Merge branch 'autoryzacja'

2025-06-07 14:38:50 +02:00
parent 62a5ad1bc6 5262749e2d
commit 501121f235
22 changed files with 571 additions and 51 deletions
--- a/pom.xml
+++ b/pom.xml
@@ -44,6 +44,11 @@
            <scope>runtime</scope>
            <optional>true</optional>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-oauth2-resource-server</artifactId>
            <version>2.4.12</version>
        </dependency>
        <dependency>
            <groupId>org.postgresql</groupId>
            <artifactId>postgresql</artifactId>
@@ -83,6 +88,32 @@
            <version>3.3.4</version>
        </dependency>
        <dependency>
            <groupId>io.jsonwebtoken</groupId>
            <artifactId>jjwt-api</artifactId>
            <version>0.11.5</version>
        </dependency>
        <dependency>
            <groupId>io.jsonwebtoken</groupId>
            <artifactId>jjwt-impl</artifactId>
            <version>0.11.5</version>
            <scope>runtime</scope>
        </dependency>
        <dependency>
            <groupId>io.jsonwebtoken</groupId>
            <artifactId>jjwt-jackson</artifactId>
            <version>0.11.5</version>
            <scope>runtime</scope>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-test</artifactId>
            <scope>test</scope>
        </dependency>
    </dependencies>
    <build>
--- a/src/main/java/_11/asktpk/artisanconnectbackend/config/AppConfig.java
+++ b/src/main/java/_11/asktpk/artisanconnectbackend/config/AppConfig.java
@@ -0,0 +1,15 @@
 package _11.asktpk.artisanconnectbackend.config;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
@Configuration
 public class AppConfig {
    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }
 }
--- a/src/main/java/_11/asktpk/artisanconnectbackend/config/SecurityConfig.java
+++ b/src/main/java/_11/asktpk/artisanconnectbackend/config/SecurityConfig.java
@@ -0,0 +1,38 @@
 package _11.asktpk.artisanconnectbackend.config;
 import _11.asktpk.artisanconnectbackend.security.JwtRequestFilter;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
@Configuration
@EnableWebSecurity
 public class SecurityConfig {
    private final JwtRequestFilter jwtRequestFilter;
    public SecurityConfig(JwtRequestFilter jwtRequestFilter) {
        this.jwtRequestFilter = jwtRequestFilter;
    }
    @Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
        http
                .cors(cors -> cors.configure(http))
                .csrf(AbstractHttpConfigurer::disable)
                .authorizeHttpRequests(auth -> auth
                        .requestMatchers("/api/v1/auth/**").permitAll()
                        .anyRequest().authenticated())
                .sessionManagement(session -> session
                        .sessionCreationPolicy(SessionCreationPolicy.STATELESS));
        http.addFilterBefore(jwtRequestFilter, UsernamePasswordAuthenticationFilter.class);
        return http.build();
    }
 }
--- a/src/main/java/_11/asktpk/artisanconnectbackend/controller/AuthController.java
+++ b/src/main/java/_11/asktpk/artisanconnectbackend/controller/AuthController.java
@@ -0,0 +1,126 @@
 package _11.asktpk.artisanconnectbackend.controller;
 import _11.asktpk.artisanconnectbackend.dto.*;
 import _11.asktpk.artisanconnectbackend.entities.Client;
 import _11.asktpk.artisanconnectbackend.security.JwtUtil;
 import _11.asktpk.artisanconnectbackend.service.ClientService;
 import jakarta.servlet.http.HttpServletRequest;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.http.*;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.client.HttpClientErrorException;
 import org.springframework.web.client.RestTemplate;
 import java.util.Map;
@Slf4j
@RestController
@RequestMapping("/api/v1/auth")
 public class AuthController {
    private final ClientService clientService;
    private final JwtUtil jwtUtil;
    public AuthController(ClientService clientService, JwtUtil jwtUtil) {
        this.clientService = clientService;
        this.jwtUtil = jwtUtil;
    }
    @PostMapping("/login")
    public ResponseEntity<AuthResponseDTO> login(@RequestBody AuthRequestDTO authRequestDTO) {
        if (clientService.checkClientCredentials(authRequestDTO)) {
            Client client = clientService.getClientByEmail(authRequestDTO.getEmail());
            Long userId = client.getId();
