[#111] Fix: hide secretKey in JwtService

src/main/java/com/syncd/adapter/in/web/AdminController.java

@@ -1,5 +1,7 @@
 package com.syncd.adapter.in.web;
 
+import com.syncd.application.port.in.admin.LoginAdminUsecase.*;
+import com.syncd.application.port.in.admin.CreateAdminUsecase.*;
 import com.syncd.application.port.in.admin.CreateProjectAdminUsecase.*;
 import com.syncd.application.port.in.admin.DeleteProjectAdminUsecase.*;
 import com.syncd.application.port.in.admin.UpdateProjectAdminUsecase.*;
@@ -12,13 +14,17 @@
 import com.syncd.application.port.in.admin.GetAllUserAdminUsecase.*;
 import com.syncd.application.port.in.admin.GetChatgptPriceAdminUsecase.*;
 import com.syncd.application.port.in.admin.UpdateUserAdminUsecase.*;
+import com.syncd.application.service.JwtService;
+import jakarta.servlet.http.HttpServletRequest;
 import lombok.RequiredArgsConstructor;
 import org.springframework.web.bind.annotation.*;
 
 @RestController
 @RequiredArgsConstructor
 @RequestMapping("/admin")
 public class AdminController {
+    private final LoginAdminUsecase loginAdminUsecase;
+    private final CreateAdminUsecase createAdminUsecase;
     private final GetAllUserAdminUsecase getAllUserAdminUsecase;
     private final CreateUserAdminUsecase createUserAdminUsecase;
     private final CreateProjectAdminUsecase createProjectAdminUsecase;
@@ -30,65 +36,88 @@ public class AdminController {
     private final DeleteUserAdminUsecase deleteUserAdminUsecase;
     private final SearchUserAdminUsecase searchUserAdminUsecase;
     private final SearchProjectAdminUsecase searchProjectAdminUsecase;
+    private final JwtService jwtService;
     // ======================================
     // USER
     // ======================================
 
+    @PostMapping("/login")
+    public LoginResponseDto login(@RequestBody LoginRequestDto requestDto) {
+        return loginAdminUsecase.login(requestDto.email(), requestDto.password());
+    }
+
+    @PostMapping("/create")
+    public CreateAdminResponseDto createAdmin(@RequestBody CreateAdminRequestDto requestDto) {
+        return createAdminUsecase.createAdmin(requestDto.email(), requestDto.password(), requestDto.name());
+    }
+
     @GetMapping("/user")
-    public GetAllUserResponseDto getAllUser(){
-        return getAllUserAdminUsecase.getAllUser();
+    public GetAllUserResponseDto getAllUser(HttpServletRequest request){
+        String token = jwtService.resolveToken(request);
+        return getAllUserAdminUsecase.getAllUser(jwtService.getAdminIdFromToken(token));
     }
 
     @PostMapping("/user/add")
-    public CreateUserResponseDto addUser(@RequestBody CreateUserRequestDto requestDto){
-        return createUserAdminUsecase.addUser(requestDto.email(),
+    public CreateUserResponseDto addUser(HttpServletRequest request, @RequestBody CreateUserRequestDto requestDto){
+        String token = jwtService.resolveToken(request);
+        return createUserAdminUsecase.addUser(
+                jwtService.getAdminIdFromToken(token), requestDto.email(),
                 requestDto.name(), requestDto.status(),
                 requestDto.profileImg(), requestDto.projectIds());
     }
 
     @PostMapping("/user/delete")
-    public DeleteUserResponseDto deleteUser(@RequestBody DeleteUserRequestDto requestDto){
-        return deleteUserAdminUsecase.deleteUser(requestDto.userId());
+    public DeleteUserResponseDto deleteUser(HttpServletRequest request, @RequestBody DeleteUserRequestDto requestDto){
+        String token = jwtService.resolveToken(request);
+        return deleteUserAdminUsecase.deleteUser(jwtService.getAdminIdFromToken(token), requestDto.userId());
     }
 
     @PostMapping("/user/update")
-    public UpdateUserResponseDto updateUser(@RequestBody UpdateUserRequestDto requestDto){
-        return updateUserAdminUsecase.updateUser(requestDto.userId(), requestDto.email(),requestDto.name(), requestDto.status(), requestDto.profileImg(), requestDto.projectIds());
+    public UpdateUserResponseDto updateUser(HttpServletRequest request, @RequestBody UpdateUserRequestDto requestDto){
+        String token = jwtService.resolveToken(request);
+        return updateUserAdminUsecase.updateUser(jwtService.getAdminIdFromToken(token), requestDto.userId(), requestDto.email(),requestDto.name(), requestDto.status(), requestDto.profileImg(), requestDto.projectIds());
     }
 
