Satlykovs · men229 · Mar 4, 2026 · Mar 4, 2026 · Mar 10, 2026 · Mar 10, 2026
diff --git a/backend/smartjam-api/build.gradle b/backend/smartjam-api/build.gradle
@@ -1,15 +1,23 @@
 dependencies {
     implementation 'org.springframework.boot:spring-boot-starter-web'
+    implementation "org.springframework.boot:spring-boot-starter-validation"
+    implementation 'org.springframework.boot:spring-boot-starter-security'
+
+    implementation 'io.jsonwebtoken:jjwt-api:0.13.0'
+    runtimeOnly 'io.jsonwebtoken:jjwt-impl:0.13.0'
+    runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.13.0'
+
+    implementation 'org.mapstruct:mapstruct:1.5.5.Final'
+    annotationProcessor 'org.mapstruct:mapstruct-processor:1.5.5.Final'
 
     implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
-    runtimeOnly 'org.postgresql:postgresql'
+
+    runtimeOnly('org.postgresql:postgresql')
 
     implementation 'org.springframework.boot:spring-boot-starter-kafka'
     testImplementation 'org.springframework.kafka:spring-kafka-test'
 
-
     implementation 'org.springdoc:springdoc-openapi-starter-webmvc-ui:3.0.2'
 