            String userRole = client.getRole().getRole();
            String token = jwtUtil.generateToken(client.getEmail(), userRole, userId);
            log.info("User logged in with {}", client.getEmail());
            return ResponseEntity.status(HttpStatus.OK)
                    .body(new AuthResponseDTO(userId, userRole, token));
        } else {
            return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body(null);
        }
    }
    @PostMapping("/register")
    public ResponseEntity<AuthResponseDTO> register(@RequestBody ClientRegistrationDTO clientDTO) {
        if (clientService.getClientByEmail(clientDTO.getEmail()) != null) {
            return ResponseEntity.status(HttpStatus.CONFLICT).build();
        }
        ClientDTO savedClient = clientService.registerClient(clientDTO);
        String token = jwtUtil.generateToken(
                savedClient.getEmail(),
                savedClient.getRole(),
                savedClient.getId()
        );
        log.info("New user registered with {}", savedClient.getEmail());
        return ResponseEntity.status(HttpStatus.CREATED)
                .body(new AuthResponseDTO(
                        savedClient.getId(),
                        savedClient.getRole(),
                        token
                ));
    }
    @PostMapping("/logout")
    public ResponseEntity<RequestResponseDTO> logout(HttpServletRequest request) {
        String authHeader = request.getHeader("Authorization");
        if (authHeader != null && authHeader.startsWith("Bearer ")) {
            String token = authHeader.substring(7);
            jwtUtil.blacklistToken(token);
            return ResponseEntity.ok(new RequestResponseDTO("Successfully logged out"));
        }
        return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(new RequestResponseDTO("Invalid token"));
    }
    @PostMapping("/google")
    public ResponseEntity<?> authenticateWithGoogle(@RequestBody GoogleAuthRequestDTO dto) {
        try {
            String accessToken = dto.getGoogleToken();
            String googleUserInfoUrl = "https://www.googleapis.com/oauth2/v3/userinfo";
            HttpHeaders headers = new HttpHeaders();
            headers.setBearerAuth(accessToken);
            HttpEntity<String> entity = new HttpEntity<>(headers);
            RestTemplate restTemplate = new RestTemplate();
            ResponseEntity<Map> response = restTemplate.exchange(
                    googleUserInfoUrl, HttpMethod.GET, entity, Map.class);
            Map<String, Object> userInfo = response.getBody();
 //                String googleId = (String) userInfo.get("sub");  Potencjalnie możemy używać googlowskiego ID, ale to ma konflikt z naszym generowanym
            assert userInfo != null;
            String email = (String) userInfo.get("email");
            String name = (String) userInfo.get("name");
            Client client = clientService.getClientByEmail(email);
            if (client == null) {
                client = new Client();
                client.setEmail(email);
                client.setFirstName(name);
                client.setRole(clientService.getUserRole()); // to pobiera po prostu role "USER" z tabeli w bazie
                clientService.saveClientToDB(client);
            }
            String jwt = jwtUtil.generateToken(client.getEmail(), client.getRole().getRole(), client.getId());
            log.info("User authenticated with google: {}", email);
            return ResponseEntity.ok(new AuthResponseDTO(client.getId(), client.getRole().getRole(), jwt));
        } catch (HttpClientErrorException httpClientErrorException) {
            log.error("Token is invalid or expired");
            return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body(new RequestResponseDTO("Invalid access token"));
        } catch (Exception e) {
            log.error("Error while checking Google access token", e);
            return ResponseEntity.status(HttpStatus.UNAUTHORIZED)
                    .body(new RequestResponseDTO("Authentication Error (Google): " + e.getMessage()));
        }
    }
 }
--- a/src/main/java/_11/asktpk/artisanconnectbackend/controller/ClientController.java
+++ b/src/main/java/_11/asktpk/artisanconnectbackend/controller/ClientController.java
