chore: improve user repositories

Author: Throyer

src/main/java/com/github/throyer/common/springboot/Application.java

@@ -2,6 +2,7 @@
 
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.data.jpa.repository.config.EnableJpaRepositories;
 
 @SpringBootApplication
 public class Application {

src/main/java/com/github/throyer/common/springboot/configurations/SpringSecurityConfiguration.java

@@ -53,13 +53,11 @@ protected void configure(AuthenticationManagerBuilder auth) throws Exception {
 
         @Override
         protected void configure(HttpSecurity http) throws Exception {
+            PUBLIC_API_ROUTES.configure(http);
+
             http
                 .antMatcher("/api/**")
                     .authorizeRequests()
-                        .antMatchers(GET, "/api", "/api/documentation/**")
-                            .permitAll()
-                        .antMatchers(POST, "/api/users", "/api/sessions/**", "/api/recoveries/**", "/api/documentation/**")
-                            .permitAll()
                         .anyRequest()
                             .authenticated()
                 .and()

src/main/java/com/github/throyer/common/springboot/controllers/api/UsersController.java

@@ -1,40 +1,29 @@
 package com.github.throyer.common.springboot.controllers.api;
 
-import static org.springframework.http.HttpStatus.CREATED;
-import static org.springframework.http.HttpStatus.NO_CONTENT;
-
-import static com.github.throyer.common.springboot.utils.Responses.created;
-import static com.github.throyer.common.springboot.utils.Responses.ok;
-
 import com.github.throyer.common.springboot.domain.pagination.model.Page;
-import com.github.throyer.common.springboot.domain.user.service.FindUserService;
-import com.github.throyer.common.springboot.domain.user.service.RemoveUserService;
+import com.github.throyer.common.springboot.domain.pagination.service.Pagination;
 import com.github.throyer.common.springboot.domain.user.form.CreateUserProps;
-import com.github.throyer.common.springboot.domain.user.service.CreateUserService;
 import com.github.throyer.common.springboot.domain.user.form.UpdateUserProps;
+import com.github.throyer.common.springboot.domain.user.model.UserDetails;
+import com.github.throyer.common.springboot.domain.user.repository.UserRepository;
+import com.github.throyer.common.springboot.domain.user.service.CreateUserService;
 import com.github.throyer.common.springboot.domain.user.service.FindUserByIdService;
+import com.github.throyer.common.springboot.domain.user.service.RemoveUserService;
 import com.github.throyer.common.springboot.domain.user.service.UpdateUserService;
-import com.github.throyer.common.springboot.domain.user.model.UserDetails;
-
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.security.SecurityRequirement;
-
-import java.util.Optional;
-
 import io.swagger.v3.oas.annotations.tags.Tag;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
-import org.springframework.web.bind.annotation.DeleteMapping;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PathVariable;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.PutMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.ResponseStatus;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.bind.annotation.*;
+
+import java.util.Optional;
+
+import static com.github.throyer.common.springboot.utils.Responses.*;
+import static org.springframework.http.HttpStatus.CREATED;
+import static org.springframework.http.HttpStatus.NO_CONTENT;
 
 @RestController
 @Tag(name = "Users")
@@ -44,22 +33,23 @@ public class UsersController {
     private final CreateUserService createService;
     private final UpdateUserService updateService;
     private final RemoveUserService removeService;
-    private final FindUserService findService;
     private final FindUserByIdService findByIdService;
 
+    private final UserRepository repository;
+
     @Autowired
     public UsersController(
         CreateUserService createService,
         UpdateUserService updateService,
         RemoveUserService removeService,
-        FindUserService findService,
-        FindUserByIdService findByIdService
+        FindUserByIdService findByIdService,
+        UserRepository repository
     ) {
         this.createService = createService;
         this.updateService = updateService;
         this.removeService = removeService;
-        this.findService = findService;
         this.findByIdService = findByIdService;
+        this.repository = repository;
     }
 
     @GetMapping
@@ -70,17 +60,19 @@ public ResponseEntity<Page<UserDetails>> index(
         Optional<Integer> page,
         Optional<Integer> size
     ) {
-        var content = findService.findAll(page, size);
-        return ok(content);
+        var pageable = Pagination.of(page, size);
+        var content = repository.findAll(pageable);
+        return ok(content.map(UserDetails::new));
     }
 
