feat: rework db conn to use sql.DB for better portability

.gitignore

@@ -24,7 +24,7 @@ go.work.sum
 
 # Custom
 /_output
-/deployment/db_data
+/deployment/tmp
 /tmp/**
 
 # Vue

Makefile

@@ -34,7 +34,7 @@ web: web-all
 
 .PHONY: build
 build: tidy sqlc # build.
-	@go build -v -ldflags "$(GO_LDFLAGS)" -o $(OUTPUT_DIR)/howmuch $(ROOT_DIR)/cmd/howmuch/main.go 2>/dev/null
+	@go build -v -ldflags "$(GO_LDFLAGS)" -o $(OUTPUT_DIR)/howmuch $(ROOT_DIR)/cmd/howmuch/main.go
 
 .PHONY: sqlc
 sqlc:

api/openapi/openapi.yaml

@@ -76,7 +76,6 @@ paths:
   /session/create:
     post:
       tags:
-        - user
         - session
       description: Create a new session for a user
       requestBody:
@@ -85,6 +84,41 @@ paths:
           application/json:
             schema:
               $ref: '#/components/schemas/SessionCreateRequest'
+      responses:
+        '200':
+          description: Successful operation
+          content:
+            application/json:
+              schema:
+                type: object
+                properties:
+                  token:
+                    type: string
+                    example: fakjshdflauhkjhsometokenakjsdhfaksj
+        '400':
+          description: Client side error
+          content:
+            application/json:
+              schema:
+                type: object
+                properties:
+                  code:
+                    type: string
+                    example: AuthFailure
+                  message:
+                    type: string
+                    example: "wrong email password."
+        '500':
+          description: Server side error
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ErrResponse'
+  /session/delete:
+    post:
+      tags:
+        - session
+      description: Delete an existing session for a user
       responses:
         '200':
           description: Successful operation
@@ -110,13 +144,15 @@ paths:
                     example: AuthFailure
                   message:
                     type: string
-                    example: "wrong email password."
+                    example: "user not logged in."
         '500':
           description: Server side error
           content:
             application/json:
               schema:
                 $ref: '#/components/schemas/ErrResponse'
+      security:
+        - jwt: []
 
 components:
   schemas:
@@ -161,3 +197,9 @@ components:
         message:
           type: string
           example: "Server internal error."
+  securitySchemes:
+    jwt:
+      name: Bearer authentication
+      type: http
+      bearerFormat: "JWT"
+      scheme: bearer

configs/howmuch.yml

@@ -16,6 +16,14 @@ db:
   # DB name
   database: howmuch
 
+  max-open-conns: 100
+  max-idle-conns: 100
+  max-lifetime: 10s
+
+cache:
+  host: 127.0.0.1:6379
+  password: ""
+
 log:
   level: debug
   disalbe-caller: false

go.mod

@@ -11,6 +11,7 @@ require (
 	github.com/gosuri/uitable v0.0.4
 	github.com/jackc/pgx/v5 v5.7.1
 	github.com/pkg/errors v0.9.1
+	github.com/redis/go-redis/v9 v9.6.1
 	github.com/spf13/cobra v1.8.1
 	github.com/spf13/pflag v1.0.5
 	github.com/spf13/viper v1.19.0
@@ -23,9 +24,11 @@ require (
 require (
 	github.com/bytedance/sonic v1.11.6 // indirect
 	github.com/bytedance/sonic/loader v0.1.1 // indirect
+	github.com/cespare/xxhash/v2 v2.2.0 // indirect
 	github.com/cloudwego/base64x v0.1.4 // indirect
 	github.com/cloudwego/iasm v0.2.0 // indirect
 	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
+	github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect
 	github.com/fatih/color v1.14.1 // indirect
 	github.com/gabriel-vasile/mimetype v1.4.3 // indirect
 	github.com/gin-contrib/sse v0.1.0 // indirect
@@ -38,6 +41,7 @@ require (
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/jackc/pgpassfile v1.0.0 // indirect
 	github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 // indirect
+	github.com/jackc/puddle/v2 v2.2.2 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
 	github.com/klauspost/cpuid/v2 v2.2.7 // indirect
 	github.com/leodido/go-urn v1.4.0 // indirect
@@ -62,6 +66,7 @@ require (
 	go.uber.org/multierr v1.11.0 // indirect
 	golang.org/x/arch v0.8.0 // indirect
 	golang.org/x/exp v0.0.0-20230905200255-921286631fa9 // indirect
+	golang.org/x/sync v0.8.0 // indirect
 	golang.org/x/sys v0.25.0 // indirect
 	golang.org/x/text v0.18.0 // indirect
 	google.golang.org/protobuf v1.34.1 // indirect

