- Uses the following
- Spring Boot 2.3.0 (Java 13)
- Spring Data Rest
- Spring Data JPA
- Spring Security
- Spring Security Test (For Mocking Users)
- Okta Starter (1.1.0)
- H2 In Memory Database
- Lombok
This application is utilizing the most recent version of Spring Boot (2.1.4) and relies on Java 11.
- Checkout the code
- Run the main Application class
- You will require a client passing a proper bearer token to view the API
- You can disable the security by commenting out Spring Security and OKTA in the POM file and then deleting or commenting out the SecurityConfig class.
- Once you have done this the API should be available at Navigate to localhost:8080.
docker run --name local-postgres -p 5432:5432 -d postgres
...Application Properties
## PostgreSQL
spring.datasource.url=jdbc:postgresql://localhost:5432/postgres
spring.datasource.username=postgres
spring.datasource.password=
Maybe you don't have a PostgreSQL locally, use H2 instead.
... Application Properties
Comment out the datasource and jpa properties
... POM File
Add the H2 driver instead of Postgresql
- Currently not doing anything for CORS as I have my UI Proxy to this address while developing.
- Ran into an interesting issue with generated links from API, if using a proxy the links were not being rendered properly (not taking X-Forwarded-*). This is due to a change in Spring that requires you to register a bean for this behaviour. The bean definition is below. Check the following Spring issue for more information: Issue
@Bean
ForwardedHeaderFilter forwardedHeaderFilter() {
return new ForwardedHeaderFilter();
}- Specialized search queries, look in CompanyRepository. Check out localhost:8080/companies/search for a listing of them.
- JWT Resource server security with OKTA. 2 Properties in the application.properties and the SecurityConfig class.
- Can use projections for loading less data or more data (for example relationships)
- Can use version/modified data to reduce data requests and ensure you don't overwrite others changes
- Validations can be implemented in multiple ways, handlers, events, look at the docs
- HAL Browser can be used for quick testing
- Can export or disable some actions
- Can add additional links to resources
- Can create custom controller methods, look at the docs
- Can you use different projections depending on roles?
- Add more testing (minor testing started). Split out testing to other classes.
- Can we implement something like TimeCop? Possibly use the IClock Java interface to do something smart?
- Add role checks to API endpoints
- Implement custom method instead of automagic REST methods.
- Use Flyway for loading data.
- Investigate validators further. Can we reuse them for multiple events create/save for example?
This is a fake data model to try out some different features, relationships, others. Lots of info straight from Archer Wiki
- Company (code, name, chargesGST, chargesPST, owner_id) Implemented
- Owner (firstName, lastName) (Owns a company) Implemented
- Employee (firstName, lastName, company_id, salary, title, position) Implemented
- Product (name, price, comments, company_id) Implemented
- Need to build a many to many relationship
In some cases we may not want to define multiple simple query methods on the repository and may opt to use QueryDSL instead it can be setup in the following way
...maven pom dependendies
<dependency>
<groupId>com.querydsl</groupId>
<artifactId>querydsl-apt</artifactId>
</dependency>
<dependency>
<groupId>com.querydsl</groupId>
<artifactId>querydsl-jpa</artifactId>
</dependency>
... plugin entry to process
<plugin>
<groupId>com.mysema.maven</groupId>
<artifactId>apt-maven-plugin</artifactId>
<version>1.1.3</version>
<executions>
<execution>
<goals>
<goal>process</goal>
</goals>
<configuration>
<outputDirectory>target/generated-sources/java</outputDirectory>
<processor>com.querydsl.apt.jpa.JPAAnnotationProcessor</processor>
</configuration>
</execution>
</executions>
</plugin>
An example of adding it to the CompanyRepository
Have the CompanyRepository extend the following: QuerydslPredicateExecutor<Company>
Now you should be able to stop, re-compile your code base and restart and search for a company by name by doing the following:
http://localhost:8080/companies?name=ABCD
This is a rough list of steps that allow a developer to create a resource on the api side (spring boot) and how to use that resources on the ui side (react).
- Build the model class (entity/document) along with the backing data store. Ensure that it extends the common properties
- Create the repository for the model. Make sure to extend the appropriate repository base class. Remember that all
methods (GET, POST, PATCH, DELETE) are exported by default and you need to turn them off if you want to disable them. Check
the Spring Data Rest documentation for specific ways to do so
- Remember you can now add custom methods to the repository for searching/paging for example. Again check the spring data documentation.
- Create any validators for your model. Ensure to register the validators or use the auto registration, find more info in the documentation.
- Create any resource processors for your model. Maybe you need to add a link or some other property to your model. A common use case is adding a link to relationships as the HAL spec does not give relationship links that work for selection for example.
- You now have a resource that is exposed over the API, time to move to the front end.
- Create a new react component to utilize your resource. There are a few ways to do this so I am listing some helpful
links below.
- Main Docs
- A functional component
- A class based component
- Fetch - Fetching data
- Alternatives
- React Router - Navigtation
- I know the react portion does not have a great guide yet but it will come I am still learning and settling on a pattern.
In general:
- Create a component
- Does your component need to be behind security? What roles can access and use it? Are the views different for different roles?
- Display or link to your component.
- Create a component