-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
23 changed files
with
595 additions
and
80 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
# Authentication Service Specification | ||
|
||
## Overview | ||
|
||
The Authentication Service is a critical component of the system, responsible for managing user registration, login, and token management. It provides a secure way for users to access the system by validating their credentials and issuing JWT tokens for authenticated sessions. | ||
|
||
## Features | ||
|
||
### User Registration | ||
|
||
Endpoint: `POST /api/v1/auth/register` | ||
|
||
This feature allows new users to register for an account. The user provides their details (such as username, password, email, etc.) and the service creates a new user account in the system. The password is hashed using bcrypt for secure storage. | ||
|
||
### User Login | ||
|
||
Endpoint: `POST /api/v1/auth/authenticate` | ||
|
||
This feature allows users to log in to their account. The user provides their username and password, and the service validates these credentials. If the credentials are valid, the service generates a JWT token for the user's session and returns it in the response. | ||
|
||
### Reset Password (To be implemented) | ||
|
||
This feature will allow users to reset their password if they forget it. The user will provide their email, and the service will send a password reset link to that email. The user can then use this link to set a new password for their account. | ||
|
||
### Refresh Token (To be implemented) | ||
|
||
This feature will allow users to refresh their session token. The user will provide their current token, and the service will validate this token and issue a new one. This allows the user to maintain their session without needing to log in again. | ||
|
||
## Security | ||
|
||
The service uses JWT for session management. When a user logs in, they are issued a JWT token. This token is then used to authenticate the user's requests. The service validates the token with each request to ensure that it is valid and has not expired. | ||
|
||
Passwords are hashed using bcrypt before they are stored. This ensures that even if the user data is compromised, the passwords cannot be easily recovered. | ||
|
||
## API Documentation | ||
|
||
The API documentation for the service is available at `http://localhost:8080/swagger-ui/index.html`. This provides detailed information about the API endpoints, including the request and response formats. | ||
|
||
## Next version | ||
|
||
The next version of the service will include the following features: | ||
|
||
- Reset Password | ||
- Refresh Token | ||
- Login by Email and dynamic code | ||
- Improve security by register and reset password by email | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
32 changes: 31 additions & 1 deletion
32
src/main/java/org/andy/chatfybackend/auth/auth/AuthenticationController.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,32 @@ | ||
package org.andy.chatfybackend.auth.auth;public class AuthenticationController { | ||
package org.andy.chatfybackend.auth.auth; | ||
|
||
|
||
import lombok.RequiredArgsConstructor; | ||
import org.springframework.http.ResponseEntity; | ||
import org.springframework.web.bind.annotation.PostMapping; | ||
import org.springframework.web.bind.annotation.RequestBody; | ||
import org.springframework.web.bind.annotation.RequestMapping; | ||
import org.springframework.web.bind.annotation.RestController; | ||
|
||
@RestController | ||
@RequestMapping("/api/v1/auth") | ||
@RequiredArgsConstructor | ||
|
||
public class AuthenticationController { | ||
private final AuthenticationService authenticationService; | ||
@PostMapping("/register") | ||
// @PermitAll | ||
public ResponseEntity<AuthenticationResponse> register( | ||
@RequestBody RegisterRequest request | ||
) { | ||
return ResponseEntity.ok(authenticationService.register(request)); | ||
} | ||
|
||
@PostMapping("/authenticate") | ||
