Merge pull request #1 from adam-szalanski/todo-lists-functionality

Todo lists basic functionality

Author: adam-szalanski

backend/pom.xml

@@ -42,10 +42,6 @@
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-web</artifactId>
 		</dependency>
-		<dependency>
-			<groupId>org.springframework.boot</groupId>
-			<artifactId>spring-boot-starter-webflux</artifactId>
-		</dependency>
 		<dependency>
 			<groupId>org.liquibase</groupId>
 			<artifactId>liquibase-core</artifactId>
@@ -126,9 +122,6 @@
 				<configuration>
 					<source>17</source>
 					<target>17</target>
-					<compilerArgs>
-						<compilerArg>-Amapstruct.defaultComponentModel=spring</compilerArg>
-					</compilerArgs>
 					<annotationProcessorPaths>
 						<path>
 							<groupId>org.projectlombok</groupId>

backend/src/main/java/org/todolist/backend/exceptions/CustomExceptionHandler.java

@@ -8,6 +8,9 @@
 import org.springframework.web.bind.annotation.ControllerAdvice;
 import org.springframework.web.bind.annotation.ExceptionHandler;
 import org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler;
+import org.todolist.backend.exceptions.custom.UserNotLoggedInException;
+
+import java.nio.file.AccessDeniedException;
 
 @ControllerAdvice
 public class CustomExceptionHandler extends ResponseEntityExceptionHandler {
@@ -16,15 +19,25 @@ public class CustomExceptionHandler extends ResponseEntityExceptionHandler {
     private String USER_ALREADY_EXISTS;
     @Value("${application.security.user-not-found-message}")
     private String USER_NOT_FOUND;
+    @Value("${application.security.user-not-logged-in-message}")
+    private String USER_NOT_LOGGED_IN;
     @Value("${application.security.entity-not-found-message}")
     private String ENTITY_NOT_FOUND;
+    @Value("${application.security.access-denied-message}")
+    private String ACCESS_DENIED;
 
     @ExceptionHandler(IllegalArgumentException.class)
     protected ResponseEntity<ErrorDetails> handleUserAlreadyExists() {
         ErrorDetails errorDetails = new ErrorDetails(HttpStatus.BAD_REQUEST.value(), USER_ALREADY_EXISTS);
         return ResponseEntity.status(HttpStatus.BAD_REQUEST.value()).body(errorDetails);
     }
 
+    @ExceptionHandler(UserNotLoggedInException.class)
+    protected ResponseEntity<ErrorDetails> handleUserNotLoggedIn() {
+        ErrorDetails errorDetails = new ErrorDetails(HttpStatus.BAD_REQUEST.value(), USER_NOT_LOGGED_IN);
+        return ResponseEntity.status(HttpStatus.BAD_REQUEST.value()).body(errorDetails);
+    }
+
     @ExceptionHandler(UsernameNotFoundException.class)
     protected ResponseEntity<ErrorDetails> handleUserNotFound() {
         ErrorDetails errorDetails = new ErrorDetails(HttpStatus.NOT_FOUND.value(), USER_NOT_FOUND);
@@ -36,4 +49,10 @@ protected ResponseEntity<ErrorDetails> handleEntityNotFound() {
         ErrorDetails errorDetails = new ErrorDetails(HttpStatus.NOT_FOUND.value(), ENTITY_NOT_FOUND);
         return ResponseEntity.status(HttpStatus.NOT_FOUND.value()).body(errorDetails);
     }
+
+    @ExceptionHandler(AccessDeniedException.class)
+    protected ResponseEntity<ErrorDetails> handleAccessDenied() {
+        ErrorDetails errorDetails = new ErrorDetails(HttpStatus.UNAUTHORIZED.value(), ACCESS_DENIED);
+        return ResponseEntity.status(HttpStatus.UNAUTHORIZED.value()).body(errorDetails);
+    }
 }

backend/src/main/java/org/todolist/backend/exceptions/custom/UserNotLoggedInException.java

@@ -0,0 +1,11 @@
+package org.todolist.backend.exceptions.custom;
+
+import org.springframework.http.HttpStatus;
+import org.springframework.web.bind.annotation.ResponseStatus;
+
+@ResponseStatus(HttpStatus.BAD_REQUEST)
+public class UserNotLoggedInException extends RuntimeException {
+    public UserNotLoggedInException(String message) {
+        super(message);
+    }
+}

backend/src/main/java/org/todolist/backend/security/auth/AuthenticationController.java

