Merge pull request #16 from APSfurizon/authentication

Implement Authentication

Author: stranck

application/pom.xml

@@ -38,6 +38,10 @@
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-oauth2-client</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-configuration-processor</artifactId>
+        </dependency>
         <dependency>
             <groupId>io.micrometer</groupId>
             <artifactId>micrometer-registry-prometheus</artifactId>

application/src/main/java/net/furizon/backend/BackendApplication.java

@@ -2,8 +2,10 @@
 
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.context.properties.ConfigurationPropertiesScan;
 
 @SpringBootApplication
+@ConfigurationPropertiesScan
 public class BackendApplication {
     public static void main(String[] args) {
         SpringApplication.run(BackendApplication.class, args);

application/src/main/java/net/furizon/backend/feature/authentication/Authentication.java

@@ -0,0 +1,29 @@
+package net.furizon.backend.feature.authentication;
+
+import lombok.Builder;
+import lombok.Data;
+import lombok.RequiredArgsConstructor;
+import org.jetbrains.annotations.NotNull;
+
+@Builder
+@Data
+@RequiredArgsConstructor
+public class Authentication {
+    private final long id;
+
+    @NotNull
+    private final String email;
+
+    private final boolean isVerified;
+
+    private final boolean isTwoFactorEnabled;
+
+    private final boolean isDisabled;
+
+    private final boolean isFrom0Auth;
+
+    @NotNull
+    private final String hashedPassword;
+
+    private final long userId;
+}

application/src/main/java/net/furizon/backend/feature/authentication/AuthenticationController.java

@@ -0,0 +1,9 @@
+package net.furizon.backend.feature.authentication;
+
+public enum AuthenticationErrorCode {
+    EMAIL_ALREADY_REGISTERED,
+    EMAIL_NOT_REGISTERED,
+    EMAIL_INVALID,
+    INVALID_CREDENTIALS,
+    AUTHENTICATION_IS_DISABLED
+}

application/src/main/java/net/furizon/backend/feature/authentication/AuthenticationErrorCode.java

@@ -0,0 +1,9 @@
+package net.furizon.backend.feature.authentication;
+
+import java.util.regex.Pattern;
+
+public class Const {
+    public static final String EMAIL_REGEX = "^[A-Za-z0-9+_.-]+@[A-Za-z0-9.-]+\\.[A-Za-z]{2,6}$";
+
+    public static final Pattern EMAIL_PATTERN = Pattern.compile(EMAIL_REGEX);
+}

application/src/main/java/net/furizon/backend/feature/authentication/Const.java

@@ -0,0 +1,11 @@
+package net.furizon.backend.feature.authentication.action.createAuthentication;
+
+import org.jetbrains.annotations.NotNull;
+
+public interface CreateAuthenticationAction {
+    void invoke(
+        long userId,
+        @NotNull String email,
+        @NotNull String password
+    );
+}

application/src/main/java/net/furizon/backend/feature/authentication/action/JooqRemoveSessionAction.java

@@ -0,0 +1,43 @@
+package net.furizon.backend.feature.authentication.action.createAuthentication;
+
+import lombok.RequiredArgsConstructor;
+import net.furizon.backend.infrastructure.security.SecurityConfig;
+import net.furizon.jooq.infrastructure.command.SqlCommand;
+import org.jetbrains.annotations.NotNull;
+import org.jooq.util.postgres.PostgresDSL;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.stereotype.Component;
+
+import static net.furizon.jooq.generated.Tables.AUTHENTICATIONS;
+
+@Component
+@RequiredArgsConstructor
+public class JooqCreateAuthenticationAction implements CreateAuthenticationAction {
+    private final SqlCommand sqlCommand;
+
+    private final PasswordEncoder encoder;
+
+    private final SecurityConfig securityConfig;
+
+    @Override
+    public void invoke(
+        long userId,
+        @NotNull String email,
+        @NotNull String password
+    ) {
+        sqlCommand.execute(
+            PostgresDSL
+                .insertInto(
+                    AUTHENTICATIONS,
+                    AUTHENTICATIONS.USER_ID,
+                    AUTHENTICATIONS.AUTHENTICATION_EMAIL,
+                    AUTHENTICATIONS.AUTHENTICATION_HASHED_PASSWORD
+                )
+                .values(
+                    userId,
+                    email,
+                    encoder.encode(securityConfig.getPasswordSalt() + password)
+                )
+        );
+    }
+}

application/src/main/java/net/furizon/backend/feature/authentication/action/RemoveSessionAction.java

