Kerem Yildiz

.gitignore

@@ -36,3 +36,5 @@ out/
 
 ### VS Code ###
 .vscode/
+
+/src/main/resources/application.yml

build.gradle

@@ -1,31 +1,50 @@
 plugins {
-	id 'java'
-	id 'org.springframework.boot' version '3.3.1'
-	id 'io.spring.dependency-management' version '1.1.5'
+    id 'java'
+    id 'org.springframework.boot' version '3.4.2'
+    id 'io.spring.dependency-management' version '1.1.7'
 }
 
 group = 'com.booleanuk'
 version = '0.0.1-SNAPSHOT'
 
 java {
-	toolchain {
-		languageVersion = JavaLanguageVersion.of(21)
-	}
+    toolchain {
+        languageVersion = JavaLanguageVersion.of(21)
+    }
+}
+
+configurations {
+    compileOnly {
+        extendsFrom annotationProcessor
+    }
 }
 
 repositories {
-	mavenCentral()
+    mavenCentral()
 }
 
 dependencies {
-	implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
-	implementation 'org.springframework.boot:spring-boot-starter-web'
-	developmentOnly 'org.springframework.boot:spring-boot-devtools'
-	runtimeOnly 'org.postgresql:postgresql'
-	testImplementation 'org.springframework.boot:spring-boot-starter-test'
-	testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
+    implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
+    implementation 'org.springframework.boot:spring-boot-starter-security'
+    implementation 'org.springframework.boot:spring-boot-starter-web'
+    implementation 'io.jsonwebtoken:jjwt-api:0.11.5'
+    implementation 'io.jsonwebtoken:jjwt-impl:0.11.5'
+    runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.11.5'
+
+    compileOnly 'org.projectlombok:lombok'
+    developmentOnly 'org.springframework.boot:spring-boot-devtools'
+    runtimeOnly 'org.postgresql:postgresql'
+    annotationProcessor 'org.projectlombok:lombok'
+    testImplementation 'org.springframework.boot:spring-boot-starter-test'
+    testImplementation 'org.springframework.security:spring-security-test'
+
+    implementation 'jakarta.validation:jakarta.validation-api:3.1.1'
+}
+
+tasks.named('bootBuildImage') {
+    builder = 'paketobuildpacks/builder-jammy-base:latest'
 }
 
 tasks.named('test') {
-	useJUnitPlatform()
-}
+    useJUnitPlatform()
+}

src/main/java/com/booleanuk/api/cinema/Main.java

@@ -0,0 +1,11 @@
+package com.booleanuk.api.cinema;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication
+public class Main {
+    public static void main(String[] args) {
+        SpringApplication.run(Main.class, args);
+    }
+}

src/main/java/com/booleanuk/api/cinema/library/SecurityConfig.java

@@ -0,0 +1,53 @@
+package com.booleanuk.api.cinema.library;
+
+import com.booleanuk.api.cinema.library.security.jwt.JwtRequestFilter;
+import lombok.RequiredArgsConstructor;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+import org.springframework.http.HttpMethod;
+
+
+@Configuration
+@EnableWebSecurity
+public class SecurityConfig {
+
+    private final JwtRequestFilter jwtRequestFilter;
+
+    public SecurityConfig(JwtRequestFilter jwtRequestFilter) {
+        this.jwtRequestFilter = jwtRequestFilter;
+    }
+
+    @Bean
+    public BCryptPasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+
+    @Bean
+    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+        http
+                .csrf(csrf -> csrf.disable())
+                .authorizeHttpRequests(auth -> auth
+                        .requestMatchers("/login", "/signup").permitAll()
+                        .requestMatchers(HttpMethod.GET, "/movies/**").hasAnyAuthority("ADMIN", "CUSTOMER")
+                        .requestMatchers(HttpMethod.POST, "/movies/**").hasAuthority("ADMIN")
+                        .requestMatchers(HttpMethod.PUT, "/movies/**").hasAuthority("ADMIN")
+                        .requestMatchers(HttpMethod.DELETE, "/movies/**").hasAuthority("ADMIN")
+                        .requestMatchers(HttpMethod.GET, "/screenings/**").hasAnyAuthority("ADMIN", "CUSTOMER")
+                        .requestMatchers(HttpMethod.POST, "/screenings/**").hasAuthority("ADMIN")
+                        .anyRequest().authenticated()
+                )
+                .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS));
+
+        http.addFilterBefore(jwtRequestFilter, UsernamePasswordAuthenticationFilter.class);
+
+        return http.build();
+    }
+}

src/main/java/com/booleanuk/api/cinema/library/controllers/AuthenticationController.java

