diff --git a/build.gradle b/build.gradle index 3d7f7607..b33d6708 100644 --- a/build.gradle +++ b/build.gradle @@ -1,31 +1,50 @@ plugins { - id 'java' - id 'org.springframework.boot' version '3.3.1' - id 'io.spring.dependency-management' version '1.1.5' + id 'java' + id 'org.springframework.boot' version '3.5.4' + id 'io.spring.dependency-management' version '1.1.7' } group = 'com.booleanuk' version = '0.0.1-SNAPSHOT' java { - toolchain { - languageVersion = JavaLanguageVersion.of(21) - } + toolchain { + languageVersion = JavaLanguageVersion.of(21) + } +} + +configurations { + compileOnly { + extendsFrom annotationProcessor + } } repositories { - mavenCentral() + mavenCentral() } dependencies { - implementation 'org.springframework.boot:spring-boot-starter-data-jpa' - implementation 'org.springframework.boot:spring-boot-starter-web' - developmentOnly 'org.springframework.boot:spring-boot-devtools' - runtimeOnly 'org.postgresql:postgresql' - testImplementation 'org.springframework.boot:spring-boot-starter-test' - testRuntimeOnly 'org.junit.platform:junit-platform-launcher' + implementation 'org.springframework.boot:spring-boot-starter-data-jpa' + implementation 'org.springframework.boot:spring-boot-starter-security' + implementation 'org.springframework.boot:spring-boot-starter-web' + implementation 'io.jsonwebtoken:jjwt-api:0.12.7' + implementation 'io.jsonwebtoken:jjwt-impl:0.12.7' + runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.12.7' + + compileOnly 'org.projectlombok:lombok' + developmentOnly 'org.springframework.boot:spring-boot-devtools' + runtimeOnly 'org.postgresql:postgresql' + annotationProcessor 'org.projectlombok:lombok' + testImplementation 'org.springframework.boot:spring-boot-starter-test' + testImplementation 'org.springframework.security:spring-security-test' + + implementation 'jakarta.validation:jakarta.validation-api:3.1.1' +} + +tasks.named('bootBuildImage') { + builder = 'paketobuildpacks/builder-jammy-base:latest' } tasks.named('test') { - useJUnitPlatform() + useJUnitPlatform() } \ No newline at end of file diff --git a/src/main/java/com/booleanuk/api/cinema/Main.java b/src/main/java/com/booleanuk/api/cinema/Main.java new file mode 100644 index 00000000..f4215fd7 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/Main.java @@ -0,0 +1,34 @@ +package com.booleanuk.api.cinema; + +import com.booleanuk.api.cinema.models.ERole; +import com.booleanuk.api.cinema.models.Role; +import com.booleanuk.api.cinema.repository.RoleRepository; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.CommandLineRunner; +import org.springframework.boot.SpringApplication; +import org.springframework.boot.autoconfigure.SpringBootApplication; + +@SpringBootApplication +public class Main implements CommandLineRunner { + @Autowired + private RoleRepository roleRepository; + + public static void main(String[] args){ + SpringApplication.run(Main.class, args); + } + + @Override + public void run(String... args) { + if (this.roleRepository.findByName(ERole.ROLE_CUSTOMER).isEmpty()) { + this.roleRepository.save(new Role(ERole.ROLE_CUSTOMER)); + } + + if (this.roleRepository.findByName(ERole.ROLE_ADMIN).isEmpty()) { + this.roleRepository.save(new Role(ERole.ROLE_ADMIN)); + } + + if (this.roleRepository.findByName(ERole.ROLE_TICKETMASTER).isEmpty()) { + this.roleRepository.save(new Role(ERole.ROLE_TICKETMASTER)); + } + } +} diff --git a/src/main/java/com/booleanuk/api/cinema/controllers/AuthController.java b/src/main/java/com/booleanuk/api/cinema/controllers/AuthController.java new file mode 100644 index 00000000..763083b6 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/controllers/AuthController.java @@ -0,0 +1,100 @@ +package com.booleanuk.api.cinema.controllers; + +import com.booleanuk.api.cinema.models.ERole; +import com.booleanuk.api.cinema.models.Role; +import com.booleanuk.api.cinema.models.User; +import com.booleanuk.api.cinema.payload.request.LoginRequest; +import com.booleanuk.api.cinema.payload.request.SignupRequest; +import com.booleanuk.api.cinema.payload.response.JwtResponse; +import com.booleanuk.api.cinema.payload.response.MessageResponse; +import com.booleanuk.api.cinema.repository.*; +import com.booleanuk.api.cinema.security.jwt.JwtUtils; +import com.booleanuk.api.cinema.security.services.UserDetailsImpl; +import jakarta.validation.Valid; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.http.ResponseEntity; +import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.security.crypto.password.PasswordEncoder; +import org.springframework.web.bind.annotation.*; + +import java.util.HashSet; +import java.util.List; +import java.util.Set; +import java.util.stream.Collectors; + +@CrossOrigin(origins = "*", maxAge = 3600) +@RestController +@RequestMapping("auth") +public class AuthController { + @Autowired + AuthenticationManager authenticationManager; + + @Autowired + UserRepository userRepository; + + @Autowired + RoleRepository roleRepository; + + @Autowired + PasswordEncoder encoder; + + @Autowired + JwtUtils jwtUtils; + + @PostMapping("/signin") + public ResponseEntity authenticateUser(@Valid @RequestBody LoginRequest loginRequest) { + // If using a salt for password use it here + Authentication authentication = authenticationManager + .authenticate(new UsernamePasswordAuthenticationToken(loginRequest.getUsername(), loginRequest.getPassword())); + SecurityContextHolder.getContext().setAuthentication(authentication); + String jwt = jwtUtils.generateJwtToken(authentication); + + UserDetailsImpl userDetails = (UserDetailsImpl) authentication.getPrincipal(); + List roles = userDetails.getAuthorities().stream().map((item) -> item.getAuthority()) + .collect(Collectors.toList()); + return ResponseEntity + .ok(new JwtResponse(jwt, userDetails.getId(), userDetails.getUsername(), userDetails.getEmail(), roles)); + } + + @PostMapping("/signup") + public ResponseEntity registerUser(@Valid @RequestBody SignupRequest signupRequest) { + if (userRepository.existsByUsername(signupRequest.getUsername())) { + return ResponseEntity.badRequest().body(new MessageResponse("Error: Username is already taken")); + } + if (userRepository.existsByEmail(signupRequest.getEmail())) { + return ResponseEntity.badRequest().body(new MessageResponse("Error: Email is already in use!")); + } + // Create a new user add salt here if using one + User user = new User(signupRequest.getUsername(), signupRequest.getEmail(), encoder.encode(signupRequest.getPassword())); + Set strRoles = signupRequest.getRole(); + Set roles = new HashSet<>(); + + if (strRoles == null) { + Role userRole = roleRepository.findByName(ERole.ROLE_CUSTOMER).orElseThrow(() -> new RuntimeException("Error: Role is not found")); + roles.add(userRole); + } else { + strRoles.forEach((role) -> { + switch (role) { + case "admin": + Role adminRole = roleRepository.findByName(ERole.ROLE_ADMIN).orElseThrow(() -> new RuntimeException("Error: Role is not found")); + roles.add(adminRole); + break; + case "ticketmaster": + Role ticketMasterRole = roleRepository.findByName(ERole.ROLE_TICKETMASTER).orElseThrow(() -> new RuntimeException("Error: Role is not found")); + roles.add(ticketMasterRole); + break; + default: + Role customerRole = roleRepository.findByName(ERole.ROLE_CUSTOMER).orElseThrow(() -> new RuntimeException("Error: Role is not found")); + roles.add(customerRole); + break; + } + }); + } + user.setRoles(roles); + userRepository.save(user); + return ResponseEntity.ok((new MessageResponse("User registered successfully"))); + } +} diff --git a/src/main/java/com/booleanuk/api/cinema/controllers/CustomerController.java b/src/main/java/com/booleanuk/api/cinema/controllers/CustomerController.java new file mode 100644 index 00000000..1caefac0 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/controllers/CustomerController.java @@ -0,0 +1,90 @@ +package com.booleanuk.api.cinema.controllers; + +import com.booleanuk.api.cinema.models.Customer; +import com.booleanuk.api.cinema.repository.CustomerRepository; +import com.booleanuk.api.cinema.payload.response.CustomerListResponse; +import com.booleanuk.api.cinema.payload.response.CustomerResponse; +import com.booleanuk.api.cinema.payload.response.ErrorResponse; +import com.booleanuk.api.cinema.payload.response.Response; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.http.HttpStatus; +import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.*; + +@RestController +@RequestMapping("customers") +public class CustomerController { + @Autowired + private CustomerRepository customerRepository; + + @GetMapping + public ResponseEntity getAllCustomers() { + CustomerListResponse customerListResponse = new CustomerListResponse(); + customerListResponse.set(this.customerRepository.findAll()); + return ResponseEntity.ok(customerListResponse); + } + + @PostMapping + public ResponseEntity> createCustomer(@RequestBody Customer customer) { + CustomerResponse customerResponse = new CustomerResponse(); + try { + customerResponse.set(this.customerRepository.save(customer)); + } catch (Exception e) { + ErrorResponse error = new ErrorResponse(); + error.set("Bad request"); + return new ResponseEntity<>(error, HttpStatus.BAD_REQUEST); + } + return new ResponseEntity<>(customerResponse, HttpStatus.CREATED); + } + + @GetMapping("/{id}") + public ResponseEntity> getCustomerById(@PathVariable int id) { + Customer customer = this.customerRepository.findById(id).orElse(null); + if (customer == null) { + ErrorResponse error = new ErrorResponse(); + error.set("not found"); + return new ResponseEntity<>(error, HttpStatus.NOT_FOUND); + } + CustomerResponse customerResponse = new CustomerResponse(); + customerResponse.set(customer); + return ResponseEntity.ok(customerResponse); + } + + @PutMapping("/{id}") + public ResponseEntity> updateCustomer(@PathVariable int id, @RequestBody Customer customer) { + Customer customerToUpdate = this.customerRepository.findById(id).orElse(null); + if (customerToUpdate == null) { + ErrorResponse error = new ErrorResponse(); + error.set("not found"); + return new ResponseEntity<>(error, HttpStatus.NOT_FOUND); + } + customerToUpdate.setEmail(customer.getEmail()); + customerToUpdate.setName(customer.getName()); + customerToUpdate.setPhone(customer.getPhone()); + + try { + customerToUpdate = this.customerRepository.save(customerToUpdate); + } catch (Exception e) { + ErrorResponse error = new ErrorResponse(); + error.set("Bad request"); + return new ResponseEntity<>(error, HttpStatus.BAD_REQUEST); + } + CustomerResponse customerResponse = new CustomerResponse(); + customerResponse.set(customerToUpdate); + return new ResponseEntity<>(customerResponse, HttpStatus.CREATED); + } + + @DeleteMapping("/{id}") + public ResponseEntity> deleteCustomer(@PathVariable int id) { + Customer customerToDelete = this.customerRepository.findById(id).orElse(null); + if (customerToDelete == null) { + ErrorResponse error = new ErrorResponse(); + error.set("not found"); + return new ResponseEntity<>(error, HttpStatus.NOT_FOUND); + } + this.customerRepository.delete(customerToDelete); + CustomerResponse customerResponse = new CustomerResponse(); + customerResponse.set(customerToDelete); + return ResponseEntity.ok(customerResponse); + } +} diff --git a/src/main/java/com/booleanuk/api/cinema/controllers/MovieController.java b/src/main/java/com/booleanuk/api/cinema/controllers/MovieController.java new file mode 100644 index 00000000..020ca53d --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/controllers/MovieController.java @@ -0,0 +1,92 @@ +package com.booleanuk.api.cinema.controllers; + +import com.booleanuk.api.cinema.models.Movie; +import com.booleanuk.api.cinema.repository.MovieRepository; +import com.booleanuk.api.cinema.payload.response.MovieListResponse; +import com.booleanuk.api.cinema.payload.response.MovieResponse; +import com.booleanuk.api.cinema.payload.response.ErrorResponse; +import com.booleanuk.api.cinema.payload.response.Response; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.http.HttpStatus; +import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.*; + +@RestController +@RequestMapping("movies") +public class MovieController { + @Autowired + private MovieRepository movieRepository; + + @GetMapping + public ResponseEntity getAllMovies() { + MovieListResponse movieListResponse = new MovieListResponse(); + movieListResponse.set(this.movieRepository.findAll()); + return ResponseEntity.ok(movieListResponse); + } + + @PostMapping + public ResponseEntity> createMovie(@RequestBody Movie movie) { + MovieResponse movieResponse = new MovieResponse(); + try { + movieResponse.set(this.movieRepository.save(movie)); + } catch (Exception e) { + ErrorResponse error = new ErrorResponse(); + error.set("Bad request"); + return new ResponseEntity<>(error, HttpStatus.BAD_REQUEST); + } + return new ResponseEntity<>(movieResponse, HttpStatus.CREATED); + } + + @GetMapping("/{id}") + public ResponseEntity> getMovieById(@PathVariable int id) { + Movie movie = this.movieRepository.findById(id).orElse(null); + if (movie == null) { + ErrorResponse error = new ErrorResponse(); + error.set("not found"); + return new ResponseEntity<>(error, HttpStatus.NOT_FOUND); + } + MovieResponse movieResponse = new MovieResponse(); + movieResponse.set(movie); + return ResponseEntity.ok(movieResponse); + } + + @PutMapping("/{id}") + public ResponseEntity> updateMovie(@PathVariable int id, @RequestBody Movie movie) { + Movie movieToUpdate = this.movieRepository.findById(id).orElse(null); + if (movieToUpdate == null) { + ErrorResponse error = new ErrorResponse(); + error.set("not found"); + return new ResponseEntity<>(error, HttpStatus.NOT_FOUND); + } + movieToUpdate.setDescription(movie.getDescription()); + movieToUpdate.setRating(movie.getRating()); + movieToUpdate.setTitle(movie.getTitle()); + movieToUpdate.setRuntimeMins(movie.getRuntimeMins()); + movieToUpdate.setScreenings(movie.getScreenings()); + + try { + movieToUpdate = this.movieRepository.save(movieToUpdate); + } catch (Exception e) { + ErrorResponse error = new ErrorResponse(); + error.set("Bad request"); + return new ResponseEntity<>(error, HttpStatus.BAD_REQUEST); + } + MovieResponse movieResponse = new MovieResponse(); + movieResponse.set(movieToUpdate); + return new ResponseEntity<>(movieResponse, HttpStatus.CREATED); + } + + @DeleteMapping("/{id}") + public ResponseEntity> deleteMovie(@PathVariable int id) { + Movie movieToDelete = this.movieRepository.findById(id).orElse(null); + if (movieToDelete == null) { + ErrorResponse error = new ErrorResponse(); + error.set("not found"); + return new ResponseEntity<>(error, HttpStatus.NOT_FOUND); + } + this.movieRepository.delete(movieToDelete); + MovieResponse movieResponse = new MovieResponse(); + movieResponse.set(movieToDelete); + return ResponseEntity.ok(movieResponse); + } +} diff --git a/src/main/java/com/booleanuk/api/cinema/controllers/ScreeningController.java b/src/main/java/com/booleanuk/api/cinema/controllers/ScreeningController.java new file mode 100644 index 00000000..05dee896 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/controllers/ScreeningController.java @@ -0,0 +1,56 @@ +package com.booleanuk.api.cinema.controllers; + +import com.booleanuk.api.cinema.models.Movie; +import com.booleanuk.api.cinema.models.Screening; +import com.booleanuk.api.cinema.models.ScreeningRequestDTO; +import com.booleanuk.api.cinema.repository.MovieRepository; +import com.booleanuk.api.cinema.repository.ScreeningRepository; +import com.booleanuk.api.cinema.payload.response.ScreeningListResponse; +import com.booleanuk.api.cinema.payload.response.ScreeningResponse; +import com.booleanuk.api.cinema.payload.response.ErrorResponse; +import com.booleanuk.api.cinema.payload.response.Response; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.http.HttpStatus; +import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.*; + +import java.time.OffsetDateTime; + +@RestController +@RequestMapping("movies/{id}/screenings") +public class ScreeningController { + @Autowired + private ScreeningRepository screeningRepository; + + @Autowired + private MovieRepository movieRepository; + + @GetMapping + public ResponseEntity getAllScreenings() { + ScreeningListResponse screeningListResponse = new ScreeningListResponse(); + screeningListResponse.set(this.screeningRepository.findAll()); + return ResponseEntity.ok(screeningListResponse); + } + + @PostMapping + public ResponseEntity> createScreening(@PathVariable int id, @RequestBody ScreeningRequestDTO dto) { + ScreeningResponse screeningResponse = new ScreeningResponse(); + try { + Movie movie = movieRepository.findById(id) + .orElseThrow(() -> new RuntimeException("Movie not found")); + + Screening screening = new Screening(); + screening.setScreenNumber(dto.screenNumber()); + screening.setCapacity(dto.capacity()); + screening.setMovie(movie); + + screeningResponse.set(screeningRepository.save(screening)); + return new ResponseEntity<>(screeningResponse, HttpStatus.CREATED); + + } catch (Exception e) { + ErrorResponse error = new ErrorResponse(); + error.set("Bad request: " + e.getMessage()); + return new ResponseEntity<>(error, HttpStatus.BAD_REQUEST); + } + } +} diff --git a/src/main/java/com/booleanuk/api/cinema/controllers/TicketController.java b/src/main/java/com/booleanuk/api/cinema/controllers/TicketController.java new file mode 100644 index 00000000..7c09baa1 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/controllers/TicketController.java @@ -0,0 +1,61 @@ +package com.booleanuk.api.cinema.controllers; + +import com.booleanuk.api.cinema.models.Customer; +import com.booleanuk.api.cinema.models.Screening; +import com.booleanuk.api.cinema.models.Ticket; +import com.booleanuk.api.cinema.models.TicketRequestDTO; +import com.booleanuk.api.cinema.repository.CustomerRepository; +import com.booleanuk.api.cinema.repository.ScreeningRepository; +import com.booleanuk.api.cinema.repository.TicketRepository; +import com.booleanuk.api.cinema.payload.response.TicketListResponse; +import com.booleanuk.api.cinema.payload.response.TicketResponse; +import com.booleanuk.api.cinema.payload.response.ErrorResponse; +import com.booleanuk.api.cinema.payload.response.Response; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.http.HttpStatus; +import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.*; + +@RestController +@RequestMapping("customers/{customerId}/screenings/{screeningId}") +public class TicketController { + @Autowired + private TicketRepository ticketRepository; + + @Autowired + private CustomerRepository customerRepository; + + @Autowired + private ScreeningRepository screeningRepository; + + @GetMapping + public ResponseEntity getAllTickets() { + TicketListResponse ticketListResponse = new TicketListResponse(); + ticketListResponse.set(this.ticketRepository.findAll()); + return ResponseEntity.ok(ticketListResponse); + } + + @PostMapping + public ResponseEntity> createTicket(@RequestBody TicketRequestDTO dto, @PathVariable int customerId, @PathVariable int screeningId) { + TicketResponse ticketResponse = new TicketResponse(); + try { + Customer customer = customerRepository.findById(customerId) + .orElseThrow(() -> new RuntimeException("Customer not found")); + Screening screening = screeningRepository.findById(screeningId) + .orElseThrow(() -> new RuntimeException("Screening not found")); + + Ticket ticket = new Ticket(); + ticket.setNumSeats(dto.numSeats()); + ticket.setCustomer(customer); + ticket.setScreening(screening); + + ticketResponse.set(ticketRepository.save(ticket)); + return new ResponseEntity<>(ticketResponse, HttpStatus.CREATED); + + } catch (Exception e) { + ErrorResponse error = new ErrorResponse(); + error.set("Bad request: " + e.getMessage()); + return new ResponseEntity<>(error, HttpStatus.BAD_REQUEST); + } + } +} diff --git a/src/main/java/com/booleanuk/api/cinema/models/Customer.java b/src/main/java/com/booleanuk/api/cinema/models/Customer.java new file mode 100644 index 00000000..aa190b47 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/models/Customer.java @@ -0,0 +1,58 @@ +package com.booleanuk.api.cinema.models; + +import com.fasterxml.jackson.annotation.JsonFormat; +import com.fasterxml.jackson.annotation.JsonIgnoreProperties; +import jakarta.persistence.