idiomatic project structure

2024-11-26 11:31:46 -06:00
parent 1200380341
commit 052f95702d
44 changed files with 717 additions and 481 deletions
--- a/internal/api/db_interface.go
+++ b/internal/api/db_interface.go
@@ -0,0 +1,20 @@
+package api
+
+import (
+	"go-nkode/internal/models"
+)
+
+type DbAccessor interface {
+	GetCustomer(models.CustomerId) (*models.Customer, error)
+	GetUser(models.UserEmail, models.CustomerId) (*models.User, error)
+	WriteNewCustomer(models.Customer) error
+	WriteNewUser(models.User) error
+	UpdateUserNKode(models.User) error
+	UpdateUserInterface(models.UserId, models.UserInterface) error
+	UpdateUserRefreshToken(models.UserId, string) error
+	Renew(models.CustomerId) error
+	RefreshUserPasscode(models.User, []int, models.CustomerAttributes) error
+	RandomSvgInterface(models.KeypadDimension) ([]string, error)
+	RandomSvgIdxInterface(models.KeypadDimension) (models.SvgIdInterface, error)
+	GetSvgStringInterface(models.SvgIdInterface) ([]string, error)
+}
--- a/internal/api/handler.go
+++ b/internal/api/handler.go
@@ -0,0 +1,444 @@
+package api
+
+import (
+	"encoding/json"
+	"errors"
+	"github.com/google/uuid"
+	"go-nkode/config"
+	"go-nkode/internal/models"
+	"go-nkode/internal/security"
+	"log"
+	"net/http"
+	"strings"
+)
+
+type NKodeHandler struct {
+	Api NKodeAPI
+}
+
+const (
+	CreateNewCustomer            = "/create-new-customer"
+	GenerateSignupResetInterface = "/generate-signup-reset-interface"
+	SetNKode                     = "/set-nkode"
+	ConfirmNKode                 = "/confirm-nkode"
+	GetLoginInterface            = "/get-login-interface"
+	Login                        = "/login"
+	RenewAttributes              = "/renew-attributes"
+	RandomSvgInterface           = "/random-svg-interface"
+	RefreshToken                 = "/refresh-token"
+	ResetNKode                   = "/reset-nkode"
+)
+
+const (
+	malformedCustomerId     = "malformed customer id"
+	malformedUserEmail      = "malformed user email"
+	malformedSessionId      = "malformed session id"
+	invalidKeypadDimensions = "invalid keypad dimensions"
+)
+
+func (h *NKodeHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
+	switch r.URL.Path {
+	case CreateNewCustomer:
+		h.CreateNewCustomerHandler(w, r)
+	case GenerateSignupResetInterface:
+		h.GenerateSignupResetInterfaceHandler(w, r)
+	case SetNKode:
+		h.SetNKodeHandler(w, r)
+	case ConfirmNKode:
+		h.ConfirmNKodeHandler(w, r)
+	case GetLoginInterface:
+		h.GetLoginInterfaceHandler(w, r)
+	case Login:
+		h.LoginHandler(w, r)
+	case RenewAttributes:
+		h.RenewAttributesHandler(w, r)
+	case RandomSvgInterface:
+		h.RandomSvgInterfaceHandler(w, r)
+	case RefreshToken:
+		h.RefreshTokenHandler(w, r)
+	case ResetNKode:
+		h.ResetNKode(w, r)
+
+	default:
+		w.WriteHeader(http.StatusNotFound)
+		_, err := w.Write([]byte("404 not found"))
+		log.Println(err)
+	}
+}
+
+// CreateNewCustomerHandler handles the creation of a new customer.
+// @Summary Create a new customer
+// @Description Creates a new customer based on the provided policy information.
