Add login endpoint

2026-06-03 12:23:08 +01:00
parent 6659140440
commit 04f4732da1
6 changed files with 119 additions and 0 deletions
@@ -0,0 +1,21 @@
+package com.litoralregas.backend_gateway.auth;
+
+import com.litoralregas.backend_gateway.auth.dto.LoginRequest;
+import com.litoralregas.backend_gateway.auth.dto.LoginResponse;
+import org.springframework.web.bind.annotation.*;
+
+@RestController
+@RequestMapping("/auth")
+public class AuthController {
+
+    private final AuthService authService;
+
+    public AuthController(AuthService authService) {
+        this.authService = authService;
+    }
+
+    @PostMapping("/login")
+    public LoginResponse login(@RequestBody LoginRequest request) {
+        return authService.login(request);
+    }
+}
@@ -0,0 +1,50 @@
+package com.litoralregas.backend_gateway.auth;
+
+import com.litoralregas.backend_gateway.auth.dto.LoginRequest;
+import com.litoralregas.backend_gateway.auth.dto.LoginResponse;
+import com.litoralregas.backend_gateway.user.UserEntity;
+import com.litoralregas.backend_gateway.user.UserRepository;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.stereotype.Service;
+
+@Service
+public class AuthService {
+
+    private final UserRepository userRepository;
+    private final PasswordEncoder passwordEncoder;
+
+    public AuthService(
+            UserRepository userRepository,
+            PasswordEncoder passwordEncoder
+    ) {
+        this.userRepository = userRepository;
+        this.passwordEncoder = passwordEncoder;
+    }
+
+    public LoginResponse login(LoginRequest request) {
+
+        UserEntity user = userRepository.findByUsername(request.username())
+                .orElseThrow(InvalidCredentialsException::new);
+
+        if (!user.isEnabled()) {
+            throw new InvalidCredentialsException();
+        }
+
+        boolean valid = passwordEncoder.matches(
+                request.password(),
+                user.getPasswordHash()
+        );
+
+        if (!valid) {
+            throw new InvalidCredentialsException();
+        }
+
+        return new LoginResponse(
+                user.getId(),
+                user.getClient().getId(),
+                user.getClient().getName(),
+                user.getUsername(),
+                user.getRole()
+        );
+    }
+}
@@ -0,0 +1,12 @@
+package com.litoralregas.backend_gateway.auth;
+
+import org.springframework.http.HttpStatus;
+import org.springframework.web.bind.annotation.ResponseStatus;
+
+@ResponseStatus(HttpStatus.UNAUTHORIZED)
+public class InvalidCredentialsException extends RuntimeException {
+
+    public InvalidCredentialsException() {
+        super("Invalid credentials");
+    }
+}
@@ -0,0 +1,7 @@
+package com.litoralregas.backend_gateway.auth.dto;
+
+public record LoginRequest(
+        String username,
+        String password
+) {
+}
@@ -0,0 +1,12 @@
+package com.litoralregas.backend_gateway.auth.dto;
+
+import com.litoralregas.backend_gateway.user.UserRole;
+
+public record LoginResponse(
+        Long userId,
+        Long clientId,
+        String clientName,
+        String username,
+        UserRole role
+) {
+}
@@ -0,0 +1,17 @@
+package com.litoralregas.backend_gateway.auth;
+
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.ExceptionHandler;
+import org.springframework.web.bind.annotation.RestControllerAdvice;
+
+@RestControllerAdvice
+public class AuthExceptionHandler {
+
+    @ExceptionHandler(InvalidCredentialsException.class)
+    public ResponseEntity<String> handleInvalidCredentials() {
+        return ResponseEntity
+                .status(HttpStatus.UNAUTHORIZED)
+                .body("Invalid credentials");
+    }
+}