├── .github └── FUNDING.yml ├── .gitignore ├── README.md ├── docker-compose.yml ├── documentation ├── admin-login.gif ├── project-diagram.excalidraw ├── project-diagram.jpeg └── user-login.gif ├── order-api ├── .mvn │ └── wrapper │ │ └── maven-wrapper.properties ├── mvnw ├── mvnw.cmd ├── pom.xml ├── src │ ├── main │ │ ├── java │ │ │ └── com │ │ │ │ └── ivanfranchin │ │ │ │ └── orderapi │ │ │ │ ├── OrderApiApplication.java │ │ │ │ ├── config │ │ │ │ ├── ErrorAttributesConfig.java │ │ │ │ └── SwaggerConfig.java │ │ │ │ ├── order │ │ │ │ ├── Order.java │ │ │ │ ├── OrderNotFoundException.java │ │ │ │ ├── OrderRepository.java │ │ │ │ ├── OrderService.java │ │ │ │ └── OrderServiceImpl.java │ │ │ │ ├── rest │ │ │ │ ├── AuthController.java │ │ │ │ ├── OrderController.java │ │ │ │ ├── PublicController.java │ │ │ │ ├── UserController.java │ │ │ │ └── dto │ │ │ │ │ ├── AuthResponse.java │ │ │ │ │ ├── CreateOrderRequest.java │ │ │ │ │ ├── LoginRequest.java │ │ │ │ │ ├── OrderDto.java │ │ │ │ │ ├── SignUpRequest.java │ │ │ │ │ └── UserDto.java │ │ │ │ ├── runner │ │ │ │ └── DatabaseInitializer.java │ │ │ │ ├── security │ │ │ │ ├── CorsConfig.java │ │ │ │ ├── CustomUserDetails.java │ │ │ │ ├── CustomUserDetailsService.java │ │ │ │ ├── SecurityConfig.java │ │ │ │ ├── TokenAuthenticationFilter.java │ │ │ │ └── TokenProvider.java │ │ │ │ └── user │ │ │ │ ├── DuplicatedUserInfoException.java │ │ │ │ ├── User.java │ │ │ │ ├── UserNotFoundException.java │ │ │ │ ├── UserRepository.java │ │ │ │ ├── UserService.java │ │ │ │ └── UserServiceImpl.java │ │ └── resources │ │ │ ├── application.yml │ │ │ └── banner.txt │ └── test │ │ └── java │ │ └── com │ │ └── ivanfranchin │ │ └── orderapi │ │ └── OrderApiApplicationTests.java └── test-endpoints.sh └── order-ui ├── package-lock.json ├── package.json ├── public ├── favicon.ico ├── index.html ├── manifest.json └── robots.txt └── src ├── App.js ├── Constants.js ├── components ├── admin │ ├── AdminPage.js │ ├── AdminTab.js │ ├── OrderTable.js │ └── UserTable.js ├── context │ └── AuthContext.js ├── home │ ├── Home.js │ ├── Login.js │ └── Signup.js ├── misc │ ├── Helpers.js │ ├── Navbar.js │ ├── OrderApi.js │ ├── OrderForm.js │ └── PrivateRoute.js └── user │ ├── OrderTable.js │ └── UserPage.js ├── index.css ├── index.js ├── reportWebVitals.js └── setupTests.js /.github/FUNDING.yml: -------------------------------------------------------------------------------- 1 | github: ivangfr 2 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | target/ 2 | !.mvn/wrapper/maven-wrapper.jar 3 | !**/src/main/**/target/ 4 | !**/src/test/**/target/ 5 | 6 | ### STS ### 7 | .apt_generated 8 | .classpath 9 | .factorypath 10 | .project 11 | .settings 12 | .springBeans 13 | .sts4-cache 14 | 15 | ### IntelliJ IDEA ### 16 | .idea 17 | *.iws 18 | *.iml 19 | *.ipr 20 | 21 | ### NetBeans ### 22 | /nbproject/private/ 23 | /nbbuild/ 24 | /dist/ 25 | /nbdist/ 26 | /.nb-gradle/ 27 | build/ 28 | !**/src/main/**/build/ 29 | !**/src/test/**/build/ 30 | 31 | ### VS Code ### 32 | .vscode/ 33 | 34 | ## --- 35 | ## React project 36 | 37 | # See https://help.github.com/articles/ignoring-files/ for more about ignoring files. 38 | 39 | # dependencies 40 | node_modules/ 41 | /.pnp 42 | .pnp.js 43 | 44 | # testing 45 | coverage/ 46 | 47 | # production 48 | build/ 49 | 50 | # misc 51 | .env.local 52 | .env.development.local 53 | .env.test.local 54 | .env.production.local 55 | 56 | npm-debug.log* 57 | yarn-debug.log* 58 | yarn-error.log* 59 | 60 | .eslintcache 61 | 62 | ### MAC OS ### 63 | *.DS_Store 64 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # springboot-react-jwt-token 2 | 3 | The goal of this project is to implement an application called `order-app` to manage orders. For it, we will implement a back-end [`Spring Boot`](https://docs.spring.io/spring-boot/index.html) application called `order-api` and a font-end [React](https://react.dev/) application called `order-ui`. Besides, we will use [`JWT Authentication`](https://en.wikipedia.org/wiki/JSON_Web_Token) to secure both applications. 4 | 5 | ## Proof-of-Concepts & Articles 6 | 7 | On [ivangfr.github.io](https://ivangfr.github.io), I have compiled my Proof-of-Concepts (PoCs) and articles. You can easily search for the technology you are interested in by using the filter. Who knows, perhaps I have already implemented a PoC or written an article about what you are looking for. 8 | 9 | ## Additional Readings 10 | 11 | - \[**Medium**\] [**Implementing A Full Stack Web App Using Spring-Boot and React**](https://medium.com/@ivangfr/implementing-a-full-stack-web-app-using-spring-boot-and-react-7db598df4452) 12 | - \[**Medium**\] [**Implementing Social Login in a Spring Boot and React App**](https://medium.com/@ivangfr/implementing-social-login-in-a-spring-boot-and-react-app-6ce073c9983c) 13 | - \[**Medium**\] [**Building a Web Chat with Social Login using Spring Boot: Introduction**](https://medium.com/@ivangfr/building-a-web-chat-with-social-login-using-spring-boot-introduction-644702e6be8e) 14 | - \[**Medium**\] [**Building a Single Spring Boot App with Keycloak or Okta as IdP: Introduction**](https://medium.com/@ivangfr/building-a-single-spring-boot-app-with-keycloak-or-okta-as-idp-introduction-2814a4829aed) 15 | 16 | ## Project Diagram 17 | 18 | ![project-diagram](documentation/project-diagram.jpeg) 19 | 20 | ## Applications 21 | 22 | - ### order-api 23 | 24 | `Spring Boot` Web Java backend application that exposes a Rest API to create, retrieve, and delete orders. If a user has the `ADMIN` role, he/she can also retrieve information of other users or delete them. 25 | 26 | The application's secured endpoints can only be accessed if a valid JWT access token is provided. 27 | 28 | `order-api` stores its data in [`Postgres`](https://www.postgresql.org/) database. 29 | 30 | `order-api` has the following endpoints: 31 | 32 | | Endpoint | Secured | Roles | 33 | | ------------------------------------------------------------- | ------- | --------------- | 34 | | `POST /auth/authenticate -d {"username","password"}` | No | | 35 | | `POST /auth/signup -d {"username","password","name","email"}` | No | | 36 | | `GET /public/numberOfUsers` | No | | 37 | | `GET /public/numberOfOrders` | No | | 38 | | `GET /api/users/me` | Yes | `ADMIN`, `USER` | 39 | | `GET /api/users` | Yes | `ADMIN` | 40 | | `GET /api/users/{username}` | Yes | `ADMIN` | 41 | | `DELETE /api/users/{username}` | Yes | `ADMIN` | 42 | | `GET /api/orders [?text]` | Yes | `ADMIN` | 43 | | `POST /api/orders -d {"description"}` | Yes | `ADMIN`, `USER` | 44 | | `DELETE /api/orders/{id}` | Yes | `ADMIN` | 45 | 46 | - ### order-ui 47 | 48 | `React` frontend application where a user with role `USER` can create an order and retrieve a specific order. On the other hand, a user with role `ADMIN` as access to all secured endpoints. 49 | 50 | In order to access the application, a `user` or `admin` must log in using his/her `username` and `password`. All the requests coming from `order-ui` to secured endpoints in `order-api` include the JWT access token. This token is generated when the `user` or `admin` logs in. 51 | 52 | `order-ui` uses [`Semantic UI React`](https://react.semantic-ui.com/) as a CSS-styled framework. 53 | 54 | ## Prerequisites 55 | 56 | - [`npm`](https://docs.npmjs.com/downloading-and-installing-node-js-and-npm) 57 | - [`Java 21`](https://www.oracle.com/java/technologies/downloads/#java21) or higher; 58 | - A containerization tool (e.g., [`Docker`](https://www.docker.com), [`Podman`](https://podman.io), etc.) 59 | - [`jq`](https://jqlang.github.io/jq/) 60 | 61 | ## Start Environment 62 | 63 | - In a terminal, make sure you are inside the `springboot-react-jwt-token` root folder; 64 | 65 | - Run the following command to start Docker Compose containers: 66 | ```bash 67 | docker compose up -d 68 | ``` 69 | 70 | ## Running order-app using Maven & Npm 71 | 72 | - **order-api** 73 | 74 | - Open a terminal and navigate to the `springboot-react-jwt-token/order-api` folder; 75 | 76 | - Run the following `Maven` command to start the application: 77 | ```bash 78 | ./mvnw clean spring-boot:run 79 | ``` 80 | 81 | - **order-ui** 82 | 83 | - Open another terminal and navigate to the `springboot-react-jwt-token/order-ui` folder; 84 | 85 | - Run the command below if you are running the application for the first time: 86 | ```bash 87 | npm install 88 | ``` 89 | 90 | - Run the `npm` command below to start the application: 91 | ```bash 92 | npm start 93 | ``` 94 | 95 | ## Applications URLs 96 | 97 | | Application | URL | Credentials | 98 | | ----------- | ------------------------------------- | --------------------------------------------------- | 99 | | order-api | http://localhost:8080/swagger-ui.html | | 100 | | order-ui | http://localhost:3000 | `admin/admin`, `user/user` or signing up a new user | 101 | 102 | > **Note**: the credentials shown in the table are the ones already pre-defined. You can signup new users. 103 | 104 | ## Demo 105 | 106 | - The gif below shows a `user` loging in: 107 | 108 | ![user-login](documentation/user-login.gif) 109 | 110 | - The gif below shows an `admin` loging in: 111 | 112 | ![admin-login](documentation/admin-login.gif) 113 | 114 | ## Testing order-api Endpoints 115 | 116 | - **Manual Endpoints Test using Swagger** 117 | 118 | - Open a browser and access http://localhost:8080/swagger-ui.html. All endpoints with the lock sign are secured. In order to access them, you need a valid JWT access token; 119 | 120 | - Click `POST /auth/authenticate` and then, click `Try it out` button; 121 | 122 | - Provide the `user` credentials `username` and `password`: 123 | ```json 124 | { "password": "user", "username": "user" } 125 | ``` 126 | 127 | - Click the `Execute` button. It should return something like: 128 | ```text 129 | Code: 200 130 | { "accessToken": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9..." } 131 | ``` 132 | > **Note 1**: You can use the `admin` credentials to access more secured endpoints. 133 | > 134 | > **Note 2**: The token will expire in **10 minutes**. 135 | 136 | - Copy the `accessToken` value (**without** the double quotes); 137 | 138 | - Click the `Authorize` button at the top of the page; 139 | 140 | - In `Value` input field, paste the copied token; 141 | 142 | - Click the `Authorize` button and then, click the `Close` button; 143 | 144 | - To create an order, click `POST /api/orders` and then, click the `Try it out` button; 145 | 146 | - Provide the `description` of the order: 147 | ```json 148 | { "description": "Buy two iPhones" } 149 | ``` 150 | 151 | - Click the `Execute` button. It should return something like: 152 | ```text 153 | Code: 200 154 | { 155 | "id": "718c9f40-5c06-4571-bc3e-3f888c52eff2", 156 | "description": "Buy two iPhones", 157 | "user": { "username": "user" }, 158 | "createdAt": "..." 159 | } 160 | ``` 161 | 162 | - **Manual Endpoints Test using curl** 163 | 164 | - Open a terminal; 165 | 166 | - Call `GET /public/numberOfUsers`: 167 | ```bash 168 | curl -i localhost:8080/public/numberOfUsers 169 | ``` 170 | It should return: 171 | ```text 172 | HTTP/1.1 200 173 | 2 174 | ``` 175 | 176 | - Call `GET /api/orders` without JWT access token: 177 | ```bash 178 | curl -i localhost:8080/api/orders 179 | ``` 180 | As for this endpoint a valid JWT access token is required, it should return: 181 | ```text 182 | HTTP/1.1 401 183 | ``` 184 | 185 | - Call `POST /auth/authenticate` to get the `admin` JWT access token: 186 | ```bash 187 | ADMIN_ACCESS_TOKEN="$(curl -s -X POST http://localhost:8080/auth/authenticate \ 188 | -H 'Content-Type: application/json' \ 189 | -d '{"username": "admin", "password": "admin"}' | jq -r .accessToken)" 190 | echo $ADMIN_ACCESS_TOKEN 191 | ``` 192 | 193 | - Call `GET /api/orders` again, now with the `admin` JWT access token: 194 | ```bash 195 | curl -i -H "Authorization: Bearer $ADMIN_ACCESS_TOKEN" localhost:8080/api/orders 196 | ``` 197 | It should return an empty array or an array with orders: 198 | ```text 199 | HTTP/1.1 200 200 | [ ... ] 201 | ``` 202 | 203 | - Call `GET /api/users/me` to get more information about the `admin`: 204 | ```bash 205 | curl -i -H "Authorization: Bearer $ADMIN_ACCESS_TOKEN" localhost:8080/api/users/me 206 | ``` 207 | It should return: 208 | ```text 209 | HTTP/1.1 200 210 | { 211 | "id": 1, "username": "admin", "name": "Admin", "email": "admin@mycompany.com", "role": "ADMIN", 212 | "orders": [] 213 | } 214 | ``` 215 | 216 | - **Automatic Endpoints Test** 217 | 218 | - Open a terminal and make sure you are in the `springboot-react-jwt-token` root folder; 219 | 220 | - Run the following script: 221 | ```bash 222 | ./order-api/test-endpoints.sh 223 | ``` 224 | It should return something like the output below, where it shows the http code for different requests: 225 | ```text 226 | POST auth/authenticate 227 | ====================== 228 | admin access token 229 | ------------------ 230 | eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJleHAiOjE1ODY2MjM1MjksImlhdCI6MTU4Nj..._ha2pM4LSSG3_d4exgA 231 | 232 | user access token 233 | ----------------- 234 | eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJleHAiOjE1ODY2MjM1MjksImlhdCIyOSwian...Y3z9uwhuW_nwaGX3cc5A 235 | 236 | POST auth/signup 237 | ================ 238 | user2 access token 239 | ------------------ 240 | eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJleHAiOjE1ODY2MjM1MjksImanRpIjoiYTMw...KvhQbsMGAlFov1Q480qg 241 | 242 | Authorization 243 | ============= 244 | Endpoints | without token | user token | admin token | 245 | ------------------------- + ------------- + ----------- + ------------ | 246 | GET public/numberOfUsers | 200 | 200 | 200 | 247 | GET public/numberOfOrders | 200 | 200 | 200 | 248 | ......................... + ............. + ........... + ............ | 249 | GET /api/users/me | 401 | 200 | 200 | 250 | GET /api/users | 401 | 403 | 200 | 251 | GET /api/users/user2 | 401 | 403 | 200 | 252 | DELETE /api/users/user2 | 401 | 403 | 200 | 253 | ......................... + ............. + ........... + ............ | 254 | GET /api/orders | 401 | 403 | 200 | 255 | POST /api/orders | 401 | 201 | 201 | 256 | DELETE /api/orders/{id} | 401 | 403 | 200 | 257 | ------------------------------------------------------------------------ 258 | [200] Success - [201] Created - [401] Unauthorized - [403] Forbidden 259 | ``` 260 | 261 | ## Util Commands 262 | 263 | - **Postgres** 264 | ```bash 265 | docker exec -it postgres psql -U postgres -d orderdb 266 | \dt 267 | ``` 268 | 269 | - **jwt.io** 270 | 271 | With [jwt.io](https://jwt.io), you can input the JWT token, and the online tool decodes the token, showing its header and payload. 272 | 273 | ## Shutdown 274 | 275 | - To stop `order-api` and `order-ui`, go to the terminals where they are running and press `Ctrl+C`; 276 | 277 | - To stop and remove Docker Compose containers, network, and volumes, go to a terminal and, inside the `springboot-react-jwt-token` root folder, run the command below: 278 | ```bash 279 | docker compose down -v 280 | ``` 281 | 282 | ## How to upgrade order-ui dependencies to latest version 283 | 284 | - In a terminal, make sure you are in the `springboot-react-jwt-token/order-ui` folder; 285 | 286 | - Run the following commands: 287 | ```bash 288 | npm upgrade 289 | npm i -g npm-check-updates 290 | ncu -u 291 | npm install 292 | ``` 293 | 294 | ## References 295 | 296 | - https://www.callicoder.com/spring-boot-security-oauth2-social-login-part-2/#jwt-token-provider-authentication-filter-authentication-error-handler-and-userprincipal 297 | - https://bezkoder.com/spring-boot-jwt-authentication/ 298 | - https://dev.to/keysh/spring-security-with-jwt-3j76 299 | -------------------------------------------------------------------------------- /docker-compose.yml: -------------------------------------------------------------------------------- 1 | services: 2 | 3 | postgres: 4 | image: 'postgres:17.2' 5 | container_name: 'postgres' 6 | ports: 7 | - '5432:5432' 8 | environment: 9 | - 'POSTGRES_DB=orderdb' 10 | - 'POSTGRES_PASSWORD=postgres' 11 | - 'POSTGRES_USER=postgres' 12 | healthcheck: 13 | test: 'pg_isready -U postgres' 14 | -------------------------------------------------------------------------------- /documentation/admin-login.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ivangfr/springboot-react-jwt-token/7cc2f6be25281043d26eb28920ba00b9cf44eefc/documentation/admin-login.gif -------------------------------------------------------------------------------- /documentation/project-diagram.excalidraw: -------------------------------------------------------------------------------- 1 | { 2 | "type": "excalidraw", 3 | "version": 2, 4 | "source": "https://excalidraw.com", 5 | "elements": [ 6 | { 7 | "type": "rectangle", 8 | "version": 3086, 9 | "versionNonce": 940874367, 10 | "isDeleted": false, 11 | "id": "NKmNZxYxWMCKh3prRiPwX", 12 | "fillStyle": "hachure", 13 | "strokeWidth": 1, 14 | "strokeStyle": "solid", 15 | "roughness": 1, 16 | "opacity": 100, 17 | "angle": 0, 18 | "x": 204.0044730329074, 19 | "y": -169.55636328992398, 20 | "strokeColor": "#000000", 21 | "backgroundColor": "#7950f2", 22 | "width": 209.18356323242188, 23 | "height": 99.67071533203125, 24 | "seed": 1443568401, 25 | "groupIds": [], 26 | "roundness": { 27 | "type": 3 28 | }, 29 | "boundElements": [ 30 | { 31 | "type": "text", 32 | "id": "GrVT2PZuYu1cRv3sXwFoI" 33 | }, 34 | { 35 | "id": "wMakVUD8b1mxxc7dx4nWH", 36 | "type": "arrow" 37 | }, 38 | { 39 | "id": "OK4rrYWkk6F__xTpXxo_B", 40 | "type": "arrow" 41 | }, 42 | { 43 | "id": "1Cz_VJKLix4EmY5n45ZII", 44 | "type": "arrow" 45 | }, 46 | { 47 | "id": "6RBbs6PMcioF6JZngXvvZ", 48 | "type": "arrow" 49 | }, 50 | { 51 | "id": "3YCJny2YM0ehaW_k6SbTh", 52 | "type": "arrow" 53 | }, 54 | { 55 | "id": "qH8MuHg48He9PZpz433J9", 56 | "type": "arrow" 57 | }, 58 | { 59 | "id": "rqRau96Al_eFIuskdCN3C", 60 | "type": "arrow" 61 | }, 62 | { 63 | "id": "GQ0du4B85avA_TGN5Isty", 64 | "type": "arrow" 65 | }, 66 | { 67 | "id": "b8LZ8ZxCO7jlLF7hQiGIq", 68 | "type": "arrow" 69 | }, 70 | { 71 | "id": "zSGJtQjAuLJQ_DYJDPzGi", 72 | "type": "arrow" 73 | } 74 | ], 75 | "updated": 1678785702765, 76 | "link": null, 77 | "locked": false 78 | }, 79 | { 80 | "type": "text", 81 | "version": 2054, 82 | "versionNonce": 199512242, 83 | "isDeleted": false, 84 | "id": "GrVT2PZuYu1cRv3sXwFoI", 85 | "fillStyle": "hachure", 86 | "strokeWidth": 1, 87 | "strokeStyle": "solid", 88 | "roughness": 0, 89 | "opacity": 100, 90 | "angle": 0, 91 | "x": 248.1162894391574, 92 | "y": -136.52100562390837, 93 | "strokeColor": "#000000", 94 | "backgroundColor": "transparent", 95 | "width": 120.95993041992188, 96 | "height": 33.6, 97 | "seed": 294979727, 98 | "groupIds": [], 99 | "roundness": null, 100 | "boundElements": [], 101 | "updated": 1678292142650, 102 | "link": null, 103 | "locked": false, 104 | "fontSize": 28, 105 | "fontFamily": 1, 106 | "text": "order-api", 107 | "textAlign": "center", 108 | "verticalAlign": "middle", 109 | "containerId": "NKmNZxYxWMCKh3prRiPwX", 110 | "originalText": "order-api" 111 | }, 112 | { 113 | "type": "ellipse", 114 | "version": 2084, 115 | "versionNonce": 616231583, 116 | "isDeleted": false, 117 | "id": "zYllgBlgP7S7-phqNnnEr", 118 | "fillStyle": "hachure", 119 | "strokeWidth": 2, 120 | "strokeStyle": "solid", 121 | "roughness": 1, 122 | "opacity": 100, 123 | "angle": 6.272333650882224, 124 | "x": -386.56345433848367, 125 | "y": -171.0095932940548, 126 | "strokeColor": "#000000", 127 | "backgroundColor": "transparent", 128 | "width": 26.930389404296875, 129 | "height": 27.545562744140625, 130 | "seed": 1962381553, 131 | "groupIds": [ 132 | "4D1ojplACrlVIaNZ7P0FH" 133 | ], 134 | "roundness": { 135 | "type": 2 136 | }, 137 | "boundElements": [], 138 | "updated": 1678785702765, 139 | "link": null, 140 | "locked": false 141 | }, 142 | { 143 | "type": "line", 144 | "version": 2102, 145 | "versionNonce": 924927679, 146 | "isDeleted": false, 147 | "id": "iW_3iMfYwsgECYYtnEK33", 148 | "fillStyle": "hachure", 149 | "strokeWidth": 