-
-    implementation project(':smartjam-common')
+    implementation("software.amazon.awssdk:s3:2.29.22")
 }
diff --git a/backend/smartjam-api/src/main/java/com/smartjam/smartjamapi/config/ApplicationConfig.java b/backend/smartjam-api/src/main/java/com/smartjam/smartjamapi/config/ApplicationConfig.java
@@ -0,0 +1,25 @@
+package com.smartjam.smartjamapi.config;
+
+import lombok.RequiredArgsConstructor;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@Configuration
+@RequiredArgsConstructor
+public class ApplicationConfig {
+
+    private final CustomUserDetailsService customUserDetailsService;
+
+    @Bean
+    public UserDetailsService userDetailsService() {
+        return customUserDetailsService::loadUserByUsername;
+    }
+
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+}
diff --git a/.../smartjam-api/src/main/java/com/smartjam/smartjamapi/config/CustomUserDetailsService.java b/.../smartjam-api/src/main/java/com/smartjam/smartjamapi/config/CustomUserDetailsService.java
@@ -0,0 +1,27 @@
+package com.smartjam.smartjamapi.config;
+
+import jakarta.validation.constraints.NotBlank;
+
+import com.smartjam.smartjamapi.entity.UserEntity;
+import com.smartjam.smartjamapi.repository.UserRepository;
+import com.smartjam.smartjamapi.security.UserDetailsImpl;
+import lombok.RequiredArgsConstructor;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.stereotype.Service;
+
+@Service
+@RequiredArgsConstructor
+public class CustomUserDetailsService implements UserDetailsService {
+
+    private final UserRepository userRepository;
+
+    @Override
+    public UserDetailsImpl loadUserByUsername(@NotBlank String email) throws UsernameNotFoundException {
+        UserEntity user = userRepository
+                .findByEmail(email)
+                .orElseThrow(() -> new UsernameNotFoundException("Invalid credentials"));
+
+        return UserDetailsImpl.build(user);
+    }
+}
diff --git a/backend/smartjam-api/src/main/java/com/smartjam/smartjamapi/config/SecurityConfig.java b/backend/smartjam-api/src/main/java/com/smartjam/smartjamapi/config/SecurityConfig.java
@@ -0,0 +1,35 @@
+package com.smartjam.smartjamapi.config;
+
+import com.smartjam.smartjamapi.security.JwtAuthenticationFilter;
+import lombok.RequiredArgsConstructor;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+
+@Configuration
+@EnableWebSecurity
+@EnableMethodSecurity
+@RequiredArgsConstructor
+public class SecurityConfig {
+
+    private final JwtAuthenticationFilter jwtAuthFilter;
+
+    @Bean
+    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+        http.csrf(AbstractHttpConfigurer::disable)
+                .authorizeHttpRequests(auth -> auth.requestMatchers("/api/auth/**")
+                        .permitAll()
+                        .anyRequest()
+                        .authenticated())
+                .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
+                .addFilterBefore(jwtAuthFilter, UsernamePasswordAuthenticationFilter.class);
+
+        return http.build();
+    }
+}
diff --git a/backend/smartjam-api/src/main/java/com/smartjam/smartjamapi/controller/AuthController.java b/backend/smartjam-api/src/main/java/com/smartjam/smartjamapi/controller/AuthController.java
@@ -0,0 +1,40 @@
+package com.smartjam.smartjamapi.controller;
+
+import jakarta.validation.Valid;
+
+import com.smartjam.smartjamapi.dto.AuthResponse;
+import com.smartjam.smartjamapi.dto.LoginRequest;
+import com.smartjam.smartjamapi.dto.RefreshTokenRequest;
+import com.smartjam.smartjamapi.dto.RegisterRequest;
+import com.smartjam.smartjamapi.service.AuthService;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.*;
+
+@RestController
+@Slf4j
+@RequestMapping("/api/auth")
+@RequiredArgsConstructor
+public class AuthController {
+
+    private final AuthService authService;
+
+    @PostMapping("/login")
+    public ResponseEntity<AuthResponse> login(@RequestBody @Valid LoginRequest request) {
+        log.info("Calling login");
+        return ResponseEntity.ok(authService.login(request));
+    }
+
+    @PostMapping("/register")
+    public ResponseEntity<AuthResponse> register(@RequestBody @Valid RegisterRequest request) {
+        log.info("Calling register");
+        return ResponseEntity.status(201).body(authService.register(request));
+    }
+
+    @PostMapping("/refresh")
+    public ResponseEntity<AuthResponse> getNewTokens(@RequestBody @Valid RefreshTokenRequest refreshTokenRequest) {
+        log.info("Calling getNewToken");
+        return ResponseEntity.ok(authService.getNewTokens(refreshTokenRequest));
+    }
+}
diff --git a/backend/smartjam-api/src/main/java/com/smartjam/smartjamapi/controller/MainController.java b/backend/smartjam-api/src/main/java/com/smartjam/smartjamapi/controller/MainController.java
@@ -0,0 +1,28 @@
+package com.smartjam.smartjamapi.controller;
+
+import java.security.Principal;
