diff options
Diffstat (limited to 'ufund-api/src/main/java/com/ufund/api/ufundapi/controller')
3 files changed, 155 insertions, 61 deletions
diff --git a/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/AuthController.java b/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/AuthController.java new file mode 100644 index 0000000..b46d4ee --- /dev/null +++ b/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/AuthController.java @@ -0,0 +1,62 @@ +package com.ufund.api.ufundapi.controller; + +import java.io.IOException; +import java.util.Map; + +import org.springframework.http.HttpStatus; +import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.DeleteMapping; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestBody; +import org.springframework.web.bind.annotation.RequestHeader; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RestController; + +import com.ufund.api.ufundapi.service.AuthService; + +@RestController +@RequestMapping("auth") +public class AuthController { + private final AuthService authService; + + public AuthController(AuthService authService) { + this.authService = authService; + } + + /** + * Attempts to log in as a user + * + * @param params A json object in the format {username: string, password: string} + * @return An api key and status OK if the authentication was successful, + * Status UNAUTHORIZED if the authentication failed and INTERNAL SERVER ERROR otherwise. + */ + @PostMapping("") + public ResponseEntity<String> login(@RequestBody Map<String, String> params) { + String username = params.get("username"); + String password = params.get("password"); + try { + String key = authService.login(username, password); + return new ResponseEntity<>(key, HttpStatus.OK); + } catch (IllegalAccessException e) { + return new ResponseEntity<>(HttpStatus.UNAUTHORIZED); + } catch (IOException ex) { + return new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR); + } + } + + /** + * Logs out the current user + * + * @param key The API sent by the client in the header + * @return OK if the user was successfully logged out, INTERNAL_SERVER_ERROR otherwise. + */ + @DeleteMapping("") + public ResponseEntity<Object> logout(@RequestHeader("jelly-api-key") String key) { + try { + authService.logout(key); + return new ResponseEntity<>(HttpStatus.OK); + } catch (IOException e) { + return new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR); + } + } +} diff --git a/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/CupboardController.java b/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/CupboardController.java index 4b2a04d..7773028 100644 --- a/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/CupboardController.java +++ b/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/CupboardController.java @@ -1,6 +1,8 @@ package com.ufund.api.ufundapi.controller; import java.io.IOException; +import java.security.InvalidParameterException; +import java.util.Map; import java.util.logging.Level; import java.util.logging.Logger; @@ -17,40 +19,47 @@ import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RestController; import com.ufund.api.ufundapi.model.Need; -import com.ufund.api.ufundapi.persistence.CupboardDAO; +import com.ufund.api.ufundapi.model.Need.GoalType; +import com.ufund.api.ufundapi.service.CupboardService; +import com.ufund.api.ufundapi.DuplicateKeyException; @RestController @RequestMapping("cupboard") public class CupboardController { private static final Logger LOG = Logger.getLogger(CupboardController.class.getName()); - private final CupboardDAO cupboardDAO; + private final CupboardService cupboardService; /** * Create a cupboard controller to receive REST signals * - * @param cupboardDAO The Data Access Object + * @param cupboardService The Data Access Object */ - public CupboardController(CupboardDAO cupboardDAO) { - this.cupboardDAO = cupboardDAO; + public CupboardController(CupboardService cupboardService) { + this.cupboardService = cupboardService; } /** * Creates a Need with the provided object * - * @param need The need to create - * @return OK response and the need if it was successful, INTERNAL_SERVER_ERROR otherwise + * @param params The need to create + * @return OK response and the need if it was successful, + * CONFLICT if another need with the same name exists + * UNPROCESSABLE_ENTITY if the need contains bad data + * INTERNAL_SERVER_ERROR otherwise */ @PostMapping("") - public ResponseEntity<Need> createNeed(@RequestBody Need need) { + public ResponseEntity<Need> createNeed(@RequestBody Map<String, String> params) { + String name = params.get("name"); + int maxGoal = Integer.parseInt(params.get("maxGoal")); + Need.GoalType goalType = GoalType.valueOf(params.get("goalType")); + try { - if (need.getMaxGoal() <= 0) { - return new ResponseEntity<>(HttpStatus.BAD_REQUEST); - } - if (need.getMaxGoal() < need.getCurrent()) { - return new