WeerasingheMSC · LakshanRajapaksha01 · Nov 7, 2025
diff --git a/.env b/.env
@@ -2,3 +2,6 @@ NEXT_PUBLIC_API_URL=http://localhost:8080
 NEXT_PUBLIC_CLOUDINARY_CLOUD_NAME=dpapypflg
 NEXT_PUBLIC_CLOUDINARY_UPLOAD_PRESET=asms_services
 CLOUDINARY_URL=cloudinary://843382678231474:uu7V3kK3MqJY8P2FnDcM4s6cz5E@dpapypflg
+
+# Chatbot API Configuration
+NEXT_PUBLIC_CHATBOT_API=http://localhost:8080/api/chatbot
diff --git a/.env.local.example b/.env.local.example
@@ -0,0 +1,5 @@
+# Chatbot Configuration
+NEXT_PUBLIC_CHATBOT_API=http://localhost:8080/api/chat
+NEXT_PUBLIC_CHATBOT_WS=ws://localhost:8080/ws/chat
+
+# Add other environment variables below
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1 @@
+config.bat
diff --git a/AuthController.java b/AuthController.java
@@ -0,0 +1,321 @@
+/*
+ * Spring Boot Authentication Controller
+ * 
+ * This controller handles user login/authentication
+ * Place this in your Spring Boot project
+ * 
+ * Package: com.yourpackage.controller (or your package structure)
+ * File: AuthController.java
+ */
+
+package com.yourpackage.controller;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.*;
+
+import java.util.HashMap;
+import java.util.Map;
+
+@RestController
+@RequestMapping("/api/auth")
+@CrossOrigin(origins = {"http://localhost:3000", "http://localhost:3001"})
+public class AuthController {
+
+    // If you have a UserService, inject it here
+    // @Autowired
+    // private UserService userService;
+
+    @PostMapping("/login")
+    public ResponseEntity<?> login(@RequestBody LoginRequest loginRequest) {
+
+        String username = loginRequest.getUsername();
+        String password = loginRequest.getPassword();
+
+        System.out.println("Login attempt - Username: " + username);
+
+        // TODO: Replace this with actual authentication logic
+        // This is just a mock implementation for testing
+
+        // Option 1: Mock authentication (for testing)
+        if (authenticateUser(username, password)) {
+            Map<String, Object> response = new HashMap<>();
+            response.put("id", 1);
+            response.put("username", username);
+            response.put("email", username + "@example.com");
+            response.put("role", determineUserRole(username));
+            response.put("token", "mock-jwt-token-" + System.currentTimeMillis());
+
+            return ResponseEntity.ok(response);
+        } else {
+            Map<String, String> error = new HashMap<>();
+            error.put("message", "Invalid username or password");
+            return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body(error);
+        }
+
+        // Option 2: With UserService (uncomment when you have UserService)
+        /*
+        try {
+            User user = userService.authenticate(username, password);
+            if (user != null) {
+                Map<String, Object> response = new HashMap<>();
+                response.put("id", user.getId());
+                response.put("username", user.getUsername());
+                response.put("email", user.getEmail());
+                response.put("role", user.getRole());
+                response.put("token", generateJwtToken(user));
+
+                return ResponseEntity.ok(response);
+            } else {
+                Map<String, String> error = new HashMap<>();
+                error.put("message", "Invalid username or password");
+                return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body(error);
+            }
+        } catch (Exception e) {
+            Map<String, String> error = new HashMap<>();
+            error.put("message", "Login failed: " + e.getMessage());
+            return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(error);
+        }
+        */
+    }
+
+    // Mock authentication method (replace with real authentication)
+    private boolean authenticateUser(String username, String password) {
+        // TODO: Replace with actual database authentication
+
+        // For testing purposes - accept these credentials:
+        // Admin: username="admin", password="admin123"
+        // Customer: username="customer", password="customer123"
+        // Employee: username="employee", password="employee123"
+
+        if ("admin".equals(username) && "admin123".equals(password)) {
+            return true;
+        }
+        if ("customer".equals(username) && "customer123".equals(password)) {
+            return true;
+        }
+        if ("employee".equals(username) && "employee123".equals(password)) {
+            return true;
+        }
+
+        // Add more test users or connect to database
+        return false;
+    }
+
+    // Determine user role based on username (mock implementation)
+    private String determineUserRole(String username) {
+        // TODO: Get role from database
+
+        if (username.toLowerCase().contains("admin")) {
+            return "ADMIN";
+        } else if (username.toLowerCase().contains("employee")) {
+            return "EMPLOYEE";
+        } else {
+            return "CUSTOMER";
+        }
+    }
+
+    // Request DTO
+    public static class LoginRequest {
+        private String username;
+        private String password;
+
+        // Constructors
+        public LoginRequest() {}
+
+        public LoginRequest(String username, String password) {
+            this.username = username;
+            this.password = password;
+        }
+
+        // Getters and Setters
+        public String getUsername() {
+            return username;
+        }
+
+        public void setUsername(String username) {
+            this.username = username;
+        }
+
+        public String getPassword() {
+            return password;
+        }
+
+        public void setPassword(String password) {
+            this.password = password;
+        }
+    }
+}
+
+
+/*
+ * ================================================================
