServer, err.Error())
+		return
+	}
+	responses.JSON(context.Writer, http.StatusOK, roles)
+}
+
+func (h Handler) GetMyRoles(context *gin.Context) {
+	user, exists := context.Get(middleware.CtxUser)
+	if !exists {
+		responses.JSONErrorWithMessage(context.Writer, responses.ErrInternalServer, "User not found in context")
+		return
+	}
+
+	userModel := user.(*model.User)
+
+	userRight, err := h.service.GetRoleForCurrentUser(userModel)
+	if err != nil {
+		logger.GetLogger().Error(err)
+
+		var apiError *responses.APIError
+		if errors.As(err, &apiError) {
+			responses.JSONError(context.Writer, *apiError)
+			return
+		}
+		responses.JSONErrorWithMessage(context.Writer, responses.ErrInternalServer, err.Error())
+		return
+	}
+	responses.JSON(context.Writer, http.StatusOK, userRight)
+
+}

mangezmieux-backend/internal/acl/key/key.go

@@ -0,0 +1,6 @@
+package key
+
+const (
+	ServiceKey = "RoleService"
+	DaoKey     = "DaoService"
+)

mangezmieux-backend/internal/acl/model/model.go

@@ -0,0 +1,48 @@
+package model
+
+import (
+	"github.com/google/uuid"
+	"mangezmieux-backend/internal/model"
+)
+
+type UserRight struct {
+	UserRole []*UserRole `json:"userRole"`
+}
+
+type Resource struct {
+	Id   uuid.UUID `json:"id"`
+	Name string    `json:"name"`
+	model.Metadata
+}
+
+type RoleVerbResource struct {
+	Id         uuid.UUID `json:"id"`
+	Verb       string    `json:"verb"`
+	RoleId     uuid.UUID `json:"role"`
+	ResourceId uuid.UUID `json:"resource"`
+	model.Metadata
+}
+
+type RoleEditable struct {
+	Id   uuid.UUID `json:"id"`
+	Name string    `json:"name"`
+	model.Metadata
+}
+
+type Role struct {
+	RoleEditable
+	ResourceVerb map[string][]*Verb
+}
+
+type Verb struct {
+	Id   uuid.UUID `json:"id"`
+	Verb string    `json:"verb"`
+	model.Metadata
+}
+
+type UserRole struct {
+	Id     uuid.UUID `json:"id"`
+	RoleId uuid.UUID `json:"role"`
+	UserId uuid.UUID `json:"user"`
+	model.Metadata
+}

mangezmieux-backend/internal/acl/service/service.go

@@ -0,0 +1,60 @@
+package service
+
+import (
+	"github.com/google/uuid"
+	"mangezmieux-backend/internal/acl/model"
+	"mangezmieux-backend/internal/acl/sql"
+	model2 "mangezmieux-backend/internal/users/model"
+)
+
+type service struct {
+	dao sql.Dao
+}
+
+func (s service) GetRoleForCurrentUser(user *model2.User) (*model.UserRight, error) {
+	userId, err := uuid.Parse(user.ID.String())
+	if err != nil {
+		return nil, err
+	}
+
+	userRole, err := s.GetUserRoleByUser(userId)
+	if err != nil {
+		return nil, err
+	}
+
+	userRight := &model.UserRight{
+		UserRole: userRole,
+	}
+	return userRight, nil
+}
+
+func (s service) GetAllRole() ([]*model.Role, error) {
+	roles, err := s.dao.GetAllRole()
+	return roles, err
+}
+
+func (s service) GetUserRoleByUser(id uuid.UUID) ([]*model.UserRole, error) {
+	userRoles, err := s.dao.GetUserRoleByUser(id)
+	return userRoles, err
+}
+
+func (s service) GetRole(id uuid.UUID) (*model.Role, error) {
+	role, err := s.dao.GetRole(id)
+	if err != nil {
+		return nil, err
+	}
+
+	return role, nil
+}
+
+type Service interface {
+	GetAllRole() ([]*model.Role, error)
+	GetRoleForCurrentUser(user *model2.User) (*model.UserRight, error)
+	GetUserRoleByUser(id uuid.UUID) ([]*model.UserRole, error)
+}
+
+func NewService(dao sql.Dao) Service {
+	return &service{
+		dao: dao,
+	}
+}

mangezmieux-backend/internal/acl/setup.go

@@ -0,0 +1,39 @@
+package acl
+
+import (
+	"database/sql"
+	"mangezmieux-backend/internal/acl/key"
+	"mangezmieux-backend/internal/acl/service"
+	aclSql "mangezmieux-backend/internal/acl/sql"
+	"mangezmieux-backend/internal/ginserver"
+	"mangezmieux-backend/internal/injector"
+	"mangezmieux-backend/internal/postgres"
+	"mangezmieux-backend/internal/validator"
+
+	"net/http"
+
+	"github.com/gin-gonic/gin"
+	validatorv10 "github.com/go-playground/validator/v10"
+)
+
+func SetupDao(inj *injector.Injector) {
+	client := injector.Get[*sql.DB](inj, postgres.DatabaseKey)
+	dao := aclSql.NewDao(client)
+	inj.Set(key.DaoKey, dao)
+
+}
+func Setup(inj *injector.Injector) {
+	securedRoute := injector.Get[*gin.RouterGroup](inj, ginserver.SecuredRouterInjectorKey)
+	validatorCli := injector.Get[*validatorv10.Validate](inj, validator.ValidatorInjectorKey)
+	dao := injector.Get[aclSql.Dao](inj, key.DaoKey)
+	aclService := service.NewService(dao)
+	handler := NewHandler(aclService, validatorCli)
+
+	inj.Set(key.ServiceKey, aclService)
+
+	aclRoute := securedRoute.Group("/roles")
+	aclRoute.Handle(http.MethodGet, "/", handler.GetAllRole)
+
+	securedRoute.Handle(http.MethodGet, "/users/me/roles", handler.GetMyRoles)
+
+}

mangezmieux-backend/internal/acl/sql/dao.go

@@ -0,0 +1,39 @@
+package sql
+
+import (
+	"github.com/google/uuid"
+	"mangezmieux-backend/internal/acl/model"
+	model2 "mangezmieux-backend/internal/model"
+)
+
+type Dao interface {
+	//Role
+	GetRole(id uuid.UUID) (*model.Role, error)
+	GetRoleByName(name string) (*model.Role, error)
+	AddRole(roleName string, metadata model2.Metadata) (*model.Role, error)
+	DeleteRole(id uuid.UUID) error
+	GetAllRole() ([]*model.Role, error)
+
+	//Resource
+	AddResource(resourceName string, metadata model2.Metadata) (*model.Resource, error)
+	DeleteResource(id uuid.UUID) error
+	GetResource(id uuid.UUID) (*model.Resource, error)
+	GetResourceByName(name string) (*model.Resource, error)
+	GetAllResource() ([]*model.Resource, error)
+
+	//RoleVerbResource
+	GetRoleVerbResource(id uuid.UUID) (*model.RoleVerbResource, error)
+	GetRoleVerbResourceByRoleResourceAndVerb(roleId, resourceId uuid.UUID, verb string) (*model.RoleVerbResource, error)
+	GetRoleVerbResourceByRoleResource(roleId, resourceId uuid.UUID) ([]*model.RoleVerbResource, error)
+	GetRoleVerbResourceByRole(roleId uuid.UUID) ([]*model.RoleVerbResource, error)
+	AddRoleVerbResource(roleId, resourceId uuid.UUID, verb string, metadata model2.Metadata) (*model.RoleVerbResource, error)
+	DeleteRoleVerbResource(id uuid.UUID) error
+
+	//UserRole
+	GetUserRole(id uuid.UUID) (*model.UserRole, error)
+	GetUserRoleByUserAndRole(userId, roleId uuid.UUID) (*model.UserRole, error)
+	GetUserRoleByUser(userId uuid.UUID) ([]*model.UserRole, error)
+	GetUserRoleByRole(role uuid.UUID) ([]*model.UserRole, error)
+	AddUserRole(userId, roleId uuid.UUID, metadata model2.Metadata) (*model.UserRole, error)
+	DeleteUserRole(id uuid.UUID) error
+}

mangezmieux-backend/internal/acl/sql/sql.go

@@ -0,0 +1,13 @@
+package sql
+
+import (
+	"database/sql"
+)
+
+type dao struct {
+	client *sql.DB
+}
+
+func NewDao(client *sql.DB) Dao {
+	return &dao{client: client}
+}