*; +import lombok.Data; +import lombok.NoArgsConstructor; + +import java.time.OffsetDateTime; +import java.util.List; + +@Data +@NoArgsConstructor +@Entity +@Table(name = "customers") +public class Customer { + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + private int id; + + @Column + private String name; + + @Column + private String email; + + @Column + private String phone; + + @Column + @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ssXXX") + private OffsetDateTime createdAt; + + @Column + @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ssXXX") + private OffsetDateTime updatedAt; + + @OneToMany(mappedBy = "customer", cascade = CascadeType.REMOVE) + @JsonIgnoreProperties({"customer"}) + private List tickets; + + public Customer(String name, String email, String phone) { + this.name = name; + this.email = email; + this.phone = phone; + } + + @PrePersist + protected void onCreate() { + this.createdAt = OffsetDateTime.now(); + this.updatedAt = OffsetDateTime.now(); + } + + @PreUpdate + protected void onUpdate() { + this.updatedAt = OffsetDateTime.now(); + } +} diff --git a/src/main/java/com/booleanuk/api/cinema/models/ERole.java b/src/main/java/com/booleanuk/api/cinema/models/ERole.java new file mode 100644 index 00000000..42a35a11 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/models/ERole.java @@ -0,0 +1,7 @@ +package com.booleanuk.api.cinema.models; + +public enum ERole { + ROLE_CUSTOMER, + ROLE_ADMIN, + ROLE_TICKETMASTER +} diff --git a/src/main/java/com/booleanuk/api/cinema/models/Movie.java b/src/main/java/com/booleanuk/api/cinema/models/Movie.java new file mode 100644 index 00000000..f955da19 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/models/Movie.java @@ -0,0 +1,63 @@ +package com.booleanuk.api.cinema.models; + +import com.fasterxml.jackson.annotation.JsonFormat; +import com.fasterxml.jackson.annotation.JsonIgnoreProperties; +import jakarta.persistence.*; +import lombok.Data; +import lombok.NoArgsConstructor; + +import java.time.OffsetDateTime; +import java.util.List; + +@Data +@NoArgsConstructor +@Entity +@Table(name = "movies") +public class Movie { + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + private int id; + + @Column + private String title; + + @Column + private String rating; + + @Column + private String description; + + @Column + private int runtimeMins; + + @Column + @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ssXXX") + private OffsetDateTime createdAt; + + @Column + @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ssXXX") + private OffsetDateTime updatedAt; + + @OneToMany(mappedBy = "movie", cascade = CascadeType.REMOVE) + @JsonIgnoreProperties({"movie"}) + private List screenings; + + public Movie(String title, String rating, String description, int runtimeMins, List screenings) { + this.title = title; + this.rating = rating; + this.description = description; + this.runtimeMins = runtimeMins; + this.screenings = screenings; + } + + @PrePersist + protected void onCreate() { + this.createdAt = OffsetDateTime.now(); + this.updatedAt = OffsetDateTime.now(); + } + + @PreUpdate + protected void onUpdate() { + this.updatedAt = OffsetDateTime.now(); + } +} diff --git a/src/main/java/com/booleanuk/api/cinema/models/Role.java b/src/main/java/com/booleanuk/api/cinema/models/Role.java new file mode 100644 index 00000000..3b825dfb --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/models/Role.java @@ -0,0 +1,23 @@ +package com.booleanuk.api.cinema.models; + +import jakarta.persistence.*; +import lombok.Data; +import lombok.NoArgsConstructor; + +@NoArgsConstructor +@Data +@Entity +@Table(name = "roles") +public class Role { + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + private int id; + + @Enumerated(EnumType.STRING) + @Column(length = 20) + private ERole name; + + public Role(ERole name) { + this.name = name; + } +} diff --git a/src/main/java/com/booleanuk/api/cinema/models/Screening.java b/src/main/java/com/booleanuk/api/cinema/models/Screening.java new file mode 100644 index 00000000..62543f6f --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/models/Screening.java @@ -0,0 +1,68 @@ +package com.booleanuk.api.cinema.models; + +import com.fasterxml.jackson.annotation.JsonFormat; +import com.fasterxml.jackson.annotation.JsonIgnoreProperties; +import com.fasterxml.jackson.annotation.JsonIncludeProperties; +import jakarta.persistence.*; +import lombok.Data; +import lombok.NoArgsConstructor; + +import java.time.LocalDateTime; +import java.time.LocalTime; +import java.time.OffsetDateTime; +import java.util.List; + +@Data +@NoArgsConstructor +@Entity +@Table(name = "screenings") +public class Screening { + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + private int id; + + @Column + private int screenNumber; + + @Column + private int capacity; + + @Column + @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ssXXX") + private String startsAt; + + @Column + @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ssXXX") + private OffsetDateTime createdAt; + + @Column + @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ssXXX") + private OffsetDateTime updatedAt; + + @OneToMany(mappedBy = "screening", cascade = CascadeType.REMOVE) + @JsonIgnoreProperties({"screening"}) + private List tickets; + + @ManyToOne + @JoinColumn(name = "movie_id", nullable = false) + @JsonIncludeProperties(value = {"title", "runtimeMins"}) + private Movie movie; + + public Screening(int screenNumber, int capacity, String startsAt) { + this.screenNumber = screenNumber; + this.capacity = capacity; + this.startsAt = OffsetDateTime.now().toString(); + } + + + @PrePersist + protected void onCreate() { + this.createdAt = OffsetDateTime.now(); + this.updatedAt = OffsetDateTime.now(); + } + + @PreUpdate + protected void onUpdate() { + this.updatedAt = OffsetDateTime.now(); + } +} diff --git a/src/main/java/com/booleanuk/api/cinema/models/ScreeningRequestDTO.java b/src/main/java/com/booleanuk/api/cinema/models/ScreeningRequestDTO.java new file mode 100644 index 00000000..c665d6a1 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/models/ScreeningRequestDTO.java @@ -0,0 +1,10 @@ +package com.booleanuk.api.cinema.models; + +import jakarta.persistence.Column; + +public record ScreeningRequestDTO( + int screenNumber, + int capacity, + String startsAt, + int movie_id +) {} diff --git a/src/main/java/com/booleanuk/api/cinema/models/Ticket.java b/src/main/java/com/booleanuk/api/cinema/models/Ticket.java new file mode 100644 index 00000000..794966e7 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/models/Ticket.java @@ -0,0 +1,58 @@ +package com.booleanuk.api.cinema.models; + +import com.fasterxml.jackson.annotation.JsonFormat; +import com.fasterxml.jackson.annotation.JsonIgnore; +import com.fasterxml.jackson.annotation.JsonIncludeProperties; +import jakarta.persistence.