@@ -24,16 +24,16 @@ public class ClientController {
    }
    @GetMapping("/get/{id}")
-    public ResponseEntity getClientById(@PathVariable long id) {
+    public ResponseEntity<?> getClientById(@PathVariable long id) {
        if(clientService.getClientById(id) != null) {
-            return new ResponseEntity(clientService.getClientById(id), HttpStatus.OK);
+            return new ResponseEntity<>(clientService.getClientByIdDTO(id), HttpStatus.OK);
        } else {
-            return new ResponseEntity(HttpStatus.NOT_FOUND);
+            return new ResponseEntity<>(HttpStatus.NOT_FOUND);
        }
    }
    @PostMapping("/add")
-    public ResponseEntity addClient(@RequestBody ClientDTO clientDTO) {
+    public ResponseEntity<?> addClient(@RequestBody ClientDTO clientDTO) {
        if(clientService.clientExists(clientDTO.getId())) {
            return new ResponseEntity<>(HttpStatus.CONFLICT);
        } else {
@@ -43,7 +43,7 @@ public class ClientController {
    // TODO: do zrobienia walidacja danych
    @PutMapping("/edit/{id}")
-    public ResponseEntity updateClient(@PathVariable("id") long id, @RequestBody ClientDTO clientDTO) {
+    public ResponseEntity<?> updateClient(@PathVariable("id") long id, @RequestBody ClientDTO clientDTO) {
        if(clientService.clientExists(id)) {
            return new ResponseEntity<>(clientService.updateClient(id, clientDTO),HttpStatus.OK);
        } else {
@@ -52,7 +52,7 @@ public class ClientController {
    }
    @DeleteMapping("/delete/{id}")
-    public ResponseEntity deleteClient(@PathVariable("id") long id) {
+    public ResponseEntity<?> deleteClient(@PathVariable("id") long id) {
        if(clientService.clientExists(id)) {
            clientService.deleteClient(id);
            return new ResponseEntity<>(HttpStatus.OK);
--- a/src/main/java/_11/asktpk/artisanconnectbackend/controller/VariablesController.java
+++ b/src/main/java/_11/asktpk/artisanconnectbackend/controller/VariablesController.java
@@ -13,7 +13,6 @@ import java.util.Map;
@RestController
@RequestMapping("/api/v1/vars")
 public class VariablesController {
    @GetMapping("/categories")
    public List<CategoriesDTO> getAllVariables() {
        List<CategoriesDTO> categoriesDTOList = new ArrayList<>();
@@ -31,10 +30,4 @@ public class VariablesController {
    public List<Enums.Status> getAllStatuses() {
        return List.of(Enums.Status.values());
    }
    @GetMapping("/roles")
    public List<Enums.Role> getAllRoles() {
        return List.of(Enums.Role.values());
    }
 }
--- a/src/main/java/_11/asktpk/artisanconnectbackend/dto/AuthRequestDTO.java
+++ b/src/main/java/_11/asktpk/artisanconnectbackend/dto/AuthRequestDTO.java
@@ -0,0 +1,10 @@
 package _11.asktpk.artisanconnectbackend.dto;
 import lombok.Getter;
 import lombok.Setter;
@Getter @Setter
 public class AuthRequestDTO {
    private String email;
    private String password;
 }
--- a/src/main/java/_11/asktpk/artisanconnectbackend/dto/AuthResponseDTO.java
+++ b/src/main/java/_11/asktpk/artisanconnectbackend/dto/AuthResponseDTO.java
@@ -0,0 +1,12 @@
 package _11.asktpk.artisanconnectbackend.dto;
 import lombok.AllArgsConstructor;
 import lombok.Getter;
 import lombok.Setter;
@Getter @Setter @AllArgsConstructor
 public class AuthResponseDTO {
    private Long user_id;
    private String user_role;
    private String token;
 }
--- a/src/main/java/_11/asktpk/artisanconnectbackend/dto/ClientDTO.java
+++ b/src/main/java/_11/asktpk/artisanconnectbackend/dto/ClientDTO.java
@@ -6,8 +6,6 @@ import lombok.Setter;
 import jakarta.validation.constraints.Email;
 import _11.asktpk.artisanconnectbackend.utils.Enums.Role;
@Getter @Setter
 public class ClientDTO {
    private Long id;
@@ -18,5 +16,5 @@ public class ClientDTO {
    private String firstName;
    private String lastName;
    private String image;
-    private Role role;
+    private String role;
 }
--- a/src/main/java/_11/asktpk/artisanconnectbackend/dto/ClientRegistrationDTO.java
+++ b/src/main/java/_11/asktpk/artisanconnectbackend/dto/ClientRegistrationDTO.java
@@ -0,0 +1,16 @@
 package _11.asktpk.artisanconnectbackend.dto;
 import jakarta.validation.constraints.Email;
 import jakarta.validation.constraints.NotBlank;
 import lombok.Getter;
 import lombok.Setter;
@Getter @Setter
 public class ClientRegistrationDTO {
    @Email