mangezmieux-backend/internal/acl/sql/sql_resource.go

@@ -0,0 +1,121 @@
+package sql
+
+import (
+	"database/sql"
+	"errors"
+	"github.com/google/uuid"
+	"github.com/lib/pq"
+	"mangezmieux-backend/internal/acl/model"
+	model2 "mangezmieux-backend/internal/model"
+	"mangezmieux-backend/internal/postgres"
+)
+
+func (sqlDAO dao) AddResource(resourceName string, metadata model2.Metadata) (*model.Resource, error) {
+	var Id uuid.UUID
+	q := `
+			INSERT INTO mangezmieux.resource
+				(name, creation_date, creation_user)
+			VALUES
+				($1, $2, $3)
+			RETURNING
+				Id`
+
+	err := sqlDAO.client.QueryRow(q, resourceName, metadata.CreationDate, metadata.CreationUser).Scan(&Id)
+
+	var errPq *pq.Error
+	if errors.As(err, &errPq) {
+		return nil, postgres.HandlePgError(errPq)
+	}
+
+	resource, err := sqlDAO.GetResource(Id)
+	if errors.As(err, &errPq) {
+		return nil, postgres.HandlePgError(errPq)
+	}
+
+	return resource, nil
+}
+
+func (sqlDAO dao) DeleteResource(Id uuid.UUID) error {
+	q := `
+		DELETE FROM mangezmieux.resource
+		WHERE Id = $1 
+	`
+
+	_, err := sqlDAO.client.Exec(q, Id.String())
+	var errPq *pq.Error
+	if errors.As(err, &errPq) {
+		return postgres.HandlePgError(errPq)
+	}
+	return err
+}
+
+func (sqlDAO dao) GetResource(Id uuid.UUID) (*model.Resource, error) {
+	q := `
+		SELECT Id, name, creation_date, last_update_date
+		FROM mangezmieux.resource r
+		WHERE r.Id = $1
+	`
+	row := sqlDAO.client.QueryRow(q, Id.String())
+
+	resource := &model.Resource{}
+	err := row.Scan(&resource.Id, &resource.Name, &resource.CreationDate, &resource.LastUpdateDate)
+	var errPq *pq.Error
+	if errors.As(err, &errPq) {
+		return nil, postgres.HandlePgError(errPq)
+	}
+	if errors.Is(err, sql.ErrNoRows) {
+		return nil, postgres.NewDAOError(postgres.ErrTypeNotFound, err)
+	}
+	return resource, nil
+}
+
+func (sqlDAO dao) GetResourceByName(name string) (*model.Resource, error) {
+	q := `
+		SELECT Id, name, creation_date, last_update_date
+		FROM mangezmieux.resource r
+		WHERE r.name = $1
+	`
+	row := sqlDAO.client.QueryRow(q, name)
+
+	resource := &model.Resource{}
+	err := row.Scan(&resource.Id, &resource.Name, &resource.CreationDate, &resource.LastUpdateDate)
+	var errPq *pq.Error
+	if errors.As(err, &errPq) {
+		return nil, postgres.HandlePgError(errPq)
+	}
+	if errors.Is(err, sql.ErrNoRows) {
+		return nil, postgres.NewDAOError(postgres.ErrTypeNotFound, err)
+	}
+	return resource, nil
+}
+
+func (sqlDAO dao) GetAllResource() ([]*model.Resource, error) {
+	q := `
+		SELECT Id, name, creation_date, last_update_date
+		FROM mangezmieux.resource r
+	`
+	rows, err := sqlDAO.client.Query(q)
+	if err != nil {
+		return nil, err
+	}
+
+	if rows.Err() != nil {
+		return nil, rows.Err()
+	}
+
+	defer rows.Close()
+	resources := make([]*model.Resource, 0)
+	for rows.Next() {
+		resource := &model.Resource{}
+		err := rows.Scan(&resource.Id, &resource.Name, &resource.CreationDate, &resource.LastUpdateDate)
+		var errPq *pq.Error
+		if errors.As(err, &errPq) {
+			return nil, postgres.HandlePgError(errPq)
+		}
+		if errors.Is(err, sql.ErrNoRows) {
+			return nil, postgres.NewDAOError(postgres.ErrTypeNotFound, err)
+		}
+		resources = append(resources, resource)
+	}
+	return resources, nil
+}

mangezmieux-backend/internal/acl/sql/sql_role.go

@@ -0,0 +1,121 @@
+package sql
+
+import (
+	"database/sql"
+	"errors"
+	"github.com/google/uuid"
+	"github.com/lib/pq"
+	"mangezmieux-backend/internal/acl/model"
+	model2 "mangezmieux-backend/internal/model"
+	"mangezmieux-backend/internal/postgres"
+)
+
+func (sqlDAO dao) GetRole(id uuid.UUID) (*model.Role, error) {
+	q := `
+		SELECT id, name, creation_date, last_update_date
+		FROM mangezmieux.role r
+		WHERE r.id = $1
+	`
+	row := sqlDAO.client.QueryRow(q, id.String())
+
+	role := &model.Role{}
+	err := row.Scan(&role.Id, &role.Name, &role.CreationDate, &role.LastUpdateDate)
+	var errPq *pq.Error
+	if errors.As(err, &errPq) {
+		return nil, postgres.HandlePgError(errPq)
+	}
+	if errors.Is(err, sql.ErrNoRows) {
+		return nil, postgres.NewDAOError(postgres.ErrTypeNotFound, err)
+	}
+	return role, nil
+}
+
+func (sqlDAO dao) GetRoleByName(name string) (*model.Role, error) {
+	q := `
+		SELECT id, name, creation_date, last_update_date
+		FROM mangezmieux.role r
+		WHERE r.name = $1
+	`
+	row := sqlDAO.client.QueryRow(q, name)
+
+	role := &model.Role{}
+	err := row.Scan(&role.Id, &role.Name, &role.CreationDate, &role.LastUpdateDate)
+	var errPq *pq.Error
+	if errors.As(err, &errPq) {
+		return nil, postgres.HandlePgError(errPq)
+	}
+	if errors.Is(err, sql.ErrNoRows) {
+		return nil, postgres.NewDAOError(postgres.ErrTypeNotFound, err)
+	}
+	return role, nil
+}
+
+func (sqlDAO dao) AddRole(roleName string, metadata model2.Metadata) (*model.Role, error) {
+	var id uuid.UUID
+	q := `
+			INSERT INTO mangezmieux.role
+				(name, creation_date, creation_user)
+			VALUES
+				($1,$2,$3)
+			RETURNING
+				id`
+
+	err := sqlDAO.client.QueryRow(q, roleName, metadata.CreationDate, metadata.CreationUser).Scan(&id)
+
+	var errPq *pq.Error
+	if errors.As(err, &errPq) {
+		return nil, postgres.HandlePgError(errPq)
+	}
+
+	role, err := sqlDAO.GetRole(id)
+	if errors.As(err, &errPq) {
+		return nil, postgres.HandlePgError(errPq)
+	}
+
+	return role, nil
+}
+
+func (sqlDAO dao) DeleteRole(id uuid.UUID) error {
+	q := `
+		DELETE FROM mangezmieux.role
+		WHERE id = $1 
+	`
+
+	_, err := sqlDAO.client.Exec(q, id.String())
+	var errPq *pq.Error
+	if errors.As(err, &errPq) {
+		return postgres.HandlePgError(errPq)
+	}
+	return err
+}
+
+func (sqlDAO dao) GetAllRole() ([]*model.Role, error) {
+	q := `
+		SELECT id, name, creation_date, last_update_date
+		FROM mangezmieux.role r
+	`
+	rows, err := sqlDAO.client.Query(q)
+	if err != nil {
+		return nil, err
+	}
+
+	if rows.Err() != nil {
+		return nil, rows.Err()
+	}
+
+	defer rows.Close()
+	roles := make([]*model.Role, 0)
+	for rows.Next() {
+		role := &model.Role{}
+		err := rows.Scan(&role.Id, &role.Name, &role.CreationDate, &role.LastUpdateDate)
+		var errPq *pq.Error
+		if errors.As(err, &errPq) {
+			return nil, postgres.HandlePgError(errPq)
+		}
+		if errors.Is(err, sql.ErrNoRows) {
+			return nil, postgres.NewDAOError(postgres.ErrTypeNotFound, err)
+		}
+		roles = append(roles, role)
+	}
+	return roles, nil
+}

