diff --git a/00-backend/datasource/database.sqlite b/00-backend/datasource/database.sqlite index 670744a..a0688fc 100644 Binary files a/00-backend/datasource/database.sqlite and b/00-backend/datasource/database.sqlite differ diff --git a/00-backend/src/main/java/de/htwsaar/webshop/config/ControllerPathConfig.java b/00-backend/src/main/java/de/htwsaar/webshop/config/ControllerPathConfig.java index e37e24b..1c8302f 100644 --- a/00-backend/src/main/java/de/htwsaar/webshop/config/ControllerPathConfig.java +++ b/00-backend/src/main/java/de/htwsaar/webshop/config/ControllerPathConfig.java @@ -16,6 +16,9 @@ public class ControllerPathConfig { public static final String ACCOUNT_BASE = "/account"; public static final String EMAIL_BASE = "/email"; + //SessionController + public static final String SESSION_BASE = "/session"; + //ArticleController public static final String ARTICLE_BASE = "/article"; public static final String ARTICLE_GET_ALL = ARTICLE_BASE + "/all"; @@ -34,9 +37,4 @@ public class ControllerPathConfig { //ReviewController public static final String REVIEW_BASE = "/review"; public static final String REVIEW_GET_ALL = REVIEW_BASE + "/all"; - - //ImageHardcodeController - - private static final String HARDCODE_IMAGE = "/images"; - public static final String HARDCODE_IMAGE_DPS_STICKER = HARDCODE_IMAGE + "/dps.webp"; } \ No newline at end of file diff --git a/00-backend/src/main/java/de/htwsaar/webshop/config/WebConfig.java b/00-backend/src/main/java/de/htwsaar/webshop/config/WebConfig.java index a5b58b3..b668194 100644 --- a/00-backend/src/main/java/de/htwsaar/webshop/config/WebConfig.java +++ b/00-backend/src/main/java/de/htwsaar/webshop/config/WebConfig.java @@ -12,9 +12,9 @@ public class WebConfig implements WebMvcConfigurer { @Override public void addCorsMappings(CorsRegistry registry) { registry.addMapping("/**") - .allowedOrigins("http://localhost:5173") // Erlaube Anfragen von der Frontend-Domain - .allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS") // Erlaube spezifische HTTP-Methoden - .allowedHeaders("*") // Erlaube alle Header - .allowCredentials(true); // Erlaube Cookies + .allowedOrigins("http://localhost:5173") // Erlaube Anfragen von der Frontend-Domain + .allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS") // Erlaube spezifische HTTP-Methoden + .allowedHeaders("*") // Erlaube alle Header + .allowCredentials(true); // Erlaube Cookies } } diff --git a/00-backend/src/main/java/de/htwsaar/webshop/controller/AccountController.java b/00-backend/src/main/java/de/htwsaar/webshop/controller/AccountController.java index 446b922..ab5db5b 100644 --- a/00-backend/src/main/java/de/htwsaar/webshop/controller/AccountController.java +++ b/00-backend/src/main/java/de/htwsaar/webshop/controller/AccountController.java @@ -45,11 +45,11 @@ public class AccountController { log.warn("[{}] failed Validation, sending bad request", request.getRequestURI()); return ResponseEntity.badRequest().build(); } - if(accountService.existsWithEmail(account.getEmail())) { + if (accountService.existsWithEmail(account.getEmail())) { log.warn("[{}] Account cant be created, Email is already in use", request.getRequestURI()); return ResponseEntity.unprocessableEntity().build(); } - if(accountService.saveNew(account).getId() == null) { + if (accountService.saveNew(account).getId() == null) { return ResponseEntity.internalServerError().build(); } return ResponseEntity.ok().build(); @@ -63,10 +63,10 @@ public class AccountController { log.warn("[{}] failed Validation, sending bad request", request.getRequestURI()); return ResponseEntity.badRequest().build(); } - if(accountService.existsWithEmail(account.getEmail())) { + if (accountService.existsWithEmail(account.getEmail())) { return ResponseEntity.badRequest().build(); } - if(!accountService.deleteIfExists(account)) { + if (!accountService.deleteIfExists(account)) { return ResponseEntity.badRequest().build(); } return ResponseEntity.ok().build(); @@ -74,15 +74,15 @@ public class AccountController { @RequestMapping(path = ACCOUNT_BASE, method = RequestMethod.GET, produces = "application/json") public ResponseEntity getAccount(HttpServletRequest request, - @RequestParam(PARAM_EMAIL) String email, - @RequestParam(PARAM_PASSWORD) String password) { + @RequestParam(PARAM_EMAIL) String email, + @RequestParam(PARAM_PASSWORD) String password) { logRequest(request); - if(!accountService.existsWithEmail(email)) { + if (!accountService.existsWithEmail(email)) { log.warn("[{}] Account