    @NotBlank
    private String email;
    private String firstName;
    private String lastName;
    private String password;
 }
--- a/src/main/java/_11/asktpk/artisanconnectbackend/dto/GoogleAuthRequestDTO.java
+++ b/src/main/java/_11/asktpk/artisanconnectbackend/dto/GoogleAuthRequestDTO.java
@@ -0,0 +1,9 @@
 package _11.asktpk.artisanconnectbackend.dto;
 import lombok.Getter;
 import lombok.Setter;
@Getter @Setter
 public class GoogleAuthRequestDTO {
    private String googleToken;
 }
--- a/src/main/java/_11/asktpk/artisanconnectbackend/dto/RequestResponseDTO.java
+++ b/src/main/java/_11/asktpk/artisanconnectbackend/dto/RequestResponseDTO.java
@@ -10,4 +10,8 @@ public class RequestResponseDTO {
    public RequestResponseDTO(String message) {
        this.message = message;
    }
    public String toJSON() {
        return "{\"message\":\"" + message + "\"}";
    }
 }
--- a/src/main/java/_11/asktpk/artisanconnectbackend/entities/Client.java
+++ b/src/main/java/_11/asktpk/artisanconnectbackend/entities/Client.java
@@ -1,11 +1,11 @@
 package _11.asktpk.artisanconnectbackend.entities;
 import _11.asktpk.artisanconnectbackend.utils.Enums.Role;
 import jakarta.persistence.*;
 import lombok.Getter;
 import lombok.Setter;
 import org.hibernate.annotations.CreationTimestamp;
 import java.util.Date;
 import java.util.List;
@Entity
@@ -24,14 +24,15 @@ public class Client {
    private String lastName;
-    private String image; // Optional field
+    private String image;
-    @Enumerated(EnumType.STRING)
+    @ManyToOne(cascade = CascadeType.ALL)
    @JoinColumn(name = "role_id", referencedColumnName = "id")
    private Role role;
 //    @OneToMany(mappedBy = "client", cascade = CascadeType.ALL)
 //    private List<Notice> notices;
    @OneToMany(mappedBy = "client", cascade = CascadeType.ALL)
    private List<Order> orders;
    @CreationTimestamp
    private Date createdAt;
 }
--- a/src/main/java/_11/asktpk/artisanconnectbackend/entities/GlobalVariables.java
+++ b/src/main/java/_11/asktpk/artisanconnectbackend/entities/GlobalVariables.java
@@ -1,16 +0,0 @@
 package _11.asktpk.artisanconnectbackend.entities;
 import jakarta.persistence.*;
@Entity
@Table(name = "global_variables")
 public class GlobalVariables {
    @Id
    @GeneratedValue(strategy = GenerationType.IDENTITY)
    private Long id;
    private String name;
    private String value;
    // Getters, setters, and constructors
 }
--- a/src/main/java/_11/asktpk/artisanconnectbackend/entities/Role.java
+++ b/src/main/java/_11/asktpk/artisanconnectbackend/entities/Role.java
@@ -0,0 +1,19 @@
 package _11.asktpk.artisanconnectbackend.entities;
 import jakarta.persistence.Column;
 import jakarta.persistence.Entity;
 import jakarta.persistence.Id;
 import jakarta.persistence.Table;
 import lombok.Getter;
 import lombok.Setter;
@Entity
@Table(name = "roles")
@Getter
@Setter
 public class Role {
    @Id
    private Long id;
    @Column(name="rolename")
    private String role;
 }
--- a/src/main/java/_11/asktpk/artisanconnectbackend/repository/ClientRepository.java
+++ b/src/main/java/_11/asktpk/artisanconnectbackend/repository/ClientRepository.java
@@ -1,8 +1,8 @@
 package _11.asktpk.artisanconnectbackend.repository;
 import _11.asktpk.artisanconnectbackend.entities.Client;
 import org.springframework.data.jpa.repository.JpaRepository;
 public interface ClientRepository extends JpaRepository<Client, Long> {
    Client findByEmail(String email);
 }
--- a/src/main/java/_11/asktpk/artisanconnectbackend/repository/RolesRepository.java
+++ b/src/main/java/_11/asktpk/artisanconnectbackend/repository/RolesRepository.java
@@ -0,0 +1,12 @@
 package _11.asktpk.artisanconnectbackend.repository;
 import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.stereotype.Repository;
 import _11.asktpk.artisanconnectbackend.entities.Role;
@Repository
 public interface RolesRepository extends JpaRepository<Role, String> {
    Role findRoleById(Long id);
    Role findRoleByRole(String role);
 }
--- a/src/main/java/_11/asktpk/artisanconnectbackend/security/JwtRequestFilter.java
+++ b/src/main/java/_11/asktpk/artisanconnectbackend/security/JwtRequestFilter.java
@@ -0,0 +1,79 @@
 package _11.asktpk.artisanconnectbackend.security;
 import _11.asktpk.artisanconnectbackend.dto.RequestResponseDTO;
