Changes in / [7d8eeab:dad25fc]

Location:

ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo

Files:

• config/filter/JWTAuthenticationFilter.java (modified) (2 diffs)
• constants/JWTConstants.java (deleted)
• dto/adminDTO/AdminDTO.java (added)
• service/impl/JWTServiceImpl.java (modified) (4 diffs)
• web/AuthController.java (modified) (2 diffs)
• web/GlobalExceptionHandler.java (modified) (2 diffs)
• web/UserController.java (modified) (1 diff)

ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/config/filter/JWTAuthenticationFilter.java

@@ -6 +6 @@
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.NonNull;
-import mk.ukim.finki.it.reservengo.constants.JWTConstants;
 import mk.ukim.finki.it.reservengo.service.intf.JWTService;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
@@ -33 +32 @@
                                     @NonNull HttpServletResponse response,
                                     @NonNull FilterChain filterChain) throws ServletException, IOException {
-        final String authHeader = request.getHeader(JWTConstants.HEADER);
+        final String authHeader = request.getHeader("Authorization");
         final String jwt;
         final String userEmail;
 
-        if (authHeader == null || !authHeader.startsWith(JWTConstants.TOKEN_PREFIX)) {
+        if (authHeader == null || !authHeader.startsWith("Bearer ")) {
             filterChain.doFilter(request, response);
             return;
         }
 
-        jwt = authHeader.substring(JWTConstants.TOKEN_PREFIX.length());
+        jwt = authHeader.substring(7);
         userEmail = jwtService.extractUsername(jwt);
 

ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/service/impl/JWTServiceImpl.java

@@ -6 +6 @@
 import io.jsonwebtoken.io.Decoders;
 import io.jsonwebtoken.security.Keys;
-import mk.ukim.finki.it.reservengo.constants.JWTConstants;
 import mk.ukim.finki.it.reservengo.model.domain.User;
 import mk.ukim.finki.it.reservengo.service.intf.JWTService;
@@ -18 +17 @@
 @Service
 public class JWTServiceImpl implements JWTService {
+
+    private static final String SECRET_KEY = "7bce06d6331e532e8c4c85e6eaae4217711768fe1aa582b4549c2722a8ef0497";
+
     @Override
     public String extractUsername(String token) {
@@ -35 +37 @@
     @Override
     public Key getSignInKey() {
-        byte[] keyBytes = Decoders.BASE64.decode(JWTConstants.SECRET_KEY);
+        byte[] keyBytes = Decoders.BASE64.decode(SECRET_KEY);
         return Keys.hmacShaKeyFor(keyBytes);
     }
@@ -52 +54 @@
                 .claim("id", user.getId())
                 .setIssuedAt(new Date())
-                .setExpiration(new Date(System.currentTimeMillis() + JWTConstants.EXPIRATION_TIME))
+                .setExpiration(new Date(System.currentTimeMillis() + 1000 * 60 * 60 * 24))
                 .signWith(getSignInKey(), SignatureAlgorithm.HS256)
                 .compact();

ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/web/AuthController.java

@@ -6 +6 @@
 import mk.ukim.finki.it.reservengo.service.intf.AuthService;
 import org.springframework.http.HttpStatus;
+import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.bind.annotation.*;
 
 @RestController
@@ -21 +19 @@
     }
 
-    @PostMapping(value = "/register/customer")
+    @PostMapping(value = "/register/customer", produces = MediaType.APPLICATION_JSON_VALUE)
     public ResponseEntity<JWTAuthenticationResponseDTO> registerCustomer(@RequestBody JWTAuthenticationRequestDTO jwtAuthenticationRequestDTO) {
         return new ResponseEntity<>(authenticationService.registerCustomer(jwtAuthenticationRequestDTO), HttpStatus.CREATED);

ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/web/GlobalExceptionHandler.java

@@ -6 +6 @@
 import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.web.bind.annotation.ExceptionHandler;
 import org.springframework.web.bind.annotation.RestControllerAdvice;
@@ -14 +15 @@
     @ExceptionHandler(BadCredentialsException.class)
     public ResponseEntity<String> handleBadCredentials(BadCredentialsException ex) {
-        return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body(ex.getMessage());
+        return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("Invalid email or password");
     }
 
     @ExceptionHandler(EmailNotFoundException.class)
     public ResponseEntity<String> handleUserNotFound(EmailNotFoundException ex) {
-        return ResponseEntity.status(HttpStatus.NOT_FOUND).body(ex.getMessage());
+        return ResponseEntity.status(HttpStatus.NOT_FOUND).body("User not found");
     }
 
     @ExceptionHandler(AuthenticationException.class)
     public ResponseEntity<String> handleUserNotFound(AuthenticationException ex) {
-        return ResponseEntity.status(HttpStatus.NOT_FOUND).body(ex.getMessage());
+        return ResponseEntity.status(HttpStatus.NOT_FOUND).body("Authentication failed");
     }
 }

ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/web/UserController.java

@@ -20 +20 @@
 
     @GetMapping("/info")
-    public ResponseEntity<?> getUserPersonalInfo(@AuthenticationPrincipal User user) {
-        User u = userService.findUser(user.getId());
-        return ResponseEntity.ok(u);
+    public ResponseEntity<?> getUserPersonalInfo(@AuthenticationPrincipal User u) {
+        User user = userService.findUser(u.getId());
+        return ResponseEntity.ok(user);
     }