{"id":35135254,"url":"https://github.com/ariebrainware/basis-data-ltt","last_synced_at":"2026-02-05T10:12:53.812Z","repository":{"id":276067353,"uuid":"926305023","full_name":"ariebrainware/basis-data-ltt","owner":"ariebrainware","description":"Backend LeeTitTar built with Go ","archived":false,"fork":false,"pushed_at":"2026-01-18T09:03:58.000Z","size":8706,"stargazers_count":1,"open_issues_count":7,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-01-18T17:00:28.624Z","etag":null,"topics":["api-gateway","backend","golang"],"latest_commit_sha":null,"homepage":"https://api.leetittar.com","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ariebrainware.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-02-03T02:06:37.000Z","updated_at":"2026-01-18T09:04:01.000Z","dependencies_parsed_at":"2025-02-06T05:26:35.921Z","dependency_job_id":"46296089-d1eb-4c74-8519-2b58281d0cbb","html_url":"https://github.com/ariebrainware/basis-data-ltt","commit_stats":null,"previous_names":["ariebrainware/basis-data-ltt"],"tags_count":14,"template":false,"template_full_name":null,"purl":"pkg:github/ariebrainware/basis-data-ltt","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ariebrainware%2Fbasis-data-ltt","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ariebrainware%2Fbasis-data-ltt/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ariebrainware%2Fbasis-data-ltt/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ariebrainware%2Fbasis-data-ltt/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ariebrainware","download_url":"https://codeload.github.com/ariebrainware/basis-data-ltt/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ariebrainware%2Fbasis-data-ltt/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28767008,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-26T03:54:34.369Z","status":"ssl_error","status_checked_at":"2026-01-26T03:54:33.031Z","response_time":59,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["api-gateway","backend","golang"],"created_at":"2025-12-28T08:52:18.760Z","updated_at":"2026-02-05T10:12:53.804Z","avatar_url":"https://github.com/ariebrainware.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# basis-data-ltt\n\nLightweight Go REST API for managing patients, diseases, treatments, therapists and sessions with comprehensive security features.\n\n---\n\n## Table of Contents\n\n- [Quick links](#quick-links)\n- [Security](#security)\n- [Prerequisites](#prerequisites)\n- [Setup](#setup)\n- [Build \u0026 Run](#build--run)\n- [API Documentation](#api-documentation)\n- [Important Routes](#important-routes)\n- [Testing](#testing)\n- [Notes for Contributors](#notes-for-contributors)\n\n---\n\n## Quick links\n\n- Code: [main.go](main.go)\n- Configuration: [config/config.go](config/config.go)\n- Middleware: [middleware/middleware.go](middleware/middleware.go)\n- Authentication \u0026 endpoints: [endpoint/authentication.go](endpoint/authentication.go)\n- Models: [model](model)\n- Utility helpers: [util/helperfunc.go](util/helperfunc.go) and [util/password.go](util/password.go)\n- Swagger docs entrypoint: [docs/swagger.yaml](docs/swagger.yaml)\n- **Security Guide**: [SECURITY.md](SECURITY.md)\n\n---\n\n## Security\n\nThis application implements comprehensive security features:\n\n- **Argon2id Password Hashing** - Industry-standard password hashing with unique salts\n- **Rate Limiting** - Protection against brute force attacks (5 attempts per 15 minutes)\n- **Account Lockout** - Automatic lockout after 5 failed login attempts\n- **Security Logging** - Comprehensive audit trail of security events\n- **HTTPS/TLS Support** - Encrypted communication support\n- **HSTS Headers** - HTTP Strict Transport Security\n- **SQL Injection Prevention** - Parameterized queries via GORM\n- **Input Validation** - Request validation on all endpoints\n- **Session Management** - Secure token-based authentication with 1-hour expiration\n\nFor detailed security information, configuration, and best practices, see [SECURITY.md](SECURITY.md).\n\n---\n\n## Prerequisites\n\n- Go 1.24.0+\n- (Optional) MySQL for local development; tests use an in-memory SQLite when `APPENV=test`.\n\n## Setup\n\n1. Clone and enter the repo:\n\n```bash\ngit clone https://github.com/ariebrainware/basis-data-ltt.git\ncd basis-data-ltt\n```\n\n2. Download dependencies:\n\n```bash\ngo mod download\n```\n\n3. Copy or create a `.env` file for local development. Important environment variables:\n\n```bash\n# Application Configuration\nAPPENV=local        # local|development|production|test\nAPPPORT=19091\nAPITOKEN=\u003capi-token-for-cors-middleware\u003e\nJWTSECRET=\u003cjwt-secret-used-for-signing\u003e # Use a strong secret (min 32 chars)\nGINMODE=debug\n\n# Database Configuration\nDBHOST=127.0.0.1\nDBPORT=3306\nDBNAME=basis_data_ltt\nDBUSER=root\nDBPASS=password\n\n# Redis Configuration (optional, for rate limiting and caching)\nREDIS_ADDR=localhost:6379\nREDIS_PASS=\nREDIS_DB=0\n\n# TLS/HTTPS Configuration (optional, for production)\nENABLE_TLS=false\nTLS_CERT_FILE=/path/to/cert.pem\nTLS_KEY_FILE=/path/to/key.pem\n\n# HSTS Configuration (optional, recommended for production with TLS)\nENABLE_HSTS=false\nHSTS_MAX_AGE=31536000\nHSTS_INCLUDE_SUBDOMAINS=true\n```\n\nSee [.env.sample](.env.sample) for all available configuration options.