+// @Tags customers
+// @Accept json
+// @Produce json
+// @Param NewCustomerPost body NewCustomerPost true "Customer creation data"
+// @Success 200 {object} CreateNewCustomerResp
+// @Router /create-new-customer [post]
+func (h *NKodeHandler) CreateNewCustomerHandler(w http.ResponseWriter, r *http.Request) {
+	log.Print("create new customer")
+	if r.Method != http.MethodPost {
+		methodNotAllowed(w)
+		return
+	}
+	var customerPost models.NewCustomerPost
+	if err := decodeJson(w, r, &customerPost); err != nil {
+		return
+	}
+	customerId, err := h.Api.CreateNewCustomer(customerPost.NKodePolicy, nil)
+	if err != nil {
+		handleError(w, err)
+		return
+	}
+	respBody := models.CreateNewCustomerResp{
+		CustomerId: uuid.UUID(*customerId).String(),
+	}
+	marshalAndWriteBytes(w, respBody)
+}
+
+func (h *NKodeHandler) GenerateSignupResetInterfaceHandler(w http.ResponseWriter, r *http.Request) {
+	log.Print("signup/reset interface")
+	if r.Method != http.MethodPost {
+		methodNotAllowed(w)
+		return
+	}
+
+	var signupResetPost models.GenerateSignupRestInterfacePost
+	if err := decodeJson(w, r, &signupResetPost); err != nil {
+		return
+	}
+
+	kp := models.KeypadDimension{
+		AttrsPerKey: signupResetPost.AttrsPerKey,
+		NumbOfKeys:  signupResetPost.NumbOfKeys,
+	}
+	if err := kp.IsValidKeypadDimension(); err != nil {
+		badRequest(w, invalidKeypadDimensions)
+		return
+	}
+	customerId, err := uuid.Parse(signupResetPost.CustomerId)
+	if err != nil {
+		badRequest(w, malformedCustomerId)
+		return
+	}
+	userEmail, err := models.ParseEmail(signupResetPost.UserEmail)
+	if err != nil {
+		badRequest(w, malformedUserEmail)
+		return
+	}
+	resp, err := h.Api.GenerateSignupResetInterface(userEmail, models.CustomerId(customerId), kp, signupResetPost.Reset)
+	if err != nil {
+		handleError(w, err)
+		return
+	}
+
+	marshalAndWriteBytes(w, resp)
+}
+
+func (h *NKodeHandler) SetNKodeHandler(w http.ResponseWriter, r *http.Request) {
+	log.Print("set nkode")
+	if r.Method != http.MethodPost {
+		methodNotAllowed(w)
+		return
+	}
+	var setNKodePost models.SetNKodePost
+	if err := decodeJson(w, r, &setNKodePost); err != nil {
+		return
+	}
+	customerId, err := uuid.Parse(setNKodePost.CustomerId)
+	if err != nil {
+		badRequest(w, malformedCustomerId)
+		return
+	}
+	sessionId, err := uuid.Parse(setNKodePost.SessionId)
+	if err != nil {
+		badRequest(w, malformedSessionId)
+		return
+	}
+	confirmInterface, err := h.Api.SetNKode(models.CustomerId(customerId), models.SessionId(sessionId), setNKodePost.KeySelection)
+	if err != nil {
+		handleError(w, err)
+		return
+	}
+	respBody := models.SetNKodeResp{UserInterface: confirmInterface}
+	marshalAndWriteBytes(w, respBody)
+}
+
+func (h *NKodeHandler) ConfirmNKodeHandler(w http.ResponseWriter, r *http.Request) {
+	log.Print("confirm nkode")
+	if r.Method != http.MethodPost {
+		methodNotAllowed(w)
+		return
+	}
+
+	var confirmNKodePost models.ConfirmNKodePost
+	if err := decodeJson(w, r, &confirmNKodePost); err != nil {
+		return
+	}
+	customerId, err := uuid.Parse(confirmNKodePost.CustomerId)
+	if err != nil {
+		badRequest(w, malformedCustomerId)
+		return
+	}
+	sessionId, err := uuid.Parse(confirmNKodePost.SessionId)
+	if err != nil {
+		badRequest(w, malformedSessionId)