// @PermitAll | ||
public ResponseEntity<AuthenticationResponse> register( | ||
@RequestBody AuthenticationRequest request | ||
) { | ||
return ResponseEntity.ok(authenticationService.authenticate(request)); | ||
} | ||
} |
15 changes: 14 additions & 1 deletion
15
src/main/java/org/andy/chatfybackend/auth/auth/AuthenticationRequest.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,15 @@ | ||
package org.andy.chatfybackend.auth.auth;public class AuthenticationRequest { | ||
package org.andy.chatfybackend.auth.auth; | ||
|
||
import lombok.AllArgsConstructor; | ||
import lombok.Builder; | ||
import lombok.Data; | ||
import lombok.NoArgsConstructor; | ||
|
||
@Builder | ||
@NoArgsConstructor | ||
@AllArgsConstructor | ||
@Data | ||
public class AuthenticationRequest { | ||
private String email; | ||
private String password; | ||
} |
14 changes: 13 additions & 1 deletion
14
src/main/java/org/andy/chatfybackend/auth/auth/AuthenticationResponse.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,14 @@ | ||
package org.andy.chatfybackend.auth.auth;public class AuthenticationResponse { | ||
package org.andy.chatfybackend.auth.auth; | ||
|
||
import lombok.AllArgsConstructor; | ||
import lombok.Builder; | ||
import lombok.Data; | ||
import lombok.NoArgsConstructor; | ||
|
||
@Builder | ||
@NoArgsConstructor | ||
@AllArgsConstructor | ||
@Data | ||
public class AuthenticationResponse { | ||
private String jwt; | ||
} |
53 changes: 52 additions & 1 deletion
53
src/main/java/org/andy/chatfybackend/auth/auth/AuthenticationService.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,53 @@ | ||
package org.andy.chatfybackend.auth.auth;public class AuthenticationService { | ||
package org.andy.chatfybackend.auth.auth; | ||
|
||
import lombok.RequiredArgsConstructor; | ||
import org.andy.chatfybackend.auth.basic_user.BasicUser; | ||
import org.andy.chatfybackend.auth.basic_user.BasicUserRepository; | ||
import org.andy.chatfybackend.auth.config.JwtService; | ||
import org.andy.chatfybackend.auth.exceptions.DuplicateUserException; | ||
import org.andy.chatfybackend.auth.exceptions.IncorrectPasswordException; | ||
import org.springframework.security.authentication.AuthenticationManager; | ||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; | ||
import org.springframework.security.crypto.password.PasswordEncoder; | ||
import org.springframework.stereotype.Service; | ||
|
||
@Service | ||
@RequiredArgsConstructor | ||
public class AuthenticationService { | ||
private final BasicUserRepository basicUserRepository; | ||
private final PasswordEncoder passwordEncoder; | ||
private final JwtService jwtService; | ||
private final AuthenticationManager authenticationManager; | ||
|
||
public AuthenticationResponse register(RegisterRequest request) { | ||
if(basicUserRepository.existsByEmail(request.getEmail())) { | ||
throw new DuplicateUserException("Email already exists"); | ||
} | ||
var user = BasicUser.builder() | ||
.email(request.getEmail()) | ||
.password(passwordEncoder.encode(request.getPassword())) | ||
.build(); | ||
basicUserRepository.save(user); | ||
var jwt = jwtService.generateToken(user); | ||
return AuthenticationResponse.builder() | ||
.jwt(jwt) | ||
.build(); | ||
} | ||
|
||
public AuthenticationResponse authenticate(AuthenticationRequest request) { | ||
try { | ||
authenticationManager.authenticate(new UsernamePasswordAuthenticationToken( | ||
request.getEmail(), | ||
request.getPassword() | ||
)); | ||
} catch (Exception e) { | ||
throw new IncorrectPasswordException("Incorrect password"); | ||
} | ||
var user = basicUserRepository.findByEmail(request.getEmail()) | ||
.orElseThrow(); | ||
var jwt = jwtService.generateToken(user); | ||
return AuthenticationResponse.builder() | ||
.jwt(jwt) | ||
.build(); | ||
} | ||
} |
15 changes: 14 additions & 1 deletion
15
src/main/java/org/andy/chatfybackend/auth/auth/RegisterRequest.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,15 @@ | ||