2, 150 | "strokeStyle": "solid", 151 | "roughness": 1, 152 | "opacity": 100, 153 | "angle": 6.272333650882224, 154 | "x": -374.75206279522524, 155 | "y": -142.98641015922834, 156 | "strokeColor": "#000000", 157 | "backgroundColor": "transparent", 158 | "width": 0.473419189453125, 159 | "height": 40.3687744140625, 160 | "seed": 1318734545, 161 | "groupIds": [ 162 | "4D1ojplACrlVIaNZ7P0FH" 163 | ], 164 | "roundness": { 165 | "type": 2 166 | }, 167 | "boundElements": [], 168 | "updated": 1678785702765, 169 | "link": null, 170 | "locked": false, 171 | "startBinding": null, 172 | "endBinding": null, 173 | "lastCommittedPoint": null, 174 | "startArrowhead": null, 175 | "endArrowhead": null, 176 | "points": [ 177 | [ 178 | 0, 179 | 0 180 | ], 181 | [ 182 | -0.473419189453125, 183 | 40.3687744140625 184 | ] 185 | ] 186 | }, 187 | { 188 | "type": "line", 189 | "version": 2053, 190 | "versionNonce": 770184927, 191 | "isDeleted": false, 192 | "id": "8JTNvN86yjteIVYunsqxA", 193 | "fillStyle": "hachure", 194 | "strokeWidth": 2, 195 | "strokeStyle": "solid", 196 | "roughness": 1, 197 | "opacity": 100, 198 | "angle": 6.272333650882224, 199 | "x": -374.6284461437564, 200 | "y": -101.0909962747977, 201 | "strokeColor": "#000000", 202 | "backgroundColor": "transparent", 203 | "width": 17.21380615234375, 204 | "height": 33.91400146484375, 205 | "seed": 998951089, 206 | "groupIds": [ 207 | "4D1ojplACrlVIaNZ7P0FH" 208 | ], 209 | "roundness": { 210 | "type": 2 211 | }, 212 | "boundElements": [], 213 | "updated": 1678785702765, 214 | "link": null, 215 | "locked": false, 216 | "startBinding": null, 217 | "endBinding": null, 218 | "lastCommittedPoint": null, 219 | "startArrowhead": null, 220 | "endArrowhead": null, 221 | "points": [ 222 | [ 223 | 0, 224 | 0 225 | ], 226 | [ 227 | -17.21380615234375, 228 | 33.91400146484375 229 | ] 230 | ] 231 | }, 232 | { 233 | "type": "line", 234 | "version": 2072, 235 | "versionNonce": 530572031, 236 | "isDeleted": false, 237 | "id": "hMliKg9HCYu-lEplUg1Y6", 238 | "fillStyle": "hachure", 239 | "strokeWidth": 2, 240 | "strokeStyle": "solid", 241 | "roughness": 1, 242 | "opacity": 100, 243 | "angle": 6.272333650882224, 244 | "x": -374.5054037920221, 245 | "y": -101.13573746737603, 246 | "strokeColor": "#000000", 247 | "backgroundColor": "transparent", 248 | "width": 12.9422607421875, 249 | "height": 35.16510009765625, 250 | "seed": 359697041, 251 | "groupIds": [ 252 | "4D1ojplACrlVIaNZ7P0FH" 253 | ], 254 | "roundness": { 255 | "type": 2 256 | }, 257 | "boundElements": [], 258 | "updated": 1678785702765, 259 | "link": null, 260 | "locked": false, 261 | "startBinding": null, 262 | "endBinding": null, 263 | "lastCommittedPoint": null, 264 | "startArrowhead": null, 265 | "endArrowhead": null, 266 | "points": [ 267 | [ 268 | 0, 269 | 0 270 | ], 271 | [ 272 | 12.9422607421875, 273 | 35.16510009765625 274 | ] 275 | ] 276 | }, 277 | { 278 | "type": "line", 279 | "version": 2088, 280 | "versionNonce": 2093558559, 281 | "isDeleted": false, 282 | "id": "pnA0DA25tJxDKgaSQnlkY", 283 | "fillStyle": "hachure", 284 | "strokeWidth": 2, 285 | "strokeStyle": "solid", 286 | "roughness": 1, 287 | "opacity": 100, 288 | "angle": 6.272333650882224, 289 | "x": -373.87986759573437, 290 | "y": -125.66100538125949, 291 | "strokeColor": "#000000", 292 | "backgroundColor": "transparent", 293 | "width": 29.445220947265625, 294 | "height": 20.990234375, 295 | "seed": 352522353, 296 | "groupIds": [ 297 | "4D1ojplACrlVIaNZ7P0FH" 298 | ], 299 | "roundness": { 300 | "type": 2 301 | }, 302 | "boundElements": [], 303 | "updated": 1678785702765, 304 | "link": null, 305 | "locked": false, 306 | "startBinding": null, 307 | "endBinding": null, 308 | "lastCommittedPoint": null, 309 | "startArrowhead": null, 310 | "endArrowhead": null, 311 | "points": [ 312 | [ 313 | 0, 314 | 0 315 | ], 316 | [ 317 | 29.445220947265625, 318 | -20.990234375 319 | ] 320 | ] 321 | }, 322 | { 323 | "type": "line", 324 | "version": 2127, 325 | "versionNonce": 1372876607, 326 | "isDeleted": false, 327 | "id": "HhvpXqS4JXS1iu_1aiVep", 328 | "fillStyle": "hachure", 329 | "strokeWidth": 2, 330 | "strokeStyle": "solid", 331 | "roughness": 1, 332 | "opacity": 100, 333 | "angle": 6.272333650882224, 334 | "x": -374.7166237844051, 335 | "y": -126.08411903827829, 336 | "strokeColor": "#000000", 337 | "backgroundColor": "transparent", 338 | "width": 25.4169921875, 339 | "height": 9.85821533203125, 340 | "seed": 1879693905, 341 | "groupIds": [ 342 | "4D1ojplACrlVIaNZ7P0FH" 343 | ], 344 | "roundness": { 345 | "type": 2 346 | }, 347 | "boundElements": [], 348 | "updated": 1678785702765, 349 | "link": null, 350 | "locked": false, 351 | "startBinding": null, 352 | "endBinding": null, 353 | "lastCommittedPoint": null, 354 | "startArrowhead": null, 355 | "endArrowhead": null, 356 | "points": [ 357 | [ 358 | 0, 359 | 0 360 | ], 361 | [ 362 | -25.4169921875, 363 | -9.85821533203125 364 | ] 365 | ] 366 | }, 367 | { 368 | "type": "text", 369 | "version": 2206, 370 | "versionNonce": 1226977119, 371 | "isDeleted": false, 372 | "id": "T0m-48lm7wA_Uw99BXSmk", 373 | "fillStyle": "hachure", 374 | "strokeWidth": 2, 375 | "strokeStyle": "solid", 376 | "roughness": 1, 377 | "opacity": 100, 378 | "angle": 6.272333650882224, 379 | "x": -399.56602362354784, 380 | "y": -224.07537806484228, 381 | "strokeColor": "#000000", 382 | "backgroundColor": "transparent", 383 | "width": 70.87995910644531, 384 | "height": 48, 385 | "seed": 928802865, 386 | "groupIds": [ 387 | "4D1ojplACrlVIaNZ7P0FH" 388 | ], 389 | "roundness": null, 390 | "boundElements": [ 391 | { 392 | "id": "GQ0du4B85avA_TGN5Isty", 393 | "type": "arrow" 394 | } 395 | ], 396 | "updated": 1678785702765, 397 | "link": null, 398 | "locked": false, 399 | "fontSize": 20, 400 | "fontFamily": 1, 401 | "text": "Admin /\nUser", 402 | "textAlign": "left", 403 | "verticalAlign": "top", 404 | "containerId": null, 405 | "originalText": "Admin /\nUser" 406 | }, 407 | { 408 | "type": "rectangle", 409 | "version": 3147, 410 | "versionNonce": 1828907903, 411 | "isDeleted": false, 412 | "id": "D1l-2El2Gpsr55PhX9Msm", 413 | "fillStyle": "hachure", 414 | "strokeWidth": 1, 415 | "strokeStyle": "solid", 416 | "roughness": 1, 417 | "opacity": 100, 418 | "angle": 0, 419 | "x": -225.53199811175386, 420 | "y": -168.29568213758023, 421 | "strokeColor": "#000000", 422 | "backgroundColor": "#228be6", 423 | "width": 209.18356323242188, 424 | "height": 99.67071533203125, 425 | "seed": 1960983057, 426 | "groupIds": [], 427 | "roundness": { 428 | "type": 3 429 | }, 430 | "boundElements": [ 431 | { 432 | "type": "text", 433 | "id": "Hr9npzlHGUYC828WZTRBC" 434 | }, 435 | { 436 | "id": "OK4rrYWkk6F__xTpXxo_B", 437 | "type": "arrow" 438 | }, 439 | { 440 | "id": "7ZHeB_svF5YPuNu0CndOh", 441 | "type": "arrow" 442 | }, 443 | { 444 | "id": "3YCJny2YM0ehaW_k6SbTh", 445 | "type": "arrow" 446 | }, 447 | { 448 | "id": "ZE5SJf-9sD79ItE-Y4ZgZ", 449 | "type": "arrow" 450 | }, 451 | { 452 | "id": "b8LZ8ZxCO7jlLF7hQiGIq", 453 | "type": "arrow" 454 | }, 455 | { 456 | "id": "zSGJtQjAuLJQ_DYJDPzGi", 457 | "type": "arrow" 458 | } 459 | ], 460 | "updated": 1678785702765, 461 | "link": null, 462 | "locked": false 463 | }, 464 | { 465 | "type": "text", 466 | "version": 2127, 467 | "versionNonce": 1807184494, 468 | "isDeleted": false, 469 | "id": "Hr9npzlHGUYC828WZTRBC", 470 | "fillStyle": "hachure", 471 | "strokeWidth": 1, 472 | "strokeStyle": "solid", 473 | "roughness": 0, 474 | "opacity": 100, 475 | "angle": 0, 476 | "x": -173.13218732073824, 477 | "y": -135.26032447156462, 478 | "strokeColor": "#000000", 479 | "backgroundColor": "transparent", 480 | "width": 104.38394165039062, 481 | "height": 33.6, 482 | "seed": 68814578, 483 | "groupIds": [], 484 | "roundness": null, 485 | "boundElements": [], 486 | "updated": 1678292138944, 487 | "link": null, 488 | "locked": false, 489 | "fontSize": 28, 490 | "fontFamily": 1, 491 | "text": "order-ui", 492 | "textAlign": "center", 493 | "verticalAlign": "middle", 494 | "containerId": "D1l-2El2Gpsr55PhX9Msm", 495 | "originalText": "order-ui" 496 | }, 497 | { 498 | "type": "rectangle", 499 | "version": 968, 500 | "versionNonce": 699868063, 501 | "isDeleted": false, 502 | "id": "0tFsB5XswcFk43y4cu2nN", 503 | "fillStyle": "hachure", 504 | "strokeWidth": 1, 505 | "strokeStyle": "solid", 506 | "roughness": 1, 507 | "opacity": 100, 508 | "angle": 0, 509 | "x": 535.8107497507344, 510 | "y": -187.73431128797085, 511 | "strokeColor": "#000000", 512 | "backgroundColor": "#ced4da", 513 | "width": 297, 514 | "height": 138, 515 | "seed": 160616433, 516 | "groupIds": [ 517 | "VYxzlFTCd547xQKFY-Zwf" 518 | ], 519 | "roundness": { 520 | "type": 3 521 | }, 522 | "boundElements": [ 523 | { 524 | "type": "text", 525 | "id": "0-UtAJfoU5Uba-J7Vn9NQ" 526 | }, 527 | { 528 | "id": "wMakVUD8b1mxxc7dx4nWH", 529 | "type": "arrow" 530 | } 531 | ], 532 | "updated": 1678785702765, 533 | "link": null, 534 | "locked": false 535 | }, 536 | { 537 | "type": "text", 538 | "version": 302, 539 | "versionNonce": 258955199, 540 | "isDeleted": false, 541 | "id": "0-UtAJfoU5Uba-J7Vn9NQ", 542 | "fillStyle": "hachure", 543 | "strokeWidth": 1, 544 | "strokeStyle": "solid", 545 | "roughness": 1, 546 | "opacity": 100, 547 | "angle": 0, 548 | "x": 623.4947707468282, 549 | "y": -152.33431128797085, 550 | "strokeColor": "#000000", 551 | "backgroundColor": "transparent", 552 | "width": 121.6319580078125, 553 | "height": 67.2, 554 | "seed": 1266002385, 555 | "groupIds": [ 556 | "VYxzlFTCd547xQKFY-Zwf" 557 | ], 558 | "roundness": null, 559 | "boundElements": [], 560 | "updated": 1678785702765, 561 | "link": null, 562 | "locked": false, 563 | "fontSize": 28, 564 | "fontFamily": 1, 565 | "text": "Postgres\n", 566 | "textAlign": "center", 567 | "verticalAlign": "middle", 568 | "containerId": "0tFsB5XswcFk43y4cu2nN", 569 | "originalText": "Postgres\n" 570 | }, 571 | { 572 | "type": "rectangle", 573 | "version": 2925, 574 | "versionNonce": 1414268895, 575 | "isDeleted": false, 576 | "id": "c-x7JT7lJ2rumNaXMLIlM", 577 | "fillStyle": "hachure", 578 | "strokeWidth": 1, 579 | "strokeStyle": "solid", 580 | "roughness": 1, 581 | "opacity": 100, 582 | "angle": 0, 583 | "x": 551.0673392918711, 584 | "y": -113.7574665003732, 585 | "strokeColor": "#000000", 586 | "backgroundColor": "#fab005", 587 | "width": 125.44757690429688, 588 | "height": 53.381947618849736, 589 | "seed": 1671579569, 590 | "groupIds": [ 591 | "Bg-OWi1IAZwQFqZ6y7Dkp", 592 | "VYxzlFTCd547xQKFY-Zwf" 593 | ], 594 | "roundness": { 595 | "type": 3 596 | }, 597 | "boundElements": [ 598 | { 599 | "type": "text", 600 | "id": "bZz1uQCoDc1O5J5lJDsL-" 601 | }, 602 | { 603 | "id": "6RBbs6PMcioF6JZngXvvZ", 604 | "type": "arrow" 605 | } 606 | ], 607 | "updated": 1678785702765, 608 | "link": null, 609 | "locked": false 610 | }, 611 | { 612 | "type": "text", 613 | "version": 2355, 614 | "versionNonce": 375239679, 615 | "isDeleted": false, 616 | "id": "bZz1uQCoDc1O5J5lJDsL-", 617 | "fillStyle": "hachure", 618 | "strokeWidth": 1, 619 | "strokeStyle": "solid", 620 | "roughness": 1, 621 | "opacity": 100, 622 | "angle": 0, 623 | "x": 583.0611625340587, 624 | "y": -99.06649269094834, 625 | "strokeColor": "#000000", 626 | "backgroundColor": "transparent", 627 | "width": 61.459930419921875, 628 | "height": 24, 629 | "seed": 1816144273, 630 | "groupIds": [ 631 | "Bg-OWi1IAZwQFqZ6y7Dkp", 632 | "VYxzlFTCd547xQKFY-Zwf" 633 | ], 634 | "roundness": null, 635 | "boundElements": [], 636 | "updated": 1678785702765, 637 | "link": null, 638 | "locked": false, 639 | "fontSize": 20, 640 | "fontFamily": 1, 641 | "text": "orders", 642 | "textAlign": "center", 643 | "verticalAlign": "middle", 644 | "containerId": "c-x7JT7lJ2rumNaXMLIlM", 645 | "originalText": "orders" 646 | }, 647 | { 648 | "type": "rectangle", 649 | "version": 2966, 650 | "versionNonce": 1571085343, 651 | "isDeleted": false, 652 | "id": "wjrXRaCE6Yj-C4HcYMJ9q", 653 | "fillStyle": "hachure", 654 | "strokeWidth": 1, 655 | "strokeStyle": "solid", 656 | "roughness": 1, 657 | "opacity": 100, 658 | "angle": 0, 659 | "x": 696.6193812827773, 660 | "y": -115.87744301902461, 661 | "strokeColor": "#000000", 662 | "backgroundColor": "#fab005", 663 | "width": 125.44757690429688, 664 | "height": 53.381947618849736, 665 | "seed": 1317457777, 666 | "groupIds": [ 667 | "wAK919OTmyvqIKDdj1YZy", 668 | "VYxzlFTCd547xQKFY-Zwf" 669 | ], 670 | "roundness": { 671 | "type": 3 672 | }, 673 | "boundElements": [ 674 | { 675 | "type": "text", 676 | "id": "eONTCMsXWPVZu9wq9FMro" 677 | }, 678 | { 679 | "id": "wMakVUD8b1mxxc7dx4nWH", 680 | "type": "arrow" 681 | } 682 | ], 683 | "updated": 1678785702765, 684 | "link": null, 685 | "locked": false 686 | }, 687 | { 688 | "type": "text", 689 | "version": 2394, 690 | "versionNonce": 1578238015, 691 | "isDeleted": false, 692 | "id": "eONTCMsXWPVZu9wq9FMro", 693 | "fillStyle": "hachure", 694 | "strokeWidth": 1, 695 | "strokeStyle": "solid", 696 | "roughness": 1, 697 | "opacity": 100, 698 | "angle": 0, 699 | "x": 733.0332026939102, 700 | "y": -101.18646920959975, 701 | "strokeColor": "#000000", 702 | "backgroundColor": "transparent", 703 | "width": 52.61993408203125, 704 | "height": 24, 705 | "seed": 1623046481, 706 | "groupIds": [ 707 | "wAK919OTmyvqIKDdj1YZy", 708 | "VYxzlFTCd547xQKFY-Zwf" 709 | ], 710 | "roundness": null, 711 | "boundElements": [], 712 | "updated": 1678785702765, 713 | "link": null, 714 | "locked": false, 715 | "fontSize": 20, 716 | "fontFamily": 1, 717 | "text": "users", 718 | "textAlign": "center", 719 | "verticalAlign": "middle", 720 | "containerId": "wjrXRaCE6Yj-C4HcYMJ9q", 721 | "originalText": "users" 722 | }, 723 | { 724 | "type": "arrow", 725 | "version": 494, 726 | "versionNonce": 1843469678, 727 | "isDeleted": false, 728 | "id": "wMakVUD8b1mxxc7dx4nWH", 729 | "fillStyle": "hachure", 730 | "strokeWidth": 1, 731 | "strokeStyle": "solid", 732 | "roughness": 1, 733 | "opacity": 100, 734 | "angle": 0, 735 | "x": 422.9042659263321, 736 | "y": -101.39150489636839, 737 | "strokeColor": "#000000", 738 | "backgroundColor": "transparent", 739 | "width": 334.7559814453125, 740 | "height": 87.61696669836434, 741 | "seed": 294319406, 742 | "groupIds": [], 743 | "roundness": { 744 | "type": 2 745 | }, 746 | "boundElements": [ 747 | { 748 | "type": "text", 749 | "id": "_rNYE2UpkpewKRRsL2NQY" 750 | } 751 | ], 752 | "updated": 1678291114911, 753 | "link": null, 754 | "locked": false, 755 | "startBinding": { 756 | "elementId": "NKmNZxYxWMCKh3prRiPwX", 757 | "focus": -0.5416187830852912, 758 | "gap": 9.716229661002785 759 | }, 760 | "endBinding": { 761 | "elementId": "wjrXRaCE6Yj-C4HcYMJ9q", 762 | "focus": -0.9246393232716618, 763 | "gap": 8.688394946311455 764 | }, 765 | "lastCommittedPoint": null, 766 | "startArrowhead": "arrow", 767 | "endArrowhead": "arrow", 768 | "points": [ 769 | [ 770 | 0, 771 | 0 772 | ], 773 | [ 774 | 111.46905517578125, 775 | 87.61696669836434 776 | ], 777 | [ 778 | 334.7559814453125, 779 | 47.58440444250496 780 | ] 781 | ] 782 | }, 783 | { 784 | "type": "text", 785 | "version": 44, 786 | "versionNonce": 1929764654, 787 | "isDeleted": false, 788 | "id": "_rNYE2UpkpewKRRsL2NQY", 789 | "fillStyle": "hachure", 790 | "strokeWidth": 1, 791 | "strokeStyle": "solid", 792 | "roughness": 1, 793 | "opacity": 100, 794 | "angle": 0, 795 | "x": 475.80540423199614, 796 | "y": -35.7160054831603, 797 | "strokeColor": "#000000", 798 | "backgroundColor": "transparent", 799 | "width": 132.15988159179688, 800 | "height": 48, 801 | "seed": 454937906, 802 | "groupIds": [], 803 | "roundness": null, 804 | "boundElements": [], 805 | "updated": 1678290682783, 806 | "link": null, 807 | "locked": false, 808 | "fontSize": 20, 809 | "fontFamily": 1, 810 | "text": "validate user\ncredentials", 811 | "textAlign": "center", 812 | "verticalAlign": "middle", 813 | "containerId": "wMakVUD8b1mxxc7dx4nWH", 814 | "originalText": "validate user\ncredentials" 815 | }, 816 | { 817 | "type": "arrow", 818 | "version": 427, 819 | "versionNonce": 1844677678, 820 | "isDeleted": false, 821 | "id": "OK4rrYWkk6F__xTpXxo_B", 822 | "fillStyle": "hachure", 823 | "strokeWidth": 1, 824 | "strokeStyle": "solid", 825 | "roughness": 1, 826 | "opacity": 100, 827 | "angle": 0, 828 | "x": -7.727081729917913, 829 | "y": -114.19966013184856, 830 | "strokeColor": "#c92a2a", 831 | "backgroundColor": "transparent", 832 | "width": 209.65014648437494, 833 | "height": 19.46782240209299, 834 | "seed": 1912426158, 835 | "groupIds": [], 836 | "roundness": { 837 | "type": 2 838 | }, 839 | "boundElements": [ 840 | { 841 | "type": "text", 842 | "id": "pbmjFkZW23WHV9cf3PVFI" 843 | } 844 | ], 845 | "updated": 1678292192492, 846 | "link": null, 847 | "locked": false, 848 | "startBinding": { 849 | "elementId": "D1l-2El2Gpsr55PhX9Msm", 850 | "focus": 0.38594389458156636, 851 | "gap": 8.621353149414077 852 | }, 853 | "endBinding": { 854 | "elementId": "NKmNZxYxWMCKh3prRiPwX", 855 | "focus": -0.29967483698108455, 856 | "gap": 2.0814082784503967 857 | }, 858 | "lastCommittedPoint": null, 859 | "startArrowhead": null, 860 | "endArrowhead": "arrow", 861 | "points": [ 862 | [ 863 | 0, 864 | 0 865 | ], 866 | [ 867 | 94.71484374999999, 868 | -19.46782240209299 869 | ], 870 | [ 871 | 209.65014648437494, 872 | -2.0214544099642637 873 | ] 874 | ] 875 | }, 876 | { 877 | "type": "text", 878 | "version": 113, 879 | "versionNonce": 2026662194, 880 | "isDeleted": false, 881 | "id": "pbmjFkZW23WHV9cf3PVFI", 882 | "fillStyle": "hachure", 883 | "strokeWidth": 1, 884 | "strokeStyle": "solid", 885 | "roughness": 1, 886 | "opacity": 100, 887 | "angle": 0, 888 | "x": 18.10781054303129, 889 | "y": -157.66748253394155, 890 | "strokeColor": "#c92a2a", 891 | "backgroundColor": "#228be6", 892 | "width": 137.75990295410156, 893 | "height": 48, 894 | "seed": 51819570, 895 | "groupIds": [], 896 | "roundness": null, 897 | "boundElements": [], 898 | "updated": 1678292246981, 899 | "link": null, 900 | "locked": false, 901 | "fontSize": 20, 902 | "fontFamily": 1, 903 | "text": "2. username /\npassword", 904 | "textAlign": "center", 905 | "verticalAlign": "middle", 906 | "containerId": "OK4rrYWkk6F__xTpXxo_B", 907 | "originalText": "2. username /\npassword" 908 | }, 909 | { 910 | "type": "arrow", 911 | "version": 453, 912 | "versionNonce": 1532781874, 913 | "isDeleted": false, 914 | "id": "7ZHeB_svF5YPuNu0CndOh", 915 | "fillStyle": "hachure", 916 | "strokeWidth": 1, 917 | "strokeStyle": "solid", 918 | "roughness": 1, 919 | "opacity": 100, 920 | "angle": 0, 921 | "x": -354.3360294838242, 922 | "y": -102.08554283667593, 923 | "strokeColor": "#c92a2a", 924 | "backgroundColor": "transparent", 925 | "width": 209.53756941599426, 926 | "height": 71.99673461914062, 927 | "seed": 142027186, 928 | "groupIds": [], 929 | "roundness": { 930 | "type": 2 931 | }, 932 | "boundElements": [ 933 | { 934 | "type": "text", 935 | "id": "40yx8P5DPlaDDpwK10QeS" 936 | } 937 | ], 938 | "updated": 1678291559542, 939 | "link": null, 940 | "locked": false, 941 | "startBinding": null, 942 | "endBinding": { 943 | "elementId": "D1l-2El2Gpsr55PhX9Msm", 944 | "focus": -0.6354823632336648, 945 | "gap": 6.878748920044927 946 | }, 947 | "lastCommittedPoint": null, 948 | "startArrowhead": null, 949 | "endArrowhead": "arrow", 950 | "points": [ 951 | [ 952 | 0, 953 | 0 954 | ], 955 | [ 956 | 95.36376953125, 957 | 71.99673461914062 958 | ], 959 | [ 960 | 209.53756941599426, 961 | 40.339324951171875 962 | ] 963 | ] 964 | }, 965 | { 966 | "type": "text", 967 | "version": 37, 968 | "versionNonce": 2091749746, 969 | "isDeleted": false, 970 | "id": "40yx8P5DPlaDDpwK10QeS", 971 | "fillStyle": "hachure", 972 | "strokeWidth": 1, 973 | "strokeStyle": "solid", 974 | "roughness": 1, 975 | "opacity": 100, 976 | "angle": 0, 977 | "x": -323.4422153969101, 978 | "y": -54.0888082175353, 979 | "strokeColor": "#c92a2a", 980 | "backgroundColor": "transparent", 981 | "width": 128.93991088867188, 982 | "height": 48, 983 | "seed": 287977906, 984 | "groupIds": [], 985 | "roundness": null, 986 | "boundElements": [], 987 | "updated": 1678291566556, 988 | "link": null, 989 | "locked": false, 990 | "fontSize": 