+		return
+	}
+	if err = h.Api.ConfirmNKode(models.CustomerId(customerId), models.SessionId(sessionId), confirmNKodePost.KeySelection); err != nil {
+		handleError(w, err)
+		return
+	}
+	w.WriteHeader(http.StatusOK)
+}
+
+func (h *NKodeHandler) GetLoginInterfaceHandler(w http.ResponseWriter, r *http.Request) {
+	log.Print("get login interface")
+	if r.Method != http.MethodPost {
+		methodNotAllowed(w)
+		return
+	}
+	var loginInterfacePost models.GetLoginInterfacePost
+	if err := decodeJson(w, r, &loginInterfacePost); err != nil {
+		return
+	}
+	customerId, err := uuid.Parse(loginInterfacePost.CustomerId)
+	if err != nil {
+		badRequest(w, malformedCustomerId)
+		return
+	}
+	userEmail, err := models.ParseEmail(loginInterfacePost.UserEmail)
+	if err != nil {
+		badRequest(w, malformedUserEmail)
+	}
+	loginInterface, err := h.Api.GetLoginInterface(userEmail, models.CustomerId(customerId))
+	if err != nil {
+		handleError(w, err)
+		return
+	}
+
+	marshalAndWriteBytes(w, loginInterface)
+}
+
+func (h *NKodeHandler) LoginHandler(w http.ResponseWriter, r *http.Request) {
+	log.Println("login")
+	if r.Method != http.MethodPost {
+		methodNotAllowed(w)
+		return
+	}
+	var loginPost models.LoginPost
+	if err := decodeJson(w, r, &loginPost); err != nil {
+		return
+	}
+	customerId, err := uuid.Parse(loginPost.CustomerId)
+	if err != nil {
+		badRequest(w, malformedCustomerId)
+		return
+	}
+	userEmail, err := models.ParseEmail(loginPost.UserEmail)
+	if err != nil {
+		badRequest(w, malformedUserEmail)
+		return
+	}
+	jwtTokens, err := h.Api.Login(models.CustomerId(customerId), userEmail, loginPost.KeySelection)
+	if err != nil {
+		handleError(w, err)
+		return
+	}
+
+	marshalAndWriteBytes(w, jwtTokens)
+}
+
+func (h *NKodeHandler) RenewAttributesHandler(w http.ResponseWriter, r *http.Request) {
+	println("renew attributes")
+	if r.Method != http.MethodPost {
+		methodNotAllowed(w)
+		return
+	}
+	var renewAttributesPost models.RenewAttributesPost
+	if err := decodeJson(w, r, &renewAttributesPost); err != nil {
+		return
+	}
+	customerId, err := uuid.Parse(renewAttributesPost.CustomerId)
+	if err != nil {
+		badRequest(w, malformedCustomerId)
+		return
+	}
+	if err = h.Api.RenewAttributes(models.CustomerId(customerId)); err != nil {
+		handleError(w, err)
+		return
+	}
+
+	w.WriteHeader(http.StatusOK)
+}
+
+func (h *NKodeHandler) RandomSvgInterfaceHandler(w http.ResponseWriter, r *http.Request) {
+	log.Println("random svg interface")
+	if r.Method != http.MethodGet {
+		methodNotAllowed(w)
+	}
+	svgs, err := h.Api.RandomSvgInterface()
+	if err != nil {
+		handleError(w, err)
+		return
+	}
+
+	respBody := models.RandomSvgInterfaceResp{
+		Svgs:   svgs,
+		Colors: models.SetColors,
+	}
+
+	marshalAndWriteBytes(w, respBody)
+}
+
+func (h *NKodeHandler) RefreshTokenHandler(w http.ResponseWriter, r *http.Request) {
+	println("refresh tokens")
+	if r.Method != http.MethodGet {
+		methodNotAllowed(w)
+	}
+	refreshToken, err := getBearerToken(r)
+	if err != nil {
+		forbidden(w)
+		return
+	}
+	refreshClaims, err := security.ParseRegisteredClaimToken(refreshToken)
+	customerId, err := uuid.Parse(refreshClaims.Issuer)
+	if err != nil {
+		badRequest(w, malformedCustomerId)
+		return
+	}