doesn't exist", request.getRequestURI()); return ResponseEntity.badRequest().build(); } Account acc = accountService.isValidLogin(email, password); - if(acc == null) { + if (acc == null) { log.warn("[{}] Invalid Credentials", request.getRequestURI()); return ResponseEntity.badRequest().build(); } @@ -95,22 +95,22 @@ public class AccountController { @RequestParam(PARAM_PASSWORD) String password, @RequestBody Account account) { logRequest(request); - if(validatorService.isInvalid(account)) { + if (validatorService.isInvalid(account)) { log.warn("[{}] failed Validation, sending bad request", request.getRequestURI()); return ResponseEntity.badRequest().build(); } - if(!accountService.existsWithEmail(email)) { + if (!accountService.existsWithEmail(email)) { log.warn("[{}] Account doesn't exist", request.getRequestURI()); return ResponseEntity.badRequest().build(); } Account loggedIn = accountService.isValidLogin(email, password); - if(loggedIn == null) { + if (loggedIn == null) { log.warn("[{}] Invalid Credentials", request.getRequestURI()); return ResponseEntity.badRequest().build(); } account.setId(loggedIn.getId()); Account saved = accountService.save(account); - if(saved == null) { + if (saved == null) { return ResponseEntity.internalServerError().build(); } return ResponseEntity.ok(saved); diff --git a/00-backend/src/main/java/de/htwsaar/webshop/controller/CustomerController.java b/00-backend/src/main/java/de/htwsaar/webshop/controller/CustomerController.java index 89fa650..291f95c 100644 --- a/00-backend/src/main/java/de/htwsaar/webshop/controller/CustomerController.java +++ b/00-backend/src/main/java/de/htwsaar/webshop/controller/CustomerController.java @@ -28,7 +28,7 @@ public class CustomerController { @RequestMapping(path = CUSTOMER_BASE, method = RequestMethod.GET, produces = "application/json") public ResponseEntity getCustomerById(HttpServletRequest request, - @RequestParam(PARAM_ID) Long customerId) { + @RequestParam(PARAM_ID) Long customerId) { logRequest(request); if (customerId == null) { log.warn("[{}] failed Validation, sending bad request", request.getRequestURI()); @@ -43,14 +43,14 @@ public class CustomerController { @RequestMapping(path = CUSTOMER_BASE, method = RequestMethod.POST, produces = "application/json") public ResponseEntity createCustomer(HttpServletRequest request, - @RequestBody Customer customer) { + @RequestBody Customer customer) { logRequest(request); if (validatorService.isInvalid(customer)) { log.warn("[{}] failed Validation, sending bad request", request.getRequestURI()); return ResponseEntity.badRequest().build(); } Customer saved = customerService.save(customer); - if(saved.getId() == null) { + if (saved.getId() == null) { return ResponseEntity.internalServerError().build(); } return ResponseEntity.ok(saved); @@ -58,7 +58,7 @@ public class CustomerController { @RequestMapping(path = CUSTOMER_BASE, method = RequestMethod.DELETE, produces = "application/json") public ResponseEntity deleteCustomer(HttpServletRequest request, - @RequestBody Customer customer) { + @RequestBody Customer customer) { logRequest(request); if (validatorService.isInvalid(customer)) { log.warn("[{}] failed Validation, sending bad request", request.getRequestURI()); @@ -77,7 +77,7 @@ public class CustomerController { log.warn("[{}] failed Validation, sending bad request", request.getRequestURI()); return ResponseEntity.badRequest().build(); } - if(customerService.findById(id) == null) { + if (customerService.findById(id) == null) { log.warn("[{}] AccountID doesn't exist", request.getRequestURI()); return ResponseEntity.badRequest().build(); } diff --git a/00-backend/src/main/java/de/htwsaar/webshop/controller/ImageController.java b/00-backend/src/main/java/de/htwsaar/webshop/controller/ImageController.java index 9126a5e..6daee52 100644 --- a/00-backend/src/main/java/de/htwsaar/webshop/controller/ImageController.java +++ b/00-backend/src/main/java/de/htwsaar/webshop/controller/ImageController.java @@ -15,7 +15,8 @@ import java.util.ArrayList; import java.util.List; import java.util.UUID; -import static de.htwsaar.webshop.config.ControllerPathConfig.*; +import static de.htwsaar.webshop.config.ControllerPathConfig.IMAGE_ALL; +import static de.htwsaar.webshop.config.ControllerPathConfig.IMAGE_BASE; import static de.htwsaar.webshop.config.ParameterConfig.