20, 991 | "fontFamily": 1, 992 | "text": "1. username /\npassword", 993 | "textAlign": "center", 994 | "verticalAlign": "middle", 995 | "containerId": "7ZHeB_svF5YPuNu0CndOh", 996 | "originalText": "1. username /\npassword" 997 | }, 998 | { 999 | "type": "arrow", 1000 | "version": 295, 1001 | "versionNonce": 650744498, 1002 | "isDeleted": false, 1003 | "id": "1Cz_VJKLix4EmY5n45ZII", 1004 | "fillStyle": "hachure", 1005 | "strokeWidth": 1, 1006 | "strokeStyle": "solid", 1007 | "roughness": 1, 1008 | "opacity": 100, 1009 | "angle": 0, 1010 | "x": -347.0024723549179, 1011 | "y": -134.3574849753478, 1012 | "strokeColor": "#0b7285", 1013 | "backgroundColor": "transparent", 1014 | "width": 543.63037109375, 1015 | "height": 76.808837890625, 1016 | "seed": 1910303598, 1017 | "groupIds": [], 1018 | "roundness": { 1019 | "type": 2 1020 | }, 1021 | "boundElements": [ 1022 | { 1023 | "type": "text", 1024 | "id": "GaGrnTXdoKPDyBaQ1RDdF" 1025 | } 1026 | ], 1027 | "updated": 1678291541020, 1028 | "link": null, 1029 | "locked": false, 1030 | "startBinding": null, 1031 | "endBinding": { 1032 | "elementId": "NKmNZxYxWMCKh3prRiPwX", 1033 | "focus": 0.12536741860437922, 1034 | "gap": 7.37657429407534 1035 | }, 1036 | "lastCommittedPoint": null, 1037 | "startArrowhead": null, 1038 | "endArrowhead": "arrow", 1039 | "points": [ 1040 | [ 1041 | 0, 1042 | 0 1043 | ], 1044 | [ 1045 | 232.83929443359375, 1046 | -76.808837890625 1047 | ], 1048 | [ 1049 | 543.63037109375, 1050 | -16.06013209565924 1051 | ] 1052 | ] 1053 | }, 1054 | { 1055 | "type": "text", 1056 | "version": 30, 1057 | "versionNonce": 844343662, 1058 | "isDeleted": false, 1059 | "id": "GaGrnTXdoKPDyBaQ1RDdF", 1060 | "fillStyle": "hachure", 1061 | "strokeWidth": 1, 1062 | "strokeStyle": "solid", 1063 | "roughness": 1, 1064 | "opacity": 100, 1065 | "angle": 0, 1066 | "x": -178.63313336566011, 1067 | "y": -235.1663228659728, 1068 | "strokeColor": "#0b7285", 1069 | "backgroundColor": "transparent", 1070 | "width": 128.93991088867188, 1071 | "height": 48, 1072 | "seed": 855114222, 1073 | "groupIds": [], 1074 | "roundness": null, 1075 | "boundElements": [], 1076 | "updated": 1678291541020, 1077 | "link": null, 1078 | "locked": false, 1079 | "fontSize": 20, 1080 | "fontFamily": 1, 1081 | "text": "1. username /\npassword", 1082 | "textAlign": "center", 1083 | "verticalAlign": "middle", 1084 | "containerId": "1Cz_VJKLix4EmY5n45ZII", 1085 | "originalText": "1. username /\npassword" 1086 | }, 1087 | { 1088 | "type": "arrow", 1089 | "version": 388, 1090 | "versionNonce": 2107266606, 1091 | "isDeleted": false, 1092 | "id": "6RBbs6PMcioF6JZngXvvZ", 1093 | "fillStyle": "hachure", 1094 | "strokeWidth": 1, 1095 | "strokeStyle": "solid", 1096 | "roughness": 1, 1097 | "opacity": 100, 1098 | "angle": 0, 1099 | "x": 422.49117144095754, 1100 | "y": -125.04049523199942, 1101 | "strokeColor": "#000000", 1102 | "backgroundColor": "transparent", 1103 | "width": 169.09644409474953, 1104 | "height": 61.88470458984376, 1105 | "seed": 1502029166, 1106 | "groupIds": [], 1107 | "roundness": { 1108 | "type": 2 1109 | }, 1110 | "boundElements": [ 1111 | { 1112 | "type": "text", 1113 | "id": "FWdrtotwnAY6Lz1OmD-Ie" 1114 | } 1115 | ], 1116 | "updated": 1678291111791, 1117 | "link": null, 1118 | "locked": false, 1119 | "startBinding": { 1120 | "elementId": "NKmNZxYxWMCKh3prRiPwX", 1121 | "focus": 0.5835799151203056, 1122 | "gap": 9.303135175628256 1123 | }, 1124 | "endBinding": { 1125 | "elementId": "c-x7JT7lJ2rumNaXMLIlM", 1126 | "focus": 0.21990874704058386, 1127 | "gap": 6.620190594115705 1128 | }, 1129 | "lastCommittedPoint": null, 1130 | "startArrowhead": "arrow", 1131 | "endArrowhead": "arrow", 1132 | "points": [ 1133 | [ 1134 | 0, 1135 | 0 1136 | ], 1137 | [ 1138 | 87.9180061856793, 1139 | -57.221866452333245 1140 | ], 1141 | [ 1142 | 169.09644409474953, 1143 | 4.662838137510512 1144 | ] 1145 | ] 1146 | }, 1147 | { 1148 | "type": "text", 1149 | "version": 7, 1150 | "versionNonce": 1300679086, 1151 | "isDeleted": false, 1152 | "id": "FWdrtotwnAY6Lz1OmD-Ie", 1153 | "fillStyle": "hachure", 1154 | "strokeWidth": 1, 1155 | "strokeStyle": "solid", 1156 | "roughness": 1, 1157 | "opacity": 100, 1158 | "angle": 0, 1159 | "x": 448.91920428082426, 1160 | "y": -156.6298238425353, 1161 | "strokeColor": "#000000", 1162 | "backgroundColor": "transparent", 1163 | "width": 56.319976806640625, 1164 | "height": 24, 1165 | "seed": 1788055726, 1166 | "groupIds": [], 1167 | "roundness": null, 1168 | "boundElements": [], 1169 | "updated": 1678290322910, 1170 | "link": null, 1171 | "locked": false, 1172 | "fontSize": 20, 1173 | "fontFamily": 1, 1174 | "text": "CRUD", 1175 | "textAlign": "center", 1176 | "verticalAlign": "middle", 1177 | "containerId": "6RBbs6PMcioF6JZngXvvZ", 1178 | "originalText": "CRUD" 1179 | }, 1180 | { 1181 | "type": "arrow", 1182 | "version": 339, 1183 | "versionNonce": 862185202, 1184 | "isDeleted": false, 1185 | "id": "3YCJny2YM0ehaW_k6SbTh", 1186 | "fillStyle": "hachure", 1187 | "strokeWidth": 1, 1188 | "strokeStyle": "solid", 1189 | "roughness": 1, 1190 | "opacity": 100, 1191 | "angle": 0, 1192 | "x": 326.9106746177383, 1193 | "y": -59.40258995581655, 1194 | "strokeColor": "#c92a2a", 1195 | "backgroundColor": "#228be6", 1196 | "width": 394.28167724609375, 1197 | "height": 131.38027954101562, 1198 | "seed": 970301618, 1199 | "groupIds": [], 1200 | "roundness": { 1201 | "type": 2 1202 | }, 1203 | "boundElements": [ 1204 | { 1205 | "type": "text", 1206 | "id": "TdtrD1cY0uAKUlxGuRtne" 1207 | } 1208 | ], 1209 | "updated": 1678292364786, 1210 | "link": null, 1211 | "locked": false, 1212 | "startBinding": { 1213 | "elementId": "NKmNZxYxWMCKh3prRiPwX", 1214 | "focus": -0.6622265276559881, 1215 | "gap": 10.483058002076177 1216 | }, 1217 | "endBinding": { 1218 | "elementId": "D1l-2El2Gpsr55PhX9Msm", 1219 | "focus": 0.1486009423127502, 1220 | "gap": 15.503870990357427 1221 | }, 1222 | "lastCommittedPoint": null, 1223 | "startArrowhead": null, 1224 | "endArrowhead": "arrow", 1225 | "points": [ 1226 | [ 1227 | 0, 1228 | 0 1229 | ], 1230 | [ 1231 | -245.04571533203125, 1232 | 131.38027954101562 1233 | ], 1234 | [ 1235 | -394.28167724609375, 1236 | 6.281494140625 1237 | ] 1238 | ] 1239 | }, 1240 | { 1241 | "type": "text", 1242 | "version": 26, 1243 | "versionNonce": 1070020462, 1244 | "isDeleted": false, 1245 | "id": "TdtrD1cY0uAKUlxGuRtne", 1246 | "fillStyle": "hachure", 1247 | "strokeWidth": 1, 1248 | "strokeStyle": "solid", 1249 | "roughness": 1, 1250 | "opacity": 100, 1251 | "angle": 0, 1252 | "x": 64.77873949810942, 1253 | "y": 26.399503550042823, 1254 | "strokeColor": "#c92a2a", 1255 | "backgroundColor": "#228be6", 1256 | "width": 68.09992980957031, 1257 | "height": 24, 1258 | "seed": 1966107886, 1259 | "groupIds": [], 1260 | "roundness": null, 1261 | "boundElements": [], 1262 | "updated": 1678292310917, 1263 | "link": null, 1264 | "locked": false, 1265 | "fontSize": 20, 1266 | "fontFamily": 1, 1267 | "text": "5. resp", 1268 | "textAlign": "center", 1269 | "verticalAlign": "middle", 1270 | "containerId": "3YCJny2YM0ehaW_k6SbTh", 1271 | "originalText": "5. resp" 1272 | }, 1273 | { 1274 | "type": "arrow", 1275 | "version": 191, 1276 | "versionNonce": 154684334, 1277 | "isDeleted": false, 1278 | "id": "qH8MuHg48He9PZpz433J9", 1279 | "fillStyle": "hachure", 1280 | "strokeWidth": 1, 1281 | "strokeStyle": "solid", 1282 | "roughness": 1, 1283 | "opacity": 100, 1284 | "angle": 0, 1285 | "x": 205.13394121930082, 1286 | "y": -173.89575401831655, 1287 | "strokeColor": "#0b7285", 1288 | "backgroundColor": "#228be6", 1289 | "width": 542.8289794921875, 1290 | "height": 90.85546875, 1291 | "seed": 1366180462, 1292 | "groupIds": [], 1293 | "roundness": { 1294 | "type": 2 1295 | }, 1296 | "boundElements": [ 1297 | { 1298 | "type": "text", 1299 | "id": "ONLOk19kNx7Hkzqfx2ICx" 1300 | } 1301 | ], 1302 | "updated": 1678291546746, 1303 | "link": null, 1304 | "locked": false, 1305 | "startBinding": { 1306 | "elementId": "NKmNZxYxWMCKh3prRiPwX", 1307 | "focus": 0.4051315448223847, 1308 | "gap": 4.339390728392573 1309 | }, 1310 | "endBinding": null, 1311 | "lastCommittedPoint": null, 1312 | "startArrowhead": null, 1313 | "endArrowhead": "arrow", 1314 | "points": [ 1315 | [ 1316 | 0, 1317 | 0 1318 | ], 1319 | [ 1320 | -319.03668212890625, 1321 | -74.3468017578125 1322 | ], 1323 | [ 1324 | -542.8289794921875, 1325 | 16.5086669921875 1326 | ] 1327 | ] 1328 | }, 1329 | { 1330 | "type": "text", 1331 | "version": 58, 1332 | "versionNonce": 1182551537, 1333 | "isDeleted": false, 1334 | "id": "ONLOk19kNx7Hkzqfx2ICx", 1335 | "fillStyle": "hachure", 1336 | "strokeWidth": 1, 1337 | "strokeStyle": "solid", 1338 | "roughness": 1, 1339 | "opacity": 100, 1340 | "angle": 0, 1341 | "x": -229.65265698626558, 1342 | "y": -260.24255577612905, 1343 | "strokeColor": "#0b7285", 1344 | "backgroundColor": "#228be6", 1345 | "width": 231.4998321533203, 1346 | "height": 24, 1347 | "seed": 136559406, 1348 | "groupIds": [], 1349 | "roundness": null, 1350 | "boundElements": [], 1351 | "updated": 1678785775314, 1352 | "link": null, 1353 | "locked": false, 1354 | "fontSize": 20, 1355 | "fontFamily": 1, 1356 | "text": "2. Access Token (JWT)", 1357 | "textAlign": "center", 1358 | "verticalAlign": "middle", 1359 | "containerId": "qH8MuHg48He9PZpz433J9", 1360 | "originalText": "2. Access Token (JWT)" 1361 | }, 1362 | { 1363 | "type": "arrow", 1364 | "version": 212, 1365 | "versionNonce": 208517678, 1366 | "isDeleted": false, 1367 | "id": "ZE5SJf-9sD79ItE-Y4ZgZ", 1368 | "fillStyle": "hachure", 1369 | "strokeWidth": 1, 1370 | "strokeStyle": "solid", 1371 | "roughness": 1, 1372 | "opacity": 100, 1373 | "angle": 0, 1374 | "x": -89.11160321429293, 1375 | "y": -55.91794029761343, 1376 | "strokeColor": "#c92a2a", 1377 | "backgroundColor": "#228be6", 1378 | "width": 267.8072509765625, 1379 | "height": 74.50341796875, 1380 | "seed": 365296878, 1381 | "groupIds": [], 1382 | "roundness": { 1383 | "type": 2 1384 | }, 1385 | "boundElements": [ 1386 | { 1387 | "type": "text", 1388 | "id": "0nd5llgESbpEYXc_BaexR" 1389 | } 1390 | ], 1391 | "updated": 1678291596668, 1392 | "link": null, 1393 | "locked": false, 1394 | "startBinding": { 1395 | "elementId": "D1l-2El2Gpsr55PhX9Msm", 1396 | "focus": -0.8187052986717684, 1397 | "gap": 12.707026507935552 1398 | }, 1399 | "endBinding": null, 1400 | "lastCommittedPoint": null, 1401 | "startArrowhead": null, 1402 | "endArrowhead": "arrow", 1403 | "points": [ 1404 | [ 1405 | 0, 1406 | 0 1407 | ], 1408 | [ 1409 | -182.8348846435547, 1410 | 73.88641357421875 1411 | ], 1412 | [ 1413 | -267.8072509765625, 1414 | -0.61700439453125 1415 | ] 1416 | ] 1417 | }, 1418 | { 1419 | "type": "text", 1420 | "version": 25, 1421 | "versionNonce": 525406318, 1422 | "isDeleted": false, 1423 | "id": "0nd5llgESbpEYXc_BaexR", 1424 | "fillStyle": "hachure", 1425 | "strokeWidth": 1, 1426 | "strokeStyle": "solid", 1427 | "roughness": 1, 1428 | "opacity": 100, 1429 | "angle": 0, 1430 | "x": -306.2164539833359, 1431 | "y": 5.968473276605323, 1432 | "strokeColor": "#c92a2a", 1433 | "backgroundColor": "#228be6", 1434 | "width": 68.53993225097656, 1435 | "height": 24, 1436 | "seed": 817133422, 1437 | "groupIds": [], 1438 | "roundness": null, 1439 | "boundElements": [], 1440 | "updated": 1678292314373, 1441 | "link": null, 1442 | "locked": false, 1443 | "fontSize": 20, 1444 | "fontFamily": 1, 1445 | "text": "6. resp", 1446 | "textAlign": "center", 1447 | "verticalAlign": "middle", 1448 | "containerId": "ZE5SJf-9sD79ItE-Y4ZgZ", 1449 | "originalText": "6. resp" 1450 | }, 1451 | { 1452 | "type": "arrow", 1453 | "version": 255, 1454 | "versionNonce": 11317682, 1455 | "isDeleted": false, 1456 | "id": "rqRau96Al_eFIuskdCN3C", 1457 | "fillStyle": "hachure", 1458 | "strokeWidth": 1, 1459 | "strokeStyle": "solid", 1460 | "roughness": 1, 1461 | "opacity": 100, 1462 | "angle": 0, 1463 | "x": -307.1593327064804, 1464 | "y": -202.5693990378478, 1465 | "strokeColor": "#0b7285", 1466 | "backgroundColor": "#228be6", 1467 | "width": 612.2098999023438, 1468 | "height": 125.73150634765625, 1469 | "seed": 2090008046, 1470 | "groupIds": [], 1471 | "roundness": { 1472 | "type": 2 1473 | }, 1474 | "boundElements": [ 1475 | { 1476 | "type": "text", 1477 | "id": "hXBOiZzMSw1mGhay34GWa" 1478 | } 1479 | ], 1480 | "updated": 1678291834556, 1481 | "link": null, 1482 | "locked": false, 1483 | "startBinding": null, 1484 | "endBinding": { 1485 | "elementId": "NKmNZxYxWMCKh3prRiPwX", 1486 | "focus": 0.68707383099615, 1487 | "gap": 9.131627056517573 1488 | }, 1489 | "lastCommittedPoint": null, 1490 | "startArrowhead": null, 1491 | "endArrowhead": "arrow", 1492 | "points": [ 1493 | [ 1494 | 0, 1495 | 0 1496 | ], 1497 | [ 1498 | 228.7674560546875, 1499 | -101.85009765625 1500 | ], 1501 | [ 1502 | 612.2098999023438, 1503 | 23.88140869140625 1504 | ] 1505 | ] 1506 | }, 1507 | { 1508 | "type": "text", 1509 | "version": 111, 1510 | "versionNonce": 1391392991, 1511 | "isDeleted": false, 1512 | "id": "hXBOiZzMSw1mGhay34GWa", 1513 | "fillStyle": "hachure", 1514 | "strokeWidth": 1, 1515 | "strokeStyle": "solid", 1516 | "roughness": 1, 1517 | "opacity": 100, 1518 | "angle": 0, 1519 | "x": -222.30177350237886, 1520 | "y": -328.4194966940978, 1521 | "strokeColor": "#0b7285", 1522 | "backgroundColor": "#228be6", 1523 | "width": 287.8197937011719, 1524 | "height": 48, 1525 | "seed": 1204826158, 1526 | "groupIds": [], 1527 | "roundness": null, 1528 | "boundElements": [], 1529 | "updated": 1678785765636, 1530 | "link": null, 1531 | "locked": false, 1532 | "fontSize": 20, 1533 | "fontFamily": 1, 1534 | "text": "3. Uses Access Token (JWT)\nin secured endpoints", 1535 | "textAlign": "center", 1536 | "verticalAlign": "middle", 1537 | "containerId": "rqRau96Al_eFIuskdCN3C", 1538 | "originalText": "3. Uses Access Token (JWT)\nin secured endpoints" 1539 | }, 1540 | { 1541 | "type": "arrow", 1542 | "version": 274, 1543 | "versionNonce": 2035986354, 1544 | "isDeleted": false, 1545 | "id": "GQ0du4B85avA_TGN5Isty", 1546 | "fillStyle": "hachure", 1547 | "strokeWidth": 1, 1548 | "strokeStyle": "solid", 1549 | "roughness": 1, 1550 | "opacity": 100, 1551 | "angle": 0, 1552 | "x": 335.5773616294571, 1553 | "y": -182.32248131323843, 1554 | "strokeColor": "#0b7285", 1555 | "backgroundColor": "#228be6", 1556 | "width": 649.413818359375, 1557 | "height": 183.7892608642578, 1558 | "seed": 163930542, 1559 | "groupIds": [], 1560 | "roundness": { 1561 | "type": 2 1562 | }, 1563 | "boundElements": [ 1564 | { 1565 | "type": "text", 1566 | "id": "XWkRc5xo3KaGLQ-Vfa-9r" 1567 | } 1568 | ], 1569 | "updated": 1678291969972, 1570 | "link": null, 1571 | "locked": false, 1572 | "startBinding": { 1573 | "elementId": "NKmNZxYxWMCKh3prRiPwX", 1574 | "focus": 0.7971298950360483, 1575 | "gap": 12.766118023314448 1576 | }, 1577 | "endBinding": { 1578 | "elementId": "T0m-48lm7wA_Uw99BXSmk", 1579 | "focus": 0.34990609633090264, 1580 | "gap": 15.062305357962941 1581 | }, 1582 | "lastCommittedPoint": null, 1583 | "startArrowhead": null, 1584 | "endArrowhead": "arrow", 1585 | "points": [ 1586 | [ 1587 | 0, 1588 | 0 1589 | ], 1590 | [ 1591 | -453.05853271484375, 1592 | -183.7892608642578 1593 | ], 1594 | [ 1595 | -649.413818359375, 1596 | -37.626617431640625 1597 | ] 1598 | ] 1599 | }, 1600 | { 1601 | "type": "text", 1602 | "version": 12, 1603 | "versionNonce": 776226414, 1604 | "isDeleted": false, 1605 | "id": "XWkRc5xo3KaGLQ-Vfa-9r", 1606 | "fillStyle": "hachure", 1607 | "strokeWidth": 1, 1608 | "strokeStyle": "solid", 1609 | "roughness": 1, 1610 | "opacity": 100, 1611 | "angle": 0, 1612 | "x": -176.71585889056246, 1613 | "y": -377.44975487280874, 1614 | "strokeColor": "#0b7285", 1615 | "backgroundColor": "#228be6", 1616 | "width": 68.53993225097656, 1617 | "height": 24, 1618 | "seed": 1404515122, 1619 | "groupIds": [], 1620 | "roundness": null, 1621 | "boundElements": [], 1622 | "updated": 1678291964830, 1623 | "link": null, 1624 | "locked": false, 1625 | "fontSize": 20, 1626 | "fontFamily": 1, 1627 | "text": "4. resp", 1628 | "textAlign": "center", 1629 | "verticalAlign": "middle", 1630 | "containerId": "GQ0du4B85avA_TGN5Isty", 1631 | "originalText": "4. resp" 1632 | }, 1633 | { 1634 | "type": "arrow", 1635 | "version": 664, 1636 | "versionNonce": 414289970, 1637 | "isDeleted": false, 1638 | "id": "b8LZ8ZxCO7jlLF7hQiGIq", 1639 | "fillStyle": "hachure", 1640 | "strokeWidth": 1, 1641 | "strokeStyle": "solid", 1642 | "roughness": 1, 1643 | "opacity": 100, 1644 | "angle": 0, 1645 | "x": -23.387951740207257, 1646 | "y": -67.05848581544228, 1647 | "strokeColor": "#c92a2a", 1648 | "backgroundColor": "transparent", 1649 | "width": 261.3517456054687, 1650 | "height": 64.94614854517263, 1651 | "seed": 77201454, 1652 | "groupIds": [], 1653 | "roundness": { 1654 | "type": 2 1655 | }, 1656 | "boundElements": [ 1657 | { 1658 | "type": "text", 1659 | "id": "meIMOyM7ayHdGVUynB8No" 1660 | } 1661 | ], 1662 | "updated": 1678292368823, 1663 | "link": null, 1664 | "locked": false, 1665 | "startBinding": { 1666 | "elementId": "D1l-2El2Gpsr55PhX9Msm", 1667 | "focus": 0.027617990963027205, 1668 | "gap": 1.5664809901066974 1669 | }, 1670 | "endBinding": { 1671 | "elementId": "NKmNZxYxWMCKh3prRiPwX", 1672 | "focus": -0.2810443855406691, 1673 | "gap": 9.036298552798684 1674 | }, 1675 | "lastCommittedPoint": null, 1676 | "startArrowhead": null, 1677 | "endArrowhead": "arrow", 1678 | "points": [ 1679 | [ 1680 | 0, 1681 | 0 1682 | ], 1683 | [ 1684 | 130.39849853515625, 1685 | 64.94614854517263 1686 | ], 1687 | [ 1688 | 261.3517456054687, 1689 | 6.209136410348236 1690 | ] 1691 | ] 1692 | }, 1693 | { 1694 | "type": "text", 1695 | "version": 172, 1696 | "versionNonce": 1126741521, 1697 | "isDeleted": false, 1698 | "id": "meIMOyM7ayHdGVUynB8No", 1699 | "fillStyle": "hachure", 1700 | "strokeWidth": 1, 1701 | "strokeStyle": "solid", 1702 | "roughness": 1, 1703 | "opacity": 100, 1704 | "angle": 0, 1705 | "x": 20.710635295925556, 1706 | "y": -38.11233727026965, 1707 | "strokeColor": "#c92a2a", 1708 | "backgroundColor": "#228be6", 1709 | "width": 172.59982299804688, 1710 | "height": 72, 1711 | "seed": 707256754, 1712 | "groupIds": [], 1713 | "roundness": null, 1714 | "boundElements": [], 1715 | "updated": 1678785802199, 1716 | "link": null, 1717 | "locked": false, 1718 | "fontSize": 20, 1719 | "fontFamily": 1, 1720 | "text": "4. uses Access\nToken (JWT) in \nsecured endpoints", 1721 | "textAlign": "center", 1722 | "verticalAlign": "middle", 1723 | "containerId": "b8LZ8ZxCO7jlLF7hQiGIq", 1724 | "originalText": "4. uses Access\nToken (JWT) in secured endpoints" 1725 | }, 1726 | { 1727 | "type": "arrow", 1728 | "version": 52, 1729 | "versionNonce": 413302574, 1730 | "isDeleted": false, 1731 | "id": "zSGJtQjAuLJQ_DYJDPzGi", 1732 | "fillStyle": "hachure", 1733 | "strokeWidth": 1, 1734 | "strokeStyle": "solid", 1735 | "roughness": 1, 1736 | "opacity": 100, 1737 | "angle": 0, 1738 | "x": 199.13412432476957, 1739 | "y": -86.40698448706655, 1740 | "strokeColor": "#c92a2a", 1741 | "backgroundColor": "#228be6", 1742 | "width": 208.34375, 1743 | "height": 14.64288330078125, 1744 | "seed": 1719782322, 1745 | "groupIds": [], 1746 | "roundness": { 1747 | "type": 2 1748 | }, 1749 | "boundElements": [ 1750 | { 1751 | "type": "text", 1752 | "id": "J0fsTI6gE9sAVe0bihaO3" 1753 | } 1754 | ], 1755 | "updated": 1678292318567, 1756 | "link": null, 1757 | "locked": false, 1758 | "startBinding": { 1759 | "elementId": "NKmNZxYxWMCKh3prRiPwX", 1760 | "focus": -0.2685860668560571, 1761 | "gap": 4.87034870813784 1762 | }, 1763 | "endBinding": { 1764 | "elementId": "D1l-2El2Gpsr55PhX9Msm", 1765 | "focus": 0.38445104766251204, 1766 | "gap": 7.1388092041015625 1767 | }, 1768 | "lastCommittedPoint": null, 1769 | "startArrowhead": null, 1770 | "endArrowhead": "arrow", 1771 | "points": [ 1772 | [ 1773 | 0, 1774 | 0 1775 | ], 1776 | [ 1777 | -101.0684814453125, 1778 | 14.64288330078125 1779 | ], 1780 | [ 1781 | -208.34375, 1782 | 3.246856689453125 1783 | ] 1784 | ] 1785 | }, 1786 | { 1787 | "type": "text", 1788 | "version": 47, 1789 | "versionNonce": 1804441361, 1790 | "isDeleted": false, 1791 | "id": "J0fsTI6gE9sAVe0bihaO3", 1792 | "fillStyle": "hachure", 1793 | "strokeWidth": 1, 1794 | "strokeStyle": "solid", 1795 | "roughness": 1, 1796 | "opacity": 100, 1797 | "angle": 0, 1798 | "x": 35.105689571351604, 1799 | "y": -95.7641011862853, 1800 | "strokeColor": "#c92a2a", 1801 | "backgroundColor": "#228be6", 1802 | "width": 125.91990661621094, 1803 | "height": 48, 1804 | "seed": 840601906, 1805 | "groupIds": [], 1806 | "roundness": null, 1807 | "boundElements": [], 1808 | "updated": 1678785788842, 1809 | "link": null, 1810 | "locked": false, 1811 | "fontSize": 20, 1812 | "fontFamily": 1, 1813 | "text": "3. Access\nToken (JWT)", 1814 | "textAlign": "center", 1815 | "verticalAlign": "middle", 1816 | "containerId": "zSGJtQjAuLJQ_DYJDPzGi", 1817 | "originalText": "3. Access\nToken (JWT)" 1818 | } 1819 | ], 1820 | "appState": { 1821 | "gridSize": null, 1822 | "viewBackgroundColor": "#ffffff" 1823 | }, 1824 | "files": {} 1825 | } -------------------------------------------------------------------------------- /documentation/project-diagram.jpeg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ivangfr/springboot-react-jwt-token/7cc2f6be25281043d26eb28920ba00b9cf44eefc/documentation/project-diagram.jpeg -------------------------------------------------------------------------------- /documentation/user-login.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ivangfr/springboot-react-jwt-token/7cc2f6be25281043d26eb28920ba00b9cf44eefc/documentation/user-login.gif -------------------------------------------------------------------------------- /order-api/.mvn/wrapper/maven-wrapper.properties: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one 2 | # or more contributor license agreements. See the NOTICE file 3 | # distributed with this work for additional information 4 | # regarding copyright ownership. The ASF licenses this file 5 | # to you under the Apache License, Version 2.0 (the 6 | # "License"); you may not use this file except in compliance 7 | # with the License. You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, 12 | # software distributed under the License is distributed on an 13 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 14 | # KIND, either express or implied. See the License for the 15 | # specific language governing permissions and limitations 16 | # under the License. 17 | wrapperVersion=3.3.2 18 | distributionType=only-script 19 | distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.9.9/apache-maven-3.9.9-bin.zip 20 | -------------------------------------------------------------------------------- /order-api/mvnw: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # ---------------------------------------------------------------------------- 3 | # Licensed to the Apache Software Foundation (ASF) under one 4 | # or more contributor license agreements. See the NOTICE file 5 | # distributed with this work for additional information 6 | # regarding copyright ownership. The ASF licenses this file 7 | # to you under the Apache License, Version 2.0 (the 8 | # "License"); you may not use this file except in compliance 9 | # with the License. You may obtain a copy of the License at 10 | # 11 | # http://www.apache.org/licenses/LICENSE-2.0 12 | # 13 | # Unless required by applicable law or agreed to in writing, 14 | # software distributed under the License is distributed on an 15 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 16 | # KIND, either express or implied. See the License for the 17 | # specific language governing permissions and limitations 18 | # under the License. 19 | # ---------------------------------------------------------------------------- 20 | 21 | # ---------------------------------------------------------------------------- 22 | # Apache Maven Wrapper startup batch script, version 3.3.2 23 | # 24 | # Optional ENV vars 25 | # ----------------- 26 | # JAVA_HOME - location of a JDK home dir, required when download maven via java source 27 | # MVNW_REPOURL - repo url base for downloading maven distribution 28 | # MVNW_USERNAME/MVNW_PASSWORD - user and password for downloading maven 29 | # MVNW_VERBOSE - true: enable verbose log; debug: trace the mvnw script; others: silence the output 30 | # ---------------------------------------------------------------------------- 31 | 32 | set -euf 33 | [ "${MVNW_VERBOSE-}" != debug ] || set -x 34 | 35 | # OS specific support. 36 | native_path() { printf %s\\n "$1"; } 37 | case "$(uname)" in 38 | CYGWIN* | MINGW*) 39 | [ -z "${JAVA_HOME-}" ] || JAVA_HOME="$(cygpath --unix "$JAVA_HOME")" 40 | native_path() { cygpath --path --windows "$1"; } 41 | ;; 42 | esac 43 | 44 | # set JAVACMD and JAVACCMD 45 | set_java_home() { 46 | # For Cygwin and MinGW, ensure paths are in Unix format before anything is touched 47 | if [ -n "${JAVA_HOME-}" ]; then 48 | if [ -x "$JAVA_HOME/jre/sh/java" ]; then 49 | # IBM's JDK on AIX uses strange locations for the executables 50 | JAVACMD="$JAVA_HOME/jre/sh/java" 51 | JAVACCMD="$JAVA_HOME/jre/sh/javac" 52 | else 53 | JAVACMD="$JAVA_HOME/bin/java" 54 | JAVACCMD="$JAVA_HOME/bin/javac" 55 | 56 | if [ ! -x "$JAVACMD" ] || [ ! -x "$JAVACCMD" ]; then 57 | echo "The JAVA_HOME environment variable is not defined correctly, so mvnw cannot run." >&2 58 | echo "JAVA_HOME is set to \"$JAVA_HOME\", but \"\$JAVA_HOME/bin/java\" or \"\$JAVA_HOME/bin/javac\" does not exist." >&2 59 | return 1 60 | fi 61 | fi 62 | else 63 | JAVACMD="$( 64 | 'set' +e 65 | 'unset' -f command 2>/dev/null 66 | 'command' -v java 67 | )" || : 68 | JAVACCMD="$( 69 | 'set' +e 70 | 'unset' -f command 2>/dev/null 71 | 'command' -v javac 72 | )" || : 73 | 74 | if [ ! -x "${JAVACMD-}" ] || [ ! -x "${JAVACCMD-}" ]; then 75 | echo "The java/javac command does not exist in PATH nor is JAVA_HOME set, so mvnw cannot run." >&2 76 | return 1 77 | fi 78 | fi 79 | } 80 | 81 | # hash string like Java String::hashCode 82 | hash_string() { 83 | str="${1:-}" h=0 84 | while [ -n "$str" ]; do 85 | char="${str%"${str#?}"}" 86 | h=$(((h * 31 + $(LC_CTYPE=C printf %d "'$char")) % 4294967296)) 87 | str="${str#?}" 88 | done 89 | printf %x\\n $h 90 | } 91 | 92 | verbose() { :; } 93 | [ "${MVNW_VERBOSE-}" != true ] || verbose() { printf %s\\n "${1-}"; } 94 | 95 | die() { 96 | printf %s\\n "$1" >&2 97 | exit 1 98 | } 99 | 100 | trim() { 101 | # MWRAPPER-139: 102 | # Trims trailing and leading whitespace, carriage returns, tabs, and linefeeds. 103 | # Needed for removing poorly interpreted newline sequences when running in more 104 | # exotic environments such as mingw bash on Windows. 105 | printf "%s" "${1}" | tr -d '[:space:]' 106 | } 107 | 108 | # parse distributionUrl and optional distributionSha256Sum, requires .mvn/wrapper/maven-wrapper.properties 109 | while IFS="=" read -r key value; do 110 | case "${key-}" in 111 | distributionUrl) distributionUrl=$(trim "${value-}") ;; 112 | distributionSha256Sum) distributionSha256Sum=$(trim "${value-}") ;; 113 | esac 114 | done <"${0%/*}/.mvn/wrapper/maven-wrapper.properties" 115 | [ -n "${distributionUrl-}" ] || die "cannot read distributionUrl property in ${0%/*}/.mvn/wrapper/maven-wrapper.properties" 116 | 117 | case "${distributionUrl##*/}" in 118 | maven-mvnd-*bin.*) 119 | MVN_CMD=mvnd.sh _MVNW_REPO_PATTERN=/maven/mvnd/ 120 | case "${PROCESSOR_ARCHITECTURE-}${PROCESSOR_ARCHITEW6432-}:$(uname -a)" in 121 | *AMD64:CYGWIN* | *AMD64:MINGW*) distributionPlatform=windows-amd64 ;; 122 | :Darwin*x86_64) distributionPlatform=darwin-amd64 ;; 123 | :Darwin*arm64) distributionPlatform=darwin-aarch64 ;; 124 | :Linux*x86_64*) distributionPlatform=linux-amd64 ;; 125 | *) 126 | echo "Cannot detect native platform for mvnd on $(uname)-$(uname -m), use pure java version" >&2 127 | distributionPlatform=linux-amd64 128 | ;; 129 | esac 130 | distributionUrl="${distributionUrl%-bin.*}-$distributionPlatform.zip" 131 | ;; 132 | maven-mvnd-*) MVN_CMD=mvnd.sh _MVNW_REPO_PATTERN=/maven/mvnd/ ;; 133 | *) MVN_CMD="mvn${0##*/mvnw}" _MVNW_REPO_PATTERN=/org/apache/maven/ ;; 134 | esac 135 | 136 | # apply MVNW_REPOURL and calculate MAVEN_HOME 137 | # maven home pattern: ~/.m2/wrapper/dists/{apache-maven-,maven-mvnd--}/ 138 | [ -z "${MVNW_REPOURL-}" ] || distributionUrl="$MVNW_REPOURL$_MVNW_REPO_PATTERN${distributionUrl#*"$_MVNW_REPO_PATTERN"}" 139 | distributionUrlName="${distributionUrl##*/}" 140 | distributionUrlNameMain="${distributionUrlName%.*}" 141 | distributionUrlNameMain="${distributionUrlNameMain%-bin}" 142 | MAVEN_USER_HOME="${MAVEN_USER_HOME:-${HOME}/.m2}" 143 | MAVEN_HOME="${MAVEN_USER_HOME}/wrapper/dists/${distributionUrlNameMain-}/$(hash_string "$distributionUrl")" 144 | 145 | exec_maven() { 146 | unset MVNW_VERBOSE MVNW_USERNAME MVNW_PASSWORD MVNW_REPOURL || : 147 | exec "$MAVEN_HOME/bin/$MVN_CMD" "$@" || die "cannot exec $MAVEN_HOME/bin/$MVN_CMD" 148 | } 149 | 150 | if [ -d "$MAVEN_HOME" ]; then 151 | verbose "found existing MAVEN_HOME at $MAVEN_HOME" 152 | exec_maven "$@" 153 | fi 154 | 155 | case "${distributionUrl-}" in 156 | *?-bin.zip | *?maven-mvnd-?*-?*.zip) ;; 157 | *) die "distributionUrl is not valid, must match *-bin.zip or maven-mvnd-*.zip, but found '${distributionUrl-}'" ;; 158 | esac 159 | 160 | # prepare tmp dir 161 | if TMP_DOWNLOAD_DIR="$(mktemp -d)" && [ -d "$TMP_DOWNLOAD_DIR" ]; then 162 | clean() { rm -rf -- "$TMP_DOWNLOAD_DIR"; } 163 | trap clean HUP INT TERM EXIT 164 | else 165 | die "cannot create temp dir" 166 | fi 167 | 168 | mkdir -p -- "${MAVEN_HOME%/*}" 169 | 170 | # Download and Install Apache Maven 171 | verbose "Couldn't find MAVEN_HOME, downloading and installing it ..." 172 | verbose "Downloading from: $distributionUrl" 173 | verbose "Downloading to: $TMP_DOWNLOAD_DIR/$distributionUrlName" 174 | 175 | # select .zip or .tar.gz 176 | if ! command -v unzip >/dev/null; then 177 | distributionUrl="${distributionUrl%.zip}.tar.gz" 178 | distributionUrlName="${distributionUrl##*/}" 179 | fi 180 | 181 | # verbose opt 182 | __MVNW_QUIET_WGET=--quiet __MVNW_QUIET_CURL=--silent __MVNW_QUIET_UNZIP=-q __MVNW_QUIET_TAR='' 183 | [ "${MVNW_VERBOSE-}" != true ] || __MVNW_QUIET_WGET='' __MVNW_QUIET_CURL='' __MVNW_QUIET_UNZIP='' __MVNW_QUIET_TAR=v 184 | 185 | # normalize http auth 186 | case "${MVNW_PASSWORD:+has-password}" in 187 | '') MVNW_USERNAME='' MVNW_PASSWORD='' ;; 188 | has-password) [ -n "${MVNW_USERNAME-}" ] || MVNW_USERNAME='' MVNW_PASSWORD='' ;; 189 | esac 190 | 191 | if [ -z "${MVNW_USERNAME-}" ] && command -v wget >/dev/null; then 192 | verbose "Found wget ... using wget" 193 | wget ${__MVNW_QUIET_WGET:+"$__MVNW_QUIET_WGET"} "$distributionUrl" -O "$TMP_DOWNLOAD_DIR/$distributionUrlName" || die "wget: Failed to fetch $distributionUrl" 194 | elif [ -z "${MVNW_USERNAME-}" ] && command -v curl >/dev/null; then 195 | verbose "Found curl ... using curl" 196 | curl ${__MVNW_QUIET_CURL:+"$__MVNW_QUIET_CURL"} -f -L -o "$TMP_DOWNLOAD_DIR/$distributionUrlName" "$distributionUrl" || die "curl: Failed to fetch $distributionUrl" 197 | elif set_java_home; then 198 | verbose "Falling back to use Java to download" 199 | javaSource="$TMP_DOWNLOAD_DIR/Downloader.java" 200 | targetZip="$TMP_DOWNLOAD_DIR/$distributionUrlName" 201 | cat >"$javaSource" <<-END 202 | public class Downloader extends java.net.Authenticator 203 | { 204 | protected java.net.PasswordAuthentication getPasswordAuthentication() 205 | { 206 | return new java.net.PasswordAuthentication( System.getenv( "MVNW_USERNAME" ), System.getenv( "MVNW_PASSWORD" ).toCharArray() ); 207 | } 208 | public static void main( String[] args ) throws Exception 209 | { 210 | setDefault( new Downloader() ); 211 | java.nio.file.Files.copy( java.net.URI.create( args[0] ).toURL().openStream(), java.nio.file.Paths.get( args[1] ).toAbsolutePath().normalize() ); 212 | } 213 | } 214 | END 215 | # For Cygwin/MinGW, switch paths to Windows format before running javac and java 216 | verbose " - Compiling Downloader.java ..." 217 | "$(native_path "$JAVACCMD")" "$(native_path "$javaSource")" || die "Failed to compile Downloader.java" 218 | verbose " - Running Downloader.java ..." 219 | "$(native_path "$JAVACMD")" -cp "$(native_path "$TMP_DOWNLOAD_DIR")" Downloader "$distributionUrl" "$(native_path "$targetZip")" 220 | fi 221 | 222 | # If specified, validate the SHA-256 sum of the Maven distribution zip file 223 | if [ -n "${distributionSha256Sum-}" ]; then 224 | distributionSha256Result=false 225 | if [ "$MVN_CMD" = mvnd.sh ]; then 226 | echo "Checksum validation is not supported for maven-mvnd." >&2 227 | echo "Please disable validation by removing 'distributionSha256Sum' from your maven-wrapper.properties." >&2 228 | exit 1 229 | elif command -v sha256sum >/dev/null; then 230 | if echo "$distributionSha256Sum $TMP_DOWNLOAD_DIR/$distributionUrlName" | sha256sum -c >/dev/null 2>&1; then 231 | distributionSha256Result=true 232 | fi 233 | elif command -v shasum >/dev/null; then 234 | if echo "$distributionSha256Sum $TMP_DOWNLOAD_DIR/$distributionUrlName" | shasum -a 256 -c >/dev/null 2>&1; then 235 | distributionSha256Result=true 236 | fi 237 | else 238 | echo "Checksum validation was requested but neither 'sha256sum' or 'shasum' are available." >&2 239 | echo "Please install either command, or disable validation by removing 'distributionSha256Sum' from your maven-wrapper.properties." >&2 240 | exit 1 241 | fi 242 | if [ $distributionSha256Result = false ]; then 243 | echo "Error: Failed to validate Maven distribution SHA-256, your Maven distribution might be compromised." >&2 244 | echo "If you updated your Maven version, you need to update the specified distributionSha256Sum property." >&2 245 | exit 1 246 | fi 247 | fi 248 | 249 | # unzip and move 250 | if command -v unzip >/dev/null; then 251 | unzip ${__MVNW_QUIET_UNZIP:+"$__MVNW_QUIET_UNZIP"} "$TMP_DOWNLOAD_DIR/$distributionUrlName" -d "$TMP_DOWNLOAD_DIR" || die "failed to unzip" 252 | else 253 | tar xzf${__MVNW_QUIET_TAR:+"$__MVNW_QUIET_TAR"} "$TMP_DOWNLOAD_DIR/$distributionUrlName" -C "$TMP_DOWNLOAD_DIR" || die "failed to untar" 254 | fi 255 | printf %s\\n "$distributionUrl" >"$TMP_DOWNLOAD_DIR/$distributionUrlNameMain/mvnw.url" 256 | mv -- "$TMP_DOWNLOAD_DIR/$distributionUrlNameMain" "$MAVEN_HOME" || [ -d "$MAVEN_HOME" ] || die "fail to move MAVEN_HOME" 257 | 258 | clean || : 259 | exec_maven "$@" 260 | -------------------------------------------------------------------------------- /order-api/mvnw.cmd: -------------------------------------------------------------------------------- 1 | <# : batch portion 2 | @REM ---------------------------------------------------------------------------- 3 | @REM Licensed to the Apache Software Foundation (ASF) under one 4 | @REM or more contributor license agreements. See the NOTICE file 5 | @REM distributed with this work for additional information 6 | @REM regarding copyright ownership. The ASF licenses this file 7 | @REM to you under the Apache License, Version 2.0 (the 8 | @REM "License"); you may not use this file except in compliance 9 | @REM with the License. You may obtain a copy of the License at 10 | @REM 11 | @REM http://www.apache.org/licenses/LICENSE-2.0 12 | @REM 13 | @REM Unless required by applicable law or agreed to in writing, 14 | @REM software distributed under the License is distributed on an 15 | @REM "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 16 | @REM KIND, either express or implied. See the License for the 17 | @REM specific language governing permissions and limitations 18 | @REM under the License. 19 | @REM ---------------------------------------------------------------------------- 20 | 21 | @REM ---------------------------------------------------------------------------- 22 | @REM Apache Maven Wrapper startup batch script, version 3.3.2 23 | @REM 24 | @REM Optional ENV vars 25 | @REM MVNW_REPOURL - repo url base for downloading maven distribution 26 | @REM MVNW_USERNAME/MVNW_PASSWORD - user and password for downloading maven 27 | @REM MVNW_VERBOSE - true: enable verbose log; others: silence the output 28 | @REM ---------------------------------------------------------------------------- 29 | 30 | @IF "%__MVNW_ARG0_NAME__%"=="" (SET __MVNW_ARG0_NAME__=%~nx0) 31 | @SET __MVNW_CMD__= 32 | @SET __MVNW_ERROR__= 33 | @SET __MVNW_PSMODULEP_SAVE=%PSModulePath% 34 | @SET PSModulePath= 35 | @FOR /F "usebackq tokens=1* delims==" %%A IN (`powershell -noprofile "& {$scriptDir='%~dp0'; $script='%__MVNW_ARG0_NAME__%'; icm -ScriptBlock ([Scriptblock]::Create((Get-Content -Raw '%~f0'))) -NoNewScope}"`) DO @( 36 | IF "%%A"=="MVN_CMD" (set __MVNW_CMD__=%%B) ELSE IF "%%B"=="" (echo %%A) ELSE (echo %%A=%%B) 37 | ) 38 | @SET PSModulePath=%__MVNW_PSMODULEP_SAVE% 39 | @SET __MVNW_PSMODULEP_SAVE= 40 | @SET __MVNW_ARG0_NAME__= 41 | @SET MVNW_USERNAME= 42 | @SET MVNW_PASSWORD= 43 | @IF NOT "%__MVNW_CMD__%"=="" (%__MVNW_CMD__% %*) 44 | @echo Cannot start maven from wrapper >&2 && exit /b 1 45 | @GOTO :EOF 46 | : end batch / begin powershell #> 47 | 48 | $ErrorActionPreference = "Stop" 49 | if ($env:MVNW_VERBOSE -eq "true") { 50 | $VerbosePreference = "Continue" 51 | } 52 | 53 | # calculate distributionUrl, requires .mvn/wrapper/maven-wrapper.properties 54 | $distributionUrl = (Get-Content -Raw "$scriptDir/.mvn/wrapper/maven-wrapper.properties" | ConvertFrom-StringData).distributionUrl 55 | if (!$distributionUrl) { 56 | Write-Error "cannot read distributionUrl property in $scriptDir/.mvn/wrapper/maven-wrapper.properties" 57 | } 58 | 59 | switch -wildcard -casesensitive ( $($distributionUrl -replace '^.*/','') ) { 60 | "maven-mvnd-*" { 61 | $USE_MVND = $true 62 | $distributionUrl = $distributionUrl -replace '-bin\.[^.]*$',"-windows-amd64.zip" 63 | $MVN_CMD = "mvnd.cmd" 64 | break 65 | } 66 | default { 67 | $USE_MVND = $false 68 | $MVN_CMD = $script -replace '^mvnw','mvn' 69 | break 70 | } 71 | } 72 | 73 | # apply MVNW_REPOURL and calculate MAVEN_HOME 74 | # maven home pattern: ~/.m2/wrapper/dists/{apache-maven-,maven-mvnd--}/ 75 | if ($env:MVNW_REPOURL) { 76 | $MVNW_REPO_PATTERN = if ($USE_MVND) { "/org/apache/maven/" } else { "/maven/mvnd/" } 77 | $distributionUrl = "$env:MVNW_REPOURL$MVNW_REPO_PATTERN$($distributionUrl -replace '^.*'+$MVNW_REPO_PATTERN,'')" 78 | } 79 | $distributionUrlName = $distributionUrl -replace '^.*/','' 80 | $distributionUrlNameMain = $distributionUrlName -replace '\.[^.]*$','' -replace '-bin$','' 81 | $MAVEN_HOME_PARENT = "$HOME/.m2/wrapper/dists/$distributionUrlNameMain" 82 | if ($env:MAVEN_USER_HOME) { 83 | $MAVEN_HOME_PARENT = "$env:MAVEN_USER_HOME/wrapper/dists/$distributionUrlNameMain" 84 | } 85 | $MAVEN_HOME_NAME = ([System.Security.Cryptography.MD5]::Create().ComputeHash([byte[]][char[]]$distributionUrl) | ForEach-Object {$_.ToString("x2")}) -join '' 86 | $MAVEN_HOME = "$MAVEN_HOME_PARENT/$MAVEN_HOME_NAME" 87 | 88 | if (Test-Path -Path "$MAVEN_HOME" -PathType Container) { 89 | Write-Verbose "found existing MAVEN_HOME at $MAVEN_HOME" 90 | Write-Output "MVN_CMD=$MAVEN_HOME/bin/$MVN_CMD" 91 | exit $? 92 | } 93 | 94 | if (! $distributionUrlNameMain -or ($distributionUrlName -eq $distributionUrlNameMain)) { 95 | Write-Error "distributionUrl is not valid, must end with *-bin.zip, but found $distributionUrl" 96 | } 97 | 98 | # prepare tmp dir 99 | $TMP_DOWNLOAD_DIR_HOLDER = New-TemporaryFile 100 | $TMP_DOWNLOAD_DIR = New-Item -Itemtype Directory -Path "$TMP_DOWNLOAD_DIR_HOLDER.dir" 101 | $TMP_DOWNLOAD_DIR_HOLDER.Delete() | Out-Null 102 | trap { 103 | if ($TMP_DOWNLOAD_DIR.Exists) { 104 | try { Remove-Item $TMP_DOWNLOAD_DIR -Recurse -Force | Out-Null } 105 | catch { Write-Warning "Cannot remove $TMP_DOWNLOAD_DIR" } 106 | } 107 | } 108 | 109 | New-Item -Itemtype Directory -Path "$MAVEN_HOME_PARENT" -Force | Out-Null 110 | 111 | # Download and Install Apache Maven 112 | Write-Verbose "Couldn't find MAVEN_HOME, downloading and installing it ..." 