FEAT[DXTA-302]: Add team creation api endpoint, add JWT verification (#672)

* FEAT[DXTA-302]: Add team creation api endpoint, add JWT verification

* chore: Switch to internal-api dir

* feat: move tenant related migrations

* feat: add create and add member to team. Refine tenant db schema

* feat: Add custom JWT authenticator

* refactor: Auth utils refactor

* refactor: Add internal api dir inside internals

* chore: Add comment about task

---------

Co-authored-by: David Abram <david@crocoder.dev>

Author: stefanskoricdev

cmd/internal-api/main.go

@@ -9,8 +9,11 @@ import (
 	"os/signal"
 	"time"
 
+	"github.com/dxta-dev/app/internal/internal_api/handler"
+	"github.com/dxta-dev/app/internal/util"
 	"github.com/go-chi/chi/v5"
 	"github.com/go-chi/chi/v5/middleware"
+	"github.com/go-chi/jwtauth/v5"
 
 	"go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp"
 	instrruntime "go.opentelemetry.io/contrib/instrumentation/runtime"
@@ -85,8 +88,6 @@ func main() {
 
 	r.Use(middleware.Compress(5, "gzip"))
 
-	// TODO: add auth middleware
-
 	if isEndpointProvided {
 		r.Use(func(next http.Handler) http.Handler {
 			return otelhttp.NewHandler(next, "dxta-app")
@@ -111,8 +112,24 @@ func main() {
 		srv.IdleTimeout = 30 * time.Second
 	}
 
-	// TODO: add handlers
-	// r.Get("/path/{var}", handler.SomeHandler)
+	r.Route("/tenant", func(r chi.Router) {
+		if os.Getenv("ENABLE_JWT_AUTH") == "true" {
+			pubKey, _ := util.GetRawPublicKey()
+
+			tokenAuth := util.CreateAuthVerifier(pubKey)
+
+			r.Use(jwtauth.Verifier(tokenAuth))
+			r.Use(util.Authenticator())
+		}
+
+		// TO-DO Add middleware if we don't authenticate with JWT
+		// https://app.plane.so/crocoder/browse/DXTA-307/
+
+		r.Post("/teams", handler.CreateTeam)
+		r.Post("/teams/{team_id}/members/{member_id}", handler.AddMemberToTeam)
+		r.Post("/members", handler.CreateMember)
+	})
+
 	r.Get("/health", func(w http.ResponseWriter, r *http.Request) {
 		w.Write([]byte(`OK`))
 	})

db/migrations/organizations_tenant_map/migrations/1749139210_organizations_tenant.up.sql

@@ -0,0 +1,17 @@
+CREATE TABLE IF NOT EXISTS "tenants" (
+    "id" INTEGER PRIMARY KEY NOT NULL,
+    "organization_id" TEXT NOT NULL UNIQUE,
+    "db_url" TEXT NOT NULL,
+    "deleted_at" DATETIME,
+    "created_at" DATETIME NOT NULL DEFAULT (datetime('now')),
+    "updated_at" DATETIME NOT NULL DEFAULT (datetime('now'))
+);
+
+CREATE TRIGGER "tenants_updated_at"
+AFTER UPDATE ON "tenants" 
+FOR EACH ROW 
+BEGIN
+UPDATE "tenants"
+SET updated_at = datetime('now')
+WHERE id = OLD.id;
+END;

db/migrations/organizations_tenant_map/migrations/1749574723_alter_deleted_at_column.up.sql

@@ -0,0 +1 @@
+ALTER TABLE tenants ALTER COLUMN deleted_at TO deleted_at DATETIME DEFAULT NULL;

db/migrations/organizations_tenant_map/migrations/1750179323_add_name_and_domain_colum.up.sql

@@ -0,0 +1,2 @@
+ALTER TABLE tenants ADD name TEXT NOT NULL DEFAULT '';
+ALTER TABLE tenants ADD domain TEXT NOT NULL DEFAULT '';

db/migrations/organizations_tenant_map/migrations/schema.sql

@@ -0,0 +1,10 @@
+
+--
+-- LibSQL SQL Schema dump automatic generated by geni
+--
+
+CREATE TABLE schema_migrations (id VARCHAR(255) NOT NULL PRIMARY KEY);
+CREATE TABLE "tenants" ("id" INTEGER PRIMARY KEY NOT NULL, "organization_id" TEXT NOT NULL UNIQUE, "db_url" TEXT NOT NULL, deleted_at DATETIME DEFAULT NULL, "created_at" DATETIME NOT NULL DEFAULT (datetime ('now')), "updated_at" DATETIME NOT NULL DEFAULT (datetime ('now')), name TEXT NOT NULL DEFAULT '', domain TEXT NOT NULL DEFAULT '');
+CREATE TRIGGER "tenants_updated_at" AFTER UPDATE ON "tenants" FOR EACH ROW BEGIN
+UPDATE "tenants" SET updated_at = datetime ('now') WHERE id = OLD.id;
+END;

