Refactor password validation and token repository and add swagger config

Author: isopropylcyanide

pom.xml

@@ -26,6 +26,7 @@
         <log4j.version>1.2.17</log4j.version>
         <spring.boot.version>2.0.4.RELEASE</spring.boot.version>
         <freemarker.version>2.3.28</freemarker.version>
+        <swagger.version>2.9.2</swagger.version>
     </properties>
 
     <dependencies>
@@ -114,6 +115,21 @@
             <artifactId>freemarker</artifactId>
             <version>${freemarker.version}</version>
         </dependency>
+
+        <!--Swagger UI-->
+        <dependency>
+            <groupId>io.springfox</groupId>
+            <artifactId>springfox-swagger-ui</artifactId>
+            <version>${swagger.version}</version>
+        </dependency>
+
+        <!--Swagger 2-->
+        <dependency>
+            <groupId>io.springfox</groupId>
+            <artifactId>springfox-swagger2</artifactId>
+            <version>${swagger.version}</version>
+        </dependency>
+
     </dependencies>
 
     <build>

src/main/java/com/accolite/pru/health/AuthApp/config/SwaggerConfig.java

@@ -0,0 +1,38 @@
+package com.accolite.pru.health.AuthApp.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import springfox.documentation.builders.ApiInfoBuilder;
+import springfox.documentation.builders.PathSelectors;
+import springfox.documentation.builders.RequestHandlerSelectors;
+import springfox.documentation.service.ApiInfo;
+import springfox.documentation.spi.DocumentationType;
+import springfox.documentation.spring.web.plugins.Docket;
+import springfox.documentation.swagger2.annotations.EnableSwagger2;
+
+@EnableSwagger2
+@Configuration
+public class SwaggerConfig {
+
+	@Bean
+	public Docket productApi() {
+		return new Docket(DocumentationType.SWAGGER_2)
+				.select()
+				.apis(RequestHandlerSelectors.basePackage("com.accolite.pru.health.AuthApp"))
+				.paths(PathSelectors.regex("/api.*"))
+				.build()
+				.apiInfo(metaInfo());
+	}
+
+	/**
+	 * Return the meta info about the API. This should reflect
+	 */
+	private ApiInfo metaInfo() {
+		return new ApiInfoBuilder()
+				.description("Backend API For the Auth/User Service")
+				.title("Auth/User API")
+				.version("Unreleased [WIP]")
+				.build();
+	}
+
+}

src/main/java/com/accolite/pru/health/AuthApp/config/WebSecurityConfig.java

@@ -13,6 +13,7 @@
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.builders.WebSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.config.http.SessionCreationPolicy;
@@ -55,6 +56,12 @@ protected void configure(AuthenticationManagerBuilder auth) throws Exception {
 				.passwordEncoder(passwordEncoder());
 	}
 
+	@Override
+	public void configure(WebSecurity web) throws Exception {
+		web.ignoring().antMatchers("/v2/api-docs", "/configuration/ui", "/swagger-resources/**", "/configuration/**",
+				"/swagger-ui.html", "/webjars/**");
+	}
+
 	@Override
 	protected void configure(HttpSecurity http) throws Exception {
 		http.cors()

src/main/java/com/accolite/pru/health/AuthApp/controller/AuthController.java

@@ -24,6 +24,7 @@
 import com.accolite.pru.health.AuthApp.model.token.RefreshToken;
 import com.accolite.pru.health.AuthApp.security.JwtTokenProvider;
 import com.accolite.pru.health.AuthApp.service.AuthService;
+import io.swagger.annotations.Api;
 import org.apache.log4j.Logger;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.ApplicationEventPublisher;
@@ -45,6 +46,7 @@
 
 @RestController
 @RequestMapping("/api/auth")
+@Api
 public class AuthController {
 
 	@Autowired

src/main/java/com/accolite/pru/health/AuthApp/model/payload/PasswordResetRequest.java

@@ -1,10 +1,10 @@
 package com.accolite.pru.health.AuthApp.model.payload;
 
-import com.accolite.pru.health.AuthApp.validation.annotation.PasswordsMatch;
+import com.accolite.pru.health.AuthApp.validation.annotation.MatchPassword;
 
 import javax.validation.constraints.NotBlank;
 
-@PasswordsMatch(allowNull = false)
+@MatchPassword
 public class PasswordResetRequest {
 
 	@NotBlank(message = "Password cannot be blank")

src/main/java/com/accolite/pru/health/AuthApp/repository/PasswordResetTokenRepository.java

@@ -1,26 +1,21 @@
 package com.accolite.pru.health.AuthApp.repository;
 
-import java.time.Instant;
-import java.util.Optional;
-
+import com.accolite.pru.health.AuthApp.model.PasswordResetToken;
+import com.accolite.pru.health.AuthApp.model.User;
 import org.springframework.data.jpa.repository.JpaRepository;
-import org.springframework.data.jpa.repository.Query;
-import org.springframework.data.repository.query.Param;
 import org.springframework.stereotype.Repository;
 
