This is my submission to the backend assignment as requested by the HR staff at Samespace.

I have also implemented the requested sort feature :)

• JWT Auth: Secure authentication using JSON Web Tokens (JWT) to manage user sessions.
• Refresh Token: Mechanism to refresh JWT tokens without re-authenticating the user.

• Auth Tests: Comprehensive tests for authentication functionalities.
• Todo Tests: Complete tests for all CRUD operations on todos.
• User Tests: Thorough tests for user-related operations.

• Swagger Documentation: API documentation generated using Swagger for easy reference and testing.

• GitHub Actions: Automated testing and deployment using GitHub Actions to ensure code quality and streamline CI/CD processes.

• Error Handling: Robust error handling mechanisms to provide meaningful error messages and ensure application stability.

• Graceful Shutdown: The application includes a graceful shutdown mechanism to ensure ongoing processes are completed and connections are properly closed before the server shuts down.

For this project, I opted against using the gocqlx ORM due to the simplicity of the CRUD queries, which did not justify the added complexity. Additionally, using an ORM can lock the project into that specific tool, making it harder to switch ORMs or databases later. A straightforward implementation ensures greater flexibility and easier maintenance.

JWTs provide a stateless and scalable solution for managing user sessions. They are compact, secure, and easy to integrate, making them ideal for modern web applications. The refresh token mechanism enhances security and user experience by allowing seamless token renewal.

I chose not to use a full-fledged web framework to keep the application lightweight and maintain full control over the architecture. By leveraging Gorilla Mux for routing and custom middleware, I avoided the overhead and complexity of web frameworks. This approach allows for greater flexibility, finer-grained control, and better performance tuning, while simplifying debugging and reducing dependencies.

I have chosen a mix of domain-driven design (DDD) and clean architecture principles for this project. This approach ensures a well-structured and maintainable codebase, facilitating scalability and ease of testing.

.
├── Makefile
├── bin
│   └── api
├── cmd
│   └── api
│       └── main.go
├── config.example.yaml
├── config.yaml
├── docs
│   ├── docs.go
│   ├── swagger.json
│   └── swagger.yaml
├── go.mod
├── go.sum
├── main.go
└── pkg
    ├── api
    │   ├── handler
    │   │   ├── auth.go
    │   │   ├── todo.go
    │   ├── middleware
    │   │   ├── auth.go
    │   │   ├── log.go
    │   ├── router
    │   │   └── router.go
    │   └── server
    │       └── server.go
    ├── config
    │   ├── config.go
    │   └── test.go
    ├── db
    │   └── scylla.go
    ├── model
    │   ├── auth.go
    │   ├── todo.go
    │   └── user.go
    ├── service
    │   ├── auth
    │   │   ├── auth.go
    │   │   ├── auth_test.go
    │   │   └── token.go
    │   ├── todo
    │   │   ├── todo.go
    │   │   └── todo_test.go
    │   └── user
    │       ├── user.go
    │       └── user_test.go
    └── utils
        ├── http.go
        ├── logger.go
        └── test.go

19 directories, 33 files

The authentication module provides secure login and token management using JWT. The refresh token feature allows users to maintain their sessions without frequently re-authenticating, improving user experience.

The todo service handles CRUD operations for todo items. It supports:

• Adding new todo items.
• Fetching paginated lists of todos.
• Filtering todos by status.
• Updating and patching todo items.
• Deleting todo items.

Using GitHub Actions for CI/CD ensures that all code changes are tested automatically. This setup helps maintain code quality and reduces the risk of introducing bugs.

The error recovery mechanism ensures that meaningful error messages are provided to the user. It also helps in debugging by logging detailed error information.

Swagger documentation provides a user-friendly interface to interact with the API, making it easier for developers to understand and test the API endpoints.

Tests cover all aspects of the authentication process, including login, token generation, and token refreshing.

Tests cover the full range of CRUD operations for todos. Each operation (add, get, update, patch, delete) is tested to ensure reliability and correctness.

Tests validate user creation, retrieval, and other user-related operations.

Certainly! Here's an improved version of the instructions:

This project is fully containerized using Docker. Follow the steps below to get the application up and running:

1. Configuration:

   • In the root directory of the project, create a file named config.yaml based on the provided config.example.yaml. Ensure all necessary configurations are properly set in this file.

2. Starting the Application:

   • Open a terminal in the root directory of the project.
   • Execute the following command to start the application:

     docker-compose up

3. Accessing the Application:

   • By default, the application will be available on port 8080. Open your browser and navigate to http://localhost:8080 to access it.

You can check the Swagger-ui demo hosted here: