Merge branch 'refs/heads/service-layer' into api-auth

author: sowgro <tpoke.ferrari@gmail.com> 2025-03-06 19:05:37 -0500
committer: sowgro <tpoke.ferrari@gmail.com> 2025-03-06 19:05:37 -0500
commit: eb4edcc7e7e4f9a6a59bed6d3952486f179fc445 (patch)
tree: 72d10e5e551791ad0d4931e31cffb9a3b03ad4ab /ufund-api/src
parent: 1719047ab97f7773b8b847a10482a8c91b53741d (diff)
parent: 1fe3905e9d4354657d22e9dbc1a244108ab55a83 (diff)
download: JellySolutions-eb4edcc7e7e4f9a6a59bed6d3952486f179fc445.tar.gz
JellySolutions-eb4edcc7e7e4f9a6a59bed6d3952486f179fc445.tar.bz2
JellySolutions-eb4edcc7e7e4f9a6a59bed6d3952486f179fc445.zip
5 files changed, 114 insertions, 51 deletions
diff --git a/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/AuthController.java b/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/AuthController.java
index aa27e3f..1a545f6 100644
--- a/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/AuthController.java
+++ b/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/AuthController.java
@@ -1,8 +1,7 @@
 package com.ufund.api.ufundapi.controller;
 
-import com.ufund.api.ufundapi.model.UserAuth;
-import com.ufund.api.ufundapi.persistence.UserAuthDAO;
-import com.ufund.api.ufundapi.persistence.UserDAO;
+import com.ufund.api.ufundapi.service.AuthService;
+import com.ufund.api.ufundapi.service.UserService;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.*;
@@ -13,12 +12,10 @@ import java.util.Map;
 @RestController
 @RequestMapping("auth")
 public class AuthController {
-    private final UserDAO userDAO;
-    private final UserAuthDAO userAuthDAO;
+    private final AuthService authService;
 
-    public AuthController(UserDAO userDAO, UserAuthDAO userAuthDAO) {
-        this.userDAO = userDAO;
-        this.userAuthDAO = userAuthDAO;
+    public AuthController(AuthService authService) {
+        this.authService = authService;
     }
 
     /**
@@ -31,15 +28,12 @@ public class AuthController {
         String username = params.get("username");
         String password = params.get("password");
         try {
-            var usr = userDAO.getUser(username);
-            if (usr == null || !usr.verifyPassword(password)) {
-                return new ResponseEntity<>(HttpStatus.UNAUTHORIZED);
-            }
-            var userAuth = UserAuth.generate(username);
-            userAuthDAO.addUserAuth(userAuth);
-            return new ResponseEntity<>(userAuth.getKey(), HttpStatus.OK);
+            String key = authService.login(username, password);
+            return new ResponseEntity<>(key, HttpStatus.OK);
         } catch (IOException ex) {
             return new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR);
+        } catch (IllegalAccessException e) {
+            return new ResponseEntity<>(HttpStatus.UNAUTHORIZED);
         }
     }
 
diff --git a/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/UserController.java b/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/UserController.java
index aa9598d..02526af 100644
--- a/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/UserController.java
+++ b/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/UserController.java
@@ -5,29 +5,30 @@ import java.util.Map;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 
-import com.ufund.api.ufundapi.persistence.UserAuthDAO;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.*;
 
 import com.ufund.api.ufundapi.model.User;
-import com.ufund.api.ufundapi.persistence.UserDAO;
+import com.ufund.api.ufundapi.service.AuthService;
+import com.ufund.api.ufundapi.service.UserService;
 
 @RestController
 @RequestMapping("users")
 public class UserController {
     private static final Logger LOG = Logger.getLogger(UserController.class.getName());
-    private final UserDAO UserDAO;
-    private final UserAuthDAO userAuthDAO;
+    private final UserService userService;
+    private final AuthService authService;    
 
     /**
-     * Create a user controller to receive REST signals
-     *
-     * @param userDAO The Data Access Object
+     * Creates a UserController
+     * 
+     * @param userService
+     * @param authService
      */
-    public UserController(UserDAO userDAO, UserAuthDAO userAuthDAO) {
-        this.UserDAO = userDAO;
-        this.userAuthDAO = userAuthDAO;
+    public UserController(UserService userService, AuthService authService) {
+        this.userService = userService;
+        this.authService = authService;
     }
 
