From 7bfcb04f06fc51d5440c3bbd1066dfc1eb4dd8c5 Mon Sep 17 00:00:00 2001
From: Steffen Nitschke <steffen.nitschke90@hotmail.com>
Date: Wed, 13 Jan 2021 23:12:22 +0100
Subject: [PATCH] Add AccessController

---
 .../server/access/web/AccessController.java   | 104 ++++++++++++++++++
 .../AccessContextEventListenerTest.java       |  36 ++++++
 .../src/main/java/de/fd/fh/shared/Utils.java  |   6 +
 .../shared/network/messages/LoginRequest.java |  11 ++
 .../network/messages/RegistrateRequest.java   |  12 ++
 5 files changed, 169 insertions(+)
 create mode 100644 fh.fd.ci.server/src/main/java/de/fd/fh/server/access/web/AccessController.java
 create mode 100644 fh.fd.ci.server/src/test/java/de/fd/fh/server/access/AccessContextEventListenerTest.java
 create mode 100644 fh.fd.ci.shared/src/main/java/de/fd/fh/shared/Utils.java
 create mode 100644 fh.fd.ci.shared/src/main/java/de/fd/fh/shared/network/messages/LoginRequest.java
 create mode 100644 fh.fd.ci.shared/src/main/java/de/fd/fh/shared/network/messages/RegistrateRequest.java

diff --git a/fh.fd.ci.server/src/main/java/de/fd/fh/server/access/web/AccessController.java b/fh.fd.ci.server/src/main/java/de/fd/fh/server/access/web/AccessController.java
new file mode 100644
index 0000000..3e32964
--- /dev/null
+++ b/fh.fd.ci.server/src/main/java/de/fd/fh/server/access/web/AccessController.java
@@ -0,0 +1,104 @@
+package de.fd.fh.server.access.web;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+import de.fd.fh.server.access.AccessService;
+import de.fd.fh.server.access.AccessToken;
+import de.fd.fh.server.user.UserId;
+import de.fd.fh.shared.Utils;
+import de.fd.fh.shared.network.messages.LoginRequest;
+import de.fd.fh.shared.network.messages.RegistrateRequest;
+
+import static spark.Spark.*;
+
+public class AccessController
+{
+    private final ObjectMapper objectMapper = new ObjectMapper();
+
+    public AccessController(final AccessService service)
+    {
+        before("/*",
+                (req, res) ->
+                {
+                    final String path = req.pathInfo();
+                    final String token = req.headers(Utils.AUTHENTICATION_HEADER);
+
+                    final AccessToken accessToken = service.before(path, token);
+
+                    req.session().attribute("userId",
+                            accessToken);
+                });
+
+        post("/accounts/registrate",
+                (request, response) ->
+                {
+                    final RegistrateRequest message =
+                            objectMapper.readValue(request.body(), RegistrateRequest.class);
+
+                    if (service.createPlayer(message))
+                    {
+                        response.status(201);
+                    }
+                    else
+                    {
+                        response.status(400);
+                    }
+                    return response;
+                }
+        );
+
+        post("/accounts/login",
+                (request, response) ->
+                {
+                    final String header = request.headers(Utils.AUTHENTICATION_HEADER);
+
+                    final LoginRequest login = service.authorization(header);
+
+                    if (login == null)
+                    {
+                        response.status(401);
+                    }
+                    else
+                    {
+                        response.status(200);
+                        response.type("application/json");
+                        response.body(objectMapper.writeValueAsString(login));
+                    }
+                    return response;
+                });
+
+        post("/accounts/logout",
+                (request, response) ->
+                {
+                    final String token = request.headers(Utils.AUTHENTICATION_HEADER);
+
+                    if (service.logout(token))
+                    {
+                        response.status(200);
+                    }
+                    else
+                    {
