test code #6
test code #6
Conversation
| private String lastName; | ||
| private String shippingAddress; | ||
|
|
||
| @ManyToMany(fetch = FetchType.EAGER) |
There was a problem hiding this comment.
you can delete FetchType.Eager and use @entitygraph(attributePaths = "roles") in UsersRepository on findByEmail() method, it will initialize roles when the method is called
| @RestController | ||
| @Validated | ||
| @RequestMapping(value = "/auth") | ||
| public class AuthenticationController { |
There was a problem hiding this comment.
Do we need to add Tag annotation here?
| @@ -41,6 +42,7 @@ public List<BookDto> getAll(@PageableDefault(size = 5, page = 0) | |||
| } | |||
|
|
|||
| @DeleteMapping(value = "/{id}") | |||
| @PreAuthorize("hasRole('ROLE_ADMIN')") | |||
There was a problem hiding this comment.
Do we need to add ROLE_USER for some endpoint?
| import jakarta.validation.constraints.Email; | ||
| import jakarta.validation.constraints.NotNull; | ||
|
|
||
| public record UserLoginRequestDto(@NotNull @Email String email, |
| import jakarta.validation.constraints.NotNull; | ||
|
|
||
| public record UserLoginRequestDto(@NotNull @Email String email, | ||
| @NotNull String password) { |
| import jakarta.validation.constraints.NotBlank; | ||
| import jakarta.validation.constraints.Size; | ||
|
|
||
| @FieldMatch |
There was a problem hiding this comment.
| @FieldMatch | |
| @FieldMatch(fields = {"password", "repeatPassword"}) |
|
|
||
| @Repository | ||
| public interface RoleRepository extends JpaRepository<Role, Long> { | ||
|
|
|
|
||
| @Repository | ||
| public interface UserRepository extends JpaRepository<User, Long> { | ||
|
|
| @Repository | ||
| public interface UserRepository extends JpaRepository<User, Long> { | ||
|
|
||
| Optional<User> findByEmail(String email); |
There was a problem hiding this comment.
You can add @EntityGraph(attributePaths = "roles") to avoid declare Eager fetch type in your entity
| } | ||
|
|
||
| private static String getToken(HttpServletRequest request) { | ||
| String bearerToken = request.getHeader("Authorization"); |
There was a problem hiding this comment.
authorizationHeader will be more correct by meaning
| } | ||
| User user = userMapper.toUserModel(requestDto); | ||
| user.setPassword(passwordEncoder.encode(requestDto.password())); | ||
|
|
pom.xml
Outdated
| <dependency> | ||
| <groupId>org.liquibase</groupId> | ||
| <artifactId>liquibase-core</artifactId> | ||
| <version>${liquibase.version}</version> |
There was a problem hiding this comment.
Remove version, spring already provides it
pom.xml
Outdated
| </dependency> | ||
| <dependency> | ||
| <groupId>org.liquibase</groupId> | ||
| <artifactId>liquibase-maven-plugin</artifactId> |
| @Data | ||
| @Entity | ||
| @Table(name = "roles") | ||
| @RequiredArgsConstructor |
| public interface UserMapper { | ||
| UserDto toDto(User user); | ||
|
|
||
| User toUserModel(UserRegistrationRequestDto userDto); |
| nullValueCheckStrategy = NullValueCheckStrategy.ALWAYS, | ||
| implementationPackage = "<PACKAGE_NAME>.impl") | ||
| public interface UserMapper { | ||
| UserDto toDto(User user); |
There was a problem hiding this comment.
| UserDto toDto(User user); | |
| UserDto toUserDto(User user); |
| } | ||
|
|
||
| private static String getToken(HttpServletRequest request) { | ||
| String authorizationHeader = request.getHeader("Authorization"); |
There was a problem hiding this comment.
Optional
there is an existing constant: org.springframework.http.HttpHeaders.AUTHORIZATION
| name = "users_roles", | ||
| joinColumns = @JoinColumn(name = "user_id"), | ||
| inverseJoinColumns = @JoinColumn(name = "role_id") | ||
|
|
| String message() default "Passwords do not match"; | ||
| Class<?>[] groups() default { }; | ||
| Class<? extends Payload>[] payload() default { }; |
There was a problem hiding this comment.
| String message() default "Passwords do not match"; | |
| Class<?>[] groups() default { }; | |
| Class<? extends Payload>[] payload() default { }; | |
| String message() default "Passwords do not match"; | |
| Class<?>[] groups() default { }; | |
| Class<? extends Payload>[] payload() default { }; |
| UserRegistrationRequestDto> { | ||
|
|
||
| @Override | ||
| public boolean isValid(UserRegistrationRequestDto dto, |
There was a problem hiding this comment.
you can add not null validation here
| .anyRequest() | ||
| .authenticated() | ||
| ) | ||
| .httpBasic(Customizer.withDefaults()) |
There was a problem hiding this comment.
why do you need basic auth if we're using JWT?