     /**
@@ -37,13 +38,14 @@ public class UserController {
      *         otherwise
      */
     @PostMapping("")
-    public ResponseEntity<Boolean> createUser(@RequestBody Map<String, String> params) {
+    public ResponseEntity<User> createUser(@RequestBody Map<String, String> params) {
         String username = params.get("username");
         String password = params.get("password");
 
         try {
-            if (UserDAO.addUser(User.create(username, password)) != null) {
-                return new ResponseEntity<>(true, HttpStatus.CREATED);
+            User user = userService.createUser(username, password);
+            if (user == null) {
+                return new ResponseEntity<>(user, HttpStatus.CREATED);
             } else {
                 return new ResponseEntity<>(HttpStatus.CONFLICT);
             }
@@ -65,19 +67,16 @@ public class UserController {
     public ResponseEntity<User> getUser(@PathVariable String username, @RequestHeader("jelly-api-key") String key) {
         LOG.log(Level.INFO, "GET /user/{0}", username);
 
-        var userAuth = userAuthDAO.getUserAuth(key);
-        if (userAuth == null || !userAuth.getUsername().equals(username)) {
-            return new ResponseEntity<>(HttpStatus.UNAUTHORIZED);
-        }
-
         try {
-            User user = UserDAO.getUser(username);
+            authService.authenticate(username, key);
+            User user = userService.getUser(username);
             if (user != null) {
                 return new ResponseEntity<>(user.withoutPasswordHash(), HttpStatus.OK);
             } else {
                 return new ResponseEntity<>(HttpStatus.NOT_FOUND);
             }
-
+        } catch (IllegalAccessException ex) {
+            return new ResponseEntity<>(HttpStatus.UNAUTHORIZED);
         } catch (IOException e) {
             LOG.log(Level.SEVERE, e.getLocalizedMessage());
             return new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR);
@@ -92,16 +91,12 @@ public class UserController {
      * @return OK response and the user if it was successful, or
      *         INTERNAL_SERVER_ERROR if there was an issue
      */
-    @PutMapping("/{name}")
-    public ResponseEntity<User> updateUser(@RequestBody User user, @PathVariable String name, @RequestHeader("jelly-api-key") String key) {
-
-        var userAuth = userAuthDAO.getUserAuth(key);
-        if (userAuth == null || !userAuth.getUsername().equals(user.getUsername())) {
-            return new ResponseEntity<>(HttpStatus.UNAUTHORIZED);
-        }
+    @PutMapping("/{username}")
+    public ResponseEntity<User> updateUser(@RequestBody User user, @PathVariable String username, @RequestHeader("jelly-api-key") String key) {
 
         try {
-            user = UserDAO.updateUser(user, name);
+            authService.authenticate(username, key);
+            user = userService.updateUser(user, username);
             if (user != null) {
                 return new ResponseEntity<>(user, HttpStatus.OK);
             } else {
@@ -110,6 +105,8 @@ public class UserController {
 
         } catch (IOException e) {
             return new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR);
+        } catch (IllegalAccessException e) {
+            return new ResponseEntity<>(HttpStatus.UNAUTHORIZED);
         }
     }
 
@@ -121,21 +118,19 @@ public class UserController {
      *         INTERNAL_SERVER_ERROR if an error occurred
      */
     @DeleteMapping("/{username}")
-    public ResponseEntity<User> deleteUser(@PathVariable String username, @RequestHeader("jelly-api-key") String key) {
-
-        var userAuth = userAuthDAO.getUserAuth(key);
-        if (userAuth == null || !userAuth.getUsername().equals(username)) {
-            return new ResponseEntity<>(HttpStatus.UNAUTHORIZED);
-        }
+    public ResponseEntity<Boolean> deleteUser(@PathVariable String username, @RequestHeader("jelly-api-key") String key) {
 
         try {
-            if (UserDAO.deleteUser(username)) {
+            authService.authenticate(username, key);
+            if (userService.deleteUser(username)) {
                 return new ResponseEntity<>(HttpStatus.OK);
             } else {
                 return new ResponseEntity<>(HttpStatus.NOT_FOUND);
             }
         } catch (IOException e) {
             return new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR);
+        } catch (IllegalAccessException e) {
+            return new ResponseEntity<>(HttpStatus.UNAUTHORIZED);
         }
     }
 