*; +import lombok.Data; +import lombok.NoArgsConstructor; + +import java.time.OffsetDateTime; + +@Data +@NoArgsConstructor +@Entity +@Table(name = "tickets") +public class Ticket { + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + private int id; + + @Column + private int numSeats; + + @Column + @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ssXXX") + private OffsetDateTime createdAt; + + @Column + @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ssXXX") + private OffsetDateTime updatedAt; + + @ManyToOne + @JoinColumn(name = "screening_id", nullable = false) + @JsonIncludeProperties(value = {"screenNumber", "capacity", "startsAt"}) + @JsonIgnore + private Screening screening; + + @ManyToOne + @JoinColumn(name = "customer_id", nullable = false) + @JsonIncludeProperties(value = {"name", "email", "phone"}) + @JsonIgnore + private Customer customer; + + public Ticket(int numSeats) { + this.numSeats = numSeats; + } + + @PrePersist + protected void onCreate() { + this.createdAt = OffsetDateTime.now(); + this.updatedAt = OffsetDateTime.now(); + } + + @PreUpdate + protected void onUpdate() { + this.updatedAt = OffsetDateTime.now(); + } +} diff --git a/src/main/java/com/booleanuk/api/cinema/models/TicketRequestDTO.java b/src/main/java/com/booleanuk/api/cinema/models/TicketRequestDTO.java new file mode 100644 index 00000000..7820d584 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/models/TicketRequestDTO.java @@ -0,0 +1,7 @@ +package com.booleanuk.api.cinema.models; + +public record TicketRequestDTO( + int numSeats, + int customer_id, + int screening_id +) {} diff --git a/src/main/java/com/booleanuk/api/cinema/models/User.java b/src/main/java/com/booleanuk/api/cinema/models/User.java new file mode 100644 index 00000000..4025639d --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/models/User.java @@ -0,0 +1,48 @@ +package com.booleanuk.api.cinema.models; + +import jakarta.persistence.*; +import jakarta.validation.constraints.Email; +import jakarta.validation.constraints.NotBlank; +import jakarta.validation.constraints.Size; +import lombok.Data; +import lombok.NoArgsConstructor; + +import java.util.HashSet; +import java.util.Set; + +@NoArgsConstructor +@Data +@Entity +@Table(name = "users", + uniqueConstraints = { + @UniqueConstraint(columnNames = "username"), + @UniqueConstraint(columnNames = "email") + }) +public class User { + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + private int id; + + @NotBlank + @Size(max = 20) + private String username; + + @NotBlank + @Size(max = 50) + @Email + private String email; + + @NotBlank + @Size(max = 120) + private String password; + + @ManyToMany(fetch = FetchType.LAZY) + @JoinTable(name = "user_roles", joinColumns = @JoinColumn(name = "user_id"), inverseJoinColumns = @JoinColumn(name = "role_id")) + private Set roles = new HashSet<>(); + + public User(String username, String email, String password) { + this.username = username; + this.email = email; + this.password = password; + } +} diff --git a/src/main/java/com/booleanuk/api/cinema/payload/request/LoginRequest.java b/src/main/java/com/booleanuk/api/cinema/payload/request/LoginRequest.java new file mode 100644 index 00000000..c16393fe --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/payload/request/LoginRequest.java @@ -0,0 +1,15 @@ +package com.booleanuk.api.cinema.payload.request; + +import jakarta.validation.constraints.NotBlank; +import lombok.Getter; +import lombok.Setter; + +@Getter +@Setter +public class LoginRequest { + @NotBlank + private String username; + + @NotBlank + private String password; +} diff --git a/src/main/java/com/booleanuk/api/cinema/payload/request/SignupRequest.java b/src/main/java/com/booleanuk/api/cinema/payload/request/SignupRequest.java new file mode 100644 index 00000000..f9f4d5d3 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/payload/request/SignupRequest.java @@ -0,0 +1,29 @@ +package com.booleanuk.api.cinema.payload.request; + +import jakarta.validation.constraints.Email; +import jakarta.validation.constraints.NotBlank; +import jakarta.validation.constraints.Size; +import lombok.Getter; +import lombok.Setter; + +import java.util.Set; + +@Getter +@Setter +public class SignupRequest { + @NotBlank + @Size(min = 3, max = 20) + private String username; + + @NotBlank + @Size(max = 50) + @Email + private String email; + + private Set role; + + @NotBlank + @Size(min = 6, max = 40) + private String password; + +} diff --git a/src/main/java/com/booleanuk/api/cinema/payload/response/CustomerListResponse.java b/src/main/java/com/booleanuk/api/cinema/payload/response/CustomerListResponse.java new file mode 100644 index 00000000..8892a8cf --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/payload/response/CustomerListResponse.java @@ -0,0 +1,8 @@ +package com.booleanuk.api.cinema.payload.response; + +import com.booleanuk.api.cinema.models.Customer; + +import java.util.List; + +public class CustomerListResponse extends Response> { +} diff --git a/src/main/java/com/booleanuk/api/cinema/payload/response/CustomerResponse.java b/src/main/java/com/booleanuk/api/cinema/payload/response/CustomerResponse.java new file mode 100644 index 00000000..bb8bc970 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/payload/response/CustomerResponse.java @@ -0,0 +1,6 @@ +package com.booleanuk.api.cinema.payload.response; + +import com.booleanuk.api.cinema.models.Customer; + +public class CustomerResponse extends Response { +} diff --git a/src/main/java/com/booleanuk/api/cinema/payload/response/ErrorResponse.java b/src/main/java/com/booleanuk/api/cinema/payload/response/ErrorResponse.java new file mode 100644 index 00000000..90029965 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/payload/response/ErrorResponse.java @@ -0,0 +1,19 @@ +package com.booleanuk.api.cinema.payload.response; + +import lombok.Getter; +import lombok.NoArgsConstructor; + +import java.util.HashMap; +import java.util.Map; + +@Getter +@NoArgsConstructor +public class ErrorResponse extends Response> { + public void set(String message) { + this.status = "error"; + + Map reply = new HashMap<>(); + reply.put("message", message); + this.data = reply; + } +} diff --git a/src/main/java/com/booleanuk/api/cinema/payload/response/JwtResponse.java b/src/main/java/com/booleanuk/api/cinema/payload/response/JwtResponse.java new file mode 100644 index 00000000..f29a3819 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/payload/response/JwtResponse.java @@ -0,0 +1,25 @@ +package com.booleanuk.api.cinema.payload.response; + +import lombok.Getter; +import lombok.Setter; + +import java.util.List; + +@Getter +@Setter +public class