2025-summer/team-5
12
Fork 0
Code Issues Pull requests Projects Releases Activity

clean up AI SLOP

Browse source
This commit is contained in:
Lukas Weger 2025-08-01 18:51:50 +02:00
parent 19a40483aa
commit 9c373c2672
34 changed files with 683 additions and 710 deletions
Download patch file Download diff file Expand all files Collapse all files

220
API_DOCUMENTATION.md
View file

@ -1,220 +0,0 @@
# SERENA API
## Authentication
This system uses JWT-like tokens generated automatically during key actions:
- **Creating a radio station** generates an **owner token**.
- **Joining a radio station** generates a **client token**.
All subsequent requests require this token in the `Authorization` header:
```
Authorization: Bearer <token>
```
### Token Generation Endpoints
#### Create Radio Station → Owner Token
- **POST** `/api/radio-stations`
- **No authentication required**
- **Body**:
```json
{
"name": "My Radio Station",
"description": "A cool radio station"
}
```
**Response:**
```json
{
"success": true,
"message": "Radio station created successfully",
"data": {
"station": {
/* station object */
},
"ownerToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}
}
```
#### Connect to Radio Station → Client Token
- **POST** `/api/clients/connect`
- **No authentication required**
- **Body Options**:
- With Station ID + Join Code
```json
{
"username": "john_doe",
"radioStationId": "station123",
"joinCode": "ABC123"
}
```
- With Join Code only
```json
{ "username": "john_doe", "joinCode": "ABC123" }
```
**Response:**
```json
{
"success": true,
"message": "Successfully connected to radio station",
"data": {
"client": {
/* client object */
},
"clientToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}
}
```
---
## API Endpoints
### Radio Station Management
- **Create Station** `POST /api/radio-stations` (No auth; returns owner token)
- **Get All Stations** `GET /api/radio-stations` (Auth: owner or client)
- Optional query param: `activeOnly=true`
- **Get by ID** `GET /api/radio-stations/{stationId}` (Auth required)
- **Get by Join Code** `GET /api/radio-stations/join/{joinCode}` (Public)
- **Update Station** `PUT /api/radio-stations/{stationId}` (Owner only)
- **Delete Station** `DELETE /api/radio-stations/{stationId}` (Owner only)
### Client Management
- **Connect Client** `POST /api/clients/connect` (No auth; returns client token)
- **Disconnect Client** `DELETE /api/clients/{clientId}/disconnect` (Owner only)
- **Get Client Info** `GET /api/clients/{clientId}` (Auth required)
- **Get Station Clients** `GET /api/clients/station/{radioStationId}` (Auth required)
### Song Management
> All endpoints require a valid **owner** or **client** token unless specified.
- **Add Song** `POST /api/radio-stations/{stationId}/songs`
- **Get Queue** `GET /api/radio-stations/{stationId}/songs/queue`
- **Get Current Song** `GET /api/radio-stations/{stationId}/songs/current`
- **Play Next Song** `POST /api/radio-stations/{stationId}/songs/next` (Owner only)
- **Vote on Song** `POST /api/radio-stations/{stationId}/songs/{songId}/vote`
```json
{ "voteType": "UPVOTE" }
```
`voteType` can be `"UPVOTE"` or `"DOWNVOTE"`.
- **Remove Vote** `DELETE /api/radio-stations/{stationId}/songs/{songId}/vote`
---
## Models
### RadioStation
- `id`, `name`, `description`, `ownerId`, `joinCode`, `createdAt`, `isActive`, `connectedClients`, `songQueue`, `currentlyPlaying`
### Song
- `id`, `title`, `artist`, `album`, `duration`, `url`, `addedBy`, `addedAt`, `votes`, `upvotes`, `downvotes`
