Skip to content

Latest commit

 

History

History
141 lines (101 loc) · 4.14 KB

README.md

File metadata and controls

141 lines (101 loc) · 4.14 KB

springfield

A Java application to manage stored users' information by REST API built on Spring Boot. To store the users' data the application uses the H2 in-memory database. All endpoints were described with Swagger 2. The application is secured with Spring Security and JWT. To get rid of boilerplate code the application uses Lombok.

Getting started

Prerequisites

To run the application you need such things installed on your machine:

  • Java 11
  • Maven

Build and run

To build and run the application go to the project root and execute the next Maven command in your terminal:

mvn spring-boot:run

You may check that application is running by opening the link: http://localhost:8080/swagger-ui/

Documentation

The application has two user roles: ADMIN and USER. By default, at the startup the application creates two users:

[
  {
    "id": 1,
    "role": "ADMIN",
    "username": "admin",
    "password": "A12345",
    "firstName": "Tom",
    "lastName": "Collins",
    "birth": "1989-01-17"
  },
  {
    "id": 2,
    "role": "USER",
    "username": "user",
    "password": "A12345",
    "firstName": "Timofey",
    "lastName": "Handsome",
    "birth": "1996-01-17"
  }
]

User permissions

A user with role ADMIN has such permissions:

  • create a new user;
  • read every user information;
  • read a list of all users;
  • update every user information, such as firstName, lastName, and birth;
  • update every user password;
  • delete any user.

A user with role USER has such permissions:

  • read his own information;
  • update own information, such as firstName, lastName, and birth;
  • update his own password.

Endpoints

All endpoints were described with Swagger 2. Also, I prepared a Postman collection.
By default, you may open Swagger docs by this URL:

http://localhost:8080/v2/api-docs

Swagger UI is accessible by this URL:

http://localhost:8080/swagger-ui/

The full list of endpoints you may see below:

  • GET /api/v1/version
  • POST /api/getToken
  • GET /api/v1/user
  • GET /api/v1/user/count
  • POST /api/v1/user/create
  • DELETE /api/v1/user/delete
  • GET /api/v1/user/list
  • PUT /api/v1/user/updateInfo
  • PUT /api/v1/user/updatePassword

Authorization

As already was mentioned, the application secured with Spring Security and JWT. All endpoints are secured and to use them you need to provide an Authorization header, which will contain a token.
To get the token you need to send a POST request to http://localhost:8080/api/getToken, and the body of the request must contain a username and password:

{
  "password": "<password here>",
  "username": "<username here>"
}

You may use the credentials of two create by default users.

Postman authorization
Using the Postman collection you just need to send a request using the getToken request and the Authorization header will be populated for you for each next requests.

Swagger 2 authorization
Using Swagger UI you need to send the POST request to http://localhost:8080/api/getToken. After successful authorization, you will get a response. In this response find the Authorization header and copy its value.

Getting token with Swagger

The header value to copy looks like this:

Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhZG1pbiIsImF1dGhvcml0aWVzIjpbeyJhdXRob3JpdHkiOiJ1c2VyOndyaXRlIn0seyJhdXRob3JpdHkiOiJ1c2VyczpyZWFkIn0seyJhdXRob3JpdHkiOiJ1c2VyOnJlYWQifSx7ImF1dGhvcml0eSI6IlJPTEVfQURNSU4ifSx7ImF1dGhvcml0eSI6InVzZXJzOndyaXRlIn1dLCJpYXQiOjE2MTA4NDUzNzMsImV4cCI6MTYxMTEwNDU3M30.946kXUelFZHAcaU6MfJwyAJZzRJzyRm0VWoXxcDlNPs

After this, click on the "Authorize" button.

Authorize button

Put the value you copied into the field and hit "Authorize".

Authorize button

That it.

After you successfully got a token, you have 72 hours, after this time the token will expire. Read the description of the endpoints to understand how to use them.

Author 🦝