JwtResponse { + private String token; + private String type = "Bearer"; + private int id; + private String username; + private String email; + private List roles; + + public JwtResponse(String token, int id, String username, String email, List roles) { + this.token = token; + this.id = id; + this.username = username; + this.email = email; + this.roles = roles; + } +} diff --git a/src/main/java/com/booleanuk/api/cinema/payload/response/MessageResponse.java b/src/main/java/com/booleanuk/api/cinema/payload/response/MessageResponse.java new file mode 100644 index 00000000..485b570f --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/payload/response/MessageResponse.java @@ -0,0 +1,14 @@ +package com.booleanuk.api.cinema.payload.response; + +import lombok.Getter; +import lombok.Setter; + +@Getter +@Setter +public class MessageResponse { + private String message; + + public MessageResponse(String message) { + this.message = message; + } +} diff --git a/src/main/java/com/booleanuk/api/cinema/payload/response/MovieListResponse.java b/src/main/java/com/booleanuk/api/cinema/payload/response/MovieListResponse.java new file mode 100644 index 00000000..ed5edea5 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/payload/response/MovieListResponse.java @@ -0,0 +1,8 @@ +package com.booleanuk.api.cinema.payload.response; + +import com.booleanuk.api.cinema.models.Movie; + +import java.util.List; + +public class MovieListResponse extends Response> { +} diff --git a/src/main/java/com/booleanuk/api/cinema/payload/response/MovieResponse.java b/src/main/java/com/booleanuk/api/cinema/payload/response/MovieResponse.java new file mode 100644 index 00000000..3e0f1bbf --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/payload/response/MovieResponse.java @@ -0,0 +1,6 @@ +package com.booleanuk.api.cinema.payload.response; + +import com.booleanuk.api.cinema.models.Movie; + +public class MovieResponse extends Response { +} diff --git a/src/main/java/com/booleanuk/api/cinema/payload/response/Response.java b/src/main/java/com/booleanuk/api/cinema/payload/response/Response.java new file mode 100644 index 00000000..f2dff66d --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/payload/response/Response.java @@ -0,0 +1,14 @@ +package com.booleanuk.api.cinema.payload.response; + +import lombok.Getter; + +@Getter +public class Response { + protected String status; + protected T data; + + public void set(T data) { + this.status = "success"; + this.data = data; + } +} diff --git a/src/main/java/com/booleanuk/api/cinema/payload/response/ScreeningListResponse.java b/src/main/java/com/booleanuk/api/cinema/payload/response/ScreeningListResponse.java new file mode 100644 index 00000000..c65f09b5 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/payload/response/ScreeningListResponse.java @@ -0,0 +1,8 @@ +package com.booleanuk.api.cinema.payload.response; + +import com.booleanuk.api.cinema.models.Screening; + +import java.util.List; + +public class ScreeningListResponse extends Response> { +} diff --git a/src/main/java/com/booleanuk/api/cinema/payload/response/ScreeningResponse.java b/src/main/java/com/booleanuk/api/cinema/payload/response/ScreeningResponse.java new file mode 100644 index 00000000..23f966d4 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/payload/response/ScreeningResponse.java @@ -0,0 +1,6 @@ +package com.booleanuk.api.cinema.payload.response; + +import com.booleanuk.api.cinema.models.Screening; + +public class ScreeningResponse extends Response { +} diff --git a/src/main/java/com/booleanuk/api/cinema/payload/response/TicketListResponse.java b/src/main/java/com/booleanuk/api/cinema/payload/response/TicketListResponse.java new file mode 100644 index 00000000..a9fba679 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/payload/response/TicketListResponse.java @@ -0,0 +1,8 @@ +package com.booleanuk.api.cinema.payload.response; + +import com.booleanuk.api.cinema.models.Ticket; + +import java.util.List; + +public class TicketListResponse extends Response> { +} diff --git a/src/main/java/com/booleanuk/api/cinema/payload/response/TicketResponse.java b/src/main/java/com/booleanuk/api/cinema/payload/response/TicketResponse.java new file mode 100644 index 00000000..0a986fb4 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/payload/response/TicketResponse.java @@ -0,0 +1,6 @@ +package com.booleanuk.api.cinema.payload.response; + +import com.booleanuk.api.cinema.models.Ticket; + +public class TicketResponse extends Response { +} diff --git a/src/main/java/com/booleanuk/api/cinema/repository/CustomerRepository.java b/src/main/java/com/booleanuk/api/cinema/repository/CustomerRepository.java new file mode 100644 index 00000000..6b7bdcfa --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/repository/CustomerRepository.java @@ -0,0 +1,8 @@ +package com.booleanuk.api.cinema.repository; + +import com.booleanuk.api.cinema.models.Customer; +import org.springframework.data.jpa.repository.JpaRepository; +import org.springframework.stereotype.Repository; + +public interface CustomerRepository extends JpaRepository { +} diff --git a/src/main/java/com/booleanuk/api/cinema/repository/MovieRepository.java b/src/main/java/com/booleanuk/api/cinema/repository/MovieRepository.java new file mode 100644 index 00000000..506be448 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/repository/MovieRepository.java @@ -0,0 +1,8 @@ +package com.booleanuk.api.cinema.repository; + +import com.booleanuk.api.cinema.models.Movie; +import org.springframework.data.jpa.repository.JpaRepository; +import org.springframework.stereotype.Repository; + +public interface MovieRepository extends JpaRepository { +} diff --git a/src/main/java/com/booleanuk/api/cinema/repository/RoleRepository.java b/src/main/java/com/booleanuk/api/cinema/repository/RoleRepository.java new file mode 100644 index 00000000..7de52a6a --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/repository/RoleRepository.java @@ -0,0 +1,11 @@ +package com.booleanuk.api.cinema.repository; + +import com.booleanuk.api.cinema.models.ERole; +import com.booleanuk.api.cinema.models.Role; +import org.springframework.data.jpa.repository.JpaRepository; + +import java.util.Optional; + +public interface RoleRepository extends JpaRepository { + Optional findByName(ERole name); +} diff --git a/src/main/java/com/booleanuk/api/cinema/repository/ScreeningRepository.java b/src/main/java/com/booleanuk/api/cinema/repository/ScreeningRepository.java new file mode 100644 index 00000000..965b1e6f --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/repository/ScreeningRepository.java @@ -0,0 +1,8 @@ +package com.booleanuk.api.cinema.repository; + +import com.booleanuk.api.cinema.models.Screening; +import