Joakim Mörling
8a95483fb8
Add role-based access control to the backend authentication system. The User entity now carries a role field (default 'user'), JWT tokens include a 'role' claim, and the login endpoint populates it from the database. Changes: - User entity: add role column (VARCHAR(20), default 'user') with getter/setter - JwtService: add generateToken(email, role) overload and extractRole(token) - AuthController: pass user.getRole() on login, 'user' on register - Flyway V3: ALTER TABLE users ADD COLUMN role - Flyway V4: seed admin user (admin@bilhalsning.se, role='admin') - AuthControllerTest: add tests for admin role in token, role from DB on login - JwtServiceTest: add tests for role extraction and default role - UserServiceTest: assert role defaults to 'user' on createUser
39 lines
1.6 KiB
Java
39 lines
1.6 KiB
Java
package se.bilhalsning.controller;
|
|
|
|
import jakarta.validation.Valid;
|
|
import lombok.RequiredArgsConstructor;
|
|
import org.springframework.http.HttpStatus;
|
|
import org.springframework.http.ResponseEntity;
|
|
import org.springframework.web.bind.annotation.PostMapping;
|
|
import org.springframework.web.bind.annotation.RequestBody;
|
|
import org.springframework.web.bind.annotation.RequestMapping;
|
|
import org.springframework.web.bind.annotation.RestController;
|
|
import se.bilhalsning.dto.AuthResponse;
|
|
import se.bilhalsning.dto.LoginRequest;
|
|
import se.bilhalsning.dto.RegisterRequest;
|
|
import se.bilhalsning.entity.User;
|
|
import se.bilhalsning.security.JwtService;
|
|
import se.bilhalsning.service.UserService;
|
|
|
|
@RestController
|
|
@RequestMapping("/api/auth")
|
|
@RequiredArgsConstructor
|
|
public class AuthController {
|
|
|
|
private final UserService userService;
|
|
private final JwtService jwtService;
|
|
|
|
@PostMapping("/register")
|
|
public ResponseEntity<AuthResponse> register(@Valid @RequestBody RegisterRequest request) {
|
|
userService.createUser(request.email(), request.password());
|
|
String token = jwtService.generateToken(request.email().toLowerCase().trim(), "user");
|
|
return ResponseEntity.status(HttpStatus.CREATED).body(new AuthResponse(token));
|
|
}
|
|
|
|
@PostMapping("/login")
|
|
public ResponseEntity<AuthResponse> login(@Valid @RequestBody LoginRequest request) {
|
|
User user = userService.authenticate(request.email(), request.password());
|
|
String token = jwtService.generateToken(user.getEmail(), user.getRole());
|
|
return ResponseEntity.ok(new AuthResponse(token));
|
|
}
|
|
}
|