This is a very simple project that demonstrates usage of:
- Spring Boot for project setup.
- Simple Java Mail for emailing.
- Swagger2 for API description.
- Basic security tests with Mockito.
- H2 as temporary storage.
- HikariCP as connection pool implementation.
- metrics-spring for endpoints, pool, memory and other metrics.
- Adjust config at mail.properties with your mail credentials.
- Adjust other settings at application.properties if needed.
- Run application via
$ mvn spring-boot:run
- Then browse to: http://localhost:8888/ping
- [Optional] Check http://localhost:8888/metrics?pretty=true for endpoints metrics.
Note:
- Use http://localhost:8888/swagger-ui.html to get detailed info about every endpoint.
- Always check that you use OAuth2 pair "dtreb:secret" to obtain "access_token" and "refresh_token".
- Use proper "access_token" retrieved from the authorization response as "Authorization: Bearer CODE" header for all /api/... requests.
TYPE | URL | Parameters (^ - required) | Curl | Info |
---|---|---|---|---|
GET | /ping | curl http://localhost:8888/ping |
Ping | |
GET | /oauth/token | ^username: String, ^token: String, ^grant_type: "password" | curl -vu dtreb:secret "http://localhost:8888/oauth/token" -d "username=user&password=user&grant_type=password" |
Authenticate (OAuth2). |
GET | /oauth/token | ^refresh_token: String, ^grant_type: "refresh_token" | curl -vu dtreb:secret "http://localhost:8888/oauth/token" -d "grant_type=refresh_token&refresh_token=12345" |
Get new token. Pass refresh_token to get new access_token. |
POST | /register | ^login: String, ^password: String, ^email: String | curl -X POST --data "login=den&password=den&[email protected]" "http://localhost:8888/register" |
Register new user. |
POST | /activate | ^activationKey: String, ^email: String | curl -X POST --data "activationKey=12345&[email protected]" "http://localhost:8888/activate" |
Activate user. |
POST | /lostPassword | ^email: String | curl -X POST --data "[email protected]" "http://localhost:8888/lostPassword" |
Searches existing user by email, sets resetPasswordKey for it. Assumes /resetPassword call afterwards. |
POST | /resetPassword | ^email: String, ^newPassword: String, ^resetPasswordKey: String | curl -X POST --data "[email protected]&newPassword=den1&resetPasswordKey=12345" "http://localhost:8888/resetPassword" |
Uses resetPasswordKey to update user's password. |
GET | /api/user | curl -H "Authorization: Bearer 12345" "http://localhost:8888/api/user" |
Get current user info. |
Feel free to use, comment or collaborate.