Version 0.0.6 #65

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged

rodrigoprestesmachado merged 7 commits into main from dev

Nov 24, 2025

CHANGELOG.md

            
                      Original file line number
                      Diff line number
                      Diff line change
                  
    @@ -1,14 +1,21 @@
  
    # Users change Log

    ## 0.0.6

    - LoginResponseDTO as a standard response object from all endpoints

    - Users Admin Console Vue App (Experimental)

    - Playground Vue App (Experimental)

    ## 0.0.5

    - Port to Kotlin

    - webauthn (Experimental)

    ## 0.0.4

        - Clean Architecture

        - Updated to Quarkus 3

        - Updated to Java 20 Temurin

    - Clean Architecture

    - Updated to Quarkus 3

    - Updated to Java 20 Temurin

    ## 0.0.3

README.md

            
                      Original file line number
                      Diff line number
                      Diff line change
                  
    @@ -31,9 +31,11 @@ You can run your application in dev mode that enables live coding using:
  
    > **_NOTE:_**  Quarkus now ships with a Dev UI, which is available in dev mode only at http://localhost:8080/q/dev/.

    ## Frontend Playground

    For comprehensive instructions on running the service in development, production with containers (JVM and native compilation), configuration, and troubleshooting, see the [Running the Service Documentation](docs/running/Running.md).

    The project includes a Vue 3 frontend playground application that provides a user interface for testing all features of the Orion Users service.

    ## Playground

    The project includes a Vue 3 playground application that provides a user interface for testing and experimenting with all features of the Orion Users service.

    **Access the playground**: After starting the application, navigate to `http://localhost:8080/test`

    @@ -45,7 +47,25 @@ The playground includes:
  
    - Password recovery

    - User profile management

    For detailed information about the frontend playground, including development setup and configuration, see the [Frontend Documentation](docs/frontend/Frontend.md).

    For detailed information about the playground, including how to run it in development and production modes, social login configuration, and user guide, see the [Playground Documentation](docs/playground/Playground.md).

    ## Admin Console

    The project includes a Vue 3 admin console application built with Vuetify that provides an administrative interface for managing users in the Orion Users service.

    **Access the admin console**: After starting the application, navigate to `http://localhost:8080/console`

    **Authentication**: The admin console requires authentication with a JWT token that includes the `admin` role. Only users with admin privileges can access this interface.

    The admin console includes:

    - User authentication with admin role verification

    - User listing with filters and search functionality

    - User detail view with complete user information

    - User creation (create new users)

    - User editing (update email and password)

    - User deletion (delete users with confirmation)

    For detailed information about the admin console, including development setup and features, see the [Admin Console README](src/main/resources/META-INF/resources/admin/README.md).

    ## Packaging and running the application

    @@ -54,7 +74,7 @@ The application can be packaged using:
  
    ./mvnw package

    ```

    It produces the `quarkus-run.jar` file in the `target/quarkus-app/` directory.

    Be aware that it’s not an _über-jar_ as the dependencies are copied into the `target/quarkus-app/lib/` directory.

    Be aware that it's not an _über-jar_ as the dependencies are copied into the `target/quarkus-app/lib/` directory.

    The application is now runnable using `java -jar target/quarkus-app/quarkus-run.jar`.

    @@ -77,44 +97,81 @@ Or, if you don't have GraalVM installed, you can run the native executable build
  
    ./mvnw package -Pnative -Dquarkus.native.container-build=true

    ```

    You can then execute your native executable with: `./target/users-0.0.1-runner`

    You can then execute your native executable with: `./target/users-0.0.6-runner`

    For detailed instructions on building and running containers (JVM and native), see the [Running the Service Documentation](docs/running/Running.md).

    If you want to learn more about building native executables, please consult https://quarkus.io/guides/maven-tooling.

    ## API Endpoints

    The service provides the following main endpoints:

    The service provides the following endpoints:

    ### User Management

    - `POST /users/create` - Create a new user. Returns user data in JSON format.

    - `POST /users/createAuthenticate` - Create a new user and authenticate in a single request. Returns LoginResponseDTO with JWT token.

    - `PUT /users/update` - Update user information (name, email and/or password). Requires JWT authentication (role: user). Returns LoginResponseDTO with updated token and user. Admins can update any user.

    - `POST /users/delete` - Delete a user. Requires JWT authentication (role: admin).

    - `GET /users/list` - List all users. Requires JWT authentication (role: admin).