mangezmieux-backend/internal/acl/sql/sql_role_verb_resource.go

@@ -0,0 +1,191 @@
+package sql
+
+import (
+	"database/sql"
+	"errors"
+	"mangezmieux-backend/internal/acl/model"
+	model2 "mangezmieux-backend/internal/model"
+	"mangezmieux-backend/internal/postgres"
+
+	"github.com/google/uuid"
+	"github.com/lib/pq"
+)
+
+func (sqlDAO dao) GetRoleVerbResource(id uuid.UUID) (*model.RoleVerbResource, error) {
+	q := `
+		SELECT id, role_id, verb, resource_id, creation_date, last_update_date
+		FROM mangezmieux.role_verb_resource r
+		WHERE r.id = $1
+	`
+	row := sqlDAO.client.QueryRow(q, id.String())
+
+	roleVerbResource := &model.RoleVerbResource{}
+	err := row.Scan(&roleVerbResource.Id, &roleVerbResource.RoleId, &roleVerbResource.Verb, &roleVerbResource.ResourceId, &roleVerbResource.CreationDate, &roleVerbResource.LastUpdateDate)
+	var errPq *pq.Error
+	if errors.As(err, &errPq) {
+		return nil, postgres.HandlePgError(errPq)
+	}
+	if errors.Is(err, sql.ErrNoRows) {
+		return nil, postgres.NewDAOError(postgres.ErrTypeNotFound, err)
+	}
+	return roleVerbResource, nil
+}
+
+func (sqlDAO dao) GetRoleVerbResourceByRoleResourceAndVerb(roleId, resourceId uuid.UUID, verb string) (*model.RoleVerbResource, error) {
+	q := `
+		SELECT id, role_id, verb, resource_id, creation_date, last_update_date
+		FROM mangezmieux.role_verb_resource r
+		WHERE r.role_id = $1 
+		AND r.resource_id = $2
+		AND r.verb = $3
+	`
+	row := sqlDAO.client.QueryRow(q, roleId.String(), resourceId.String(), verb)
+
+	roleVerbResource := &model.RoleVerbResource{}
+	err := row.Scan(&roleVerbResource.Id, &roleVerbResource.RoleId, &roleVerbResource.Verb, &roleVerbResource.ResourceId, &roleVerbResource.CreationDate, &roleVerbResource.LastUpdateDate)
+	var errPq *pq.Error
+	if errors.As(err, &errPq) {
+		return nil, postgres.HandlePgError(errPq)
+	}
+	if errors.Is(err, sql.ErrNoRows) {
+		return nil, postgres.NewDAOError(postgres.ErrTypeNotFound, err)
+	}
+	return roleVerbResource, nil
+}
+
+func (sqlDAO dao) GetRoleVerbResourceByResourceAndVerb(resourceId uuid.UUID, verb string) ([]*model.RoleVerbResource, error) {
+	q := `
+		SELECT id, role_id, verb, resource_id, creation_date, last_update_date
+		FROM mangezmieux.role_verb_resource r
+		WHERE r.resource_id = $1
+		AND r.verb = $2
+	`
+	rows, err := sqlDAO.client.Query(q, resourceId.String(), verb)
+	if err != nil {
+		return nil, err
+	}
+
+	if rows.Err() != nil {
+		return nil, rows.Err()
+	}
+
+	defer rows.Close()
+	roleVerResources := make([]*model.RoleVerbResource, 0)
+	for rows.Next() {
+		roleVerbResource := &model.RoleVerbResource{}
+		err := rows.Scan(&roleVerbResource.Id, &roleVerbResource.RoleId, &roleVerbResource.Verb, &roleVerbResource.ResourceId, &roleVerbResource.CreationDate, &roleVerbResource.LastUpdateDate)
+		var errPq *pq.Error
+		if errors.As(err, &errPq) {
+			return nil, postgres.HandlePgError(errPq)
+		}
+		if errors.Is(err, sql.ErrNoRows) {
+			return nil, postgres.NewDAOError(postgres.ErrTypeNotFound, err)
+		}
+		roleVerResources = append(roleVerResources, roleVerbResource)
+	}
+	return roleVerResources, nil
+}
+
+func (sqlDAO dao) GetRoleVerbResourceByRoleResource(roleId, resourceId uuid.UUID) ([]*model.RoleVerbResource, error) {
+	q := `
+		SELECT id, role_id, verb, resource_id, creation_date, last_update_date
+		FROM mangezmieux.role_verb_resource r
+		WHERE r.role_id = $1 
+		AND r.resource_id = $2
+	`
+	rows, err := sqlDAO.client.Query(q, roleId.String(), resourceId.String())
+	if err != nil {
+		return nil, err
+	}
+
+	if rows.Err() != nil {
+		return nil, rows.Err()
+	}
+
+	defer rows.Close()
+	roleVerResources := make([]*model.RoleVerbResource, 0)
+	for rows.Next() {
+		roleVerbResource := &model.RoleVerbResource{}
+		err := rows.Scan(&roleVerbResource.Id, &roleVerbResource.RoleId, &roleVerbResource.Verb, &roleVerbResource.ResourceId, &roleVerbResource.CreationDate, &roleVerbResource.LastUpdateDate)
+		var errPq *pq.Error
+		if errors.As(err, &errPq) {
+			return nil, postgres.HandlePgError(errPq)
+		}
+		if errors.Is(err, sql.ErrNoRows) {
+			return nil, postgres.NewDAOError(postgres.ErrTypeNotFound, err)
+		}
+		roleVerResources = append(roleVerResources, roleVerbResource)
+	}
+	return roleVerResources, nil
+}
+
+func (sqlDAO dao) GetRoleVerbResourceByRole(roleId uuid.UUID) ([]*model.RoleVerbResource, error) {
+	q := `
+		SELECT id, role_id, verb, resource_id, creation_date, last_update_date
+		FROM mangezmieux.role_verb_resource r
+		WHERE r.role_id = $1 
+	`
+	rows, err := sqlDAO.client.Query(q, roleId.String())
+	if err != nil {
+		return nil, err
+	}
+
+	if rows.Err() != nil {
+		return nil, rows.Err()
+	}
+
+	defer rows.Close()
+	roleVerResources := make([]*model.RoleVerbResource, 0)
+	for rows.Next() {
+		roleVerbResource := &model.RoleVerbResource{}
+		err := rows.Scan(&roleVerbResource.Id, &roleVerbResource.RoleId, &roleVerbResource.Verb, &roleVerbResource.ResourceId, &roleVerbResource.CreationDate, &roleVerbResource.LastUpdateDate)
+		var errPq *pq.Error
+		if errors.As(err, &errPq) {
+			return nil, postgres.HandlePgError(errPq)
+		}
+		if errors.Is(err, sql.ErrNoRows) {
+			return nil, postgres.NewDAOError(postgres.ErrTypeNotFound, err)
+		}
+		roleVerResources = append(roleVerResources, roleVerbResource)
+	}
+	return roleVerResources, nil
+}
+
+func (sqlDAO dao) AddRoleVerbResource(roleId, resourceId uuid.UUID, verb string, metadata model2.Metadata) (*model.RoleVerbResource, error) {
+	var Id uuid.UUID
+	q := `
+			INSERT INTO mangezmieux.role_verb_resource
+				(role_id, verb, resource_id, creation_date, creation_user)
+			VALUES
+				($1,$2,$3,$4,$5)
+			RETURNING
+				Id`
+
+	err := sqlDAO.client.QueryRow(q, roleId.String(), verb, resourceId.String(), metadata.CreationDate, metadata.CreationUser).Scan(&Id)
+
+	var errPq *pq.Error
+	if errors.As(err, &errPq) {
+		return nil, postgres.HandlePgError(errPq)
+	}
+
+	roleVerbResource, err := sqlDAO.GetRoleVerbResource(Id)
+	if errors.As(err, &errPq) {
+		return nil, postgres.HandlePgError(errPq)
+	}
+
+	return roleVerbResource, nil
+}
+
+func (sqlDAO dao) DeleteRoleVerbResource(id uuid.UUID) error {
+	q := `
+		DELETE FROM mangezmieux.role_verb_resource
+		WHERE Id = $1 
+	`
+
+	_, err := sqlDAO.client.Exec(q, id.String())
+	var errPq *pq.Error
+	if errors.As(err, &errPq) {
+		return postgres.HandlePgError(errPq)
+	}
+	return err
+}

mangezmieux-backend/internal/acl/sql/sql_user_role.go

@@ -0,0 +1,161 @@
+package sql
+
+import (
+	"database/sql"
+	"errors"
+	"mangezmieux-backend/internal/acl/model"
+	model2 "mangezmieux-backend/internal/model"
+	"mangezmieux-backend/internal/postgres"
+
+	"github.com/google/uuid"
+	"github.com/lib/pq"
+)
+
+func (sqlDAO dao) GetUserRole(id uuid.UUID) (*model.UserRole, error) {
+	q := `
+		SELECT id, role_id, user_id, creation_date, last_update_date
+		FROM mangezmieux.user_role r
+		WHERE r.id = $1
+	`
+	row := sqlDAO.client.QueryRow(q, id.String())
+
+	userRole := &model.UserRole{}
+	err := row.Scan(&userRole.Id, &userRole.RoleId, &userRole.UserId, &userRole.CreationDate, &userRole.LastUpdateDate)
+	var errPq *pq.Error
+	if errors.As(err, &errPq) {
+		return nil, postgres.HandlePgError(errPq)
+	}
+	if errors.Is(err, sql.ErrNoRows) {
+		return nil, postgres.NewDAOError(postgres.ErrTypeNotFound, err)
+	}
+	return userRole, nil
+}
+
+func (sqlDAO dao) GetUserRoleByUserAndRole(userId, roleId uuid.UUID) (*model.UserRole, error) {
+	q := `
+		SELECT id, role_id, user_id, creation_date, last_update_date
+		FROM mangezmieux.user_role r
+		WHERE r.role_id = $1 
+		AND r.user_id = $2
+	`
+	row := sqlDAO.client.QueryRow(q, roleId.String(), userId.String())
+
+	userRole := &model.UserRole{}
+	err := row.Scan(&userRole.Id, &userRole.RoleId, &userRole.UserId, &userRole.CreationDate, &userRole.LastUpdateDate)
+	var errPq *pq.Error
+	if errors.As(err, &errPq) {
+		return nil, postgres.HandlePgError(errPq)
+	}
+	if errors.Is(err, sql.ErrNoRows) {
+		return nil, postgres.NewDAOError(postgres.ErrTypeNotFound, err)
+	}
+	return userRole, nil
+}
+
+func (sqlDAO dao) GetUserRoleByUser(userId uuid.UUID) ([]*model.UserRole, error) {
+	q := `
+		SELECT id, role_id, user_id, creation_date, last_update_date
+		FROM mangezmieux.user_role r
+		WHERE r.user_id = $1
+	`
+	rows, err := sqlDAO.client.Query(q, userId.String())
+	if errors.Is(err, sql.ErrNoRows) {
+		return make([]*model.UserRole, 0), nil
+	}
+	var errPq *pq.Error
+	if errors.As(err, &errPq) {
+
+		return nil, postgres.HandlePgError(errPq)
+	}
+
+	if rows.Err() != nil {
+		return nil, rows.Err()
+	}
+
+	defer rows.Close()
+	userRoles := make([]*model.UserRole, 0)
+	for rows.Next() {
+		userRole := &model.UserRole{}
+		err := rows.Scan(&userRole.Id, &userRole.RoleId, &userRole.UserId, &userRole.CreationDate, &userRole.LastUpdateDate)
+		var errPq *pq.Error
+		if errors.As(err, &errPq) {
+			return nil, postgres.HandlePgError(errPq)
+		}
+		if errors.Is(err, sql.ErrNoRows) {
+			return nil, postgres.NewDAOError(postgres.ErrTypeNotFound, err)
+		}
+		userRoles = append(userRoles, userRole)
+	}
+	return userRoles, nil
+}
+
+func (sqlDAO dao) GetUserRoleByRole(role uuid.UUID) ([]*model.UserRole, error) {
+	q := `
+		SELECT id, role_id, user_id, creation_date, last_update_date
+		FROM mangezmieux.user_role r
+		WHERE r.role_id = $1
+	`
+	rows, err := sqlDAO.client.Query(q, role.String())
+	if err != nil {
+		return nil, err
+	}
+
+	if rows.Err() != nil {
+		return nil, rows.Err()
+	}
+
+	defer rows.Close()
+	userRoles := make([]*model.UserRole, 0)
+	for rows.Next() {
+		userRole := &model.UserRole{}
+		err := rows.Scan(&userRole.Id, &userRole.RoleId, &userRole.UserId, &userRole.CreationDate, &userRole.LastUpdateDate)
+		var errPq *pq.Error
+		if errors.As(err, &errPq) {
+			return nil, postgres.HandlePgError(errPq)
+		}
+		if errors.Is(err, sql.ErrNoRows) {
+			return nil, postgres.NewDAOError(postgres.ErrTypeNotFound, err)
+		}
+		userRoles = append(userRoles, userRole)
+	}
+	return userRoles, nil
+}
+
+func (sqlDAO dao) AddUserRole(userId, roleId uuid.UUID, metadata model2.Metadata) (*model.UserRole, error) {
+	var Id uuid.UUID
+	q := `
+			INSERT INTO mangezmieux.user_role
+				(user_id, role_id, creation_date, creation_user)
+			VALUES
+				($1,$2,$3,$4)
+			RETURNING
+				Id`
+
+	err := sqlDAO.client.QueryRow(q, userId.String(), roleId.String(), metadata.CreationDate, metadata.CreationUser).Scan(&Id)
+
+	var errPq *pq.Error
+	if errors.As(err, &errPq) {
+		return nil, postgres.HandlePgError(errPq)
+	}
+
+	userRole, err := sqlDAO.GetUserRole(Id)
+	if errors.As(err, &errPq) {
+		return nil, postgres.HandlePgError(errPq)
+	}
+
+	return userRole, nil
+}
+
+func (sqlDAO dao) DeleteUserRole(id uuid.UUID) error {
+	q := `
+		DELETE FROM mangezmieux.user_role
+		WHERE Id = $1 
+	`
+
+	_, err := sqlDAO.client.Exec(q, id.String())
+	var errPq *pq.Error
+	if errors.As(err, &errPq) {
+		return postgres.HandlePgError(errPq)
+	}
+	return err
+}

