Create filter to token from request header #35

demo/week01/src/main/java/com/sol/demoecom/common/AuthenticationFilter.java

@@ -0,0 +1,81 @@
+package com.sol.demoecom.common;
+
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.sol.demoecom.user.model.UserModel;
+import com.sol.demoecom.user.repository.UserRepository;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.stereotype.Component;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.util.*;
+import java.util.stream.Collectors;
+
+@Component
+public class AuthenticationFilter extends OncePerRequestFilter {
+    private static String SHOULD_NOT_FILTER = "not-filter";
+
+    @Autowired
+    UserRepository userRepository;
+
+    @Override
+    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
+        try {
+            String token = request.getHeader("token");
+            List<String> urls = new ArrayList<>();
+            urls.add("/user/basket");
+            urls.add("/user/addresses");
+            urls.add("/user/orders");
+            urls.add("/user/orders/payment");
+
+            if(stringContainsItemFromList(request.getRequestURI(), urls).size() > 0) {
+                if(token == null) {
+                    throw new UnauthorizationException();
+                }
+
+                UUID userId = UUID.fromString(token);
+                Optional<UserModel> user = userRepository.findById(userId);
+
+                if(!user.isPresent()) {
+                    throw new UnauthorizationException();
+                }
+            }
+
+
+            filterChain.doFilter(request, response);
+
+        } catch (RuntimeException e) {
+            ResponseFail responseFail = new ResponseFail(e.getMessage());
+
+            response.setStatus(HttpStatus.BAD_REQUEST.value());
+            response.setContentType("application/json");
+            response.getWriter().write(convertObjectToJson(responseFail));
+        }
+    }
+
+    @Override
+    protected boolean shouldNotFilter(HttpServletRequest request) {
+        return Boolean.TRUE.equals(request.getAttribute(SHOULD_NOT_FILTER));
+    }
+
+    private List<String> stringContainsItemFromList(String search, List<String> list) {
+        List<String> matchingElements = list.stream()
+                .filter(str -> search.trim().contains(str))
+                .collect(Collectors.toList());
+        return matchingElements;
+    }
+
+    private String convertObjectToJson(Object object) throws JsonProcessingException {
+        if (object == null) {
+            return null;
+        }
+        ObjectMapper mapper = new ObjectMapper();
+        return mapper.writeValueAsString(object);
+    }
+}

demo/week01/src/main/java/com/sol/demoecom/common/UnauthorizationException.java

@@ -0,0 +1,7 @@
+package com.sol.demoecom.common;
+
+public class UnauthorizationException extends RuntimeException{
+    public UnauthorizationException() {
+        super("Invalid token.");
+    }
+}

demo/week01/src/main/java/com/sol/demoecom/user/UserControllerAdvice.java

@@ -1,5 +1,6 @@
 package com.sol.demoecom.user;
 
+import com.sol.demoecom.common.UnauthorizationException;
 import com.sol.demoecom.common.ResponseFail;
 import com.sol.demoecom.product.exception.ProductNotFoundException;
 import com.sol.demoecom.user.exception.AuthenticationFailException;
@@ -33,4 +34,11 @@ public ResponseFail notEnoughProduct(NotEnoughProductException e) {
     public ResponseFail productNotFound(ProductNotFoundException e) {
         return new ResponseFail(e.getMessage());
     }
+
+    @ExceptionHandler(UnauthorizationException.class)
+    @ResponseBody
+    @ResponseStatus(HttpStatus.BAD_REQUEST)
+    public ResponseFail notAuthorization(UnauthorizationException e) {
+        return new ResponseFail(e.getMessage());
+    }
 }

demo/week01/src/test/java/com/sol/demoecom/user/controller/UserControllerTest.java

@@ -85,9 +85,11 @@ void addItemToBasket_withOneProductSku_ResponseStatusSuccess() throws JSONExcept
 
         when(userRepository.getById(user.getId())).thenReturn(user);
         when(productSkuRepository.findById(productSku.getId())).thenReturn(Optional.of(productSku));
+        when(userRepository.findById(user.getId())).thenReturn(Optional.of(user));
 
         HttpHeaders headers = new HttpHeaders();
         headers.setContentType(MediaType.APPLICATION_JSON);
+        headers.set("token", user.getId().toString());
         JSONObject loginJsonObject = new JSONObject();
         loginJsonObject.put("userId", UserUuid);
         loginJsonObject.put("quantity", 2);

demo/week01/src/test/java/com/sol/demoecom/user/service/UserServiceTest.java

@@ -73,7 +73,7 @@ void addProductItemToBasket_withInitialData_success() throws AuthenticationFailE
         UUID productSkuUuid = UUID.fromString("4e8b7b81-c66d-435b-a58b-0e7d3e03d7aa");
         productSku.setId(productSkuUuid);
         product.addProductSku(productSku);
-        
+
         when(userRepository.getById(user.getId())).thenReturn(user);
         when(productSkuRepository.findById(productSku.getId())).thenReturn(Optional.of(productSku));