db/migrations/tenant/migrations/1750420632_init.down.sql

@@ -0,0 +1,18 @@
+DROP TRIGGER IF EXISTS "settings_set_updated_at";
+DROP TRIGGER IF EXISTS "organizations_set_updated_at";
+DROP TRIGGER IF EXISTS "teams_set_updated_at";
+DROP TRIGGER IF EXISTS "members_set_updated_at";
+DROP TRIGGER IF EXISTS "github_organizations_set_updated_at";
+DROP TRIGGER IF EXISTS "github_members_set_updated_at";
+DROP TRIGGER IF EXISTS "github_teams_set_updated_at";
+
+DROP TABLE IF EXISTS "settings";
+DROP TABLE IF EXISTS "organizations";
+DROP TABLE IF EXISTS "teams";
+DROP TABLE IF EXISTS "members";
+DROP TABLE IF EXISTS "teams_members";
+DROP TABLE IF EXISTS "github_organizations";
+DROP TABLE IF EXISTS "organizations__github_organizations";
+DROP TABLE IF EXISTS "github_members";
+DROP TABLE IF EXISTS "github_teams";
+DROP TABLE IF EXISTS "github_teams__github_members";

db/migrations/tenant/migrations/1750420632_init.up.sql

@@ -0,0 +1,164 @@
+CREATE TABLE "settings" (
+    "id" INTEGER PRIMARY KEY NOT NULL,
+    "tenant_name" TEXT NOT NULL,
+    "tenant_domain" TEXT NOT NULL,
+    "created_at" DATETIME NOT NULL DEFAULT (datetime('now')),
+    "updated_at" DATETIME NOT NULL DEFAULT (datetime('now'))
+);
+
+-- References to DXTA organizations
+CREATE TABLE "organizations" (
+    "id" INTEGER PRIMARY KEY NOT NULL,
+    "name" TEXT NOT NULL,
+    "auth_id" TEXT DEFAULT NULL, -- From Better Auth
+    "created_at" DATETIME NOT NULL DEFAULT (datetime('now')),
+    "updated_at" DATETIME NOT NULL DEFAULT (datetime('now')),
+    "deleted_at" DATETIME DEFAULT NULL
+);
+
+-- References to DXTA teams
+CREATE TABLE "teams" (
+    "id" INTEGER PRIMARY KEY NOT NULL,
+    "name" TEXT NOT NULL,
+    "organization_id" INTEGER NOT NULL,
+    "created_at" DATETIME NOT NULL DEFAULT (datetime('now')),
+    "updated_at" DATETIME NOT NULL DEFAULT (datetime('now')),
+    "deleted_at" DATETIME DEFAULT NULL,
+    FOREIGN KEY ("organization_id") references "organizations" ("id")
+);
+
+CREATE TABLE "members" (
+    "id" INTEGER PRIMARY KEY NOT NULL,
+    "name" TEXT NOT NULL,
+    "email" TEXT DEFAULT NULL,
+    "created_at" DATETIME NOT NULL DEFAULT (datetime('now')),
+    "updated_at" DATETIME NOT NULL DEFAULT (datetime('now')),
+    "deleted_at" DATETIME DEFAULT NULL
+);
+
+CREATE TABLE "teams__members" (
+    "team_id" INTEGER NOT NULL,
+    "member_id" INTEGER NOT NULL,
+    "created_at" DATETIME NOT NULL DEFAULT (datetime('now')),
+    PRIMARY KEY ("team_id", "member_id"),
+    FOREIGN KEY ("team_id") REFERENCES "teams" ("id"), 
+    FOREIGN KEY ("member_id") REFERENCES "members" ("id") 
+);
+
+---------------------------------- Github ----------------------------------
+
+CREATE TABLE "github_organizations" (
+    "id" INTEGER PRIMARY KEY NOT NULL,
+    "external_id" INTEGER NOT NULL,
+    "name" TEXT NOT NULL,
+    "github_app_installation_id" INTEGER NOT NULL,
+    "created_at" DATETIME NOT NULL DEFAULT (datetime('now')),
+    "updated_at" DATETIME NOT NULL DEFAULT (datetime('now')),
+    "deleted_at" DATETIME DEFAULT NULL
+);
+
+-- DXTA organizations to github organizations
