Added some possible changes to capture more errors and remove Option<User>

Paul Scott · Paul Scott · commit 505c4b0dbf95 · 2025-11-19T12:23:12.000+02:00
diff --git a/http4k-example/src/main/kotlin/za/co/ee/learning/domain/security/JWTProvider.kt b/http4k-example/src/main/kotlin/za/co/ee/learning/domain/security/JWTProvider.kt
@@ -10,7 +10,7 @@ data class TokenInfo(
 )
 
 interface JWTProvider {
-    fun generate(user: User): TokenInfo
+    fun generate(user: User): DomainResult<TokenInfo>
 
     fun verify(jwt: String): DomainResult<UUID>
 }
diff --git a/http4k-example/src/main/kotlin/za/co/ee/learning/domain/security/PasswordProvider.kt b/http4k-example/src/main/kotlin/za/co/ee/learning/domain/security/PasswordProvider.kt
@@ -1,7 +1,9 @@
 package za.co.ee.learning.domain.security
 
+import za.co.ee.learning.domain.DomainResult
+
 interface PasswordProvider {
-    fun encode(password: String): String
+    fun encode(password: String): DomainResult<String>
 
     fun matches(
         password: String,
diff --git a/http4k-example/src/main/kotlin/za/co/ee/learning/domain/users/User.kt b/http4k-example/src/main/kotlin/za/co/ee/learning/domain/users/User.kt
@@ -1,9 +1,10 @@
 package za.co.ee.learning.domain.users
 
+import za.co.ee.learning.domain.DomainResult
 import java.util.UUID
 
 data class User(
     val id: UUID,
     val email: String,
-    val passwordHash: String,
+    val passwordHash: DomainResult<String>,
 )
diff --git a/http4k-example/src/main/kotlin/za/co/ee/learning/domain/users/UserRepository.kt b/http4k-example/src/main/kotlin/za/co/ee/learning/domain/users/UserRepository.kt
@@ -1,10 +1,11 @@
 package za.co.ee.learning.domain.users
 
-import arrow.core.Option
+import arrow.core.Either
+import za.co.ee.learning.domain.DomainError
 import za.co.ee.learning.domain.DomainResult
 
 interface UserRepository {
-    fun findByEmail(email: String): DomainResult<Option<User>>
+    fun findByEmail(email: String): DomainResult<User>
 
     fun findAll(): DomainResult<List<User>>
 }
diff --git a/http4k-example/src/main/kotlin/za/co/ee/learning/domain/users/usecases/Authenticate.kt b/http4k-example/src/main/kotlin/za/co/ee/learning/domain/users/usecases/Authenticate.kt
@@ -1,6 +1,5 @@
 package za.co.ee.learning.domain.users.usecases
 
-import arrow.core.Option
 import arrow.core.left
 import arrow.core.raise.either
 import arrow.core.right
@@ -31,9 +30,10 @@ class Authenticate(
     operator fun invoke(request: AuthenticateRequest): DomainResult<AuthenticateResponse> =
         either {
             val validatedRequest = validate(request).bind()
-            val user = findUser(validatedRequest.email).bind()
-            val authenticatedUser = checkPassword(user, validatedRequest).bind()
-            createToken(authenticatedUser).bind()
+            val user = userRepository.findByEmail(validatedRequest.email).bind()
+            val pwdHashString = user.passwordHash.bind()
+            checkPassword(pwdHashString, validatedRequest).bind()
+            createToken(user).bind()
         }
 
     private fun validate(request: AuthenticateRequest): DomainResult<AuthenticateRequest> {
@@ -56,31 +56,22 @@ class Authenticate(
         return request.right()
     }
 