ResponseEntity<>(HttpStatus.BAD_REQUEST); - } - cupboardDAO.createNeed(need); + Need need = cupboardService.createNeed(name, maxGoal, goalType); return new ResponseEntity<>(need, HttpStatus.OK); + } catch (DuplicateKeyException ex) { + return new ResponseEntity<>(HttpStatus.CONFLICT); + } catch (IllegalArgumentException ex) { + return new ResponseEntity<>(HttpStatus.UNPROCESSABLE_ENTITY); } catch (IOException ex) { return new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR); } @@ -69,7 +78,7 @@ public class CupboardController { LOG.info("GET /needs"); try { - Need[] needs = cupboardDAO.getNeeds(); + Need[] needs = cupboardService.getNeeds(); return new ResponseEntity<>(needs, HttpStatus.OK); } catch (IOException e) { LOG.log(Level.SEVERE, e.getLocalizedMessage()); @@ -93,8 +102,8 @@ public class CupboardController { LOG.info("GET /need/?name="+name); try { - Need[] needArray = cupboardDAO.findNeeds(name); - return new ResponseEntity<>(needArray, HttpStatus.OK); + Need[] needs = cupboardService.searchNeeds(name); + return new ResponseEntity<>(needs, HttpStatus.OK); } catch (IOException e) { LOG.log(Level.SEVERE,e.getLocalizedMessage()); return new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR); @@ -106,23 +115,20 @@ public class CupboardController { * * @param id The id used to locate the {@link Need need} * - * @return ResponseEntity with {@link Need need} object and HTTP status of OK if - * found<br> + * @return ResponseEntity with {@link Need need} object and HTTP status of OK if found<br> * ResponseEntity with HTTP status of NOT_FOUND if not found<br> - * ResponseEntity with HTTP status of INTERNAL_SERVER_ERROR otherwise */ @GetMapping("/{id}") public ResponseEntity<Need> getNeed(@PathVariable int id) { LOG.log(Level.INFO, "GET /need/{0}", id); try { - Need need = cupboardDAO.getNeed(id); + Need need = cupboardService.getNeed(id); if (need != null) { return new ResponseEntity<>(need, HttpStatus.OK); } else { return new ResponseEntity<>(HttpStatus.NOT_FOUND); } - } catch (IOException e) { LOG.log(Level.SEVERE, e.getLocalizedMessage()); return new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR); @@ -136,12 +142,17 @@ public class CupboardController { * @param need The need to update * @return OK response and the need if it was successful, or INTERNAL_SERVER_ERROR if there was an issue */ - - @PutMapping("") - public ResponseEntity<Need> updateNeed(@RequestBody Need need) { + @PutMapping("/{id}") + public ResponseEntity<Need> updateNeed(@RequestBody Need need, @PathVariable int id) { try { - need = cupboardDAO.updateNeed(need); - return new ResponseEntity<>(need, HttpStatus.OK); + Need updatedNeed = cupboardService.updateNeed(need, id); + if (updatedNeed != null) { + return new ResponseEntity<>(need, HttpStatus.OK); + } else { + return new ResponseEntity<>(HttpStatus.NOT_FOUND); + } + } catch (InvalidParameterException ex) { + return new ResponseEntity<>(HttpStatus.BAD_REQUEST); } catch (IOException e) { return new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR); } @@ -156,9 +167,9 @@ public class CupboardController { @DeleteMapping("/{id}") public ResponseEntity<Need> deleteNeed(@PathVariable int id) { try { - if (cupboardDAO.getNeed(id) != null) { - cupboardDAO.deleteNeed(id); - return new ResponseEntity<>(HttpStatus.OK); + Need need = cupboardService.getNeed(id); + if (cupboardService.deleteNeed(id)) { + return new ResponseEntity<>(need, HttpStatus.OK); } else { return new ResponseEntity<>(HttpStatus.NOT_FOUND); } diff --git a/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/UserController.java b/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/UserController.java index 4e5f156..adf17a1 100644 --- a/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/UserController.java +++ b/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/UserController.java @@ -1,6 +1,8 @@ package com.ufund.api.ufundapi.controller; import java.io.IOException; +import java.security.InvalidParameterException; +import java.util.Map; import java.util.logging.Level; import java.util.logging.Logger; @@ -12,43 +14,47 @@ import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.PutMapping; import org.springframework.web.bind.annotation.RequestBody; +import org.springframework.web.bind.annotation.RequestHeader; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; +import com.ufund.api.ufundapi.DuplicateKeyException; import com.ufund.api.ufundapi.model.User; -import com.ufund.api.ufundapi.persistence.UserDAO; +import com.ufund.api.ufundapi.service.AuthService; +import com.ufund.api.ufundapi.service.UserService; @RestController @RequestMapping("users") public class UserController { - private static final Logger LOG = Logger.getLogger(CupboardController.class.getName()); - private final UserDAO UserDAO; + private static final Logger LOG = Logger.getLogger(UserController.class.getName()); + private