parte de security feita com sucesso, register e login do usuario

LibraryLoop/docker-compose.yml

@@ -1,5 +1,4 @@
 services:
-
   mysql:
     image: mysql:8.0
     container_name: libraryloop-mysql
@@ -26,9 +25,10 @@ services:
     ports:
       - "8080:8080"
     environment:
-      SPRING_DATASOURCE_URL: jdbc:mysql://mysql:3306/libraryloop?useSSL=false&allowPublicKeyRetrieval=true
+      SPRING_DATASOURCE_URL: jdbc:mysql://mysql:3306/libraryloop?useSSL=false&allowPublicKeyRetrieval=true&serverTimezone=America/Sao_Paulo
       SPRING_DATASOURCE_USERNAME: libraryuser
       SPRING_DATASOURCE_PASSWORD: librarypass
+      JWT_SECRET: iaowhfdoawfhoqui32gho1ubg24ou1ivb24oi
     depends_on:
       mysql:
         condition: service_healthy

LibraryLoop/pom.xml

@@ -26,12 +26,25 @@
 
 	<dependencies>
 
+		<!-- HTTP Client -->
 		<dependency>
 			<groupId>org.apache.httpcomponents.client5</groupId>
 			<artifactId>httpclient5</artifactId>
 		</dependency>
 
-<<<<<<< HEAD
+		<!-- Spring Security -->
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-security</artifactId>
+		</dependency>
+
+		<!-- JWT -->
+		<dependency>
+			<groupId>com.auth0</groupId>
+			<artifactId>java-jwt</artifactId>
+			<version>4.4.0</version>
+		</dependency>
+
 		<!-- Cache -->
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
@@ -43,13 +56,6 @@
 			<groupId>com.github.ben-manes.caffeine</groupId>
 			<artifactId>caffeine</artifactId>
 		</dependency>
-=======
-        <dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-cache</artifactId>
-        </dependency>
->>>>>>> origin/main
-
 
 		<!-- Web / REST API -->
 		<dependency>
@@ -63,21 +69,21 @@
 			<artifactId>spring-boot-starter-validation</artifactId>
 		</dependency>
 
-		<!-- Lombok (getters, setters, builders etc) -->
+		<!-- Lombok -->
 		<dependency>
 			<groupId>org.projectlombok</groupId>
 			<artifactId>lombok</artifactId>
 			<version>${lombok.version}</version>
 			<optional>true</optional>
 		</dependency>
 
-		<!-- JPA (opcional caso queira salvar livros futuramente) -->
+		<!-- JPA -->
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-data-jpa</artifactId>
-			<optional>true</optional>
 		</dependency>
 
+		<!-- MySQL -->
 		<dependency>
 			<groupId>com.mysql</groupId>
 			<artifactId>mysql-connector-j</artifactId>
@@ -91,6 +97,13 @@
 			<scope>test</scope>
 		</dependency>
 
+		<!-- Spring Security Test -->
+		<dependency>
+			<groupId>org.springframework.security</groupId>
+			<artifactId>spring-security-test</artifactId>
+			<scope>test</scope>
+		</dependency>
+
 	</dependencies>
 
 	<build>
@@ -122,4 +135,4 @@
 		</plugins>
 	</build>
 
-</project>
+</project>

LibraryLoop/src/main/java/com/example/LibraryLoop/Repository/userRepository.java

@@ -7,5 +7,7 @@
 
 public interface userRepository extends JpaRepository<User, Long> {
 
-    Optional<User> findByUsername(String username);
+    Optional<User> findByEmail(String email);
+    Optional<Object> findByUsername(String username);
+
 }