-    private fun findUser(email: String): DomainResult<User> =
-        either {
-            val optUser: Option<User> = userRepository.findByEmail(email).bind()
-            return optUser.fold(
-                ifEmpty = { DomainError.InvalidCredentials.left() },
-                ifSome = { user -> user.right() },
-            )
-        }
-
     private fun checkPassword(
-        user: User,
+        passwordHash: String,
         validatedRequest: AuthenticateRequest,
-    ): DomainResult<User> {
-        if (passwordProvider.matches(validatedRequest.password, user.passwordHash)) {
-            return user.right()
+    ): DomainResult<Boolean> {
+        if (passwordProvider.matches(validatedRequest.password, passwordHash)) {
+            return true.right()
         }
 
         return DomainError.InvalidCredentials.left()
     }
 
-    private fun createToken(authenticatedUser: User): DomainResult<AuthenticateResponse> {
-        val tokenInfo: TokenInfo = jwtProvider.generate(authenticatedUser)
-        return AuthenticateResponse(
+    private fun createToken(authenticatedUser: User): DomainResult<AuthenticateResponse> = either {
+        val tokenInfo: TokenInfo = jwtProvider.generate(authenticatedUser).bind()
+        AuthenticateResponse(
             token = tokenInfo.token,
             expires = tokenInfo.expires,
-        ).right()
+        )
     }
 }
diff --git a/http4k-example/src/main/kotlin/za/co/ee/learning/infrastructure/database/InMemoryUserRepository.kt b/http4k-example/src/main/kotlin/za/co/ee/learning/infrastructure/database/InMemoryUserRepository.kt
@@ -1,7 +1,9 @@
 package za.co.ee.learning.infrastructure.database
 
+import arrow.core.Either
 import arrow.core.Option
 import arrow.core.right
+import za.co.ee.learning.domain.DomainError
 import za.co.ee.learning.domain.DomainResult
 import za.co.ee.learning.domain.users.User
 import za.co.ee.learning.domain.users.UserRepository
@@ -16,10 +18,10 @@ class InMemoryUserRepository : UserRepository {
     }
 
     // Find the first user in the list that has the matching email, wrap it in an option and return a Either.right()
-    override fun findByEmail(email: String): DomainResult<Option<User>> =
+    override fun findByEmail(email: String): DomainResult<User> =
         Option
             .fromNullable(users.firstOrNull { it.email == email })
-            .right()
+            .toEither { DomainError.InvalidCredentials }
 
     override fun findAll(): DomainResult<List<User>> = users.toList().right()
 }
diff --git a/http4k-example/src/main/kotlin/za/co/ee/learning/infrastructure/security/BCryptPasswordProvider.kt b/http4k-example/src/main/kotlin/za/co/ee/learning/infrastructure/security/BCryptPasswordProvider.kt
@@ -1,10 +1,20 @@
 package za.co.ee.learning.infrastructure.security
 
+import arrow.core.raise.either
 import org.mindrot.jbcrypt.BCrypt
+import za.co.ee.learning.domain.DomainError
+import za.co.ee.learning.domain.DomainResult
 import za.co.ee.learning.domain.security.PasswordProvider
 
 class BCryptPasswordProvider : PasswordProvider {
-    override fun encode(password: String): String = BCrypt.hashpw(password, BCrypt.gensalt())
+    override fun encode(password: String): DomainResult<String> =
+        either {
+            try {
+                BCrypt.hashpw(password, BCrypt.gensalt())
+            } catch (e: Exception) {
+                raise(DomainError.ValidationError("Error encoding password: ${e.message}"))
+            }
+        }
 
     override fun matches(
         password: String,
diff --git a/http4k-example/src/main/kotlin/za/co/ee/learning/infrastructure/security/DefaultJWTProvider.kt b/http4k-example/src/main/kotlin/za/co/ee/learning/infrastructure/security/DefaultJWTProvider.kt
@@ -3,15 +3,15 @@ package za.co.ee.learning.infrastructure.security
 import arrow.core.raise.either
 import com.auth0.jwt.JWT
 import com.auth0.jwt.algorithms.Algorithm
+import com.auth0.jwt.exceptions.JWTCreationException
 import com.auth0.jwt.exceptions.JWTVerificationException
 import za.co.ee.learning.domain.DomainError
 import za.co.ee.learning.domain.DomainResult
 import za.co.ee.learning.domain.security.JWTProvider
 import za.co.ee.learning.domain.security.TokenInfo
 import za.co.ee.learning.domain.users.User
 import java.time.Instant
-import java.util.Date
-import java.util.UUID
+import java.util.*
 
 class DefaultJWTProvider(
     private val secret: String,
@@ -26,24 +26,30 @@ class DefaultJWTProvider(
             .withIssuer(issuer)
             .build()
 
