Project is a tech assignment that serves the purpose of showcasing developer's skills. The idea is simple, app exposes three endpoints ( + login) where user can create a superhero, get details of one and get the list of all the superheroes. (More details in App usage section)
- Spring Boot
- Spring MVC
- Spring Data JPA
- Spring Security
- JWT
In order to prevent anyone from creating superheroes, the create endpoint is secured with JWT token based authentication.
Application provides following test account:
username: payworks
password: payworks
In order to obtain token one has to call /login endpoint first while providing the above credentials. If authentication was successful, Authorization header which contains the token is returned in response. After which the obtained token should be sent in every request to the create endpoint.
Note that docker build should be run from the project directory as Dockerfile ADDs jar from the target directory with relative path.
Superhero has the following properties:
| Property | Description | Mandatory | Format |
|---|---|---|---|
| name | Superhero's name | Yes | - |
| pseudonym | Superhero's pseudonym | No | - |
| publisher | Superhero's publisher | No | - |
| powers | List of superhero's powers | No | - |
| allies | List of superhero's allies | No | - |
| firstAppearance | First appearance of the superhero | No | YYYY-MM-DD |
Example:
{
"name": "Payworks",
"pseudonym": "PW",
"publisher": "Unkown",
"powers": [
"lasers",
"flight",
"superhuman strength"
],
"allies": [
"AliPay",
"Visa"
],
"firstAppearance": "2012-01-01"
}curl -k <HOST>/superheroes/
As an self-signed certificate was used for SSL connection, we have to use -k flag with curl to allow access to insecure sites.
Example:
curl -k https://85.90.245.217/superheroes/curl -k https://85.90.245.217/superheroes/{name}
Example:
curl -k https://85.90.245.217/superheroes/SupermanPlease note that names are case-sensitive
curl -i -k -H "Content-Type: application/json" \
-X POST -d '{"username":"<USERNAME>", "password": "<PASSWORD>"}' \
<HOST>/login
Example:
curl -i -k -H "Content-Type: application/json" \
-X POST -d '{"username":"payworks", "password": "payworks"}' \
https://85.90.245.217/loginAn authorization token will be provided in Authorization header
curl -k -H "Authorization: <TOKEN>" -H "Content-Type: application/json"\
-X POST -d '{<JSON_PROPERTIES>}' https://85.90.245.217/superheroes
Example:
curl -k -H "Authorization: Bearer eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJ\
wYXl3b3JrcyIsImV4cCI6MTUxODc0MTQ0MX0.T-DGfeDeGNG-1BsSTCZ-6-SQTCoxI\
TRLkN2ccCJiCWXgpig7B-c8904AdQVlKZkDS2b0QiqYQs2wjCJkL6t2qQ" \
-H "Content-Type: application/json" \
-X POST -d '{"name": "Payworks", \
"powers": ["flight", "lasers", "superhuman strength"], \
"firstAppearance": "2012-01-01", "allies":["Visa", "AliPay"]}' \
https://85.90.245.217/superheroesNote that token has to be provided with the leading Bearer string
If you wish to update some of the fields, call the creation endpoint with the existing superhero name and with changed properties.
- Code coverage
- Automated docker build and deploy to repository
- Prettify error messages (current ones are default ones from Spring Boot libs)