-import com.accolite.pru.health.AuthApp.model.PasswordResetToken;
+import java.time.Instant;
+import java.util.Optional;
 
 @Repository
 public interface PasswordResetTokenRepository extends JpaRepository<PasswordResetToken, Long> {
 
-	@Query(value = "SELECT t.expiry_time FROM password_reset_token t where t.token_name = :token", nativeQuery = true)
-	Instant findExpiryTimeByToken(@Param("token") String token);
+	Optional<Instant> findExpiryDateByToken(String token);
 
 	Boolean existsByToken(String token);
 
-	@Query(value = "SELECT t.user_id FROM password_reset_token t where t.token_name = :token", nativeQuery = true)
-	Long findUserIdByToken(@Param("token") String token);
+	Optional<User> findUserByToken(String token);
 
-	@Query(value = "select * from password_reset_token t where t.token_name = :token", nativeQuery = true)
-	Optional<PasswordResetToken> findByToken(@Param("token") String token);
+	Optional<PasswordResetToken> findByToken(String token);
 }

…alidation/annotation/PasswordsMatch.java …validation/annotation/MatchPassword.javasrc/main/java/com/accolite/pru/health/AuthApp/validation/annotation/PasswordsMatch.java renamed to src/main/java/com/accolite/pru/health/AuthApp/validation/annotation/MatchPassword.java src/main/java/com/accolite/pru/health/AuthApp/validation/annotation/PasswordsMatch.java renamed to src/main/java/com/accolite/pru/health/AuthApp/validation/annotation/MatchPassword.java

@@ -1,6 +1,6 @@
 package com.accolite.pru.health.AuthApp.validation.annotation;
 
-import com.accolite.pru.health.AuthApp.validation.validator.PasswordsMatchValidator;
+import com.accolite.pru.health.AuthApp.validation.validator.MatchPasswordValidator;
 
 import javax.validation.Constraint;
 import javax.validation.Payload;
@@ -13,9 +13,9 @@
 
 @Target({ElementType.TYPE, ElementType.ANNOTATION_TYPE})
 @Retention(RetentionPolicy.RUNTIME)
-@Constraint(validatedBy = PasswordsMatchValidator.class)
+@Constraint(validatedBy = MatchPasswordValidator.class)
 @Documented
-public @interface PasswordsMatch {
+public @interface MatchPassword {
 	String message() default "The new passwords must match";
 
 	Class<?>[] groups() default {};

…n/validator/PasswordsMatchValidator.java …on/validator/MatchPasswordValidator.javasrc/main/java/com/accolite/pru/health/AuthApp/validation/validator/PasswordsMatchValidator.java renamed to src/main/java/com/accolite/pru/health/AuthApp/validation/validator/MatchPasswordValidator.java src/main/java/com/accolite/pru/health/AuthApp/validation/validator/PasswordsMatchValidator.java renamed to src/main/java/com/accolite/pru/health/AuthApp/validation/validator/MatchPasswordValidator.java

@@ -1,17 +1,17 @@
 package com.accolite.pru.health.AuthApp.validation.validator;
 
 import com.accolite.pru.health.AuthApp.model.payload.PasswordResetRequest;
-import com.accolite.pru.health.AuthApp.validation.annotation.PasswordsMatch;
+import com.accolite.pru.health.AuthApp.validation.annotation.MatchPassword;
 
 import javax.validation.ConstraintValidator;
 import javax.validation.ConstraintValidatorContext;
 
-public class PasswordsMatchValidator implements ConstraintValidator<PasswordsMatch, PasswordResetRequest> {
+public class MatchPasswordValidator implements ConstraintValidator<MatchPassword, PasswordResetRequest> {
 
 	private Boolean allowNull;
 
 	@Override
-	public void initialize(PasswordsMatch constraintAnnotation) {
+	public void initialize(MatchPassword constraintAnnotation) {
 		allowNull = constraintAnnotation.allowNull();
 	}
 

src/main/resources/application.properties

@@ -5,12 +5,12 @@ server.port=9004
 spring.datasource.driverClassName=com.mysql.jdbc.Driver
 spring.datasource.url=jdbc:mysql://localhost:3306/login_db
 spring.datasource.username=root
-spring.datasource.password=Ashwin@48
+spring.datasource.password=
 spring.datasource.testWhileIdle=true
 spring.datasource.validationQuery=SELECT 1
 
 #JPA properties
-spring.jpa.hibernate.ddl-auto=create-drop
+spring.jpa.hibernate.ddl-auto=none
 spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MySQL5InnoDBDialect
 spring.datasource.initialization-mode=always
 spring.jpa.properties.hibernate.format_sql=true