Merge branch 'release/v1.0.0' into main

Author: Arawns1

server/pom.xml

@@ -10,7 +10,7 @@
 	</parent>
 	<groupId>br.com.it-neki</groupId>
 	<artifactId>nekicard</artifactId>
-	<version>0.0.2</version>
+	<version>1.0.0</version>
 	<name>nekicard</name>
 	<description>Desafio NekiCard</description>
 	<properties>
@@ -62,6 +62,20 @@
 			<version>3.0.0</version>
 		</dependency>
 
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-security</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.security</groupId>
+			<artifactId>spring-security-test</artifactId>
+			<scope>test</scope>
+		</dependency>
+		<dependency>
+			<groupId>com.auth0</groupId>
+			<artifactId>java-jwt</artifactId>
+			<version>4.4.0</version>
+		</dependency>
 	</dependencies>
 
 	<build>

server/src/main/java/br/com/itneki/nekicard/card/controller/CardController.java

@@ -9,7 +9,9 @@
 import io.swagger.v3.oas.annotations.media.Schema;
 import io.swagger.v3.oas.annotations.responses.ApiResponse;
 import io.swagger.v3.oas.annotations.responses.ApiResponses;
+import io.swagger.v3.oas.annotations.security.SecurityRequirement;
 import io.swagger.v3.oas.annotations.tags.Tag;
+import jakarta.servlet.http.HttpServletRequest;
 import jakarta.transaction.Transactional;
 import jakarta.validation.Valid;
 import lombok.RequiredArgsConstructor;
@@ -22,7 +24,8 @@
 @RequestMapping("/card")
 @RestController
 @RequiredArgsConstructor
-@Tag(name="Cartão", description = "Informações e geração de cartões")
+@SecurityRequirement(name = "jwt_auth")
+@Tag(name="3.Cartão", description = "Informações e geração de cartões")
 public class CardController {
 
     private final CardService cardService;
@@ -48,7 +51,7 @@ public ResponseEntity<Object> findById(@PathVariable UUID id){
     }
 
     @Operation(summary = "Salva um novo cartão",
-            description = "Essa função é responsável salvar um novo cartão e vinculá-lo ao usuário"
+            description = "Essa função é responsável salvar um novo cartão e vinculá-lo ao usuário logado"
     )
     @ApiResponses({
             @ApiResponse(responseCode = "200", content = {
@@ -57,13 +60,15 @@ public ResponseEntity<Object> findById(@PathVariable UUID id){
                     )
             }),
     })
-    @PostMapping("/{userId}")
+    @PostMapping
     @Transactional
-    public ResponseEntity<Object> save(@PathVariable UUID userId,
+    public ResponseEntity<Object> save(HttpServletRequest request,
                                        @RequestBody @Valid SaveCardDTO saveCardDTO,
                                        UriComponentsBuilder uriBuilder){
+
+        var userId = request.getAttribute("user_id").toString();
         try{
-            var result = cardService.save(saveCardDTO, userId);
+            var result = cardService.save(saveCardDTO, UUID.fromString(userId));
 
             var uri = uriBuilder.path("/user/{id}")
                                 .buildAndExpand(result.getId())

server/src/main/java/br/com/itneki/nekicard/config/ModelMapperConfig.java

@@ -1,8 +1,8 @@
 package br.com.itneki.nekicard.config;
 