113 | Write-Verbose "Downloading from: $distributionUrl" 114 | Write-Verbose "Downloading to: $TMP_DOWNLOAD_DIR/$distributionUrlName" 115 | 116 | $webclient = New-Object System.Net.WebClient 117 | if ($env:MVNW_USERNAME -and $env:MVNW_PASSWORD) { 118 | $webclient.Credentials = New-Object System.Net.NetworkCredential($env:MVNW_USERNAME, $env:MVNW_PASSWORD) 119 | } 120 | [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 121 | $webclient.DownloadFile($distributionUrl, "$TMP_DOWNLOAD_DIR/$distributionUrlName") | Out-Null 122 | 123 | # If specified, validate the SHA-256 sum of the Maven distribution zip file 124 | $distributionSha256Sum = (Get-Content -Raw "$scriptDir/.mvn/wrapper/maven-wrapper.properties" | ConvertFrom-StringData).distributionSha256Sum 125 | if ($distributionSha256Sum) { 126 | if ($USE_MVND) { 127 | Write-Error "Checksum validation is not supported for maven-mvnd. `nPlease disable validation by removing 'distributionSha256Sum' from your maven-wrapper.properties." 128 | } 129 | Import-Module $PSHOME\Modules\Microsoft.PowerShell.Utility -Function Get-FileHash 130 | if ((Get-FileHash "$TMP_DOWNLOAD_DIR/$distributionUrlName" -Algorithm SHA256).Hash.ToLower() -ne $distributionSha256Sum) { 131 | Write-Error "Error: Failed to validate Maven distribution SHA-256, your Maven distribution might be compromised. If you updated your Maven version, you need to update the specified distributionSha256Sum property." 132 | } 133 | } 134 | 135 | # unzip and move 136 | Expand-Archive "$TMP_DOWNLOAD_DIR/$distributionUrlName" -DestinationPath "$TMP_DOWNLOAD_DIR" | Out-Null 137 | Rename-Item -Path "$TMP_DOWNLOAD_DIR/$distributionUrlNameMain" -NewName $MAVEN_HOME_NAME | Out-Null 138 | try { 139 | Move-Item -Path "$TMP_DOWNLOAD_DIR/$MAVEN_HOME_NAME" -Destination $MAVEN_HOME_PARENT | Out-Null 140 | } catch { 141 | if (! (Test-Path -Path "$MAVEN_HOME" -PathType Container)) { 142 | Write-Error "fail to move MAVEN_HOME" 143 | } 144 | } finally { 145 | try { Remove-Item $TMP_DOWNLOAD_DIR -Recurse -Force | Out-Null } 146 | catch { Write-Warning "Cannot remove $TMP_DOWNLOAD_DIR" } 147 | } 148 | 149 | Write-Output "MVN_CMD=$MAVEN_HOME/bin/$MVN_CMD" 150 | -------------------------------------------------------------------------------- /order-api/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 4 | 4.0.0 5 | 6 | org.springframework.boot 7 | spring-boot-starter-parent 8 | 3.4.3 9 | 10 | 11 | com.ivanfranchin 12 | order-api 13 | 0.0.1-SNAPSHOT 14 | order-api 15 | Demo project for Spring Boot 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 21 31 | 0.12.6 32 | 2.8.5 33 | 34 | 35 | 36 | org.springframework.boot 37 | spring-boot-starter-data-jpa 38 | 39 | 40 | org.springframework.boot 41 | spring-boot-starter-security 42 | 43 | 44 | org.springframework.boot 45 | spring-boot-starter-validation 46 | 47 | 48 | org.springframework.boot 49 | spring-boot-starter-web 50 | 51 | 52 | 53 | 54 | io.jsonwebtoken 55 | jjwt-api 56 | ${jjwt.version} 57 | 58 | 59 | io.jsonwebtoken 60 | jjwt-impl 61 | ${jjwt.version} 62 | runtime 63 | 64 | 65 | io.jsonwebtoken 66 | jjwt-jackson 67 | ${jjwt.version} 68 | runtime 69 | 70 | 71 | 72 | 73 | org.springdoc 74 | springdoc-openapi-starter-webmvc-ui 75 | ${springdoc-openapi.version} 76 | 77 | 78 | 79 | org.postgresql 80 | postgresql 81 | runtime 82 | 83 | 84 | org.projectlombok 85 | lombok 86 | true 87 | 88 | 89 | org.springframework.boot 90 | spring-boot-starter-test 91 | test 92 | 93 | 94 | org.springframework.security 95 | spring-security-test 96 | test 97 | 98 | 99 | 100 | 101 | 102 | 103 | org.apache.maven.plugins 104 | maven-compiler-plugin 105 | 106 | 107 | 108 | org.projectlombok 109 | lombok 110 | 111 | 112 | 113 | 114 | 115 | org.springframework.boot 116 | spring-boot-maven-plugin 117 | 118 | 119 | 120 | org.projectlombok 121 | lombok 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | -------------------------------------------------------------------------------- /order-api/src/main/java/com/ivanfranchin/orderapi/OrderApiApplication.java: -------------------------------------------------------------------------------- 1 | package com.ivanfranchin.orderapi; 2 | 3 | import org.springframework.boot.SpringApplication; 4 | import org.springframework.boot.autoconfigure.SpringBootApplication; 5 | 6 | @SpringBootApplication 7 | public class OrderApiApplication { 8 | 9 | public static void main(String[] args) { 10 | SpringApplication.run(OrderApiApplication.class, args); 11 | } 12 | } 13 | -------------------------------------------------------------------------------- /order-api/src/main/java/com/ivanfranchin/orderapi/config/ErrorAttributesConfig.java: -------------------------------------------------------------------------------- 1 | package com.ivanfranchin.orderapi.config; 2 | 3 | import org.springframework.boot.web.error.ErrorAttributeOptions; 4 | import org.springframework.boot.web.error.ErrorAttributeOptions.Include; 5 | import org.springframework.boot.web.servlet.error.DefaultErrorAttributes; 6 | import org.springframework.boot.web.servlet.error.ErrorAttributes; 7 | import org.springframework.context.annotation.Bean; 8 | import org.springframework.context.annotation.Configuration; 9 | import org.springframework.web.context.request.WebRequest; 10 | 11 | import java.util.Map; 12 | 13 | @Configuration 14 | public class ErrorAttributesConfig { 15 | 16 | @Bean 17 | ErrorAttributes errorAttributes() { 18 | return new DefaultErrorAttributes() { 19 | @Override 20 | public Map getErrorAttributes(WebRequest webRequest, ErrorAttributeOptions options) { 21 | return super.getErrorAttributes(webRequest, options.including(Include.EXCEPTION, Include.MESSAGE, Include.BINDING_ERRORS)); 22 | } 23 | }; 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /order-api/src/main/java/com/ivanfranchin/orderapi/config/SwaggerConfig.java: -------------------------------------------------------------------------------- 1 | package com.ivanfranchin.orderapi.config; 2 | 3 | import io.swagger.v3.oas.models.Components; 4 | import io.swagger.v3.oas.models.OpenAPI; 5 | import io.swagger.v3.oas.models.info.Info; 6 | import io.swagger.v3.oas.models.security.SecurityScheme; 7 | import org.springframework.beans.factory.annotation.Value; 8 | import org.springframework.context.annotation.Bean; 9 | import org.springframework.context.annotation.Configuration; 10 | 11 | @Configuration 12 | public class SwaggerConfig { 13 | 14 | @Value("${spring.application.name}") 15 | private String applicationName; 16 | 17 | @Bean 18 | OpenAPI customOpenAPI() { 19 | return new OpenAPI() 20 | .components( 21 | new Components().addSecuritySchemes(BEARER_KEY_SECURITY_SCHEME, 22 | new SecurityScheme().type(SecurityScheme.Type.HTTP).scheme("bearer").bearerFormat("JWT"))) 23 | .info(new Info().title(applicationName)); 24 | } 25 | 26 | public static final String BEARER_KEY_SECURITY_SCHEME = "bearer-key"; 27 | } 28 | -------------------------------------------------------------------------------- /order-api/src/main/java/com/ivanfranchin/orderapi/order/Order.java: -------------------------------------------------------------------------------- 1 | package com.ivanfranchin.orderapi.order; 2 | 3 | import com.ivanfranchin.orderapi.user.User; 4 | import com.ivanfranchin.orderapi.rest.dto.CreateOrderRequest; 5 | import jakarta.persistence.Entity; 6 | import jakarta.persistence.FetchType; 7 | import jakarta.persistence.Id; 8 | import jakarta.persistence.JoinColumn; 9 | import jakarta.persistence.ManyToOne; 10 | import jakarta.persistence.PrePersist; 11 | import jakarta.persistence.Table; 12 | import lombok.Data; 13 | import lombok.NoArgsConstructor; 14 | 15 | import java.time.Instant; 16 | 17 | @Data 18 | @NoArgsConstructor 19 | @Entity 20 | @Table(name = "orders") 21 | public class Order { 22 | 23 | @Id 24 | private String id; 25 | 26 | private String description; 27 | 28 | @ManyToOne(fetch = FetchType.LAZY) 29 | @JoinColumn(name = "user_id") 30 | private User user; 31 | 32 | private Instant createdAt; 33 | 34 | public Order(String description) { 35 | this.description = description; 36 | } 37 | 38 | @PrePersist 39 | public void onPrePersist() { 40 | createdAt = Instant.now(); 41 | } 42 | 43 | public static Order from(CreateOrderRequest createOrderRequest) { 44 | return new Order(createOrderRequest.description()); 45 | } 46 | } 47 | -------------------------------------------------------------------------------- /order-api/src/main/java/com/ivanfranchin/orderapi/order/OrderNotFoundException.java: -------------------------------------------------------------------------------- 1 | package com.ivanfranchin.orderapi.order; 2 | 3 | import org.springframework.http.HttpStatus; 4 | import org.springframework.web.bind.annotation.ResponseStatus; 5 | 6 | @ResponseStatus(HttpStatus.NOT_FOUND) 7 | public class OrderNotFoundException extends RuntimeException { 8 | 9 | public OrderNotFoundException(String message) { 10 | super(message); 11 | } 12 | } 13 | -------------------------------------------------------------------------------- /order-api/src/main/java/com/ivanfranchin/orderapi/order/OrderRepository.java: -------------------------------------------------------------------------------- 1 | package com.ivanfranchin.orderapi.order; 2 | 3 | import org.springframework.data.jpa.repository.JpaRepository; 4 | import org.springframework.stereotype.Repository; 5 | 6 | import java.util.List; 7 | 8 | @Repository 9 | public interface OrderRepository extends JpaRepository { 10 | 11 | List findAllByOrderByCreatedAtDesc(); 12 | 13 | List findByIdContainingOrDescriptionContainingIgnoreCaseOrderByCreatedAt(String id, String description); 14 | } 15 | -------------------------------------------------------------------------------- /order-api/src/main/java/com/ivanfranchin/orderapi/order/OrderService.java: -------------------------------------------------------------------------------- 1 | package com.ivanfranchin.orderapi.order; 2 | 3 | import java.util.List; 4 | 5 | public interface OrderService { 6 | 7 | List getOrders(); 8 | 9 | List getOrdersContainingText(String text); 10 | 11 | Order validateAndGetOrder(String id); 12 | 13 | Order saveOrder(Order order); 14 | 15 | void deleteOrder(Order order); 16 | } 17 | -------------------------------------------------------------------------------- /order-api/src/main/java/com/ivanfranchin/orderapi/order/OrderServiceImpl.java: -------------------------------------------------------------------------------- 1 | package com.ivanfranchin.orderapi.order; 2 | 3 | import lombok.RequiredArgsConstructor; 4 | import org.springframework.stereotype.Service; 5 | 6 | import java.util.List; 7 | 8 | @RequiredArgsConstructor 9 | @Service 10 | public class OrderServiceImpl implements OrderService { 11 | 12 | private final OrderRepository orderRepository; 13 | 14 | @Override 15 | public List getOrders() { 16 | return orderRepository.findAllByOrderByCreatedAtDesc(); 17 | } 18 | 19 | @Override 20 | public List getOrdersContainingText(String text) { 21 | return orderRepository.findByIdContainingOrDescriptionContainingIgnoreCaseOrderByCreatedAt(text, text); 22 | } 23 | 24 | @Override 25 | public Order validateAndGetOrder(String id) { 26 | return orderRepository.findById(id) 27 | .orElseThrow(() -> new OrderNotFoundException(String.format("Order with id %s not found", id))); 28 | } 29 | 30 | @Override 31 | public Order saveOrder(Order order) { 32 | return orderRepository.save(order); 33 | } 34 | 35 | @Override 36 | public void deleteOrder(Order order) { 37 | orderRepository.delete(order); 38 | } 39 | } 40 | -------------------------------------------------------------------------------- /order-api/src/main/java/com/ivanfranchin/orderapi/rest/AuthController.java: -------------------------------------------------------------------------------- 1 | package com.ivanfranchin.orderapi.rest; 2 | 3 | import com.ivanfranchin.orderapi.rest.dto.AuthResponse; 4 | import com.ivanfranchin.orderapi.rest.dto.LoginRequest; 5 | import com.ivanfranchin.orderapi.rest.dto.SignUpRequest; 6 | import com.ivanfranchin.orderapi.security.SecurityConfig; 7 | import com.ivanfranchin.orderapi.security.TokenProvider; 8 | import com.ivanfranchin.orderapi.user.DuplicatedUserInfoException; 9 | import com.ivanfranchin.orderapi.user.User; 10 | import com.ivanfranchin.orderapi.user.UserService; 11 | import jakarta.validation.Valid; 12 | import lombok.RequiredArgsConstructor; 13 | import org.springframework.http.HttpStatus; 14 | import org.springframework.security.authentication.AuthenticationManager; 15 | import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; 16 | import org.springframework.security.core.Authentication; 17 | import org.springframework.security.crypto.password.PasswordEncoder; 18 | import org.springframework.web.bind.annotation.PostMapping; 19 | import org.springframework.web.bind.annotation.RequestBody; 20 | import org.springframework.web.bind.annotation.RequestMapping; 21 | import org.springframework.web.bind.annotation.ResponseStatus; 22 | import org.springframework.web.bind.annotation.RestController; 23 | 24 | @RequiredArgsConstructor 25 | @RestController 26 | @RequestMapping("/auth") 27 | public class AuthController { 28 | 29 | private final UserService userService; 30 | private final PasswordEncoder passwordEncoder; 31 | private final AuthenticationManager authenticationManager; 32 | private final TokenProvider tokenProvider; 33 | 34 | @PostMapping("/authenticate") 35 | public AuthResponse login(@Valid @RequestBody LoginRequest loginRequest) { 36 | String token = authenticateAndGetToken(loginRequest.username(), loginRequest.password()); 37 | return new AuthResponse(token); 38 | } 39 | 40 | @ResponseStatus(HttpStatus.CREATED) 41 | @PostMapping("/signup") 42 | public AuthResponse signUp(@Valid @RequestBody SignUpRequest signUpRequest) { 43 | if (userService.hasUserWithUsername(signUpRequest.username())) { 44 | throw new DuplicatedUserInfoException(String.format("Username %s already been used", signUpRequest.username())); 45 | } 46 | if (userService.hasUserWithEmail(signUpRequest.email())) { 47 | throw new DuplicatedUserInfoException(String.format("Email %s already been used", signUpRequest.email())); 48 | } 49 | 50 | userService.saveUser(this.mapSignUpRequestToUser(signUpRequest)); 51 | 52 | String token = authenticateAndGetToken(signUpRequest.username(), signUpRequest.password()); 53 | return new AuthResponse(token); 54 | } 55 | 56 | private String authenticateAndGetToken(String username, String password) { 57 | Authentication authentication = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(username, password)); 58 | return tokenProvider.generate(authentication); 59 | } 60 | 61 | private User mapSignUpRequestToUser(SignUpRequest signUpRequest) { 62 | User user = new User(); 63 | user.setUsername(signUpRequest.username()); 64 | user.setPassword(passwordEncoder.encode(signUpRequest.password())); 65 | user.setName(signUpRequest.name()); 66 | user.setEmail(signUpRequest.email()); 67 | user.setRole(SecurityConfig.USER); 68 | return user; 69 | } 70 | } 71 | -------------------------------------------------------------------------------- /order-api/src/main/java/com/ivanfranchin/orderapi/rest/OrderController.java: -------------------------------------------------------------------------------- 1 | package com.ivanfranchin.orderapi.rest; 2 | 3 | import com.ivanfranchin.orderapi.order.Order; 4 | import com.ivanfranchin.orderapi.user.User; 5 | import com.ivanfranchin.orderapi.rest.dto.CreateOrderRequest; 6 | import com.ivanfranchin.orderapi.rest.dto.OrderDto; 7 | import com.ivanfranchin.orderapi.security.CustomUserDetails; 8 | import com.ivanfranchin.orderapi.order.OrderService; 9 | import com.ivanfranchin.orderapi.user.UserService; 10 | import io.swagger.v3.oas.annotations.Operation; 11 | import io.swagger.v3.oas.annotations.security.SecurityRequirement; 12 | import jakarta.validation.Valid; 13 | import lombok.RequiredArgsConstructor; 14 | import org.springframework.http.HttpStatus; 15 | import org.springframework.security.core.annotation.AuthenticationPrincipal; 16 | import org.springframework.web.bind.annotation.DeleteMapping; 17 | import org.springframework.web.bind.annotation.GetMapping; 18 | import org.springframework.web.bind.annotation.PathVariable; 19 | import org.springframework.web.bind.annotation.PostMapping; 20 | import org.springframework.web.bind.annotation.RequestBody; 21 | import org.springframework.web.bind.annotation.RequestMapping; 22 | import org.springframework.web.bind.annotation.RequestParam; 23 | import org.springframework.web.bind.annotation.ResponseStatus; 24 | import org.springframework.web.bind.annotation.RestController; 25 | 26 | import java.util.List; 27 | import java.util.UUID; 28 | import java.util.stream.Collectors; 29 | 30 | import static com.ivanfranchin.orderapi.config.SwaggerConfig.BEARER_KEY_SECURITY_SCHEME; 31 | 32 | @RequiredArgsConstructor 33 | @RestController 34 | @RequestMapping("/api/orders") 35 | public class OrderController { 36 | 37 | private final UserService userService; 38 | private final OrderService orderService; 39 | 40 | @Operation(security = {@SecurityRequirement(name = BEARER_KEY_SECURITY_SCHEME)}) 41 | @GetMapping 42 | public List getOrders(@RequestParam(value = "text", required = false) String text) { 43 | List orders = (text == null) ? orderService.getOrders() : orderService.getOrdersContainingText(text); 44 | return orders.stream() 45 | .map(OrderDto::from) 46 | .collect(Collectors.toList()); 47 | } 48 | 49 | @Operation(security = {@SecurityRequirement(name = BEARER_KEY_SECURITY_SCHEME)}) 50 | @ResponseStatus(HttpStatus.CREATED) 51 | @PostMapping 52 | public OrderDto createOrder(@AuthenticationPrincipal CustomUserDetails currentUser, 53 | @Valid @RequestBody CreateOrderRequest createOrderRequest) { 54 | User user = userService.validateAndGetUserByUsername(currentUser.getUsername()); 55 | Order order = Order.from(createOrderRequest); 56 | order.setId(UUID.randomUUID().toString()); 57 | order.setUser(user); 58 | return OrderDto.from(orderService.saveOrder(order)); 59 | } 60 | 61 | @Operation(security = {@SecurityRequirement(name = BEARER_KEY_SECURITY_SCHEME)}) 62 | @DeleteMapping("/{id}") 63 | public OrderDto deleteOrders(@PathVariable UUID id) { 64 | Order order = orderService.validateAndGetOrder(id.toString()); 65 | orderService.deleteOrder(order); 66 | return OrderDto.from(order); 67 | } 68 | } 69 | -------------------------------------------------------------------------------- /order-api/src/main/java/com/ivanfranchin/orderapi/rest/PublicController.java: -------------------------------------------------------------------------------- 1 | package com.ivanfranchin.orderapi.rest; 2 | 3 | import com.ivanfranchin.orderapi.order.OrderService; 4 | import com.ivanfranchin.orderapi.user.UserService; 5 | import lombok.RequiredArgsConstructor; 6 | import org.springframework.web.bind.annotation.GetMapping; 7 | import org.springframework.web.bind.annotation.RequestMapping; 8 | import org.springframework.web.bind.annotation.RestController; 9 | 10 | @RequiredArgsConstructor 11 | @RestController 12 | @RequestMapping("/public") 13 | public class PublicController { 14 | 15 | private final UserService userService; 16 | private final OrderService orderService; 17 | 18 | @GetMapping("/numberOfUsers") 19 | public Integer getNumberOfUsers() { 20 | return userService.getUsers().size(); 21 | } 22 | 23 | @GetMapping("/numberOfOrders") 24 | public Integer getNumberOfOrders() { 25 | return orderService.getOrders().size(); 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /order-api/src/main/java/com/ivanfranchin/orderapi/rest/UserController.java: -------------------------------------------------------------------------------- 1 | package com.ivanfranchin.orderapi.rest; 2 | 3 | import com.ivanfranchin.orderapi.user.User; 4 | import com.ivanfranchin.orderapi.rest.dto.UserDto; 5 | import com.ivanfranchin.orderapi.security.CustomUserDetails; 6 | import com.ivanfranchin.orderapi.user.UserService; 7 | import io.swagger.v3.oas.annotations.Operation; 8 | import io.swagger.v3.oas.annotations.security.SecurityRequirement; 9 | import lombok.RequiredArgsConstructor; 10 | import org.springframework.security.core.annotation.AuthenticationPrincipal; 