LibraryLoop/src/main/java/com/example/LibraryLoop/controller/AuthController.java

@@ -0,0 +1,60 @@
+package com.example.LibraryLoop.controller;
+
+import com.example.LibraryLoop.Repository.userRepository;
+import com.example.LibraryLoop.dto.user.LoginRequestDTO;
+import com.example.LibraryLoop.dto.user.RegisterRequestDTO;
+import com.example.LibraryLoop.dto.user.ResponseDTO;
+import com.example.LibraryLoop.entity.User;
+import com.example.LibraryLoop.security.config.TokenService;
+import lombok.RequiredArgsConstructor;
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.web.bind.annotation.*;
+
+import java.util.Map;
+import java.util.Optional;
+
+@RestController
+@RequestMapping("/auth")
+@RequiredArgsConstructor
+public class AuthController {
+
+    private final userRepository repository;
+    private final PasswordEncoder passwordEncoder;
+    private final TokenService tokenService;
+
+    @PostMapping("/login")
+    public ResponseEntity<?> login(@RequestBody LoginRequestDTO body) {
+        User user = this.repository.findByEmail(body.email())
+                .orElseThrow(() -> new RuntimeException("User not found"));
+
+        if (passwordEncoder.matches(body.password(), user.getPassword())) {
+            String token = this.tokenService.generateToken(user);
+            return ResponseEntity.ok(new ResponseDTO(user.getUsername(), token));
+        }
+        return ResponseEntity.badRequest().build();
+    }
+
+    @PostMapping("/register")
+    public ResponseEntity<?> register(@RequestBody RegisterRequestDTO body) {
+
+        if (this.repository.findByEmail(body.email()).isPresent()) {
+            return ResponseEntity.badRequest()
+                    .body(Map.of("error", "Já existe um usuário com esse e-mail cadastrado."));
+        }
+
+        if (this.repository.findByUsername(body.username()).isPresent()) {
+            return ResponseEntity.badRequest()
+                    .body(Map.of("error", "Já existe um usuário com esse username cadastrado."));
+        }
+
+        User newUser = new User();
+        newUser.setPassword(passwordEncoder.encode(body.password()));
+        newUser.setEmail(body.email());
+        newUser.setUsername(body.username());
+        this.repository.save(newUser);
+
+        String token = this.tokenService.generateToken(newUser);
+        return ResponseEntity.ok(new ResponseDTO(newUser.getUsername(), token));
+    }
+}

LibraryLoop/src/main/java/com/example/LibraryLoop/controller/BookController.java

@@ -21,31 +21,17 @@ public BookController(BookService bookService) {
         this.bookService = bookService;
     }
 
-    // 🔎 BUSCAR LIVROS
-    @GetMapping("/search")
-    public List<BookSearchDTO> searchBooks(
-            @RequestParam String title,
-            @RequestParam(defaultValue = "20") int limit
-    ) {
-        return bookService.searchBooks(title, limit);
-    }
-
-    // 📖 LER LIVRO COMPLETO
     @GetMapping("/{id}/read")
     public ResponseEntity<BookReadResponse> readBook(@PathVariable Long id) {
-
-        String text = bookService.getFullBook(id);
-
+        String text = bookService.readBook(id);
         return ResponseEntity.ok(new BookReadResponse(id, text));
     }
 
-    // 📄 PAGINAÇÃO
     @GetMapping("/{id}/pages/{page}")
-     public ResponseEntity<PageResponse> getBookPage(
+    public ResponseEntity<PageResponse> getBookPage(
             @PathVariable Long id,
             @PathVariable int page
     ) {
-
         List<String> pages = bookService.getBookPages(id);
 
         if (page < 0 || page >= pages.size()) {
@@ -55,23 +41,17 @@ public ResponseEntity<PageResponse> getBookPage(
         return ResponseEntity.ok(
                 new PageResponse(page, pages.size(), pages.get(page))
         );
-<<<<<<< HEAD
-    }   
+    }
 
-    // 🔎 buscar livros
-    @GetMapping(value = "/search")
+    @GetMapping("/search")
     public List<BookSearchDTO> searchBooks(
             @RequestParam String title,
             @RequestParam(defaultValue = "20") int limit) {
-
-        return service.searchBooks(title, limit);
-=======
+        return bookService.searchBooks(title, limit);
     }
 
-    // 🔗 LINK EXTERNO (OPCIONAL)
     @GetMapping("/{id}/link")
     public ReadLinkDTO getReadLink(@PathVariable String id) {
         return bookService.getReadLink(id);
->>>>>>> origin/main
     }
 }

LibraryLoop/src/main/java/com/example/LibraryLoop/dto/book/BookSearchDTO.java

@@ -26,9 +26,7 @@ public BookSearchDTO(
             Integer editionCount,
             List<String> language,
             Boolean hasFullText,
-            Integer ratingsAverage,
-            Boolean readable,
-            String source
+            Integer ratingsAverage
     ) {
         this.olid = olid;
         this.title = title;

