Feature/errors (#1)

* Handle system errors

* Logging user errors

* Validation errors

* Validation graphql field values

* Return validation error from httpin request converter

* Refactor SendError function

Author: debugger84

auth/middleware.go

@@ -3,10 +3,9 @@ package auth
 import (
 	"braces.dev/errtrace"
 	"errors"
-	"github.com/go-modulus/modulus/errors/errhttp"
+	"github.com/go-modulus/modulus/http/errhttp"
 	"github.com/go-modulus/modulus/logger"
 	"github.com/gofrs/uuid"
-	"log/slog"
 	"net/http"
 	"regexp"
 )
@@ -16,18 +15,18 @@ var authRegexp = regexp.MustCompile(`(Bearer[ ]+)([^,\n$ ]+)`)
 type Middleware struct {
 	authenticator Authenticator
 	config        *MiddlewareConfig
-	logger        *slog.Logger
+	errorPipeline *errhttp.ErrorPipeline
 }
 
 func NewMiddleware(
 	authenticator Authenticator,
 	config *MiddlewareConfig,
-	logger *slog.Logger,
+	errorPipeline *errhttp.ErrorPipeline,
 ) *Middleware {
 	return &Middleware{
 		authenticator: authenticator,
 		config:        config,
-		logger:        logger,
+		errorPipeline: errorPipeline,
 	}
 }
 
@@ -70,7 +69,7 @@ func (a *Middleware) Middleware(next http.Handler) errhttp.Handler {
 }
 
 func (a *Middleware) HttpMiddleware() func(http.Handler) http.Handler {
-	return errhttp.WrapMiddleware(a.logger, a.Middleware)
+	return errhttp.WrapMiddleware(a.errorPipeline, a.Middleware)
 }
 
 func (a *Middleware) parseAccessToken(token string) (string, error) {

auth/password_auth.go

@@ -9,6 +9,7 @@ import (
 	"golang.org/x/crypto/bcrypt"
 )
 
+var ErrInvalidIdentity = errors.New("invalid identity")
 var ErrIdentityIsBlocked = errors.New("identity is blocked")
 var ErrInvalidPassword = errors.New("invalid password")
 var ErrCannotHashPassword = errors.New("cannot hash password")
@@ -34,11 +35,13 @@ func NewPasswordAuthenticator(
 // Errors:
 // * github.com/go-modulus/modulus/auth.ErrIdentityIsBlocked - if the identity is blocked.
 // * github.com/go-modulus/modulus/auth.ErrInvalidPassword - if the password is invalid.
-// * Any error from the IdentityRepository.Get method (e.g. github.com/go-modulus/modulus/auth/repository.ErrIdentityNotFound).
-// * Any error from the CredentialRepository.GetLast method (e.g. github.com/go-modulus/modulus/auth/repository.ErrCredentialNotFound).
+// * github.com/go-modulus/modulus/auth.ErrInvalidIdentity - if identity is not found in the repository.
 func (a *PasswordAuthenticator) Authenticate(ctx context.Context, identity, password string) (Performer, error) {
 	identityObj, err := a.identityRepository.Get(ctx, identity)
 	if err != nil {
+		if errors.Is(err, repository.ErrIdentityNotFound) {
+			return Performer{}, errtrace.Wrap(ErrInvalidIdentity)
+		}
 		return Performer{}, errtrace.Wrap(err)
 	}
 
@@ -48,6 +51,9 @@ func (a *PasswordAuthenticator) Authenticate(ctx context.Context, identity, pass
 
 	cred, err := a.credentialRepository.GetLast(ctx, identityObj.ID, string(repository.CredentialTypePassword))
 	if err != nil {
+		if errors.Is(err, repository.ErrCredentialNotFound) {
+			return Performer{}, errtrace.Wrap(ErrInvalidPassword)
+		}
 		return Performer{}, errtrace.Wrap(err)
 	}
 
@@ -92,7 +98,7 @@ func (a *PasswordAuthenticator) Register(
 
 	hash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
 	if err != nil {
-		return repository.Identity{}, errtrace.Wrap(errors.WrapCause(ErrCannotHashPassword, err))
+		return repository.Identity{}, errtrace.Wrap(errors.WithCause(ErrCannotHashPassword, err))
 	}
 
 	_, err = a.credentialRepository.Create(

auth/plain_token_auth.go

@@ -85,12 +85,12 @@ func (a *PlainTokenAuthenticator) IssueTokens(
 ) (TokenPair, error) {
 	accessTokenStr, err := a.randomString(32)
 	if err != nil {
-		return TokenPair{}, errtrace.Wrap(errors.WrapCause(ErrCannotCreateAccessToken, err))
+		return TokenPair{}, errtrace.Wrap(errors.WithCause(ErrCannotCreateAccessToken, err))
 	}
 
 	refreshTokenStr, err := a.randomString(32)
 	if err != nil {
-		return TokenPair{}, errtrace.Wrap(errors.WrapCause(ErrCannotCreateRefreshToken, err))
+		return TokenPair{}, errtrace.Wrap(errors.WithCause(ErrCannotCreateRefreshToken, err))
 	}
 
 	identity, err := a.identityRepository.GetById(ctx, identityID)

auth/storage/credential_repository.go

@@ -40,7 +40,7 @@ func (r *DefaultCredentialRepository) Create(
 	)
 
 	if err != nil {
-		return repository.Credential{}, errtrace.Wrap(errors.WrapCause(repository.ErrCannotCreateCredential, err))
+		return repository.Credential{}, errtrace.Wrap(errors.WithCause(repository.ErrCannotCreateCredential, err))
 	}
 
 	return r.transform(cred), nil

auth/storage/identity_repository.go

@@ -51,7 +51,7 @@ func (r *DefaultIdentityRepository) Create(
 	)
 
 	if err != nil {
-		return repository.Identity{}, errtrace.Wrap(errors.WrapCause(repository.ErrCannotCreateIdentity, err))
+		return repository.Identity{}, errtrace.Wrap(errors.WithCause(repository.ErrCannotCreateIdentity, err))
 	}
 
 	return r.Transform(storedIdentity), nil

auth/storage/token_repository.go

@@ -45,7 +45,7 @@ func (r *DefaultTokenRepository) CreateAccessToken(
 	}
 	dataJson, err := json.Marshal(data)
 	if err != nil {
-		return repository.AccessToken{}, errtrace.Wrap(errors.WrapCause(repository.ErrCannotCreateAccessToken, err))
+		return repository.AccessToken{}, errtrace.Wrap(errors.WithCause(repository.ErrCannotCreateAccessToken, err))
 	}
 
 	storedAccessToken, err := r.queries.CreateAccessToken(
@@ -82,7 +82,7 @@ func (r *DefaultTokenRepository) CreateRefreshToken(
 		},
 	)
 	if err != nil {
-		return repository.RefreshToken{}, errtrace.Wrap(errors.WrapCause(repository.ErrCannotCreateRefreshToken, err))
+		return repository.RefreshToken{}, errtrace.Wrap(errors.WithCause(repository.ErrCannotCreateRefreshToken, err))
 	}
 	return r.transformRefreshToken(storedRefreshToken), nil
 }

docs/_sidebar.md

@@ -5,4 +5,6 @@
 - [Deployment](deployment.md)
 
 - [Testing](testing.md)
+
+- [Error Handling](error_handling.md)