Merge pull request #2 from eTachkaMarketplace/checkingBugs

Checking bugs
eTachkaMarketplace · Jan 16, 2024 · f9d5cb9 · f9d5cb9
2 parents d2a8b53 + 915a739
commit f9d5cb9
Show file tree

Hide file tree

Showing 7 changed files with 10 additions and 12 deletions.
diff --git a/src/main/java/com/sellbycar/marketplace/ad/AdvertisementController.java b/src/main/java/com/sellbycar/marketplace/ad/AdvertisementController.java
@@ -46,7 +46,7 @@ public ResponseEntity<ResponseBody<List<AdvertisementDTO>>> searchAdvertisement(
                             pattern = "^(cheap|expensive|new|old)$"
                     )
             )
-            @PathParam("sort") String sortBy,
+            @RequestParam("sort") String sortBy,
             @Parameter(
                     description = "Page number",
                     schema = @Schema(implementation = Integer.class)

diff --git a/src/main/java/com/sellbycar/marketplace/auth/AuthController.java b/src/main/java/com/sellbycar/marketplace/auth/AuthController.java
@@ -7,7 +7,6 @@
 import io.swagger.v3.oas.annotations.media.Schema;
 import io.swagger.v3.oas.annotations.responses.ApiResponse;
 import io.swagger.v3.oas.annotations.responses.ApiResponses;
-import io.swagger.v3.oas.annotations.security.SecurityRequirement;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import jakarta.mail.MessagingException;
 import jakarta.security.auth.message.AuthException;
@@ -87,7 +86,6 @@ public ResponseEntity<?> registerUser(@RequestBody SignupRequest signUpRequest)
             }),
             @ApiResponse(responseCode = "401", description = "Unauthorized")
     })
-    @SecurityRequirement(name = "Bearer Authentication")
     public ResponseEntity<?> getNewAccessToken(@RequestBody JwtResponse response) throws AuthException {
         final JwtResponse token = authService.getJwtAccessToken(response.getJwtRefreshToken());
         return ResponseUtil.ok("Access Token", token);
@@ -101,7 +99,6 @@ public ResponseEntity<?> getNewAccessToken(@RequestBody JwtResponse response) th
             }),
             @ApiResponse(responseCode = "401", description = "Unauthorized")
     })
-    @SecurityRequirement(name = "Bearer Authentication")
     public ResponseEntity<?> getNewRefreshToken(@RequestBody JwtResponse response) throws AuthException {
         final JwtResponse token = authService.getJwtRefreshToken(response.getJwtRefreshToken());
         return ResponseUtil.create("Refresh token", HttpStatus.OK, token);

diff --git a/src/main/java/com/sellbycar/marketplace/auth/AuthServiceImpl.java b/src/main/java/com/sellbycar/marketplace/auth/AuthServiceImpl.java
@@ -26,10 +26,13 @@ public void saveJwtRefreshToken(String email, String jwtRefreshToken) {
         refreshStorage.put(email, jwtRefreshToken);
     }
 
-    public JwtResponse getJwtAccessToken(@NotNull String refreshToken) {
-        Authentication authentication = authenticateWithRefreshToken(refreshToken);
-        String accessToken = jwtUtils.generateJwtToken(authentication);
-        return new JwtResponse(accessToken, refreshToken);
+    public JwtResponse getJwtAccessToken(@NotNull String refreshToken) throws AuthException {
+        if (jwtUtils.validateRefreshToken(refreshToken)) {
+            Authentication authentication = authenticateWithRefreshToken(refreshToken);
+            String accessToken = jwtUtils.generateJwtToken(authentication);
+            return new JwtResponse(accessToken, null);
+        }
+        throw new AuthException("Invalid token");
     }
 
     public JwtResponse getJwtRefreshToken(@NotNull String refreshToken) {

diff --git a/src/main/java/com/sellbycar/marketplace/config/SecurityConfig.java b/src/main/java/com/sellbycar/marketplace/config/SecurityConfig.java
@@ -69,15 +69,13 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
                         .requestMatchers(
                                 HttpMethod.POST,
                                 "/advertisement",
-                                "/auth/refresh/**",
                                 "/image"
                         )
                         .authenticated()
                         .requestMatchers(
                                 HttpMethod.PUT,
                                 "/advertisement/{id}",
                                 "/user/me",
-                                "/user/password",
                                 "/user/me/photo"
                         )
                         .authenticated()

diff --git a/src/main/java/com/sellbycar/marketplace/user/UserServiceImpl.java b/src/main/java/com/sellbycar/marketplace/user/UserServiceImpl.java
@@ -91,7 +91,7 @@ public Authentication userAuthentication(UserDAO user) {
     public void forgotPassword(ForgotPasswordRequest request) {
         UserDAO user = userRepository.findByEmail(request.getEmail())
                 .orElseThrow(() -> RequestException.notFound("User not found."));
-        user.setUniqueCode(UUID.randomUUID().toString());
+        user.setUniqueCode(String.valueOf(new Random().nextInt(999999)));
         userRepository.save(user);
         try {
             mailService.sendResetPasswordMail(user);

diff --git a/src/main/resources/db/migration/V0001__init_db.sql b/src/main/resources/db/migration/V0001__init_db.sql
@@ -20,7 +20,7 @@ CREATE TABLE users
     phone             VARCHAR(20),
     photo             BIGINT REFERENCES images (id),
     enabled           BOOLEAN                  NOT NULL,
-    unique_code       VARCHAR(20) UNIQUE,
+    unique_code       VARCHAR(10) UNIQUE,
     authorities       VARCHAR(20)[]            NOT NULL DEFAULT '{}'::VARCHAR(20)[],
     created_timestamp TIMESTAMP WITH TIME ZONE NOT NULL
 );

diff --git a/...templates/forgot_password_message_ua.html → .../templates/reset_password_message_ua.html b/...templates/forgot_password_message_ua.html → .../templates/reset_password_message_ua.html