A simple REST API built with Java (Javalin + JPA) that allows authenticated users to perform calculations. Results are stored in a PostgreSQL database with user attribution.
This API provides basic mathematical operations (add, subtract, multiply, divide) with role-based access control. All calculations are saved to the database, and users can view their own calculation history.
- http://localhost:7070/api/routes - routes overview with roles
- http://calcapi.marcuspff.com/api/routes - for deployed version
GET /api/auth/healthcheck- Check API statusPOST /api/auth/login- User loginPOST /api/auth/register- Register new userGET /api/public/info- API informationGET /api/public/stats- Calculation statisticsGET /api/public/examples- API usage examplesGET /api/public/calculations- View all calculations (public)
POST /api/calc/add- AdditionPOST /api/calc/subtract- SubtractionGET /api/calc/calculations- View my calculations
POST /api/calc/multiply- MultiplicationPOST /api/calc/divide- DivisionDELETE /api/calc/calculations/{id}- Delete calculation by IDGET /api/admin/panel- Admin panel infoGET /api/admin/users- List all users
- Passwords are hashed using BCrypt before storage
- Only the hash is saved in the database, never plain text passwords
- BCrypt handles salt generation automatically
- All protected endpoints require a Bearer token in the Authorization header
- Format:
Authorization: Bearer <token> - Tokens contain: username, role, and expiration time
- Token validation is automatic for protected routes
Framework
- Javalin 6.3.0 (REST framework)
Database & ORM
- PostgreSQL 42.7.4
- Hibernate 6.2.4 (JPA)
Security
- TokenSecurity library (JWT)
- jBCrypt 0.4 (password hashing)
Utilities
- Jackson (JSON processing)
- Lombok (code generation)
- SLF4J + Logback (logging)
- HikariCP (connection pooling)
Testing
- JUnit 5
- REST Assured
- Testcontainers
| Status Code | Meaning |
|---|---|
| 200 | OK - Request successful |
| 400 | Bad Request - Invalid input or validation error |
| 401 | Unauthorized - Missing or invalid token |
| 403 | Forbidden - Insufficient role permissions |
| 500 | Internal Server Error - Unexpected server error |
Error responses include a JSON object with error, status, and message fields.
- Configure database connection in
src/main/resources/config.properties - Set SECRET_KEY for JWT (or use default)
- Run the application:
mvn clean package && java -jar target/app.jar - Server starts on
http://localhost:7070/api
# Register a user
curl -X POST http://localhost:7070/api/auth/register \
-H "Content-Type: application/json" \
-d '{"username":"testuser","password":"secret","role":"GUEST"}'
# Login
curl -X POST http://localhost:7070/api/auth/login \
-H "Content-Type: application/json" \
-d '{"username":"testuser","password":"secret"}'
# Perform calculation (with token from login)
curl -X POST http://localhost:7070/api/calc/add \
-H "Authorization: Bearer <your-token>" \
-H "Content-Type: application/json" \
-d '{"num1":10,"num2":5}'