go.sum

@@ -1,7 +1,13 @@
+github.com/bsm/ginkgo/v2 v2.12.0 h1:Ny8MWAHyOepLGlLKYmXG4IEkioBysk6GpaRTLC8zwWs=
+github.com/bsm/ginkgo/v2 v2.12.0/go.mod h1:SwYbGRRDovPVboqFv0tPTcG1sN61LM1Z4ARdbAV9g4c=
+github.com/bsm/gomega v1.27.10 h1:yeMWxP2pV2fG3FgAODIY8EiRE3dy0aeFYt4l7wh6yKA=
+github.com/bsm/gomega v1.27.10/go.mod h1:JyEr/xRbxbtgWNi8tIEVPUYZ5Dzef52k01W3YH0H+O0=
 github.com/bytedance/sonic v1.11.6 h1:oUp34TzMlL+OY1OUWxHqsdkgC/Zfc85zGqw9siXjrc0=
 github.com/bytedance/sonic v1.11.6/go.mod h1:LysEHSvpvDySVdC2f87zGWf6CIKJcAvqab1ZaiQtds4=
 github.com/bytedance/sonic/loader v0.1.1 h1:c+e5Pt1k/cy5wMveRDyk2X4B9hF4g7an8N3zCYjJFNM=
 github.com/bytedance/sonic/loader v0.1.1/go.mod h1:ncP89zfokxS5LZrJxl5z0UJcsk4M4yY2JpfqGeCtNLU=
+github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44=
+github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
 github.com/cloudwego/base64x v0.1.4 h1:jwCgWpFanWmN8xoIUHa2rtzmkd5J2plF/dnLS6Xd/0Y=
 github.com/cloudwego/base64x v0.1.4/go.mod h1:0zlkT4Wn5C6NdauXdJRhSKRlJvmclQ1hhJgA0rcu/8w=
 github.com/cloudwego/iasm v0.2.0 h1:1KNIy1I1H9hNNFEEH3DVnI4UujN+1zjpuk6gwHLTssg=
@@ -11,6 +17,8 @@ github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f h1:lO4WD4F/rVNCu3HqELle0jiPLLBs70cWOduZpkS1E78=
+github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f/go.mod h1:cuUVRXasLTGF7a8hSLbxyZXjz+1KgoB3wDUb6vlszIc=
 github.com/fatih/color v1.14.1 h1:qfhVLaG5s+nCROl1zJsZRxFeYrHLqWroPOQ8BWiNb4w=
 github.com/fatih/color v1.14.1/go.mod h1:2oHN61fhTpgcxD3TSWCgKDiH1+x4OiDVVGH8WlgGZGg=
 github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8=
@@ -91,6 +99,8 @@ github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINE
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U=
 github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/redis/go-redis/v9 v9.6.1 h1:HHDteefn6ZkTtY5fGUE8tj8uy85AHk6zP7CpzIAM0y4=
+github.com/redis/go-redis/v9 v9.6.1/go.mod h1:0C0c6ycQsdpVNQpxb1njEQIqkx5UcsM8FJCQLgE9+RA=
 github.com/rivo/uniseg v0.2.0 h1:S1pD9weZBuJdFmowNwbpi7BJ8TNftyUImj/0WQi72jY=
 github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
 github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8=

internal/howmuch/adapter/controller/session.go

@@ -23,25 +23,31 @@
 package controller
 
 import (
+	"fmt"
+	"time"
+
 	"git.vinchent.xyz/vinchent/howmuch/internal/howmuch/model"
 	"git.vinchent.xyz/vinchent/howmuch/internal/howmuch/usecase/usecase"
 	"git.vinchent.xyz/vinchent/howmuch/internal/pkg/core"
 	"git.vinchent.xyz/vinchent/howmuch/internal/pkg/errno"
 	"git.vinchent.xyz/vinchent/howmuch/internal/pkg/log"
+	"git.vinchent.xyz/vinchent/howmuch/internal/pkg/middleware/authn"
 	"git.vinchent.xyz/vinchent/howmuch/internal/pkg/token"
 	"github.com/gin-gonic/gin"
 )
 
 type Session interface {
 	Create(*gin.Context)
+	Delete(*gin.Context)
 }
 
 type SessionController struct {
 	userUsecase usecase.User
+	cache       core.Cache
 }
 
