From 190083c13381078832134acd921548cf41810800 Mon Sep 17 00:00:00 2001
From: Andrii Solianyk <asolianik2015@gmail.com>
Date: Sat, 7 Jun 2025 15:18:51 +0200
Subject: [PATCH] ClientId from token in Wishlist controller

---
 .../controller/WishlistController.java        | 30 ++++++++++++++-----
 .../security/JwtRequestFilter.java            |  1 +
 .../security/JwtUtil.java                     |  4 +++
 3 files changed, 27 insertions(+), 8 deletions(-)

diff --git a/src/main/java/_11/asktpk/artisanconnectbackend/controller/WishlistController.java b/src/main/java/_11/asktpk/artisanconnectbackend/controller/WishlistController.java
index 5e95337..6bac08d 100644
--- a/src/main/java/_11/asktpk/artisanconnectbackend/controller/WishlistController.java
+++ b/src/main/java/_11/asktpk/artisanconnectbackend/controller/WishlistController.java
@@ -2,32 +2,36 @@ package _11.asktpk.artisanconnectbackend.controller;
 
 import _11.asktpk.artisanconnectbackend.dto.NoticeDTO;
 import _11.asktpk.artisanconnectbackend.dto.RequestResponseDTO;
-import _11.asktpk.artisanconnectbackend.dto.WishlistDTO;
+import _11.asktpk.artisanconnectbackend.security.JwtUtil;
 import _11.asktpk.artisanconnectbackend.service.ClientService;
 import _11.asktpk.artisanconnectbackend.service.NoticeService;
 import _11.asktpk.artisanconnectbackend.service.WishlistService;
+import jakarta.servlet.http.HttpServletRequest;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.*;
 
 import java.util.List;
 
+@Slf4j
 @RestController
 @RequestMapping("/api/v1/wishlist")
 public class WishlistController {
     private final WishlistService wishlistService;
     private final ClientService clientService;
     private final NoticeService noticeService;
+    private final JwtUtil jwtUtil;
 
-    public WishlistController(WishlistService wishlistService, ClientService clientService, NoticeService noticeService) {
+    public WishlistController(WishlistService wishlistService, ClientService clientService, NoticeService noticeService, JwtUtil jwtUtil) {
         this.wishlistService = wishlistService;
         this.clientService = clientService;
         this.noticeService = noticeService;
+        this.jwtUtil = jwtUtil;
     }
 
     @PostMapping("/toggle/{noticeId}")
-    public ResponseEntity<RequestResponseDTO> toggleWishlist(@PathVariable Long noticeId) {
-
-        Long clientId = 1L;
+    public ResponseEntity<RequestResponseDTO> toggleWishlist(@PathVariable Long noticeId, HttpServletRequest request) {
+        Long clientId = getClientIdFromRequest(request);
         NoticeDTO noticeDTO = noticeService.getNoticeById(noticeId);
         if (noticeDTO == null) {
             return ResponseEntity.badRequest().body(new RequestResponseDTO("Notice not found"));
@@ -51,9 +55,19 @@ public class WishlistController {
 //    }
 
     @GetMapping("/")
-    public List<NoticeDTO> getWishlistForClient() {
-        // TODO: Replace with actual client ID from authentication context
-        Long clientId = 1L;
+    public List<NoticeDTO> getWishlistForClient(HttpServletRequest request) {
+        Long clientId = getClientIdFromRequest(request);
         return wishlistService.getNoticesInWishlist(clientId);
     }
+
+    private Long getClientIdFromRequest(HttpServletRequest request) {
+        String authorizationHeader = request.getHeader("Authorization");
+        if (authorizationHeader != null && authorizationHeader.startsWith("Bearer ")) {
+            Long clientId = jwtUtil.extractUserId(authorizationHeader.substring(7));
+            log.info("Client Id: {}", clientId);
+            return clientId;
+        } else {
+            return null;
+        }
+    }
 }
\ No newline at end of file
diff --git a/src/main/java/_11/asktpk/artisanconnectbackend/security/JwtRequestFilter.java b/src/main/java/_11/asktpk/artisanconnectbackend/security/JwtRequestFilter.java
index 035d373..8f0c1b1 100644
--- a/src/main/java/_11/asktpk/artisanconnectbackend/security/JwtRequestFilter.java
+++ b/src/main/java/_11/asktpk/artisanconnectbackend/security/JwtRequestFilter.java
@@ -53,6 +53,7 @@ public class JwtRequestFilter extends OncePerRequestFilter {
             } catch (ExpiredJwtException expiredJwtException) {
                 logger.error(expiredJwtException.getMessage());
                 response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+                response.getWriter().write(new RequestResponseDTO(expiredJwtException.getMessage()).toJSON());
                 return;
             } catch (Exception e) {
                 logger.error(e.getMessage());
diff --git a/src/main/java/_11/asktpk/artisanconnectbackend/security/JwtUtil.java b/src/main/java/_11/asktpk/artisanconnectbackend/security/JwtUtil.java
index ae36e06..27fee78 100644
--- a/src/main/java/_11/asktpk/artisanconnectbackend/security/JwtUtil.java
+++ b/src/main/java/_11/asktpk/artisanconnectbackend/security/JwtUtil.java
@@ -82,6 +82,10 @@ public class JwtUtil {
         return extractAllClaims(token).get("role", String.class);
     }
 
+    public Long extractUserId(String token) {
+        return extractAllClaims(token).get("userId", Long.class);
+    }
+
     public <T> T extractClaim(String token, Function<Claims, T> claimsResolver) {
         final Claims claims = extractAllClaims(token);
         return claimsResolver.apply(claims);