*; import static de.htwsaar.webshop.util.LoggerUtil.logRequest; @@ -33,10 +34,10 @@ public class ImageController { @RequestMapping(path = IMAGE_ALL, method = RequestMethod.GET, produces = "application/json") public ResponseEntity> getAll(HttpServletRequest request, - @RequestParam(value = PARAM_UUID) UUID uuid) { + @RequestParam(value = PARAM_UUID) UUID uuid) { logRequest(request); List images = imageService.getImagesByUUID(uuid); - if(images.isEmpty()) { + if (images.isEmpty()) { return new ResponseEntity<>(HttpStatus.NO_CONTENT); } List images_base = new ArrayList<>(); @@ -47,10 +48,10 @@ public class ImageController { @RequestMapping(path = IMAGE_BASE, method = RequestMethod.GET, produces = "text/plain") public ResponseEntity getFirst(HttpServletRequest request, - @RequestParam(value = PARAM_UUID) UUID uuid) { + @RequestParam(value = PARAM_UUID) UUID uuid) { logRequest(request); Image image = imageService.getImageByUUID(uuid); - if(image == null) { + if (image == null) { return new ResponseEntity<>(HttpStatus.NO_CONTENT); } return ResponseEntity.ok(image.getBase64()); @@ -58,8 +59,8 @@ public class ImageController { @RequestMapping(path = IMAGE_BASE, method = RequestMethod.POST, produces = "application/json") public ResponseEntity add(HttpServletRequest request, - @RequestParam(value = PARAM_UUID) UUID articleUuid, - @RequestParam(value = PARAM_IMAGE) MultipartFile file) { + @RequestParam(value = PARAM_UUID) UUID articleUuid, + @RequestParam(value = PARAM_IMAGE) MultipartFile file) { logRequest(request); if (articleUuid == null || articleService.findByUUID(articleUuid) == null @@ -74,8 +75,8 @@ public class ImageController { @RequestMapping(path = IMAGE_ALL, method = RequestMethod.POST, produces = "application/json") public ResponseEntity addAll(HttpServletRequest request, - @RequestParam(value = PARAM_UUID) UUID articleUuid, - @RequestParam(value = PARAM_IMAGE) List files) { + @RequestParam(value = PARAM_UUID) UUID articleUuid, + @RequestParam(value = PARAM_IMAGE) List files) { logRequest(request); if (articleUuid == null || articleService.findByUUID(articleUuid) == null diff --git a/00-backend/src/main/java/de/htwsaar/webshop/controller/ImageHardcodeController.java b/00-backend/src/main/java/de/htwsaar/webshop/controller/ImageHardcodeController.java deleted file mode 100644 index cfb1a4e..0000000 --- a/00-backend/src/main/java/de/htwsaar/webshop/controller/ImageHardcodeController.java +++ /dev/null @@ -1,30 +0,0 @@ -package de.htwsaar.webshop.controller; - -import jakarta.servlet.http.HttpServletRequest; -import lombok.extern.slf4j.Slf4j; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.core.io.Resource; -import org.springframework.core.io.ResourceLoader; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RequestMethod; -import org.springframework.web.bind.annotation.RestController; - -import static de.htwsaar.webshop.config.ControllerPathConfig.HARDCODE_IMAGE_DPS_STICKER; -import static de.htwsaar.webshop.util.LoggerUtil.logRequest; - -@RestController -@Slf4j -public class ImageHardcodeController { - private final ResourceLoader resourceLoader; - - @Autowired - public ImageHardcodeController(ResourceLoader resourceLoader) { - this.resourceLoader = resourceLoader; - } - - @RequestMapping(value = HARDCODE_IMAGE_DPS_STICKER, method = RequestMethod.GET) - Resource dpsSticker(HttpServletRequest request) { - logRequest(request); - return resourceLoader.getResource("classpath:images/dps_sticker.webp"); - } -} diff --git a/00-backend/src/main/java/de/htwsaar/webshop/controller/OrderController.java b/00-backend/src/main/java/de/htwsaar/webshop/controller/OrderController.java index 69517a2..509adb6 100644 --- a/00-backend/src/main/java/de/htwsaar/webshop/controller/OrderController.java +++ b/00-backend/src/main/java/de/htwsaar/webshop/controller/OrderController.java @@ -14,7 +14,8 @@ import java.util.List; import static de.htwsaar.webshop.config.ControllerPathConfig.ORDER_BASE; import static de.htwsaar.webshop.config.ControllerPathConfig.ORDER_GET_ALL; -import static de.htwsaar.webshop.config.ParameterConfig.