11 | import org.springframework.web.bind.annotation.DeleteMapping; 12 | import org.springframework.web.bind.annotation.GetMapping; 13 | import org.springframework.web.bind.annotation.PathVariable; 14 | import org.springframework.web.bind.annotation.RequestMapping; 15 | import org.springframework.web.bind.annotation.RestController; 16 | 17 | import java.util.List; 18 | import java.util.stream.Collectors; 19 | 20 | import static com.ivanfranchin.orderapi.config.SwaggerConfig.BEARER_KEY_SECURITY_SCHEME; 21 | 22 | @RequiredArgsConstructor 23 | @RestController 24 | @RequestMapping("/api/users") 25 | public class UserController { 26 | 27 | private final UserService userService; 28 | 29 | @Operation(security = {@SecurityRequirement(name = BEARER_KEY_SECURITY_SCHEME)}) 30 | @GetMapping("/me") 31 | public UserDto getCurrentUser(@AuthenticationPrincipal CustomUserDetails currentUser) { 32 | return UserDto.from(userService.validateAndGetUserByUsername(currentUser.getUsername())); 33 | } 34 | 35 | @Operation(security = {@SecurityRequirement(name = BEARER_KEY_SECURITY_SCHEME)}) 36 | @GetMapping 37 | public List getUsers() { 38 | return userService.getUsers().stream() 39 | .map(UserDto::from) 40 | .collect(Collectors.toList()); 41 | } 42 | 43 | @Operation(security = {@SecurityRequirement(name = BEARER_KEY_SECURITY_SCHEME)}) 44 | @GetMapping("/{username}") 45 | public UserDto getUser(@PathVariable String username) { 46 | return UserDto.from(userService.validateAndGetUserByUsername(username)); 47 | } 48 | 49 | @Operation(security = {@SecurityRequirement(name = BEARER_KEY_SECURITY_SCHEME)}) 50 | @DeleteMapping("/{username}") 51 | public UserDto deleteUser(@PathVariable String username) { 52 | User user = userService.validateAndGetUserByUsername(username); 53 | userService.deleteUser(user); 54 | return UserDto.from(user); 55 | } 56 | } 57 | -------------------------------------------------------------------------------- /order-api/src/main/java/com/ivanfranchin/orderapi/rest/dto/AuthResponse.java: -------------------------------------------------------------------------------- 1 | package com.ivanfranchin.orderapi.rest.dto; 2 | 3 | public record AuthResponse(String accessToken) { 4 | } 5 | -------------------------------------------------------------------------------- /order-api/src/main/java/com/ivanfranchin/orderapi/rest/dto/CreateOrderRequest.java: -------------------------------------------------------------------------------- 1 | package com.ivanfranchin.orderapi.rest.dto; 2 | 3 | import io.swagger.v3.oas.annotations.media.Schema; 4 | import jakarta.validation.constraints.NotBlank; 5 | 6 | public record CreateOrderRequest(@Schema(example = "Buy two iPhones") @NotBlank String description) { 7 | } 8 | -------------------------------------------------------------------------------- /order-api/src/main/java/com/ivanfranchin/orderapi/rest/dto/LoginRequest.java: -------------------------------------------------------------------------------- 1 | package com.ivanfranchin.orderapi.rest.dto; 2 | 3 | import io.swagger.v3.oas.annotations.media.Schema; 4 | import jakarta.validation.constraints.NotBlank; 5 | 6 | public record LoginRequest( 7 | @Schema(example = "user") @NotBlank String username, 8 | @Schema(example = "user") @NotBlank String password) { 9 | } 10 | -------------------------------------------------------------------------------- /order-api/src/main/java/com/ivanfranchin/orderapi/rest/dto/OrderDto.java: -------------------------------------------------------------------------------- 1 | package com.ivanfranchin.orderapi.rest.dto; 2 | 3 | import com.ivanfranchin.orderapi.order.Order; 4 | 5 | import java.time.Instant; 6 | 7 | public record OrderDto(String id, String description, UserDto user, Instant createdAt) { 8 | 9 | public record UserDto(String username) { 10 | } 11 | 12 | public static OrderDto from(Order order) { 13 | UserDto userDto = new UserDto(order.getUser().getUsername()); 14 | return new OrderDto(order.getId(), order.getDescription(), userDto, order.getCreatedAt()); 15 | } 16 | } -------------------------------------------------------------------------------- /order-api/src/main/java/com/ivanfranchin/orderapi/rest/dto/SignUpRequest.java: -------------------------------------------------------------------------------- 1 | package com.ivanfranchin.orderapi.rest.dto; 2 | 3 | import io.swagger.v3.oas.annotations.media.Schema; 4 | import jakarta.validation.constraints.Email; 5 | import jakarta.validation.constraints.NotBlank; 6 | 7 | public record SignUpRequest( 8 | @Schema(example = "user3") @NotBlank String username, 9 | @Schema(example = "user3") @NotBlank String password, 10 | @Schema(example = "User3") @NotBlank String name, 11 | @Schema(example = "user3@mycompany.com") @Email String email) { 12 | } 13 | -------------------------------------------------------------------------------- /order-api/src/main/java/com/ivanfranchin/orderapi/rest/dto/UserDto.java: -------------------------------------------------------------------------------- 1 | package com.ivanfranchin.orderapi.rest.dto; 2 | 3 | import com.ivanfranchin.orderapi.order.Order; 4 | import com.ivanfranchin.orderapi.user.User; 5 | 6 | import java.time.Instant; 7 | import java.util.List; 8 | 9 | public record UserDto(Long id, String username, String name, String email, String role, List orders) { 10 | 11 | public record OrderDto(String id, String description, Instant createdAt) { 12 | 13 | public static OrderDto from(Order order) { 14 | return new OrderDto(order.getId(), order.getDescription(), order.getCreatedAt()); 15 | } 16 | } 17 | 18 | public static UserDto from(User user) { 19 | List orders = user.getOrders().stream() 20 | .map(OrderDto::from) 21 | .toList(); 22 | 23 | return new UserDto( 24 | user.getId(), 25 | user.getUsername(), 26 | user.getName(), 27 | user.getEmail(), 28 | user.getRole(), 29 | orders 30 | ); 31 | } 32 | } -------------------------------------------------------------------------------- /order-api/src/main/java/com/ivanfranchin/orderapi/runner/DatabaseInitializer.java: -------------------------------------------------------------------------------- 1 | package com.ivanfranchin.orderapi.runner; 2 | 3 | import com.ivanfranchin.orderapi.user.User; 4 | import com.ivanfranchin.orderapi.security.SecurityConfig; 5 | import com.ivanfranchin.orderapi.user.UserService; 6 | import lombok.RequiredArgsConstructor; 7 | import lombok.extern.slf4j.Slf4j; 8 | import org.springframework.boot.CommandLineRunner; 9 | import org.springframework.security.crypto.password.PasswordEncoder; 10 | import org.springframework.stereotype.Component; 11 | 12 | import java.util.Arrays; 13 | import java.util.List; 14 | 15 | @Slf4j 16 | @RequiredArgsConstructor 17 | @Component 18 | public class DatabaseInitializer implements CommandLineRunner { 19 | 20 | private final UserService userService; 21 | private final PasswordEncoder passwordEncoder; 22 | 23 | @Override 24 | public void run(String... args) { 25 | if (!userService.getUsers().isEmpty()) { 26 | return; 27 | } 28 | USERS.forEach(user -> { 29 | user.setPassword(passwordEncoder.encode(user.getPassword())); 30 | userService.saveUser(user); 31 | }); 32 | log.info("Database initialized"); 33 | } 34 | 35 | private static final List USERS = Arrays.asList( 36 | new User("admin", "admin", "Admin", "admin@mycompany.com", SecurityConfig.ADMIN), 37 | new User("user", "user", "User", "user@mycompany.com", SecurityConfig.USER) 38 | ); 39 | } 40 | -------------------------------------------------------------------------------- /order-api/src/main/java/com/ivanfranchin/orderapi/security/CorsConfig.java: -------------------------------------------------------------------------------- 1 | package com.ivanfranchin.orderapi.security; 2 | 3 | import org.springframework.beans.factory.annotation.Value; 4 | import org.springframework.context.annotation.Bean; 5 | import org.springframework.context.annotation.Configuration; 6 | import org.springframework.web.cors.CorsConfiguration; 7 | import org.springframework.web.cors.CorsConfigurationSource; 8 | import org.springframework.web.cors.UrlBasedCorsConfigurationSource; 9 | 10 | import java.util.List; 11 | 12 | @Configuration 13 | public class CorsConfig { 14 | 15 | @Bean 16 | CorsConfigurationSource corsConfigurationSource(@Value("${app.cors.allowed-origins}") List allowedOrigins) { 17 | CorsConfiguration configuration = new CorsConfiguration(); 18 | configuration.setAllowCredentials(true); 19 | configuration.setAllowedOrigins(allowedOrigins); 20 | configuration.addAllowedMethod("*"); 21 | configuration.addAllowedHeader("*"); 22 | UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); 23 | source.registerCorsConfiguration("/**", configuration); 24 | return source; 25 | } 26 | } -------------------------------------------------------------------------------- /order-api/src/main/java/com/ivanfranchin/orderapi/security/CustomUserDetails.java: -------------------------------------------------------------------------------- 1 | package com.ivanfranchin.orderapi.security; 2 | 3 | import lombok.Data; 4 | import org.springframework.security.core.GrantedAuthority; 5 | import org.springframework.security.core.userdetails.UserDetails; 6 | 7 | import java.util.Collection; 8 | 9 | @Data 10 | public class CustomUserDetails implements UserDetails { 11 | 12 | private Long id; 13 | private String username; 14 | private String password; 15 | private String name; 16 | private String email; 17 | private Collection authorities; 18 | } 19 | -------------------------------------------------------------------------------- /order-api/src/main/java/com/ivanfranchin/orderapi/security/CustomUserDetailsService.java: -------------------------------------------------------------------------------- 1 | package com.ivanfranchin.orderapi.security; 2 | 3 | import com.ivanfranchin.orderapi.user.UserService; 4 | import com.ivanfranchin.orderapi.user.User; 5 | import lombok.RequiredArgsConstructor; 6 | import org.springframework.security.core.authority.SimpleGrantedAuthority; 7 | import org.springframework.security.core.userdetails.UserDetails; 8 | import org.springframework.security.core.userdetails.UserDetailsService; 9 | import org.springframework.security.core.userdetails.UsernameNotFoundException; 10 | import org.springframework.stereotype.Service; 11 | 12 | import java.util.Collections; 13 | import java.util.List; 14 | 15 | @RequiredArgsConstructor 16 | @Service 17 | public class CustomUserDetailsService implements UserDetailsService { 18 | 19 | private final UserService userService; 20 | 21 | @Override 22 | public UserDetails loadUserByUsername(String username) { 23 | User user = userService.getUserByUsername(username) 24 | .orElseThrow(() -> new UsernameNotFoundException(String.format("Username %s not found", username))); 25 | List authorities = Collections.singletonList(new SimpleGrantedAuthority(user.getRole())); 26 | return mapUserToCustomUserDetails(user, authorities); 27 | } 28 | 29 | private CustomUserDetails mapUserToCustomUserDetails(User user, List authorities) { 30 | CustomUserDetails customUserDetails = new CustomUserDetails(); 31 | customUserDetails.setId(user.getId()); 32 | customUserDetails.setUsername(user.getUsername()); 33 | customUserDetails.setPassword(user.getPassword()); 34 | customUserDetails.setName(user.getName()); 35 | customUserDetails.setEmail(user.getEmail()); 36 | customUserDetails.setAuthorities(authorities); 37 | return customUserDetails; 38 | } 39 | } 40 | -------------------------------------------------------------------------------- /order-api/src/main/java/com/ivanfranchin/orderapi/security/SecurityConfig.java: -------------------------------------------------------------------------------- 1 | package com.ivanfranchin.orderapi.security; 2 | 3 | import lombok.RequiredArgsConstructor; 4 | import org.springframework.context.annotation.Bean; 5 | import org.springframework.context.annotation.Configuration; 6 | import org.springframework.http.HttpMethod; 7 | import org.springframework.http.HttpStatus; 8 | import org.springframework.security.authentication.AuthenticationManager; 9 | import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration; 10 | import org.springframework.security.config.annotation.web.builders.HttpSecurity; 11 | import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; 12 | import org.springframework.security.config.http.SessionCreationPolicy; 13 | import org.springframework.security.crypto.factory.PasswordEncoderFactories; 14 | import org.springframework.security.crypto.password.PasswordEncoder; 15 | import org.springframework.security.web.SecurityFilterChain; 16 | import org.springframework.security.web.authentication.HttpStatusEntryPoint; 17 | import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; 18 | 19 | @RequiredArgsConstructor 20 | @Configuration 21 | public class SecurityConfig { 22 | 23 | private final TokenAuthenticationFilter tokenAuthenticationFilter; 24 | 25 | @Bean 26 | AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration) throws Exception { 27 | return authenticationConfiguration.getAuthenticationManager(); 28 | } 29 | 30 | @Bean 31 | SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { 32 | return http 33 | .authorizeHttpRequests(authorizeHttpRequests -> authorizeHttpRequests 34 | .requestMatchers(HttpMethod.POST, "/api/orders").hasAnyAuthority(ADMIN, USER) 35 | .requestMatchers(HttpMethod.GET, "/api/users/me").hasAnyAuthority(ADMIN, USER) 36 | .requestMatchers("/api/orders", "/api/orders/**").hasAuthority(ADMIN) 37 | .requestMatchers("/api/users", "/api/users/**").hasAuthority(ADMIN) 38 | .requestMatchers("/public/**", "/auth/**").permitAll() 39 | .requestMatchers("/", "/error", "/csrf", "/swagger-ui.html", "/swagger-ui/**", "/v3/api-docs", "/v3/api-docs/**").permitAll() 40 | .anyRequest().authenticated()) 41 | .addFilterBefore(tokenAuthenticationFilter, UsernamePasswordAuthenticationFilter.class) 42 | .exceptionHandling(exceptionHandling -> exceptionHandling.authenticationEntryPoint(new HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED))) 43 | .sessionManagement(sessionManagement -> sessionManagement.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) 44 | .csrf(AbstractHttpConfigurer::disable) 45 | .build(); 46 | } 47 | 48 | @Bean 49 | PasswordEncoder passwordEncoder() { 50 | return PasswordEncoderFactories.createDelegatingPasswordEncoder(); 51 | } 52 | 53 | public static final String ADMIN = "ADMIN"; 54 | public static final String USER = "USER"; 55 | } 56 | -------------------------------------------------------------------------------- /order-api/src/main/java/com/ivanfranchin/orderapi/security/TokenAuthenticationFilter.java: -------------------------------------------------------------------------------- 1 | package com.ivanfranchin.orderapi.security; 2 | 3 | import jakarta.servlet.FilterChain; 4 | import jakarta.servlet.ServletException; 5 | import jakarta.servlet.http.HttpServletRequest; 6 | import jakarta.servlet.http.HttpServletResponse; 7 | import lombok.RequiredArgsConstructor; 8 | import lombok.extern.slf4j.Slf4j; 9 | import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; 10 | import org.springframework.security.core.context.SecurityContextHolder; 11 | import org.springframework.security.core.userdetails.UserDetails; 12 | import org.springframework.security.core.userdetails.UserDetailsService; 13 | import org.springframework.security.web.authentication.WebAuthenticationDetailsSource; 14 | import org.springframework.stereotype.Component; 15 | import org.springframework.util.StringUtils; 16 | import org.springframework.web.filter.OncePerRequestFilter; 17 | 18 | import java.io.IOException; 19 | import java.util.Optional; 20 | 21 | @Slf4j 22 | @RequiredArgsConstructor 23 | @Component 24 | public class TokenAuthenticationFilter extends OncePerRequestFilter { 25 | 26 | private final UserDetailsService userDetailsService; 27 | private final TokenProvider tokenProvider; 28 | 29 | @Override 30 | protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws ServletException, IOException { 31 | try { 32 | getJwtFromRequest(request) 33 | .flatMap(tokenProvider::validateTokenAndGetJws) 34 | .ifPresent(jws -> { 35 | String username = jws.getPayload().getSubject(); 36 | UserDetails userDetails = userDetailsService.loadUserByUsername(username); 37 | UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities()); 38 | authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); 39 | SecurityContextHolder.getContext().setAuthentication(authentication); 40 | }); 41 | } catch (Exception e) { 42 | log.error("Cannot set user authentication", e); 43 | } 44 | chain.doFilter(request, response); 45 | } 46 | 47 | private Optional getJwtFromRequest(HttpServletRequest request) { 48 | String tokenHeader = request.getHeader(TOKEN_HEADER); 49 | if (StringUtils.hasText(tokenHeader) && tokenHeader.startsWith(TOKEN_PREFIX)) { 50 | return Optional.of(tokenHeader.replace(TOKEN_PREFIX, "")); 51 | } 52 | return Optional.empty(); 53 | } 54 | 55 | public static final String TOKEN_HEADER = "Authorization"; 56 | public static final String TOKEN_PREFIX = "Bearer "; 57 | } 58 | -------------------------------------------------------------------------------- /order-api/src/main/java/com/ivanfranchin/orderapi/security/TokenProvider.java: -------------------------------------------------------------------------------- 1 | package com.ivanfranchin.orderapi.security; 2 | 3 | import io.jsonwebtoken.Claims; 4 | import io.jsonwebtoken.ExpiredJwtException; 5 | import io.jsonwebtoken.Jws; 6 | import io.jsonwebtoken.Jwts; 7 | import io.jsonwebtoken.MalformedJwtException; 8 | import io.jsonwebtoken.UnsupportedJwtException; 9 | import io.jsonwebtoken.security.Keys; 10 | import io.jsonwebtoken.security.SignatureException; 11 | import lombok.extern.slf4j.Slf4j; 12 | import org.springframework.beans.factory.annotation.Value; 13 | import org.springframework.security.core.Authentication; 14 | import org.springframework.security.core.GrantedAuthority; 15 | import org.springframework.stereotype.Component; 16 | 17 | import java.time.Instant; 18 | import java.util.Date; 19 | import java.util.List; 20 | import java.util.Optional; 21 | import java.util.UUID; 22 | import java.util.stream.Collectors; 23 | 24 | @Slf4j 25 | @Component 26 | public class TokenProvider { 27 | 28 | @Value("${app.jwt.secret}") 29 | private String jwtSecret; 30 | 31 | @Value("${app.jwt.expiration.minutes}") 32 | private Long jwtExpirationMinutes; 33 | 34 | public String generate(Authentication authentication) { 35 | CustomUserDetails user = (CustomUserDetails) authentication.getPrincipal(); 36 | 37 | List roles = user.getAuthorities() 38 | .stream() 39 | .map(GrantedAuthority::getAuthority) 40 | .collect(Collectors.toList()); 41 | 42 | byte[] signingKey = jwtSecret.getBytes(); 43 | 44 | Instant now = Instant.now(); 45 | 46 | return Jwts.builder() 47 | .header().add("typ", TOKEN_TYPE) 48 | .and() 49 | .signWith(Keys.hmacShaKeyFor(signingKey), Jwts.SIG.HS512) 50 | .issuedAt(Date.from(now)) 51 | .expiration(Date.from(now.plusSeconds(60 * jwtExpirationMinutes))) 52 | .id(UUID.randomUUID().toString()) 53 | .issuer(TOKEN_ISSUER) 54 | .audience().add(TOKEN_AUDIENCE) 55 | .and() 56 | .subject(user.getUsername()) 57 | .claim("rol", roles) 58 | .claim("name", user.getName()) 59 | .claim("preferred_username", user.getUsername()) 60 | .claim("email", user.getEmail()) 61 | .compact(); 62 | } 63 | 64 | public Optional> validateTokenAndGetJws(String token) { 65 | try { 66 | byte[] signingKey = jwtSecret.getBytes(); 67 | 68 | Jws jws = Jwts.parser() 69 | .verifyWith(Keys.hmacShaKeyFor(signingKey)) 70 | .build() 71 | .parseSignedClaims(token); 72 | 73 | return Optional.of(jws); 74 | } catch (ExpiredJwtException exception) { 75 | log.error("Request to parse expired JWT : {} failed : {}", token, exception.getMessage()); 76 | } catch (UnsupportedJwtException exception) { 77 | log.error("Request to parse unsupported JWT : {} failed : {}", token, exception.getMessage()); 