-func NewSessionController(u usecase.User) Session {
+func NewSessionController(u usecase.User, cache core.Cache) Session {
-	return &SessionController{u}
+	return &SessionController{u, cache}
 }
 
 type Token struct {
@@ -88,3 +94,27 @@ func (sc *SessionController) Create(ctx *gin.Context) {
 		Token: tokenString,
 	})
 }
+
+// Delete deletes a session by putting the jwt token into the cache
+func (sc *SessionController) Delete(ctx *gin.Context) {
+	tk, err := token.ParseRequest(ctx)
+	if err != nil || tk == nil {
+		// Unlikely
+		core.WriteResponse(ctx, authn.ErrTokenInvalid, nil)
+		return
+	}
+
+	exp := time.Until(tk.Expiry)
+	key := fmt.Sprintf("jwt:%s", tk.Identity)
+
+	log.DebugLog("session delete", "key", key, "exp", exp.String())
+	err = sc.cache.Set(ctx, key, tk.Raw, exp)
+	if err != nil {
+		// unexpected
+		log.ErrorLog("error writing logged out jwt into cache", "err", err)
+		core.WriteResponse(ctx, errno.InternalServerErr, nil)
+		return
+	}
+
+	core.WriteResponse(ctx, nil, "logged out")
+}

internal/howmuch/adapter/controller/session_test.go

@@ -59,7 +59,7 @@ func TestSessionCreate(t *testing.T) {
 	for _, tst := range tests {
 		t.Run(tst.Name, func(t *testing.T) {
 			testUserUsecase := usecasemock.NewtestUserUsecase()
-			sessionController := NewSessionController(testUserUsecase)
+			sessionController := NewSessionController(testUserUsecase, nil)
 			r := gin.New()
 			r.POST(
 				"/session/create",

internal/howmuch/adapter/repo/db.go

@@ -24,17 +24,17 @@ package repo
 
 import (
 	"context"
+	"database/sql"
 
 	"git.vinchent.xyz/vinchent/howmuch/internal/howmuch/usecase/repo"
 	"git.vinchent.xyz/vinchent/howmuch/internal/pkg/log"
-	"github.com/jackc/pgx/v5"
 )
 
 type dbRepository struct {
-	db *pgx.Conn
+	db *sql.DB
 }
 
-func NewDBRepository(db *pgx.Conn) repo.DBRepository {
+func NewDBRepository(db *sql.DB) repo.DBRepository {
 	return &dbRepository{
 		db: db,
 	}
@@ -46,20 +46,20 @@ func (dr *dbRepository) Transaction(
 	ctx context.Context,
 	txFunc func(txCtx context.Context, tx interface{}) (interface{}, error),
 ) (interface{}, error) {
-	tx, err := dr.db.Begin(ctx)
+	tx, err := dr.db.BeginTx(ctx, nil)
 	if err != nil {
 		return nil, err
 	}
 
 	defer func() {
 		if p := recover(); p != nil {
-			tx.Rollback(ctx)
+			tx.Rollback()
 			log.PanicLog("transaction panicked!")
 		} else if err != nil {
-			tx.Rollback(ctx)
+			tx.Rollback()
 			log.ErrorLog("transaction failed!", "err", err)
 		} else {
-			err = tx.Commit(ctx)
+			err = tx.Commit()
 		}
 	}()
 

internal/howmuch/adapter/repo/sqlc/db.go

@@ -6,15 +6,14 @@ package sqlc
 
 import (
 	"context"
-
+	"database/sql"
-	"github.com/jackc/pgx/v5"
-	"github.com/jackc/pgx/v5/pgconn"
 )
 
 type DBTX interface {
-	Exec(context.Context, string, ...interface{}) (pgconn.CommandTag, error)
+	ExecContext(context.Context, string, ...interface{}) (sql.Result, error)
-	Query(context.Context, string, ...interface{}) (pgx.Rows, error)
+	PrepareContext(context.Context, string) (*sql.Stmt, error)
-	QueryRow(context.Context, string, ...interface{}) pgx.Row
+	QueryContext(context.Context, string, ...interface{}) (*sql.Rows, error)
+	QueryRowContext(context.Context, string, ...interface{}) *sql.Row
 }
 
 func New(db DBTX) *Queries {
@@ -25,7 +24,7 @@ type Queries struct {
 	db DBTX
 }
 