 import io.jsonwebtoken.ExpiredJwtException;
 import jakarta.servlet.FilterChain;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import org.jetbrains.annotations.NotNull;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
 import org.springframework.stereotype.Component;
 import org.springframework.web.filter.OncePerRequestFilter;
 import java.io.IOException;
 import java.util.Collections;
@Component
 public class JwtRequestFilter extends OncePerRequestFilter {
    private final JwtUtil jwtUtil;
    public JwtRequestFilter(JwtUtil jwtUtil) {
        this.jwtUtil = jwtUtil;
    }
    @Override
    protected void doFilterInternal(HttpServletRequest request, @NotNull HttpServletResponse response, @NotNull FilterChain chain)
            throws ServletException, IOException {
        final String authorizationHeader = request.getHeader("Authorization");
        String email = null;
        String jwt = null;
        if (authorizationHeader != null && authorizationHeader.startsWith("Bearer ")) {
            jwt = authorizationHeader.substring(7);
            try {
                if (jwtUtil.isBlacklisted(jwt) || !jwtUtil.isLatestToken(jwt)) {
                    response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
                    response.setContentType("application/json");
                    response.setCharacterEncoding("UTF-8");
                    String jsonResponse = "{\"error\": \"Token is invalid or expired. Please login again.\"}";
                    response.getWriter().write(jsonResponse);
                    return;
                }
                email = jwtUtil.extractEmail(jwt);
            } catch (ExpiredJwtException expiredJwtException) {
                logger.error(expiredJwtException.getMessage());
                response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
                return;
            } catch (Exception e) {
                logger.error(e.getMessage());
                response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
                response.getWriter().write(new RequestResponseDTO(e.getMessage()).toJSON());
                return;
            }
        }
        if (email != null && SecurityContextHolder.getContext().getAuthentication() == null) {
            String role = jwtUtil.extractRole(jwt);
            UsernamePasswordAuthenticationToken authToken = new UsernamePasswordAuthenticationToken(
                    email, null, Collections.singletonList(new SimpleGrantedAuthority("ROLE_" + role)));
            authToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
            SecurityContextHolder.getContext().setAuthentication(authToken);
        }
 //        logger.info("Token of user " + jwtUtil.extractEmail(jwt) + (jwtUtil.isTokenExpired(jwt) ? " is expired" : " is not expired"));
        chain.doFilter(request, response);
    }
 }
--- a/src/main/java/_11/asktpk/artisanconnectbackend/security/JwtUtil.java
+++ b/src/main/java/_11/asktpk/artisanconnectbackend/security/JwtUtil.java
@@ -0,0 +1,97 @@
 package _11.asktpk.artisanconnectbackend.security;
 import io.jsonwebtoken.Claims;
 import io.jsonwebtoken.Jwts;
 import io.jsonwebtoken.SignatureAlgorithm;
 import io.jsonwebtoken.security.Keys;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Component;
 import javax.crypto.SecretKey;
 import java.util.*;
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.function.Function;
@Component
 public class JwtUtil {
    @Value("${jwt.secret:defaultSecretKeyNeedsToBeAtLeast32BytesLong}")
    private String secret;
    @Value("${jwt.expiration}")
    private long expiration;
    // sterowanie tokenami wygasnietymi
    private final Set<String> blacklistedTokens = ConcurrentHashMap.newKeySet();
    public void blacklistToken(String token) {
        blacklistedTokens.add(token);
    }
    public boolean isBlacklisted(String token) {
        return blacklistedTokens.contains(token);
    }
    private SecretKey getSigningKey() {
        return Keys.hmacShaKeyFor(secret.getBytes());
    }
    private final Map<String, String> userActiveTokens = new ConcurrentHashMap<>();
    public boolean isLatestToken(String token) {
        String email = extractEmail(token);
        String tokenId = extractTokenId(token);
        String latestTokenId = userActiveTokens.get(email);