-    override fun generate(user: User): TokenInfo {
-        val now = Instant.now()
-        val expiresAt = now.plusSeconds(expirationSeconds)
+    override fun generate(user: User): DomainResult<TokenInfo> =
+        either {
+            try {
+                val now = Instant.now()
+                val expiresAt = now.plusSeconds(expirationSeconds)
 
-        val token =
-            JWT
-                .create()
-                .withIssuer(issuer)
-                .withSubject(user.id.toString())
-                .withIssuedAt(Date.from(now))
-                .withExpiresAt(Date.from(expiresAt))
-                .sign(algorithm)
+                val token = JWT
+                    .create()
+                    .withIssuer(issuer)
+                    .withSubject(user.id.toString())
+                    .withIssuedAt(Date.from(now))
+                    .withExpiresAt(Date.from(expiresAt))
+                    .sign(algorithm)
 
-        return TokenInfo(
-            token = token,
-            expires = expiresAt.epochSecond,
-        )
-    }
+                TokenInfo(
+                    token = token,
+                    expires = expiresAt.epochSecond,
+                )
+            } catch (e: JWTCreationException) {
+                raise(DomainError.JWTError("Token creation error: ${e.message}"))
+            } catch (e: Exception) {
+                raise(DomainError.JWTError("Token creation failed: ${e.message}"))
+            }
+        }
 
     override fun verify(jwt: String): DomainResult<UUID> =
         either {
diff --git a/http4k-example/src/test/kotlin/za/co/ee/learning/domain/users/usecases/AuthenticateTest.kt b/http4k-example/src/test/kotlin/za/co/ee/learning/domain/users/usecases/AuthenticateTest.kt
@@ -1,5 +1,6 @@
 package za.co.ee.learning.domain.users.usecases
 
+import arrow.core.Either
 import arrow.core.left
 import arrow.core.right
 import arrow.core.some
@@ -28,17 +29,19 @@ class AuthenticateTest :
 
         val validEmail = "user@example.com"
         val validPassword = "SecurePass123"
-        val passwordHash = "hashed_password"
+        val passwordHash = Either.Right("hashed_password")
         val testUser =
             User(
                 id = UUID.randomUUID(),
                 email = validEmail,
                 passwordHash = passwordHash,
             )
         val tokenInfo =
-            TokenInfo(
-                token = "jwt.token.here",
-                expires = 1234567890L,
+            Either.Right(
+                TokenInfo(
+                    token = "jwt.token.here",
+                    expires = 1234567890L,
+                )
             )
 
         beforeTest {
@@ -49,21 +52,21 @@ class AuthenticateTest :
             test("should return token when credentials are valid") {
                 val request = AuthenticateRequest(email = validEmail, password = validPassword)
 
-                every { userRepository.findByEmail(validEmail) } returns testUser.some().right()
-                every { passwordProvider.matches(validPassword, passwordHash) } returns true
+                every { userRepository.findByEmail(validEmail) } returns testUser.right()
+                every { passwordProvider.matches(validPassword, passwordHash.getOrNull()!!) } returns true
                 every { jwtProvider.generate(testUser) } returns tokenInfo
 
                 val result = authenticate(request)
 
                 val value = result.shouldBeRight()
                 value shouldBe
-                    AuthenticateResponse(
-                        token = tokenInfo.token,
-                        expires = tokenInfo.expires,
-                    )
+                        AuthenticateResponse(
+                            token = tokenInfo.getOrNull()!!.token,
+                            expires = tokenInfo.getOrNull()!!.expires,
+                        )
 
                 verify { userRepository.findByEmail(validEmail) }
-                verify { passwordProvider.matches(validPassword, passwordHash) }
+                verify { passwordProvider.matches(validPassword, passwordHash.getOrNull()!!) }
                 verify { jwtProvider.generate(testUser) }
             }
         }
@@ -113,7 +116,7 @@ class AuthenticateTest :
             test("should return InvalidCredentials when user does not exist") {
                 val request = AuthenticateRequest(email = "nonexistent@example.com", password = validPassword)
 
-                every { userRepository.findByEmail("nonexistent@example.com") } returns arrow.core.none<User>().right()
+                every { userRepository.findByEmail("nonexistent@example.com") } returns Either.Left(DomainError.InvalidCredentials)
 
                 val result = authenticate(request)
 
