Auction restfull app, created using spring boot in order to consolidate knowledge.
Table of Contents
Obviously, one can only learn given topic when they use it practically, that's why, after spending some time studying spring boot, rest api and overall creating web apps, I decided to make my own project that includes mentioned topics. This app mock auction websites, it enable authenticated user to create two type of auctions: buy-now and bidding and for latter option it allow other authenticated users to add bids for offer. Authentication and authorization are built with JWT. Redis is used for cache and mySQL is primary database. Add SSL with with RSA signature. More details are given below.
- JDK 17
- Spring boot 3.0.0
- Lombok
- Hibernate
- Docker
- MSSQL Server
- Redis
- Testcontainers
- Rest Assured
- Swagger UI
- Mockito
- Java mail API
- Spec-arg-resolver
- register an account (need to provide email, password and login)
- login to account
- delete own account
- change password
- refresh access token
- create auction that can be either bidding or buy now (in the first case other users can add bids to raise the price, and in the latter price is constant)
- delete and update own auction or bid
- get paginated and sorted results, for example
https://localhost/auctions?itemCategory=BOOK&priceFrom=0&priceTo=100&auctionType=BIDDING&itemStatus=USED&pageNo=0&sortBy=startingPrice&sortDir=asc
- make crud operations on all auctions
- delete user account
- get all bids for given bidding
- When creating auction, user choose adequate category (e.g. sport, book) and item status (new, used)
- User can also specify auction end date (in days)
- When new bid is created, all users that earlier took part in the bidding will be sent an email with new highest price
- Also when current highest bid is deleted, again all users that took part in licitation will be sent an email with new highest price
- User cannot create bid when auction is buy now type
- User cannot delete auction (of licitation type) when there are already bids for this auction
- Max auction time is 30 days
- User can only delete highest price bid for given licitation
- User can only delete his / her bid (it is checked via email address)
- And of course, wide range of validation (cannot apply negative price or auction end time cannot be in past etc.)
Swagger documentation available at https://localhost/swagger-ui/index.html#/, nonetheless detailed description of most important endpoints is also below
POST https://localhost:443/api/auth/signup
Content-Type: application/json
{
"email": "sample@mail.com",
"username": "testUser",
"password": "testPassword"
}
RESPONSE: HTTP 201 (Created)
{
User created successfully!
}
POST https://localhost:443/api/auth/login
Content-Type: application/json
{
"username": "testUser",
"password": "testPassword"
}
RESPONSE: HTTP 200
{
"token": "eyJhbGciOiJIUzUxMiJ9... rest of JWT,
"refreshToken": "7f56b079-d0fe-4a0f-9ec3-073c37d7376c"
}
POST https://localhost:443/api/app/auctions/buy-now
Content-Type: application/json
Authorization: Bearer eyJhbGciOiJIUzUxMiJ9... rest of JWT
{
"description": "creatine 400g orange flavour",
"startingPrice": 40,
"itemStatus": "NEW",
"itemCategory": "SPORT",
"daysToEndTime": 10,
"premium": false
}
RESPONSE: HTTP 201 (Created)
{
"auctionId": 7,
"auctionType": "buy_now",
"description": "creatine 400g orange flavour",
"startingPrice": 40,