     @GetMapping("/{id}")
     @SecurityRequirement(name = "token")
     @PreAuthorize("hasAnyAuthority('ADM', 'USER')")
     @Operation(summary = "Show user info")
     public ResponseEntity<UserDetails> show(@PathVariable Long id) {
-        var user = findByIdService.find(id);
-        return ok(user);
+        var user = repository.findById(id)
+                .orElseThrow(() -> notFound("user not found"));
+        return ok(new UserDetails(user));
     }
 
     @PostMapping

src/main/java/com/github/throyer/common/springboot/controllers/app/UserController.java

@@ -1,7 +1,9 @@
 package com.github.throyer.common.springboot.controllers.app;
 
+import com.github.throyer.common.springboot.domain.pagination.service.Pagination;
 import com.github.throyer.common.springboot.domain.toast.Type;
-import com.github.throyer.common.springboot.domain.user.service.FindUserService;
+import com.github.throyer.common.springboot.domain.user.repository.UserRepository;
+import com.github.throyer.common.springboot.domain.user.repository.custom.NativeQueryUserRepository;
 import com.github.throyer.common.springboot.domain.user.service.RemoveUserService;
 import com.github.throyer.common.springboot.domain.toast.Toasts;
 import java.util.Optional;
@@ -21,7 +23,7 @@
 public class UserController {
 
     @Autowired
-    private FindUserService findService;
+    private UserRepository repository;
 
     @Autowired
     private RemoveUserService removeService;
@@ -32,10 +34,10 @@ public String index(
         Optional<Integer> page,
         Optional<Integer> size
     ) {
+        var pageable = Pagination.of(page, size);
+        var content = repository.findAll(pageable);
 
-        var result = findService.findAll(page, size);
-        
-        model.addAttribute("page", result);
+        model.addAttribute("page", content);
 
         return "app/users/index";
     }

src/main/java/com/github/throyer/common/springboot/domain/management/repository/SoftDeleteRepository.java

@@ -12,7 +12,7 @@
 import org.springframework.transaction.annotation.Transactional;
 
 @NoRepositoryBean
-public interface SoftDeleteRepository <T extends Auditable> extends JpaRepository<T, Long>, JpaSpecificationExecutor<T> {
+public interface SoftDeleteRepository <T extends Auditable> extends JpaRepository<T, Long> {
 
     @Override
     @Modifying

src/main/java/com/github/throyer/common/springboot/domain/pagination/model/Page.java

@@ -3,14 +3,16 @@
 import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.Getter;
 
-import static com.github.throyer.common.springboot.utils.JsonUtils.toJson;
 import java.util.Collection;
 import java.util.List;
+import java.util.function.Function;
+
+import static com.github.throyer.common.springboot.utils.JSON.stringify;
 
 @Getter
 @Schema(requiredProperties = {"content", "page", "size", "totalPages", "totalElements"})
 public class Page<T> {
-    private final Collection<T> content;
+    private final Collection<? extends T> content;
     private final Integer page;
     private final Integer size;  
     private final Integer totalPages;  
@@ -24,7 +26,7 @@ public Page(org.springframework.data.domain.Page<T> page) {
         this.totalElements = page.getTotalElements();
     }
 
-    public Page(Collection<T> content, Integer page, Integer size, Long count) {        
+    public Page(Collection<? extends T> content, Integer page, Integer size, Long count) {
         this.content = content;
         this.page = page;
         this.size = size;
@@ -37,7 +39,12 @@ public static <T> Page<T> of(org.springframework.data.domain.Page<T> page) {
     }
 
     public static <T> Page<T> of(Collection<T> content, Integer page, Integer size, Long count) {
-        return new Page<>(content, page, size, count);
+        return new Page<T>(content, page, size, count);
+    }
+
+    public <U> Page<U> map(Function<? super T, ? extends U> converter) {
+        var content = this.content.stream().map(converter).toList();
+        return new Page<U>(content, this.page, this.size, this.totalElements);
     }
 
     public static <T> Page<T> empty() {
@@ -46,6 +53,6 @@ public static <T> Page<T> empty() {
 
     @Override
     public String toString() {
-        return toJson(this);
+        return stringify(this);
     }
 }

src/main/java/com/github/throyer/common/springboot/domain/recovery/service/RecoveryConfirmService.java

@@ -17,7 +17,7 @@ public class RecoveryConfirmService {
     private RecoveryRepository recoveryRepository;
 
     public void confirm(String email, String code) {
-        var user = users.findOptionalByEmail(email)
+        var user = users.findByEmail(email)
                 .orElseThrow(() -> new ResponseStatusException(HttpStatus.FORBIDDEN));
 
         var recovery = recoveryRepository

src/main/java/com/github/throyer/common/springboot/domain/recovery/service/RecoveryService.java