package org.andy.chatfybackend.auth.auth;public class RegisterRequest { | ||
package org.andy.chatfybackend.auth.auth; | ||
|
||
import lombok.AllArgsConstructor; | ||
import lombok.Builder; | ||
import lombok.Data; | ||
import lombok.NoArgsConstructor; | ||
|
||
@Builder | ||
@NoArgsConstructor | ||
@AllArgsConstructor | ||
@Data | ||
public class RegisterRequest { | ||
private String email; | ||
private String password; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
3 changes: 2 additions & 1 deletion
3
src/main/java/org/andy/chatfybackend/auth/basic_user/BasicUserRepository.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,9 +1,10 @@ | ||
package org.andy.chatfybackend.auth; | ||
package org.andy.chatfybackend.auth.basic_user; | ||
|
||
import org.springframework.data.jpa.repository.JpaRepository; | ||
|
||
import java.util.Optional; | ||
|
||
public interface BasicUserRepository extends JpaRepository<BasicUser, Long> { | ||
Optional<BasicUser> findByEmail(String email); | ||
boolean existsByEmail(String email); | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,4 @@ | ||
package org.andy.chatfybackend.auth; | ||
package org.andy.chatfybackend.auth.basic_user; | ||
|
||
public enum Role { | ||
ADMIN, | ||
|
45 changes: 44 additions & 1 deletion
45
src/main/java/org/andy/chatfybackend/auth/config/AuthConfig.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,45 @@ | ||
package org.andy.chatfybackend.auth.config;public class AuthConfig { | ||
package org.andy.chatfybackend.auth.config; | ||
|
||
import lombok.RequiredArgsConstructor; | ||
import org.andy.chatfybackend.auth.basic_user.BasicUserRepository; | ||
import org.springframework.context.annotation.Bean; | ||
import org.springframework.context.annotation.Configuration; | ||
import org.springframework.security.authentication.AuthenticationManager; | ||
import org.springframework.security.authentication.AuthenticationProvider; | ||
import org.springframework.security.authentication.dao.DaoAuthenticationProvider; | ||
import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration; | ||
import org.springframework.security.core.userdetails.UserDetailsService; | ||
import org.springframework.security.core.userdetails.UsernameNotFoundException; | ||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; | ||
import org.springframework.security.crypto.password.PasswordEncoder; | ||
|
||
@Configuration | ||
@RequiredArgsConstructor | ||
public class AuthConfig { | ||
private final BasicUserRepository repository; | ||
@Bean | ||
public UserDetailsService userDetailsService() { | ||
return username -> | ||
repository.findByEmail(username) | ||
.orElseThrow(() -> new UsernameNotFoundException("User not found") | ||
); | ||
} | ||
|
||
@Bean | ||
public AuthenticationProvider authenticationProvider() { | ||
DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider(); | ||
authProvider.setUserDetailsService(userDetailsService()); | ||
authProvider.setPasswordEncoder(passwordEncoder()); | ||
return authProvider; | ||
} | ||
|
||
@Bean | ||
public PasswordEncoder passwordEncoder() { | ||
return new BCryptPasswordEncoder(); | ||
} | ||
|
||
@Bean | ||
public AuthenticationManager authenticationManager(AuthenticationConfiguration config) throws Exception { | ||
return config.getAuthenticationManager(); | ||
} | ||
} |
18 changes: 16 additions & 2 deletions
18
src/main/java/org/andy/chatfybackend/auth/config/ErrorDetails.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,16 @@ | ||
package org.andy.chatfybackend.auth.config;public class ErrorDetails { | ||
} | ||
package org.andy.chatfybackend.auth.config; | ||
|
||
import lombok.AllArgsConstructor; | ||
import lombok.Builder; | ||
import lombok.Getter; | ||
import lombok.ToString; | ||
|
||
@Builder | ||
@AllArgsConstructor | ||
@ToString | ||
@Getter | ||
public class ErrorDetails { | ||
private String message; | ||
@Builder.Default | ||
private String details = ""; | ||
} |
Oops, something went wrong.