Move to REST server

pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-starter-parent</artifactId>
-        <version>2.5.6</version>
+        <version>2.6.3</version>
         <relativePath/> <!-- lookup parent from repository -->
     </parent>
     <groupId>com.imjustdoom</groupId>
@@ -30,13 +30,20 @@
         </dependency>
 
         <dependency>
-            <groupId>org.thymeleaf.extras</groupId>
-            <artifactId>thymeleaf-extras-springsecurity5</artifactId>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-data-jpa</artifactId>
         </dependency>
 
         <dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-data-jpa</artifactId>
+            <groupId>com.querydsl</groupId>
+            <artifactId>querydsl-apt</artifactId>
+            <version>5.0.0</version>
+        </dependency>
+
+        <dependency>
+            <groupId>com.querydsl</groupId>
+            <artifactId>querydsl-jpa</artifactId>
+            <version>5.0.0</version>
         </dependency>
 
         <dependency>
@@ -68,11 +75,6 @@
             <scope>test</scope>
         </dependency>
 
-        <dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-thymeleaf</artifactId>
-        </dependency>
-
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-configuration-processor</artifactId>
@@ -104,25 +106,13 @@
             <scope>provided</scope>
         </dependency>
 
-        <dependency>
-            <groupId>org.commonmark</groupId>
-            <artifactId>commonmark</artifactId>
-            <version>0.18.1</version>
-        </dependency>
-
         <dependency>
             <groupId>com.google.code.gson</groupId>
             <artifactId>gson</artifactId>
             <version>2.8.9</version>
             <scope>compile</scope>
         </dependency>
 
-        <dependency>
-            <groupId>me.xdrop</groupId>
-            <artifactId>fuzzywuzzy</artifactId>
-            <version>1.3.1</version>
-        </dependency>
-
     </dependencies>
 
     <repositories>
@@ -154,6 +144,22 @@
                     <target>17</target>
                 </configuration>
             </plugin>
+            <plugin>
+                <groupId>com.mysema.maven</groupId>
+                <artifactId>apt-maven-plugin</artifactId>
+                <version>1.1.3</version>
+                <executions>
+                    <execution>
+                        <goals>
+                            <goal>process</goal>
+                        </goals>
+                        <configuration>
+                            <outputDirectory>target/generated-sources/java</outputDirectory>
+                            <processor>com.querydsl.apt.jpa.JPAAnnotationProcessor</processor>
+                        </configuration>
+                    </execution>
+                </executions>
+            </plugin>
             <plugin>
                 <groupId>org.springframework.boot</groupId>
                 <artifactId>spring-boot-maven-plugin</artifactId>

src/main/java/com/imjustdoom/pluginsite/PluginSiteApplication.java

@@ -3,8 +3,10 @@
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.boot.context.properties.ConfigurationPropertiesScan;
+import org.springframework.data.web.config.EnableSpringDataWebSupport;
 
 @SpringBootApplication
+@EnableSpringDataWebSupport
 @ConfigurationPropertiesScan
 public class PluginSiteApplication {
 

src/main/java/com/imjustdoom/pluginsite/config/exception/RestErrorCode.java

@@ -0,0 +1,54 @@
+package com.imjustdoom.pluginsite.config.exception;
+
+
+import com.fasterxml.jackson.annotation.JsonIgnore;
+import org.springframework.http.HttpStatus;
+
+public enum RestErrorCode {
+    INVALID_USERNAME(HttpStatus.BAD_REQUEST, "auth", 1),
+    INVALID_EMAIL(HttpStatus.BAD_REQUEST, "auth", 2),
+    USERNAME_NOT_AVAILABLE(HttpStatus.BAD_REQUEST, "auth", 3),
+    EMAIL_NOT_AVAILABLE(HttpStatus.BAD_REQUEST, "auth", 4),
+
+    UNAUTHORIZED(HttpStatus.UNAUTHORIZED, "auth", 100),
+    FORBIDDEN(HttpStatus.FORBIDDEN, "auth", 101),
+
+    ACCOUNT_NOT_FOUND(HttpStatus.NOT_FOUND, "data", 100),
+    REPORT_NOT_FOUND(HttpStatus.NOT_FOUND, "data", 101),
+    RESOURCE_NOT_FOUND(HttpStatus.NOT_FOUND, "data", 102),
+    RESOURCE_UPDATE_NOT_FOUND(HttpStatus.NOT_FOUND, "data", 103),
+    DOWNLOAD_NOT_FOUND(HttpStatus.NOT_FOUND, "data", 104),
+    MESSAGE_GROUP_NOT_FOUND(HttpStatus.NOT_FOUND, "data", 105),
+
+    WRONG_FILE_TYPE(HttpStatus.BAD_REQUEST, "data", 2),
+    FILE_TOO_LARGE(HttpStatus.BAD_REQUEST, "data", 3),
+    PAGE_SIZE_TOO_LARGE(HttpStatus.BAD_REQUEST, "data", 4),
+    REQUIRED_ARGUMENTS_MISSING(HttpStatus.BAD_REQUEST, "data", 5),
+
+    TOO_MANY_RESOURCE_CREATIONS(HttpStatus.TOO_MANY_REQUESTS, "resource", 1),
+    TOO_MANY_RESOURCE_UPDATES(HttpStatus.TOO_MANY_REQUESTS, "resource", 2),
+    RESOURCE_NAME_NOT_AVAILABLE(HttpStatus.BAD_REQUEST, "resource", 3);
+
+    private final HttpStatus httpStatus;
+    private final String module;
+    private final int errorCode;
+
+    RestErrorCode(HttpStatus httpStatus, String module, int errorCode) {
+        this.httpStatus = httpStatus;
+        this.module = module;
+        this.errorCode = errorCode;
+    }
+
+    @JsonIgnore
+    public HttpStatus getHttpStatus() {
+        return this.httpStatus;
+    }
+
+    public String getModule() {
+        return this.module;
+    }
+
+    public int getErrorCode() {
+        return this.errorCode;
+    }
+}