+	userEmail, err := models.ParseEmail(refreshClaims.Subject)
+	if err != nil {
+		badRequest(w, malformedUserEmail)
+		log.Println(err)
+		return
+	}
+	accessToken, err := h.Api.RefreshToken(userEmail, models.CustomerId(customerId), refreshToken)
+
+	if err != nil {
+		handleError(w, err)
+		log.Println(err)
+		return
+	}
+	marshalAndWriteBytes(w, models.RefreshTokenResp{AccessToken: accessToken})
+}
+
+func (h *NKodeHandler) ResetNKode(w http.ResponseWriter, r *http.Request) {
+	println("reset nkode")
+	if r.Method != http.MethodPost {
+		methodNotAllowed(w)
+	}
+	var resetNKodePost models.ResetNKodePost
+	if err := decodeJson(w, r, &resetNKodePost); err != nil {
+		return
+	}
+
+	customerId, err := uuid.Parse(resetNKodePost.CustomerId)
+	if err != nil {
+		badRequest(w, malformedCustomerId)
+		return
+	}
+
+	userEmail, err := models.ParseEmail(resetNKodePost.UserEmail)
+	if err != nil {
+		badRequest(w, malformedUserEmail)
+		return
+	}
+
+	if err = h.Api.ResetNKode(userEmail, models.CustomerId(customerId)); err != nil {
+		internalServerError(w)
+		log.Println(err)
+		return
+	}
+	w.WriteHeader(http.StatusOK)
+}
+
+func decodeJson(w http.ResponseWriter, r *http.Request, post any) error {
+	if r.Body == nil {
+		badRequest(w, "unable to parse body")
+		log.Println("error decoding json: body is nil")
+		return errors.New("body is nil")
+	}
+	err := json.NewDecoder(r.Body).Decode(&post)
+	if err != nil {
+		badRequest(w, "unable to parse body")
+		log.Println("error decoding json: ", err)
+		return err
+	}
+	return nil
+}
+
+func internalServerError(w http.ResponseWriter) {
+	log.Print("500 internal server error")
+	w.WriteHeader(http.StatusInternalServerError)
+	w.Write([]byte("500 Internal Server Error"))
+}
+
+func badRequest(w http.ResponseWriter, msg string) {
+	log.Print("bad request: ", msg)
+	w.WriteHeader(http.StatusBadRequest)
+	if msg == "" {
+		w.Write([]byte("400 Bad Request"))
+	} else {
+		w.Write([]byte(msg))
+	}
+}
+
+func methodNotAllowed(w http.ResponseWriter) {
+	log.Print("405 method not allowed")
+	w.WriteHeader(http.StatusMethodNotAllowed)
+	w.Write([]byte("405 method not allowed"))
+}
+
+func forbidden(w http.ResponseWriter) {
+	log.Print("403 forbidden")
+	w.WriteHeader(http.StatusForbidden)
+	w.Write([]byte("403 Forbidden"))
+}
+
+func handleError(w http.ResponseWriter, err error) {
+	log.Print("handling error: ", err)
+	statusCode, exists := config.HttpErrMap[err]
+	if !exists {
+		internalServerError(w)
+		return
+	}
+	switch statusCode {
+	case http.StatusBadRequest:
+		badRequest(w, err.Error())
+	case http.StatusForbidden:
+		forbidden(w)
+	case http.StatusInternalServerError:
+		internalServerError(w)
+	default:
+		log.Print("unknown error: ", err)
+		internalServerError(w)
+	}
+}
+
+func getBearerToken(r *http.Request) (string, error) {
+	authHeader := r.Header.Get("Authorization")
+	// Check if the Authorization header is present and starts with "Bearer "
+	if authHeader == "" || !strings.HasPrefix(authHeader, "Bearer ") {
+		return "", errors.New("forbidden")
+	}
+	token := strings.TrimPrefix(authHeader, "Bearer ")
+	return token, nil
+}
+
+func marshalAndWriteBytes(w http.ResponseWriter, data any) {
+	respBytes, err := json.Marshal(data)
+
