A modern workout diary API built with Go, featuring user authentication, JWT tokens, and comprehensive testing.
- User Authentication: JWT-based authentication with access and refresh tokens
- User Profile Management: Complete user profile with theme preferences
- Theme Support: Light/Dark theme selection for users
- Password Security: bcrypt password hashing with strong validation
- Database Integration: PostgreSQL with automatic migrations
- Clean Architecture: Separation of concerns with services and repositories
- Comprehensive Testing: Unit tests with race detection
- API Documentation: OpenAPI/Swagger documentation
- Containerization: Docker and Docker Compose support
- Structured Logging: JSON/text logging with configurable levels
- Graceful Shutdown: Proper server lifecycle management
- Go 1.22+
- PostgreSQL 15+
- Docker & Docker Compose (optional)
- Make (optional, for convenience commands)
-
Clone the repository
git clone <repository-url> cd strive-api
-
Install dependencies
go mod download
-
Set up environment variables
cp env.example .env # Edit .env with your configuration # Important: Set a strong JWT_SECRET for production!
-
Start PostgreSQL
make db-up
-
Run the application
make run-dev
- Clone and start
git clone <repository-url> cd strive-api docker compose up --build
The application uses environment variables for configuration. Copy env.example to .env and customize:
PORT=8080
LOG_LEVEL=INFO
LOG_FORMAT=json
DB_HOST=localhost
DB_PORT=5432
DB_USER=postgres
DB_PASSWORD=password
DB_NAME=strive
DB_SSL_MODE=disable
JWT_SECRET=your-secret-key-change-in-productionOnce the server is running, visit:
- Swagger UI: http://localhost:8080/swagger/
- OpenAPI JSON: http://localhost:8080/swagger/doc.json
GET /health- Health checkPOST /api/v1/auth/register- User registrationPOST /api/v1/auth/login- User loginPOST /api/v1/auth/refresh- Refresh access tokenPOST /api/v1/auth/logout- User logout
GET /api/v1/user/me- Get user profile (includes theme)PUT /api/v1/user/theme- Update user theme preference
Register a new user:
curl -X POST http://localhost:8080/api/v1/auth/register \
-H "Content-Type: application/json" \
-d '{
"email": "user@example.com",
"password": "password123"
}'Login:
curl -X POST http://localhost:8080/api/v1/auth/login \
-H "Content-Type: application/json" \
-d '{
"email": "user@example.com",
"password": "password123"
}'Get user profile:
curl -X GET http://localhost:8080/api/v1/user/me \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Update user theme:
curl -X PUT http://localhost:8080/api/v1/user/theme \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{"theme":"dark"}'Run the test suite:
# Run all tests
make test
# Run unit tests only
make test-unit
# Run tests with coverage report
make test-coverage
# Run specific test package
go test ./internal/services -v
go test ./internal/http -v# Build and start all services
docker compose up --build
# Start only database
docker compose up postgres
# Stop all services
docker compose down
# Reset database
docker compose down -v
docker compose up postgres# Format code
make format
# Run linter
make lint
# Build binary
make build
# Run with development settings
make run-dev
# Start database
make db-up
# Stop database
make db-down
# Reset database
make db-resetstrive-api/
βββ cmd/server/ # Application entry point
βββ internal/
β βββ config/ # Configuration management
β βββ database/ # Database connection and health
β βββ http/ # HTTP handlers and middleware
β β βββ auth_handlers.go # Authentication endpoints
β β βββ user_handlers.go # User profile and theme endpoints
β β βββ middleware.go # Security and logging middleware
β β βββ ...
β βββ logger/ # Structured logging
β βββ migrate/ # Database migrations
β βββ models/ # Data models (User, Theme, etc.)
β βββ repositories/ # Data access layer
β βββ services/ # Business logic
β β βββ auth_service.go # Authentication logic
β β βββ user_service.go # User profile and theme logic
β β βββ ...
β βββ validation/ # Input validation
βββ docs/ # Generated API documentation
βββ migrations/ # Database migration files
βββ docker-compose.yml # Docker Compose configuration
βββ Dockerfile # Docker image definition
βββ Makefile # Development commands
βββ README.md # This file
- Password Hashing: bcrypt with configurable cost
- JWT Tokens: HMAC SHA256 signed tokens
- Token Expiration: Access tokens (15 min), Refresh tokens (7 days)
- Input Validation: Request validation and sanitization
- Graceful Error Handling: No sensitive data leakage
- HTTP Handlers: 73% coverage
- Services: 72.5% coverage
- Total Tests: 17 unit tests
- Test Types: AuthService, HTTP handlers, middleware
- Set production environment variables
- Build Docker image
docker build -t strive-api . - Run with production database
docker run -d \ -p 8080:8080 \ -e DB_HOST=your-db-host \ -e JWT_SECRET=your-production-secret \ strive-api
PORT=8080
LOG_LEVEL=INFO
LOG_FORMAT=json
DB_HOST=your-postgres-host
DB_PORT=5432
DB_USER=your-db-user
DB_PASSWORD=your-secure-password
DB_NAME=strive
DB_SSL_MODE=require
JWT_SECRET=your-very-secure-jwt-secret
JWT_ISSUER=strive-api
JWT_AUDIENCE=strive-app
JWT_CLOCK_SKEW=2m- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
This project is licensed under the MIT License - see the LICENSE file for details.
For support, email support@example.com or create an issue in the repository.
- Integration tests with testcontainers
- Rate limiting
- Metrics and monitoring (Prometheus)
- CI/CD pipeline
- Additional business logic (exercises, workouts, sets)
- File upload support
- Email notifications