sergicanet9
commented
2 years ago Hi Onur, thanks for your comment.
I didn't add the authentication to the core layer as, in my humble opinion, this is not part of the business of the app (which in this case is managing users). So it's the API responsability to decide if a call it's authorized to be performed or not. The approach that I followed was adding a middleware to the endpoints that I want to be protected, so I easily reuse the same code.
Regarding the second question, the tokens are generating during the login, (see this function please: https://github.com/sergicanet9/go-hexagonal-api/blob/e9b3787508752291e05f38ba1bf82b76b5e02c53/core/services/user.go#L211). Tokens not only allow users to be authenticated, but also includes the claims of the user so that we can also control authorization (for example, delete requests can only be performed but users with claim "admin").
I hope that my answers are helpful for you. Best regards, Sergi
[https://opengraph.githubassets.com/f00c5d6ecb9ae909bb4295ead77211f7985822b0e088ef0fe5db517e11a7f251/sergicanet9/go-hexagonal-api]https://github.com/sergicanet9/go-hexagonal-api/blob/e9b3787508752291e05f38ba1bf82b76b5e02c53/core/services/user.go#L211 go-hexagonal-api/user.go at e9b3787508752291e05f38ba1bf82b76b5e02c53 · sergicanet9/go-hexagonal-apihttps://github.com/sergicanet9/go-hexagonal-api/blob/e9b3787508752291e05f38ba1bf82b76b5e02c53/core/services/user.go#L211 REST API implementing Hexagonal Architecture (Ports & Adapters) making use of own scv-go-tools package. - go-hexagonal-api/user.go at e9b3787508752291e05f38ba1bf82b76b5e02c53 · sergicanet9/go-h... github.com
De: Onur Hüseyin Çantay @.> Enviado: lunes, 8 de agosto de 2022 12:20 Para: sergicanet9/go-hexagonal-api @.> Cc: Subscribed @.***> Asunto: [sergicanet9/go-hexagonal-api] Good Work! (Issue #1)
Hello Sergi, I am a Software Engineer focused on iOS in general. I recently started making use of Golang for my private projects because of several reasons. I am mostly focused on modularisation and testability and due to the unknown of my project regarding database selection and what kind of API it will evolve to (REST / gRPC) or what DB (mongo, sql or maybe even GraphQL) I made some research on Hexagonal Architecture and seemed a very organised way of structuring code together with Golang.
due to the tag hexagonalArhttps://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Ftopics%2Fhexagonal-architecture&data=05%7C01%7C%7C0d2d089713254c7c68a908da79279051%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637955508072062185%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=gyD2M3mjfJiOoS7%2Fa5qVLPyaRXmjZPgICwpP%2F6MteK8%3D&reserved=0 I was able to find your repo and saw that you are a very experienced Golang Developer it is kind of educative for me to have a reference who didn't do much backend so thanks for that.
so my question is about your authentication layer I was thinking of the authentication also as a core layer and expose it to the application layer through the AppPort to the driving adapters. I also couldn't see how you generate the tokens would be nice if you can guide me on this path :)
Kind Regards. Onur
— Reply to this email directly, view it on GitHubhttps://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fsergicanet9%2Fgo-hexagonal-api%2Fissues%2F1&data=05%7C01%7C%7C0d2d089713254c7c68a908da79279051%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637955508072062185%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=Ih3kTJPNNrSr6KgiR2CFW7fjuD6GJ0PMMvvie1rpdzI%3D&reserved=0, or unsubscribehttps://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAGH6L7QJH2G5UVLZ3VB6KCDVYDNNLANCNFSM554SI5ZQ&data=05%7C01%7C%7C0d2d089713254c7c68a908da79279051%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637955508072218420%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=CwgRWrH35PqzET8Nq0SyclC2ehXKr%2BcUMoBwzcfsLXU%3D&reserved=0. You are receiving this because you are subscribed to this thread.Message ID: @.***>
onurhuseyincantay
Hello Sergi, I am a Software Engineer focused on iOS in general. I recently started making use of Golang for my private projects because of several reasons. I am mostly focused on modularisation and testability and due to the unknown of my project regarding database selection and what kind of API it will evolve to (REST / gRPC) or what DB (mongo, sql or maybe even GraphQL) I made some research on Hexagonal Architecture and seemed a very organised way of structuring code together with Golang.
due to the tag hexagonalAr I was able to find your repo and saw that you are a very experienced Golang Developer it is kind of educative for me to have a reference who didn't do much backend so thanks for that.
so my question is about your authentication layer I was thinking of the authentication also as a core layer and expose it to the application layer through the AppPort to the driving adapters. I also couldn't see how you generate the tokens would be nice if you can guide me on this path :)
Kind Regards. Onur