diff --git a/support-portal-backend/src/main/java/net/shyshkin/study/fullstack/supportportal/backend/domain/User.java b/support-portal-backend/src/main/java/net/shyshkin/study/fullstack/supportportal/backend/domain/User.java index 2bd346a..049a486 100644 --- a/support-portal-backend/src/main/java/net/shyshkin/study/fullstack/supportportal/backend/domain/User.java +++ b/support-portal-backend/src/main/java/net/shyshkin/study/fullstack/supportportal/backend/domain/User.java @@ -1,5 +1,6 @@ package net.shyshkin.study.fullstack.supportportal.backend.domain; +import com.fasterxml.jackson.annotation.JsonProperty; import lombok.*; import javax.persistence.Entity; @@ -29,7 +30,10 @@ public class User implements Serializable { private String firstName; private String lastName; private String username; + + @JsonProperty(access = JsonProperty.Access.WRITE_ONLY) private String password; + private String email; private String profileImageUrl; private LocalDateTime lastLoginDate; diff --git a/support-portal-backend/src/test/java/net/shyshkin/study/fullstack/supportportal/backend/controller/UserResourceTest.java b/support-portal-backend/src/test/java/net/shyshkin/study/fullstack/supportportal/backend/controller/UserResourceTest.java index ba19200..f7921a2 100644 --- a/support-portal-backend/src/test/java/net/shyshkin/study/fullstack/supportportal/backend/controller/UserResourceTest.java +++ b/support-portal-backend/src/test/java/net/shyshkin/study/fullstack/supportportal/backend/controller/UserResourceTest.java @@ -1,6 +1,10 @@ package net.shyshkin.study.fullstack.supportportal.backend.controller; import com.auth0.jwt.interfaces.JWTVerifier; +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.NoArgsConstructor; import lombok.extern.slf4j.Slf4j; import net.shyshkin.study.fullstack.supportportal.backend.common.BaseUserTest; import net.shyshkin.study.fullstack.supportportal.backend.constant.FileConstant; @@ -116,7 +120,7 @@ class UserResourceTest extends BaseUserTest { User registeredUser = responseEntity.getBody(); assertThat(registeredUser) .isNotNull() - .hasNoNullFieldsOrPropertiesExcept("lastLoginDate", "lastLoginDateDisplay") + .hasNoNullFieldsOrPropertiesExcept("lastLoginDate", "lastLoginDateDisplay", "password") .hasFieldOrPropertyWithValue("username", fakeUser.getUsername()) .hasFieldOrPropertyWithValue("email", fakeUser.getEmail()) .hasFieldOrPropertyWithValue("firstName", fakeUser.getFirstName()) @@ -191,10 +195,9 @@ class UserResourceTest extends BaseUserTest { String password = fakeUser.getPassword().replace("{noop}", ""); String username = fakeUser.getUsername(); userRepository.save(fakeUser); - String expectedMessage = "User logged in successfully"; //when - User userLogin = User.builder() + var userLogin = UserLoginDto.builder() .username(username) .password(password) .build(); @@ -232,7 +235,7 @@ class UserResourceTest extends BaseUserTest { String expectedMessage = "USERNAME / PASSWORD INCORRECT. PLEASE TRY AGAIN"; //when - User userLogin = User.builder() + var userLogin = UserLoginDto.builder() .username(username) .password(password) .build(); @@ -265,7 +268,7 @@ class UserResourceTest extends BaseUserTest { String expectedMessage = "USERNAME / PASSWORD INCORRECT. PLEASE TRY AGAIN"; //when - User userLogin = User.builder() + var userLogin = UserLoginDto.builder() .username(username) .password(password) .build(); @@ -290,7 +293,7 @@ class UserResourceTest extends BaseUserTest { @Test @Order(60) - void loginUser_bruteForceDetectionTest() throws InterruptedException { + void loginUser_bruteForceDetectionTest() { //given User fakeUser = createRandomUser(); @@ -300,7 +303,7 @@ class UserResourceTest extends BaseUserTest { String wrongPassword = "wrongPass"; //when - User userLogin = User.builder() + var userLogin = UserLoginDto.builder() .username(username) .password(wrongPassword) .build(); @@ -325,7 +328,7 @@ class UserResourceTest extends BaseUserTest { if (i > 3) { // Even correct password should not allow access to locked account - userLogin = User.builder() + userLogin = UserLoginDto.builder() .username(username) .password(correctPassword) .build(); @@ -384,7 +387,7 @@ class UserResourceTest extends BaseUserTest { assertThat(responseEntity.getStatusCode()).isEqualTo(OK); assertThat(responseEntity.getBody()) .isNotNull() - .hasNoNullFieldsOrPropertiesExcept("lastLoginDate", "lastLoginDateDisplay") + .hasNoNullFieldsOrPropertiesExcept("lastLoginDate", "lastLoginDateDisplay", "password") .hasFieldOrPropertyWithValue("username", userDto.getUsername()) .hasFieldOrPropertyWithValue("email", userDto.getEmail()) .hasFieldOrPropertyWithValue("firstName", userDto.getFirstName()) @@ -472,7 +475,7 @@ class UserResourceTest extends BaseUserTest { assertThat(responseEntity.getStatusCode()).isEqualTo(OK); assertThat(responseEntity.getBody()) .isNotNull() - .hasNoNullFieldsOrPropertiesExcept("lastLoginDate", "lastLoginDateDisplay") + .hasNoNullFieldsOrPropertiesExcept("lastLoginDate", "lastLoginDateDisplay", "password") .hasFieldOrPropertyWithValue("username", userDto.getUsername()) .hasFieldOrPropertyWithValue("email", userDto.getEmail()) .hasFieldOrPropertyWithValue("firstName", userDto.getFirstName()) @@ -562,7 +565,7 @@ class UserResourceTest extends BaseUserTest { assertThat(responseEntity.getStatusCode()).isEqualTo(OK); assertThat(responseEntity.getBody()) .isNotNull() - .hasNoNullFieldsOrPropertiesExcept("lastLoginDate", "lastLoginDateDisplay") + .hasNoNullFieldsOrPropertiesExcept("lastLoginDate", "lastLoginDateDisplay", "password") .hasFieldOrPropertyWithValue("username", userDto.getUsername()) .hasFieldOrPropertyWithValue("email", userDto.getEmail()) .hasFieldOrPropertyWithValue("firstName", userDto.getFirstName()) @@ -620,7 +623,7 @@ class UserResourceTest extends BaseUserTest { assertThat(responseEntity.getStatusCode()).isEqualTo(OK); assertThat(responseEntity.getBody()) .isNotNull() - .hasNoNullFieldsOrPropertiesExcept("lastLoginDate", "lastLoginDateDisplay") + .hasNoNullFieldsOrPropertiesExcept("lastLoginDate", "lastLoginDateDisplay", "password") .hasFieldOrPropertyWithValue("username", userDto.getUsername()) .hasFieldOrPropertyWithValue("email", userDto.getEmail()) .hasFieldOrPropertyWithValue("firstName", userDto.getFirstName()) @@ -724,4 +727,13 @@ class UserResourceTest extends BaseUserTest { .hasFieldOrPropertyWithValue("message", "USER WAS NOT FOUND"); } } + + @Data + @NoArgsConstructor + @AllArgsConstructor + @Builder + static class UserLoginDto { + private String username; + private String password; + } } \ No newline at end of file diff --git a/support-portal-backend/src/test/java/net/shyshkin/study/fullstack/supportportal/backend/controller/UserResourceUnSecureTest.java b/support-portal-backend/src/test/java/net/shyshkin/study/fullstack/supportportal/backend/controller/UserResourceUnSecureTest.java index c1e6dd3..b457eb8 100644 --- a/support-portal-backend/src/test/java/net/shyshkin/study/fullstack/supportportal/backend/controller/UserResourceUnSecureTest.java +++ b/support-portal-backend/src/test/java/net/shyshkin/study/fullstack/supportportal/backend/controller/UserResourceUnSecureTest.java @@ -82,7 +82,7 @@ class UserResourceUnSecureTest extends BaseUserTest { assertThat(responseEntity.getStatusCode()).isEqualTo(OK); assertThat(responseEntity.getBody()) .isNotNull() - .hasNoNullFieldsOrPropertiesExcept("lastLoginDate", "lastLoginDateDisplay") + .hasNoNullFieldsOrPropertiesExcept("lastLoginDate", "lastLoginDateDisplay", "password") .hasFieldOrPropertyWithValue("username", userDto.getUsername()) .hasFieldOrPropertyWithValue("email", userDto.getEmail()) .hasFieldOrPropertyWithValue("firstName", userDto.getFirstName()) @@ -285,7 +285,7 @@ class UserResourceUnSecureTest extends BaseUserTest { assertThat(responseEntity.getStatusCode()).isEqualTo(OK); assertThat(responseEntity.getBody()) .isNotNull() - .hasNoNullFieldsOrPropertiesExcept("lastLoginDate", "lastLoginDateDisplay") + .hasNoNullFieldsOrPropertiesExcept("lastLoginDate", "lastLoginDateDisplay", "password") .hasFieldOrPropertyWithValue("username", userDto.getUsername()) .hasFieldOrPropertyWithValue("email", userDto.getEmail()) .hasFieldOrPropertyWithValue("firstName", userDto.getFirstName()) @@ -332,7 +332,7 @@ class UserResourceUnSecureTest extends BaseUserTest { assertThat(responseEntity.getStatusCode()).isEqualTo(OK); assertThat(responseEntity.getBody()) .isNotNull() - .hasNoNullFieldsOrPropertiesExcept("lastLoginDate", "lastLoginDateDisplay") + .hasNoNullFieldsOrPropertiesExcept("lastLoginDate", "lastLoginDateDisplay", "password") .hasFieldOrPropertyWithValue("username", userDto.getUsername()) .hasFieldOrPropertyWithValue("email", userDto.getEmail()) .hasFieldOrPropertyWithValue("firstName", userDto.getFirstName()) @@ -454,7 +454,7 @@ class UserResourceUnSecureTest extends BaseUserTest { assertThat(responseEntity.getStatusCode()).isEqualTo(OK); assertThat(responseEntity.getBody()) .isNotNull() - .hasNoNullFieldsOrPropertiesExcept("lastLoginDate", "lastLoginDateDisplay") + .hasNoNullFieldsOrPropertiesExcept("lastLoginDate", "lastLoginDateDisplay", "password") .hasFieldOrPropertyWithValue("username", username) .hasFieldOrPropertyWithValue("email", user.getEmail()) .hasFieldOrPropertyWithValue("firstName", user.getFirstName()) @@ -584,7 +584,7 @@ class UserResourceUnSecureTest extends BaseUserTest { assertThat(responseEntity.getStatusCode()).isEqualTo(OK); assertThat(responseEntity.getBody()) .isNotNull() - .hasNoNullFieldsOrPropertiesExcept("lastLoginDate", "lastLoginDateDisplay") + .hasNoNullFieldsOrPropertiesExcept("lastLoginDate", "lastLoginDateDisplay", "password") .hasFieldOrPropertyWithValue("username", username) .hasFieldOrPropertyWithValue("email", user.getEmail()) .hasFieldOrPropertyWithValue("firstName", user.getFirstName()) @@ -775,7 +775,7 @@ class UserResourceUnSecureTest extends BaseUserTest { assertThat(responseEntity.getStatusCode()).isEqualTo(OK); assertThat(responseEntity.getBody()) .isNotNull() - .hasNoNullFieldsOrPropertiesExcept("lastLoginDate", "lastLoginDateDisplay") + .hasNoNullFieldsOrPropertiesExcept("lastLoginDate", "lastLoginDateDisplay", "password") .hasFieldOrPropertyWithValue("username", username) .hasFieldOrPropertyWithValue("email", user.getEmail()) .hasFieldOrPropertyWithValue("firstName", user.getFirstName())