### Client
- `id`, `username`, `radioStationId`, `connectedAt`, `isActive`
---
## Authentication & Authorization
- **Public**: Join stations via join code, connect clients.
- **Authenticated User**: Add/vote on songs, view stations, connect to stations.
- **Station Owner**: Manage station (update/delete), control playback, disconnect clients.
---
## Features
- JWT-based authentication for most operations.
- Join codebased client connection.
- Owner-only management (updates, deletes, playback).
- Song queue sorted by votes.
- Full CORS support.
---
## Example Flow
1. User registers/logs in → gets JWT.
2. Owner creates station → gets join code + owner token.
3. Clients join via join code → get client token.
4. Authenticated users add/vote on songs.
5. Owner controls playback & manages station.
---
## Running the Application
```bash
cd backend
./gradlew bootRun
```
Server runs on port `8080`.
### Quick Auth Test
```bash
curl -X POST http://localhost:8080/api/auth/register -H "Content-Type: application/json" -d '{"username":"testuser","password":"password123","email":"test@example.com"}'
curl -X POST http://localhost:8080/api/auth/login -H "Content-Type: application/json" -d '{"username":"testuser","password":"password123"}'
curl -X GET http://localhost:8080/api/radio-stations -H "Authorization: Bearer <token>"
```
---
### **SERENA API Endpoint Table**
| Method | Endpoint | Description | Auth Required | Notes |
| ---------- | ------------------------------------- | ------------------------ | ------------- | -------------------------- |
| **POST** | `/api/radio-stations` | Create a radio station | ❌ | Returns **owner token** |
| **GET** | `/api/radio-stations` | Get all stations | ✅ | `activeOnly=true` optional |
| **GET** | `/api/radio-stations/{stationId}` | Get station by ID | ✅ | — |
| **GET** | `/api/radio-stations/join/{joinCode}` | Get station by join code | ❌ | Public lookup |
| **PUT** | `/api/radio-stations/{stationId}` | Update station | ✅ (Owner) | Owner only |
| **DELETE** | `/api/radio-stations/{stationId}` | Delete station | ✅ (Owner) | Owner only |
#### 👥 **Client Management**
| Method | Endpoint | Description | Auth Required | Notes |
| ---------- | --------------------------------------- | -------------------------- | ------------- | ------------------------ |
| **POST** | `/api/clients/connect` | Connect to station | ❌ | Returns **client token** |
| **DELETE** | `/api/clients/{clientId}/disconnect` | Disconnect client | ✅ (Owner) | Owner only |
| **GET** | `/api/clients/{clientId}` | Get client info | ✅ | — |
| **GET** | `/api/clients/station/{radioStationId}` | Get all clients in station | ✅ | — |
#### 🎵 **Song Management**
| Method | Endpoint | Description | Auth Required | Notes |
| ---------- | ----------------------------------------------------- | -------------------------- | ------------- | --------------------------- |
| **POST** | `/api/radio-stations/{stationId}/songs` | Add song to queue | ✅ | Client or Owner |
| **GET** | `/api/radio-stations/{stationId}/songs/queue` | Get song queue | ✅ | Sorted by votes |
| **GET** | `/api/radio-stations/{stationId}/songs/current` | Get currently playing song | ✅ | — |
| **POST** | `/api/radio-stations/{stationId}/songs/next` | Play next song | ✅ (Owner) | Moves top song to “current” |
| **POST** | `/api/radio-stations/{stationId}/songs/{songId}/vote` | Vote on song | ✅ | `voteType`: UPVOTE/DOWNVOTE |
| **DELETE** | `/api/radio-stations/{stationId}/songs/{songId}/vote` | Remove vote | ✅ | Removes users vote |
---