 import br.com.itneki.nekicard.user.domain.User;
-import br.com.itneki.nekicard.user.dto.SignUpUserDTO;
-import br.com.itneki.nekicard.user.dto.UpdateUserDTO;
+import br.com.itneki.nekicard.security.SignUpDTO;
+import br.com.itneki.nekicard.user.dto.UserDetailsDTO;
 import org.modelmapper.ModelMapper;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -12,11 +12,28 @@ public class ModelMapperConfig {
     @Bean
     public ModelMapper modelMapper() {
         var modelMapper = new ModelMapper();
-        modelMapper.typeMap(SignUpUserDTO.class, User.class).addMappings(mapper -> {
-            mapper.map(SignUpUserDTO::getNome, User::setName);
-            mapper.map(SignUpUserDTO::getEmail, User::setEmail);
-            mapper.map(SignUpUserDTO::getDataNascimento, User::setBirthdate);
-            mapper.map(SignUpUserDTO::getSenha, User::setPassword);
+        modelMapper.typeMap(SignUpDTO.class, User.class).addMappings(mapper -> {
+            mapper.map(SignUpDTO::getNome, User::setName);
+            mapper.map(SignUpDTO::getEmail, User::setEmail);
+            mapper.map(SignUpDTO::getDataNascimento, User::setBirthdate);
+            mapper.map(SignUpDTO::getSenha, User::setPassword);
+        });
+
+        modelMapper.typeMap(User.class, UserDetailsDTO.class).addMappings(mapper -> {
+            mapper.map(User::getId, UserDetailsDTO::setId);
+            mapper.map(User::isStatus, UserDetailsDTO::setStatus);
+            mapper.map(User::getName, UserDetailsDTO::setName);
+            mapper.map(User::getEmail, UserDetailsDTO::setEmail);
+            mapper.map(User::getBirthdate, UserDetailsDTO::setBirthdate);
+            mapper.map(User::getProfilePhotoUrl, UserDetailsDTO::setProfilePhotoUrl);
+            mapper.map(User::getLocality, UserDetailsDTO::setLocality);
+            mapper.map(User::getDescription, UserDetailsDTO::setDescription);
+            mapper.map(User::getWorkTime, UserDetailsDTO::setWorkTime);
+            mapper.map(User::getWorkFunction, UserDetailsDTO::setWorkFunction);
+            mapper.map(User::getSocialName, UserDetailsDTO::setSocialName);
+            mapper.map(User::getPhone, UserDetailsDTO::setPhone);
+            mapper.map(User::getCardList, UserDetailsDTO::setCardList);
+            mapper.map(User::getSocialMediaList, UserDetailsDTO::setSocialMediaList);
         });
 
         return modelMapper;

server/src/main/java/br/com/itneki/nekicard/config/SwaggerConfig.java

@@ -13,7 +13,7 @@ public OpenAPI openAPI(){
         return new OpenAPI()
                 .info(new Info().title("NekiCard API Documentation")
                                 .description("Official documentation of NekiCard API Aplication")
-                                .version("0.0.2")
+                                .version("1.0.0")
                                 .contact(new Contact()
                                                 .email("gabrieldamico22@gmail.com")
                                                 .name("Gabriel Damico")

server/src/main/java/br/com/itneki/nekicard/exceptions/AuthenticationException.java

@@ -0,0 +1,7 @@
+package br.com.itneki.nekicard.exceptions;
+
+public class AuthenticationException extends RuntimeException {
+    public AuthenticationException(){
+        super("Username/password incorrect");
+    }
+}

server/src/main/java/br/com/itneki/nekicard/security/AuthResponse.java

@@ -0,0 +1,5 @@
+package br.com.itneki.nekicard.security;
+
+public record AuthResponse(String access_token, Long expires_at){
+
+}

server/src/main/java/br/com/itneki/nekicard/security/JWTProvider.java

@@ -0,0 +1,47 @@
+package br.com.itneki.nekicard.security;
+
+import com.auth0.jwt.interfaces.DecodedJWT;
+import lombok.RequiredArgsConstructor;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.stereotype.Service;
+import com.auth0.jwt.JWT;
+import com.auth0.jwt.algorithms.Algorithm;
+import com.auth0.jwt.exceptions.JWTVerificationException;
+
+import java.time.Duration;
+import java.time.Instant;
+import java.util.List;
+
+@Service
+@RequiredArgsConstructor
+public class JWTProvider {
+
+    private static String secretKey;
+
+    @Value("${security.token.secret}")
+    public void setSecretKey(String secretKey) {
+        JWTProvider.secretKey = secretKey;
+    }
+    public static AuthResponse generateToken(String id, String role) {
+        Algorithm algorithm = Algorithm.HMAC256(secretKey);
+        var expires_at = Instant.now().plus(Duration.ofHours(2));
+        String token = JWT.create()
+                          .withIssuer("http://neki-card.com.br")
+                          .withSubject(id)
+                          .withClaim("role", List.of(role))
+                          .withExpiresAt(expires_at)
+                          .sign(algorithm);
+        return new AuthResponse(token, expires_at.toEpochMilli());
+    }
+
+    public static DecodedJWT validateToken(String token) {
+        token = token.replace("Bearer ", "");
+        Algorithm algorithm = Algorithm.HMAC256(secretKey);
+        try {
+            return JWT.require(algorithm).build().verify(token);
+        } catch (JWTVerificationException ex) {
+            throw new JWTVerificationException("Invalid Token");
+        }
+    }
+}