-func (q *Queries) WithTx(tx pgx.Tx) *Queries {
+func (q *Queries) WithTx(tx *sql.Tx) *Queries {
 	return &Queries{
 		db: tx,
 	}

internal/howmuch/adapter/repo/sqlc/models.go

@@ -5,7 +5,7 @@
 package sqlc
 
 import (
-	"github.com/jackc/pgx/v5/pgtype"
+	"time"
 )
 
 type Admin struct {
@@ -21,6 +21,6 @@ type User struct {
 	FirstName string
 	LastName  string
 	Password  string
-	CreatedAt pgtype.Timestamp
+	CreatedAt time.Time
-	UpdatedAt pgtype.Timestamp
+	UpdatedAt time.Time
 }

internal/howmuch/adapter/repo/sqlc/user.sql.go

@@ -7,8 +7,7 @@ package sqlc
 
 import (
 	"context"
-
+	"time"
-	"github.com/jackc/pgx/v5/pgtype"
 )
 
 const getUserByEmail = `-- name: GetUserByEmail :one
@@ -18,7 +17,7 @@ SELECT id, email, first_name, last_name, password, created_at, updated_at
 `
 
 func (q *Queries) GetUserByEmail(ctx context.Context, email string) (User, error) {
-	row := q.db.QueryRow(ctx, getUserByEmail, email)
+	row := q.db.QueryRowContext(ctx, getUserByEmail, email)
 	var i User
 	err := row.Scan(
 		&i.ID,
@@ -45,8 +44,8 @@ type InsertUserParams struct {
 	FirstName string
 	LastName  string
 	Password  string
-	CreatedAt pgtype.Timestamp
+	CreatedAt time.Time
-	UpdatedAt pgtype.Timestamp
+	UpdatedAt time.Time
 }
 
 // MIT License
@@ -71,7 +70,7 @@ type InsertUserParams struct {
 // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 // SOFTWARE.
 func (q *Queries) InsertUser(ctx context.Context, arg InsertUserParams) (User, error) {
-	row := q.db.QueryRow(ctx, insertUser,
+	row := q.db.QueryRowContext(ctx, insertUser,
 		arg.Email,
 		arg.FirstName,
 		arg.LastName,

internal/howmuch/adapter/repo/user.go

@@ -24,6 +24,7 @@ package repo
 
 import (
 	"context"
+	"database/sql"
 	"errors"
 	"time"
 
@@ -31,16 +32,15 @@ import (
 	"git.vinchent.xyz/vinchent/howmuch/internal/howmuch/model"
 	"git.vinchent.xyz/vinchent/howmuch/internal/howmuch/usecase/repo"
 	"github.com/jackc/pgx/v5"
-	"github.com/jackc/pgx/v5/pgtype"
 )
 
 type userRepository struct {
-	db *pgx.Conn
+	db *sql.DB
 }
 
 const insertTimeout = 1 * time.Second
 
-func NewUserRepository(db *pgx.Conn) repo.UserRepository {
+func NewUserRepository(db *sql.DB) repo.UserRepository {
 	return &userRepository{
 		db: db,
 	}
@@ -60,11 +60,11 @@ func (ur *userRepository) Create(
 		FirstName: u.FirstName,
 		LastName:  u.LastName,
 		Password:  u.Password,
-		CreatedAt: pgtype.Timestamp{Time: time.Now(), Valid: true},
+		CreatedAt: time.Now(),
-		UpdatedAt: pgtype.Timestamp{Time: time.Now(), Valid: true},
+		UpdatedAt: time.Now(),
 	}
 