+	if err != nil {
+		internalServerError(w)
+		log.Println(err)
+		return
+	}
+	_, err = w.Write(respBytes)
+
+	if err != nil {
+		internalServerError(w)
+		log.Println(err)
+		return
+	}
+}
--- a/internal/api/nkode_api.go
+++ b/internal/api/nkode_api.go
@@ -0,0 +1,269 @@
+package api
+
+import (
+	"fmt"
+	"github.com/google/uuid"
+	"github.com/patrickmn/go-cache"
+	"go-nkode/config"
+	"go-nkode/internal/email"
+	"go-nkode/internal/models"
+	"go-nkode/internal/security"
+	"log"
+	"os"
+	"time"
+)
+
+const (
+	sessionExpiration      = 5 * time.Minute
+	sessionCleanupInterval = 10 * time.Minute
+)
+
+type NKodeAPI struct {
+	Db                 DbAccessor
+	SignupSessionCache *cache.Cache
+	EmailQueue         *email.EmailQueue
+}
+
+func NewNKodeAPI(db DbAccessor, queue *email.EmailQueue) NKodeAPI {
+	return NKodeAPI{
+		Db:                 db,
+		EmailQueue:         queue,
+		SignupSessionCache: cache.New(sessionExpiration, sessionCleanupInterval),
+	}
+}
+
+func (n *NKodeAPI) CreateNewCustomer(nkodePolicy models.NKodePolicy, id *models.CustomerId) (*models.CustomerId, error) {
+	newCustomer, err := models.NewCustomer(nkodePolicy)
+	if id != nil {
+		newCustomer.Id = *id
+	}
+	if err != nil {
+		return nil, err
+	}
+	err = n.Db.WriteNewCustomer(*newCustomer)
+
+	if err != nil {
+		return nil, err
+	}
+	return &newCustomer.Id, nil
+}
+
+func (n *NKodeAPI) GenerateSignupResetInterface(userEmail models.UserEmail, customerId models.CustomerId, kp models.KeypadDimension, reset bool) (*models.GenerateSignupResetInterfaceResp, error) {
+	user, err := n.Db.GetUser(userEmail, customerId)
+	if err != nil {
+		return nil, err
+	}
+	if user != nil && !reset {
+		log.Printf("user %s already exists", string(userEmail))
+		return nil, config.ErrUserAlreadyExists
+	}
+	svgIdxInterface, err := n.Db.RandomSvgIdxInterface(kp)
+	if err != nil {
+		return nil, err
+	}
+	signupSession, err := models.NewSignupResetSession(userEmail, kp, customerId, svgIdxInterface, reset)
+	if err != nil {
+		return nil, err
+	}
+	//n.SignupSessions[signupSession.Id] = *signupSession
+	if err := n.SignupSessionCache.Add(signupSession.Id.String(), *signupSession, sessionExpiration); err != nil {
+		return nil, err
+	}
+	svgInterface, err := n.Db.GetSvgStringInterface(signupSession.LoginUserInterface.SvgId)
+
+	if err != nil {
+		return nil, err
+	}
+	resp := models.GenerateSignupResetInterfaceResp{
+		UserIdxInterface: signupSession.SetIdxInterface,
+		SvgInterface:     svgInterface,
+		SessionId:        uuid.UUID(signupSession.Id).String(),
+		Colors:           signupSession.Colors,
+	}
+	return &resp, nil
+}
+
+func (n *NKodeAPI) SetNKode(customerId models.CustomerId, sessionId models.SessionId, keySelection models.KeySelection) (models.IdxInterface, error) {
+	_, err := n.Db.GetCustomer(customerId)
+
+	if err != nil {
+		return nil, err
+	}
+	session, exists := n.SignupSessionCache.Get(sessionId.String())
+	if !exists {
+		log.Printf("session id does not exist %s", sessionId)
+		return nil, config.ErrSignupSessionDNE
+	}
+	userSession, ok := session.(models.UserSignSession)
+	if !ok {
+		// handle the case where the type assertion fails
+		return nil, config.ErrSignupSessionDNE
+	}
+	confirmInterface, err := userSession.SetUserNKode(keySelection)