@@ -126,7 +129,7 @@ class AuthenticateTest :
             test("should return InvalidCredentials when repository returns None") {
                 val request = AuthenticateRequest(email = validEmail, password = validPassword)
 
-                every { userRepository.findByEmail(validEmail) } returns arrow.core.none<User>().right()
+                every { userRepository.findByEmail(validEmail) } returns Either.Left(DomainError.InvalidCredentials)
 
                 val result = authenticate(request)
 
@@ -139,16 +142,16 @@ class AuthenticateTest :
             test("should return InvalidCredentials when password does not match") {
                 val request = AuthenticateRequest(email = validEmail, password = "WrongPassword123")
 
-                every { userRepository.findByEmail(validEmail) } returns testUser.some().right()
-                every { passwordProvider.matches("WrongPassword123", passwordHash) } returns false
+                every { userRepository.findByEmail(validEmail) } returns testUser.right()
+                every { passwordProvider.matches("WrongPassword123", passwordHash.getOrNull()!!) } returns false
 
                 val result = authenticate(request)
 
                 val error = result.shouldBeLeft()
                 error shouldBe DomainError.InvalidCredentials
 
                 verify { userRepository.findByEmail(validEmail) }
-                verify { passwordProvider.matches("WrongPassword123", passwordHash) }
+                verify { passwordProvider.matches("WrongPassword123", passwordHash.getOrNull()!!) }
             }
         }
 
diff --git a/http4k-example/src/test/kotlin/za/co/ee/learning/domain/users/usecases/GetUsersTest.kt b/http4k-example/src/test/kotlin/za/co/ee/learning/domain/users/usecases/GetUsersTest.kt
@@ -1,5 +1,6 @@
 package za.co.ee.learning.domain.users.usecases
 
+import arrow.core.Either
 import arrow.core.left
 import arrow.core.right
 import io.kotest.assertions.arrow.core.shouldBeLeft
@@ -26,13 +27,13 @@ class GetUsersTest :
             User(
                 id = UUID.randomUUID(),
                 email = "user1@example.com",
-                passwordHash = "hash1",
+                passwordHash = Either.Right("hash1"),
             )
         val user2 =
             User(
                 id = UUID.randomUUID(),
                 email = "user2@example.com",
-                passwordHash = "hash2",
+                passwordHash = Either.Right("hash2"),
             )
 
         beforeTest {
diff --git a/http4k-example/src/test/kotlin/za/co/ee/learning/infrastructure/api/AuthenticateEndpointTest.kt b/http4k-example/src/test/kotlin/za/co/ee/learning/infrastructure/api/AuthenticateEndpointTest.kt
diff --git a/http4k-example/src/test/kotlin/za/co/ee/learning/infrastructure/api/GetUsersEndpointTest.kt b/http4k-example/src/test/kotlin/za/co/ee/learning/infrastructure/api/GetUsersEndpointTest.kt
diff --git a/http4k-example/src/test/kotlin/za/co/ee/learning/infrastructure/database/InMemoryUserRepositoryTest.kt b/http4k-example/src/test/kotlin/za/co/ee/learning/infrastructure/database/InMemoryUserRepositoryTest.kt
diff --git a/http4k-example/src/test/kotlin/za/co/ee/learning/infrastructure/security/BCryptPasswordProviderTest.kt b/http4k-example/src/test/kotlin/za/co/ee/learning/infrastructure/security/BCryptPasswordProviderTest.kt
diff --git a/http4k-example/src/test/kotlin/za/co/ee/learning/infrastructure/security/DefaultJWTProviderTest.kt b/http4k-example/src/test/kotlin/za/co/ee/learning/infrastructure/security/DefaultJWTProviderTest.kt

Original file line number	Diff line number	Diff line change
`@@ -10,7 +10,7 @@ data class TokenInfo(`
`10`	`10`	`)`
`11`	`11`
`12`	`12`	`interface JWTProvider {`
`13`		`- fun generate(user: User): TokenInfo`
	`13`	`+ fun generate(user: User): DomainResult<TokenInfo>`
`14`	`14`
`15`	`15`	`fun verify(jwt: String): DomainResult<UUID>`
`16`	`16`	`}`