\n\n**Security Notes:**\n- Use a strong `JWTSECRET` (minimum 32 random characters)\n- Never commit `.env` files to version control\n- In production, use environment variables instead of `.env` files\n- See [SECURITY.md](SECURITY.md) for security best practices\n\n## Build \u0026 Run\n\nBuild:\n\n```bash\ngo build -o basis-data-ltt\n```\n\nRun (development):\n\n```bash\ngo run main.go\n```\n\nServer defaults to `:APPPORT` (19091). The app sets timezone to `Asia/Jakarta` on startup.\n\n---\n\n## API Documentation\n\nRun the server and open:\n\n```\nhttp://localhost:19091/swagger/index.html\n```\n\nAPI docs are generated with `swag` from code annotations. To regenerate docs locally:\n\n```bash\ngo install github.com/swaggo/swag/cmd/swag@latest\nswag init --parseDependency --parseInternal\n```\n\n---\n\n## Important Routes\n\nAuthentication:\n- `POST /signup` - register\n- `POST /login` - obtain session token\n- `DELETE /logout` - invalidate session (requires `session-token` header)\n- `GET /token/validate` - validate session token\n- `POST /verify-password` - (protected) verify current user's password before allowing password change\n\nPatient (admin):\n- `POST /patient` - create patient (public)\n- `GET|PATCH|DELETE /patient/:id` - manage patients (admin)\n\nDisease (admin):\n- `GET|POST|PATCH|DELETE /disease`\n\nTreatment (admin, therapist):\n- `GET|POST|PATCH|DELETE /treatment`\n\nTherapist (admin):\n- `GET|POST|PATCH|PUT|DELETE /therapist`\n\nSee the Swagger UI for full request/response schemas.\n\n---\n\n## Testing\n\nUnit and integration tests are included. Tests set `APPENV=test` and use an in-memory SQLite DB. Run:\n\n```bash\ngo test ./...\n```\n\nIf a test needs to run against MySQL, set environment variables accordingly. Most CI/test code in this repo uses the in-memory DB when `APPENV=test`.\n\n---\n\n## Notes for Contributors\n\n- The config loader is a singleton: see [config/config.go](config/config.go).\n- Database connection is injected into Gin context via `middleware.DatabaseMiddleware` ([middleware/middleware.go](middleware/middleware.go)).\n- **Passwords are hashed using Argon2id** with unique per-user salts. The implementation is in [util/password.go](util/password.go). Never use the JWT secret for password hashing.\n- Session tokens are stored in the `sessions` table and cached in Redis when available (see [endpoint/authentication.go](endpoint/authentication.go)).\n- Rate limiting is implemented using Redis when available; see [middleware/ratelimit.go](middleware/ratelimit.go).\n- **Security logging** is enabled for all authentication and authorization events; see [util/security_logger.go](util/security_logger.go).\n- Review [SECURITY.md](SECURITY.md) before making changes to authentication, authorization, or password handling code.\n\nIf you'd like, I can also add a quick `make` target or Docker instructions to simplify local setup.\n\n## GeoIP Local Database (optional)\n\nThis project can use a local MaxMind GeoIP2/GeoLite2 `.mmdb` file to resolve IPs to a city and country for `SecurityLog` entries.\n\n- Place your `.mmdb` file somewhere accessible and set the environment variable `GEOIP_DB_PATH` to its path.\n- The application will initialize the GeoIP reader on startup when `GEOIP_DB_PATH` is set. You can also call `util.DownloadGeoIP()` programmatically to download a file and `util.ValidateGeoIP()` to validate it.\n- The code includes an in-memory cache with 24h TTL to avoid repeated lookups. Metrics are available via `util.GetGeoIPCacheMetrics()` (cache hits, misses, size).\n\nExample usage (manual):\n\n```bash\n# export GEOIP_DB_PATH=/opt/geoip/GeoLite2-City.mmdb\nexport GEOIP_DB_PATH=/path/to/GeoLite2-City.mmdb\ngo run main.go\n```\n\nIf you need help automating downloading the GeoIP DB (MaxMind requires agreeing to their license), I can add a small script that downloads and validates the DB given a signed URL or local mirror.\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fariebrainware%2Fbasis-data-ltt","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fariebrainware%2Fbasis-data-ltt","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fariebrainware%2Fbasis-data-ltt/lists"}