+CREATE TABLE "organizations__github_organizations" (
+	  "organization_id" INTEGER NOT NULL,
+	  "github_organization_id" INTEGER NOT NULL,
+    "created_at" DATETIME NOT NULL DEFAULT (datetime('now')),
+	   PRIMARY KEY ("organization_id", "github_organization_id"),
+    FOREIGN KEY ("organization_id") REFERENCES "organizations" ("id"),
+    FOREIGN KEY ("github_organization_id") REFERENCES "github_organizations" ("id")
+);
+
+CREATE TABLE "github_members" (
+    "id" INTEGER PRIMARY KEY NOT NULL,
+    "external_id" INTEGER NOT NULL,
+    "username" TEXT NOT NULL,
+    "email" TEXT DEFAULT NULL,
+    "member_id" INTEGER NULL,
+    "created_at" DATETIME NOT NULL DEFAULT (datetime('now')),
+    "updated_at" DATETIME NOT NULL DEFAULT (datetime('now')),
+    "deleted_at" DATETIME DEFAULT NULL,
+    FOREIGN KEY ("member_id") REFERENCES "members" ("id")
+);
+
+CREATE TABLE "github_teams" (
+    "id" INTEGER PRIMARY KEY NOT NULL,
+    "external_id" INTEGER NOT NULL,
+    "name" TEXT NOT NULL,
+    "github_organization_id" INTEGER NOT NULL,
+    "created_at" DATETIME NOT NULL DEFAULT (datetime('now')),
+    "updated_at" DATETIME NOT NULL DEFAULT (datetime('now')),
+    "deleted_at" DATETIME DEFAULT NULL,
+    FOREIGN KEY ("github_organization_id") references "github_organizations" ("id")
+);
+
+CREATE TABLE "github_teams__github_members" (
+    "github_team_id" INTEGER NOT NULL,
+    "github_member_id" INTEGER NOT NULL,
+    PRIMARY KEY ("github_team_id", "github_member_id"),
+    FOREIGN KEY ("github_team_id") REFERENCES "github_teams" ("id"),
+    FOREIGN KEY ("github_member_id") REFERENCES "github_members" ("id")
+);
+
+---------------------------------- Last updated at triggers ----------------------------------
+
+CREATE TRIGGER "settings_set_updated_at"
+AFTER UPDATE ON "settings"
+FOR EACH ROW
+BEGIN
+  UPDATE "settings" 
+  SET updated_at = datetime('now')
+  WHERE id = OLD.id;
+END;
+
+CREATE TRIGGER "organizations_set_updated_at"
+AFTER UPDATE ON "organizations"
+FOR EACH ROW
+BEGIN
+  UPDATE "organizations" 
+  SET updated_at = datetime('now')
+  WHERE id = OLD.id;
+END;
+
+CREATE TRIGGER "teams_set_updated_at"
+AFTER UPDATE ON "teams"
+FOR EACH ROW
+BEGIN
+  UPDATE "teams" 
+  SET updated_at = datetime('now')
+  WHERE id = OLD.id;
+END;
+
+CREATE TRIGGER "members_set_updated_at"
+AFTER UPDATE ON "members"
+FOR EACH ROW
+BEGIN
+  UPDATE "members" 
+  SET updated_at = datetime('now')
+  WHERE id = OLD.id;
+END;
+
+CREATE TRIGGER "github_organizations_set_updated_at"
+AFTER UPDATE ON "github_organizations"
+FOR EACH ROW
+BEGIN
+  UPDATE "github_organizations" 
+  SET updated_at = datetime('now')
+  WHERE id = OLD.id;
+END;
+
+CREATE TRIGGER "github_members_set_updated_at"
+AFTER UPDATE ON "github_members"
+FOR EACH ROW
+BEGIN
+  UPDATE "github_members" 
+  SET updated_at = datetime('now')
+  WHERE id = OLD.id;
+END;
+
+CREATE TRIGGER "github_teams_set_updated_at"
+AFTER UPDATE ON "github_teams"
+FOR EACH ROW
+BEGIN
+  UPDATE "github_teams" 
+  SET updated_at = datetime('now')
+  WHERE id = OLD.id;
+END;