        return latestTokenId != null && latestTokenId.equals(tokenId);
    }
    public String generateToken(String email, String role, Long userId) {
        Map<String, Object> claims = new HashMap<>();
        claims.put("role", role);
        claims.put("userId", userId);
        claims.put("tokenId", UUID.randomUUID().toString());
        String token = createToken(claims, email);
        userActiveTokens.put(email, extractTokenId(token));
        return token;
    }
    private String createToken(Map<String, Object> claims, String subject) {
        return Jwts.builder()
                .setClaims(claims)
                .setSubject(subject)
                .setIssuedAt(new Date())
                .setExpiration(new Date(System.currentTimeMillis() + expiration))
                .signWith(getSigningKey(), SignatureAlgorithm.HS256)
                .compact();
    }
    public String extractTokenId(String token) {
        return extractAllClaims(token).get("tokenId", String.class);
    }
    public String extractEmail(String token) {
        return extractClaim(token, Claims::getSubject);
    }
    public String extractRole(String token) {
        return extractAllClaims(token).get("role", String.class);
    }
    public <T> T extractClaim(String token, Function<Claims, T> claimsResolver) {
        final Claims claims = extractAllClaims(token);
        return claimsResolver.apply(claims);
    }
    private Claims extractAllClaims(String token) {
        return Jwts.parserBuilder()
                .setSigningKey(getSigningKey())
                .build()
                .parseClaimsJws(token)
                .getBody();
    }
 }
--- a/src/main/java/_11/asktpk/artisanconnectbackend/service/ClientService.java
+++ b/src/main/java/_11/asktpk/artisanconnectbackend/service/ClientService.java
@@ -1,9 +1,14 @@
 package _11.asktpk.artisanconnectbackend.service;
 import _11.asktpk.artisanconnectbackend.dto.AuthRequestDTO;
 import _11.asktpk.artisanconnectbackend.dto.ClientDTO;
 import _11.asktpk.artisanconnectbackend.dto.ClientRegistrationDTO;
 import _11.asktpk.artisanconnectbackend.entities.Client;
 import _11.asktpk.artisanconnectbackend.entities.Role;
 import _11.asktpk.artisanconnectbackend.repository.ClientRepository;
 import _11.asktpk.artisanconnectbackend.repository.RolesRepository;
 import jakarta.persistence.EntityNotFoundException;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Service;
 import java.util.List;
@@ -11,19 +16,27 @@ import java.util.List;
@Service
 public class ClientService {
    private final ClientRepository clientRepository;
    private final PasswordEncoder passwordEncoder;
    private final RolesRepository rolesRepository;
-    public ClientService(ClientRepository clientRepository) {
+    public ClientService(ClientRepository clientRepository, PasswordEncoder passwordEncoder, RolesRepository rolesRepository) {
        this.clientRepository = clientRepository;
        this.passwordEncoder = passwordEncoder;
        this.rolesRepository = rolesRepository;
    }
    private ClientDTO toDto(Client client) {
        if(client == null) {
            return null;
        }
        ClientDTO dto = new ClientDTO();
        dto.setId(client.getId());
        dto.setFirstName(client.getFirstName());
        dto.setLastName(client.getLastName());
        dto.setEmail(client.getEmail());
-        dto.setRole(client.getRole());
+        dto.setRole(client.getRole().getRole());
        dto.setImage(client.getImage());
        return dto;
@@ -31,17 +44,35 @@ public class ClientService {
    private Client fromDto(ClientDTO dto) {
        Client client = new Client();
        Role rola;
        if (clientRepository.findById(dto.getId()).isPresent()) {
            rola = clientRepository.findById(dto.getId()).get().getRole();
        } else {
            rola = new Role();
            rola.setRole("USER");
        }
        client.setId(dto.getId());
        client.setFirstName(dto.getFirstName());
        client.setLastName(dto.getLastName());
        client.setEmail(dto.getEmail());
-        client.setRole(dto.getRole());
+        client.setRole(rola);
        client.setImage(dto.getImage());
        return client;
    }
    private Client fromDto(ClientRegistrationDTO dto) {
           Client client = new Client();