org.springframework.data.jpa.repository.JpaRepository; +import org.springframework.stereotype.Repository; + +public interface ScreeningRepository extends JpaRepository { +} diff --git a/src/main/java/com/booleanuk/api/cinema/repository/TicketRepository.java b/src/main/java/com/booleanuk/api/cinema/repository/TicketRepository.java new file mode 100644 index 00000000..e4c25a4c --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/repository/TicketRepository.java @@ -0,0 +1,8 @@ +package com.booleanuk.api.cinema.repository; + +import com.booleanuk.api.cinema.models.Ticket; +import org.springframework.data.jpa.repository.JpaRepository; +import org.springframework.stereotype.Repository; + +public interface TicketRepository extends JpaRepository { +} diff --git a/src/main/java/com/booleanuk/api/cinema/repository/UserRepository.java b/src/main/java/com/booleanuk/api/cinema/repository/UserRepository.java new file mode 100644 index 00000000..6044940a --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/repository/UserRepository.java @@ -0,0 +1,15 @@ +package com.booleanuk.api.cinema.repository; + +import com.booleanuk.api.cinema.models.User; +import org.springframework.data.jpa.repository.JpaRepository; +import org.springframework.stereotype.Repository; + +import java.util.Optional; + +@Repository +public interface UserRepository extends JpaRepository { + Optional findByUsername(String username); + + boolean existsByUsername(String username); + boolean existsByEmail(String email); +} diff --git a/src/main/java/com/booleanuk/api/cinema/security/WebSecurityConfig.java b/src/main/java/com/booleanuk/api/cinema/security/WebSecurityConfig.java new file mode 100644 index 00000000..a9b7c2e3 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/security/WebSecurityConfig.java @@ -0,0 +1,73 @@ +package com.booleanuk.api.cinema.security; + +import com.booleanuk.api.cinema.security.jwt.AuthEntryPointJwt; +import com.booleanuk.api.cinema.security.jwt.AuthTokenFilter; +import com.booleanuk.api.cinema.security.services.UserDetailsServiceImpl; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.http.HttpMethod; +import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.authentication.dao.DaoAuthenticationProvider; +import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.http.SessionCreationPolicy; +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; +import org.springframework.security.crypto.password.PasswordEncoder; +import org.springframework.security.web.SecurityFilterChain; +import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; + +@Configuration +@EnableWebSecurity +public class WebSecurityConfig { + @Autowired + private UserDetailsServiceImpl userDetailsService; + + @Autowired + private AuthEntryPointJwt unauthorizedHandler; + + @Bean + public AuthTokenFilter authenticationJwtTokenFilter() { + return new AuthTokenFilter(); + } + + @Bean + public DaoAuthenticationProvider authenticationProvider() { + DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider(userDetailsService); + + //authProvider.setUserDetailsService(userDetailsService); + authProvider.setPasswordEncoder(passwordEncoder()); + + return authProvider; + } + + @Bean + public PasswordEncoder passwordEncoder() { + return new BCryptPasswordEncoder(); + } + + @Bean + public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { + http + .csrf((csrf) -> csrf.disable()) + .exceptionHandling((exception) -> exception.authenticationEntryPoint(unauthorizedHandler)) + .sessionManagement((session) -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) + .authorizeHttpRequests((requests) -> requests + .requestMatchers("/auth/**").permitAll() + .requestMatchers(HttpMethod.GET,"/movies", "/movies/**", "/customers", "/customers/**").authenticated() + .requestMatchers(HttpMethod.DELETE,"/movies", "/movies/**", "/customers", "/customers/**").hasAnyRole("ADMIN") + .requestMatchers(HttpMethod.PUT,"/movies", "/movies/**", "/customers", "/customers/**").hasAnyRole("ADMIN") + .requestMatchers(HttpMethod.POST,"/movies", "/movies/**", "/customers", "/customers/**").hasAnyRole("ADMIN") + .requestMatchers(HttpMethod.POST,"customers/{customerId}/screenings/{screeningId}").hasAnyRole("TICKETMASTER") + ); + http.authenticationProvider(authenticationProvider()); + http.addFilterBefore(authenticationJwtTokenFilter(), UsernamePasswordAuthenticationFilter.class); + return http.build(); + } + + @Bean + public AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration) throws Exception { + return authenticationConfiguration.getAuthenticationManager(); + } +} diff --git a/src/main/java/com/booleanuk/api/cinema/security/jwt/AuthEntryPointJwt.java b/src/main/java/com/booleanuk/api/cinema/security/jwt/AuthEntryPointJwt.java new file mode 100644 index 00000000..1a5d63c2 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/security/jwt/AuthEntryPointJwt.java @@ -0,0 +1,24 @@ +package com.booleanuk.api.cinema.security.jwt; + +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.security.core.AuthenticationException; +import org.springframework.security.web.AuthenticationEntryPoint; +import org.springframework.stereotype.Component; + +import java.io.IOException; + +@Component +public class AuthEntryPointJwt implements AuthenticationEntryPoint { + private static final Logger logger = LoggerFactory.getLogger(AuthEntryPointJwt.class); + + @Override + public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException { + logger.error("Unauthorized error: {}", authException.getMessage()); + response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Error: Unauthorized"); + } + +} diff --git a/src/main/java/com/booleanuk/api/cinema/security/jwt/AuthTokenFilter.java b/src/main/java/com/booleanuk/api/cinema/security/jwt/AuthTokenFilter.java new file mode 100644 index 00000000..192f22c2 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/security/jwt/AuthTokenFilter.java @@ -0,0 +1,54 @@ +package com.booleanuk.api.cinema.security.jwt; + +import com.booleanuk.api.cinema.security.services.UserDetailsServiceImpl; +import jakarta.servlet.FilterChain; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.security.web.authentication.WebAuthenticationDetailsSource; +import org.springframework.util.StringUtils; +import org.springframework.web.filter.OncePerRequestFilter; + +import java.io.IOException; + +public class AuthTokenFilter extends OncePerRequestFilter { + @Autowired + private JwtUtils jwtUtils; + + @Autowired + private UserDetailsServiceImpl userDetailsService; + + private static final Logger logger = LoggerFactory.getLogger(AuthTokenFilter.class); + + @Override + protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) + throws ServletException, IOException { + try { + String jwt = parseJwt(request); + if (jwt != null && jwtUtils.validateJwtToken(jwt)) { + String username = jwtUtils.getUserNameFromJwtToken(jwt); + UserDetails userDetails = userDetailsService.loadUserByUsername(username); + UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities()); + authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); + SecurityContextHolder.getContext().setAuthentication(authentication); + } + } catch (Exception e) { + logger.error("Cannot set user authentication: {}", e.getMessage()); + } + filterChain.doFilter(request, response); + } + + private String parseJwt(HttpServletRequest request) { + String headerAuth = request.getHeader("Authorization"); + if (StringUtils.hasText(headerAuth) && headerAuth.startsWith("Bearer ")) { + return headerAuth.substring(7); + } + return null; + } +} diff --git a/src/main/java/com/booleanuk/api/cinema/security/jwt/JwtUtils.java b/src/main/java/com/booleanuk/api/cinema/security/jwt/JwtUtils.java new file mode 100644 index 00000000..a780c3d6 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/security/jwt/JwtUtils.java @@ -0,0 +1,63 @@ +package com.booleanuk.api.cinema.security.jwt; + +import com.booleanuk.api.cinema.security.services.UserDetailsImpl; +import io.jsonwebtoken.ExpiredJwtException; +import io.jsonwebtoken.Jwts; +import io.jsonwebtoken.MalformedJwtException; +import io.jsonwebtoken.UnsupportedJwtException; +import io.jsonwebtoken.io.Decoders; +import io.jsonwebtoken.security.Keys; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.security.core.Authentication; +import org.springframework.stereotype.Component; + +import javax.crypto.SecretKey; +import java.util.Date; + +@Component +public class JwtUtils { + private static final Logger logger = LoggerFactory.getLogger(JwtUtils.class); + + @Value("${booleanuk.app.jwtSecret}") + private String jwtSecret; + + @Value("${booleanuk.app.jwtExpirationMs}") + private int jwtExpirationMs; + + public String generateJwtToken(Authentication authentication) { + UserDetailsImpl userPrincipal = (UserDetailsImpl) authentication.getPrincipal(); + + return Jwts.builder() + .subject((userPrincipal.getUsername())) + .issuedAt(new Date()) + .expiration(new Date((new Date()).getTime() + this.jwtExpirationMs)) + .signWith(this.key()) + .compact(); + } + + private SecretKey key() { + return Keys.hmacShaKeyFor(Decoders.BASE64.decode(this.jwtSecret)); + } + + public String getUserNameFromJwtToken(String token) { + return Jwts.parser().verifyWith(this.key()).build().parseSignedClaims(token).getPayload().getSubject(); + } + + public boolean validateJwtToken(String authToken) { + try { + Jwts.parser().verifyWith(this.key()).build().parse(authToken); + return true; + } catch (MalformedJwtException e) { + logger.error("Invalid JWT token: {}", e.getMessage()); + } catch (ExpiredJwtException e) { + logger.error("JWT token has expired: {}", e.getMessage()); + } catch (UnsupportedJwtException e) { + logger.error("JWT token is unsupported: {}", e.getMessage()); + } catch (IllegalArgumentException e) { + logger.error("JWT claims string is empty: {}", e.getMessage()); + } + return false; + } +} diff --git a/src/main/java/com/booleanuk/api/cinema/security/services/UserDetailsImpl.java b/src/main/java/com/booleanuk/api/cinema/security/services/UserDetailsImpl.java new file mode 100644 index 00000000..268543bf --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/security/services/UserDetailsImpl.java @@ -0,0 +1,59 @@ +package com.booleanuk.api.cinema.security.services; + +import com.booleanuk.api.cinema.models.User; +import com.fasterxml.jackson.annotation.JsonIgnore; +import lombok.Getter; +import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.core.authority.SimpleGrantedAuthority; +import org.springframework.security.core.userdetails.UserDetails; + +import java.util.Collection; +import java.util.List; +import java.util.Objects; +import java.util.stream.Collectors; + +@Getter +public class UserDetailsImpl implements UserDetails { + private static final long serialVersionUID = 1L; + + private int id; + private String username; + private String email; + + @JsonIgnore + private String password; + + private Collection authorities; + + public UserDetailsImpl(int id, String username, String email, String password, Collection authorities) { + this.id = id; + this.username = username; + this.email = email; + this.password = password; + this.authorities = authorities; + } + + public static UserDetailsImpl build(User user) { + List authorities = user.getRoles().stream() + .map(role -> new SimpleGrantedAuthority(role.getName().name())) + .collect(Collectors.toList()); + return new UserDetailsImpl( + user.getId(), + user.getUsername(), + user.getEmail(), + user.getPassword(), + authorities); + } + + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + UserDetailsImpl user = (UserDetailsImpl) o; + return Objects.equals(id, user.id); + } +} diff --git a/src/main/java/com/booleanuk/api/cinema/security/services/UserDetailsServiceImpl.java b/src/main/java/com/booleanuk/api/cinema/security/services/UserDetailsServiceImpl.java new file mode 100644 index 00000000..066003c1 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/security/services/UserDetailsServiceImpl.java @@ -0,0 +1,26 @@ +package com.booleanuk.api.cinema.security.services; + +import com.booleanuk.api.cinema.models.User; +import com.booleanuk.api.cinema.repository.UserRepository; +import jakarta.transaction.Transactional; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.security.core.userdetails.UserDetailsService; +import org.springframework.security.core.userdetails.UsernameNotFoundException; +import org.springframework.stereotype.Service; + +@Service +public class UserDetailsServiceImpl implements UserDetailsService { + @Autowired + UserRepository userRepository; + + @Override + @Transactional + public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { + User user = (User) userRepository.findByUsername(username).orElseThrow( + () -> new UsernameNotFoundException("User not found with username: " + username) + ); + return UserDetailsImpl.build(user); + + } +} diff --git a/src/main/resources/application.yml.example b/src/main/resources/application.yml.example deleted file mode 100644 index 275ec30f..00000000 --- a/src/main/resources/application.yml.example +++ /dev/null @@ -1,23 +0,0 @@ -server: - port: 4000 - error: - include-message: always - include-binding-errors: always - include-stacktrace: never - include-exception: false - -spring: - datasource: - url: jdbc:postgresql://DATABASE_URL:5432/DATABASE_NAME - username: DATABASE_USERNAME - password: DATABASE_PASSWORD - max-active: 3 - max-idle: 3 - jpa: - hibernate: - ddl-auto: update - properties: - hibernate: - dialect: org.hibernate.dialect.PostgreSQLDialect - format_sql: true - show-sql: true