1
0

refactor: implement partial JWT authentication; migrate to reactive spring/mongodb

Signed-off-by: Alan Brault <alan.brault@visus.io>
This commit is contained in:
2026-03-15 11:37:15 -04:00
parent 9f5c48fffc
commit 240964ea1d
34 changed files with 642 additions and 72 deletions
@@ -0,0 +1,61 @@
package io.visus.demos.kotlinapi.controller
import io.swagger.v3.oas.annotations.Operation
import io.swagger.v3.oas.annotations.media.Content
import io.swagger.v3.oas.annotations.media.Schema
import io.swagger.v3.oas.annotations.responses.ApiResponse
import io.swagger.v3.oas.annotations.responses.ApiResponses
import io.swagger.v3.oas.annotations.tags.Tag
import io.visus.demos.kotlinapi.api.ApiVersion
import io.visus.demos.kotlinapi.api.dto.AuthResponse
import io.visus.demos.kotlinapi.api.dto.LoginRequest
import io.visus.demos.kotlinapi.domain.service.AuthService
import jakarta.validation.Valid
import org.springframework.http.MediaType
import org.springframework.http.ResponseEntity
import org.springframework.web.bind.annotation.PostMapping
import org.springframework.web.bind.annotation.RequestBody
import org.springframework.web.bind.annotation.RestController
@RestController
@ApiVersion(version = 1)
@Tag(name = "Authentication", description = "Endpoints for user authentication and authorization")
class AuthController(
private val authService: AuthService,
) {
@PostMapping("/auth/login", produces = [MediaType.APPLICATION_JSON_VALUE])
@Operation(
summary = "Login",
description = "Authenticate user with email and password, returns JWT tokens",
security = [],
)
@ApiResponses(
value = [
ApiResponse(
responseCode = "200",
description = "Successful login, returns access and refresh tokens",
content = [Content(schema = Schema(implementation = AuthResponse::class))],
),
ApiResponse(
responseCode = "400",
description = "Invalid request payload",
content = [Content(schema = Schema(implementation = AuthResponse::class))],
),
ApiResponse(
responseCode = "401",
description = "Unauthorized, invalid email or password",
content = [Content(schema = Schema(implementation = AuthResponse::class))],
),
ApiResponse(
responseCode = "403",
description = "Forbidden",
),
],
)
suspend fun login(
@Valid @RequestBody request: LoginRequest,
): ResponseEntity<AuthResponse> =
authService.login(request.email, request.password).let {
ResponseEntity.ok(it)
}
}