*; +import static de.htwsaar.webshop.config.ParameterConfig.PARAM_CUSTOMER_ID; +import static de.htwsaar.webshop.config.ParameterConfig.PARAM_ID; import static de.htwsaar.webshop.util.LoggerUtil.logRequest; @RestController @@ -32,10 +33,10 @@ public class OrderController { @RequestMapping(path = ORDER_GET_ALL, method = RequestMethod.GET, produces = "application/json") public ResponseEntity> getAll(HttpServletRequest request, - @RequestParam(value = PARAM_CUSTOMER_ID) Long customerId) { + @RequestParam(value = PARAM_CUSTOMER_ID) Long customerId) { logRequest(request); List orders = orderService.getAllOrders(customerId); - if(orders.isEmpty()) { + if (orders.isEmpty()) { return new ResponseEntity<>(HttpStatus.NO_CONTENT); } return ResponseEntity.ok(orders); @@ -43,10 +44,10 @@ public class OrderController { @RequestMapping(path = ORDER_BASE, method = RequestMethod.GET, produces = "application/json") public ResponseEntity get(HttpServletRequest request, - @RequestParam(value = PARAM_ID) Long orderId) { + @RequestParam(value = PARAM_ID) Long orderId) { logRequest(request); Order image = orderService.getOrderById(orderId); - if(image == null) { + if (image == null) { return new ResponseEntity<>(HttpStatus.NO_CONTENT); } return ResponseEntity.ok(image); diff --git a/00-backend/src/main/java/de/htwsaar/webshop/controller/ReviewController.java b/00-backend/src/main/java/de/htwsaar/webshop/controller/ReviewController.java index 7224de5..22ec83b 100644 --- a/00-backend/src/main/java/de/htwsaar/webshop/controller/ReviewController.java +++ b/00-backend/src/main/java/de/htwsaar/webshop/controller/ReviewController.java @@ -13,7 +13,8 @@ import org.springframework.web.bind.annotation.*; import java.util.List; import java.util.UUID; -import static de.htwsaar.webshop.config.ControllerPathConfig.*; +import static de.htwsaar.webshop.config.ControllerPathConfig.REVIEW_BASE; +import static de.htwsaar.webshop.config.ControllerPathConfig.REVIEW_GET_ALL; import static de.htwsaar.webshop.config.ParameterConfig.*; import static de.htwsaar.webshop.util.LoggerUtil.logRequest; @@ -35,7 +36,7 @@ public class ReviewController { @RequestParam(value = PARAM_UUID) UUID uuid) { logRequest(request); List review = reviewService.getAllByUUID(uuid).stream().map(reviewService::toModel).toList(); - if(review.isEmpty()) { + if (review.isEmpty()) { return ResponseEntity.noContent().build(); } return ResponseEntity.ok(review); @@ -46,7 +47,7 @@ public class ReviewController { @RequestParam(value = PARAM_ID) Long reviewId) { logRequest(request); Review review = reviewService.getReviewById(reviewId); - if(review == null) { + if (review == null) { return ResponseEntity.noContent().build(); } return ResponseEntity.ok(review); @@ -60,7 +61,7 @@ public class ReviewController { logRequest(request); if (uuid == null || articleService.findByUUID(uuid) == null - || rating < 0 || rating > 10) { + || rating < 0 || rating > 10) { log.warn("[{}] failed Validation, sending bad request", request.getRequestURI()); return ResponseEntity.badRequest().body(false); } diff --git a/00-backend/src/main/java/de/htwsaar/webshop/controller/SessionController.java b/00-backend/src/main/java/de/htwsaar/webshop/controller/SessionController.java new file mode 100644 index 0000000..8dba0e7 --- /dev/null +++ b/00-backend/src/main/java/de/htwsaar/webshop/controller/SessionController.java @@ -0,0 +1,80 @@ +package de.htwsaar.webshop.controller; + +import de.htwsaar.webshop.model.SessionModel; +import de.htwsaar.webshop.repository.entities.Account; +import de.htwsaar.webshop.repository.entities.Session; +import de.htwsaar.webshop.service.AccountService; +import de.htwsaar.webshop.service.SessionService; +import lombok.extern.slf4j.Slf4j; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; +import org.springframework.web.bind.annotation.RequestParam; +import org.springframework.web.bind.annotation.RestController; + +import java.util.UUID; + +import static de.htwsaar.webshop.config.ControllerPathConfig.SESSION_BASE; + +@RestController +@Slf4j +public class SessionController { + + private final SessionService sessionService; + private final AccountService accountService; + + @Autowired + public SessionController(SessionService sessionService, AccountService accountService) { + this.sessionService = sessionService; + this.accountService = accountService; + } + + @RequestMapping(value = SESSION_BASE, method = RequestMethod.POST, produces = "application/json") + public ResponseEntity create(@RequestParam String email, @RequestParam String password) { + if (email == null || password == null) { + log.warn("Got bad request, email and password"); + return ResponseEntity.badRequest().build(); + } + Account acc = accountService.isValidLogin(email, password); + if (acc == null) { + log.warn("Got bad request, Account does not exist"); + return ResponseEntity.badRequest().build(); + } + return ResponseEntity.ok(sessionService.create(acc).toModel()); + } + + + @RequestMapping(value = SESSION_BASE, method = RequestMethod.DELETE, produces = "application/json") + public ResponseEntity delete(@RequestParam String email, @RequestParam UUID token) { + if (email == null || token == null) { + log.warn("Got bad request, email and token"); + return ResponseEntity.badRequest().body(false); + } + Session session = sessionService.getByToken(token); + if (!sessionService.isValid(session, email)) { + log.warn("Got bad request, session is invalid"); + return ResponseEntity.badRequest().body(false); + } + sessionService.delete(session); + return ResponseEntity.ok(true); + } + + @RequestMapping(value = SESSION_BASE, method = RequestMethod.GET, produces = "application/json") + public ResponseEntity isValid(@RequestParam String email, @RequestParam UUID token) { + if (email == null || token == null) { + log.warn("Got bad request, email and token"); + return ResponseEntity.badRequest().body(false); + } + Session session = sessionService.getByToken(token); + if (session == null) { + log.warn("Got bad request, session is invalid"); + return ResponseEntity.notFound().build(); + } + if (sessionService.isValid(session, email)) { + return ResponseEntity.ok(true); + } + return ResponseEntity.notFound().build(); + } + +} diff --git a/00-backend/src/main/java/de/htwsaar/webshop/model/SessionModel.java b/00-backend/src/main/java/de/htwsaar/webshop/model/SessionModel.java new file mode 100644 index 0000000..8169123 --- /dev/null +++ b/00-backend/src/main/java/de/htwsaar/webshop/model/SessionModel.java @@ -0,0 +1,24 @@ +package de.htwsaar.webshop.model; + +import jakarta.validation.constraints.Min; +import jakarta.validation.constraints.NotNull; +import lombok.AllArgsConstructor; +import lombok.Getter; +import lombok.Setter; +import lombok.ToString; + +import java.util.UUID; + +import static de.htwsaar.webshop.util.TimeUtil.VALID_MIN_MILLIS_TIMESTAMP; + +@Getter +@Setter +@ToString +@AllArgsConstructor +public class SessionModel { + @NotNull + UUID uuid; + + @Min(VALID_MIN_MILLIS_TIMESTAMP) + long timeout; +} diff --git a/00-backend/src/main/java/de/htwsaar/webshop/repository/ArticleRepository.java b/00-backend/src/main/java/de/htwsaar/webshop/repository/ArticleRepository.java index 735036d..3e99a36 100644 --- a/00-backend/src/main/java/de/htwsaar/webshop/repository/ArticleRepository.java +++ b/00-backend/src/main/java/de/htwsaar/webshop/repository/ArticleRepository.java @@ -3,7 +3,6 @@ package de.htwsaar.webshop.repository; import de.htwsaar.webshop.repository.entities.Article; import lombok.NonNull; import org.springframework.data.jpa.repository.JpaRepository; -import org.springframework.data.jpa.repository.Query; import org.springframework.stereotype.Repository; import java.util.Optional; diff --git a/00-backend/src/main/java/de/htwsaar/webshop/repository/ReviewRepository.java b/00-backend/src/main/java/de/htwsaar/webshop/repository/ReviewRepository.java index a0fb8f6..977471c 100644 --- a/00-backend/src/main/java/de/htwsaar/webshop/repository/ReviewRepository.java +++ b/00-backend/src/main/java/de/htwsaar/webshop/repository/ReviewRepository.java @@ -1,15 +1,14 @@ package de.htwsaar.webshop.repository; -import java.util.List; -import java.util.UUID; -import java.util.stream.Stream; - -import org.springframework.data.jpa.repository.JpaRepository; -import org.springframework.stereotype.Repository; - import de.htwsaar.webshop.repository.entities.Review; import jakarta.validation.constraints.NotNull; import jakarta.validation.constraints.Positive; +import org.springframework.data.jpa.repository.JpaRepository; +import org.springframework.stereotype.Repository; + +import java.util.List; +import java.util.UUID; +import java.util.stream.Stream; @Repository public interface ReviewRepository extends JpaRepository { diff --git a/00-backend/src/main/java/de/htwsaar/webshop/repository/SessionRepository.java b/00-backend/src/main/java/de/htwsaar/webshop/repository/SessionRepository.java new file mode 100644 index 0000000..d200c65 --- /dev/null +++ b/00-backend/src/main/java/de/htwsaar/webshop/repository/SessionRepository.java @@ -0,0 +1,16 @@ +package de.htwsaar.webshop.repository; + +import de.htwsaar.webshop.repository.entities.Account; +import de.htwsaar.webshop.repository.entities.Session; +import org.springframework.data.jpa.repository.JpaRepository; +import org.springframework.stereotype.Repository; + +import java.util.UUID; + +@Repository +public interface SessionRepository extends JpaRepository { + + Session findByAccount(Account account); + + Session getSessionByToken(UUID