db/migrations/tenant/migrations/schema.sql

@@ -0,0 +1,37 @@
+
+--
+-- LibSQL SQL Schema dump automatic generated by geni
+--
+
+CREATE TABLE schema_migrations (id VARCHAR(255) NOT NULL PRIMARY KEY);
+CREATE TABLE "settings" ("id" INTEGER PRIMARY KEY NOT NULL, "tenant_name" TEXT NOT NULL, "tenant_domain" TEXT NOT NULL, "created_at" DATETIME NOT NULL DEFAULT (datetime ('now')), "updated_at" DATETIME NOT NULL DEFAULT (datetime ('now')));
+CREATE TABLE "organizations" ("id" INTEGER PRIMARY KEY NOT NULL, "name" TEXT NOT NULL, "auth_id" TEXT DEFAULT NULL, "created_at" DATETIME NOT NULL DEFAULT (datetime ('now')), "updated_at" DATETIME NOT NULL DEFAULT (datetime ('now')), "deleted_at" DATETIME DEFAULT NULL);
+CREATE TABLE "teams" ("id" INTEGER PRIMARY KEY NOT NULL, "name" TEXT NOT NULL, "organization_id" INTEGER NOT NULL, "created_at" DATETIME NOT NULL DEFAULT (datetime ('now')), "updated_at" DATETIME NOT NULL DEFAULT (datetime ('now')), "deleted_at" DATETIME DEFAULT NULL, FOREIGN KEY ("organization_id") REFERENCES "organizations" ("id"));
+CREATE TABLE "members" ("id" INTEGER PRIMARY KEY NOT NULL, "name" TEXT NOT NULL, "email" TEXT DEFAULT NULL, "created_at" DATETIME NOT NULL DEFAULT (datetime ('now')), "updated_at" DATETIME NOT NULL DEFAULT (datetime ('now')), "deleted_at" DATETIME DEFAULT NULL);
+CREATE TABLE "teams__members" ("team_id" INTEGER NOT NULL, "member_id" INTEGER NOT NULL, "created_at" DATETIME NOT NULL DEFAULT (datetime ('now')), PRIMARY KEY ("team_id", "member_id"), FOREIGN KEY ("team_id") REFERENCES "teams" ("id"), FOREIGN KEY ("member_id") REFERENCES "members" ("id"));
+CREATE TABLE "github_organizations" ("id" INTEGER PRIMARY KEY NOT NULL, "external_id" INTEGER NOT NULL, "name" TEXT NOT NULL, "github_app_installation_id" INTEGER NOT NULL, "created_at" DATETIME NOT NULL DEFAULT (datetime ('now')), "updated_at" DATETIME NOT NULL DEFAULT (datetime ('now')), "deleted_at" DATETIME DEFAULT NULL);
+CREATE TABLE "organizations__github_organizations" ("organization_id" INTEGER NOT NULL, "github_organization_id" INTEGER NOT NULL, "created_at" DATETIME NOT NULL DEFAULT (datetime ('now')), PRIMARY KEY ("organization_id", "github_organization_id"), FOREIGN KEY ("organization_id") REFERENCES "organizations" ("id"), FOREIGN KEY ("github_organization_id") REFERENCES "github_organizations" ("id"));
+CREATE TABLE "github_members" ("id" INTEGER PRIMARY KEY NOT NULL, "external_id" INTEGER NOT NULL, "username" TEXT NOT NULL, "email" TEXT DEFAULT NULL, "member_id" INTEGER NULL, "created_at" DATETIME NOT NULL DEFAULT (datetime ('now')), "updated_at" DATETIME NOT NULL DEFAULT (datetime ('now')), "deleted_at" DATETIME DEFAULT NULL, FOREIGN KEY ("member_id") REFERENCES "members" ("id"));
+CREATE TABLE "github_teams" ("id" INTEGER PRIMARY KEY NOT NULL, "external_id" INTEGER NOT NULL, "name" TEXT NOT NULL, "github_organization_id" INTEGER NOT NULL, "created_at" DATETIME NOT NULL DEFAULT (datetime ('now')), "updated_at" DATETIME NOT NULL DEFAULT (datetime ('now')), "deleted_at" DATETIME DEFAULT NULL, FOREIGN KEY ("github_organization_id") REFERENCES "github_organizations" ("id"));
+CREATE TABLE "github_teams__github_members" ("github_team_id" INTEGER NOT NULL, "github_member_id" INTEGER NOT NULL, PRIMARY KEY ("github_team_id", "github_member_id"), FOREIGN KEY ("github_team_id") REFERENCES "github_teams" ("id"), FOREIGN KEY ("github_member_id") REFERENCES "github_members" ("id"));
+CREATE TRIGGER "settings_set_updated_at" AFTER UPDATE ON "settings" FOR EACH ROW BEGIN
+UPDATE "settings" SET updated_at = datetime ('now') WHERE id = OLD.id;
+END;
+CREATE TRIGGER "organizations_set_updated_at" AFTER UPDATE ON "organizations" FOR EACH ROW BEGIN
+UPDATE "organizations" SET updated_at = datetime ('now') WHERE id = OLD.id;
+END;
+CREATE TRIGGER "teams_set_updated_at" AFTER UPDATE ON "teams" FOR EACH ROW BEGIN
+UPDATE "teams" SET updated_at = datetime ('now') WHERE id = OLD.id;
+END;
+CREATE TRIGGER "members_set_updated_at" AFTER UPDATE ON "members" FOR EACH ROW BEGIN
+UPDATE "members" SET updated_at = datetime ('now') WHERE id = OLD.id;
+END;
+CREATE TRIGGER "github_organizations_set_updated_at" AFTER UPDATE ON "github_organizations" FOR EACH ROW BEGIN
+UPDATE "github_organizations" SET updated_at = datetime ('now') WHERE id = OLD.id;
+END;
+CREATE TRIGGER "github_members_set_updated_at" AFTER UPDATE ON "github_members" FOR EACH ROW BEGIN
+UPDATE "github_members" SET updated_at = datetime ('now') WHERE id = OLD.id;
+END;
+CREATE TRIGGER "github_teams_set_updated_at" AFTER UPDATE ON "github_teams" FOR EACH ROW BEGIN
+UPDATE "github_teams" SET updated_at = datetime ('now') WHERE id = OLD.id;
+END;

