feat: add Spring Security with JWT filter, auth controller, and health endpoint

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-30 10:27:41 +02:00
parent 770f59500d
commit b5bd67fbd6
5 changed files with 302 additions and 0 deletions
--- a/src/test/java/net/siegeln/cameleer/saas/auth/AuthControllerTest.java
+++ b/src/test/java/net/siegeln/cameleer/saas/auth/AuthControllerTest.java
@@ -0,0 +1,125 @@
+package net.siegeln.cameleer.saas.auth;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+import net.siegeln.cameleer.saas.TestcontainersConfig;
+import net.siegeln.cameleer.saas.auth.dto.LoginRequest;
+import net.siegeln.cameleer.saas.auth.dto.RegisterRequest;
+import org.junit.jupiter.api.Test;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.context.annotation.Import;
+import org.springframework.http.MediaType;
+import org.springframework.test.context.ActiveProfiles;
+import org.springframework.test.web.servlet.MockMvc;
+
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+
+@SpringBootTest
+@AutoConfigureMockMvc
+@Import(TestcontainersConfig.class)
+@ActiveProfiles("test")
+class AuthControllerTest {
+
+    @Autowired
+    private MockMvc mockMvc;
+
+    @Autowired
+    private ObjectMapper objectMapper;
+
+    @Test
+    void register_returns201WithToken() throws Exception {
+        var request = new RegisterRequest("newuser@example.com", "New User", "password123");
+
+        mockMvc.perform(post("/api/auth/register")
+                        .contentType(MediaType.APPLICATION_JSON)
+                        .content(objectMapper.writeValueAsString(request)))
+                .andExpect(status().isCreated())
+                .andExpect(jsonPath("$.token").isNotEmpty())
+                .andExpect(jsonPath("$.email").value("newuser@example.com"))
+                .andExpect(jsonPath("$.name").value("New User"));
+    }
+
+    @Test
+    void register_returns409ForDuplicateEmail() throws Exception {
+        var request = new RegisterRequest("duplicate@example.com", "User One", "password123");
+
+        // First registration
+        mockMvc.perform(post("/api/auth/register")
+                        .contentType(MediaType.APPLICATION_JSON)
+                        .content(objectMapper.writeValueAsString(request)))
+                .andExpect(status().isCreated());
+
+        // Duplicate registration
+        mockMvc.perform(post("/api/auth/register")
+                        .contentType(MediaType.APPLICATION_JSON)
+                        .content(objectMapper.writeValueAsString(request)))
+                .andExpect(status().isConflict());
+    }
+
+    @Test
+    void login_returns200WithToken() throws Exception {
+        var registerRequest = new RegisterRequest("loginuser@example.com", "Login User", "password123");
+
+        mockMvc.perform(post("/api/auth/register")
+                        .contentType(MediaType.APPLICATION_JSON)
+                        .content(objectMapper.writeValueAsString(registerRequest)))
+                .andExpect(status().isCreated());
+
+        var loginRequest = new LoginRequest("loginuser@example.com", "password123");
+
+        mockMvc.perform(post("/api/auth/login")
+                        .contentType(MediaType.APPLICATION_JSON)
+                        .content(objectMapper.writeValueAsString(loginRequest)))
+                .andExpect(status().isOk())
+                .andExpect(jsonPath("$.token").isNotEmpty())
+                .andExpect(jsonPath("$.email").value("loginuser@example.com"));
+    }
+
+    @Test
+    void login_returns401ForBadPassword() throws Exception {
+        var registerRequest = new RegisterRequest("badpass@example.com", "Bad Pass", "password123");
+
+        mockMvc.perform(post("/api/auth/register")
+                        .contentType(MediaType.APPLICATION_JSON)
+                        .content(objectMapper.writeValueAsString(registerRequest)))
+                .andExpect(status().isCreated());
+
+        var loginRequest = new LoginRequest("badpass@example.com", "wrong-password");
+
+        mockMvc.perform(post("/api/auth/login")
+                        .contentType(MediaType.APPLICATION_JSON)
+                        .content(objectMapper.writeValueAsString(loginRequest)))
+                .andExpect(status().isUnauthorized());
+    }
+
+    @Test
+    void protectedEndpoint_returns401WithoutToken() throws Exception {
+        mockMvc.perform(get("/api/health/secured"))
+                .andExpect(status().isUnauthorized());
+    }
+
+    @Test
+    void protectedEndpoint_returns200WithValidToken() throws Exception {
+        // Register to get a token
+        var registerRequest = new RegisterRequest("secured@example.com", "Secured User", "password123");
+
+        var result = mockMvc.perform(post("/api/auth/register")
+                        .contentType(MediaType.APPLICATION_JSON)
+                        .content(objectMapper.writeValueAsString(registerRequest)))
+                .andExpect(status().isCreated())
+                .andReturn();
+
+        var responseBody = objectMapper.readTree(result.getResponse().getContentAsString());
+        String token = responseBody.get("token").asText();
+
+        // Access protected endpoint with token
+        mockMvc.perform(get("/api/health/secured")
+                        .header("Authorization", "Bearer " + token))
+                .andExpect(status().isOk())
+                .andExpect(jsonPath("$.status").value("authenticated"));
+    }
+}