@@ -0,0 +1,73 @@
+package net.furizon.backend.feature.authentication.controller;
+
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.validation.Valid;
+import lombok.RequiredArgsConstructor;
+import net.furizon.backend.feature.authentication.dto.LoginRequest;
+import net.furizon.backend.feature.authentication.dto.LoginResponse;
+import net.furizon.backend.feature.authentication.dto.LogoutUserResponse;
+import net.furizon.backend.feature.authentication.dto.RegisterUserRequest;
+import net.furizon.backend.feature.authentication.dto.RegisterUserResponse;
+import net.furizon.backend.feature.authentication.usecase.LoginUserUseCase;
+import net.furizon.backend.feature.authentication.usecase.LogoutUserUseCase;
+import net.furizon.backend.feature.authentication.usecase.RegisterUserUseCase;
+import net.furizon.backend.infrastructure.security.FurizonUser;
+import net.furizon.backend.infrastructure.usecase.UseCaseExecutor;
+import org.jetbrains.annotations.NotNull;
+import org.jetbrains.annotations.Nullable;
+import org.springframework.http.HttpHeaders;
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestHeader;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+@RequestMapping("/api/v1/authentication")
+@RequiredArgsConstructor
+public class AuthenticationController {
+    private final UseCaseExecutor executor;
+
+    @PostMapping("/login")
+    public LoginResponse loginUser(
+        @Valid @RequestBody final LoginRequest loginRequest,
+        @RequestHeader(value = HttpHeaders.USER_AGENT, required = false) @Nullable String userAgent,
+        HttpServletRequest httpServletRequest
+    ) {
+        return executor.execute(
+            LoginUserUseCase.class,
+            new LoginUserUseCase.Input(
+                loginRequest.getEmail(),
+                loginRequest.getPassword(),
+                httpServletRequest.getRemoteAddr(),
+                userAgent
+            )
+        );
+    }
+
+    @PostMapping("/logout")
+    public LogoutUserResponse logoutUser(
+        @AuthenticationPrincipal @NotNull final FurizonUser user
+    ) {
+        executor.execute(
+            LogoutUserUseCase.class,
+            new LogoutUserUseCase.Input(user.getSessionId())
+        );
+
+        return LogoutUserResponse.SUCCESS;
+    }
+
+
+    @PostMapping("/register")
+    public RegisterUserResponse registerUser(
+        @Valid @RequestBody final RegisterUserRequest registerUserRequest
+    ) {
+        executor.execute(
+            RegisterUserUseCase.class,
+            registerUserRequest
+        );
+
+        return RegisterUserResponse.SUCCESS;
+    }
+}

application/src/main/java/net/furizon/backend/feature/authentication/action/createAuthentication/CreateAuthenticationAction.java

@@ -1,8 +1,22 @@
 package net.furizon.backend.feature.authentication.dto;
 
+import jakarta.validation.constraints.Email;
+import jakarta.validation.constraints.NotEmpty;
+import jakarta.validation.constraints.NotNull;
+import jakarta.validation.constraints.Size;
 import lombok.Data;
 
+import static net.furizon.backend.feature.authentication.Const.EMAIL_REGEX;
+
 @Data
 public class LoginRequest {
+    @NotNull
+    @NotEmpty
+    @Email(regexp = EMAIL_REGEX)
+    private final String email;
 
+    @NotNull
+    @NotEmpty
+    @Size(min = 6)
+    private final String password;
 }

application/src/main/java/net/furizon/backend/feature/authentication/action/createAuthentication/JooqCreateAuthenticationAction.java

@@ -0,0 +1,12 @@
+package net.furizon.backend.feature.authentication.dto;
+
+import lombok.Data;
+import org.jetbrains.annotations.NotNull;
+
+@Data
+public class LoginResponse {
+    private final long userId;
+
+    @NotNull
+    private final String accessToken;
+}

application/src/main/java/net/furizon/backend/feature/authentication/controller/AuthenticationController.java

@@ -0,0 +1,10 @@
+package net.furizon.backend.feature.authentication.dto;
+
+import lombok.Data;
+
+@Data
+public class LogoutUserResponse {
+    public static final LogoutUserResponse SUCCESS = new LogoutUserResponse(true);
+
+    private final boolean success;
+}

application/src/main/java/net/furizon/backend/feature/authentication/dto/LoginRequest.java

@@ -0,0 +1,81 @@
+package net.furizon.backend.feature.authentication.dto;
+
+import jakarta.annotation.Nullable;
+import jakarta.validation.constraints.NotEmpty;
+import jakarta.validation.constraints.NotNull;
+import jakarta.validation.constraints.Past;
+import jakarta.validation.constraints.Size;
+import lombok.Data;
+
+import java.time.LocalDate;
+
+// Italian stuff needed by law for associations.
+// If for some reason you have to adopt this codebase in your country,
+// you probably must adapt or change the membership code
+@Data
+public class PersonalUserInformation {
+    @NotNull
+    @NotEmpty
+    @Size(min = 2)
+    private final String firstName;
+
+    @NotNull
+    @NotEmpty
+    @Size(min = 2)
+    private final String lastName;
+
+    // Italian person "id". For non italian ppl leave this to null
+    // If null, in documents this should appear as ""
+    @Nullable
+    @Size(min = 16, max = 16)
+    private final String fiscalCode;
+
+    @NotNull
+    @NotEmpty
+    @Size(min = 2)
+    private final String birthCity;
+
+    @Nullable
+    @NotEmpty
+    @Size(min = 2)
+    private final String birthRegion;
+
+    @NotNull
+    @NotEmpty
+    @Size(min = 2)
+    private final String birthCountry;
+
+    @NotNull
+    @Past
+    private final LocalDate birthday;
+
+    @NotNull
+    @NotEmpty
+    @Size(min = 2)
+    private final String residenceAddress;
+
+    @NotNull
+    @NotEmpty
+    @Size(max = 16)
+    private final String residenceZipCode;
+
+    @NotNull
+    @NotEmpty
+    @Size(min = 2)
+    private final String residenceCity;
+
+    @Nullable
+    @NotEmpty
+    @Size(min = 2)
+    private final String residenceRegion;
+
+    @NotNull
+    @NotEmpty
+    @Size(min = 2)
+    private final String residenceCountry;
+
+    @NotNull
+    @NotEmpty
+    @Size(min = 2)
+    private final String phoneNumber;
+}