     @GetMapping("/user/search")
     public SearchUserAdminResponseDto searchUsers(
+            HttpServletRequest request,
             @RequestParam(required = false) String status,
             @RequestParam(required = false) String searchType,
             @RequestParam(required = false) String searchText) {
-        return searchUserAdminUsecase.searchUsers(status, searchType, searchText);
+        String token = jwtService.resolveToken(request);
+        return searchUserAdminUsecase.searchUsers(jwtService.getAdminIdFromToken(token), status, searchType, searchText);
     }
     // ======================================
     // PROJECT
     // ======================================
 
     @GetMapping("/project")
-    public GetAllProjectResponseDto getAllProject(){
-        return getAllProjectAdminUsecase.getAllProject();
+    public GetAllProjectResponseDto getAllProject(HttpServletRequest request){
+        String token = jwtService.resolveToken(request);
+        return getAllProjectAdminUsecase.getAllProject(jwtService.getAdminIdFromToken(token));
     }
 
     @PostMapping("/project/create")
-    public CreateProjectAdminResponseDto createProject(@RequestBody CreateProjectAdminRequestDto requestDto){
-        return createProjectAdminUsecase.createProject(requestDto.name(), requestDto.description(), requestDto.img(), requestDto.users(), requestDto.progress(),requestDto.leftChanceForUserstory());
+    public CreateProjectAdminResponseDto createProject(HttpServletRequest request, @RequestBody CreateProjectAdminRequestDto requestDto){
+        String token = jwtService.resolveToken(request);
+        return createProjectAdminUsecase.createProject(jwtService.getAdminIdFromToken(token), requestDto.name(), requestDto.description(), requestDto.img(), requestDto.users(), requestDto.progress(),requestDto.leftChanceForUserstory());
     }
 
     @PostMapping("/project/delete")
-    public DeleteProjectAdminResponseDto deleteProject(@RequestBody DeleteProjectAdminRequestDto requestDto){
-        return deleteProjectAdminUsecase.deleteProject(requestDto.projectId());
+    public DeleteProjectAdminResponseDto deleteProject(HttpServletRequest request, @RequestBody DeleteProjectAdminRequestDto requestDto){
+        String token = jwtService.resolveToken(request);
+        return deleteProjectAdminUsecase.deleteProject(jwtService.getAdminIdFromToken(token), requestDto.projectId());
     }
 
     @PostMapping("/project/update")
-    public UpdateProjectAdminResponseDto updateProject(@RequestBody UpdateProjectAdminRequestDto requestDto){
-        return updateProjectAdminUsecase.updateProject(requestDto.projectId(), requestDto.name(), requestDto.description(),requestDto.img(),requestDto.users(),requestDto.progress(),requestDto.leftChanceForUserstory()) ;
+    public UpdateProjectAdminResponseDto updateProject(HttpServletRequest request, @RequestBody UpdateProjectAdminRequestDto requestDto){
+        String token = jwtService.resolveToken(request);
+        return updateProjectAdminUsecase.updateProject(jwtService.getAdminIdFromToken(token), requestDto.projectId(), requestDto.name(), requestDto.description(),requestDto.img(),requestDto.users(),requestDto.progress(),requestDto.leftChanceForUserstory()) ;
     }
 
     @GetMapping("/project/search")
     public SearchProjectAdminResponseDto searchProjects(
+            HttpServletRequest request,
             @RequestParam(required = false) String name,
             @RequestParam(required = false) String userId,
             @RequestParam(required = false) Integer leftChanceForUserstory,
@@ -98,14 +127,16 @@ public SearchProjectAdminResponseDto searchProjects(
             @RequestParam(defaultValue = "1") int page,
             @RequestParam(defaultValue = "10") int pageSize
     ) {
-        return searchProjectAdminUsecase.searchProjects(name, userId, leftChanceForUserstory, startDate, endDate, progress, page, pageSize);
+        String token = jwtService.resolveToken(request);
+        return searchProjectAdminUsecase.searchProjects(jwtService.getAdminIdFromToken(token), name, userId, leftChanceForUserstory, startDate, endDate, progress, page, pageSize);
     }
 
