1
0

refactor: move registration to admin scope

Signed-off-by: Alan Brault <alan.brault@visus.io>
This commit is contained in:
2026-06-05 07:09:52 -04:00
parent 9584df0e76
commit 08bc2b8918
3 changed files with 61 additions and 29 deletions
@@ -73,7 +73,6 @@ class SecurityConfig(
"/v1/health",
"/v1/auth/login",
"/v1/auth/refresh",
"/v1/auth/register",
).permitAll()
.anyExchange()
.authenticated()
@@ -0,0 +1,61 @@
package io.visus.demos.kotlinapi.controller
import io.swagger.v3.oas.annotations.Operation
import io.swagger.v3.oas.annotations.media.Content
import io.swagger.v3.oas.annotations.media.Schema
import io.swagger.v3.oas.annotations.responses.ApiResponse
import io.swagger.v3.oas.annotations.responses.ApiResponses
import io.swagger.v3.oas.annotations.security.SecurityRequirement
import io.swagger.v3.oas.annotations.tags.Tag
import io.visus.demos.kotlinapi.api.ApiVersion
import io.visus.demos.kotlinapi.api.contracts.ErrorResponse
import io.visus.demos.kotlinapi.api.contracts.RegisterRequest
import io.visus.demos.kotlinapi.api.contracts.RegisterResponse
import io.visus.demos.kotlinapi.domain.service.AuthService
import jakarta.validation.Valid
import org.springframework.http.MediaType
import org.springframework.http.ResponseEntity
import org.springframework.security.access.prepost.PreAuthorize
import org.springframework.web.bind.annotation.PostMapping
import org.springframework.web.bind.annotation.RequestBody
import org.springframework.web.bind.annotation.RestController
@RestController
@ApiVersion(version = 1)
@Tag(name = "Admin", description = "Endpoints for admin operations")
class AdminController(
private val authService: AuthService,
) {
@PostMapping("/admin/users", produces = [MediaType.APPLICATION_JSON_VALUE])
@PreAuthorize("hasRole('ROLE_ADMIN')")
@Operation(
summary = "Register new user",
description = "Creates a new user account (Admin only)",
security = [SecurityRequirement(name = "bearerAuth")],
)
@ApiResponses(
value = [
ApiResponse(
responseCode = "201",
description = "User successfully registered",
content = [Content(schema = Schema(implementation = RegisterResponse::class))],
),
ApiResponse(
responseCode = "400",
description = "Invalid request payload",
content = [Content(schema = Schema(implementation = ErrorResponse::class))],
),
ApiResponse(
responseCode = "403",
description = "Forbidden, admin role required",
content = [Content(schema = Schema(implementation = ErrorResponse::class))],
),
],
)
suspend fun register(
@Valid @RequestBody request: RegisterRequest,
): ResponseEntity<RegisterResponse> {
val user = authService.register(request.email, request.password)
return ResponseEntity.status(201).body(user)
}
}
@@ -12,8 +12,6 @@ import io.visus.demos.kotlinapi.api.contracts.AuthResponse
import io.visus.demos.kotlinapi.api.contracts.ErrorResponse
import io.visus.demos.kotlinapi.api.contracts.LoginRequest
import io.visus.demos.kotlinapi.api.contracts.RefreshTokenRequest
import io.visus.demos.kotlinapi.api.contracts.RegisterRequest
import io.visus.demos.kotlinapi.api.contracts.RegisterResponse
import io.visus.demos.kotlinapi.domain.exception.InvalidTokenException
import io.visus.demos.kotlinapi.domain.model.User
import io.visus.demos.kotlinapi.domain.service.AuthService
@@ -130,30 +128,4 @@ class AuthController(
return ResponseEntity.ok(response)
}
@PostMapping("/auth/register", produces = [MediaType.APPLICATION_JSON_VALUE])
@Operation(
summary = "Register new user",
description = "Creates a new user account",
security = [],
)
@ApiResponses(
value = [
ApiResponse(
responseCode = "201",
description = "User successfully registered",
content = [Content(schema = Schema(implementation = RegisterResponse::class))],
),
ApiResponse(
responseCode = "400",
description = "Invalid request payload",
content = [Content(schema = Schema(implementation = ErrorResponse::class))],
),
],
)
suspend fun register(
@Valid @RequestBody request: RegisterRequest,
): ResponseEntity<RegisterResponse> {
val user = authService.register(request.email, request.password)
return ResponseEntity.status(201).body(user)
}
}