login api

src/main/java/io/spring/api/UsersApi.java

@@ -3,6 +3,7 @@ package io.spring.api;
 import com.fasterxml.jackson.annotation.JsonRootName;
 import io.spring.api.exception.InvalidRequestException;
 import io.spring.application.user.UserQueryService;
+import io.spring.core.user.EncryptService;
 import io.spring.core.user.User;
 import io.spring.core.user.UserRepository;
 import lombok.Getter;
@@ -12,32 +13,36 @@ import org.hibernate.validator.constraints.NotBlank;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.http.ResponseEntity;
-import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.validation.BindingResult;
 import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestHeader;
 import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.RestController;
 
 import javax.validation.Valid;
 
+import java.util.Optional;
+
+import static org.springframework.web.bind.annotation.RequestMethod.POST;
+
 @RestController
 public class UsersApi {
     private UserRepository userRepository;
     private UserQueryService userQueryService;
     private String defaultImage;
+    private EncryptService encryptService;
 
     @Autowired
     public UsersApi(UserRepository userRepository,
                     UserQueryService userQueryService,
+                    EncryptService encryptService,
                     @Value("${image.default}") String defaultImage) {
         this.userRepository = userRepository;
         this.userQueryService = userQueryService;
+        this.encryptService = encryptService;
         this.defaultImage = defaultImage;
     }
 
-    @RequestMapping(path = "/users", method = RequestMethod.POST)
+    @RequestMapping(path = "/users", method = POST)
     public ResponseEntity createUser(@Valid @RequestBody RegisterParam registerParam, BindingResult bindingResult) {
         if (bindingResult.hasErrors()) {
             throw new InvalidRequestException(bindingResult);
@@ -54,12 +59,34 @@ public class UsersApi {
         User user = new User(
             registerParam.getEmail(),
             registerParam.getUsername(),
-            registerParam.getPassword(),
+            encryptService.encrypt(registerParam.getPassword()),
             "",
             defaultImage);
         userRepository.save(user);
-        return ResponseEntity.status(201).body(userQueryService.fetchCreatedUser(user.getUsername()));
+        return ResponseEntity.status(201).body(userQueryService.fetchNewAuthenticatedUser(user.getUsername()));
     }
+
+    @RequestMapping(path = "/users/login", method = POST)
+    public ResponseEntity userLogin(@Valid @RequestBody LoginParam loginParam, BindingResult bindingResult) {
+        Optional<User> optional = userRepository.findByEmail(loginParam.getEmail());
+        if (optional.isPresent() && encryptService.check(loginParam.getPassword(), optional.get().getPassword())) {
+            return ResponseEntity.ok(userQueryService.fetchNewAuthenticatedUser(optional.get().getUsername()));
+        } else {
+            bindingResult.rejectValue("password", "INVALID", "invalid email or password");
+            throw new InvalidRequestException(bindingResult);
+        }
+    }
+}
+
+@Getter
+@JsonRootName("user")
+@NoArgsConstructor
+class LoginParam {
+    @NotBlank(message = "can't be empty")
+    @Email(message = "should be an email")
+    private String email;
+    @NotBlank(message = "can't be empty")
+    private String password;
 }
 
 @Getter

src/main/java/io/spring/application/user/UserQueryService.java

@@ -15,7 +15,7 @@ public class UserQueryService  {
         this.jwtService = jwtService;
     }
 
-    public UserWithToken fetchCreatedUser(String username) {
+    public UserWithToken fetchNewAuthenticatedUser(String username) {
         UserData userData = userReadService.findOne(username);
         return new UserWithToken(userData, jwtService.toToken(userData));
     }

src/main/java/io/spring/core/user/EncryptService.java

@@ -0,0 +1,6 @@
+package io.spring.core.user;
+
+public interface EncryptService {
+    String encrypt(String password);
+    boolean check(String checkPassword, String realPassword);
+}

src/main/java/io/spring/infrastructure/user/NaiveEncryptService.java

@@ -0,0 +1,17 @@
+package io.spring.infrastructure.user;
+
+import io.spring.core.user.EncryptService;
+import org.springframework.stereotype.Service;
+
+@Service
+public class NaiveEncryptService implements EncryptService {
+    @Override
+    public String encrypt(String password) {
+        return password;
+    }
+
+    @Override
+    public boolean check(String checkPassword, String realPassword) {
+        return checkPassword.equals(realPassword);
+    }
+}