+
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+@RequestMapping("/secured")
+@Slf4j
+public class MainController {
+
+    @GetMapping("/user")
+    public String userAccess(Principal principal) {
+        log.info(principal.getName());
+
+        log.info("userAccess called for: {}", principal.getName());
+        return principal.getName();
+    }
+
+    @GetMapping("/hello")
+    //    @PreAuthorize()
-    //    @PreAuthorize()
-    //    @PreAuthorize()
+    public String hello() {
+        return "You are auth";
-        return "You are auth";
+        return "You are authenticated";
-        return "You are auth";
+        return "You are authenticated";
+    }
+}
diff --git a/backend/smartjam-api/src/main/java/com/smartjam/smartjamapi/controller/UploadController.java b/backend/smartjam-api/src/main/java/com/smartjam/smartjamapi/controller/UploadController.java
@@ -0,0 +1,24 @@
+package com.smartjam.smartjamapi.controller;
+
+import jakarta.validation.Valid;
+
+import com.smartjam.smartjamapi.dto.UploadRequest;
+import com.smartjam.smartjamapi.dto.UploadUrlResponse;
+import com.smartjam.smartjamapi.service.UploadService;
+import lombok.AllArgsConstructor;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+@AllArgsConstructor
+public class UploadController {
+
+    private final UploadService uploadService;
+
+    @PostMapping("/upload-url")
+    public ResponseEntity<UploadUrlResponse> getUploadUrl(@RequestBody @Valid UploadRequest request) {
+        return ResponseEntity.ok(uploadService.generateUploadUrl(request.fileName()));
+    }
+}
diff --git a/backend/smartjam-api/src/main/java/com/smartjam/smartjamapi/dto/AuthResponse.java b/backend/smartjam-api/src/main/java/com/smartjam/smartjamapi/dto/AuthResponse.java
@@ -0,0 +1,7 @@
+package com.smartjam.smartjamapi.dto;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+
+public record AuthResponse(
+        @JsonProperty("refresh_token") String refreshToken,
+        @JsonProperty("access_token") String accessToken) {}
diff --git a/backend/smartjam-api/src/main/java/com/smartjam/smartjamapi/dto/ErrorResponseDto.java b/backend/smartjam-api/src/main/java/com/smartjam/smartjamapi/dto/ErrorResponseDto.java
@@ -0,0 +1,9 @@
+package com.smartjam.smartjamapi.dto;
+
+import java.time.LocalDateTime;
+
+import com.smartjam.smartjamapi.enums.ErrorCode;
+import lombok.Builder;
+
+@Builder
+public record ErrorResponseDto(ErrorCode code, String message, LocalDateTime errorTime) {}
diff --git a/backend/smartjam-api/src/main/java/com/smartjam/smartjamapi/dto/LoginRequest.java b/backend/smartjam-api/src/main/java/com/smartjam/smartjamapi/dto/LoginRequest.java
@@ -0,0 +1,3 @@
+package com.smartjam.smartjamapi.dto;
+
+public record LoginRequest(String email, String password) {}
diff --git a/backend/smartjam-api/src/main/java/com/smartjam/smartjamapi/dto/RefreshTokenRequest.java b/backend/smartjam-api/src/main/java/com/smartjam/smartjamapi/dto/RefreshTokenRequest.java
@@ -0,0 +1,8 @@
+package com.smartjam.smartjamapi.dto;
+
+import jakarta.validation.constraints.NotBlank;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+
+public record RefreshTokenRequest(
+        @NotBlank @JsonProperty("refresh_token") String refreshToken) {}
diff --git a/backend/smartjam-api/src/main/java/com/smartjam/smartjamapi/dto/RegisterRequest.java b/backend/smartjam-api/src/main/java/com/smartjam/smartjamapi/dto/RegisterRequest.java
@@ -0,0 +1,3 @@
+package com.smartjam.smartjamapi.dto;
+
+public record RegisterRequest(String email, String nickname, String password) {}
diff --git a/backend/smartjam-api/src/main/java/com/smartjam/smartjamapi/dto/UploadRequest.java b/backend/smartjam-api/src/main/java/com/smartjam/smartjamapi/dto/UploadRequest.java
@@ -0,0 +1,5 @@
+package com.smartjam.smartjamapi.dto;
+
+import jakarta.validation.constraints.NotBlank;
+
+public record UploadRequest(@NotBlank String fileName) {}
diff --git a/backend/smartjam-api/src/main/java/com/smartjam/smartjamapi/dto/UploadUrlResponse.java b/backend/smartjam-api/src/main/java/com/smartjam/smartjamapi/dto/UploadUrlResponse.java
@@ -0,0 +1,3 @@
+package com.smartjam.smartjamapi.dto;
+
+public record UploadUrlResponse(String uploadUrl) {}
diff --git a/backend/smartjam-api/src/main/java/com/smartjam/smartjamapi/entity/RefreshTokenEntity.java b/backend/smartjam-api/src/main/java/com/smartjam/smartjamapi/entity/RefreshTokenEntity.java
@@ -0,0 +1,33 @@
+package com.smartjam.smartjamapi.entity;
+
+import java.time.Instant;
+import java.util.UUID;
+
+import jakarta.persistence.*;
+
+import com.smartjam.smartjamapi.enums.StatusRefreshToken;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Entity
+@Table(name = "refresh_tokens")
+@Data
+@NoArgsConstructor
+public class RefreshTokenEntity {
+    @Id
+    @GeneratedValue(strategy = GenerationType.UUID)
+    private UUID id;
+
