@@ -8,9 +8,20 @@ In this exercise you will be creating a REST API in Go that will check for authe
Details:
1. You will be mocking a realtime database by storing the objects you will be creating, updating and deleting in a file named __database.json__.
1. You will be mocking a realtime database by storing the objects you will be creating, updating and deleting in a file named __database.json__. You will be creating endpoints that correspond to the basic CRUD methods on a restful resource. You will be defining the data you want to store inside of the __data.go__ file. It should be a struct and has to have at least 4 fields, one of which must be an ID. The type of the ID is up to you to decide but you will have to come up with a mechanism to generate unique values when you create new instances of your data type and store them in the database. __You will not be passing the id for your data type in your post request. Your handlers will have to provide that functionality or reference another function that does.__ Also your id generator should work whether you restart the server or not (meaning you can't just use a global counter). For your data type you need to create the following endpoints:
* /data This should respond to both a GET and POST request. If it is a GET request you should respond with the current state of the database. If is a POST request, you should respond with the new resource you just added to your database as well as updating the database with the new entry. The parameters for your POST must be in the body of the request.
* /data/:id This should respond to GET, PUT and DELETE. You need to query the database to find the resource that matches the id you are passing. If it does not exist you must respond with a 404 and message saying "Resouce not found". If the resource does exist, you should respond with the resource for a GET request. If your request is a PUT then you should update the resource with the values in the body of the request and update the database with the new resource. If your request is a DELETE, then you should return the resource in your response and remove it from the database.
* /authenticate This endpoint will check for the Authentication header being present in the request, and for the Basic and value for the authetication parameters. Your application will only authenticate a request if it passes the password "Let's go Terps!" encoded in Base64. Once successfully authenticated, your server should set a header named IS_AUTHENTICATED to be true.
Your sever should run on port 8090 of localhost.
2. You need to define the following Header values to serve as your authorization mechanism:
* CAN_READ
* CAN_WRITE
Your application will need to check that for any authenticated request the permissions. A GET request should only be able to be reached if the request is authenticated AND has the CAN_READ header set to true. All other requests should only be reachable if the the request is authenticated and CAN_WRITE is true. No request should be able to proceed unless authenticated first.
3. Lastly, you will need to define functions that validate the data in your requests. If the data does not match the fields in the struct you are storing you should respond with a 404 status error along with the message: "Invalid data for type <yourtype>"
To deliver your submission you will need to commit your changes locally and push to your repo on the university gitlab server.
__NOTE__: You should not commit any executables or binaries as a result of compiling and building your application.
__NOTE__: You should not commit any executables or binaries as a result of compiling and building your application. You should also greatly leverage the middleware stack in Go to handle all of this functionality so it always runs in the proper order.