src/test/java/io/spring/api/CurrentUserApiTest.java

@@ -70,4 +70,26 @@ public class CurrentUserApiTest {
             .body("user.image", equalTo("https://static.productionready.io/images/smiley-cyrus.jpg"))
             .body("user.token", equalTo(token));
     }
+
+    @Test
+    public void should_get_401_without_token() throws Exception {
+        given()
+            .contentType("application/json")
+            .when()
+            .get("/user")
+            .then()
+            .statusCode(401);
+
+    }
+
+    @Test
+    public void should_get_401_with_invalid_token() throws Exception {
+        given()
+            .contentType("application/json")
+            .header("Authorization", "Token asdfasd")
+            .when()
+            .get("/user")
+            .then()
+            .statusCode(401);
+    }
 }

src/test/java/io/spring/api/UsersApiTest.java

@@ -6,7 +6,6 @@ import io.spring.application.user.UserData;
 import io.spring.application.user.UserReadService;
 import io.spring.core.user.User;
 import io.spring.core.user.UserRepository;
-import io.spring.infrastructure.service.DefaultJwtService;
 import org.junit.Before;
 import org.junit.Test;
 import org.junit.runner.RunWith;
@@ -21,7 +20,6 @@ import java.util.Optional;
 
 import static io.restassured.RestAssured.given;
 import static org.hamcrest.core.IsEqual.equalTo;
-import static org.junit.Assert.*;
 import static org.mockito.Matchers.any;
 import static org.mockito.Matchers.eq;
 import static org.mockito.Mockito.verify;
@@ -41,11 +39,13 @@ public class UsersApiTest {
 
     @MockBean
     private UserReadService userReadService;
+    private String defaultAvatar;
 
 
     @Before
     public void setUp() throws Exception {
         RestAssured.port = port;
+        defaultAvatar = "https://static.productionready.io/images/smiley-cyrus.jpg";
     }
 
     @Test
@@ -54,7 +54,7 @@ public class UsersApiTest {
         String username = "johnjacob";
 
         when(jwtService.toToken(any())).thenReturn("123");
-        UserData userData = new UserData(email, username, "", "https://static.productionready.io/images/smiley-cyrus.jpg");
+        UserData userData = new UserData(email, username, "", defaultAvatar);
         when(userReadService.findOne(eq(username))).thenReturn(userData);
 
         when(userRepository.findByUsername(eq(username))).thenReturn(Optional.empty());
@@ -72,7 +72,7 @@ public class UsersApiTest {
             .body("user.email", equalTo(email))
             .body("user.username", equalTo(username))
             .body("user.bio", equalTo(""))
-            .body("user.image", equalTo("https://static.productionready.io/images/smiley-cyrus.jpg"))
+            .body("user.image", equalTo(defaultAvatar))
             .body("user.token", equalTo("123"));
 
         verify(userRepository).save(any());
@@ -167,4 +167,67 @@ public class UsersApiTest {
             }});
         }};
     }
+
+    @Test
+    public void should_login_success() throws Exception {
+        String email = "john@jacob.com";
+        String username = "johnjacob2";
+        String password = "123";
+
+        User user = new User(email, username, password, "", defaultAvatar);
+        UserData userData = new UserData(email, username, "", defaultAvatar);
+
+        when(userRepository.findByEmail(eq(email))).thenReturn(Optional.of(user));
+        when(userReadService.findOne(eq(username))).thenReturn(userData);
+        when(jwtService.toToken(any())).thenReturn("123");
+
+        Map<String, Object> param = new HashMap<String, Object>() {{
+            put("user", new HashMap<String, Object>() {{
+                put("email", email);
+                put("password", password);
+            }});
+        }};
+
+        given()
+            .contentType("application/json")
+            .body(param)
+            .when()
+            .post("/users/login")
+            .then()
+            .statusCode(200)
+            .body("user.email", equalTo(email))
+            .body("user.username", equalTo(username))
+            .body("user.bio", equalTo(""))
+            .body("user.image", equalTo(defaultAvatar))
+            .body("user.token", equalTo("123"));;
+    }
+
+    @Test
+    public void should_fail_login_with_wrong_password() throws Exception {
+        String email = "john@jacob.com";
+        String username = "johnjacob2";
+        String password = "123";
+
+        User user = new User(email, username, password, "", defaultAvatar);
+        UserData userData = new UserData(email, username, "", defaultAvatar);
+
+        when(userRepository.findByEmail(eq(email))).thenReturn(Optional.of(user));
+        when(userReadService.findOne(eq(username))).thenReturn(userData);
+
+        Map<String, Object> param = new HashMap<String, Object>() {{
+            put("user", new HashMap<String, Object>() {{
+                put("email", email);
+                put("password", "123123");
+            }});
+        }};
+
+        given()
+            .contentType("application/json")
+            .body(param)
+            .when()
+            .post("/users/login")
+            .then()
+            .statusCode(422)
+            .body("errors.password[0]", equalTo("invalid email or password"));
+    }
 }