"itemStatus": "NEW",
"itemCategory": "SPORT",
"auctionEndTime": "2023-03-09T01:45:51.134745",
"auctionStartTime": "2023-02-27T01:45:51.1358006",
"premium": false
}
POST https://localhost:443/auctions/bidding
Content-Type: application/json
Authorization: Bearer eyJhbGciOiJIUzUxMiJ9... rest of JWT
{
"description": "black hat",
"startingPrice": 40,
"itemStatus": "USED",
"itemCategory": "CLOTHES",
"daysToEndTime": 5,
"limited": true
}
RESPONSE: HTTP 201 (Created)
{
"auctionId": 12,
"auctionType": "bidding",
"description": "black hat",
"startingPrice": 40,
"itemStatus": "USED",
"itemCategory": "CLOTHES",
"auctionEndTime": "2023-03-04T02:07:33.1395604",
"auctionStartTime": "2023-02-27T02:07:33.1395604",
"currentPrice": 40,
"bids": [],
"limited": true
}
https://localhost/auctions?priceFrom=0&priceTo=500&auctionType=BUY_NOW&itemStatus=NEW&pageNo=0&sortBy=startingPrice&sortDir=asc
Authorization: Bearer eyJhbGciOiJIUzUxMiJ9... rest of JWT
Response: HTTP 200
[
{
"auctionId": 7,
"auctionType": "buy_now",
"description": "creatine 400g orange flavour",
"startingPrice": 40,
"itemStatus": "NEW",
"itemCategory": "SPORT",
"auctionEndTime": "2023-03-09T01:45:51.134745",
"auctionStartTime": "2023-02-27T01:45:51.135801",
"premium": false
},
{
"auctionId": 2,
"auctionType": "buy_now",
"description": "Mens jeans size L",
"startingPrice": 59.99,
"itemStatus": "NEW",
"itemCategory": "CLOTHES",
"auctionEndTime": "2023-03-09T00:14:10.263333",
"auctionStartTime": "2023-02-27T00:14:10.263333",
"premium": true
},
{
"auctionId": 5,
"auctionType": "buy_now",
"description": "20kg dumbells",
"startingPrice": 79.99,
"itemStatus": "NEW",
"itemCategory": "SPORT",
"auctionEndTime": "2023-03-09T00:14:10.263333",
"auctionStartTime": "2023-02-27T00:14:10.263333",
"premium": false
}
]
POST https://localhost:443/auctions/1/bids
Content-Type: application/json
Authorization: Bearer eyJhbGciOiJIUzUxMiJ9... rest of JWT
{
"bidPrice": 100
}
RESPONSE: HTTP 201 (Created)
{
"bidId": 6,
"bidPrice": 100,
"bidTime": "2023-02-27T01:50:07.9405061"
}
DELETE https://localhost:443/auctions/1/bids/1
Authorization: Bearer eyJhbGciOiJIUzUxMiJ9... rest of JWT
RESPONSE: HTTP 400 (Bad Request)
{
"exceptionMessage": "You can only delete bid with highest price",
"httpStatus": "BAD_REQUEST",
"errors": [
"uri=/auctions/1/bids/1"
],
"timestamp": "2023-02-27T01:55:36.1992742"
}
POST https://localhost:443/api/app/auctions/buy-now
Content-Type: application/json
Authorization: Bearer eyJhbGciOiJIUzUxMiJ9... rest of JWT
{
"description": "iPhone 4s",
"itemStatus": "USED",
"itemCategory": "ELECTRONICS",
"daysToEndTime": 15
}
RESPONSE: HTTP 400 (Bad Request)
{
"exceptionMessage": "INVALID ARGUMENT PASSED",
"httpStatus": "BAD_REQUEST",
"errors": [
"startingPrice: Price must be greater than 0 and less than 1000000"
],
"timestamp": "2023-02-27T01:59:15.4280781"
}
POST https://localhost:443/api/app/auctions/buy-now
Content-Type: application/json
Authorization: Bearer eyJhbGciOiJIUzUxMiJ9... rest of incorrect JWT
{
"description": "barbell",
"startingPrice": 80,
"itemStatus": "NEW",
"itemCategory": "SPORT",
"daysToEndTime": 10,
"premium": true
}
RESPONSE: HTTP 401 (Unauthorized)
{
"exceptionMessage": "Full authentication is required to access this resource",
"httpStatus": "UNAUTHORIZED",
"errors": [
"uri=/error"
],
"timestamp": "2023-02-27T02:08:48.1763675"
}
Distributed under the MIT License. See LICENSE.txt
for more information.