     // ======================================
     // CHATGPT
     // ======================================
     @GetMapping("/chatgpt")
-    public GetChatgptPriceResponseDto GetChatgptPrice(){
-        return getChatgptPriceAdminUsecase.getChatgptPrice();
+    public GetChatgptPriceResponseDto GetChatgptPrice(HttpServletRequest request){
+        String token = jwtService.resolveToken(request);
+        return getChatgptPriceAdminUsecase.getChatgptPrice(jwtService.getAdminIdFromToken(token));
     }
 }

src/main/java/com/syncd/application/port/in/admin/CreateAdminUsecase.java

@@ -0,0 +1,23 @@
+package com.syncd.application.port.in.admin;
+
+public interface CreateAdminUsecase {
+
+    // ======================================
+    // METHOD
+    // ======================================
+    CreateAdminResponseDto createAdmin(String email, String password, String name);
+
+    // ======================================
+    // DTO
+    // ======================================
+    record CreateAdminRequestDto(
+            String email,
+            String password,
+            String name
+    ) {}
+
+
+    record CreateAdminResponseDto(
+            String id
+    ) {}
+}

src/main/java/com/syncd/application/port/in/admin/CreateProjectAdminUsecase.java

@@ -1,6 +1,8 @@
 package com.syncd.application.port.in.admin;
 
 import com.syncd.enums.Role;
+import com.syncd.exceptions.ValidationMessages;
+import jakarta.validation.constraints.NotBlank;
 import org.springframework.web.multipart.MultipartFile;
 
 import java.util.List;
@@ -9,7 +11,13 @@ public interface CreateProjectAdminUsecase {
     // ======================================
     // METHOD
     // ======================================
-    CreateProjectAdminResponseDto createProject(String name, String description, String img, List<UserInProjectRequestDto> users, int progress, int leftChanceForUserstory);
+    CreateProjectAdminResponseDto createProject(
+            @NotBlank(message = ValidationMessages.ADMIN_ID_NOT_BLANK)
+            String adminId,
+            String name, String description, String img,
+            List<UserInProjectRequestDto> users,
+            int progress, int leftChanceForUserstory
+    );
 
     // ======================================
     // DTO

src/main/java/com/syncd/application/port/in/admin/CreateUserAdminUsecase.java

@@ -1,6 +1,8 @@
 package com.syncd.application.port.in.admin;
 
 import com.syncd.enums.UserAccountStatus;
+import com.syncd.exceptions.ValidationMessages;
+import jakarta.validation.constraints.NotBlank;
 
 import java.util.List;
 
@@ -9,7 +11,10 @@ public interface CreateUserAdminUsecase {
     // ======================================
     // METHOD
     // ======================================
-    CreateUserResponseDto addUser(String email, String name, UserAccountStatus status, String profileImg, List<String> projectIds);
+    CreateUserResponseDto addUser(
+            @NotBlank(message = ValidationMessages.ADMIN_ID_NOT_BLANK)
+            String adminId,
+            String email, String name, UserAccountStatus status, String profileImg, List<String> projectIds);
 
     // ======================================
     // DTO

src/main/java/com/syncd/application/port/in/admin/DeleteProjectAdminUsecase.java

@@ -1,10 +1,17 @@
 package com.syncd.application.port.in.admin;
 
+import com.syncd.exceptions.ValidationMessages;
+import jakarta.validation.constraints.NotBlank;
+
 public interface DeleteProjectAdminUsecase {
     // ======================================
     // METHOD
     // ======================================
-    DeleteProjectAdminResponseDto deleteProject(String projectId);
+    DeleteProjectAdminResponseDto deleteProject(
+            @NotBlank(message = ValidationMessages.ADMIN_ID_NOT_BLANK)
+            String adminId,
+            String projectId
+    );
 
     // ======================================
     // DTO

src/main/java/com/syncd/application/port/in/admin/DeleteUserAdminUsecase.java

@@ -1,11 +1,18 @@
 package com.syncd.application.port.in.admin;
 
+import com.syncd.exceptions.ValidationMessages;
+import jakarta.validation.constraints.NotBlank;
+
 public interface DeleteUserAdminUsecase {
 
     // ======================================
     // METHOD
     // ======================================
-    DeleteUserResponseDto deleteUser(String userId);
+    DeleteUserResponseDto deleteUser(
+            @NotBlank(message = ValidationMessages.ADMIN_ID_NOT_BLANK)
+            String adminId,
+            String userId
+    );
 
     // ======================================
     // DTO

src/main/java/com/syncd/application/port/in/admin/GetAdminIdFromTokenUsecase.java

@@ -0,0 +1,5 @@
+package com.syncd.application.port.in.admin;
+
+public interface GetAdminIdFromTokenUsecase {
+    String getAdminIdFromToken(String token);
+}

src/main/java/com/syncd/application/port/in/admin/GetAllProjectAdminUsecase.java

@@ -1,6 +1,8 @@
 package com.syncd.application.port.in.admin;
 
 import com.syncd.adapter.out.persistence.repository.project.ProjectEntity;
+import com.syncd.exceptions.ValidationMessages;
+import jakarta.validation.constraints.NotBlank;
 
 import java.util.List;
 