+                        response.status(400);
+                    }
+
+                    return response;
+                });
+
+        delete("/accounts/:player_id",
+                (request, response) ->
+                {
+                    final UserId userId = UserId.of(request.params(":player_id"));
+                    final AccessToken token = request.session().attribute("userId");
+
+                    if (service.deleteAccount(userId, token))
+                    {
+                        response.status(200);
+                    }
+                    else
+                    {
+                        response.status(400);
+                    }
+
+                    return response;
+                });
+    }
+}
diff --git a/fh.fd.ci.server/src/test/java/de/fd/fh/server/access/AccessContextEventListenerTest.java b/fh.fd.ci.server/src/test/java/de/fd/fh/server/access/AccessContextEventListenerTest.java
new file mode 100644
index 0000000..e970141
--- /dev/null
+++ b/fh.fd.ci.server/src/test/java/de/fd/fh/server/access/AccessContextEventListenerTest.java
@@ -0,0 +1,36 @@
+package de.fd.fh.server.access;
+
+import de.fd.fh.server.user.UserId;
+import de.fd.fh.server.user.UserRepository;
+import de.fd.fh.server.user.UserService;
+import de.fd.fh.server.user.events.ChangePasswordEvent;
+import org.junit.jupiter.api.Test;
+import org.mockito.ArgumentCaptor;
+
+import static org.junit.jupiter.api.Assertions.*;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.BDDMockito.then;
+import static org.mockito.Mockito.*;
+
+class AccessContextEventListenerTest
+{
+    @Test
+    void given_changePasswordEvent_when_passwordChanged_should_changePassword()
+    {
+        final ChangePasswordEvent event = new ChangePasswordEvent(UserId.of("12345"), "newPwd");
+
+        final AccessRepository repository = mock(AccessRepository.class);
+        when(repository.findByUserId(any(UserId.class)))
+                .thenReturn(new Access());
+
+        final ArgumentCaptor<Access> captor = ArgumentCaptor.forClass(Access.class);
+
+        new AccessContextEventListener(repository).update(null, event);
+        verify(repository).save(captor.capture());
+
+        assertEquals("newPwd", captor.getValue().getPassword(), "Have to be the new password");
+        then(repository).should().findByUserId(any(UserId.class));
+        then(repository).should().save(any(Access.class));
+        then(repository).shouldHaveNoMoreInteractions();
+    }
+}
\ No newline at end of file
diff --git a/fh.fd.ci.shared/src/main/java/de/fd/fh/shared/Utils.java b/fh.fd.ci.shared/src/main/java/de/fd/fh/shared/Utils.java
new file mode 100644
index 0000000..32c326d
--- /dev/null
+++ b/fh.fd.ci.shared/src/main/java/de/fd/fh/shared/Utils.java
@@ -0,0 +1,6 @@
+package de.fd.fh.shared;
+
+public class Utils
+{
+    public static final String AUTHENTICATION_HEADER = "Authorization";
+}
diff --git a/fh.fd.ci.shared/src/main/java/de/fd/fh/shared/network/messages/LoginRequest.java b/fh.fd.ci.shared/src/main/java/de/fd/fh/shared/network/messages/LoginRequest.java
new file mode 100644
index 0000000..4e1c38c
--- /dev/null
+++ b/fh.fd.ci.shared/src/main/java/de/fd/fh/shared/network/messages/LoginRequest.java
@@ -0,0 +1,11 @@
+package de.fd.fh.shared.network.messages;
+
+import lombok.Data;
+
+@Data
+public class LoginRequest
+{
+    private String name;
+    private String userId;
+    private String token;
+}
diff --git a/fh.fd.ci.shared/src/main/java/de/fd/fh/shared/network/messages/RegistrateRequest.java b/fh.fd.ci.shared/src/main/java/de/fd/fh/shared/network/messages/RegistrateRequest.java
new file mode 100644
index 0000000..b3c08d4
--- /dev/null
+++ b/fh.fd.ci.shared/src/main/java/de/fd/fh/shared/network/messages/RegistrateRequest.java
@@ -0,0 +1,12 @@
+package de.fd.fh.shared.network.messages;
+
+import lombok.AllArgsConstructor;
+import lombok.Data;
+
+@Data
+@AllArgsConstructor(staticName = "of")
+public class RegistrateRequest
+{
+    private String userName;
+    private String password;
+}