mangezmieux-backend/internal/ginserver/headers.go

@@ -0,0 +1,8 @@
+package ginserver
+
+const (
+	HeaderNameContentType   = "content-type"
+	HeaderNameCorrelationID = "correlationID"
+
+	HeaderValueApplicationJSONUTF8 = "application/json; charset=UTF-8"
+)

mangezmieux-backend/internal/ginserver/logger.go

@@ -0,0 +1,70 @@
+package ginserver
+
+import (
+	"mangezmieux-backend/internal/logger"
+	"math/rand"
+	"time"
+
+	"github.com/gin-gonic/gin"
+)
+
+const (
+	letterBytes   = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
+	letterIdxBits = 6                    // 6 bits to represent a letter index
+	letterIdxMask = 1<<letterIdxBits - 1 // All 1-bits, as many as letterIdxBits
+	letterIdxMax  = 63 / letterIdxBits   // # of letter indices fitting in 63 bits
+)
+
+var src = rand.NewSource(time.Now().UnixNano())
+
+func randStringBytesMaskImprSrc(n int) string {
+	b := make([]byte, n)
+	// A src.Int63() generates 63 random bits, enough for letterIdxMax characters!
+	for i, cache, remain := n-1, src.Int63(), letterIdxMax; i >= 0; {
+		if remain == 0 {
+			cache, remain = src.Int63(), letterIdxMax
+		}
+		if idx := int(cache & letterIdxMask); idx < len(letterBytes) {
+			b[i] = letterBytes[idx]
+			i--
+		}
+		cache >>= letterIdxBits
+		remain--
+	}
+
+	return string(b)
+}
+
+func GetLoggerMiddleware() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		correlationID := c.Request.Header.Get(HeaderNameCorrelationID)
+		if correlationID == "" {
+			correlationID = randStringBytesMaskImprSrc(30)
+			c.Writer.Header().Set(HeaderNameCorrelationID, correlationID)
+		}
+
+		logEntry := logger.GetLogger().WithField(HeaderNameCorrelationID, correlationID)
+
+		c.Set(logger.ContextKeyLogger, logEntry)
+	}
+}
+
+func GetHTTPLoggerMiddleware() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		start := time.Now()
+
+		logger.GetLoggerFromCtx(c).
+			WithField("method", c.Request.Method).
+			WithField("url", c.Request.RequestURI).
+			WithField("from", c.ClientIP()).
+			Info("start handling HTTP request")
+
+		c.Next()
+		d := time.Since(start)
+
+		logger.GetLoggerFromCtx(c).
+			WithField("status", c.Writer.Status()).
+			WithField("duration", d.String()).
+			Info("end handling HTTP request")
+	}
+}

mangezmieux-backend/internal/ginserver/setup.go

@@ -0,0 +1,45 @@
+package ginserver
+
+import (
+	"mangezmieux-backend/internal/injector"
+	"time"
+
+	"github.com/gin-contrib/cors"
+	"github.com/gin-gonic/gin"
+)
+
+var (
+	routerInjectorKey = "ROUTER"
+
+	SecuredRouterInjectorKey   = "SECURED_ROUTER"
+	UnsecuredRouterInjectorKey = "UNSECURED_ROUTER"
+)
+
+func Setup(inj *injector.Injector) {
+	gin.SetMode(gin.ReleaseMode)
+
+	router := gin.New()
+	router.HandleMethodNotAllowed = true
+
+	router.Use(cors.New(cors.Config{
+		AllowOrigins:     []string{"http://localhost:3000/", "http://localhost:3000"},
+		AllowMethods:     []string{"*"},
+		AllowHeaders:     []string{"*"},
+		ExposeHeaders:    []string{"*"},
+		AllowCredentials: true,
+		MaxAge:           12 * time.Hour,
+	}))
+	router.Use(gin.Recovery())
+	router.Use(GetLoggerMiddleware())
+	router.Use(GetHTTPLoggerMiddleware())
+	public := router.Group("")
+	inj.Set(UnsecuredRouterInjectorKey, public)
+
+	authMiddleware := injector.Get[gin.HandlerFunc](inj, "AuthenticationMiddleware")
+
+	securedUserRoute := public.Group("/api/v1")
+	securedUserRoute.Use(authMiddleware)
+
+	inj.Set(SecuredRouterInjectorKey, securedUserRoute)
+	inj.Set(routerInjectorKey, router)
+}

mangezmieux-backend/internal/ginserver/start.go

@@ -0,0 +1,41 @@
+package ginserver
+
+import (
+	"errors"
+	"log"
+	"mangezmieux-backend/internal/injector"
+	"net/http"
+	"os"
+	"os/signal"
+	"syscall"
+	"time"
+
+	"github.com/gin-gonic/gin"
+)
+
+func Start(inj *injector.Injector, port string) {
+	router := injector.Get[*gin.Engine](inj, routerInjectorKey)
+
+	srv := &http.Server{
+		Addr:              ":" + port,
+		Handler:           router,
+		ReadHeaderTimeout: 4 * time.Second,
+	}
+
+	go func() {
+		// service connections
+		if err := srv.ListenAndServe(); err != nil && !errors.Is(err, http.ErrServerClosed) {
+			log.Fatalf("listen: %s\n", err)
+		}
+	}()
+
+	// Wait for interrupt signal to gracefully shutdown the server with
+	// a timeout of 5 seconds.
+	quit := make(chan os.Signal, 1)
+	// kill (no param) default send syscanll.SIGTERM
+	// kill -2 is syscall.SIGINT
+	// kill -9 is syscall. SIGKILL but can"t be catch, so don't need add it
+	signal.Notify(quit, syscall.SIGINT, syscall.SIGTERM)
+	<-quit
+	log.Println("Shutdown Server ...")
+}

mangezmieux-backend/internal/godog/model.go

@@ -0,0 +1,18 @@
+package godog
+
+import "context"
+
+type TestCenter interface {
+	GetFunctionalityContext() any
+}
+type genericTestCenter struct {
+	testCenter TestCenter
+}
+
+type ResourceHandler interface {
+	Create(ctx context.Context, val string) (context.Context, error)
+	Read(ctx context.Context, val string) (context.Context, error)
+	Update(ctx context.Context, val string) (context.Context, error)
+	Patch(ctx context.Context, val string) (context.Context, error)
+	Delete(ctx context.Context, val string) (context.Context, error)
+}

mangezmieux-backend/internal/godog/resources.go

@@ -0,0 +1,23 @@
+package godog
+
+import (
+	"fmt"
+	"log"
+)
+
+var resourcesHandler = map[string]ResourceHandler{}
+
+func RegisterResourceHandler(resourceName string, handler ResourceHandler) {
+	if _, ok := resourcesHandler[resourceName]; ok {
+		log.Fatalf("Can't add an already existing handler for resource %s", resourceName)
+		return
+	}
+	resourcesHandler[resourceName] = handler
+}
+
+func GetResourceHandler(resourceName string) ResourceHandler {
+	if val, ok := resourcesHandler[resourceName]; ok {
+		return val
+	}
+	panic(fmt.Sprintf("no handler found for resource type %s", resourceName))
+}

mangezmieux-backend/internal/godog/sentence.go

@@ -0,0 +1,92 @@
+package godog
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"github.com/cucumber/godog"
+	"github.com/ohler55/ojg/jp"
+	"net/http/httptest"
+)
+
+func (gtc *genericTestCenter) theResourceIsCreated(ctx context.Context) (context.Context, error) {
+	return gtc.theResponseHasStatus(ctx, 201)
+}
+
+func (gtc *genericTestCenter) theResourceAlreadyExists(ctx context.Context) (context.Context, error) {
+	return gtc.theResponseHasStatus(ctx, 409)
+}
+
+func (gtc *genericTestCenter) theUserMissRight(ctx context.Context) (context.Context, error) {
+	return gtc.theResponseHasStatus(ctx, 403)
+}
+
+func (gtc *genericTestCenter) badRequest(ctx context.Context) (context.Context, error) {
+	return gtc.theResponseHasStatus(ctx, 400)
+}
+
+func (gtc *genericTestCenter) forbiddenRequest(ctx context.Context) (context.Context, error) {
+	return gtc.theResponseHasStatus(ctx, 403)
+}
+
+func (gtc *genericTestCenter) theResponseHasStatus(ctx context.Context, status int) (context.Context, error) {
+	httpRecorder := ctx.Value("recorder").(*httptest.ResponseRecorder)
+	if httpRecorder.Code != status {
+		return ctx, fmt.Errorf("got code %d with body %s", httpRecorder.Code, httpRecorder.Body.String())
+	}
+
+	ctx = context.WithValue(ctx, "OBJECT_RESPONSE", httpRecorder.Body.String())
+	return ctx, nil
+}
+
+func (gtc *genericTestCenter) theFieldHasValue(ctx context.Context, fieldName, value string) (context.Context, error) {
+	compiledPath, err := jp.ParseString(fieldName)
+	body := ctx.Value("OBJECT_RESPONSE").(string)
+	if err != nil {
+		return ctx, err
+	}
+	var resourceAsMap interface{}
+	err = json.Unmarshal([]byte(body), &resourceAsMap)
+	if err != nil {
+		return ctx, err
+	}
+
+	datas := compiledPath.Get(resourceAsMap)
+	if len(datas) != 1 {
+		return ctx, fmt.Errorf("Found %v data. Expected only one", len(datas))
+	}
+	if datas[0] != value {
+		return ctx, fmt.Errorf("The field %s has value %s . Expected %s", fieldName, datas[0], value)
+	}
+	return ctx, nil
+}
+
+func (gtc *genericTestCenter) resourceDoesntExist(ctx context.Context, resourceType string, resourceName string) (context.Context, error) {
+	handler := GetResourceHandler(resourceType)
+	ctx, _ = handler.Delete(ctx, resourceName)
+	return ctx, nil
+}
+
+func (gtc *genericTestCenter) theUserCreatesAResourcesWithTheFollowingData(ctx context.Context, resourceType string, content *godog.DocString) (context.Context, error) {
+	handler := GetResourceHandler(resourceType)
+	ctx, _ = handler.Create(ctx, content.Content)
+	return ctx, nil
+}
+
+func (gtc *genericTestCenter) theUserPatchesAResourcesWithTheFollowingData(ctx context.Context, resourceType string, content *godog.DocString) (context.Context, error) {
+	handler := GetResourceHandler(resourceType)
+	ctx, _ = handler.Patch(ctx, content.Content)
+	return ctx, nil
+}
+
+func (gtc *genericTestCenter) theUserUpdatesAResourcesWithTheFollowingData(ctx context.Context, resourceType string, content *godog.DocString) (context.Context, error) {
+	handler := GetResourceHandler(resourceType)
+	ctx, _ = handler.Update(ctx, content.Content)
+	return ctx, nil
+}
+
+func (gtc *genericTestCenter) theResourceExistWithTheFollowingData(ctx context.Context, resourceType string, content *godog.DocString) (context.Context, error) {
+	handler := GetResourceHandler(resourceType)
+	ctx, _ = handler.Create(ctx, content.Content)
+	return ctx, nil
+}