-	tx, ok := transaction.(pgx.Tx)
+	tx, ok := transaction.(*sql.Tx)
 	if !ok {
 		return nil, errors.New("transaction is not a pgx.Tx")
 	}
@@ -82,8 +82,8 @@ func (ur *userRepository) Create(
 		FirstName: userDB.FirstName,
 		LastName:  userDB.LastName,
 		Password:  userDB.Password,
-		CreatedAt: userDB.CreatedAt.Time,
+		CreatedAt: userDB.CreatedAt,
-		UpdatedAt: userDB.CreatedAt.Time,
+		UpdatedAt: userDB.CreatedAt,
 	}, nil
 }
 
@@ -104,7 +104,7 @@ func (ur *userRepository) GetByEmail(ctx context.Context, email string) (*model.
 		FirstName: userDB.FirstName,
 		LastName:  userDB.LastName,
 		Password:  userDB.Password,
-		CreatedAt: userDB.CreatedAt.Time,
+		CreatedAt: userDB.CreatedAt,
-		UpdatedAt: userDB.CreatedAt.Time,
+		UpdatedAt: userDB.CreatedAt,
 	}, nil
 }

internal/howmuch/howmuch.go

@@ -38,7 +38,7 @@ import (
 	"git.vinchent.xyz/vinchent/howmuch/internal/pkg/token"
 	"git.vinchent.xyz/vinchent/howmuch/pkg/version/verflag"
 	"github.com/gin-gonic/gin"
-	"github.com/jackc/pgx/v5"
+	"github.com/redis/go-redis/v9"
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
 	"golang.org/x/net/context"
@@ -116,25 +116,35 @@ func run() error {
 		viper.GetString("db.password"),
 		viper.GetString("db.sslmode"),
 	)
-	dbConf, err := pgx.ParseConfig(dbConfString)
+	// TODO: viper conf should be parsed into a struct directly
-	if err != nil {
+	dbExtraConf := &datastore.DbExtraConf{
-		log.FatalLog("DB connection config failure", "err", err, "cfg string", dbConfString)
+		MaxOpenConns: viper.GetInt("db.max-open-conns"),
+		MaxIdleConns: viper.GetInt("db.max-idle-conns"),
+		MaxLifetime:  viper.GetDuration("db.max-lifetime"),
 	}
-	dbConn, err := datastore.NewDB(dbConf)
+	dbConn := datastore.NewDB(dbConfString, dbExtraConf)
-	if err != nil {
+	if dbConn == nil {
-		log.FatalLog("DB connection failure", "err", err)
+		log.FatalLog("DB connection failure")
 	}
-	defer dbConn.Close(context.Background())
+	defer dbConn.Close()
+
+	// Init Cache
+	cache := datastore.NewCache(&redis.Options{
+		Addr:     viper.GetString("cache.host"),
+		Password: viper.GetString("cache.password"),
+		DB:       0,
+	})
+	defer cache.Close()
 
 	// Init token
 	token.Init(viper.GetString("web.token-secret"), viper.GetDuration("web.token-expiry-time"))
 
 	// Register the core service
-	r := registry.NewRegistry(dbConn)
+	r := registry.NewRegistry(dbConn, cache)
 
 	engine := gin.Default()
 
-	engine = router.Routes(engine, r.NewAppController())
+	engine = router.Routes(engine, r.NewAppController(), cache)
 
 	server := http.Server{
 		Addr:    viper.GetString("web.addr"),

internal/howmuch/infra/datastore/cache.go

@@ -0,0 +1,66 @@
+// MIT License
+//
+// Copyright (c) 2024 vinchent <vinchent@vinchent.xyz>
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files (the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions:
+//
+// The above copyright notice and this permission notice shall be included in all
+// copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+// SOFTWARE.
+
+package datastore
+
+import (
+	"context"
+	"time"
+
+	"git.vinchent.xyz/vinchent/howmuch/internal/pkg/core"
+	"git.vinchent.xyz/vinchent/howmuch/internal/pkg/log"
+	"github.com/redis/go-redis/v9"
+)
+
+type RedisCache struct {
+	redis *redis.Client
+}
+
+func NewCache(opt interface{}) core.Cache {
+	redisOpt := opt.(*redis.Options)
+	return &RedisCache{redis.NewClient(redisOpt)}
+}
+
+func (c *RedisCache) Get(ctx context.Context, key string) (string, error) {
+	val, err := c.redis.Get(ctx, key).Result()
+	if err == redis.Nil {
+		log.DebugLog("redis key not found", "key", key)
+		return "", nil
+	} else if err != nil {
+		log.DebugLog("redis cache get error", "err", err)
+		return "", err
+	}
+	return val, nil
+}
+
+func (c *RedisCache) Set(
+	ctx context.Context,
+	key string,
+	value interface{},
+	expiration time.Duration,
+) error {
+	return c.redis.Set(ctx, key, value, expiration).Err()
+}
+
+func (c *RedisCache) Close() error {
+	return c.redis.Close()
+}

internal/howmuch/infra/datastore/db.go

@@ -23,22 +23,65 @@
 package datastore
 
 import (
-	"context"
+	"database/sql"
+	"time"
 