There was a problem hiding this comment.
I need just remove it?
|
|
||
| @RequiredArgsConstructor | ||
| @RestController | ||
| @Validated |
There was a problem hiding this comment.
do you really need this annotation here?
There was a problem hiding this comment.
Yes,how it works without it?
There was a problem hiding this comment.
In such case you don't need Validated annotation.
| import jakarta.validation.constraints.Positive; | ||
| import java.math.BigDecimal; | ||
|
|
||
| public record CreateBookRequestDto(@NotBlank String title, | ||
| @NotBlank String author, | ||
| @NotBlank String isbn, | ||
| @NotNull @Positive BigDecimal price, | ||
| @NotBlank @Positive BigDecimal price, |
There was a problem hiding this comment.
NotNull correct here and better use PositiveOrZero
| public UserDto register(UserRegistrationRequestDto requestDto) | ||
| throws RegistrationException { | ||
| if (userRepository.findByEmail(requestDto.email()).isPresent()) { | ||
| throw new RegistrationException("User with email: " + requestDto.email() |
There was a problem hiding this comment.
Should you handle this exception? Maybe something else?
There was a problem hiding this comment.
Create another exception?what`s wrong with this one?
| @Override | ||
| public UserDto register(UserRegistrationRequestDto requestDto) | ||
| throws RegistrationException { | ||
| if (userRepository.findByEmail(requestDto.email()).isPresent()) { |
There was a problem hiding this comment.
you can use existByEmail from JPA
| nullable: false | ||
| - column: | ||
| name: shipping_address | ||
| type: VARCHAR(255) |
There was a problem hiding this comment.
you must have the same maximum size in the query, as it may cause a SQL exception, or use a different type (check it everywhere)
| type: boolean | ||
| defaultValueBoolean: false | ||
| constraints: | ||
| nullable: false |
There was a problem hiding this comment.
add one empty line (check it in other files)
| - include: | ||
| file: db\changelog\changes\03-create-roles-table.yaml | ||
| - include: | ||
| file: db/changelog/changes/04-create-users-roles.yaml |
There was a problem hiding this comment.
Why different slashs? looks weird
| .anyRequest() | ||
| .authenticated() | ||
| ) | ||
| .httpBasic(Customizer.withDefaults()) |
|
|
||
| @RequiredArgsConstructor | ||
| @RestController | ||
| @Validated |
There was a problem hiding this comment.
In such case you don't need Validated annotation.
| @@ -0,0 +1,8 @@ | |||
| package com.example.springbootbookshop.dto.user; | |||
|
|
|||
| public record UserDto(Long id, | |||
There was a problem hiding this comment.
You can remove this class and use UserRegisterResponseDto instead
| public String getAuthority() { | ||
| return "ROLE_" + name.name(); | ||
| } | ||
|
|
|
|
||
| public enum RoleName { | ||
| ADMIN, | ||
| MANAGER, |
| @Column(nullable = false) | ||
| private String lastName; | ||
| private String shippingAddress; | ||
|
|
|
|
||
| @Override | ||
| public boolean isEnabled() { | ||
| return true; |
| import org.springframework.security.core.userdetails.UsernameNotFoundException; | ||
| import org.springframework.stereotype.Component; | ||
|
|
||
| @Component |
| @Override | ||
| public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { | ||
| return userRepository.findByEmail(username).orElseThrow(() -> | ||
| new EntityNotFoundException("User doesn`t exist")); |
|
|
||
| @RequiredArgsConstructor | ||
| @RestController | ||
| @Validated |
| import org.springframework.security.core.userdetails.UsernameNotFoundException; | ||
| import org.springframework.stereotype.Component; | ||
|
|
||
| @Component |
| @Override | ||
| public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { | ||
| return userRepository.findByEmail(username).orElseThrow(() -> | ||
| new EntityNotFoundException("User doesn`t exist")); |
There was a problem hiding this comment.
This method throw UsernameNotFoundException so you need to
userRepository.findByEmail(username).orElseThrow(() ->
new UsernameNotFoundException("User doesn`t exist"))
| @@ -0,0 +1,11 @@ | |||
| package com.example.springbootbookshop.exception; | |||
|
|
|||
| public class RegistrationException extends RuntimeException { | |||
| @@ -0,0 +1,8 @@ | |||
| package com.example.springbootbookshop.dto.user; | |||
|
|
|||
| public record UserDto(Long id, | |||
There was a problem hiding this comment.
| public record UserDto(Long id, | |
| public record UserResponseDto(Long id, |
| public interface UserMapper { | ||
| UserResponseDto toUserDto(User user); | ||
|
|
||
| User toUserModel(UserRegistrationRequestDto userDto); |
There was a problem hiding this comment.
| User toUserModel(UserRegistrationRequestDto userDto); | |
| User toUser(UserRegistrationRequestDto userDto); |
No description provided.