This backend system is a simple API that allows users to create safeboxes and store content in them. The API is secured with Basic Auth and is also documented with OpenAPI, and the documentation can be found attached with the source code. The project follows a clean architecture, with the application layer interacting with the external system through a data provider interface. This allows the application layer to be isolated from the implementation details of the external system and makes it easier to test and maintain the code.
- Java 18: The backend system is implemented using Java 18, one of the latest available versions of this language, which provides us with different features that we take advantage of in the API implementation.
- Spring boot: The system uses Spring Boot as the web framework to handle HTTP requests and responses.
- Install
makeon your computer, if you do not already have it. - Start the application:
make up - Run the application tests:
make test
- Install docker and docker-compose on your computer, if you do not already have it.
- Start the application:
docker-compose up - Execute
docker compose run -d -p "8080:8080" java-skeleton-api gradle clean build bootRun -x test
- Move to the project directory:
cd C4EEtnTqMi8aXhxyocR2 - Build the project for the first time:
./gradlew build - To just run the project execute:
./gradlew run
GET /api/v1/health- Health checkPOST /safebox- Creates a new safebox based on a non-empty name and a password.GET /safebox/{id}/items- Retrieves the currently stored contents in the safebox identified by the given ID.PUT /safebox/{id}/items- Inserts new contents in the safebox identified by the given ID and with the given Basic Auth.
A sample user with some items on his safebox is available with the following details:
- username:
rviewer - password:
test - safebox id:
1bb1a31d-b525-4ee3-b4c3-5e8fe49c1af5
Additionally, a postman collection has been added to facilitate API testing.
- Lombok: Used to reduce boilerplate code in the project.
- PostgresSQL: The driver to connect with the database used in the project.
- H2: in-memory database used for testing.
- Flyway: Used to initialize the tables and manage database migrations.
- Clean Architecture: In the project we have always maintained a clean architecture, giving great importance to not coupling the domain and application layers to any framework. Pushing these needs to the infrastructure layer.
- Basic Auth: To implement the Basic Auth in the project, a minimum order filter has been implemented, which verifies authentication on all incoming calls. This solution has been chosen because it allows us to enable this functionality, with zero configuration, without adding major dependencies to the project and giving us a simple but total control of the project security.
- Password are stored in the database using the algorithm SHA3-256, which is a secure algorithm that is not reversible.
- In the infrastructure structure layer we have the package config where we can find:
- The DatabaseConfig: which is responsible for configuring the database connection.
- The DependencyInjectionConfig: which is responsible for configuring the dependency injection of the project.
- application.yml
server.shutdown = graceful: This property is responsible for allowing the application to finish the current requests before shutting down.
- DB Migration folder: This folder contains the scripts that are executed when the application starts. Are responsible for creating the tables in the database if they do not exist and migrating the database if necessary.
- Exception are defined individually in the exception package and are managed by the ControllerAdvisor to keep a simple but ordered and powerful error handling.
- Security concerns are packaged in the security package composed by:
- The BasicSecurityFilter: which is responsible for implementing the Basic Auth.
- The SecurityUtils: which is responsible for providing the necessary methods to implement the Basic Auth.