-	"github.com/jackc/pgx/v5"
+	"git.vinchent.xyz/vinchent/howmuch/internal/pkg/log"
+	_ "github.com/jackc/pgx/v5"
+	_ "github.com/jackc/pgx/v5/stdlib"
 )
 
+var counts int
+
+type DbExtraConf struct {
+	MaxOpenConns int
+	MaxIdleConns int
+	MaxLifetime  time.Duration
+}
+
 // NewDB creates a new database for the application
-func NewDB(connConfig *pgx.ConnConfig) (*pgx.Conn, error) {
+func NewDB(dsn string, opts interface{}) *sql.DB {
-	conn, err := pgx.ConnectConfig(context.Background(), connConfig)
+	var db *sql.DB
+	var err error
+
+	for {
+		db, err = openDB(dsn)
+		if err != nil {
+			log.WarnLog("postgres not ready", "err", err)
+			counts++
+		} else {
+			log.InfoLog("connected to postgres")
+			break
+		}
+
+		if counts > 10 {
+			break
+		}
+		log.InfoLog("retry in 2 seconds")
+		time.Sleep(2 * time.Second)
+	}
+
+	if db == nil {
+		return nil
+	}
+
+	extraConf, ok := opts.(DbExtraConf)
+	if ok {
+		db.SetMaxOpenConns(extraConf.MaxOpenConns)
+		db.SetMaxIdleConns(extraConf.MaxIdleConns)
+		db.SetConnMaxLifetime(extraConf.MaxLifetime)
+	}
+	return db
+}
+
+func openDB(dsn string) (*sql.DB, error) {
+	db, err := sql.Open("pgx", dsn)
 	if err != nil {
 		return nil, err
 	}
 
-	// Ping test the conn
+	if err := db.Ping(); err != nil {
-	if err = conn.Ping(context.Background()); err != nil {
 		return nil, err
 	}
-
+	return db, nil
-	return conn, err
 }

internal/howmuch/infra/router/router.go

@@ -29,11 +29,19 @@ import (
 	"git.vinchent.xyz/vinchent/howmuch/internal/pkg/core"
 	"git.vinchent.xyz/vinchent/howmuch/internal/pkg/errno"
 	"git.vinchent.xyz/vinchent/howmuch/internal/pkg/middleware"
+	"git.vinchent.xyz/vinchent/howmuch/internal/pkg/middleware/authn"
 	"github.com/gin-contrib/cors"
 	"github.com/gin-gonic/gin"
 )
 
-func Routes(engine *gin.Engine, c controller.AppController) *gin.Engine {
+// Routes can take some options to init middlewares.
+// - Cache
+func Routes(engine *gin.Engine, c controller.AppController, opt ...interface{}) *gin.Engine {
+	cache, ok := opt[0].(core.Cache)
+	if !ok {
+		panic("the first option must be a cache driver")
+	}
+
 	// Middlewares
 	// Cors
 	corsCfg := cors.DefaultConfig()
@@ -56,14 +64,20 @@ func Routes(engine *gin.Engine, c controller.AppController) *gin.Engine {
 		{
 			userV1.POST("/create", func(ctx *gin.Context) { c.User.Create(ctx) })
 
-			userV1.Use(middleware.Authn())
+			userV1.Use(authn.Authn(cache))
 			userV1.GET(
 				":id/info",
 				func(ctx *gin.Context) { ctx.JSON(http.StatusOK, "Hello world") },
 			)
 		}
 