+	if err != nil {
+		return nil, err
+	}
+	n.SignupSessionCache.Set(sessionId.String(), userSession, sessionExpiration)
+	return confirmInterface, nil
+}
+
+func (n *NKodeAPI) ConfirmNKode(customerId models.CustomerId, sessionId models.SessionId, keySelection models.KeySelection) error {
+	session, exists := n.SignupSessionCache.Get(sessionId.String())
+	if !exists {
+		log.Printf("session id does not exist %s", sessionId)
+		return config.ErrSignupSessionDNE
+	}
+	userSession, ok := session.(models.UserSignSession)
+	if !ok {
+		// handle the case where the type assertion fails
+		return config.ErrSignupSessionDNE
+	}
+	customer, err := n.Db.GetCustomer(customerId)
+	if err != nil {
+		return err
+	}
+	passcode, err := userSession.DeducePasscode(keySelection)
+	if err != nil {
+		return err
+	}
+	if err = customer.IsValidNKode(userSession.Kp, passcode); err != nil {
+		return err
+	}
+	user, err := models.NewUser(*customer, string(userSession.UserEmail), passcode, userSession.LoginUserInterface, userSession.Kp)
+	if err != nil {
+		return err
+	}
+	if userSession.Reset {
+		err = n.Db.UpdateUserNKode(*user)
+	} else {
+		err = n.Db.WriteNewUser(*user)
+	}
+	n.SignupSessionCache.Delete(userSession.Id.String())
+	return err
+}
+
+func (n *NKodeAPI) GetLoginInterface(userEmail models.UserEmail, customerId models.CustomerId) (*models.GetLoginInterfaceResp, error) {
+	user, err := n.Db.GetUser(userEmail, customerId)
+	if err != nil {
+		return nil, err
+	}
+	if user == nil {
+		log.Printf("user %s for customer %s dne", userEmail, customerId)
+		return nil, config.ErrUserForCustomerDNE
+	}
+	err = user.Interface.PartialInterfaceShuffle()
+	if err != nil {
+		return nil, err
+	}
+	err = n.Db.UpdateUserInterface(user.Id, user.Interface)
+	if err != nil {
+		return nil, err
+	}
+	svgInterface, err := n.Db.GetSvgStringInterface(user.Interface.SvgId)
+	if err != nil {
+		return nil, err
+	}
+	resp := models.GetLoginInterfaceResp{
+		UserIdxInterface: user.Interface.IdxInterface,
+		SvgInterface:     svgInterface,
+		NumbOfKeys:       user.Kp.NumbOfKeys,
+		AttrsPerKey:      user.Kp.AttrsPerKey,
+		Colors:           models.SetColors,
+	}
+	return &resp, nil
+}
+
+func (n *NKodeAPI) Login(customerId models.CustomerId, userEmail models.UserEmail, keySelection models.KeySelection) (*security.AuthenticationTokens, error) {
+	customer, err := n.Db.GetCustomer(customerId)
+	if err != nil {
+		return nil, err
+	}
+	user, err := n.Db.GetUser(userEmail, customerId)
+	if err != nil {
+		return nil, err
+	}
+	if user == nil {
+		log.Printf("user %s for customer %s dne", userEmail, customerId)
+		return nil, config.ErrUserForCustomerDNE
+	}
+	passcode, err := models.ValidKeyEntry(*user, *customer, keySelection)
+	if err != nil {
+		return nil, err
+	}
+
+	if user.Renew {
+		err = n.Db.RefreshUserPasscode(*user, passcode, customer.Attributes)
+		if err != nil {
+			return nil, err
+		}
+	}
+	jwtToken, err := security.NewAuthenticationTokens(string(user.Email), uuid.UUID(customerId))
+	if err != nil {
+		return nil, err
+	}
+	err = n.Db.UpdateUserRefreshToken(user.Id, jwtToken.RefreshToken)
+	if err != nil {
+		return nil, err
+	}
+	return &jwtToken, nil
+}
+