token); +} diff --git a/00-backend/src/main/java/de/htwsaar/webshop/repository/entities/Account.java b/00-backend/src/main/java/de/htwsaar/webshop/repository/entities/Account.java index 086d62b..ff12a49 100644 --- a/00-backend/src/main/java/de/htwsaar/webshop/repository/entities/Account.java +++ b/00-backend/src/main/java/de/htwsaar/webshop/repository/entities/Account.java @@ -5,6 +5,7 @@ import lombok.AllArgsConstructor; import lombok.Getter; import lombok.NoArgsConstructor; import lombok.Setter; +import org.hibernate.type.NumericBooleanConverter; @Getter @Setter @@ -29,4 +30,9 @@ public class Account { @Column(name = "lang_i18n", nullable = false) private String langI18n; + + + @Convert(converter = NumericBooleanConverter.class) + @Column(name = "admin", nullable = false) + private Boolean admin; } diff --git a/00-backend/src/main/java/de/htwsaar/webshop/repository/entities/Article.java b/00-backend/src/main/java/de/htwsaar/webshop/repository/entities/Article.java index 1bfa0f3..b056edf 100644 --- a/00-backend/src/main/java/de/htwsaar/webshop/repository/entities/Article.java +++ b/00-backend/src/main/java/de/htwsaar/webshop/repository/entities/Article.java @@ -3,11 +3,7 @@ package de.htwsaar.webshop.repository.entities; import jakarta.persistence.*; import jakarta.validation.constraints.Max; import jakarta.validation.constraints.Min; -import lombok.AllArgsConstructor; -import lombok.Getter; -import lombok.NoArgsConstructor; -import lombok.Setter; -import lombok.ToString; +import lombok.*; import java.util.ArrayList; import java.util.List; diff --git a/00-backend/src/main/java/de/htwsaar/webshop/repository/entities/Session.java b/00-backend/src/main/java/de/htwsaar/webshop/repository/entities/Session.java new file mode 100644 index 0000000..e69b8c1 --- /dev/null +++ b/00-backend/src/main/java/de/htwsaar/webshop/repository/entities/Session.java @@ -0,0 +1,37 @@ +package de.htwsaar.webshop.repository.entities; + + +import de.htwsaar.webshop.model.SessionModel; +import jakarta.persistence.*; +import lombok.AllArgsConstructor; +import lombok.Getter; +import lombok.NoArgsConstructor; +import lombok.Setter; + +import java.util.UUID; + +@Getter +@Setter +@AllArgsConstructor +@NoArgsConstructor +@Entity +@Table(name = "Sessions") +public class Session { + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + private Long id; + + @JoinColumn(name = "token", nullable = false) + private UUID token; + + @Column(name = "timeout", nullable = false) + private Long timeout; + + @ManyToOne(fetch = FetchType.EAGER) + @JoinColumn(name = "account_id", referencedColumnName = "id", nullable = false) + private Account account; + + public SessionModel toModel() { + return new SessionModel(token, timeout); + } +} diff --git a/00-backend/src/main/java/de/htwsaar/webshop/service/AccountService.java b/00-backend/src/main/java/de/htwsaar/webshop/service/AccountService.java index d23d46c..313a417 100644 --- a/00-backend/src/main/java/de/htwsaar/webshop/service/AccountService.java +++ b/00-backend/src/main/java/de/htwsaar/webshop/service/AccountService.java @@ -4,8 +4,12 @@ import de.htwsaar.webshop.repository.entities.Account; public interface AccountService { Account saveNew(Account account); + Account save(Account account); + boolean deleteIfExists(Account account); + Account isValidLogin(String email, String password); + boolean existsWithEmail(String email); } \ No newline at end of file diff --git a/00-backend/src/main/java/de/htwsaar/webshop/service/CustomerService.java b/00-backend/src/main/java/de/htwsaar/webshop/service/CustomerService.java index 6f66c38..697bed8 100644 --- a/00-backend/src/main/java/de/htwsaar/webshop/service/CustomerService.java +++ b/00-backend/src/main/java/de/htwsaar/webshop/service/CustomerService.java @@ -4,6 +4,8 @@ import de.htwsaar.webshop.repository.entities.Customer; public interface CustomerService { Customer save(Customer customer); + void delete(Customer customer); + Customer findById(Long id); } diff --git a/00-backend/src/main/java/de/htwsaar/webshop/service/OrderService.java b/00-backend/src/main/java/de/htwsaar/webshop/service/OrderService.java index 9a6c2b4..b3d13ba 100644 --- a/00-backend/src/main/java/de/htwsaar/webshop/service/OrderService.java +++ b/00-backend/src/main/java/de/htwsaar/webshop/service/OrderService.java @@ -6,7 +6,10 @@ import java.util.List; public interface OrderService { Order save(Order order); + void delete(Long orderId); + Order getOrderById(Long orderId); + List