server/src/main/java/br/com/itneki/nekicard/security/SecurityConfig.java

@@ -0,0 +1,41 @@
+package br.com.itneki.nekicard.security;
+
+import lombok.RequiredArgsConstructor;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpMethod;
+import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
+@Configuration
+@EnableMethodSecurity
+@RequiredArgsConstructor
+public class SecurityConfig {
+    private final SecurityUserFilter securityUserFilter;
+    private static final String[] PERMIT_ALL_LIST = {
+            "/auth/**",
+            "/swagger-ui/**",
+            "/v3/api-docs/**",
+            "/swagger-resources/**"};
+    @Bean
+    SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception{
+        http.csrf(AbstractHttpConfigurer::disable)
+            .authorizeHttpRequests(auth -> auth
+                    .requestMatchers(PERMIT_ALL_LIST).permitAll()
+                    .requestMatchers(HttpMethod.GET,"/user","/user/findAll").authenticated()
+                    .requestMatchers(HttpMethod.GET,"/user/{id}", "/image/**").permitAll()
+                    .anyRequest().authenticated()
+
+                   )
+            .addFilterBefore(securityUserFilter, BasicAuthenticationFilter.class);
+        return  http.build();
+    }
+    @Bean
+    public PasswordEncoder passwordEncoder(){
+        return new BCryptPasswordEncoder();
+    }
+}

server/src/main/java/br/com/itneki/nekicard/security/SecurityUserFilter.java

@@ -0,0 +1,36 @@
+package br.com.itneki.nekicard.security;
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import lombok.RequiredArgsConstructor;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.stereotype.Component;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import java.io.IOException;
+@Component
+@RequiredArgsConstructor
+public class SecurityUserFilter extends OncePerRequestFilter {
+    @Override
+    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
+        String header = request.getHeader("Authorization");
+
+        if(header != null){
+            var token = JWTProvider.validateToken(header);
+            if(token == null){
+                response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+                return;
+            }
+            request.setAttribute("user_id", token.getSubject());
+
+            var roles = token.getClaim("role").asList(Object.class);
+            var grants = roles.stream().map(role -> new SimpleGrantedAuthority("ROLE_" + role.toString())).toList();
+            UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken(token.getSubject(), null, grants);
+            SecurityContextHolder.getContext().setAuthentication(auth);
+        }
+        filterChain.doFilter(request, response);
+    }
+}

server/src/main/java/br/com/itneki/nekicard/security/SignInDTO.java

@@ -0,0 +1,21 @@
+package br.com.itneki.nekicard.security;
+
+import io.swagger.v3.oas.annotations.media.Schema;
+import jakarta.validation.constraints.Email;
+import jakarta.validation.constraints.Pattern;
+import org.hibernate.validator.constraints.Length;
+
+public record SignInDTO(
+        @Schema(example = "user@neki-it.com.br",
+                requiredMode = Schema.RequiredMode.REQUIRED)
+        @Email(message = "O campo (email) deve conter um e-mail válido")
+        @Pattern(regexp = "^[a-zA-Z0-9._%+-]+@(neki-it\\.com\\.br|neki\\.com\\.br)$",
+                message = "Formato de e-mail inválido. O email deve ser do domínio neki-it.com.br ou neki.com.br")
+        String email,
+
+        @Schema(example = "12345678",
+                requiredMode = Schema.RequiredMode.REQUIRED)
+        @Length(min = 8, max = 100, message = "A senha deve conter entre 8 e 100 caracteres")
+        String password) {
+}
+