Hello! Thank you for this repo, it is really helpful. ๐
I want to ask you about the responsibilities of use cases and controller. If I understood correctly, the controller should have the responsibility of sanitising the input from the route, calling the use case and then returning the response. The use case is the one that contains the business logic.
[...]
user, err := lc.LoginUsecase.GetUserByEmail(c, request.Email)
if err != nil {
c.JSON(http.StatusNotFound, domain.ErrorResponse{Message: "User not found with the given email"})
return
}
if bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(request.Password)) != nil {
c.JSON(http.StatusUnauthorized, domain.ErrorResponse{Message: "Invalid credentials"})
return
}
accessToken, err := lc.LoginUsecase.CreateAccessToken(&user, lc.Env.AccessTokenSecret, lc.Env.AccessTokenExpiryHour)
if err != nil {
c.JSON(http.StatusInternalServerError, domain.ErrorResponse{Message: err.Error()})
return
}
refreshToken, err := lc.LoginUsecase.CreateRefreshToken(&user, lc.Env.RefreshTokenSecret, lc.Env.RefreshTokenExpiryHour)
if err != nil {
c.JSON(http.StatusInternalServerError, domain.ErrorResponse{Message: err.Error()})
return
}
[...]
Here, the controller decides that first we should fetch the user, then we check if the password is correct and if it is, we generate both an access token and a refresh token. This is the business logic of a login and I feel like it should be in the use case.