mangezmieux-backend/internal/godog/setup.go

@@ -0,0 +1,20 @@
+package godog
+
+import cucumber "github.com/cucumber/godog"
+
+func Setup(ctx *cucumber.ScenarioContext, testCenter TestCenter) {
+	gtc := genericTestCenter{testCenter: testCenter}
+	ctx.Step(`^the resource is created`, gtc.theResourceIsCreated)
+	ctx.Step(`^the response indicates that the ([^\s]+) already exists`, gtc.theResourceAlreadyExists)
+	ctx.Step(`^the response indicates that the user doesn't have right`, gtc.theUserMissRight)
+	ctx.Step(`^the response indicates that this a bad request`, gtc.badRequest)
+	ctx.Step(`^the response indicates that this a forbidden request`, gtc.forbiddenRequest)
+	ctx.Step(`^the response has status (\d+)$`, gtc.theResponseHasStatus)
+	ctx.Step(`^the ([^\s]+) ([^\s]+) doesn\'t exist yet`, gtc.resourceDoesntExist)
+	ctx.Step(`^the field ([^\s]+) is (\d+)$`, gtc.theFieldHasValue)
+	ctx.Step(`^the field ([^\s]+) has value "([^"]*)"$`, gtc.theFieldHasValue)
+	ctx.Step(`^the user create a[n]* ([^\s]+) with the following data:$`, gtc.theUserCreatesAResourcesWithTheFollowingData)
+	ctx.Step(`^the user update a[n]* ([^\s]+) with the following data:$`, gtc.theUserUpdatesAResourcesWithTheFollowingData)
+	ctx.Step(`^the user patch a[n]* ([^\s]+) with the following data:$`, gtc.theUserUpdatesAResourcesWithTheFollowingData)
+	ctx.Step(`^the ([^\s]+) exists with the following data:$`, gtc.theResourceExistWithTheFollowingData)
+}

mangezmieux-backend/internal/health/handler.go

@@ -0,0 +1,27 @@
+package health
+
+import (
+	"net/http"
+
+	"github.com/gin-gonic/gin"
+)
+
+// @openapi:path
+// /_health:
+//
+//	get:
+//	  tags:
+//	    - "Monitoring"
+//	  summary: Health check
+//	  description: Health check
+//	  responses:
+//	    200:
+//	     description: "Health response"
+//	     content:
+//	       application/json:
+//	         schema:
+//	           $ref: "#/components/schemas/Health"
+func GetHealth(c *gin.Context) {
+	health := &Health{Alive: true}
+	c.JSON(http.StatusOK, health)
+}

mangezmieux-backend/internal/health/model.go

@@ -0,0 +1,8 @@
+package health
+
+// Health struct
+// @openapi:schema.
+type Health struct {
+	Alive   bool   `json:"alive"`
+	Version string `json:"version"`
+}

mangezmieux-backend/internal/health/setup.go

@@ -0,0 +1,15 @@
+package health
+
+import (
+	"mangezmieux-backend/internal/ginserver"
+	"mangezmieux-backend/internal/injector"
+	"net/http"
+
+	"github.com/gin-gonic/gin"
+)
+
+func Setup(inj *injector.Injector) {
+	publicRoute := injector.Get[*gin.RouterGroup](inj, ginserver.UnsecuredRouterInjectorKey)
+
+	publicRoute.Handle(http.MethodGet, "/health", GetHealth)
+}

mangezmieux-backend/internal/injector/injector.go

@@ -0,0 +1,42 @@
+package injector
+
+import "fmt"
+
+type Injector struct {
+	content map[string]any
+}
+
+func (i *Injector) Get(key string) any {
+	val, ok := i.content[key]
+	if !ok {
+		panic(fmt.Sprintf("Can't get key %s from injector", key))
+	}
+	return val
+}
+
+func (i *Injector) GetWithDefault(key string, defaultValue any) any {
+	val, ok := i.content[key]
+	if !ok {
+		return defaultValue
+	}
+	return val
+}
+
+func Get[T any](i *Injector, key string) T {
+	return i.Get(key).(T)
+}
+
+func GetWithDefault[T any](i *Injector, key string, defaultValue any) T {
+	return i.GetWithDefault(key, defaultValue).(T)
+}
+
+func (i *Injector) Set(key string, content any) {
+	if i.content == nil {
+		i.content = map[string]any{}
+	}
+
+	if _, ok := i.content[key]; ok {
+		panic(fmt.Sprintf("Key %s already have content", key))
+	}
+	i.content[key] = content
+}

mangezmieux-backend/internal/jwt/service.go

@@ -0,0 +1,78 @@
+package jwt
+
+import (
+	"mangezmieux-backend/internal/responses"
+	"time"
+
+	jwtLib "github.com/golang-jwt/jwt/v5"
+)
+
+type Service struct {
+	SecretKey string
+}
+
+func NewService() *Service {
+	return &Service{SecretKey: "hard-coded-temp"}
+}
+
+type Claims struct {
+	ID string `json:"username"`
+	jwtLib.RegisteredClaims
+}
+
+func (s *Service) ValidateToken(token string) (*Claims, error) {
+	claims := &Claims{}
+	tkn, err := jwtLib.ParseWithClaims(token, claims, func(token *jwtLib.Token) (any, error) {
+		return []byte(s.SecretKey), nil
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	if !tkn.Valid {
+		return nil, err
+	}
+
+	return claims, nil
+}
+
+func (s *Service) GenerateJWTToken(userId string) (string, error) {
+	expirationTime := time.Now().Add(10 * time.Minute)
+
+	claims := &Claims{
+		ID: userId,
+		RegisteredClaims: jwtLib.RegisteredClaims{
+			// In JWT, the expiry time is expressed as unix milliseconds
+			ExpiresAt: jwtLib.NewNumericDate(expirationTime),
+		},
+	}
+	token := jwtLib.NewWithClaims(jwtLib.SigningMethodHS256, claims)
+	// Create the JWT string
+	tokenString, err := token.SignedString([]byte(s.SecretKey))
+	if err != nil {
+		return "", &responses.ErrInternalServer
+	}
+	return tokenString, nil
+}
+
+func (s *Service) Refresh(oldToken string) (string, error) {
+	claims := &Claims{}
+	tkn, err := jwtLib.ParseWithClaims(oldToken, claims, func(token *jwtLib.Token) (any, error) {
+		return []byte(s.SecretKey), nil
+	})
+	if err != nil {
+		return "", err
+	}
+
+	if !tkn.Valid {
+		return "", err
+	}
+
+	// Now, create a new token for the current use, with a renewed expiration time
+	expirationTime := time.Now().Add(10 * time.Minute)
+	claims.ExpiresAt = jwtLib.NewNumericDate(expirationTime)
+	token := jwtLib.NewWithClaims(jwtLib.SigningMethodHS256, claims)
+	tokenString, err := token.SignedString([]byte(s.SecretKey))
+	return tokenString, nil
+
+}

mangezmieux-backend/internal/jwt/setup.go

@@ -0,0 +1,16 @@
+package jwt
+
+import (
+	"mangezmieux-backend/internal/injector"
+)
+
+const JWTKey = "JWT"
+
+func Setup(inj *injector.Injector) {
+
+	// build components
+	service := NewService()
+
+	// register provided components
+	inj.Set(JWTKey, service)
+}

mangezmieux-backend/internal/logger/logger.go

@@ -0,0 +1,74 @@
+package logger
+
+import (
+	"io"
+	"os"
+
+	"github.com/gin-gonic/gin"
+	"github.com/sirupsen/logrus"
+)
+
+const (
+	LogFormatText = "text"
+	LogFormatJSON = "json"
+
+	ContextKeyLogger = "logger"
+)
+
+var (
+	logLevel                   = logrus.DebugLevel
+	logFormat logrus.Formatter = &logrus.TextFormatter{}
+	logOut    io.Writer
+)
+
+func InitLogger(ll, lf string) {
+	logLevel = parseLogrusLevel(ll)
+	logrus.SetLevel(logLevel)
+
+	logFormat = parseLogrusFormat(lf)
+	logrus.SetFormatter(logFormat)
+
+	logOut = os.Stdout
+	logrus.SetOutput(logOut)
+}
+
+func GetLoggerFromCtx(c *gin.Context) *logrus.Entry {
+	if logger, ok := c.Get(ContextKeyLogger); ok {
+		logEntry, assertionOk := logger.(*logrus.Entry)
+		if assertionOk {
+			return logEntry
+		}
+	}
+	return logrus.NewEntry(GetLogger())
+}
+
+func GetLogger() *logrus.Logger {
+	logger := logrus.New()
+	logger.Formatter = logFormat
+	logger.Level = logLevel
+	logger.Out = logOut
+	return logger
+}
+
+func parseLogrusLevel(logLevelStr string) logrus.Level {
+	logLevel, err := logrus.ParseLevel(logLevelStr)
+	if err != nil {
+		logrus.WithError(err).Errorf("error while parsing log level. %v is set as default.", logLevel)
+		logLevel = logrus.DebugLevel
+	}
+	return logLevel
+}
+
+func parseLogrusFormat(logFormatStr string) logrus.Formatter {
+	var formatter logrus.Formatter
+	switch logFormatStr {
+	case LogFormatText:
+		formatter = &logrus.TextFormatter{ForceColors: true, FullTimestamp: true}
+	case LogFormatJSON:
+		formatter = &logrus.JSONFormatter{}
+	default:
+		logrus.Errorf("error while parsing log format. %v is set as default.", formatter)
+		formatter = &logrus.TextFormatter{ForceColors: true, FullTimestamp: true}
+	}
+	return formatter
+}