-		v1.POST("/session/create", func(ctx *gin.Context) { c.Session.Create(ctx) })
+		sessionV1 := v1.Group("/session")
+		{
+			sessionV1.POST("/create", func(ctx *gin.Context) { c.Session.Create(ctx) })
+			sessionV1.Use(authn.Authn(cache))
+			sessionV1.POST("/delete", func(ctx *gin.Context) { c.Session.Delete(ctx) })
+		}
+
 	}
 
 	return engine

internal/howmuch/registry/registry.go

@@ -23,8 +23,10 @@
 package registry
 
 import (
+	"database/sql"
+
 	"git.vinchent.xyz/vinchent/howmuch/internal/howmuch/adapter/controller"
-	"github.com/jackc/pgx/v5"
+	"git.vinchent.xyz/vinchent/howmuch/internal/pkg/core"
 )
 
 // registry is an implementation of Registry interface.
@@ -32,7 +34,8 @@ import (
 // It might holds other drivers when the projects grows. For example
 // the object needed to connect to Redis or Kafka.
 type registry struct {
-	db *pgx.Conn
+	db    *sql.DB
+	cache core.Cache
 }
 
 // Registry returns a new app controller that will be used by main()/run()
@@ -43,8 +46,8 @@ type Registry interface {
 }
 
 // NewRegistry returns a new Registry's implementation.
-func NewRegistry(db *pgx.Conn) Registry {
+func NewRegistry(db *sql.DB, cache core.Cache) Registry {
-	return &registry{db: db}
+	return &registry{db: db, cache: cache}
 }
 
 // NewAppController creates a new AppController with controller struct for

internal/howmuch/registry/session.go

@@ -31,5 +31,5 @@ import (
 // NewSessionController returns a session controller's implementation
 func (r *registry) NewSessionController() controller.Session {
 	u := usecase.NewUserUsecase(repo.NewUserRepository(r.db), repo.NewDBRepository(r.db))
-	return controller.NewSessionController(u)
+	return controller.NewSessionController(u, r.cache)
 }

internal/pkg/core/cache.go

@@ -0,0 +1,34 @@
+// MIT License
+//
+// Copyright (c) 2024 vinchent <vinchent@vinchent.xyz>
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files (the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions:
+//
+// The above copyright notice and this permission notice shall be included in all
+// copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+// SOFTWARE.
+
+package core
+
+import (
+	"context"
+	"time"
+)
+
+type Cache interface {
+	Get(ctx context.Context, key string) (string, error)
+	Set(ctx context.Context, key string, value interface{}, expiration time.Duration) error
+	Close() error
+}

internal/pkg/middleware/authn/authn.go

@@ -20,13 +20,15 @@
 // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 // SOFTWARE.
 
-package middleware
+package authn
 
 import (
+	"fmt"
 	"net/http"
 
 	"git.vinchent.xyz/vinchent/howmuch/internal/pkg/core"
 	"git.vinchent.xyz/vinchent/howmuch/internal/pkg/errno"
+	"git.vinchent.xyz/vinchent/howmuch/internal/pkg/log"
 	"git.vinchent.xyz/vinchent/howmuch/internal/pkg/shared"
 	"git.vinchent.xyz/vinchent/howmuch/internal/pkg/token"
 	"github.com/gin-gonic/gin"
@@ -38,8 +40,14 @@ var ErrTokenInvalid = &errno.Errno{
 	Message: "invalid token",
 }
 
+var ErrLoggedOut = &errno.Errno{
+	HTTP:    http.StatusUnauthorized,
+	Code:    errno.ErrorCode(errno.AuthFailureCode, "LoggedOut"),
+	Message: "logged out, please log in",
+}
+
 // Authn authenticates a user's access by validating their token.
-func Authn() gin.HandlerFunc {
+func Authn(cache core.Cache) gin.HandlerFunc {
 	return func(ctx *gin.Context) {
 		tk, err := token.ParseRequest(ctx)
 		if err != nil || tk == nil {
@@ -48,7 +56,20 @@ func Authn() gin.HandlerFunc {
 			return
 		}
 