+func (n *NKodeAPI) RenewAttributes(customerId models.CustomerId) error {
+	return n.Db.Renew(customerId)
+}
+
+func (n *NKodeAPI) RandomSvgInterface() ([]string, error) {
+	return n.Db.RandomSvgInterface(models.KeypadMax)
+}
+
+func (n *NKodeAPI) RefreshToken(userEmail models.UserEmail, customerId models.CustomerId, refreshToken string) (string, error) {
+	user, err := n.Db.GetUser(userEmail, customerId)
+	if err != nil {
+		return "", err
+	}
+	if user == nil {
+		log.Printf("user %s for customer %s dne", userEmail, customerId)
+		return "", config.ErrUserForCustomerDNE
+	}
+	if user.RefreshToken != refreshToken {
+		return "", config.ErrRefreshTokenInvalid
+	}
+	refreshClaims, err := security.ParseRegisteredClaimToken(refreshToken)
+	if err != nil {
+		return "", err
+	}
+	if err = security.ClaimExpired(*refreshClaims); err != nil {
+		return "", err
+	}
+	newAccessClaims := security.NewAccessClaim(string(userEmail), uuid.UUID(customerId))
+	return security.EncodeAndSignClaims(newAccessClaims)
+}
+
+func (n *NKodeAPI) ResetNKode(userEmail models.UserEmail, customerId models.CustomerId) error {
+	user, err := n.Db.GetUser(userEmail, customerId)
+	if err != nil {
+		return fmt.Errorf("error getting user in rest nkode %v", err)
+	}
+
+	if user == nil {
+		return nil
+	}
+
+	nkodeResetJwt, err := security.ResetNKodeToken(string(userEmail), uuid.UUID(customerId))
+	if err != nil {
+		return err
+	}
+	frontendHost := os.Getenv("FRONTEND_HOST")
+	if frontendHost == "" {
+		frontendHost = config.FrontendHost
+	}
+	htmlBody := fmt.Sprintf("<h1>Hello!</h1><p>Click the link to reset your nKode.</p><a href=\"%s?token=%s\">Reset nKode</a>", frontendHost, nkodeResetJwt)
+	email := email.Email{
+		Sender:    "no-reply@nkode.tech",
+		Recipient: string(userEmail),
+		Subject:   "nKode Reset",
+		Content:   htmlBody,
+	}
+	n.EmailQueue.AddEmail(email)
+	return nil
+}
--- a/internal/api/nkode_api_test.go
+++ b/internal/api/nkode_api_test.go
@@ -0,0 +1,111 @@
+package api
+
+import (
+	"github.com/stretchr/testify/assert"
+	"go-nkode/internal/db"
+	"go-nkode/internal/email"
+	"go-nkode/internal/models"
+	"go-nkode/internal/security"
+	"os"
+	"testing"
+)
+
+func TestNKodeAPI(t *testing.T) {
+	//db1 := NewInMemoryDb()
+	//testNKodeAPI(t, &db1)
+
+	dbFile := os.Getenv("TEST_DB")
+
+	db2 := db.NewSqliteDB(dbFile)
+	defer db2.CloseDb()
+	testNKodeAPI(t, db2)
+
+	//if _, err := os.Stat(dbFile); err == nil {
+	//	err = os.Remove(dbFile)
+	//	assert.NoError(t, err)
+	//} else {
+	//	assert.NoError(t, err)
+	//}
+}
+
+func testNKodeAPI(t *testing.T, db DbAccessor) {
+	bufferSize := 100
+	emailsPerSec := 14
+	testClient := email.TestEmailClient{}
+	queue := email.NewEmailQueue(bufferSize, emailsPerSec, &testClient)
+	queue.Start()
+	defer queue.Stop()
+	attrsPerKey := 5
+	numbOfKeys := 4
+	for idx := 0; idx < 1; idx++ {
+		userEmail := models.UserEmail("test_username" + security.GenerateRandomString(12) + "@example.com")
+		passcodeLen := 4
+		nkodePolicy := models.NewDefaultNKodePolicy()
+		keypadSize := models.KeypadDimension{AttrsPerKey: attrsPerKey, NumbOfKeys: numbOfKeys}
+		nkodeApi := NewNKodeAPI(db, queue)
+		customerId, err := nkodeApi.CreateNewCustomer(nkodePolicy, nil)
+		assert.NoError(t, err)