diff --git a/ufund-api/src/main/java/com/ufund/api/ufundapi/persistence/UserFileDAO.java b/ufund-api/src/main/java/com/ufund/api/ufundapi/persistence/UserFileDAO.java
index 54ce74a..dca812b 100644
--- a/ufund-api/src/main/java/com/ufund/api/ufundapi/persistence/UserFileDAO.java
+++ b/ufund-api/src/main/java/com/ufund/api/ufundapi/persistence/UserFileDAO.java
@@ -97,6 +97,9 @@ public class UserFileDAO implements UserDAO {
         synchronized (users) {
             var res = users.putIfAbsent(user.getUsername(), user);
             save();
+            if (res == null) {
+                return user;
+            }
             return res;
         }
     }
diff --git a/ufund-api/src/main/java/com/ufund/api/ufundapi/service/AuthService.java b/ufund-api/src/main/java/com/ufund/api/ufundapi/service/AuthService.java
index caf1edd..2e644ee 100644
--- a/ufund-api/src/main/java/com/ufund/api/ufundapi/service/AuthService.java
+++ b/ufund-api/src/main/java/com/ufund/api/ufundapi/service/AuthService.java
@@ -1,5 +1,41 @@
 package com.ufund.api.ufundapi.service;
 
+import com.ufund.api.ufundapi.model.UserAuth;
+import com.ufund.api.ufundapi.persistence.UserAuthDAO;
+import org.springframework.stereotype.Component;
+
+import java.io.IOException;
+
+@Component
 public class AuthService {
-    
+
+    private final UserAuthDAO userAuthDAO;
+    private final UserService userService;
+
+    public AuthService(UserAuthDAO userAuthDAO, UserService userService) {
+        this.userAuthDAO = userAuthDAO;
+        this.userService = userService;
+    }
+
+    public UserAuth getUserAuth(String key) {
+        return userAuthDAO.getUserAuth(key);
+    }
+
+    public void authenticate(String username, String key) throws IllegalAccessException {
+        var userAuth = getUserAuth(key);
+        if (userAuth == null || !userAuth.getUsername().equals(username)) {
+            throw new IllegalAccessException("Unauthorized");
+        }
+    }
+
+    public String login(String username, String password) throws IllegalAccessException, IOException {
+        var usr = userService.getUser(username);
+        if (usr == null || !usr.verifyPassword(password)) {
+            throw new IllegalAccessException("Unauthorized");
+        }
+        var userAuth = UserAuth.generate(username);
+        userAuthDAO.addUserAuth(userAuth);
+        return userAuth.getKey();
+    }
+
 }
diff --git a/ufund-api/src/main/java/com/ufund/api/ufundapi/service/UserService.java b/ufund-api/src/main/java/com/ufund/api/ufundapi/service/UserService.java
index 994512d..a545029 100644
--- a/ufund-api/src/main/java/com/ufund/api/ufundapi/service/UserService.java
+++ b/ufund-api/src/main/java/com/ufund/api/ufundapi/service/UserService.java
@@ -1,5 +1,40 @@
 package com.ufund.api.ufundapi.service;
 
+import java.io.IOException;
+
+import com.ufund.api.ufundapi.model.User;
+import com.ufund.api.ufundapi.persistence.UserDAO;
+import org.springframework.stereotype.Component;
+
+@Component
 public class UserService {
+
+    private final UserDAO userDAO;
+
+    /**
+     * Create a user controller to receive REST signals
+     *
+     * @param userDao The Data Access Object
+     */
+    public UserService(UserDAO userDao, AuthService authService) {
+        this.userDAO = userDao;
+    }
+
+    public User createUser(String username, String password) throws IOException {
+        User user = User.create(username, password);
+        return userDAO.addUser(user);
+    }
+
+    public User getUser(String username) throws IOException, IllegalAccessException {
+        return userDAO.getUser(username);
+    }
+
+    public User updateUser(User user, String name) throws IllegalAccessException, IOException {
+        return userDAO.updateUser(user, name);
+    }
+
+    public Boolean deleteUser(String username) throws IllegalAccessException, IOException {
+        return userDAO.deleteUser(username);
+    }
     
 }
author	sowgro <tpoke.ferrari@gmail.com>	2025-03-06 19:05:37 -0500
committer	sowgro <tpoke.ferrari@gmail.com>	2025-03-06 19:05:37 -0500
commit	eb4edcc7e7e4f9a6a59bed6d3952486f179fc445 (patch)
tree	72d10e5e551791ad0d4931e31cffb9a3b03ad4ab /ufund-api/src
parent	1719047ab97f7773b8b847a10482a8c91b53741d (diff)
parent	1fe3905e9d4354657d22e9dbc1a244108ab55a83 (diff)
download	JellySolutions-eb4edcc7e7e4f9a6a59bed6d3952486f179fc445.tar.gz JellySolutions-eb4edcc7e7e4f9a6a59bed6d3952486f179fc445.tar.bz2 JellySolutions-eb4edcc7e7e4f9a6a59bed6d3952486f179fc445.zip