@@ -37,7 +37,7 @@ public RecoveryService(
 
     public void recovery(String email) {
 
-        var user = users.findOptionalByEmail(email);
+        var user = users.findByEmail(email);
 
         if (user.isEmpty()) {
             return;

src/main/java/com/github/throyer/common/springboot/domain/recovery/service/RecoveryUpdateService.java

@@ -17,7 +17,7 @@ public class RecoveryUpdateService {
     private RecoveryRepository recoveries;
 
     public void update(String email, String code, String password) {
-        var user = users.findOptionalByEmail(email)
+        var user = users.findByEmail(email)
                 .orElseThrow(() -> new ResponseStatusException(HttpStatus.FORBIDDEN));
 
         var recovery = recoveries

src/main/java/com/github/throyer/common/springboot/domain/session/service/CreateTokenService.java

@@ -33,10 +33,10 @@ public CreateTokenService(
     }
 
     public TokenResponse create(TokenRequest request) {
-        var user = userRepository.findOptionalByEmailFetchRoles(request.getEmail())
-            .filter(session -> session.validatePassword(request.getPassword()))
+        var session = userRepository.findByEmail(request.getEmail())
+            .filter(user -> user.validatePassword(request.getPassword()))
                 .orElseThrow(() -> forbidden(message(CREATE_SESSION_ERROR_MESSAGE)));
-        return create(new UserDetails(user));
+        return create(new UserDetails(session));
     }
 
     public TokenResponse create(UserDetails user) {

src/main/java/com/github/throyer/common/springboot/domain/session/service/SessionService.java

@@ -1,30 +1,29 @@
 package com.github.throyer.common.springboot.domain.session.service;
 
-import com.github.throyer.common.springboot.domain.user.repository.UserRepository;
 import com.github.throyer.common.springboot.domain.session.model.Authorized;
+import com.github.throyer.common.springboot.domain.user.repository.UserRepository;
+import com.github.throyer.common.springboot.utils.Authorization;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.stereotype.Service;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.util.Optional;
 
 import static com.github.throyer.common.springboot.utils.Constants.MESSAGES.INVALID_USERNAME;
-import static com.github.throyer.common.springboot.utils.Constants.MESSAGES.TOKEN_EXPIRED_OR_INVALID;
 import static com.github.throyer.common.springboot.utils.Constants.SECURITY.*;
 import static com.github.throyer.common.springboot.utils.Messages.message;
+import static com.github.throyer.common.springboot.utils.Responses.expired;
+import static java.util.Objects.isNull;
 import static java.util.Objects.nonNull;
-import java.util.Optional;
 import static java.util.Optional.empty;
 import static java.util.Optional.of;
-import static java.util.logging.Level.WARNING;
-
-import java.util.logging.Logger;
-
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.security.core.userdetails.UserDetailsService;
-import org.springframework.security.core.userdetails.UsernameNotFoundException;
-import org.springframework.stereotype.Service;
 
 @Service
 public class SessionService implements UserDetailsService {
-    private static final Logger LOGGER = Logger.getLogger(SessionService.class.getName());
 
     private final UserRepository repository;
 
@@ -34,20 +33,33 @@ public SessionService(UserRepository repository) {
 
     @Override
     public UserDetails loadUserByUsername(String email) throws UsernameNotFoundException {
-        var user = repository.findOptionalByEmailFetchRoles(email)
+        var user = repository.findByEmail(email)
                 .orElseThrow(() -> new UsernameNotFoundException(message(INVALID_USERNAME)));
 
         return new Authorized(user);
     }
 
-    public static void authorize(String token) {
+    public static void authorize(
+            HttpServletRequest request,
+            HttpServletResponse response
+    ) {
+        if (PUBLIC_API_ROUTES.anyMatch(request)) {
+            return;
+        }
+
+        var token = Authorization.extract(request);
+
+        if (isNull(token)) {
+            return;
+        }
+
         try {
             var authorized = JWT.decode(token, TOKEN_SECRET);
-                SecurityContextHolder
+            SecurityContextHolder
                     .getContext()
                     .setAuthentication(authorized.getAuthentication());
         } catch (Exception exception) {
-            LOGGER.log(WARNING, message(TOKEN_EXPIRED_OR_INVALID));
+            expired(response);
         }
     }