-		// TODO: check if the key is on logout blacklist.
+		key := fmt.Sprintf("jwt:%s", tk.Identity)
+
+		val, err := cache.Get(ctx, key)
+		if err != nil {
+			log.ErrorLog("cache get token", "err", err)
+			ctx.Abort()
+			return
+		}
+		if val != "" {
+			// blacklist
+			core.WriteResponse(ctx, ErrLoggedOut, nil)
+			ctx.Abort()
+			return
+		}
 
 		ctx.Header(shared.XUserName, tk.Identity)
 		ctx.Next()

internal/pkg/middleware/authn/authn_test.go

@@ -0,0 +1,117 @@
+// MIT License
+//
+// Copyright (c) 2024 vinchent <vinchent@vinchent.xyz>
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files (the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions:
+//
+// The above copyright notice and this permission notice shall be included in all
+// copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+// SOFTWARE.
+
+package authn
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"net/http"
+	"testing"
+	"time"
+
+	"git.vinchent.xyz/vinchent/howmuch/internal/pkg/errno"
+	"git.vinchent.xyz/vinchent/howmuch/internal/pkg/shared"
+	"git.vinchent.xyz/vinchent/howmuch/internal/pkg/test"
+	"git.vinchent.xyz/vinchent/howmuch/internal/pkg/token"
+	"github.com/gin-gonic/gin"
+	"github.com/stretchr/testify/assert"
+)
+
+var loggedOutID string
+
+type testCache struct{}
+
+func (tc *testCache) Get(ctx context.Context, key string) (string, error) {
+	loggedOutKey := fmt.Sprintf("jwt:%s", loggedOutID)
+	if key == loggedOutKey {
+		return "found", nil
+	}
+	return "", nil
+}
+
+func (c *testCache) Set(
+	ctx context.Context,
+	key string,
+	value interface{},
+	expiration time.Duration,
+) error {
+	return nil
+}
+
+func (c *testCache) Close() error {
+	return nil
+}
+
+func TestAuthn(t *testing.T) {
+	token.Init("secret", 1*time.Second)
+	tk, _ := token.Sign("user")
+
+	tkParsed, _ := token.Parse(tk)
+	loggedOutID = tkParsed.Identity
+
+	cache := &testCache{}
+
+	t.Run("token found in cache", func(t *testing.T) {
+		r := gin.New()
+		r.Use(Authn(cache))
+
+		r.GET("/example", func(c *gin.Context) {
+			c.Status(http.StatusOK)
+		})
+		res := test.PerformRequest(
+			t,
+			r,
+			"GET",
+			"/example",
+			nil,
+			test.Header{Key: shared.XUserName, Value: "user"},
+			test.Header{Key: "Authorization", Value: fmt.Sprintf("Bearer %s", tk)},
+		)
+		assert.Equal(t, http.StatusUnauthorized, res.Result().StatusCode, res.Body)
+
+		var err errno.Errno
+		json.NewDecoder(res.Result().Body).Decode(&err)
+		assert.Equal(t, "AuthFailure.LoggedOut", err.Code)
+	})
+
+	t.Run("token not found in cache", func(t *testing.T) {
+		newTk, _ := token.Sign("user2")
+		r := gin.New()
+		r.Use(Authn(cache))
+
+		r.GET("/example", func(c *gin.Context) {
+			c.Status(http.StatusOK)
+		})
+		res := test.PerformRequest(
+			t,
+			r,
+			"GET",
+			"/example",
+			nil,
+			test.Header{Key: shared.XUserName, Value: "user2"},
+			test.Header{Key: "Authorization", Value: fmt.Sprintf("Bearer %s", newTk)},
+		)
+		assert.Equal(t, http.StatusOK, res.Result().StatusCode, res.Body)
+	})
+}

internal/pkg/shared/const.go

@@ -1,3 +1,25 @@
+// MIT License
+//
+// Copyright (c) 2024 vinchent <vinchent@vinchent.xyz>
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files (the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions:
+//
+// The above copyright notice and this permission notice shall be included in all
+// copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+// SOFTWARE.
+
 package shared
 
 const (

internal/pkg/token/token.go

@@ -43,6 +43,7 @@ type Claims struct {
 }
 
 type TokenResp struct {
+	Raw      string
 	Identity string
 	Expiry   time.Time
 }
@@ -91,6 +92,7 @@ func Parse(tokenString string) (*TokenResp, error) {
 
 	if claims, ok := token.Claims.(*Claims); ok {
 		return &TokenResp{
+			tokenString,
 			claims.IdentityKey,
 			claims.ExpiresAt.Time,
 		}, nil

sqlc.yml

@@ -28,4 +28,3 @@ sql:
     gen:
       go:
         out: "internal/howmuch/adapter/repo/sqlc"
-        sql_package: "pgx/v5"