+		signupResponse, err := nkodeApi.GenerateSignupResetInterface(userEmail, *customerId, keypadSize, false)
+		assert.NoError(t, err)
+		setInterface := signupResponse.UserIdxInterface
+		sessionIdStr := signupResponse.SessionId
+		sessionId, err := models.SessionIdFromString(sessionIdStr)
+		assert.NoError(t, err)
+		keypadSize = models.KeypadDimension{AttrsPerKey: numbOfKeys, NumbOfKeys: numbOfKeys}
+		userPasscode := setInterface[:passcodeLen]
+		setKeySelect, err := models.SelectKeyByAttrIdx(setInterface, userPasscode, keypadSize)
+		assert.NoError(t, err)
+		confirmInterface, err := nkodeApi.SetNKode(*customerId, sessionId, setKeySelect)
+		assert.NoError(t, err)
+		confirmKeySelect, err := models.SelectKeyByAttrIdx(confirmInterface, userPasscode, keypadSize)
+		err = nkodeApi.ConfirmNKode(*customerId, sessionId, confirmKeySelect)
+		assert.NoError(t, err)
+
+		keypadSize = models.KeypadDimension{AttrsPerKey: attrsPerKey, NumbOfKeys: numbOfKeys}
+		loginInterface, err := nkodeApi.GetLoginInterface(userEmail, *customerId)
+		assert.NoError(t, err)
+		loginKeySelection, err := models.SelectKeyByAttrIdx(loginInterface.UserIdxInterface, userPasscode, keypadSize)
+		assert.NoError(t, err)
+		_, err = nkodeApi.Login(*customerId, userEmail, loginKeySelection)
+		assert.NoError(t, err)
+
+		err = nkodeApi.RenewAttributes(*customerId)
+		assert.NoError(t, err)
+
+		loginInterface, err = nkodeApi.GetLoginInterface(userEmail, *customerId)
+		assert.NoError(t, err)
+		loginKeySelection, err = models.SelectKeyByAttrIdx(loginInterface.UserIdxInterface, userPasscode, keypadSize)
+		assert.NoError(t, err)
+		_, err = nkodeApi.Login(*customerId, userEmail, loginKeySelection)
+		assert.NoError(t, err)
+
+		/// Reset nKode
+		attrsPerKey = 6
+		keypadSize = models.KeypadDimension{AttrsPerKey: attrsPerKey, NumbOfKeys: numbOfKeys}
+		resetResponse, err := nkodeApi.GenerateSignupResetInterface(userEmail, *customerId, keypadSize, true)
+		assert.NoError(t, err)
+		setInterface = resetResponse.UserIdxInterface
+		sessionIdStr = resetResponse.SessionId
+		sessionId, err = models.SessionIdFromString(sessionIdStr)
+		assert.NoError(t, err)
+		keypadSize = models.KeypadDimension{AttrsPerKey: numbOfKeys, NumbOfKeys: numbOfKeys}
+		userPasscode = setInterface[:passcodeLen]
+		setKeySelect, err = models.SelectKeyByAttrIdx(setInterface, userPasscode, keypadSize)
+		assert.NoError(t, err)
+		confirmInterface, err = nkodeApi.SetNKode(*customerId, sessionId, setKeySelect)
+		assert.NoError(t, err)
+		confirmKeySelect, err = models.SelectKeyByAttrIdx(confirmInterface, userPasscode, keypadSize)
+		err = nkodeApi.ConfirmNKode(*customerId, sessionId, confirmKeySelect)
+		assert.NoError(t, err)
+
+		keypadSize = models.KeypadDimension{AttrsPerKey: attrsPerKey, NumbOfKeys: numbOfKeys}
+		loginInterface2, err := nkodeApi.GetLoginInterface(userEmail, *customerId)
+		assert.NoError(t, err)
+		loginKeySelection, err = models.SelectKeyByAttrIdx(loginInterface2.UserIdxInterface, userPasscode, keypadSize)
+		assert.NoError(t, err)
+		_, err = nkodeApi.Login(*customerId, userEmail, loginKeySelection)
+		assert.NoError(t, err)
+		signupResponse, err = nkodeApi.GenerateSignupResetInterface(userEmail, *customerId, keypadSize, false)
+		assert.Error(t, err)
+	}
+}