    - `GET /users/by-email` - Get user by email. Requires JWT authentication (role: admin).

    ### Authentication

    - `POST /users/login` - Authenticate a user with email and password. Returns LoginResponseDTO. If user has 2FA enabled and `require2FAForBasicLogin` is true, returns `requires2FA: true` indicating that 2FA code is required.

    - `POST /users/login/2fa` - Authenticate with 2FA code after initial login. Returns LoginResponseDTO with JWT token.

    - `POST /users/authenticate` - **(Deprecated)** Authenticate a user. Returns JWT token as plain text. Use `/users/login` instead.

    ### Email Validation

    - `GET /users/validateEmail` - Validate user email with validation code sent via email. Query parameters: `email` and `code`.

    ### Password Recovery

    - `POST /users/recoverPassword` - Recover user password. Generates a new password and sends it via email. Returns HTTP 204 (No Content).

    ### Social Authentication

    - `POST /users/login/google` - Authenticate with Google OAuth2. Accepts Google ID token or access token. Returns LoginResponseDTO. If user has 2FA enabled and `require2FAForSocialLogin` is true, returns `requires2FA: true`.

    - `POST /users/login/google/2fa` - Complete social authentication with 2FA code. Returns LoginResponseDTO with JWT token.

    ### Two-Factor Authentication (2FA)

    - `POST /users/google/2FAuth/qrCode` - Generate QR code for 2FA setup. Requires email and password. Returns PNG image.

    - `POST /users/google/2FAuth/validate` - Validate 2FA TOTP code (standalone validation). Returns LoginResponseDTO with JWT token.

    - `POST /users/2fa/settings` - Update 2FA settings for a user. Requires JWT authentication (role: user). Parameters: `email`, `require2FAForBasicLogin` (optional), `require2FAForSocialLogin` (optional).

    ### WebAuthn (Biometric/Security Key Authentication)

    - `POST /users/create` - Create a new user

    - `POST /users/login` - Authenticate a user (returns LoginResponseDTO)

    - `PUT /users/update` - Update user information (email and/or password). Requires JWT authentication. Returns LoginResponseDTO with updated token and user.

    - `POST /users/delete` - Delete a user (admin only)

    - `GET /users/validateEmail` - Validate user email with code

    - `POST /users/google/2FAuth/qrCode` - Generate 2FA QR code

    - `POST /users/google/2FAuth/validate` - Validate 2FA code

    - `POST /users/webauthn/register/start` - Start WebAuthn registration process. Returns PublicKeyCredentialCreationOptions as JSON.

    - `POST /users/webauthn/register/finish` - Finish WebAuthn registration. Saves credential for the user.

    - `POST /users/webauthn/authenticate/start` - Start WebAuthn authentication process. Returns PublicKeyCredentialRequestOptions as JSON.

    - `POST /users/webauthn/authenticate/finish` - Finish WebAuthn authentication. Returns LoginResponseDTO with JWT token.

    For complete API documentation, see the [documentation site](https://users.orion-services.dev).

    ## Update User Endpoint

    The `/users/update` endpoint allows updating user email and/or password in a single request:

    The `/users/update` endpoint allows updating user name, email and/or password in a single request:

    - **Method**: PUT

    - **Authentication**: Required (JWT token in Authorization header)

    - **Authentication**: Required (JWT token in Authorization header with role: user)

    - **Parameters**:

      - `email` (required): Current user email

      - `name` (optional): New name

      - `newEmail` (optional): New email address

      - `password` (optional): Current password (required if updating password)

      - `newPassword` (optional): New password

    - **Response**: LoginResponseDTO containing AuthenticationDTO with new JWT token and updated user information

    - **Note**: At least one of `newEmail` or `newPassword` must be provided

    - **Note**: At least one of `name`, `newEmail` or `newPassword` must be provided. Admins can update any user; regular users can only update their own account.

    Example:

    ```bash

    curl -X PUT 'http://localhost:8080/users/update' \

      --header 'Authorization: Bearer <token>' \

      --header 'Content-Type: application/x-www-form-urlencoded' \

      --data-urlencode 'email=user@example.com' \

      --data-urlencode 'name=New Name' \

      --data-urlencode 'newEmail=newuser@example.com'

    ```

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Version 0.0.6 #65

Uh oh!

Diff view

Diff view

There are no files selected for viewing

Uh oh!

Uh oh!