           client.setFirstName(dto.getFirstName());
           client.setLastName(dto.getLastName());
           client.setEmail(dto.getEmail());
           client.setPassword(dto.getPassword());
           return client;
    }
    public List<ClientDTO> getAllClients() {
        List<Client> clients = clientRepository.findAll();
        return clients.stream().map(this::toDto).toList();
@@ -51,6 +82,10 @@ public class ClientService {
        return clientRepository.findById(id).orElse(null);
    }
    public ClientDTO getClientByIdDTO(Long id) {
        return toDto(clientRepository.findById(id).orElse(null));
    }
    public boolean clientExists(Long id) {
        return clientRepository.existsById(id);
    }
@@ -59,15 +94,21 @@ public class ClientService {
        return toDto(clientRepository.save(fromDto(clientDTO)));
    }
    public Client saveClientToDB(Client client) {
        return clientRepository.save(client);
    }
    public ClientDTO updateClient(long id, ClientDTO clientDTO) {
        Client existingClient = clientRepository.findById(id)
                .orElseThrow(() -> new EntityNotFoundException("Nie znaleziono ogłoszenia o ID: " + id));
        Role newRole = rolesRepository.findRoleByRole(clientDTO.getRole());
        existingClient.setEmail(clientDTO.getEmail());
        existingClient.setFirstName(clientDTO.getFirstName());
        existingClient.setLastName(clientDTO.getLastName());
        existingClient.setImage(clientDTO.getImage());
-        existingClient.setRole(clientDTO.getRole());
+        existingClient.setRole(newRole);
        return toDto(clientRepository.save(existingClient));
    }
@@ -75,4 +116,30 @@ public class ClientService {
    public void deleteClient(Long id) {
        clientRepository.deleteById(id);
    }
    // И замените метод checkClientCredentials на:
    public boolean checkClientCredentials(AuthRequestDTO dto) {
        Client cl = clientRepository.findByEmail(dto.getEmail());
        if (cl == null) {
            return false;
        }
        return passwordEncoder.matches(dto.getPassword(), cl.getPassword());
    }
    // При создании нового пользователя не забудьте шифровать пароль:
    public ClientDTO registerClient(ClientRegistrationDTO clientDTO) {
        Client client = fromDto(clientDTO);
        client.setRole(rolesRepository.findRoleById(1L));
        client.setPassword(passwordEncoder.encode(client.getPassword()));
        return toDto(clientRepository.save(client));
    }
    public Client getClientByEmail(String email) {
        return clientRepository.findByEmail(email);
    }
    public Role getUserRole() {
        return rolesRepository.findRoleByRole("USER");
    }
 }
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -31,5 +31,9 @@ tpay.authUrl = https://openapi.sandbox.tpay.com/oauth/auth
 tpay.transactionUrl = https://openapi.sandbox.tpay.com/transactions
 tpay.securityCode = )IY7E)YSM!A)Q6O-GN#U7U_33s9qObk8
 #jwt settings
 jwt.secret=DIXLsOs3FKmCAQwISd0SKsHMXJrPl3IKIRkVlkOvYW7kEcdUTbxh8zFe1B3eZWkY
 jwt.expiration=300000
 logging.file.name=logs/payment-notifications.log
 logging.level.TpayLogger=INFO
--- a/src/main/resources/sql/data.sql
+++ b/src/main/resources/sql/data.sql
@@ -1,10 +1,15 @@
-INSERT INTO clients (email, first_name, image, last_name, password, role)
+INSERT INTO roles (id, rolename)
 VALUES
-    ('dignissim.tempor.arcu@aol.ca', 'Diana', 'null', 'Harrison', 'password', 'USER'),
+    (1, 'USER'),
-    ('john.doe@example.com', 'John', 'null', 'Doe', 'password123', 'ADMIN'),
+    (2, 'ADMIN');
-    ('jane.smith@example.com', 'Jane', 'null', 'Smith', 'securepass', 'USER'),
+
-    ('michael.brown@example.com', 'Michael', 'null', 'Brown', 'mypassword', 'USER'),
+INSERT INTO clients (email, first_name, last_name, password, role_id)
-    ('emily.jones@example.com', 'Emily', 'null', 'Jones', 'passw0rd', 'USER');
+VALUES
    ('dignissim.tempor.arcu@aol.ca', 'Diana', 'Harrison', 'password', 1),
    ('john.doe@example.com', 'John', 'Doe', 'password123', 2),
    ('jane.smith@example.com', 'Jane', 'Smith', 'securepass', 1),
    ('michael.brown@example.com', 'Michael', 'Brown', 'mypassword', 1),
    ('emily.jones@example.com', 'Emily', 'Jones', 'passw0rd', 1);
 INSERT INTO notice (title, description, client_id, price, category, status, publish_date) VALUES