final UserService userService; + private final AuthService authService; - /** - * Create a user controller to receive REST signals - * - * @param userDAO The Data Access Object - */ - public UserController(UserDAO userDAO) { - this.UserDAO = userDAO; + public UserController(UserService userService, AuthService authService) { + this.userService = userService; + this.authService = authService; } /** * Creates a User with the provided object - * - * @param user The user to create + * @param params A map consisting of the parameters for a user * @return OK response and the user if it was successful, INTERNAL_SERVER_ERROR * otherwise */ @PostMapping("") - public ResponseEntity<User> createUser(@RequestBody User user) { + public ResponseEntity<User> createUser(@RequestBody Map<String, String> params) { + String username = params.get("username"); + String password = params.get("password"); + try { - if (UserDAO.createUser(user) != null) { + User user = userService.createUser(username, password); + if (user != null) { return new ResponseEntity<>(user, HttpStatus.CREATED); } else { return new ResponseEntity<>(HttpStatus.CONFLICT); } - + } catch (DuplicateKeyException ex) { + return new ResponseEntity<>(HttpStatus.CONFLICT); } catch (IOException ex) { return new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR); } @@ -57,23 +63,27 @@ public class UserController { /** * Responds to the GET request for a {@linkplain User user} for the given id * + * @param username The name of the user + * @param key The authentication key of the user * @return ResponseEntity with {@link User user} object and HTTP status of OK if * found<br> * ResponseEntity with HTTP status of NOT_FOUND if not found<br> * ResponseEntity with HTTP status of INTERNAL_SERVER_ERROR otherwise */ - @GetMapping("/{name}") - public ResponseEntity<User> getUser(@PathVariable String name) { - LOG.log(Level.INFO, "GET /user/{0}", name); + @GetMapping("/{username}") + public ResponseEntity<User> getUser(@PathVariable String username, @RequestHeader("jelly-api-key") String key) { + LOG.log(Level.INFO, "GET /user/{0}", username); try { - User user = UserDAO.getUser(name); + authService.authenticate(username, key); + User user = userService.getUser(username); if (user != null) { - return new ResponseEntity<>(user, HttpStatus.OK); + return new ResponseEntity<>(user.withoutPasswordHash(), HttpStatus.OK); } else { return new ResponseEntity<>(HttpStatus.NOT_FOUND); } - + } catch (IllegalAccessException ex) { + return new ResponseEntity<>(HttpStatus.UNAUTHORIZED); } catch (IOException e) { LOG.log(Level.SEVERE, e.getLocalizedMessage()); return new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR); @@ -84,42 +94,53 @@ public class UserController { /** * Updates a User with the provided one * - * @param user The user to update + * @param user The user to update + * @param username The name of the user + * @param key The authentication key of the user * @return OK response and the user if it was successful, or * INTERNAL_SERVER_ERROR if there was an issue */ - @PutMapping("/{name}") - public ResponseEntity<User> updateUser(@RequestBody User user, @PathVariable String name) { + @PutMapping("/{username}") + public ResponseEntity<User> updateUser(@RequestBody User user, @PathVariable String username, @RequestHeader("jelly-api-key") String key) { try { - user = UserDAO.updateUser(user, name); + authService.authenticate(username, key); + user = userService.updateUser(user, username); if (user != null) { return new ResponseEntity<>(user, HttpStatus.OK); } else { return new ResponseEntity<>(HttpStatus.NOT_FOUND); } - + } catch (InvalidParameterException ex) { + return new ResponseEntity<>(HttpStatus.BAD_REQUEST); } catch (IOException e) { return new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR); + } catch (IllegalAccessException e) { + return new ResponseEntity<>(HttpStatus.UNAUTHORIZED); } } /** * Deletes a user with the desired name * - * @param name The name of the user + * @param username The name of the user + * @param key The authentication key of the user * @return OK if the user was deleted, NOT_FOUND if the user was not found, or * INTERNAL_SERVER_ERROR if an error occurred */ - @DeleteMapping("/{name}") - public ResponseEntity<User> deleteUser(@PathVariable String name) { + @DeleteMapping("/{username}") + public ResponseEntity<Boolean> deleteUser(@PathVariable String username, @RequestHeader("jelly-api-key") String key) { + try { - if (UserDAO.deleteUser(name)) { + authService.authenticate(username, key); + if (userService.deleteUser(username)) { return new ResponseEntity<>(HttpStatus.OK); } else { return new ResponseEntity<>(HttpStatus.NOT_FOUND); } } catch (IOException e) { return new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR); + } catch (IllegalAccessException e) { + return new ResponseEntity<>(HttpStatus.UNAUTHORIZED); } } |