mangezmieux-backend/internal/middleware/introspect.go

@@ -0,0 +1,102 @@
+package middleware
+
+import (
+	"context"
+	"errors"
+	model2 "mangezmieux-backend/internal/acl/model"
+	"mangezmieux-backend/internal/jwt"
+	"mangezmieux-backend/internal/logger"
+	"mangezmieux-backend/internal/responses"
+	"mangezmieux-backend/internal/users/model"
+	"strings"
+
+	"github.com/gin-gonic/gin"
+)
+
+const CtxUser = "user"
+const CtxUserRight = "userRight"
+const CtxRole = "role"
+const CtxToken = "token"
+
+type IntrospectService interface {
+	Introspect(token string) (user *model.User, err error)
+	GetRole(ctx context.Context, user *model.User) (userRight *model2.UserRight, err error)
+	GetAllRole(ctx context.Context) ([]*model2.Role, error)
+}
+
+func GetAuthenticationMiddleware(introspectService IntrospectService, jwtService *jwt.Service) gin.HandlerFunc {
+
+	return func(c *gin.Context) {
+		token, err := getTokenFromGinCtx(c)
+		c.Set(CtxToken, token)
+
+		ctx := c.Request.Context()
+		ctx = context.WithValue(ctx, CtxToken, token)
+		if err != nil {
+			logger.GetLogger().WithError(err).Debug("no token found")
+			responses.JSONErrorWithMessage(c.Writer, responses.ErrBadRequestFormat, err.Error())
+			c.Abort()
+			return
+		}
+
+		_, err = jwtService.ValidateToken(token)
+		if err != nil {
+			logger.GetLogger().WithError(err).Debug("error during token validation")
+			responses.JSONErrorWithMessage(c.Writer, responses.ErrBadRequestFormat, err.Error())
+			c.Abort()
+			return
+		}
+		user, err := introspectService.Introspect(token)
+		if err != nil {
+			logger.GetLogger().WithError(err).Debug("error during introspect")
+			responses.JSONErrorWithMessage(c.Writer, responses.ErrBadRequestFormat, err.Error())
+			c.Abort()
+			return
+		}
+		c.Set(CtxUser, user)
+
+		userRight, err := introspectService.GetRole(ctx, user)
+		if err != nil {
+			logger.GetLogger().WithError(err).Debug("error during getting role for user")
+			responses.JSONErrorWithMessage(c.Writer, responses.ErrBadRequestFormat, err.Error())
+			c.Abort()
+			return
+		}
+		c.Set(CtxUserRight, userRight)
+
+		roles, err := introspectService.GetAllRole(ctx)
+		if err != nil {
+			logger.GetLogger().WithError(err).Debug("error during getting role map")
+			responses.JSONErrorWithMessage(c.Writer, responses.ErrBadRequestFormat, err.Error())
+			c.Abort()
+			return
+		}
+		c.Set(CtxRole, roles)
+
+		c.Next()
+	}
+}
+
+// getTokenFromGinCtx allow to get the access token of the request in the Authorization request header.
+// It will split the header and remove the Bearer part to extract only the token.
+func getTokenFromGinCtx(c *gin.Context) (string, error) {
+	auth := c.GetHeader("Authorization")
+	if auth != "" {
+		authSplitted := strings.SplitN(auth, " ", 2)
+		if len(authSplitted) != 2 {
+			return "", errors.New("malformed authorization header")
+		}
+
+		if strings.ToUpper(authSplitted[0]) != strings.ToUpper("Bearer") && strings.ToUpper(authSplitted[0]) != strings.ToUpper("JWT") {
+			return "", errors.New("unsupported authentication scheme")
+		}
+
+		return authSplitted[1], nil
+	}
+
+	if cookie, err := c.Cookie("token"); err == nil {
+		return cookie, nil
+	}
+
+	return "", errors.New("no token found in the request")
+}

mangezmieux-backend/internal/middleware/setup.go

@@ -0,0 +1,16 @@
+package middleware
+
+import (
+	"mangezmieux-backend/internal/injector"
+	"mangezmieux-backend/internal/jwt"
+)
+
+const AuthenticationMiddlewareKey = "AuthenticationMiddleware"
+const IntrospectServiceKey = "AuthCli"
+
+func Setup(inj *injector.Injector) {
+
+	jwtService := injector.Get[*jwt.Service](inj, jwt.JWTKey)
+	introspectService := injector.Get[IntrospectService](inj, IntrospectServiceKey)
+	inj.Set(AuthenticationMiddlewareKey, GetAuthenticationMiddleware(introspectService, jwtService))
+}

mangezmieux-backend/internal/model/metadata.go

@@ -0,0 +1,10 @@
+package model
+
+import "time"
+
+type Metadata struct {
+	CreationDate   time.Time `json:"creation_date"`
+	LastUpdateDate time.Time `json:"last_update_date"`
+	CreationUser   string    `json:"creation_user"`
+	LastUpdateUser string    `json:"last_update_user"`
+}

mangezmieux-backend/internal/postgres/database_error.go

@@ -0,0 +1,32 @@
+package postgres
+
+import (
+	"fmt"
+)
+
+type Type int
+
+const (
+	ErrTypeNotFound Type = iota
+	ErrTypeDuplicate
+	ErrTypeForeignKeyViolation
+)
+
+type Error struct {
+	Cause error
+	Type  Type
+}
+
+func NewDAOError(t Type, cause error) error {
+	return &Error{
+		Type:  t,
+		Cause: cause,
+	}
+}
+
+func (e *Error) Error() string {
+	if e.Cause != nil {
+		return fmt.Sprintf("Type %d: %s", e.Type, e.Cause.Error())
+	}
+	return fmt.Sprintf("Type %d: no cause given", e.Type)
+}

mangezmieux-backend/internal/postgres/database_postgresql.go

@@ -0,0 +1,35 @@
+package postgres
+
+import (
+	"database/sql"
+	"github.com/lib/pq"
+	"mangezmieux-backend/internal/logger"
+)
+
+const (
+	pgCodeUniqueViolation     = "23505"
+	pgCodeForeingKeyViolation = "23503"
+)
+
+func HandlePgError(e *pq.Error) error {
+	if e.Code == pgCodeUniqueViolation {
+		return NewDAOError(ErrTypeDuplicate, e)
+	}
+
+	if e.Code == pgCodeForeingKeyViolation {
+		return NewDAOError(ErrTypeForeignKeyViolation, e)
+	}
+	return e
+}
+
+func NewDatabasePostgreSQL(connectionURI string) *sql.DB {
+	db, err := sql.Open("postgres", connectionURI)
+	if err != nil {
+		logger.GetLogger().WithError(err).Fatal("Unable to get a connection to the postgres db")
+	}
+	err = db.Ping()
+	if err != nil {
+		logger.GetLogger().WithError(err).Fatal("Unable to ping the postgres db")
+	}
+	return db
+}

mangezmieux-backend/internal/postgres/setup.go

@@ -0,0 +1,11 @@
+package postgres
+
+import "mangezmieux-backend/internal/injector"
+
+const DatabaseKey = "POSTGRES"
+
+func Setup(inj *injector.Injector, connectionURI string) {
+	client := NewDatabasePostgreSQL(connectionURI)
+
+	inj.Set(DatabaseKey, client)
+}

mangezmieux-backend/internal/responses/error.go

@@ -0,0 +1,62 @@
+package responses
+
+import (
+	"fmt"
+	"net/http"
+)
+
+var (
+	ErrBadRequestFormat = APIError{
+		Type:        "bad_format",
+		HTTPCode:    http.StatusBadRequest,
+		Description: "unable to read request body, please check that the json is valid",
+	}
+	ErrDataValidation = APIError{
+		Type:        "data_validation",
+		HTTPCode:    http.StatusBadRequest,
+		Description: "the data are not valid",
+	}
+
+	ErrNotFound = APIError{
+		Type:     "not_found",
+		HTTPCode: http.StatusNotFound,
+	}
+
+	ErrAlreadyExists = APIError{
+		Type:     "already_exists",
+		HTTPCode: http.StatusConflict,
+	}
+
+	ErrUnauthorized = APIError{
+		Type:     "unauthorized",
+		HTTPCode: http.StatusUnauthorized,
+	}
+
+	ErrForbidden = APIError{
+		Type:     "forbidden",
+		HTTPCode: http.StatusForbidden,
+	}
+
+	ErrInternalServer = APIError{
+		Type:     "internal_server_error",
+		HTTPCode: http.StatusInternalServerError,
+	}
+)
+
+type APIError struct {
+	HTTPCode    int                 `json:"-"`
+	Type        string              `json:"error"`
+	Description string              `json:"errorDescription"`
+	Details     []FieldError        `json:"errorDetails,omitempty"`
+	Headers     map[string][]string `json:"-"`
+}
+
+type FieldError struct {
+	Field       string `json:"field"`
+	Constraint  string `json:"constraint"`
+	Description string `json:"description"`
+}
+
+func (e *APIError) Error() string {
+	return fmt.Sprintf("error : %d, %s, %s, %v", e.HTTPCode, e.Type, e.Description, e.Details)
+}

mangezmieux-backend/internal/responses/responses.go

@@ -0,0 +1,34 @@
+package responses
+
+import (
+	"encoding/json"
+	"mangezmieux-backend/internal/ginserver"
+	"net/http"
+)
+
+func JSON(w http.ResponseWriter, status int, data interface{}) {
+	w.Header().Set(ginserver.HeaderNameContentType, ginserver.HeaderValueApplicationJSONUTF8)
+	w.WriteHeader(status)
+	if data != nil {
+		err := json.NewEncoder(w).Encode(data)
+		if err != nil {
+			return
+		}
+	}
+}
+
+func JSONError(w http.ResponseWriter, e APIError) {
+	if e.Headers != nil {
+		for k, headers := range e.Headers {
+			for _, headerValue := range headers {
+				w.Header().Add(k, headerValue)
+			}
+		}
+	}
+	JSON(w, e.HTTPCode, e)
+}
+
+func JSONErrorWithMessage(w http.ResponseWriter, e APIError, message string) {
+	e.Description = message
+	JSONError(w, e)
+}

