Json answer
package com.app.blog;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.web.filter.GenericFilterBean;
@SpringBootApplication
public class BlogApplication {
public static void main(String[] args) {
SpringApplication.run(BlogApplication.class, args);
}
@Bean
public FilterRegistrationBean<JwtFilter> jwtFilter() {
FilterRegistrationBean<JwtFilter> registrationBean = new FilterRegistrationBean<>();
registrationBean.setFilter(new JwtFilter());
registrationBean.addUrlPatterns("/api/*");
return registrationBean;
}
}
jwtfilter
package com.app.blog;
import com.app.blog.util.Constants;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;
public class JwtFilter implements Filter {
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpRequest = (HttpServletRequest) request;
String token = httpRequest.getHeader("Authorization");
if (token != null && token.startsWith("Bearer ")) {
try {
token = token.substring(7); // Remove "Bearer " prefix
Claims claims = Jwts.parser()
.setSigningKey(Constants.JWT_SECRET)
.parseClaimsJws(token)
.getBody();
httpRequest.setAttribute("claims", claims);
} catch (Exception e) {
throw new ServletException("Invalid token", e);
}
}
chain.doFilter(request, response); // Pass request along the filter chain
}
}
swagger
package com.app.blog;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import springfox.documentation.builders.PathSelectors;
import springfox.documentation.builders.RequestHandlerSelectors;
import springfox.documentation.service.ApiKey;
import springfox.documentation.service.AuthorizationScope;
import springfox.documentation.service.SecurityReference;
import springfox.documentation.spi.DocumentationType;
import springfox.documentation.spring.web.plugins.Docket;
import springfox.documentation.swagger2.annotations.EnableSwagger2;
@Configuration
@EnableSwagger2
public class SwaggerConfig {
public static final String AUTHORIZATION_HEADER = "Authorization";
@Bean
public Docket api() {
return new Docket(DocumentationType.SWAGGER_2)
.select()
.apis(RequestHandlerSelectors.basePackage("com.app.blog"))
.paths(PathSelectors.any())
.build()
.securitySchemes(Arrays.asList(apiKey()))
.securityContexts(Collections.singletonList(securityContext()));
}
private SecurityContext securityContext() {
return SecurityContext.builder()
.securityReferences(defaultAuth())
.forPaths(PathSelectors.regex("/api.*"))
.build();
}
private List<SecurityReference> defaultAuth() {
AuthorizationScope authorizationScope = new AuthorizationScope("global", "accessEverything");
return Collections.singletonList(new SecurityReference("Bearer", new AuthorizationScope[]{authorizationScope}));
}
private ApiKey apiKey() {
return new ApiKey("Bearer", "Authorization", "header");
}
}
UserController
package com.app.blog.controller;
import com.app.blog.models.Users;
import com.app.blog.dto.UserDTO;
import com.app.blog.util.EntityHawk;
import com.app.blog.util.JWTUtils;
import com.app.blog.repository.UserRepository;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
@RestController
@RequestMapping("/auth")
public class AuthController {
@Autowired
private UserRepository userRepository;
@Autowired
private JWTUtils jwtUtils;
@Autowired
private EntityHawk entityHawk;
@PostMapping("/register")
public ResponseEntity<?> register(@RequestBody UserDTO userDTO) {
Users user = new Users();
user.setUserName(userDTO.getFullName());
user.setEmail(userDTO.getEmail());
user.setPassword(userDTO.getPassword());
userRepository.save(user);
return entityHawk.genericSuccess();
}
@PostMapping("/login")
public ResponseEntity<?> login(@RequestBody UserDTO userDTO) {
Users user = userRepository.findByEmail(userDTO.getEmail());
if (user != null && user.getPassword().equals(userDTO.getPassword())) {
String token = jwtUtils.CreateJWTToken(user);
return entityHawk.genericSuccess(token);
}
return entityHawk.genericError("Invalid credentials");
}
}
GlobalController
package com.app.blog.controller;
import com.app.blog.models.Posts;
import com.app.blog.dto.PostDTO;
import com.app.blog.repository.PostRepository;
import com.app.blog.repository.UserRepository;
import com.app.blog.util.EntityHawk;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
import java.util.List;
@RestController
@RequestMapping("/api")
public class PostController {
@Autowired
private PostRepository postRepository;
@Autowired
private UserRepository userRepository;
@Autowired
private EntityHawk entityHawk;
@PostMapping("/publish")
public ResponseEntity<?> publishPost(@RequestBody PostDTO postDTO, @RequestAttribute("claims") Claims claims) {
Users user = userRepository.findById((Integer) claims.get("user_id")).orElse(null);
if (user != null) {
Posts post = new Posts();
post.setPostTitle(postDTO.getPostTitle());
post.setPostBody(postDTO.getPostBody());
post.setPublishedBy(user);
postRepository.save(post);
return entityHawk.genericSuccess(post);
}
return entityHawk.genericError("User not found");
}
@GetMapping("/getPost")
public ResponseEntity<?> getAllPosts() {
List<Posts> posts = postRepository.findAll();
return entityHawk.genericSuccess(posts);
}
@GetMapping("/getPostCount")
public ResponseEntity<?> getPostCount() {
long count = postRepository.count();
return entityHawk.genericSuccess(count);
}
@GetMapping("/getPostByUser/{userId}")
public ResponseEntity<?> getPostByUser(@PathVariable("userId") Integer userId) {
List<Posts> posts = postRepository.findByPublishedByUserId(userId);
return entityHawk.genericSuccess(posts);
}
@PostMapping("/updatePost")
public ResponseEntity<?> updatePost(@RequestBody PostDTO postDTO, @RequestParam("postId") Integer postId, @RequestAttribute("claims") Claims claims) {
Posts post = postRepository.findById(postId).orElse(null);
if (post != null && post.getPublishedBy().getUserId().equals(claims.get("user_id"))) {
post.setPostTitle(postDTO.getPostTitle());
post.setPostBody(postDTO.getPostBody());
postRepository.save(post);
return entityHawk.genericSuccess(post);
}
return entityHawk.genericError("Post not found or not authorized to edit");
}
@GetMapping("/getPost/{postId}")
public ResponseEntity<?> getPostById(@PathVariable("postId") Integer postId) {
Posts post = postRepository.findById(postId).orElse(null);
return post != null ? entityHawk.genericSuccess(post) : entityHawk.genericError("Post not found");
}
@DeleteMapping("/deletePost/{postId}")
public ResponseEntity<?> deletePost(@PathVariable("postId") Integer postId, @RequestAttribute("claims") Claims claims) {
Posts post = postRepository.findById(postId).orElse(null);
if (post != null && post.getPublishedBy().getUserId().equals(claims.get("user_id"))) {
postRepository.delete(post);
return entityHawk.genericSuccess();
}
return entityHawk.genericError("Post not found or not authorized to delete");
}
}
yml
spring:
datasource:
url: jdbc:h2:mem:blogdb;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE
driverClassName: org.h2.Driver
username: sa
password: password
h2:
console:
enabled: true
jpa:
hibernate:
ddl-auto: update
show-sql: true