LibraryLoop/src/main/java/com/example/LibraryLoop/dto/user/LoginRequestDTO.java

@@ -0,0 +1,3 @@
+package com.example.LibraryLoop.dto.user;
+
+public record LoginRequestDTO(String email, String password) {}

LibraryLoop/src/main/java/com/example/LibraryLoop/dto/user/RegisterRequestDTO.java

@@ -0,0 +1,3 @@
+package com.example.LibraryLoop.dto.user;
+
+public record RegisterRequestDTO(String username, String email, String password) {}

LibraryLoop/src/main/java/com/example/LibraryLoop/dto/user/ResponseDTO.java

@@ -0,0 +1,3 @@
+package com.example.LibraryLoop.dto.user;
+
+public record ResponseDTO(String username, String token) {}

LibraryLoop/src/main/java/com/example/LibraryLoop/entity/User.java

@@ -1,12 +1,10 @@
 package com.example.LibraryLoop.entity;
 
 import jakarta.persistence.*;
-import lombok.Getter;
-import lombok.Setter;
-
-
 import lombok.*;
 
+import java.util.List;
+
 @Entity
 @Table(name = "app_user")
 @Getter
@@ -20,6 +18,13 @@ public class User {
     @GeneratedValue(strategy = GenerationType.IDENTITY)
     private Long id;
 
-    @Column(unique = true)
     private String username;
+
+    @Column(unique = true)
+    private String email;
+
+    @Column(nullable = false)
+    private String password;
+
+    private String savedBook;
 }

LibraryLoop/src/main/java/com/example/LibraryLoop/config/AppConfig.java → LibraryLoop/src/main/java/com/example/LibraryLoop/security/config/AppConfig.java

@@ -1,4 +1,4 @@
-package com.example.LibraryLoop.config;
+package com.example.LibraryLoop.security.config;
 
 import org.apache.hc.client5.http.impl.classic.HttpClientBuilder;
 

LibraryLoop/src/main/java/com/example/LibraryLoop/config/CacheConfig.java → LibraryLoop/src/main/java/com/example/LibraryLoop/security/config/CacheConfig.java

@@ -1,4 +1,4 @@
-package com.example.LibraryLoop.config;
+package com.example.LibraryLoop.security.config;
 
 import com.github.benmanes.caffeine.cache.Caffeine;
 import org.springframework.cache.CacheManager;

LibraryLoop/src/main/java/com/example/LibraryLoop/security/config/CustomUserDetailsService.java

@@ -0,0 +1,22 @@
+package com.example.LibraryLoop.security.config;
+
+import com.example.LibraryLoop.Repository.userRepository;
+import com.example.LibraryLoop.entity.User;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.stereotype.Component;
+
+import java.util.ArrayList;
+
+@Component
+public class CustomUserDetailsService implements UserDetailsService {
+    @Autowired
+    private userRepository repository;
+    @Override
+    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
+        User user = this.repository.findByEmail(username).orElseThrow(() -> new UsernameNotFoundException("User not found"));
+        return new org.springframework.security.core.userdetails.User(user.getEmail(), user.getPassword(), new ArrayList<>());
+    }
+}

LibraryLoop/src/main/java/com/example/LibraryLoop/security/config/SecurityConfig.java

@@ -0,0 +1,48 @@
+package com.example.LibraryLoop.security.config;
+
+import lombok.RequiredArgsConstructor;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+
+@Configuration
+@EnableWebSecurity
+@RequiredArgsConstructor
+public class SecurityConfig {
+
+    private final SecurityFilter securityFilter;
+
+    @Bean
+    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+
+        http
+                // desabilita CSRF (necessário para API REST)
+                .csrf(csrf -> csrf.disable())
+
+                // API stateless (JWT)
+                .sessionManagement(session ->
+                        session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
+
+                // configuração de rotas
+                .authorizeHttpRequests(auth -> auth
+                        .requestMatchers("/auth/**").permitAll()
+                        .anyRequest().authenticated()
+                )
+
+                // adiciona filtro JWT antes do filtro padrão
+                .addFilterBefore(securityFilter, UsernamePasswordAuthenticationFilter.class);
+
+        return http.build();
+    }
+
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+}