diff --git a/src/main/java/_11/asktpk/artisanconnectbackend/controller/AuthController.java b/src/main/java/_11/asktpk/artisanconnectbackend/controller/AuthController.java index 230a964..2a7f5e2 100644 --- a/src/main/java/_11/asktpk/artisanconnectbackend/controller/AuthController.java +++ b/src/main/java/_11/asktpk/artisanconnectbackend/controller/AuthController.java @@ -53,7 +53,7 @@ public class AuthController { String token = jwtUtil.generateToken( savedClient.getEmail(), - savedClient.getRole().getRole(), + savedClient.getRole(), savedClient.getId() ); @@ -62,7 +62,7 @@ public class AuthController { return ResponseEntity.status(HttpStatus.CREATED) .body(new AuthResponseDTO( savedClient.getId(), - savedClient.getRole().getRole(), + savedClient.getRole(), token )); } diff --git a/src/main/java/_11/asktpk/artisanconnectbackend/controller/ClientController.java b/src/main/java/_11/asktpk/artisanconnectbackend/controller/ClientController.java index b20fddd..f5ba9a5 100644 --- a/src/main/java/_11/asktpk/artisanconnectbackend/controller/ClientController.java +++ b/src/main/java/_11/asktpk/artisanconnectbackend/controller/ClientController.java @@ -24,16 +24,16 @@ public class ClientController { } @GetMapping("/get/{id}") - public ResponseEntity getClientById(@PathVariable long id) { + public ResponseEntity getClientById(@PathVariable long id) { if(clientService.getClientById(id) != null) { - return new ResponseEntity(clientService.getClientById(id), HttpStatus.OK); + return new ResponseEntity<>(clientService.getClientByIdDTO(id), HttpStatus.OK); } else { - return new ResponseEntity(HttpStatus.NOT_FOUND); + return new ResponseEntity<>(HttpStatus.NOT_FOUND); } } @PostMapping("/add") - public ResponseEntity addClient(@RequestBody ClientDTO clientDTO) { + public ResponseEntity addClient(@RequestBody ClientDTO clientDTO) { if(clientService.clientExists(clientDTO.getId())) { return new ResponseEntity<>(HttpStatus.CONFLICT); } else { @@ -43,7 +43,7 @@ public class ClientController { // TODO: do zrobienia walidacja danych @PutMapping("/edit/{id}") - public ResponseEntity updateClient(@PathVariable("id") long id, @RequestBody ClientDTO clientDTO) { + public ResponseEntity updateClient(@PathVariable("id") long id, @RequestBody ClientDTO clientDTO) { if(clientService.clientExists(id)) { return new ResponseEntity<>(clientService.updateClient(id, clientDTO),HttpStatus.OK); } else { @@ -52,7 +52,7 @@ public class ClientController { } @DeleteMapping("/delete/{id}") - public ResponseEntity deleteClient(@PathVariable("id") long id) { + public ResponseEntity deleteClient(@PathVariable("id") long id) { if(clientService.clientExists(id)) { clientService.deleteClient(id); return new ResponseEntity<>(HttpStatus.OK); diff --git a/src/main/java/_11/asktpk/artisanconnectbackend/dto/ClientDTO.java b/src/main/java/_11/asktpk/artisanconnectbackend/dto/ClientDTO.java index 4be1595..ab6af54 100644 --- a/src/main/java/_11/asktpk/artisanconnectbackend/dto/ClientDTO.java +++ b/src/main/java/_11/asktpk/artisanconnectbackend/dto/ClientDTO.java @@ -6,8 +6,6 @@ import lombok.Setter; import jakarta.validation.constraints.Email; -import _11.asktpk.artisanconnectbackend.entities.Role; - @Getter @Setter public class ClientDTO { private Long id; @@ -18,5 +16,5 @@ public class ClientDTO { private String firstName; private String lastName; private String image; - private Role role; + private String role; } diff --git a/src/main/java/_11/asktpk/artisanconnectbackend/dto/RequestResponseDTO.java b/src/main/java/_11/asktpk/artisanconnectbackend/dto/RequestResponseDTO.java index 96a0ed5..845258d 100644 --- a/src/main/java/_11/asktpk/artisanconnectbackend/dto/RequestResponseDTO.java +++ b/src/main/java/_11/asktpk/artisanconnectbackend/dto/RequestResponseDTO.java @@ -10,4 +10,8 @@ public class RequestResponseDTO { public RequestResponseDTO(String message) { this.message = message; } + + public String toJSON() { + return "{\"message\":\"" + message + "\"}"; + } } diff --git a/src/main/java/_11/asktpk/artisanconnectbackend/repository/RolesRepository.java b/src/main/java/_11/asktpk/artisanconnectbackend/repository/RolesRepository.java index d766026..0ba644e 100644 --- a/src/main/java/_11/asktpk/artisanconnectbackend/repository/RolesRepository.java +++ b/src/main/java/_11/asktpk/artisanconnectbackend/repository/RolesRepository.java @@ -7,4 +7,6 @@ import _11.asktpk.artisanconnectbackend.entities.Role; @Repository public interface RolesRepository extends JpaRepository { Role findRoleById(Long id); + + Role findRoleByRole(String role); } diff --git a/src/main/java/_11/asktpk/artisanconnectbackend/security/JwtRequestFilter.java