go.mod

@@ -22,21 +22,31 @@ require (
 	github.com/antlr/antlr4/runtime/Go/antlr/v4 v4.0.0-20230512164433-5d1fd1a340c9 // indirect
 	github.com/cenkalti/backoff/v5 v5.0.2 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.3.0 // indirect
 	github.com/facebookgo/clock v0.0.0-20150410010913-600d898af40a // indirect
 	github.com/felixge/httpsnoop v1.0.4 // indirect
+	github.com/go-chi/jwtauth/v5 v5.3.3 // indirect
 	github.com/go-logr/logr v1.4.2 // indirect
 	github.com/go-logr/stdr v1.2.2 // indirect
+	github.com/goccy/go-json v0.10.3 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang/mock v1.6.0 // indirect
 	github.com/google/uuid v1.6.0 // indirect
 	github.com/grpc-ecosystem/go-grpc-middleware v1.4.0 // indirect
 	github.com/grpc-ecosystem/grpc-gateway/v2 v2.26.3 // indirect
 	github.com/klauspost/compress v1.15.15 // indirect
+	github.com/lestrrat-go/blackmagic v1.0.2 // indirect
+	github.com/lestrrat-go/httpcc v1.0.1 // indirect
+	github.com/lestrrat-go/httprc v1.0.6 // indirect
+	github.com/lestrrat-go/iter v1.0.2 // indirect
+	github.com/lestrrat-go/jwx/v2 v2.1.3 // indirect
+	github.com/lestrrat-go/option v1.0.1 // indirect
 	github.com/libsql/sqlite-antlr4-parser v0.0.0-20230802215326-5cb5bb604475 // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
 	github.com/nexus-rpc/sdk-go v0.3.0 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/robfig/cron v1.2.0 // indirect
+	github.com/segmentio/asm v1.2.0 // indirect
 	github.com/stretchr/objx v0.5.2 // indirect
 	github.com/stretchr/testify v1.10.0 // indirect
 	go.opentelemetry.io/auto/sdk v1.1.0 // indirect
@@ -47,6 +57,7 @@ require (
 	go.opentelemetry.io/otel/sdk/metric v1.36.0 // indirect
 	go.opentelemetry.io/otel/trace v1.36.0 // indirect
 	go.opentelemetry.io/proto/otlp v1.6.0 // indirect
+	golang.org/x/crypto v0.38.0 // indirect
 	golang.org/x/exp v0.0.0-20240325151524-a685a6edb6d8 // indirect
 	golang.org/x/net v0.40.0 // indirect
 	golang.org/x/sync v0.14.0 // indirect