@@ -0,0 +1,55 @@
+package com.booleanuk.api.cinema.library.controllers;
+
+import com.booleanuk.api.cinema.library.models.Role;
+import com.booleanuk.api.cinema.library.models.User;
+import com.booleanuk.api.cinema.library.payload.request.LoginRequest;
+import com.booleanuk.api.cinema.library.payload.request.SignupRequest;
+import com.booleanuk.api.cinema.library.payload.response.AuthResponse;
+import com.booleanuk.api.cinema.library.repository.UserRepository;
+import com.booleanuk.api.cinema.library.security.jwt.JwtUtil;
+import lombok.RequiredArgsConstructor;
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.web.bind.annotation.*;
+
+@RestController
+@RequiredArgsConstructor
+public class AuthenticationController {
+
+    private final UserRepository userRepository;
+    private final JwtUtil jwtUtil;
+    private final BCryptPasswordEncoder passwordEncoder;
+
+    @PostMapping("/signup")
+    public ResponseEntity<AuthResponse> signup(@RequestBody SignupRequest request) {
+        Role role;
+        try {
+            role = Role.valueOf(request.getRole().toUpperCase());
+        } catch (Exception e) {
+            role = Role.CUSTOMER;
+        }
+
+        User user = User.builder()
+                .username(request.getUsername())
+                .password(passwordEncoder.encode(request.getPassword()))
+                .role(role)
+                .build();
+
+        userRepository.save(user);
+
+        return ResponseEntity.ok(new AuthResponse("User registered successfully"));
+    }
+
+    @PostMapping("/login")
+    public ResponseEntity<AuthResponse> login(@RequestBody LoginRequest request) {
+        User user = userRepository.findByUsername(request.getUsername())
+                .orElseThrow(() -> new RuntimeException("User not found"));
+
+        if (!passwordEncoder.matches(request.getPassword(), user.getPassword())) {
+            return ResponseEntity.status(401).body(new AuthResponse("Invalid credentials"));
+        }
+
+        String token = jwtUtil.generateToken(user.getUsername(), user.getRole().name());
+        return ResponseEntity.ok(new AuthResponse(token));
+    }
+}

src/main/java/com/booleanuk/api/cinema/library/controllers/CustomerController.java

@@ -0,0 +1,88 @@
+package com.booleanuk.api.cinema.library.controllers;
+
+import com.booleanuk.api.cinema.library.models.Customer;
+import com.booleanuk.api.cinema.library.models.Screening;
+import com.booleanuk.api.cinema.library.models.Ticket;
+import com.booleanuk.api.cinema.library.payload.request.CustomerRequest;
+import com.booleanuk.api.cinema.library.payload.response.CustomerResponse;
+import com.booleanuk.api.cinema.library.repository.CustomerRepository;
+import com.booleanuk.api.cinema.library.repository.ScreeningRepository;
+import com.booleanuk.api.cinema.library.repository.TicketRepository;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.*;
+
+import java.util.List;
+import java.util.stream.Collectors;
+
+@RestController
+@RequestMapping("/customers")
+public class CustomerController {
+
+    @Autowired
+    private CustomerRepository customerRepository;
+
+    @Autowired
+    private ScreeningRepository screeningRepository;
+
+    @Autowired
+    private TicketRepository ticketRepository;
+
+    @GetMapping
+    public List<CustomerResponse> getAllCustomers() {
+        return customerRepository.findAll().stream()
+                .map(this::toResponse)
+                .collect(Collectors.toList());
+    }
+
+    @GetMapping("/{id}")
+    public ResponseEntity<CustomerResponse> getCustomerById(@PathVariable int id) {
+        return customerRepository.findById(id)
+                .map(customer -> ResponseEntity.ok(toResponse(customer)))
+                .orElse(ResponseEntity.notFound().build());
+    }
+
+    @PostMapping
+    public ResponseEntity<CustomerResponse> createCustomer(@RequestBody CustomerRequest request) {
+        Customer customer = new Customer();
+        customer.setName(request.getName());
+        customer.setEmail(request.getEmail());
+        customer.setPhone(request.getPhone());
+
+        Customer saved = customerRepository.save(customer);
+        return ResponseEntity.status(201).body(toResponse(saved));
+    }
+
+    @PutMapping("/{id}")
+    public ResponseEntity<CustomerResponse> updateCustomer(@PathVariable int id, @RequestBody CustomerRequest request) {
+        return customerRepository.findById(id).map(customer -> {
+            customer.setName(request.getName());
+            customer.setEmail(request.getEmail());
+            customer.setPhone(request.getPhone());
+
+            Customer updated = customerRepository.save(customer);
+            return ResponseEntity.ok(toResponse(updated));
+        }).orElse(ResponseEntity.notFound().build());
+    }
+
+    @DeleteMapping("/{id}")
+    public ResponseEntity<Void> deleteCustomer(@PathVariable int id) {
+        if (!customerRepository.existsById(id)) {
+            return ResponseEntity.notFound().build();
+        }
+        customerRepository.deleteById(id);
+        return ResponseEntity.noContent().build();
+    }
+
+    private CustomerResponse toResponse(Customer customer) {
+        return CustomerResponse.builder()
+                .id(customer.getId())
+                .name(customer.getName())
+                .email(customer.getEmail())
+                .phone(customer.getPhone())
+                .createdAt(customer.getCreatedAt())
+                .updatedAt(customer.getUpdatedAt())
+                .build();
+    }
+
+}