78 | } catch (MalformedJwtException exception) { 79 | log.error("Request to parse invalid JWT : {} failed : {}", token, exception.getMessage()); 80 | } catch (SignatureException exception) { 81 | log.error("Request to parse JWT with invalid signature : {} failed : {}", token, exception.getMessage()); 82 | } catch (IllegalArgumentException exception) { 83 | log.error("Request to parse empty or null JWT : {} failed : {}", token, exception.getMessage()); 84 | } 85 | return Optional.empty(); 86 | } 87 | 88 | public static final String TOKEN_TYPE = "JWT"; 89 | public static final String TOKEN_ISSUER = "order-api"; 90 | public static final String TOKEN_AUDIENCE = "order-app"; 91 | } 92 | -------------------------------------------------------------------------------- /order-api/src/main/java/com/ivanfranchin/orderapi/user/DuplicatedUserInfoException.java: -------------------------------------------------------------------------------- 1 | package com.ivanfranchin.orderapi.user; 2 | 3 | import org.springframework.http.HttpStatus; 4 | import org.springframework.web.bind.annotation.ResponseStatus; 5 | 6 | @ResponseStatus(HttpStatus.CONFLICT) 7 | public class DuplicatedUserInfoException extends RuntimeException { 8 | 9 | public DuplicatedUserInfoException(String message) { 10 | super(message); 11 | } 12 | } 13 | -------------------------------------------------------------------------------- /order-api/src/main/java/com/ivanfranchin/orderapi/user/User.java: -------------------------------------------------------------------------------- 1 | package com.ivanfranchin.orderapi.user; 2 | 3 | import com.ivanfranchin.orderapi.order.Order; 4 | import jakarta.persistence.CascadeType; 5 | import jakarta.persistence.Entity; 6 | import jakarta.persistence.GeneratedValue; 7 | import jakarta.persistence.GenerationType; 8 | import jakarta.persistence.Id; 9 | import jakarta.persistence.OneToMany; 10 | import jakarta.persistence.Table; 11 | import jakarta.persistence.UniqueConstraint; 12 | import lombok.Data; 13 | import lombok.NoArgsConstructor; 14 | 15 | import java.util.ArrayList; 16 | import java.util.List; 17 | 18 | @Data 19 | @NoArgsConstructor 20 | @Entity 21 | @Table(name = "users", uniqueConstraints = { 22 | @UniqueConstraint(columnNames = "username"), 23 | @UniqueConstraint(columnNames = "email") 24 | }) 25 | public class User { 26 | 27 | @Id 28 | @GeneratedValue(strategy = GenerationType.IDENTITY) 29 | private Long id; 30 | 31 | private String username; 32 | private String password; 33 | private String name; 34 | private String email; 35 | private String role; 36 | 37 | @OneToMany(mappedBy = "user", cascade = CascadeType.ALL, orphanRemoval = true) 38 | private List orders = new ArrayList<>(); 39 | 40 | public User(String username, String password, String name, String email, String role) { 41 | this.username = username; 42 | this.password = password; 43 | this.name = name; 44 | this.email = email; 45 | this.role = role; 46 | } 47 | } 48 | -------------------------------------------------------------------------------- /order-api/src/main/java/com/ivanfranchin/orderapi/user/UserNotFoundException.java: -------------------------------------------------------------------------------- 1 | package com.ivanfranchin.orderapi.user; 2 | 3 | import org.springframework.http.HttpStatus; 4 | import org.springframework.web.bind.annotation.ResponseStatus; 5 | 6 | @ResponseStatus(HttpStatus.NOT_FOUND) 7 | public class UserNotFoundException extends RuntimeException { 8 | 9 | public UserNotFoundException(String message) { 10 | super(message); 11 | } 12 | } 13 | -------------------------------------------------------------------------------- /order-api/src/main/java/com/ivanfranchin/orderapi/user/UserRepository.java: -------------------------------------------------------------------------------- 1 | package com.ivanfranchin.orderapi.user; 2 | 3 | import org.springframework.data.jpa.repository.JpaRepository; 4 | import org.springframework.stereotype.Repository; 5 | 6 | import java.util.Optional; 7 | 8 | @Repository 9 | public interface UserRepository extends JpaRepository { 10 | 11 | Optional findByUsername(String username); 12 | 13 | boolean existsByUsername(String username); 14 | 15 | boolean existsByEmail(String email); 16 | } 17 | -------------------------------------------------------------------------------- /order-api/src/main/java/com/ivanfranchin/orderapi/user/UserService.java: -------------------------------------------------------------------------------- 1 | package com.ivanfranchin.orderapi.user; 2 | 3 | import java.util.List; 4 | import java.util.Optional; 5 | 6 | public interface UserService { 7 | 8 | List getUsers(); 9 | 10 | Optional getUserByUsername(String username); 11 | 12 | boolean hasUserWithUsername(String username); 13 | 14 | boolean hasUserWithEmail(String email); 15 | 16 | User validateAndGetUserByUsername(String username); 17 | 18 | User saveUser(User user); 19 | 20 | void deleteUser(User user); 21 | } 22 | -------------------------------------------------------------------------------- /order-api/src/main/java/com/ivanfranchin/orderapi/user/UserServiceImpl.java: -------------------------------------------------------------------------------- 1 | package com.ivanfranchin.orderapi.user; 2 | 3 | import lombok.RequiredArgsConstructor; 4 | import org.springframework.stereotype.Service; 5 | 6 | import java.util.List; 7 | import java.util.Optional; 8 | 9 | @RequiredArgsConstructor 10 | @Service 11 | public class UserServiceImpl implements UserService { 12 | 13 | private final UserRepository userRepository; 14 | 15 | @Override 16 | public List getUsers() { 17 | return userRepository.findAll(); 18 | } 19 | 20 | @Override 21 | public Optional getUserByUsername(String username) { 22 | return userRepository.findByUsername(username); 23 | } 24 | 25 | @Override 26 | public boolean hasUserWithUsername(String username) { 27 | return userRepository.existsByUsername(username); 28 | } 29 | 30 | @Override 31 | public boolean hasUserWithEmail(String email) { 32 | return userRepository.existsByEmail(email); 33 | } 34 | 35 | @Override 36 | public User validateAndGetUserByUsername(String username) { 37 | return getUserByUsername(username) 38 | .orElseThrow(() -> new UserNotFoundException(String.format("User with username %s not found", username))); 39 | } 40 | 41 | @Override 42 | public User saveUser(User user) { 43 | return userRepository.save(user); 44 | } 45 | 46 | @Override 47 | public void deleteUser(User user) { 48 | userRepository.delete(user); 49 | } 50 | } 51 | -------------------------------------------------------------------------------- /order-api/src/main/resources/application.yml: -------------------------------------------------------------------------------- 1 | spring: 2 | application: 3 | name: order-api 4 | jpa: 5 | hibernate: 6 | ddl-auto: create 7 | datasource: 8 | url: jdbc:postgresql://localhost:5432/orderdb 9 | username: postgres 10 | password: postgres 11 | 12 | app: 13 | jwt: 14 | # Signing key for HS512 algorithm 15 | # In http://www.allkeysgenerator.com/ you can generate all kinds of keys 16 | secret: v9y$B&E)H@MbQeThWmZq4t7w!z%C*F-JaNdRfUjXn2r5u8x/A?D(G+KbPeShVkYp 17 | expiration: 18 | minutes: 10 19 | cors: 20 | allowed-origins: http://localhost:3000 21 | 22 | logging: 23 | level: 24 | org.springframework.security: DEBUG 25 | # org.hibernate.SQL: DEBUG 26 | -------------------------------------------------------------------------------- /order-api/src/main/resources/banner.txt: -------------------------------------------------------------------------------- 1 | _ _ 2 | ___ _ __ __| | ___ _ __ __ _ _ __ (_) 3 | / _ \| '__/ _` |/ _ \ '__|____ / _` | '_ \| | 4 | | (_) | | | (_| | __/ | |_____| (_| | |_) | | 5 | \___/|_| \__,_|\___|_| \__,_| .__/|_| 6 | |_| 7 | :: Spring Boot :: ${spring-boot.formatted-version} 8 | -------------------------------------------------------------------------------- /order-api/src/test/java/com/ivanfranchin/orderapi/OrderApiApplicationTests.java: -------------------------------------------------------------------------------- 1 | package com.ivanfranchin.orderapi; 2 | 3 | import org.junit.jupiter.api.Disabled; 4 | import org.junit.jupiter.api.Test; 5 | import org.springframework.boot.test.context.SpringBootTest; 6 | 7 | @Disabled 8 | @SpringBootTest 9 | class OrderApiApplicationTests { 10 | 11 | @Test 12 | void contextLoads() { 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /order-api/test-endpoints.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | declare -A public_number_of_users 4 | declare -A public_number_of_orders 5 | 6 | declare -A user_get_me 7 | declare -A user_get_users 8 | declare -A user_get_user 9 | declare -A user_delete_user 10 | 11 | declare -A order_get_orders 12 | declare -A order_create_order 13 | declare -A order_delete_order 14 | 15 | ADMIN_ACCESS_TOKEN=$(curl -s -X POST localhost:8080/auth/authenticate -H 'Content-Type: application/json' -d '{"username": "admin", "password": "admin"}' | jq -r .accessToken) 16 | USER_ACCESS_TOKEN=$(curl -s -X POST localhost:8080/auth/authenticate -H 'Content-Type: application/json' -d '{"username": "user", "password": "user"}' | jq -r .accessToken) 17 | USER2_ACCESS_TOKEN=$(curl -s -X POST localhost:8080/auth/signup -H 'Content-Type: application/json' -d '{"username": "user2", "password": "user2", "name": "User2", "email": "user2@mycompany.com"}' | jq -r .accessToken) 18 | 19 | public_number_of_users[without_creds]=$(curl -w %{http_code} -s -o /dev/null localhost:8080/public/numberOfUsers) 20 | public_number_of_users[user_creds]=$(curl -w %{http_code} -s -o /dev/null -H "Authorization: Bearer $USER_ACCESS_TOKEN" localhost:8080/public/numberOfUsers) 21 | public_number_of_users[admin_creds]=$(curl -w %{http_code} -s -o /dev/null -H "Authorization: Bearer $ADMIN_ACCESS_TOKEN" localhost:8080/public/numberOfUsers) 22 | 23 | public_number_of_orders[without_creds]=$(curl -w %{http_code} -s -o /dev/null localhost:8080/public/numberOfOrders) 24 | public_number_of_orders[user_creds]=$(curl -w %{http_code} -s -o /dev/null -H "Authorization: Bearer $USER_ACCESS_TOKEN" localhost:8080/public/numberOfOrders) 25 | public_number_of_orders[admin_creds]=$(curl -w %{http_code} -s -o /dev/null -H "Authorization: Bearer $ADMIN_ACCESS_TOKEN" localhost:8080/public/numberOfOrders) 26 | 27 | user_get_me[without_creds]=$(curl -w %{http_code} -s -o /dev/null localhost:8080/api/users/me) 28 | user_get_me[user_creds]=$(curl -w %{http_code} -s -o /dev/null -H "Authorization: Bearer $USER_ACCESS_TOKEN" localhost:8080/api/users/me) 29 | user_get_me[admin_creds]=$(curl -w %{http_code} -s -o /dev/null -H "Authorization: Bearer $ADMIN_ACCESS_TOKEN" localhost:8080/api/users/me) 30 | 31 | user_get_users[without_creds]=$(curl -w %{http_code} -s -o /dev/null localhost:8080/api/users) 32 | user_get_users[user_creds]=$(curl -w %{http_code} -s -o /dev/null -H "Authorization: Bearer $USER_ACCESS_TOKEN" localhost:8080/api/users) 33 | user_get_users[admin_creds]=$(curl -w %{http_code} -s -o /dev/null -H "Authorization: Bearer $ADMIN_ACCESS_TOKEN" localhost:8080/api/users) 34 | 35 | user_get_user[without_creds]=$(curl -w %{http_code} -s -o /dev/null localhost:8080/api/users/user) 36 | user_get_user[user_creds]=$(curl -w %{http_code} -s -o /dev/null -H "Authorization: Bearer $USER_ACCESS_TOKEN" localhost:8080/api/users/user2) 37 | user_get_user[admin_creds]=$(curl -w %{http_code} -s -o /dev/null -H "Authorization: Bearer $ADMIN_ACCESS_TOKEN" localhost:8080/api/users/user2) 38 | 39 | user_delete_user[without_creds]=$(curl -w %{http_code} -s -o /dev/null -X DELETE localhost:8080/api/users/user2) 40 | user_delete_user[user_creds]=$(curl -w %{http_code} -s -o /dev/null -H "Authorization: Bearer $USER_ACCESS_TOKEN" -X DELETE localhost:8080/api/users/user2) 41 | user_delete_user[admin_creds]=$(curl -w %{http_code} -s -o /dev/null -H "Authorization: Bearer $ADMIN_ACCESS_TOKEN" -X DELETE localhost:8080/api/users/user2) 42 | 43 | order_get_orders[without_creds]=$(curl -w %{http_code} -s -o /dev/null localhost:8080/api/orders) 44 | order_get_orders[user_creds]=$(curl -w %{http_code} -s -o /dev/null -H "Authorization: Bearer $USER_ACCESS_TOKEN" localhost:8080/api/orders) 45 | order_get_orders[admin_creds]=$(curl -w %{http_code} -s -o /dev/null -H "Authorization: Bearer $ADMIN_ACCESS_TOKEN" localhost:8080/api/orders) 46 | 47 | order_create_order[without_creds]=$(curl -w %{http_code} -s -o /dev/null -X POST localhost:8080/api/orders -H "Content-Type: application/json" -d '{"description": "Buy three iPods"}') 48 | order_create_order[user_creds]=$(curl -w %{http_code} -s -o /dev/null -H "Authorization: Bearer $USER_ACCESS_TOKEN" -X POST localhost:8080/api/orders -H "Content-Type: application/json" -d '{"description": "Buy three iPods"}') 49 | USER_ORDER_ID=$(curl -s -H "Authorization: Bearer $USER_ACCESS_TOKEN" localhost:8080/api/users/me | jq -r '.orders[0].id') 50 | order_create_order[admin_creds]=$(curl -w %{http_code} -s -o /dev/null -H "Authorization: Bearer $ADMIN_ACCESS_TOKEN" -X POST localhost:8080/api/orders -H "Content-Type: application/json" -d '{"description": "Buy three iPods"}') 51 | 52 | order_delete_order[without_creds]=$(curl -w %{http_code} -s -o /dev/null -X DELETE localhost:8080/api/orders/${USER_ORDER_ID}) 53 | order_delete_order[user_creds]=$(curl -w %{http_code} -s -o /dev/null -H "Authorization: Bearer $USER_ACCESS_TOKEN" -X DELETE localhost:8080/api/orders/${USER_ORDER_ID}) 54 | order_delete_order[admin_creds]=$(curl -w %{http_code} -s -o /dev/null -H "Authorization: Bearer $ADMIN_ACCESS_TOKEN" -X DELETE localhost:8080/api/orders/${USER_ORDER_ID}) 55 | 56 | printf "\n" 57 | printf "%s\n" "POST auth/authenticate" 58 | printf "%s\n" "======================" 59 | printf "%s\n" "admin access token" 60 | printf "%s\n" "------------------" 61 | printf "%s\n" ${ADMIN_ACCESS_TOKEN} 62 | printf "\n" 63 | printf "%s\n" "user access token" 64 | printf "%s\n" "-----------------" 65 | printf "%s\n" ${USER_ACCESS_TOKEN} 66 | printf "\n" 67 | printf "%s\n" "POST auth/signup" 68 | printf "%s\n" "================" 69 | printf "%s\n" "user2 access token" 70 | printf "%s\n" "------------------" 71 | printf "%s\n" ${USER2_ACCESS_TOKEN} 72 | printf "\n" 73 | printf "%s\n" "Authorization" 74 | printf "%s\n" "=============" 75 | printf "%25s | %13s | %11s | %12s |\n" "Endpoints" "without token" "user token" "admin token" 76 | printf "%25s + %13s + %11s + %12s |\n" "-------------------------" "-------------" "-----------" "------------" 77 | printf "%25s | %13s | %11s | %12s |\n" "GET public/numberOfUsers" ${public_number_of_users[without_creds]} ${public_number_of_users[user_creds]} ${public_number_of_users[admin_creds]} 78 | printf "%25s | %13s | %11s | %12s |\n" "GET public/numberOfOrders" ${public_number_of_orders[without_creds]} ${public_number_of_orders[user_creds]} ${public_number_of_orders[admin_creds]} 79 | printf "%25s + %13s + %11s + %12s |\n" "........................." "............." "..........." "............" 80 | printf "%25s | %13s | %11s | %12s |\n" "GET /api/users/me" ${user_get_me[without_creds]} ${user_get_me[user_creds]} ${user_get_me[admin_creds]} 81 | printf "%25s | %13s | %11s | %12s |\n" "GET /api/users" ${user_get_users[without_creds]} ${user_get_users[user_creds]} ${user_get_users[admin_creds]} 82 | printf "%25s | %13s | %11s | %12s |\n" "GET /api/users/user2" ${user_get_user[without_creds]} ${user_get_user[user_creds]} ${user_get_user[admin_creds]} 83 | printf "%25s | %13s | %11s | %12s |\n" "DELETE /api/users/user2" ${user_delete_user[without_creds]} ${user_delete_user[user_creds]} ${user_delete_user[admin_creds]} 84 | printf "%25s + %13s + %11s + %12s |\n" "........................." "............." "..........." "............" 85 | printf "%25s | %13s | %11s | %12s |\n" "GET /api/orders" ${order_get_orders[without_creds]} ${order_get_orders[user_creds]} ${order_get_orders[admin_creds]} 86 | printf "%25s | %13s | %11s | %12s |\n" "POST /api/orders" ${order_create_order[without_creds]} ${order_create_order[user_creds]} ${order_create_order[admin_creds]} 87 | printf "%25s | %13s | %11s | %12s |\n" "DELETE /api/orders/{id}" ${order_delete_order[without_creds]} ${order_delete_order[user_creds]} ${order_delete_order[admin_creds]} 88 | printf "%72s\n" "------------------------------------------------------------------------" 89 | printf " [200] Success - [201] Created - [401] Unauthorized - [403] Forbidden" 90 | printf "\n" -------------------------------------------------------------------------------- /order-ui/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "order-ui", 3 | "version": "0.1.0", 4 | "private": true, 5 | "dependencies": { 6 | "@testing-library/jest-dom": "^6.6.3", 7 | "@testing-library/react": "^16.2.0", 8 | "@testing-library/user-event": "^14.6.1", 9 | "react": "^18.3.1", 10 | "react-dom": "^18.3.1", 11 | "react-scripts": "5.0.1", 12 | "web-vitals": "^4.2.4", 13 | "axios": "^1.8.2", 14 | "react-router-dom": "^7.0.2", 15 | "semantic-ui-react": "^2.1.5" 16 | }, 17 | "scripts": { 18 | "start": "react-scripts start", 19 | "build": "react-scripts build", 20 | "test": "react-scripts test", 21 | "eject": "react-scripts eject" 22 | }, 23 | "eslintConfig": { 24 | "extends": [ 25 | "react-app", 26 | "react-app/jest" 27 | ] 28 | }, 29 | "browserslist": { 30 | "production": [ 31 | ">0.2%", 32 | "not dead", 33 | "not op_mini all" 34 | ], 35 | "development": [ 36 | "last 1 chrome version", 37 | "last 1 firefox version", 38 | "last 1 safari version" 39 | ] 40 | } 41 | } 42 | -------------------------------------------------------------------------------- /order-ui/public/favicon.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ivangfr/springboot-react-jwt-token/7cc2f6be25281043d26eb28920ba00b9cf44eefc/order-ui/public/favicon.ico -------------------------------------------------------------------------------- /order-ui/public/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 12 | 16 | 17 | 26 | 27 | order-ui 28 | 29 | 30 | 31 |