+ * PRODUCTION-READY VERSION WITH DATABASE AND JWT
+ * ================================================================
+ * 
+ * If you want a more complete implementation with database 
+ * authentication and JWT tokens, use this version instead:
+ */
+
+/*
+package com.yourpackage.controller;
+
+import com.yourpackage.entity.User;
+import com.yourpackage.service.UserService;
+import com.yourpackage.security.JwtTokenProvider;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.web.bind.annotation.*;
+
+import java.util.HashMap;
+import java.util.Map;
+
+@RestController
+@RequestMapping("/api/auth")
+@CrossOrigin(origins = {"http://localhost:3000", "http://localhost:3001"})
+public class AuthController {
+
+    @Autowired
+    private AuthenticationManager authenticationManager;
+
+    @Autowired
+    private UserService userService;
+
+    @Autowired
+    private JwtTokenProvider jwtTokenProvider;
+
+    @PostMapping("/login")
+    public ResponseEntity<?> login(@RequestBody LoginRequest loginRequest) {
+        try {
+            // Authenticate user
+            Authentication authentication = authenticationManager.authenticate(
+                new UsernamePasswordAuthenticationToken(
+                    loginRequest.getUsername(),
+                    loginRequest.getPassword()
+                )
+            );
+
+            // Get user details
+            User user = userService.findByUsername(loginRequest.getUsername());
+
+            // Generate JWT token
+            String token = jwtTokenProvider.generateToken(authentication);
+
+            // Prepare response
+            Map<String, Object> response = new HashMap<>();
+            response.put("id", user.getId());
+            response.put("username", user.getUsername());
+            response.put("email", user.getEmail());
+            response.put("role", user.getRole());
+            response.put("token", token);
+
+            return ResponseEntity.ok(response);
+
+        } catch (AuthenticationException e) {
+            Map<String, String> error = new HashMap<>();
+            error.put("message", "Invalid username or password");
+            return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body(error);
+        } catch (Exception e) {
+            Map<String, String> error = new HashMap<>();
+            error.put("message", "Login failed: " + e.getMessage());
+            return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(error);
+        }
+    }
+
+    @PostMapping("/register")
+    public ResponseEntity<?> register(@RequestBody RegisterRequest registerRequest) {
+        try {
+            // Check if user already exists
+            if (userService.existsByUsername(registerRequest.getUsername())) {
+                Map<String, String> error = new HashMap<>();
+                error.put("message", "Username already exists");
+                return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(error);
+            }
+
+            if (userService.existsByEmail(registerRequest.getEmail())) {
+                Map<String, String> error = new HashMap<>();
+                error.put("message", "Email already exists");
+                return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(error);
+            }
+
+            // Create new user
+            User user = userService.createUser(registerRequest);
+
+            Map<String, Object> response = new HashMap<>();
+            response.put("message", "User registered successfully");
+            response.put("username", user.getUsername());
+
+            return ResponseEntity.status(HttpStatus.CREATED).body(response);
+
+        } catch (Exception e) {
+            Map<String, String> error = new HashMap<>();
+            error.put("message", "Registration failed: " + e.getMessage());
+            return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(error);
+        }
+    }
+
+    // DTOs
+    public static class LoginRequest {
+        private String username;
+        private String password;
+
+        // Getters and Setters
+        public String getUsername() { return username; }
+        public void setUsername(String username) { this.username = username; }
+        public String getPassword() { return password; }
+        public void setPassword(String password) { this.password = password; }
+    }
+
+    public static class RegisterRequest {
+        private String username;
+        private String email;
+        private String password;
+        private String role;
+
+        // Getters and Setters
+        public String getUsername() { return username; }
+        public void setUsername(String username) { this.username = username; }
+        public String getEmail() { return email; }
+        public void setEmail(String email) { this.email = email; }
+        public String getPassword() { return password; }
+        public void setPassword(String password) { this.password = password; }
+        public String getRole() { return role; }
+        public void setRole(String role) { this.role = role; }
+    }
+}
+*/
+
+
+/*
+ * ================================================================
+ * CORS CONFIGURATION (if @CrossOrigin doesn't work)
+ * ================================================================
+ */
+
+/*
+package com.yourpackage.config;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.config.annotation.CorsRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+@Configuration
+public class WebConfig implements WebMvcConfigurer {
+
+    @Override
+    public void addCorsMappings(CorsRegistry registry) {
+        registry.addMapping("/api/**")
+                .allowedOrigins("http://localhost:3000", "http://localhost:3001")
+                .allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS")
+                .allowedHeaders("*")
+                .allowCredentials(false)
+                .maxAge(3600);
+    }
+}
+*/