src/main/java/com/booleanuk/api/cinema/library/controllers/MovieController.java

@@ -0,0 +1,80 @@
+package com.booleanuk.api.cinema.library.controllers;
+
+import com.booleanuk.api.cinema.library.models.Movie;
+import com.booleanuk.api.cinema.library.payload.request.MovieRequest;
+import com.booleanuk.api.cinema.library.payload.response.MovieResponse;
+import com.booleanuk.api.cinema.library.repository.MovieRepository;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.*;
+
+import java.util.List;
+import java.util.stream.Collectors;
+
+@RestController
+@RequestMapping("/movies")
+public class MovieController {
+
+    @Autowired
+    private MovieRepository movieRepository;
+
+    @GetMapping
+    public List<MovieResponse> getAllMovies() {
+        return movieRepository.findAll().stream()
+                .map(this::toResponse)
+                .collect(Collectors.toList());
+    }
+
+    @GetMapping("/{id}")
+    public ResponseEntity<MovieResponse> getMovieById(@PathVariable int id) {
+        return movieRepository.findById(id)
+                .map(movie -> ResponseEntity.ok(toResponse(movie)))
+                .orElse(ResponseEntity.notFound().build());
+    }
+
+    @PostMapping
+    public ResponseEntity<MovieResponse> createMovie(@RequestBody MovieRequest request) {
+        Movie movie = new Movie();
+        movie.setTitle(request.getTitle());
+        movie.setRating(request.getRating());
+        movie.setDescription(request.getDescription());
+        movie.setRuntimeMins(request.getRuntimeMins());
+
+        Movie saved = movieRepository.save(movie);
+        return ResponseEntity.status(201).body(toResponse(saved));
+    }
+
+    @PutMapping("/{id}")
+    public ResponseEntity<MovieResponse> updateMovie(@PathVariable int id, @RequestBody MovieRequest request) {
+        return movieRepository.findById(id).map(movie -> {
+            movie.setTitle(request.getTitle());
+            movie.setRating(request.getRating());
+            movie.setDescription(request.getDescription());
+            movie.setRuntimeMins(request.getRuntimeMins());
+
+            Movie updated = movieRepository.save(movie);
+            return ResponseEntity.ok(toResponse(updated));
+        }).orElse(ResponseEntity.notFound().build());
+    }
+
+    @DeleteMapping("/{id}")
+    public ResponseEntity<Void> deleteMovie(@PathVariable int id) {
+        if (!movieRepository.existsById(id)) {
+            return ResponseEntity.notFound().build();
+        }
+        movieRepository.deleteById(id);
+        return ResponseEntity.noContent().build();
+    }
+
+    private MovieResponse toResponse(Movie movie) {
+        return MovieResponse.builder()
+                .id(movie.getId())
+                .title(movie.getTitle())
+                .rating(movie.getRating())
+                .description(movie.getDescription())
+                .runtimeMins(movie.getRuntimeMins())
+                .createdAt(movie.getCreatedAt())
+                .updatedAt(movie.getUpdatedAt())
+                .build();
+    }
+}