Back-end service with authentication and authorization to view and edit payroll data of employees
- Registration (POST /api/auth/signup), sends JSON. The first user gets the administrator role, the other user roles
- Administrator
- Accountant
- User
- Auditor
- Change password (POST /api/auth/changepass), sends JSON with new password
- Changing the roles of other users (PUT /api/admin/user/role)
- Getting a list of users (GET /api/admin/user/)
- Deleting all users, including the administrator (DELETE /api/admin/user/)
- Deleting a single user (DELETE /api/admin/user/{userEmail})
- Adding salary data (POST /api/acct/payments), sends JSON with list of salary data of employees
- Change the salary of a specific user (PUT /api/acct/payments), sends JSON with employee data
- Getting the salary data (GET /api/empl/payment), the query can be with the parameter (period), then the data about salarie for this period will be returned, when you make a query without the parameter, the data about all salaries will be returned
- Getting a list of logs (GET /api/security/events/)
An HTTPS connection with its own certificate is used: -genkeypair -alias accountant_service -keyalg RSA -keysize 2048 -storetype PKCS12 -keystore keystore.p12 -validity 3650 Password 952738
The data is stored in a PostgreSQL database. Password is stored as Hash