src/main/java/com/imjustdoom/pluginsite/config/exception/RestException.java

@@ -0,0 +1,20 @@
+package com.imjustdoom.pluginsite.config.exception;
+
+import lombok.Getter;
+import org.springframework.lang.Nullable;
+
+@Getter
+public class RestException extends Exception {
+    private final RestErrorCode errorCode;
+    private final @Nullable String message;
+
+    public RestException(RestErrorCode errorCode, String message, Object... params) {
+        this.errorCode = errorCode;
+        this.message = String.format(message, params);
+    }
+
+    public RestException(RestErrorCode errorCode) {
+        this.errorCode = errorCode;
+        this.message = null;
+    }
+}

src/main/java/com/imjustdoom/pluginsite/config/exception/RestExceptionResponseHandler.java

@@ -0,0 +1,27 @@
+package com.imjustdoom.pluginsite.config.exception;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+import lombok.RequiredArgsConstructor;
+import org.springframework.web.bind.annotation.ExceptionHandler;
+import org.springframework.web.bind.annotation.RestControllerAdvice;
+import org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler;
+
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+@RestControllerAdvice
+@RequiredArgsConstructor
+public class RestExceptionResponseHandler extends ResponseEntityExceptionHandler {
+
+    private final ObjectMapper mapper;
+
+    @ExceptionHandler(RestException.class)
+    public void handle(HttpServletResponse response, RestException exception) throws IOException {
+        if (!response.isCommitted()) {
+            response.setStatus(exception.getErrorCode().getHttpStatus().value());
+            this.mapper.writeValue(response.getWriter(), exception);
+        }
+    }
+
+    // Could add an error ticketing system for unknown errors (5xx) thrown
+}

src/main/java/com/imjustdoom/pluginsite/config/security/AuthenticationProvider.java

@@ -0,0 +1,23 @@
+package com.imjustdoom.pluginsite.config.security;
+
+import lombok.RequiredArgsConstructor;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@Configuration
+@RequiredArgsConstructor
+public class AuthenticationProvider {
+    private final UserDetailsService userDetailsService;
+    private final PasswordEncoder passwordEncoder;
+
+    @Bean
+    public DaoAuthenticationProvider authProvider() {
+        DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider();
+        authProvider.setUserDetailsService(this.userDetailsService);
+        authProvider.setPasswordEncoder(this.passwordEncoder);
+        return authProvider;
+    }
+}

src/main/java/com/imjustdoom/pluginsite/config/security/PasswordEncoderConfig.java

@@ -0,0 +1,15 @@
+package com.imjustdoom.pluginsite.config.security;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@Configuration
+public class PasswordEncoderConfig {
+
+    @Bean
+    public PasswordEncoder encoder() {
+        return new BCryptPasswordEncoder();
+    }
+}

src/main/java/com/imjustdoom/pluginsite/config/security/SecurityConfig.java

@@ -0,0 +1,37 @@
+package com.imjustdoom.pluginsite.config.security;
+
+import lombok.AllArgsConstructor;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+@Configuration
+@EnableWebSecurity
+@AllArgsConstructor
+public class SecurityConfig extends WebSecurityConfigurerAdapter {
+    private final DaoAuthenticationProvider authProvider;
+
+    @Override
+    protected void configure(AuthenticationManagerBuilder auth) {
+        auth.authenticationProvider(this.authProvider);
+    }
+
+    @Override
+    public void configure(HttpSecurity http) throws Exception {
+        http
+            .csrf().disable()
+
+            .authorizeRequests()
+            .antMatchers("/admin", "/admin/roles").hasRole("ADMIN")
+            .antMatchers("/resources/create", "/account/details").authenticated()
+            .antMatchers("/register", "/login").not().authenticated()
+
+            .anyRequest().permitAll()
+
+            .and()
+            .formLogin().loginProcessingUrl("/login");
+    }
+}