@@ -1,14 +1,14 @@
 package org.todolist.backend.security.auth;
 
 import lombok.RequiredArgsConstructor;
+import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 import org.todolist.backend.security.auth.dto.request.AuthenticationRequest;
 import org.todolist.backend.security.auth.dto.request.RegistrationRequest;
 import org.todolist.backend.security.auth.dto.response.AuthenticationResponse;
-import reactor.core.publisher.Mono;
 
 @RestController
 @RequestMapping("/auth")
@@ -17,12 +17,12 @@ public class AuthenticationController {
     private final AuthenticationService authenticationService;
 
     @PostMapping("/register")
-    public Mono<AuthenticationResponse> register(@RequestBody RegistrationRequest registrationRequest) {
-        return Mono.just(authenticationService.register(registrationRequest));
+    public ResponseEntity<AuthenticationResponse> register(@RequestBody RegistrationRequest registrationRequest) {
+        return ResponseEntity.ok(authenticationService.register(registrationRequest));
     }
 
     @PostMapping("/authenticate")
-    public Mono<AuthenticationResponse> register(@RequestBody AuthenticationRequest authenticationRequest) {
-        return Mono.just(authenticationService.authenticate(authenticationRequest));
+    public ResponseEntity<AuthenticationResponse> authenticate(@RequestBody AuthenticationRequest authenticationRequest) {
+        return ResponseEntity.ok(authenticationService.authenticate(authenticationRequest));
     }
 }

backend/src/main/java/org/todolist/backend/security/config/OpenApiConfig.java

@@ -0,0 +1,38 @@
+package org.todolist.backend.security.config;
+
+import io.swagger.v3.oas.annotations.OpenAPIDefinition;
+import io.swagger.v3.oas.annotations.enums.SecuritySchemeIn;
+import io.swagger.v3.oas.annotations.enums.SecuritySchemeType;
+import io.swagger.v3.oas.annotations.info.Info;
+import io.swagger.v3.oas.annotations.security.SecurityRequirement;
+import io.swagger.v3.oas.annotations.security.SecurityScheme;
+import io.swagger.v3.oas.annotations.servers.Server;
+
+@OpenAPIDefinition(
+        info = @Info(
+                description = "OpenApi documentation for Todo lists Backend",
+                title = "OpenApi specification - Adam Szalanski",
+                version = "1.0"
+        ),
+        servers = {
+                @Server(
+                        description = "Todo lists Backend",
+                        url = "http://localhost:8088"
+                )
+        },
+        security = {
+                @SecurityRequirement(
+                        name = "bearerAuth"
+                )
+        }
+)
+@SecurityScheme(
+        name = "bearerAuth",
+        description = "JWT auth description",
+        scheme = "bearer",
+        type = SecuritySchemeType.HTTP,
+        bearerFormat = "JWT",
+        in = SecuritySchemeIn.HEADER
+)
+public class OpenApiConfig {
+}

backend/src/main/java/org/todolist/backend/security/config/SecurityConfiguration.java

@@ -26,10 +26,11 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
                 .csrf(AbstractHttpConfigurer::disable)
                 .authorizeHttpRequests(
                         authorizationManagerRequestMatcherRegistry -> authorizationManagerRequestMatcherRegistry
-                                .requestMatchers("/auth/**")
+                                .requestMatchers("/auth/**", "/v3/api-docs/**", "/swagger-ui/**", "/swagger", "/actuator/**")
                                 .permitAll()
                                 .anyRequest()
-                                .authenticated())
+                                .authenticated()
+                )
                 .sessionManagement(httpSecuritySessionManagementConfigurer -> httpSecuritySessionManagementConfigurer.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
                 .authenticationProvider(authenticationProvider)
                 .addFilterBefore(jwtAuthFilter, UsernamePasswordAuthenticationFilter.class);

backend/src/main/java/org/todolist/backend/security/mapper/UserMapper.java

@@ -12,9 +12,10 @@ public abstract class UserMapper {
     @Mapping(target = "lastName", source = "lastName")
     @Mapping(target = "email", source = "email")
     @Mapping(target = "isActive", constant = "false")
-    @Mapping(target = "id", ignore = true)
+    @Mapping(target = "userId", ignore = true)
     @Mapping(target = "password", ignore = true)
     @Mapping(target = "role", constant = "ROLE_USER")
+    @Mapping(target = "todoList", expression = "java(new java.util.ArrayList<>())")
     public abstract User fromRequest(RegistrationRequest registrationRequest);
 
