Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added JWT support #11

Merged
merged 15 commits into from
May 15, 2024
Merged

Added JWT support #11

merged 15 commits into from
May 15, 2024

Conversation

nklimovych
Copy link
Owner

No description provided.

@nklimovych
Added SecurityConfig class with PasswordEncoder and SecurityFilterCha…
dd288fe 
…in beans. Implemented UserDetails interface in the User class. Added the implementation for UserDetailsService interface. Added Role entity. Added RoleRepository. Added roles field to the User entity. Added Liquibase changesets to insert roles into DB and assign roles for users.
@nklimovych
Added JWT support
b2c7f65
@nklimovych
Added handling of JwtException and AuthenticationException in GlobalE…
9ef8fb5 
…xceptionHandler
@nklimovych nklimovych changed the title Jwt impl Added JWT support May 13, 2024
nklimovych and others added 10 commits May 13, 2024 10:37
@nklimovych
Removed redundant Key to SecretKey cast in JwtUtil in lines 38 & 53
8bb0b4b
@nklimovych
Added swagger request matchers
b574464
@nklimovych
Added SecurityConfig class with PasswordEncoder and SecurityFilterCha…
6cd7419 
…in beans. Implemented UserDetails interface in the User class. Added the implementation for UserDetailsService interface. Added Role entity. Added RoleRepository. Added roles field to the User entity. Added Liquibase changesets to insert roles into DB and assign roles for users.
@nklimovych
Added JWT support
d2e8e3c
@nklimovych
Added handling of JwtException and AuthenticationException in GlobalE…
53077bb 
…xceptionHandler
@nklimovych
Removed redundant Key to SecretKey cast in JwtUtil in lines 38 & 53
926837c
@nklimovych
Added swagger request matchers
6969d92
@nklimovych
Merge remote-tracking branch 'origin/jwt-impl' into jwt-impl
3e4736c 
# Conflicts:
#	src/main/java/mate/academy/bookstore/model/Role.java
#	src/main/java/mate/academy/bookstore/repository/role/RoleRepository.java
#	src/main/java/mate/academy/bookstore/service/impl/UserServiceImpl.java
#	src/main/resources/db/changelog/changes/03-create-roles-table.yaml
#	src/main/resources/db/changelog/changes/05-insert-roles-into-database.yaml
#	src/main/resources/db/changelog/changes/07-assign-admin-user-to-role-admin.yaml
@nklimovych
Merge branch 'main' into jwt-impl
242d1ad
@nklimovych
Merge remote-tracking branch 'origin/jwt-impl' into jwt-impl
7603e5a
d1sam
d1sam suggested changes May 14, 2024
View reviewed changes
Copy link

@d1sam d1sam left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good job, but there are some minor changes, that should be done according my comments.

src/main/java/mate/academy/bookstore/dto/user/UserLoginRequestDto.java Outdated
@Email
String email,
@NotBlank
@Size(min = 8, message = "Password must be at least 8 characters long")
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

what about max parameter?

src/main/java/mate/academy/bookstore/dto/user/UserLoginRequestDto.java

public record UserLoginRequestDto(
@NotBlank
@Email
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
@Email
@Email
@Size(min = 8, max = 20)

src/main/java/mate/academy/bookstore/exception/GlobalExceptionHandler.java Outdated Show resolved Hide resolved
src/main/java/mate/academy/bookstore/security/JwtAuthenticationFilter.java Outdated
Comment on lines 43 to 47
String bearerToken = request.getHeader("Authorization");
if (bearerToken != null && bearerToken.startsWith("Bearer ")) {
return bearerToken.substring(7);
}
return null;
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

please avoid magic numbers and String literals

@nklimovych
Code refactored according to mentor suggestions. Added token prefix a…
bcf91b9 
…nd auth header strings to constant. Removed redundant AuthenticationException handling in GlobalExceptionHandler. Added max size limits for email and password in UserLoginRequestDto
@nklimovych nklimovych requested a review from d1sam May 14, 2024 12:40
andrii-hoienko
andrii-hoienko suggested changes May 14, 2024
View reviewed changes
Copy link

@andrii-hoienko andrii-hoienko left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice, left minor comments

src/main/java/mate/academy/bookstore/config/SecurityConfig.java
Comment on lines +60 to +65
@Bean
public AuthenticationManager authenticationManager(
AuthenticationConfiguration authenticationConfiguration
) throws Exception {
return authenticationConfiguration.getAuthenticationManager();
}
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it necessary to add this?

Copy link
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I added it because Spring can't awtowire AuthenticationManager and app failed to start:
Could not autowire. No beans of 'AuthenticationManager' type found.

src/main/java/mate/academy/bookstore/security/JwtAuthenticationFilter.java Outdated
private String getToken(HttpServletRequest request) {
String bearerToken = request.getHeader(AUTHORIZATION);
if (bearerToken != null && bearerToken.startsWith(BEARER_PREFIX)) {
return bearerToken.substring(START_INDEX);
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
return bearerToken.substring(START_INDEX);
return bearerToken.substring(BEARER_PREFIX.length);

src/main/java/mate/academy/bookstore/security/JwtAuthenticationFilter.java Outdated
@RequiredArgsConstructor
@Component
public class JwtAuthenticationFilter extends OncePerRequestFilter {
private static final int START_INDEX = 7;
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
private static final int START_INDEX = 7;

src/main/resources/db/changelog/changes/03-create-roles-table.yaml
unique: true
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
unique: true
unique: true

Copy link
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I believe GitHub doesn't display empty lines at the end because it already exists

@nklimovych nklimovych merged commit 7e352d8 into main May 15, 2024
2 checks passed
@nklimovych nklimovych deleted the jwt-impl branch May 15, 2024 13:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vovasalyha vovasalyha vovasalyha approved these changes

@d1sam d1sam Awaiting requested review from d1sam

@andrii-hoienko andrii-hoienko Awaiting requested review from andrii-hoienko

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@nklimovych @andrii-hoienko @vovasalyha @d1sam