Code refactored according to mentor suggestions. Added token prefix a…

…nd auth header strings to constant. Removed redundant AuthenticationException handling in GlobalExceptionHandler. Added max size limits for email and password in UserLoginRequestDto
nklimovych · May 14, 2024 · bcf91b9 · bcf91b9
1 parent 7603e5a
commit bcf91b9
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 12 deletions.
diff --git a/src/main/java/mate/academy/bookstore/dto/user/UserLoginRequestDto.java b/src/main/java/mate/academy/bookstore/dto/user/UserLoginRequestDto.java
@@ -6,10 +6,11 @@
 
 public record UserLoginRequestDto(
         @NotBlank
+        @Size(min = 8, max = 20)
         @Email
         String email,
         @NotBlank
-        @Size(min = 8, message = "Password must be at least 8 characters long")
+        @Size(min = 8, max = 20, message = "Password must be at least 8 characters long")
         String password
 ) {
 }
diff --git a/src/main/java/mate/academy/bookstore/exception/GlobalExceptionHandler.java b/src/main/java/mate/academy/bookstore/exception/GlobalExceptionHandler.java
@@ -1,6 +1,5 @@
 package mate.academy.bookstore.exception;
 
-import io.jsonwebtoken.JwtException;
 import java.time.LocalDateTime;
 import java.util.LinkedHashMap;
 import java.util.List;
@@ -10,7 +9,6 @@
 import org.springframework.http.HttpStatusCode;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.access.AccessDeniedException;
-import org.springframework.security.core.AuthenticationException;
 import org.springframework.validation.FieldError;
 import org.springframework.validation.ObjectError;
 import org.springframework.web.bind.MethodArgumentNotValidException;
@@ -55,11 +53,6 @@ protected ResponseEntity<Object> handleAccessDenied(AccessDeniedException ex) {
         return getResponseEntity(HttpStatus.FORBIDDEN, ex.getMessage());
     }
 
-    @ExceptionHandler({JwtException.class, AuthenticationException.class})
-    protected ResponseEntity<Object> handleAuthentication(Exception ex) {
-        return getResponseEntity(HttpStatus.UNAUTHORIZED, ex.getMessage());
-    }
-
     private ResponseEntity<Object> getResponseEntity(HttpStatus status, Object message) {
         Map<String, Object> body = new LinkedHashMap<>();
         body.put("timestamp", LocalDateTime.now());

diff --git a/src/main/java/mate/academy/bookstore/security/JwtAuthenticationFilter.java b/src/main/java/mate/academy/bookstore/security/JwtAuthenticationFilter.java
@@ -17,8 +17,11 @@
 @RequiredArgsConstructor
 @Component
 public class JwtAuthenticationFilter extends OncePerRequestFilter {
-    private final JwtUtil jwtUtil;
+    private static final int START_INDEX = 7;
+    private static final String BEARER_PREFIX = "Bearer ";
+    private static final String AUTHORIZATION = "Authorization";
     private final UserDetailsService userDetailsService;
+    private final JwtUtil jwtUtil;
 
     @Override
     protected void doFilterInternal(
@@ -40,9 +43,9 @@ protected void doFilterInternal(
     }
 
     private String getToken(HttpServletRequest request) {
-        String bearerToken = request.getHeader("Authorization");
-        if (bearerToken != null && bearerToken.startsWith("Bearer ")) {
-            return bearerToken.substring(7);
+        String bearerToken = request.getHeader(AUTHORIZATION);
+        if (bearerToken != null && bearerToken.startsWith(BEARER_PREFIX)) {
+            return bearerToken.substring(START_INDEX);
         }
         return null;
     }