aarbit/scavengerhunt-api
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: aarbit:feature/docker
Branches Tags
aarbit:main aarbit:feature/docker aarbit:feature/get-photo-info aarbit:feature/team-basics aarbit:feature/hunt-basics aarbit:feature/login aarbit:feature/signup
..
compare: aarbit:48b2ffd7b2740ea858fc00bd9102959f68067183
Branches Tags
aarbit:main aarbit:feature/docker aarbit:feature/get-photo-info aarbit:feature/team-basics aarbit:feature/hunt-basics aarbit:feature/login aarbit:feature/signup

8 Commits
feature/do ... 48b2ffd7b2

Author SHA1 Message Date
aarbit
48b2ffd7b2 Streamlines the ongoing Hunt endpoint
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details
2026-05-17 22:11:52 -05:00
aarbit
877e134166 Adds isAdmin to JWT
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details
2026-05-16 16:14:29 -05:00
aarbit
ec2bb1bcc6 Adds Hunter name to login response
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details
2026-05-16 16:06:59 -05:00
aarbit
6c3c94c5a3 Turns on CORS
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details
2026-05-16 15:54:24 -05:00
aarbit
a34d2ddcf0 Opens up actuator endpoints
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details
2026-05-15 23:42:48 -05:00
aarbit
b3801eb5e7 Updates Docker compose 2026-05-15 23:42:09 -05:00
aarbit
4dfdb54bb4 Updates Dockerfile
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details
2026-05-15 14:32:15 -05:00
aarbit
0a278530fb Merge pull request 'Adds docker and woodpecker files' (#5) from feature/docker into main
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details 
Reviewed-on: #5
 2026-05-15 19:27:57 +00:00
8 changed files with 53 additions and 43 deletions
Expand all files Collapse all files

2
Dockerfile
View File

@@ -3,7 +3,7 @@ WORKDIR /app
COPY gradlew .
COPY gradle/ gradle/
COPY build.gradle.kts settings.gradle.kts ./
RUN ./gradlew dependencies --no-daemon
RUN chmod +x gradlew && ./gradlew dependencies --no-daemon
COPY src/ src/
RUN ./gradlew bootJar --no-daemon

48
docker-compose.yml
View File

@@ -1,20 +1,13 @@
# All services use host networking so inter-service traffic goes over loopback with no bridge overhead.
# Ports (all bound directly on the host):
# API: 8080
# MariaDB: 3306
# Adminer: 8888
# MinIO API: 9000
# MinIO Console: 9001
services:
mariadb:
image: mariadb:11
network_mode: host
image: mariadb
environment:
MYSQL_ROOT_PASSWORD: ${DB_ROOT_PASSWORD}
MYSQL_DATABASE: ${DB_NAME}
MYSQL_USER: ${DB_USER}
MYSQL_PASSWORD: ${DB_PASSWORD}
MARIADB_ROOT_PASSWORD: ${DB_ROOT_PASSWORD}
MARIADB_DATABASE: ${DB_NAME}
MARIADB_USER: ${DB_USER}
MARIADB_PASSWORD: ${DB_PASSWORD}
ports:
- 3306:3306
volumes:
- mariadb_data:/var/lib/mysql
healthcheck:
@@ -24,55 +17,54 @@ services:
timeout: 5s
retries: 5
restart: unless-stopped
adminer:
image: adminer
network_mode: host
command: php -S [::]:8888 -t /var/www/html
ports:
- 8080:8080
restart: unless-stopped
minio:
image: minio/minio
network_mode: host
command: server /data --console-address :9001
command: server /data --console-address ":9001"
environment:
MINIO_ROOT_USER: ${MINIO_ACCESS_KEY}
MINIO_ROOT_PASSWORD: ${MINIO_SECRET_KEY}
ports:
- 15900:9000 # API
- 15901:9001 # Web UI
volumes:
- minio_data:/data
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
test: ["CMD", "curl", "-f", "http://192.168.187.181:15900/minio/health/live"]
start_period: 10s
interval: 10s
timeout: 5s
retries: 5
restart: unless-stopped
api:
build: .
network_mode: host
image: git.halfbinary.net/aarbit/scavengerhunt-api:2
environment:
DB_URL: jdbc:mariadb://localhost:3306/${DB_NAME}
DB_URL: jdbc:mariadb://192.168.187.181:3306/${DB_NAME}
DB_USER: ${DB_USER}
DB_PASSWORD: ${DB_PASSWORD}
JWT_SECRET: ${JWT_SECRET}
MINIO_ENDPOINT: http://localhost:9000
MINIO_ENDPOINT: http://192.168.187.181:15900
MINIO_ACCESS_KEY: ${MINIO_ACCESS_KEY}
MINIO_SECRET_KEY: ${MINIO_SECRET_KEY}
MINIO_BUCKET: ${MINIO_BUCKET}
ports:
- 15808:8080
depends_on:
mariadb:
condition: service_healthy
minio:
condition: service_healthy
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:8080/actuator/health"]
test: ["CMD", "curl", "-f", "http://192.168.187.181:15808/actuator/health"]
start_period: 30s
interval: 15s
timeout: 5s
retries: 5
restart: unless-stopped
volumes:
mariadb_data:
minio_data:

3
src/main/kotlin/net/halfbinary/scavengerhuntapi/config/JwtUtil.kt
View File

@@ -27,9 +27,10 @@ class JwtUtil {
}
// Generate JWT token
fun generateToken(email: String): String {
fun generateToken(email: String, isAdmin: Boolean): String {
return Jwts.builder()
.subject(email)
.claim("isAdmin", isAdmin)
.issuedAt(Date())
.expiration(Date(System.currentTimeMillis() + jwtExpirationMs))
.signWith(key)

23
src/main/kotlin/net/halfbinary/scavengerhuntapi/config/SecurityConfig.kt
View File

@@ -7,7 +7,6 @@ import org.springframework.security.authentication.AuthenticationManager
import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity
import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configurers.CorsConfigurer
import org.springframework.security.config.annotation.web.configurers.CsrfConfigurer
import org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer
import org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer
@@ -16,6 +15,10 @@ import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
import org.springframework.security.crypto.password.PasswordEncoder
import org.springframework.security.web.SecurityFilterChain
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
import org.springframework.web.cors.CorsConfiguration
import org.springframework.web.cors.CorsConfigurationSource
import org.springframework.web.cors.UrlBasedCorsConfigurationSource
@Configuration
@@ -48,13 +51,25 @@ class SecurityConfig(private val authEntrypointJwt: AuthEntrypointJwt,
return BCryptPasswordEncoder()
}
@Bean
fun corsConfigurationSource(): CorsConfigurationSource {
val config = CorsConfiguration()
config.allowedOriginPatterns = listOf("*")
config.allowedMethods = listOf("GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS")
config.allowedHeaders = listOf("*")
config.allowCredentials = true
val source = UrlBasedCorsConfigurationSource()
source.registerCorsConfiguration("/**", config)
return source
}
@Bean
@Throws(Exception::class)
fun securityFilterChain(http: HttpSecurity): SecurityFilterChain? {
// Updated configuration for Spring Security 6.x
http
.csrf { csrf: CsrfConfigurer<HttpSecurity> -> csrf.disable() } // Disable CSRF
.cors { cors: CorsConfigurer<HttpSecurity> -> cors.disable() } // Disable CORS (or configure if needed)
.csrf { csrf: CsrfConfigurer<HttpSecurity> -> csrf.disable() }
.cors { cors -> cors.configurationSource(corsConfigurationSource()) }
.exceptionHandling { exceptionHandling: ExceptionHandlingConfigurer<HttpSecurity> ->
exceptionHandling.authenticationEntryPoint(
authEntrypointJwt
@@ -67,7 +82,7 @@ class SecurityConfig(private val authEntrypointJwt: AuthEntrypointJwt,
}
.authorizeHttpRequests { authorizeRequests ->
authorizeRequests
.requestMatchers("/auth/**", "/signup", "/docs/**")
.requestMatchers("/auth/**", "/signup", "/docs/**", "/actuator/**")
.permitAll()
.anyRequest().authenticated()
}

4
src/main/kotlin/net/halfbinary/scavengerhuntapi/controller/AuthController.kt
View File