getAllOrders(Long customerId); } diff --git a/00-backend/src/main/java/de/htwsaar/webshop/service/PasswordService.java b/00-backend/src/main/java/de/htwsaar/webshop/service/PasswordService.java index 5dbc1e0..694ce58 100644 --- a/00-backend/src/main/java/de/htwsaar/webshop/service/PasswordService.java +++ b/00-backend/src/main/java/de/htwsaar/webshop/service/PasswordService.java @@ -2,5 +2,6 @@ package de.htwsaar.webshop.service; public interface PasswordService { String hashPassword(String password); + boolean verifyPassword(String password, String hashedPassword); } \ No newline at end of file diff --git a/00-backend/src/main/java/de/htwsaar/webshop/service/ReviewService.java b/00-backend/src/main/java/de/htwsaar/webshop/service/ReviewService.java index cd03232..f621ab8 100644 --- a/00-backend/src/main/java/de/htwsaar/webshop/service/ReviewService.java +++ b/00-backend/src/main/java/de/htwsaar/webshop/service/ReviewService.java @@ -1,16 +1,21 @@ package de.htwsaar.webshop.service; -import java.util.List; -import java.util.UUID; - import de.htwsaar.webshop.model.ReviewModel; import de.htwsaar.webshop.repository.entities.Review; +import java.util.List; +import java.util.UUID; + public interface ReviewService { Review save(Review review); + Review save(UUID articleUuid, int rating, String content); + void delete(Long reviewId); + Review getReviewById(Long id); + List getAllByUUID(UUID uuid); + ReviewModel toModel(Review review); } diff --git a/00-backend/src/main/java/de/htwsaar/webshop/service/SessionService.java b/00-backend/src/main/java/de/htwsaar/webshop/service/SessionService.java new file mode 100644 index 0000000..b7e53c6 --- /dev/null +++ b/00-backend/src/main/java/de/htwsaar/webshop/service/SessionService.java @@ -0,0 +1,20 @@ +package de.htwsaar.webshop.service; + +import de.htwsaar.webshop.repository.entities.Account; +import de.htwsaar.webshop.repository.entities.Session; + +import java.util.UUID; + +public interface SessionService { + Session create(Account account); + + void delete(Session session); + + Session findByAccount(Account account); + + Session getByToken(UUID token); + + boolean isValid(Session session, String email); + + boolean isValid(UUID token, String email); +} diff --git a/00-backend/src/main/java/de/htwsaar/webshop/service/impl/AccountServiceImpl.java b/00-backend/src/main/java/de/htwsaar/webshop/service/impl/AccountServiceImpl.java index 32419d0..0f4ae38 100644 --- a/00-backend/src/main/java/de/htwsaar/webshop/service/impl/AccountServiceImpl.java +++ b/00-backend/src/main/java/de/htwsaar/webshop/service/impl/AccountServiceImpl.java @@ -32,7 +32,7 @@ public class AccountServiceImpl implements AccountService { @Override public boolean deleteIfExists(Account account) { Account tbd = accountRepository.getAccountByEmail(account.getEmail()); - if(tbd == null) { + if (tbd == null) { return false; } accountRepository.delete(tbd); @@ -42,7 +42,7 @@ public class AccountServiceImpl implements AccountService { @Override public Account isValidLogin(String email, String password) { Account acc = accountRepository.getAccountByEmail(email); - if(acc == null) { + if (acc == null) { return null; } return passwordService.verifyPassword(password, acc.getPassword()) ? acc : null; diff --git a/00-backend/src/main/java/de/htwsaar/webshop/service/impl/ImageServiceImpl.java b/00-backend/src/main/java/de/htwsaar/webshop/service/impl/ImageServiceImpl.java index 4694f82..43c0aa5 100644 --- a/00-backend/src/main/java/de/htwsaar/webshop/service/impl/ImageServiceImpl.java +++ b/00-backend/src/main/java/de/htwsaar/webshop/service/impl/ImageServiceImpl.java @@ -53,7 +53,7 @@ public class ImageServiceImpl implements ImageService { @Transactional public Image save(UUID uuid, String uri) { Article article = articleService.findByUUID(uuid); - if(article == null) { + if (article == null) { return null; } Image image = new Image(null, article, uri); @@ -63,12 +63,12 @@ public class ImageServiceImpl implements ImageService { @Override public Image save(UUID uuid, MultipartFile file) { - if(uuid == null) { + if (uuid == null) { log.warn("Got no UUID, aborting"); return null; } Article article = articleService.findByUUID(uuid); - if(article == null) { + if (article == null) { log.warn("Could not find article with id {}", uuid); return null; } @@ -79,7 +79,7 @@ public class ImageServiceImpl implements ImageService { try { String based64 = Base64.getEncoder().encodeToString(file.getBytes()); - if(based64 == null || based64.isEmpty()) { + if (based64 == null || based64.isEmpty()) { log.warn("Could not save image with id {} and file size {}", uuid, file.getSize()); return null; } diff --git a/00-backend/src/main/java/de/htwsaar/webshop/service/impl/ReviewServiceImpl.java b/00-backend/src/main/java/de/htwsaar/webshop/service/impl/ReviewServiceImpl.java index e0d7027..f79701a 100644 --- a/00-backend/src/main/java/de/htwsaar/webshop/service/impl/ReviewServiceImpl.java +++ b/00-backend/src/main/java/de/htwsaar/webshop/service/impl/ReviewServiceImpl.java @@ -32,7 +32,7 @@ public class ReviewServiceImpl implements ReviewService { @Override public Review save(UUID articleUuid, int rating, String content) { - if(articleUuid == null) { + if (articleUuid == null) { return null; } Review review = new Review(null, content, articleService.findByUUID(articleUuid), rating, System.currentTimeMillis()); diff --git a/00-backend/src/main/java/de/htwsaar/webshop/service/impl/SessionServiceImpl.java b/00-backend/src/main/java/de/htwsaar/webshop/service/impl/SessionServiceImpl.java new file mode 100644 index 0000000..c3f2b75 --- /dev/null +++ b/00-backend/src/main/java/de/htwsaar/webshop/service/impl/SessionServiceImpl.java @@ -0,0 +1,73 @@ +package de.htwsaar.webshop.service.impl; + +import de.htwsaar.webshop.repository.AccountRepository; +import de.htwsaar.webshop.repository.SessionRepository; +import de.htwsaar.webshop.repository.entities.Account; +import de.htwsaar.webshop.repository.entities.Session; +import de.htwsaar.webshop.service.SessionService; +import de.htwsaar.webshop.util.TimeUtil; +import lombok.extern.slf4j.Slf4j; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + +import java.util.UUID; + + +@Service +@Slf4j +public class SessionServiceImpl implements SessionService { + private final SessionRepository sessionRepository; + private final AccountRepository accountRepository; + + @Autowired + public SessionServiceImpl(SessionRepository sessionRepository, AccountRepository accountRepository) { + this.sessionRepository = sessionRepository; + this.accountRepository = accountRepository; + } + + @Override + public Session create(Account account) { + long timeout = TimeUtil.nowPlusDays(7); + UUID token = UUID.randomUUID(); + log.info("Creating session with account {} and token {} with timeout {} ", account, token, timeout); + return sessionRepository.save(new Session(0L, token, timeout, account)); + } + + @Override + public void delete(Session session) { + sessionRepository.delete(session); + } + + @Override + public Session findByAccount(Account account) { + return sessionRepository.findByAccount(account); + } + + @Override + public Session getByToken(UUID token) { + return sessionRepository.getSessionByToken(token); + } + + @Override + public boolean isValid(Session session, String email) { + if (session == null || email == null) { + return false; + } + Account accountEmail = accountRepository.getAccountByEmail(email); + if (!session.getAccount().equals(accountEmail)) { + return false; + } + if (session.getTimeout() >= System.currentTimeMillis()) { + log.info("Session with email {} is expired", email); + delete(session); + return false; + } + log.info("Session with email {} is valid", email); + return true; + } + + @Override + public boolean isValid(UUID token, String email) { + return isValid(getByToken(token), email); + } +} diff --git a/00-backend/src/main/resources/db/initdb.sql b/00-backend/src/main/resources/db/initdb.sql index 2f9ad95..b3f66ba 100644 --- a/00-backend/src/main/resources/db/initdb.sql +++ b/00-backend/src/main/resources/db/initdb.sql @@ -60,6 +60,7 @@ CREATE TABLE IF NOT EXISTS Accounts email TEXT NOT NULL, password TEXT NOT NULL, lang_i18n TEXT NOT NULL, + admin INTEGER NOT NULL DEFAULT 0, FOREIGN KEY (customer_id) REFERENCES Customers (id) ON DELETE CASCADE ON UPDATE CASCADE @@ -80,4 +81,15 @@ CREATE TABLE IF NOT EXISTS OrderItems FOREIGN KEY (article_id) REFERENCES Articles (id) ON DELETE SET NULL ON UPDATE CASCADE +); + +CREATE TABLE IF NOT EXISTS Sessions +( + id INTEGER NOT NULL PRIMARY KEY, + token TEXT UNIQUE NOT NULL, + timeout INTEGER NOT NULL, + account_id INTEGER NOT NULL, + FOREIGN KEY (account_id) REFERENCES Accounts (id) + ON DELETE CASCADE + ON UPDATE CASCADE ); \ No newline at end of file diff --git a/Komponenten_Stückliste_ Prototyp_2.pdf b/Komponenten_Stückliste_ Prototyp_2.pdf new file mode 100644 index 0000000..4a135ed Binary files /dev/null and b/Komponenten_Stückliste_ Prototyp_2.pdf differ