SpringZ is a Spring Boot e-commerce backend demonstrating core concepts: users (customers/providers), categories/subcategories, products, and orders.
It provides:
- Server-rendered CRUD pages (Thymeleaf)
- A JSON REST API under
/api/**protected with JWT (for Postman)
- Domain models:
src/main/java/com/Shadows/SpringZ/model - Repositories:
src/main/java/com/Shadows/SpringZ/repository - Services and controllers:
src/main/java/com/Shadows/SpringZ/serviceand.../controller - Thymeleaf templates:
src/main/resources/templates - JSON API controllers:
src/main/java/com/Shadows/SpringZ/api - Security (JWT):
src/main/java/com/Shadows/SpringZ/security - Postman collection:
postman/SpringZ_API.postman_collection.json
- Java: 17
- Spring Boot: 3.5.6 (see
pom.xml) - Build: Maven (wrapper included)
- Java 17+
- MySQL (runtime) — configure credentials in
src/main/resources/application.properties - No MySQL required for tests (tests use an in-memory H2 database)
Edit src/main/resources/application.properties and set your datasource.
Default (current) configuration uses MySQL and creates the database if needed:
spring.datasource.url=jdbc:mysql://localhost:3306/SpringZ?createDatabaseIfNotExist=true&useSSl=false&serverTimezone=UTC
spring.datasource.username=root
spring.datasource.password=
spring.jpa.hibernate.ddl-auto=update
server.port=8080JWT configuration (used by /api/auth/** and /api/**):
springz.app.jwtSecret=ChangeMeToAStrongSecretKeyAtLeast64BytesLong_0123456789_0123456789
springz.app.jwtExpirationMs=3600000Example alternative configuration:
spring.datasource.url=jdbc:mysql://localhost:3306/springz
spring.datasource.username=your_db_user
spring.datasource.password=your_db_password
spring.jpa.hibernate.ddl-auto=updateFrom the project root you can run using the Maven wrapper:
./mvnw.cmd spring-boot:runOr build and run the jar:
./mvnw.cmd -DskipTests package
java -jar target\SpringZ-0.0.1-SNAPSHOT.jarThe application listens on port 8080 by default (http://localhost:8080) unless overridden in application.properties.
The app includes CRUD pages for Products, Categories, Subcategories, Providers, Customers, Users, and Orders.
Home:
- GET
/(or/home) — navigation page
Examples:
- Products: GET
/all, GET/addProduct, POST/save, GET/edit/{id}, GET/delete/{id} - Categories: GET
/allCategories, GET/addCategory, POST/saveCategory - Orders: GET
/allOrders, GET/addOrders, POST/saveOrders
Pages are in src/main/resources/templates.
Note: These MVC endpoints return HTML (and POST endpoints often return a redirect).
The JSON API is under /api/** and is protected with JWT.
- POST
/api/auth/signup
Example body:
{
"name": "API User",
"email": "api.user@example.com",
"password": "secret"
}- POST
/api/auth/signin
Example body:
{
"email": "api.user@example.com",
"password": "secret"
}The response contains a token. Use it in requests:
Authorization: Bearer <token>
Examples:
- GET
/api/products - POST
/api/products - GET
/api/orders - POST
/api/orders
If you call a protected endpoint without a token, you get 401 JSON.
Import the collection:
postman/SpringZ_API.postman_collection.json
Recommended run order:
- Auth → Signup
- Auth → Signin (saves
tokeninto collection variables) - Use the other requests (they send
Authorization: Bearer {{token}})
Run tests with:
./mvnw.cmd testTests use src/test/resources/application.properties (H2 in-memory DB), so they do not depend on MySQL.
- If
./mvnw.cmd spring-boot:runfails, it is usually a database connection issue. Checksrc/main/resources/application.propertiesand ensure MySQL is running and credentials are correct. - To change the port, set
server.portinapplication.properties. - If you get Lombok-related warnings in your IDE, enable annotation processing or install the Lombok plugin.
/api/**is stateless and uses JWT.- MVC pages are currently permitted without login.
- CSRF is disabled to avoid breaking existing Thymeleaf form posts.
Contributions are welcome. Open an issue or submit a pull request and include steps to reproduce any bug.
See the LICENSE file in the repository for license details.