feat: Add authentication and personal user endpoint (#29)

* feat: Add authentication and personal user endpoint This contribution adds a lot of scaffolding for the database fake and testability of coderd. A new endpoint "/user" is added to return the currently authenticated user to the requester. * Use TestMain to catch leak instead * Add userpassword package * Add WIP * Add user auth * Fix test * Add comments * Fix login response * Fix order * Fix generated code * Update httpapi/httpapi.go Co-authored-by: Bryan <bryan@coder.com> Co-authored-by: Bryan <bryan@coder.com>
2025-07-01 16:07:26 +00:00 · 2022-01-20 07:46:51 -06:00
parent 36b7b20e2a
commit 6a919aea79
39 changed files with 2232 additions and 61 deletions
--- a/coderd/coderd.go
+++ b/coderd/coderd.go
@ -3,11 +3,13 @@ package coderd
 import (
 	"net/http"

+	"github.com/go-chi/chi"
+
 	"cdr.dev/slog"
 	"github.com/coder/coder/database"
+	"github.com/coder/coder/httpapi"
+	"github.com/coder/coder/httpmw"
 	"github.com/coder/coder/site"
-	"github.com/go-chi/chi"
-	"github.com/go-chi/render"
 )

 // Options are requires parameters for Coder to start.
@ -18,15 +20,27 @@ type Options struct {

 // New constructs the Coder API into an HTTP handler.
 func New(options *Options) http.Handler {
+	users := &users{
+		Database: options.Database,
+	}
+
 	r := chi.NewRouter()
 	r.Route("/api/v2", func(r chi.Router) {
 		r.Get("/", func(w http.ResponseWriter, r *http.Request) {
-			render.JSON(w, r, struct {
-				Message string `json:"message"`
-			}{
+			httpapi.Write(w, http.StatusOK, httpapi.Response{
 				Message: "👋",
 			})
 		})
+		r.Post("/user", users.createInitialUser)
+		r.Post("/login", users.loginWithPassword)
+		// Require an API key and authenticated user for this group.
+		r.Group(func(r chi.Router) {
+			r.Use(
+				httpmw.ExtractAPIKey(options.Database, nil),
+				httpmw.ExtractUser(options.Database),
+			)
+			r.Get("/user", users.getAuthenticatedUser)
+		})
 	})
 	r.NotFound(site.Handler().ServeHTTP)
 	return r