 }

backend/src/main/java/org/todolist/backend/security/user/User.java

@@ -20,6 +20,7 @@
 @Setter
 @NoArgsConstructor
 @AllArgsConstructor
+
 public class User implements UserDetails {
     @Id
     @GeneratedValue(strategy = GenerationType.SEQUENCE, generator = "user_generator")
@@ -29,8 +30,8 @@ public class User implements UserDetails {
             sequenceName = "public.user_id_seq",
             allocationSize = 1
     )
-    @Column(name = "id")
-    private Long id;
+    @Column(name = "user_id")
+    private Long userId;
     @Column(name = "first_name")
     private String firstName;
     @Column(name = "last_name")
@@ -45,7 +46,7 @@ public class User implements UserDetails {
     @Enumerated(EnumType.STRING)
     private Role role;
 
-    @OneToMany(mappedBy = "user", cascade = CascadeType.ALL, fetch = FetchType.EAGER)
+    @OneToMany(mappedBy = "user", fetch = FetchType.LAZY)
     private List<TodoListEntity> todoList;
 
     @Override
@@ -55,7 +56,6 @@ public Collection<? extends GrantedAuthority> getAuthorities() {
 
 
     @Override
-
     public String getUsername() {
         return email;
     }

backend/src/main/java/org/todolist/backend/security/util/CurrentUserUtility.java

@@ -0,0 +1,28 @@
+package org.todolist.backend.security.util;
+
+import lombok.RequiredArgsConstructor;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.stereotype.Component;
+import org.todolist.backend.exceptions.custom.UserNotLoggedInException;
+import org.todolist.backend.security.user.User;
+import org.todolist.backend.security.user.UserRepository;
+
+@Component
+@RequiredArgsConstructor
+public class CurrentUserUtility {
+    private final UserRepository userRepository;
+    @Value("${application.security.user-not-logged-in-message}")
+    private String NOT_LOGGED_IN_MESSAGE;
+    @Value("${application.security.user-not-found-message}")
+    private String USER_NOT_FOUND_MESSAGE;
+
+    public User getCurrentUser() {
+        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+        if (authentication == null)
+            throw new UserNotLoggedInException(NOT_LOGGED_IN_MESSAGE);
+        return userRepository.findByEmail(authentication.getName()).orElseThrow(() -> new UsernameNotFoundException(USER_NOT_FOUND_MESSAGE));
+    }
+}

backend/src/main/java/org/todolist/backend/todolists/TodoListController.java

@@ -0,0 +1,44 @@
+package org.todolist.backend.todolists;
+
+import lombok.RequiredArgsConstructor;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.*;
+import org.todolist.backend.todolists.dto.request.TodoRequest;
+import org.todolist.backend.todolists.dto.response.TodoResponse;
+
+import java.nio.file.AccessDeniedException;
+import java.util.List;
+
+@RestController
+@RequestMapping("/todo")
+@RequiredArgsConstructor
+public class TodoListController {
+    private final TodoListService todoListService;
+
+    @GetMapping
+    public ResponseEntity<List<TodoResponse>> getAllTodo() {
+        return ResponseEntity.ok(todoListService.getAll());
+    }
+
+    @GetMapping("/{id}")
+    public ResponseEntity<TodoResponse> getOneTodo(@PathVariable("id") Long id) throws AccessDeniedException {
+        return ResponseEntity.ok(todoListService.getOne(id));
+    }
+
+    @PostMapping
+    public ResponseEntity<TodoResponse> createTodo(@RequestBody TodoRequest todoRequest) {
+        return ResponseEntity.ok(todoListService.create(todoRequest));
+    }
+
+    @PutMapping("/{id}")
+    public ResponseEntity<TodoResponse> updateTodo(@PathVariable("id") Long id, @RequestBody TodoRequest todoRequest) throws AccessDeniedException {
+        return ResponseEntity.ok(todoListService.update(id, todoRequest));
+    }
+
+    @DeleteMapping("/{id}")
+    public ResponseEntity<TodoResponse> deleteTodo(@PathVariable("id") Long id) {
+        todoListService.delete(id);
+        return ResponseEntity.noContent().build();
+    }
+
+}