b/src/main/java/_11/asktpk/artisanconnectbackend/security/JwtRequestFilter.java index 458b719..035d373 100644 --- a/src/main/java/_11/asktpk/artisanconnectbackend/security/JwtRequestFilter.java +++ b/src/main/java/_11/asktpk/artisanconnectbackend/security/JwtRequestFilter.java @@ -1,5 +1,7 @@ package _11.asktpk.artisanconnectbackend.security; +import _11.asktpk.artisanconnectbackend.dto.RequestResponseDTO; +import io.jsonwebtoken.ExpiredJwtException; import jakarta.servlet.FilterChain; import jakarta.servlet.ServletException; import jakarta.servlet.http.HttpServletRequest; @@ -36,20 +38,26 @@ public class JwtRequestFilter extends OncePerRequestFilter { if (authorizationHeader != null && authorizationHeader.startsWith("Bearer ")) { jwt = authorizationHeader.substring(7); - if (jwtUtil.isBlacklisted(jwt) || !jwtUtil.isLatestToken(jwt)) { - response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); - response.setContentType("application/json"); - response.setCharacterEncoding("UTF-8"); - String jsonResponse = "{\"error\": \"Token is invalid or expired. Please login again.\"}"; - response.getWriter().write(jsonResponse); - return; - } - try { + if (jwtUtil.isBlacklisted(jwt) || !jwtUtil.isLatestToken(jwt)) { + response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); + response.setContentType("application/json"); + response.setCharacterEncoding("UTF-8"); + String jsonResponse = "{\"error\": \"Token is invalid or expired. Please login again.\"}"; + response.getWriter().write(jsonResponse); + return; + } + + email = jwtUtil.extractEmail(jwt); + } catch (ExpiredJwtException expiredJwtException) { + logger.error(expiredJwtException.getMessage()); + response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); + return; } catch (Exception e) { logger.error(e.getMessage()); response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + response.getWriter().write(new RequestResponseDTO(e.getMessage()).toJSON()); return; } } diff --git a/src/main/java/_11/asktpk/artisanconnectbackend/service/ClientService.java b/src/main/java/_11/asktpk/artisanconnectbackend/service/ClientService.java index 115480a..94ab65c 100644 --- a/src/main/java/_11/asktpk/artisanconnectbackend/service/ClientService.java +++ b/src/main/java/_11/asktpk/artisanconnectbackend/service/ClientService.java @@ -4,6 +4,7 @@ import _11.asktpk.artisanconnectbackend.dto.AuthRequestDTO; import _11.asktpk.artisanconnectbackend.dto.ClientDTO; import _11.asktpk.artisanconnectbackend.dto.ClientRegistrationDTO; import _11.asktpk.artisanconnectbackend.entities.Client; +import _11.asktpk.artisanconnectbackend.entities.Role; import _11.asktpk.artisanconnectbackend.repository.ClientRepository; import _11.asktpk.artisanconnectbackend.repository.RolesRepository; import jakarta.persistence.EntityNotFoundException; @@ -25,13 +26,17 @@ public class ClientService { } private ClientDTO toDto(Client client) { + if(client == null) { + return null; + } + ClientDTO dto = new ClientDTO(); dto.setId(client.getId()); dto.setFirstName(client.getFirstName()); dto.setLastName(client.getLastName()); dto.setEmail(client.getEmail()); - dto.setRole(client.getRole()); + dto.setRole(client.getRole().getRole()); dto.setImage(client.getImage()); return dto; @@ -39,12 +44,20 @@ public class ClientService { private Client fromDto(ClientDTO dto) { Client client = new Client(); + Role rola; + + if (clientRepository.findById(dto.getId()).isPresent()) { + rola = clientRepository.findById(dto.getId()).get().getRole(); + } else { + rola = new Role(); + rola.setRole("USER"); + } client.setId(dto.getId()); client.setFirstName(dto.getFirstName()); client.setLastName(dto.getLastName()); client.setEmail(dto.getEmail()); - client.setRole(dto.getRole()); + client.setRole(rola); client.setImage(dto.getImage()); return client; @@ -69,6 +82,10 @@ public class ClientService { return clientRepository.findById(id).orElse(null); } + public ClientDTO getClientByIdDTO(Long id) { + return toDto(clientRepository.findById(id).orElse(null)); + } + public boolean clientExists(Long id) { return clientRepository.existsById(id); } @@ -81,11 +98,13 @@ public class ClientService { Client existingClient = clientRepository.findById(id) .orElseThrow(() -> new EntityNotFoundException("Nie znaleziono ogłoszenia o ID: " + id)); + Role newRole = rolesRepository.findRoleByRole(clientDTO.getRole()); + existingClient.setEmail(clientDTO.getEmail()); existingClient.setFirstName(clientDTO.getFirstName()); existingClient.setLastName(clientDTO.getLastName()); existingClient.setImage(clientDTO.getImage()); - existingClient.setRole(clientDTO.getRole()); + existingClient.setRole(newRole); return toDto(clientRepository.save(existingClient)); }