+    @Column(nullable = false, unique = true)
+    private String tokenHash;
+
+    @ManyToOne(fetch = FetchType.LAZY)
+    @JoinColumn(name = "user_id", nullable = false)
+    private UserEntity user;
+
+    @Column(nullable = false, name = "expires_at")
+    private Instant expiresAt;
+
+    @Column(nullable = false)
+    private StatusRefreshToken status;
+}
diff --git a/backend/smartjam-api/src/main/java/com/smartjam/smartjamapi/entity/UserEntity.java b/backend/smartjam-api/src/main/java/com/smartjam/smartjamapi/entity/UserEntity.java
@@ -0,0 +1,70 @@
+package com.smartjam.smartjamapi.entity;
+
+import java.time.Instant;
+import java.util.UUID;
+
+import jakarta.persistence.*;
+
+import com.smartjam.smartjamapi.enums.Role;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+import org.hibernate.annotations.CreationTimestamp;
+import org.hibernate.annotations.UpdateTimestamp;
+
+@Setter
+@Getter
+@NoArgsConstructor
+@AllArgsConstructor
+@Table(name = "users")
+@Entity
+public class UserEntity {
+
+    @Id
+    @GeneratedValue(strategy = GenerationType.UUID)
+    private UUID id;
+
+    @Column(nullable = false)
+    private String nickname;
+
+    @Column(nullable = false, unique = true)
+    private String email;
+
+    @Column(name = "password_hash", nullable = false)
+    private String passwordHash;
+
+    @Column(name = "first_name")
+    private String firstName;
+
+    @Column(name = "last_name")
+    private String lastName;
+
+    @Column(name = "avatar_url")
+    private String avatarUrl;
+
+    @Enumerated(EnumType.STRING)
+    @Column(nullable = false)
+    private Role role = Role.STUDENT;
+
+    @Column(name = "fcm_token")
+    private String fcmToken;
+
+    @CreationTimestamp
+    @Column(name = "created_at", nullable = false, updatable = false)
+    private Instant createdAt;
+
+    @UpdateTimestamp
+    @Column(name = "updated_at", nullable = false)
+    private Instant updatedAt;
+
+    //    @Override
+    //    public @NonNull Collection<? extends GrantedAuthority> getAuthorities() {
+    //        return List.of(new SimpleGrantedAuthority("ROLE_" + role.name()));
+    //    }
+    //
+    //    @Override
+    //    public @NonNull String getPassword() {
+    //        return passwordHash;
+    //    }
+}
-    //    @Override
-    //    public @NonNull Collection<? extends GrantedAuthority> getAuthorities() {
-    //        return List.of(new SimpleGrantedAuthority("ROLE_" + role.name()));
-    //    }
-    //
-    //    @Override
-    //    public @NonNull String getPassword() {
-    //        return passwordHash;
-    //    }
-}
+    `@Column`(name = "fcm_token")
+    private String fcmToken;
+}
-    //    @Override
-    //    public @NonNull Collection<? extends GrantedAuthority> getAuthorities() {
-    //        return List.of(new SimpleGrantedAuthority("ROLE_" + role.name()));
-    //    }
-    //
-    //    @Override
-    //    public @NonNull String getPassword() {
-    //        return passwordHash;
-    //    }
-}
+    `@Column`(name = "fcm_token")
+    private String fcmToken;
+}
diff --git a/backend/smartjam-api/src/main/java/com/smartjam/smartjamapi/enums/AvailabilityStatus.java b/backend/smartjam-api/src/main/java/com/smartjam/smartjamapi/enums/AvailabilityStatus.java
@@ -0,0 +1,8 @@
+package com.smartjam.smartjamapi.enums;
+
+public enum AvailabilityStatus {
+    AVAILABLE,
+    UNAVAILABLE,
+    PENDING,
+    BANNED
+}
diff --git a/backend/smartjam-api/src/main/java/com/smartjam/smartjamapi/enums/ErrorCode.java b/backend/smartjam-api/src/main/java/com/smartjam/smartjamapi/enums/ErrorCode.java
@@ -0,0 +1,9 @@
+package com.smartjam.smartjamapi.enums;
+
+public enum ErrorCode {
+    INTERNAL_SERVER_ERROR,
+    NOT_FOUND,
+    BAD_REQUEST,
+    UNAUTHORIZED,
+    RESOURCE_NOT_FOUND
+}
diff --git a/backend/smartjam-api/src/main/java/com/smartjam/smartjamapi/enums/Role.java b/backend/smartjam-api/src/main/java/com/smartjam/smartjamapi/enums/Role.java
@@ -0,0 +1,6 @@
+package com.smartjam.smartjamapi.enums;
+
+public enum Role {
+    STUDENT,
+    TEACHER
+}
diff --git a/backend/smartjam-api/src/main/java/com/smartjam/smartjamapi/enums/StatusRefreshToken.java b/backend/smartjam-api/src/main/java/com/smartjam/smartjamapi/enums/StatusRefreshToken.java
@@ -0,0 +1,7 @@
+package com.smartjam.smartjamapi.enums;
+
+public enum StatusRefreshToken {
+    ACTIVE,
+    USED,
+    REVOKED
+}
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,3 @@
		package com.smartjam.smartjamapi.dto;

		public record LoginRequest(String email, String password) {}
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,3 @@
		package com.smartjam.smartjamapi.dto;

		public record RegisterRequest(String email, String nickname, String password) {}
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,3 @@
		package com.smartjam.smartjamapi.dto;

		public record UploadUrlResponse(String uploadUrl) {}