mangezmieux-backend/internal/users/handler.go

@@ -0,0 +1,123 @@
+package users
+
+import (
+	"errors"
+	"github.com/go-playground/validator/v10"
+	"mangezmieux-backend/internal/logger"
+	"mangezmieux-backend/internal/middleware"
+	"mangezmieux-backend/internal/responses"
+	"mangezmieux-backend/internal/users/model"
+	"mangezmieux-backend/internal/users/service"
+
+	"net/http"
+	"strings"
+
+	"github.com/gin-gonic/gin"
+	coreValidator "mangezmieux-backend/internal/validator"
+)
+
+type Handler struct {
+	Service   *service.Service
+	Validator *validator.Validate
+}
+
+func NewHandler(service *service.Service, validator *validator.Validate) *Handler {
+	return &Handler{
+		Service:   service,
+		Validator: validator,
+	}
+}
+
+func (h Handler) CreateUser(context *gin.Context) {
+	userEditable := model.UserEditable{}
+	if err := context.BindJSON(&userEditable); err != nil {
+		responses.JSONError(context.Writer, coreValidator.NewDataValidationAPIError(err))
+		return
+	}
+	user, err := h.Service.CreateUser(&userEditable)
+	if err != nil {
+		logger.GetLogger().Error(err)
+		var apiError *responses.APIError
+		if errors.As(err, &apiError) {
+			responses.JSONError(context.Writer, *apiError)
+			return
+		}
+		responses.JSONErrorWithMessage(context.Writer, responses.ErrInternalServer, err.Error())
+		return
+	}
+	responses.JSON(context.Writer, http.StatusCreated, user)
+}
+
+func (h Handler) Login(context *gin.Context) {
+	userLoginRequest := model.UserLoginRequest{}
+	if err := context.BindJSON(&userLoginRequest); err != nil {
+		responses.JSONError(context.Writer, coreValidator.NewDataValidationAPIError(err))
+		return
+	}
+	token, err := h.Service.Login(userLoginRequest)
+	if err != nil {
+		logger.GetLogger().Error(err)
+		var apiError *responses.APIError
+		if errors.As(err, &apiError) {
+			responses.JSONError(context.Writer, *apiError)
+			return
+		}
+		responses.JSONErrorWithMessage(context.Writer, responses.ErrInternalServer, err.Error())
+		return
+	}
+	context.SetCookie("token", token, 10, "/", "localhost", true, false)
+	userLoginResponse := model.UserLoginResponse{
+		AccessToken: token,
+		TokenType:   "Bearer",
+	}
+	responses.JSON(context.Writer, http.StatusOK, userLoginResponse)
+}
+
+func (h Handler) IntrospectToken(context *gin.Context) {
+	authorization := context.Request.Header.Get("Authorization")
+	splitToken := strings.Split(authorization, "Bearer ")
+	reqToken := splitToken[1]
+	user, err := h.Service.Introspect(reqToken)
+	if err != nil {
+		logger.GetLogger().Error(err)
+		var apiError *responses.APIError
+		if errors.As(err, &apiError) {
+			responses.JSONError(context.Writer, *apiError)
+			return
+		}
+		responses.JSONErrorWithMessage(context.Writer, responses.ErrInternalServer, err.Error())
+		return
+
+	}
+	responses.JSON(context.Writer, http.StatusOK, user)
+}
+
+func (h Handler) RefreshToken(context *gin.Context) {
+	authorization := context.Request.Header.Get("Authorization")
+	splitToken := strings.Split(authorization, "Bearer ")
+	reqToken := splitToken[1]
+
+	refreshedToken, err := h.Service.Refresh(reqToken)
+	if err != nil {
+		logger.GetLogger().Error(err)
+		var apiError *responses.APIError
+		if errors.As(err, &apiError) {
+			responses.JSONError(context.Writer, *apiError)
+			return
+		}
+		responses.JSONErrorWithMessage(context.Writer, responses.ErrInternalServer, err.Error())
+		return
+
+	}
+	context.SetCookie("token", refreshedToken, 10, "/", "localhost", true, false)
+}
+
+func (h Handler) GetMe(context *gin.Context) {
+	usr, exists := context.Get(middleware.CtxUser)
+	if !exists {
+		responses.JSONErrorWithMessage(context.Writer, responses.ErrInternalServer, "User not found in context")
+		return
+	}
+	responses.JSON(context.Writer, http.StatusOK, usr)
+
+}

mangezmieux-backend/internal/users/middleware.go

@@ -0,0 +1,44 @@
+package users
+
+import (
+	"context"
+	"github.com/gin-gonic/gin"
+	model2 "mangezmieux-backend/internal/acl/model"
+	"mangezmieux-backend/internal/acl/service"
+	"mangezmieux-backend/internal/jwt"
+	"mangezmieux-backend/internal/middleware"
+	"mangezmieux-backend/internal/users/model"
+	service2 "mangezmieux-backend/internal/users/service"
+)
+
+var AuthMiddleware = newMiddleware()
+
+type internalAuthMiddleware struct {
+	Service     *service2.Service
+	RoleService service.Service
+	UserService service.Service
+}
+
+func newMiddleware() *internalAuthMiddleware {
+	return &internalAuthMiddleware{}
+}
+
+func (m *internalAuthMiddleware) GinMiddleware(jwtService *jwt.Service) gin.HandlerFunc {
+	return middleware.GetAuthenticationMiddleware(m, jwtService)
+}
+
+// delegate useful for deferred binding (when the middleware is installed, GinMiddleware() is called, the service m.Service is not yet created :-( )
+// see cmd/app.go for deferred binding at the end.
+func (m *internalAuthMiddleware) Introspect(token string) (*model.User, error) {
+	return m.Service.Introspect(token)
+}
+
+// delegate useful for deferred binding (when the middleware is installed, GinMiddleware() is called, the service m.Service is not yet created :-( )
+// see cmd/app.go for deferred binding at the end.
+func (m *internalAuthMiddleware) GetRole(ctx context.Context, user *model.User) (*model2.UserRight, error) {
+	return m.RoleService.GetRoleForCurrentUser(user)
+}
+
+func (m *internalAuthMiddleware) GetAllRole(ctx context.Context) ([]*model2.Role, error) {
+	return m.RoleService.GetAllRole()
+}

mangezmieux-backend/internal/users/model/model.go

@@ -0,0 +1,31 @@
+package model
+
+import (
+	"github.com/gofrs/uuid"
+	"time"
+)
+
+type User struct {
+	ID        *uuid.UUID `json:"ID"`
+	CreatedAt time.Time  `json:"createdAt"`
+	UpdatedAt *time.Time `json:"updatedAt"`
+	UserEditable
+}
+
+type UserEditable struct {
+	Firstname string `json:"first_name" binding:"required"`
+	Lastname  string `json:"last_name" binding:"required"`
+	Email     string `json:"email" binding:"required"`
+	Password  string `json:"password" binding:"required"`
+}
+
+type UserLoginRequest struct {
+	Email    string `json:"email" binding:"required"`
+	Password string `json:"password" binding:"required"`
+}
+
+type UserLoginResponse struct {
+	AccessToken string `json:"accessToken"`
+	TokenType   string `json:"tokenType"`
+	ExpiresIn   string `json:"expiresIn"`
+}

mangezmieux-backend/internal/users/service/service.go

@@ -0,0 +1,98 @@
+package service
+
+import (
+	"mangezmieux-backend/internal/jwt"
+	"mangezmieux-backend/internal/responses"
+	"mangezmieux-backend/internal/users/model"
+	"mangezmieux-backend/internal/users/sql"
+
+	"time"
+
+	"golang.org/x/crypto/bcrypt"
+)
+
+type Service struct {
+	dao sql.Dao
+	jwt *jwt.Service
+}
+
+func NewService(dao sql.Dao, jwt *jwt.Service) *Service {
+	return &Service{dao: dao, jwt: jwt}
+}
+
+func (s *Service) CreateUser(userEditable *model.UserEditable) (*model.User, error) {
+	now := time.Now()
+	user := &model.User{
+		ID:        nil,
+		CreatedAt: now,
+		UpdatedAt: &now,
+		UserEditable: model.UserEditable{
+			Firstname: userEditable.Firstname,
+			Lastname:  userEditable.Lastname,
+			Email:     userEditable.Email,
+			Password:  userEditable.Password,
+		},
+	}
+	hashedPassword, err := bcrypt.GenerateFromPassword([]byte(userEditable.Password), 8)
+	if err != nil {
+		return nil, &responses.ErrInternalServer
+	}
+	user.Password = string(hashedPassword)
+	err = s.dao.Create(user)
+	if err != nil {
+		return nil, err
+	}
+	user.Password = ""
+	return user, nil
+}
+
+func (s *Service) Login(request model.UserLoginRequest) (string, error) {
+	user, err := s.dao.FindByMail(request.Email)
+	if err != nil {
+		return "", &responses.ErrUnauthorized
+	}
+	err = bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(request.Password))
+	if err != nil {
+		return "", &responses.ErrUnauthorized
+	}
+	return s.jwt.GenerateJWTToken(user.ID.String())
+}
+
+func (s *Service) Introspect(token string) (*model.User, error) {
+	claims, err := s.jwt.ValidateToken(token)
+	if err != nil {
+		return nil, err
+	}
+
+	usr, err := s.dao.FindByID(claims.ID)
+	if err != nil {
+		return nil, err
+	}
+
+	userModel := s.transformEntityToResponse(usr, false)
+
+	return userModel, nil
+}
+
+func (s *Service) Refresh(oldToken string) (string, error) {
+	return s.jwt.Refresh(oldToken)
+}
+
+func (s *Service) transformEntityToResponse(user *model.User, withPassword bool) *model.User {
+	password := ""
+	if withPassword {
+		password = user.Password
+	}
+
+	return &model.User{
+		ID:        user.ID,
+		CreatedAt: user.CreatedAt,
+		UpdatedAt: user.UpdatedAt,
+		UserEditable: model.UserEditable{
+			Firstname: user.Firstname,
+			Lastname:  user.Lastname,
+			Email:     user.Email,
+			Password:  password,
+		},
+	}
+}