@@ -24,9 +24,9 @@ class AuthController(private val loginService: LoginService, private val jwtUtil
@PostMapping("/login")
fun login(@Valid @RequestBody body: LoginRequest): ResponseEntity<LoginResponse> {
val result = loginService.login(body.toDomain())
val accessToken = jwtUtils.generateToken(result.email)
val accessToken = jwtUtils.generateToken(result.email, result.isAdmin)
val refreshToken = refreshTokenService.generateRefreshToken(result.email)
val loginResponse = LoginResponse(accessToken, refreshToken)
val loginResponse = LoginResponse(accessToken, refreshToken, result.name)
return ResponseEntity.ok(loginResponse)
}

5
src/main/kotlin/net/halfbinary/scavengerhuntapi/controller/HunterController.kt
View File

@@ -16,7 +16,6 @@ import org.springframework.web.bind.annotation.GetMapping
import org.springframework.web.bind.annotation.PathVariable
import org.springframework.web.bind.annotation.PostMapping
import org.springframework.web.bind.annotation.RequestMapping
import org.springframework.web.bind.annotation.RequestParam
import org.springframework.web.bind.annotation.RestController
@RestController
@@ -27,13 +26,13 @@ class HunterController(private val hunterService: HunterService,
@GetMapping("/hunt/ongoing")
@Operation(summary = "Gets list of all currently running Hunts (filtered by the calling hunter)")
fun getOngoingHunts(authentication: Authentication, @RequestParam status: HuntStatus?): ResponseEntity<List<HuntResponse>> {
fun getOngoingHunts(authentication: Authentication): ResponseEntity<List<HuntResponse>> {
val email = authentication.name
val isAdmin = hunterService.getHunterByEmail(email).isAdmin
return if(isAdmin) {
ResponseEntity.ok(huntService.getAllHunts(HuntStatus.ONGOING).map { it.toResponse() })
} else {
ResponseEntity.ok(huntService.getHuntsByEmail(email, status).map { it.toResponse() })
ResponseEntity.ok(huntService.getHuntsByEmail(email, HuntStatus.ONGOING).map { it.toResponse() })
}
}

3
src/main/kotlin/net/halfbinary/scavengerhuntapi/model/response/LoginResponse.kt
View File

@@ -4,5 +4,6 @@ import net.halfbinary.scavengerhuntapi.model.RefreshId
data class LoginResponse(
val accessToken: String,
val refreshToken: RefreshId
val refreshToken: RefreshId,
val name: String
)

6
src/main/kotlin/net/halfbinary/scavengerhuntapi/service/RefreshTokenService.kt
View File

@@ -5,6 +5,7 @@ import net.halfbinary.scavengerhuntapi.error.exception.ExpiredRefreshTokenExcept
import net.halfbinary.scavengerhuntapi.error.exception.InvalidRefreshTokenException
import net.halfbinary.scavengerhuntapi.model.RefreshId
import net.halfbinary.scavengerhuntapi.model.record.RefreshTokenRecord
import net.halfbinary.scavengerhuntapi.repository.HunterRepository
import net.halfbinary.scavengerhuntapi.repository.RefreshTokenRepository
import org.slf4j.LoggerFactory
import org.springframework.data.repository.findByIdOrNull
@@ -13,7 +14,7 @@ import java.time.LocalDateTime
import java.time.temporal.ChronoUnit
@Service
class RefreshTokenService(private val refreshTokenRepository: RefreshTokenRepository, private val jwtUtil: JwtUtil) {
class RefreshTokenService(private val refreshTokenRepository: RefreshTokenRepository, private val jwtUtil: JwtUtil, private val hunterRepository: HunterRepository) {
companion object {
private val log = LoggerFactory.getLogger(RefreshTokenService::class.java)
@@ -25,7 +26,8 @@ class RefreshTokenService(private val refreshTokenRepository: RefreshTokenReposi
removeToken(tokenId)
throw ExpiredRefreshTokenException(tokenId)
} else {
jwtUtil.generateToken(refreshToken.email)
val isAdmin = hunterRepository.findByEmail(refreshToken.email)?.isAdmin ?: false
jwtUtil.generateToken(refreshToken.email, isAdmin)
}
}?: throw InvalidRefreshTokenException(tokenId)
}