32 | 42 | 43 | 44 | -------------------------------------------------------------------------------- /order-ui/public/manifest.json: -------------------------------------------------------------------------------- 1 | { 2 | "short_name": "React App", 3 | "name": "Create React App Sample", 4 | "icons": [ 5 | { 6 | "src": "favicon.ico", 7 | "sizes": "64x64 32x32 24x24 16x16", 8 | "type": "image/x-icon" 9 | } 10 | ], 11 | "start_url": ".", 12 | "display": "standalone", 13 | "theme_color": "#000000", 14 | "background_color": "#ffffff" 15 | } 16 | -------------------------------------------------------------------------------- /order-ui/public/robots.txt: -------------------------------------------------------------------------------- 1 | # https://www.robotstxt.org/robotstxt.html 2 | User-agent: * 3 | Disallow: 4 | -------------------------------------------------------------------------------- /order-ui/src/App.js: -------------------------------------------------------------------------------- 1 | import React from 'react' 2 | import { BrowserRouter as Router, Routes, Route, Navigate } from 'react-router-dom' 3 | import { AuthProvider } from './components/context/AuthContext' 4 | import PrivateRoute from './components/misc/PrivateRoute' 5 | import Navbar from './components/misc/Navbar' 6 | import Home from './components/home/Home' 7 | import Login from './components/home/Login' 8 | import Signup from './components/home/Signup' 9 | import AdminPage from './components/admin/AdminPage' 10 | import UserPage from './components/user/UserPage' 11 | 12 | function App() { 13 | return ( 14 | 15 | 16 | 17 | 18 | } /> 19 | } /> 20 | } /> 21 | } /> 22 | } /> 23 | } /> 24 | 25 | 26 | 27 | ) 28 | } 29 | 30 | export default App 31 | -------------------------------------------------------------------------------- /order-ui/src/Constants.js: -------------------------------------------------------------------------------- 1 | const prod = { 2 | url: { 3 | API_BASE_URL: 'https://myapp.herokuapp.com', 4 | } 5 | } 6 | 7 | const dev = { 8 | url: { 9 | API_BASE_URL: 'http://localhost:8080' 10 | } 11 | } 12 | 13 | export const config = process.env.NODE_ENV === 'development' ? dev : prod -------------------------------------------------------------------------------- /order-ui/src/components/admin/AdminPage.js: -------------------------------------------------------------------------------- 1 | import React, { useEffect, useState } from 'react' 2 | import { Navigate } from 'react-router-dom' 3 | import { Container } from 'semantic-ui-react' 4 | import { useAuth } from '../context/AuthContext' 5 | import AdminTab from './AdminTab' 6 | import { orderApi } from '../misc/OrderApi' 7 | import { handleLogError } from '../misc/Helpers' 8 | 9 | function AdminPage() { 10 | const Auth = useAuth() 11 | const user = Auth.getUser() 12 | 13 | const [users, setUsers] = useState([]) 14 | const [orders, setOrders] = useState([]) 15 | const [orderDescription, setOrderDescription] = useState('') 16 | const [orderTextSearch, setOrderTextSearch] = useState('') 17 | const [userUsernameSearch, setUserUsernameSearch] = useState('') 18 | const [isAdmin, setIsAdmin] = useState(true) 19 | const [isUsersLoading, setIsUsersLoading] = useState(false) 20 | const [isOrdersLoading, setIsOrdersLoading] = useState(false) 21 | 22 | useEffect(() => { 23 | setIsAdmin(user.data.rol[0] === 'ADMIN') 24 | handleGetUsers() 25 | handleGetOrders() 26 | }, []) 27 | 28 | const handleInputChange = (e, { name, value }) => { 29 | if (name === 'userUsernameSearch') { 30 | setUserUsernameSearch(value) 31 | } else if (name === 'orderDescription') { 32 | setOrderDescription(value) 33 | } else if (name === 'orderTextSearch') { 34 | setOrderTextSearch(value) 35 | } 36 | } 37 | 38 | const handleGetUsers = async () => { 39 | setIsUsersLoading(true) 40 | try { 41 | const response = await orderApi.getUsers(user) 42 | setUsers(response.data) 43 | } catch (error) { 44 | handleLogError(error) 45 | } finally { 46 | setIsUsersLoading(false) 47 | } 48 | } 49 | 50 | const handleDeleteUser = async (username) => { 51 | try { 52 | await orderApi.deleteUser(user, username) 53 | handleGetUsers() 54 | } catch (error) { 55 | handleLogError(error) 56 | } 57 | } 58 | 59 | const handleSearchUser = async () => { 60 | const username = userUsernameSearch 61 | try { 62 | const response = await orderApi.getUsers(user, username) 63 | const data = response.data 64 | const users = data instanceof Array ? data : [data] 65 | setUsers(users) 66 | } catch (error) { 67 | handleLogError(error) 68 | setUsers([]) 69 | } 70 | } 71 | 72 | const handleGetOrders = async () => { 73 | setIsOrdersLoading(true) 74 | try { 75 | const response = await orderApi.getOrders(user) 76 | setOrders(response.data) 77 | } catch (error) { 78 | handleLogError(error) 79 | } finally { 80 | setIsOrdersLoading(false) 81 | } 82 | } 83 | 84 | const handleDeleteOrder = async (isbn) => { 85 | try { 86 | await orderApi.deleteOrder(user, isbn) 87 | handleGetOrders() 88 | } catch (error) { 89 | handleLogError(error) 90 | } 91 | } 92 | 93 | const handleCreateOrder = async () => { 94 | let description = orderDescription.trim() 95 | if (!description) { 96 | return 97 | } 98 | 99 | const order = { description } 100 | try { 101 | await orderApi.createOrder(user, order) 102 | handleGetOrders() 103 | setOrderDescription('') 104 | } catch (error) { 105 | handleLogError(error) 106 | } 107 | } 108 | 109 | const handleSearchOrder = async () => { 110 | const text = orderTextSearch 111 | try { 112 | const response = await orderApi.getOrders(user, text) 113 | setOrders(response.data) 114 | } catch (error) { 115 | handleLogError(error) 116 | setOrders([]) 117 | } 118 | } 119 | 120 | if (!isAdmin) { 121 | return 122 | } 123 | 124 | return ( 125 | 126 | 141 | 142 | ) 143 | } 144 | 145 | export default AdminPage -------------------------------------------------------------------------------- /order-ui/src/components/admin/AdminTab.js: -------------------------------------------------------------------------------- 1 | import React from 'react' 2 | import { Tab } from 'semantic-ui-react' 3 | import UserTable from './UserTable' 4 | import OrderTable from './OrderTable' 5 | 6 | function AdminTab(props) { 7 | const { handleInputChange } = props 8 | const { isUsersLoading, users, userUsernameSearch, handleDeleteUser, handleSearchUser } = props 9 | const { isOrdersLoading, orders, orderDescription, orderTextSearch, handleCreateOrder, handleDeleteOrder, handleSearchOrder } = props 10 | 11 | const panes = [ 12 | { 13 | menuItem: { key: 'users', icon: 'users', content: 'Users' }, 14 | render: () => ( 15 | 16 | 23 | 24 | ) 25 | }, 26 | { 27 | menuItem: { key: 'orders', icon: 'laptop', content: 'Orders' }, 28 | render: () => ( 29 | 30 | 39 | 40 | ) 41 | } 42 | ] 43 | 44 | return ( 45 | 46 | ) 47 | } 48 | 49 | export default AdminTab -------------------------------------------------------------------------------- /order-ui/src/components/admin/OrderTable.js: -------------------------------------------------------------------------------- 1 | import React from 'react' 2 | import { Grid, Form, Button, Input, Table } from 'semantic-ui-react' 3 | import OrderForm from '../misc/OrderForm' 4 | 5 | function OrderTable({ orders, orderDescription, orderTextSearch, handleInputChange, handleCreateOrder, handleDeleteOrder, handleSearchOrder }) { 6 | let orderList 7 | if (orders.length === 0) { 8 | orderList = ( 9 | 10 | No order 11 | 12 | ) 13 | } else { 14 | orderList = orders.map(order => { 15 | return ( 16 | 17 | 18 | 79 | 80 | 81 | {`Don't have already an account? `} 82 | Sign Up 83 | 84 | {isError && The username or password provided are incorrect!} 85 | 86 | 87 | ) 88 | } 89 | 90 | export default Login -------------------------------------------------------------------------------- /order-ui/src/components/home/Signup.js: -------------------------------------------------------------------------------- 1 | import React, { useState } from 'react' 2 | import { NavLink, Navigate } from 'react-router-dom' 3 | import { Button, Form, Grid, Segment, Message } from 'semantic-ui-react' 4 | import { useAuth } from '../context/AuthContext' 5 | import { orderApi } from '../misc/OrderApi' 6 | import { parseJwt, handleLogError } from '../misc/Helpers' 7 | 8 | function Signup() { 9 | const Auth = useAuth() 10 | const isLoggedIn = Auth.userIsAuthenticated() 11 | 12 | const [username, setUsername] = useState('') 13 | const [password, setPassword] = useState('') 14 | const [name, setName] = useState('') 15 | const [email, setEmail] = useState('') 16 | const [isError, setIsError] = useState(false) 17 | const [errorMessage, setErrorMessage] = useState('') 18 | 19 | const handleInputChange = (e, { name, value }) => { 20 | if (name === 'username') { 21 | setUsername(value) 22 | } else if (name === 'password') { 23 | setPassword(value) 24 | } else if (name === 'name') { 25 | setName(value) 26 | } else if (name === 'email') { 27 | setEmail(value) 28 | } 29 | } 30 | 31 | const handleSubmit = async (e) => { 32 | e.preventDefault() 33 | 34 | if (!(username && password && name && email)) { 35 | setIsError(true) 36 | setErrorMessage('Please, inform all fields!') 37 | return 38 | } 39 | 40 | const user = { username, password, name, email } 41 | 42 | try { 43 | const response = await orderApi.signup(user) 44 | const { accessToken } = response.data 45 | const data = parseJwt(accessToken) 46 | const authenticatedUser = { data, accessToken } 47 | 48 | Auth.userLogin(authenticatedUser) 49 | 50 | setUsername('') 51 | setPassword('') 52 | setName('') 53 | setEmail('') 54 | setIsError(false) 55 | setErrorMessage('') 56 | } catch (error) { 57 | handleLogError(error) 58 | if (error.response && error.response.data) { 59 | const errorData = error.response.data 60 | let errorMessage = 'Invalid fields' 61 | if (errorData.status === 409) { 62 | errorMessage = errorData.message 63 | } else if (errorData.status === 400) { 64 | errorMessage = errorData.errors[0].defaultMessage 65 | } 66 | setIsError(true) 67 | setErrorMessage(errorMessage) 68 | } 69 | } 70 | } 71 | 72 | if (isLoggedIn) { 73 | return 74 | } 75 | 76 | return ( 77 | 78 | 79 |
80 | 81 | 91 | 101 | 110 | 119 | 120 | 121 |
122 | {`Already have an account? `} 123 | Login 124 | 125 | {isError && {errorMessage}} 126 | 127 | 128 | ) 129 | } 130 | 131 | export default Signup -------------------------------------------------------------------------------- /order-ui/src/components/misc/Helpers.js: -------------------------------------------------------------------------------- 1 | export function parseJwt(token) { 2 | if (!token) { return } 3 | const base64Url = token.split('.')[1] 4 | const base64 = base64Url.replace('-', '+').replace('_', '/') 5 | return JSON.parse(window.atob(base64)) 6 | } 7 | 8 | export const handleLogError = (error) => { 9 | if (error.response) { 10 | console.log(error.response.data) 11 | } else if (error.request) { 12 | console.log(error.request) 13 | } else { 14 | console.log(error.message) 15 | } 16 | } -------------------------------------------------------------------------------- /order-ui/src/components/misc/Navbar.js: -------------------------------------------------------------------------------- 1 | import React from 'react' 2 | import { Link } from 'react-router-dom' 3 | import { Container, Menu } from 'semantic-ui-react' 4 | import { useAuth } from '../context/AuthContext' 5 | 6 | function Navbar() { 7 | const { getUser, userIsAuthenticated, userLogout } = useAuth() 8 | 9 | const logout = () => { 10 | userLogout() 11 | } 12 | 13 | const enterMenuStyle = () => { 14 | return userIsAuthenticated() ? { "display": "none" } : { "display": "block" } 15 | } 16 | 17 | const logoutMenuStyle = () => { 18 | return userIsAuthenticated() ? { "display": "block" } : { "display": "none" } 19 | } 20 | 21 | const adminPageStyle = () => { 22 | const user = getUser() 23 | return user && user.data.rol[0] === 'ADMIN' ? { "display": "block" } : { "display": "none" } 24 | } 25 | 26 | const userPageStyle = () => { 27 | const user = getUser() 28 | return user && user.data.rol[0] === 'USER' ? { "display": "block" } : { "display": "none" } 29 | } 30 | 31 | const getUserName = () => { 32 | const user = getUser() 33 | return user ? user.data.name : '' 34 | } 35 | 36 | return ( 37 | 38 | 39 | Order-UI 40 | Home 41 | AdminPage 42 | UserPage 43 | 44 | Login 45 | Sign Up 46 | {`Hi ${getUserName()}`} 47 | Logout 48 | 49 | 50 | 51 | ) 52 | } 53 | 54 | export default Navbar 55 | -------------------------------------------------------------------------------- /order-ui/src/components/misc/OrderApi.js: -------------------------------------------------------------------------------- 1 | import axios from 'axios' 2 | import { config } from '../../Constants' 3 | import { parseJwt } from './Helpers' 4 | 5 | export const orderApi = { 6 | authenticate, 7 | signup, 8 | numberOfUsers, 9 | numberOfOrders, 10 | getUsers, 11 | deleteUser, 12 | getOrders, 13 | deleteOrder, 14 | createOrder, 15 | getUserMe 16 | } 17 | 18 | function authenticate(username, password) { 19 | return instance.post('/auth/authenticate', { username, password }, { 20 | headers: { 'Content-type': 'application/json' } 21 | }) 22 | } 23 | 24 | function signup(user) { 25 | return instance.post('/auth/signup', user, { 26 | headers: { 'Content-type': 'application/json' } 27 | }) 28 | } 29 | 30 | function numberOfUsers() { 31 | return instance.get('/public/numberOfUsers') 32 | } 33 | 34 | function numberOfOrders() { 35 | return instance.get('/public/numberOfOrders') 36 | } 37 | 38 | function getUsers(user, username) { 39 | const url = username ? `/api/users/${username}` : '/api/users' 40 | return instance.get(url, { 41 | headers: { 'Authorization': bearerAuth(user) } 42 | }) 43 | } 44 | 45 | function deleteUser(user, username) { 46 | return instance.delete(`/api/users/${username}`, { 47 | headers: { 'Authorization': bearerAuth(user) } 48 | }) 49 | } 50 | 51 | function getOrders(user, text) { 52 | const url = text ? `/api/orders?text=${text}` : '/api/orders' 53 | return instance.get(url, { 54 | headers: { 'Authorization': bearerAuth(user) } 55 | }) 56 | } 57 | 58 | function deleteOrder(user, orderId) { 59 | return instance.delete(`/api/orders/${orderId}`, { 60 | headers: { 'Authorization': bearerAuth(user) } 61 | }) 62 | } 63 | 64 | function createOrder(user, order) { 65 | return instance.post('/api/orders', order, { 66 | headers: { 67 | 'Content-type': 'application/json', 68 | 'Authorization': bearerAuth(user) 69 | } 70 | }) 71 | } 72 | 73 | function getUserMe(user) { 74 | return instance.get('/api/users/me', { 75 | headers: { 'Authorization': bearerAuth(user) } 76 | }) 77 | } 78 | 79 | // -- Axios 80 | 81 | const instance = axios.create({ 82 | baseURL: config.url.API_BASE_URL 83 | }) 84 | 85 | instance.interceptors.request.use(function (config) { 86 | // If token is expired, redirect user to login 87 | if (config.headers.Authorization) { 88 | const token = config.headers.Authorization.split(' ')[1] 89 | const data = parseJwt(token) 90 | if (Date.now() > data.exp * 1000) { 91 | window.location.href = "/login" 92 | } 93 | } 94 | return config 95 | }, function (error) { 96 | return Promise.reject(error) 97 | }) 98 | 99 | // -- Helper functions 100 | 101 | function bearerAuth(user) { 102 | return `Bearer ${user.accessToken}` 103 | } -------------------------------------------------------------------------------- /order-ui/src/components/misc/OrderForm.js: -------------------------------------------------------------------------------- 1 | import React from 'react' 2 | import { Form, Button, Icon } from 'semantic-ui-react' 3 | 4 | function OrderForm({ orderDescription, handleInputChange, handleCreateOrder }) { 5 | const createBtnDisabled = orderDescription.trim() === '' 6 | return ( 7 |
8 | 9 | 15 | 18 | 19 |
20 | ) 21 | } 22 | 23 | export default OrderForm -------------------------------------------------------------------------------- /order-ui/src/components/misc/PrivateRoute.js: -------------------------------------------------------------------------------- 1 | import React from 'react' 2 | import { Navigate } from 'react-router-dom' 3 | import { useAuth } from '../context/AuthContext' 4 | 5 | function PrivateRoute({ children }) { 6 | const { userIsAuthenticated } = useAuth() 7 | return userIsAuthenticated() ? children : 8 | } 9 | 10 | export default PrivateRoute -------------------------------------------------------------------------------- /order-ui/src/components/user/OrderTable.js: -------------------------------------------------------------------------------- 1 | import React from 'react' 2 | import { Grid, Table, Header, Icon } from 'semantic-ui-react' 3 | import OrderForm from '../misc/OrderForm' 4 | 5 | function OrderTable({ orders, orderDescription, handleInputChange, handleCreateOrder }) { 6 | let orderList 7 | if (!orders || orders.length === 0) { 8 | orderList = ( 9 | 10 | No order 11 | 12 | ) 13 | } else { 14 | orderList = orders.map(order => { 15 | return ( 16 | 17 | {order.id} 18 | {order.createdAt} 19 | {order.description} 20 | 21 | ) 22 | }) 23 | } 24 | 25 | return ( 26 | <> 27 | 28 | 29 | 30 |
31 | 32 | Orders 33 |
34 | 35 | 36 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | ID 49 | Created At 50 | Description 51 | 52 | 53 | 54 | {orderList} 55 | 56 |
57 | 58 | ) 59 | } 60 | 61 | export default OrderTable -------------------------------------------------------------------------------- /order-ui/src/components/user/UserPage.js: -------------------------------------------------------------------------------- 1 | import React, { useEffect, useState } from 'react' 2 | import { Navigate } from 'react-router-dom' 3 | import { Container } from 'semantic-ui-react' 4 | import OrderTable from './OrderTable' 5 | import { useAuth } from '../context/AuthContext' 6 | import { orderApi } from '../misc/OrderApi' 7 | import { handleLogError } from '../misc/Helpers' 8 | 9 | function UserPage() { 10 | const Auth = useAuth() 11 | const user = Auth.getUser() 12 | const isUser = user.data.rol[0] === 'USER' 13 | 14 | const [userMe, setUserMe] = useState(null) 15 | const [isLoading, setIsLoading] = useState(false) 16 | const [orderDescription, setOrderDescription] = useState('') 17 | 18 | useEffect(() => { 19 | async function fetchData() { 20 | setIsLoading(true) 21 | 22 | try { 23 | const response = await orderApi.getUserMe(user) 24 | setUserMe(response.data) 25 | } catch (error) { 26 | handleLogError(error) 27 | } finally { 28 | setIsLoading(false) 29 | } 30 | } 31 | 32 | fetchData() 33 | }, []) 34 | 35 | const handleInputChange = (e, { name, value }) => { 36 | if (name === 'orderDescription') { 37 | setOrderDescription(value) 38 | } 39 | } 40 | 41 | const handleCreateOrder = async () => { 42 | let trimmedDescription = orderDescription.trim() 43 | if (!trimmedDescription) { 44 | return 45 | } 46 | 47 | const order = { description: trimmedDescription } 48 | try { 49 | await orderApi.createOrder(user, order) 50 | await fetchUserMeData() 51 | setOrderDescription('') 52 | } catch (error) { 53 | handleLogError(error) 54 | } 55 | } 56 | 57 | const fetchUserMeData = async () => { 58 | setIsLoading(true) 59 | 60 | try { 61 | const response = await orderApi.getUserMe(user) 62 | setUserMe(response.data) 63 | } catch (error) { 64 | handleLogError(error) 65 | } finally { 66 | setIsLoading(false) 67 | } 68 | } 69 | 70 | if (!isUser) { 71 | return 72 | } 73 | 74 | return ( 75 | 76 | 83 | 84 | ) 85 | } 86 | 87 | export default UserPage 88 | -------------------------------------------------------------------------------- /order-ui/src/index.css: -------------------------------------------------------------------------------- 1 | body { 2 | margin: 0; 3 | font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', 'Roboto', 'Oxygen', 4 | 'Ubuntu', 'Cantarell', 'Fira Sans', 'Droid Sans', 'Helvetica Neue', 5 | sans-serif; 6 | -webkit-font-smoothing: antialiased; 7 | -moz-osx-font-smoothing: grayscale; 8 | } 9 | 10 | code { 11 | font-family: source-code-pro, Menlo, Monaco, Consolas, 'Courier New', 12 | monospace; 13 | } 14 | -------------------------------------------------------------------------------- /order-ui/src/index.js: -------------------------------------------------------------------------------- 1 | import React from 'react' 2 | import ReactDOM from 'react-dom/client' 3 | import './index.css' 4 | import App from './App' 5 | import reportWebVitals from './reportWebVitals' 6 | 7 | const root = ReactDOM.createRoot(document.getElementById('root')) 8 | root.render( 9 | // 10 | 11 | // 12 | ) 13 | 14 | // If you want to start measuring performance in your app, pass a function 15 | // to log results (for example: reportWebVitals(console.log)) 16 | // or send to an analytics endpoint. Learn more: https://bit.ly/CRA-vitals 17 | reportWebVitals() 18 | -------------------------------------------------------------------------------- /order-ui/src/reportWebVitals.js: -------------------------------------------------------------------------------- 1 | const reportWebVitals = onPerfEntry => { 2 | if (onPerfEntry && onPerfEntry instanceof Function) { 3 | import('web-vitals').then(({ getCLS, getFID, getFCP, getLCP, getTTFB }) => { 4 | getCLS(onPerfEntry); 5 | getFID(onPerfEntry); 6 | getFCP(onPerfEntry); 7 | getLCP(onPerfEntry); 8 | getTTFB(onPerfEntry); 9 | }); 10 | } 11 | }; 12 | 13 | export default reportWebVitals; 14 | -------------------------------------------------------------------------------- /order-ui/src/setupTests.js: -------------------------------------------------------------------------------- 1 | // jest-dom adds custom jest matchers for asserting on DOM nodes. 2 | // allows you to do things like: 3 | // expect(element).toHaveTextContent(/react/i) 4 | // learn more: https://github.com/testing-library/jest-dom 5 | import '@testing-library/jest-dom'; 6 | --------------------------------------------------------------------------------