mangezmieux-backend/internal/users/setup.go

@@ -0,0 +1,42 @@
+package users
+
+import (
+	"database/sql"
+	"mangezmieux-backend/internal/ginserver"
+	"mangezmieux-backend/internal/injector"
+	"mangezmieux-backend/internal/jwt"
+	"mangezmieux-backend/internal/postgres"
+	service2 "mangezmieux-backend/internal/users/service"
+	sql2 "mangezmieux-backend/internal/users/sql"
+	"mangezmieux-backend/internal/validator"
+
+	"net/http"
+
+	"github.com/gin-gonic/gin"
+	validatorv10 "github.com/go-playground/validator/v10"
+)
+
+const ServiceKey = "UsersService"
+
+func Setup(inj *injector.Injector) {
+	publicRoute := injector.Get[*gin.RouterGroup](inj, ginserver.UnsecuredRouterInjectorKey)
+	validatorCli := injector.Get[*validatorv10.Validate](inj, validator.ValidatorInjectorKey)
+	jwtService := injector.Get[*jwt.Service](inj, jwt.JWTKey)
+
+	client := injector.Get[*sql.DB](inj, postgres.DatabaseKey)
+	dao := sql2.NewDao(client)
+
+	service := service2.NewService(dao, jwtService)
+	handler := NewHandler(service, validatorCli)
+
+	inj.Set(ServiceKey, service)
+
+	publicRoute.Handle(http.MethodPost, "/api/v1/users", handler.CreateUser)
+	publicRoute.Handle(http.MethodPost, "/oauth2/token", handler.Login)
+	publicRoute.Handle(http.MethodPost, "/oauth2/introspect", handler.IntrospectToken)
+	publicRoute.Handle(http.MethodPost, "/oauth2/refresh", handler.RefreshToken)
+
+	securedRoute := injector.Get[*gin.RouterGroup](inj, ginserver.SecuredRouterInjectorKey)
+	securedRoute.Handle(http.MethodGet, "/users/me", handler.GetMe)
+
+}

mangezmieux-backend/internal/users/sql/dao.go

@@ -0,0 +1,11 @@
+package sql
+
+import "mangezmieux-backend/internal/users/model"
+
+type Dao interface {
+	FindByMail(mail string) (*model.User, error)
+	Create(user *model.User) error
+	Delete(mail string) error
+	FindByMailAndPassword(mail string, password string) (*model.User, error)
+	FindByID(id string) (*model.User, error)
+}

mangezmieux-backend/internal/users/sql/sql.go

@@ -0,0 +1,111 @@
+package sql
+
+import (
+	"database/sql"
+	"errors"
+	"mangezmieux-backend/internal/postgres"
+	"mangezmieux-backend/internal/users/model"
+
+	"github.com/lib/pq"
+)
+
+type SQLDao struct {
+	client *sql.DB
+}
+
+func NewDao(client *sql.DB) Dao {
+	return &SQLDao{client: client}
+}
+
+func (sqlDAO *SQLDao) FindByMailAndPassword(mail string, password string) (*model.User, error) {
+	q := `
+		SELECT u.ID, u.first_name, u.last_name, u.creation_date, u.last_update_date
+		FROM mangezmieux.user u
+		WHERE u.email = $1 AND u.password = $2
+	`
+	row := sqlDAO.client.QueryRow(q, mail, password)
+
+	u := model.User{}
+	err := row.Scan(&u.Email, &u.Firstname, &u.Lastname, &u.CreatedAt, &u.UpdatedAt)
+	var errPq *pq.Error
+	if errors.As(err, &errPq) {
+		return nil, postgres.HandlePgError(errPq)
+	}
+	if errors.Is(err, sql.ErrNoRows) {
+		return nil, postgres.NewDAOError(postgres.ErrTypeNotFound, err)
+	}
+	return &u, err
+}
+
+func (sqlDAO *SQLDao) FindByMail(mail string) (*model.User, error) {
+	q := `
+		SELECT u.ID, u.email, u.first_name, u.last_name, u.creation_date, u.last_update_date, u.password
+		FROM mangezmieux.user u
+		WHERE u.email = $1
+	`
+	row := sqlDAO.client.QueryRow(q, mail)
+
+	u := model.User{}
+	err := row.Scan(&u.ID, &u.Email, &u.Firstname, &u.Lastname, &u.CreatedAt, &u.UpdatedAt, &u.Password)
+	var errPq *pq.Error
+	if errors.As(err, &errPq) {
+		return nil, postgres.HandlePgError(errPq)
+	}
+	if errors.Is(err, sql.ErrNoRows) {
+		return nil, postgres.NewDAOError(postgres.ErrTypeNotFound, err)
+	}
+	return &u, err
+}
+
+func (sqlDAO *SQLDao) FindByID(id string) (*model.User, error) {
+	q := `
+		SELECT u.ID, u.email, u.first_name, u.last_name, u.creation_date, u.last_update_date
+		FROM mangezmieux.user u
+		WHERE u.id = $1
+	`
+	row := sqlDAO.client.QueryRow(q, id)
+
+	u := model.User{}
+	err := row.Scan(&u.ID, &u.Email, &u.Firstname, &u.Lastname, &u.CreatedAt, &u.UpdatedAt)
+	var errPq *pq.Error
+	if errors.As(err, &errPq) {
+		return nil, postgres.HandlePgError(errPq)
+	}
+	if errors.Is(err, sql.ErrNoRows) {
+		return nil, postgres.NewDAOError(postgres.ErrTypeNotFound, err)
+	}
+	return &u, err
+}
+
+func (sqlDAO *SQLDao) Create(user *model.User) error {
+	q := `
+		INSERT INTO mangezmieux.user 
+			(email, password, first_name, last_name, creation_date, last_update_date)
+		VALUES
+			($1, $2, $3, $4, $5, $6)
+		RETURNING id, creation_date
+	`
+
+	err := sqlDAO.client.
+		QueryRow(q, user.Email, user.Password, user.Firstname, user.Lastname, user.CreatedAt, user.UpdatedAt).
+		Scan(&user.ID, &user.CreatedAt)
+	var errPq *pq.Error
+	if errors.As(err, &errPq) {
+		return postgres.HandlePgError(errPq)
+	}
+	return err
+}
+
+func (sqlDAO *SQLDao) Delete(id string) error {
+	q := `
+		DELETE FROM mangezmieux.user
+		WHERE id = $1
+	`
+
+	_, err := sqlDAO.client.Exec(q, id)
+	var errPq *pq.Error
+	if errors.As(err, &errPq) {
+		return postgres.HandlePgError(errPq)
+	}
+	return err
+}

mangezmieux-backend/internal/validator/error.go

@@ -0,0 +1,51 @@
+package validator
+
+import (
+	"errors"
+	"fmt"
+	"mangezmieux-backend/internal/logger"
+	"mangezmieux-backend/internal/responses"
+	"regexp"
+	"strings"
+
+	validatorLib "github.com/go-playground/validator/v10"
+)
+
+var regexpValidatorNamespacePrefix = regexp.MustCompile(`^\w+\.`)
+
+func NewDataValidationAPIError(err error) responses.APIError {
+	apiErr := responses.ErrDataValidation
+	if err != nil {
+		var invalidValidationErrror *validatorLib.InvalidValidationError
+		if errors.As(err, &invalidValidationErrror) {
+			logger.GetLogger().WithError(invalidValidationErrror).WithField("templateAPIErr", apiErr).Error("InvalidValidationError")
+		} else {
+			var validationErrors validatorLib.ValidationErrors
+			if errors.As(err, &validationErrors) {
+				for _, e := range validationErrors {
+					reason := e.Tag()
+					if _, ok := CustomValidators[e.Tag()]; ok {
+						reason = truncatingSprintf(CustomValidators[e.Tag()].Message, e.Param())
+					}
+
+					namespaceWithoutStructName := regexpValidatorNamespacePrefix.ReplaceAllString(e.Namespace(), "")
+					fe := responses.FieldError{
+						Field:       namespaceWithoutStructName,
+						Constraint:  e.Tag(),
+						Description: reason,
+					}
+					apiErr.Details = append(apiErr.Details, fe)
+				}
+			} else {
+				apiErr.Description = err.Error()
+			}
+		}
+	}
+	return apiErr
+}
+
+// truncatingSprintf is used as fmt.Sprintf but allow to truncate the additional parameters given when there is more parameters than %v in str.
+func truncatingSprintf(str string, args ...interface{}) string {
+	n := strings.Count(str, "%v")
+	return fmt.Sprintf(str, args[:n]...)
+}

mangezmieux-backend/internal/validator/setup.go

@@ -0,0 +1,9 @@
+package validator
+
+import "mangezmieux-backend/internal/injector"
+
+const ValidatorInjectorKey = "VALIDATOR"
+
+func Setup(inj *injector.Injector) {
+	inj.Set(ValidatorInjectorKey, newValidator())
+}

mangezmieux-backend/internal/validator/validator.go

@@ -0,0 +1,56 @@
+package validator
+
+import (
+	"context"
+	"reflect"
+	"strings"
+
+	validatorLib "github.com/go-playground/validator/v10"
+)
+
+var CustomValidators = map[string]customValidator{
+	"enum": {
+		Message:   "This field should be in: %v",
+		Validator: validateEnum,
+	},
+	"required": {
+		Message: "This field is required and cannot be empty",
+	},
+}
+
+type customValidator struct {
+	Message   string
+	Validator validatorLib.FuncCtx
+}
+
+func validateEnum(ctx context.Context, fl validatorLib.FieldLevel) bool {
+	for _, v := range strings.Split(fl.Param(), " ") {
+		if v == fl.Field().String() {
+			return true
+		}
+	}
+	return false
+}
+
+func newValidator() *validatorLib.Validate {
+	va := validatorLib.New()
+
+	va.RegisterTagNameFunc(func(fld reflect.StructField) string {
+		name := strings.SplitN(fld.Tag.Get("json"), ",", 2)
+		if len(name) < 1 {
+			return ""
+		}
+		return name[0]
+	})
+
+	for k, v := range CustomValidators {
+		if v.Validator != nil {
+			err := va.RegisterValidationCtx(k, v.Validator)
+			if err != nil {
+				return nil
+			}
+		}
+	}
+
+	return va
+}