This project is a backend API server demo which containing Spring Boot, Spring Security, and JWT (JSON Web Token) for authentication. It provides endpoints for managing products, users, and orders.
- User management
- User authentication with JWT
- CRUD operations for products
- Order creation
- Role-Based Access Control (RBAC) for Product and Order Feature By Spring Security
This API uses Spring Security for protecting endpoints. JWT is used for stateless authentication.
-
BUYER_ROLE
-
SELLER_ROLE
-
ADMIN_ROLE
-
Search products no need to authorize.
-
Only BUYER_ROLE can create order.
-
Only SELLER_ROLE can create, update and delete the product.
-
Admin_ROLE can opertate all feature and check users information.
POST /api/products: Create a new productGET /api/products: Retrieve all productsGET /api/products/{id}: Retrieve a specific product by IDPUT /api/products/{id}: Update a productDELETE /api/products/{id}: Delete a productGET /api/products/search: Search and sort products with pagination
POST /register: Register a new userPOST /login: Authenticate a user and receive a JWTGET /api/users: Retrieve all usersGET /api/users/{id}: Retrieve a specific user by IDDELETE /api/users/{id}: Delete a user
POST /api/users/{userId}/orders: Create a new order for a specific user
This API uses JWT for authentication. To access protected endpoints, you need to:
- Register a user using the
/registerendpoint - Login using the
/loginendpoint to receive a JWT - Include the JWT in the
Authorizationheader of subsequent requests
The product search endpoint (/api/products/search) supports pagination and sorting with the following parameters:
productName: Filter products by name (optional)sortBy: Field to sort by (default: "id")sortOrder: Sort order, "asc" or "desc" (default: "asc")page: Page number (default: 0)limit: Number of items per page (default: 5)
[http://localhost:8080/v3/api-docs](http://localhost:8080/swagger-ui/index.html)
To run this project:
- Ensure you have Java and Maven installed
- Clone the repository
- Configure your database settings in
application.properties(database scheme can see : /src/main/resources/schema.sql) - Run
RestfulShopApplicationto start the server