@@ -9,7 +11,10 @@ public interface GetAllProjectAdminUsecase {
     // ======================================
     // METHOD
     // ======================================
-    GetAllProjectResponseDto getAllProject();
+    GetAllProjectResponseDto getAllProject(
+            @NotBlank(message = ValidationMessages.ADMIN_ID_NOT_BLANK)
+            String adminId
+    );
 
     // ======================================
     // DTO

src/main/java/com/syncd/application/port/in/admin/GetAllUserAdminUsecase.java

@@ -1,6 +1,8 @@
 package com.syncd.application.port.in.admin;
 
 import com.syncd.adapter.out.persistence.repository.user.UserEntity;
+import com.syncd.exceptions.ValidationMessages;
+import jakarta.validation.constraints.NotBlank;
 
 import java.util.List;
 
@@ -9,7 +11,10 @@ public interface GetAllUserAdminUsecase {
     // ======================================
     // METHOD
     // ======================================
-    GetAllUserResponseDto getAllUser();
+    GetAllUserResponseDto getAllUser(
+            @NotBlank(message = ValidationMessages.ADMIN_ID_NOT_BLANK)
+            String adminId
+    );
 
 
     // ======================================

src/main/java/com/syncd/application/port/in/admin/GetChatgptPriceAdminUsecase.java

@@ -1,11 +1,17 @@
 package com.syncd.application.port.in.admin;
 
+import com.syncd.exceptions.ValidationMessages;
+import jakarta.validation.constraints.NotBlank;
+
 public interface GetChatgptPriceAdminUsecase {
 
     // ======================================
     // METHOD
     // ======================================
-    GetChatgptPriceResponseDto getChatgptPrice();
+    GetChatgptPriceResponseDto getChatgptPrice(
+            @NotBlank(message = ValidationMessages.ADMIN_ID_NOT_BLANK)
+            String adminId
+    );
 
     // ======================================
     // DTO

src/main/java/com/syncd/application/port/in/admin/LoginAdminUsecase.java

@@ -0,0 +1,22 @@
+package com.syncd.application.port.in.admin;
+
+public interface LoginAdminUsecase {
+
+    // ======================================
+    // METHOD
+    // ======================================
+    LoginAdminUsecase.LoginResponseDto login(String email, String password);
+
+    // ======================================
+    // DTO
+    // ======================================
+    record LoginRequestDto(
+        String email,
+        String password
+    ) {}
+
+
+    record LoginResponseDto(
+            String token
+    ) {}
+}

src/main/java/com/syncd/application/port/in/admin/SearchProjectAdminUsecase.java

@@ -2,6 +2,8 @@
 
 import com.syncd.adapter.out.persistence.repository.project.ProjectEntity;
 import com.syncd.adapter.out.persistence.repository.user.UserEntity;
+import com.syncd.exceptions.ValidationMessages;
+import jakarta.validation.constraints.NotBlank;
 
 import java.util.List;
 import java.util.Map;
@@ -11,7 +13,12 @@ public interface SearchProjectAdminUsecase {
     // ======================================
     // METHOD
     // ======================================
-    SearchProjectAdminResponseDto searchProjects(String name, String userId, Integer leftChanceForUserstory, String startDate, String endDate, Integer progress, int page, int pageSize);
+    SearchProjectAdminResponseDto searchProjects(
+            @NotBlank(message = ValidationMessages.ADMIN_ID_NOT_BLANK)
+            String adminId,
+            String name, String userId, Integer leftChanceForUserstory,
+            String startDate, String endDate, Integer progress, int page, int pageSize
+    );
 
     // ======================================
     // Search DTO

src/main/java/com/syncd/application/port/in/admin/SearchUserAdminUsecase.java

@@ -2,6 +2,8 @@
 
 import com.syncd.adapter.out.persistence.repository.project.ProjectEntity;
 import com.syncd.adapter.out.persistence.repository.user.UserEntity;
+import com.syncd.exceptions.ValidationMessages;
+import jakarta.validation.constraints.NotBlank;
 
 import java.util.List;
 
@@ -10,7 +12,11 @@ public interface SearchUserAdminUsecase {
     // ======================================
     // METHOD
     // ======================================
-    SearchUserAdminResponseDto searchUsers(String status, String searchType, String searchText);
+    SearchUserAdminResponseDto searchUsers(
+            @NotBlank(message = ValidationMessages.ADMIN_ID_NOT_BLANK)
+            String adminId,
+            String status, String searchType, String searchText
+    );
 
     // ======================================
     // DTO