578
backend/API_DOCUMENTATION.md Normal file
View file

@ -0,0 +1,578 @@
# Serena API docs
## Overview
**Base URL:** `http://localhost:8080/api`
## Authentication
The API uses Bearer token authentication. Include the token in the Authorization header:
```
Authorization: Bearer <token>
```
### Token Types
- **Owner Token**: Generated when creating a radio station, allows full station management
- **Client Token**: Generated when joining a station, allows participation in the station
## API Endpoints
### Radio Station Management
#### Create Radio Station
Creates a new radio station and returns an owner token.
**Endpoint:** `POST /radio-stations`
**Request Body:**
```json
{
"name": "My Awesome Station",
"description": "The best music station ever"
}
```
**Response:**
```json
{
"success": true,
"message": "Radio station created successfully",
"data": {
"station": {
"id": "station-uuid",
"name": "My Awesome Station",
"description": "The best music station ever",
"ownerId": "owner-uuid",
"joinCode": "ABC123",
"createdAt": "2025-08-01T10:00:00",
"active": true,
"connectedClients": [],
"songQueue": [],
"currentlyPlaying": null
},
"ownerToken": "jwt-token-here",
"message": "Radio station created successfully. Use this token to manage your station."
}
}
```
#### Get All Radio Stations
Retrieves all radio stations. Requires authentication.
**Endpoint:** `GET /radio-stations?activeOnly=true`
**Query Parameters:**
- `activeOnly` (boolean, default: false): Filter to only active stations
**Response:**
```json
{
"success": true,
"message": "Success",
"data": [
{
"id": "station-uuid",
"name": "Station Name",
"description": "Station Description",
"ownerId": "owner-uuid",
"joinCode": "ABC123",
"createdAt": "2025-08-01T10:00:00",
"active": true,
"connectedClients": ["client1", "client2"],
"songQueue": [],
"currentlyPlaying": null
}
]
}
```
#### Get Radio Station by ID
Retrieves a specific radio station. Requires authentication.
**Endpoint:** `GET /radio-stations/{stationId}`
**Response:**
```json
{
"success": true,
"message": "Success",
"data": {
"id": "station-uuid",
"name": "Station Name",
"description": "Station Description",
"ownerId": "owner-uuid",
"joinCode": "ABC123",
"createdAt": "2025-08-01T10:00:00",
"active": true,
"connectedClients": [],
"songQueue": [],
"currentlyPlaying": null
}
}
```
#### Get Radio Station by Join Code
Retrieves a radio station using its join code. No authentication required.
**Endpoint:** `GET /radio-stations/join/{joinCode}`
**Response:**
```json
{
"success": true,
"message": "Success",
"data": {
"id": "station-uuid",
"name": "Station Name",
"description": "Station Description",
"ownerId": "owner-uuid",
"joinCode": "ABC123",
"createdAt": "2025-08-01T10:00:00",
"active": true,
"connectedClients": [],
"songQueue": [],
"currentlyPlaying": null
}
}
```
#### Update Radio Station
Updates a radio station. Only the station owner can update it.
**Endpoint:** `PUT /radio-stations/{stationId}`
**Request Body:**
```json
{
"name": "Updated Station Name",
"description": "Updated description"
}
```
**Response:**
```json
{
"success": true,
"message": "Radio station updated successfully",
"data": {
"id": "station-uuid",
"name": "Updated Station Name",
"description": "Updated description",
"ownerId": "owner-uuid",
"joinCode": "ABC123",
"createdAt": "2025-08-01T10:00:00",
"active": true,
"connectedClients": [],
"songQueue": [],
"currentlyPlaying": null
}
}
```
#### Delete Radio Station
Deletes a radio station. Only the station owner can delete it.
**Endpoint:** `DELETE /radio-stations/{stationId}`
**Response:**
```json
{
"success": true,
"message": "Radio station deleted successfully",
"data": null
}
```
### Client Management
#### Connect Client to Station
Connects a client to a radio station using a join code. No authentication required.
**Endpoint:** `POST /clients/connect`
**Request Body (Option 1 - Using station ID and join code):**
```json
{
"username": "john_doe",
"radioStationId": "station-uuid",
"joinCode": "ABC123"
}
```
**Request Body (Option 2 - Using join code only):**
```json
{
"username": "john_doe",
"joinCode": "ABC123"
}
```
**Response:**
```json
{
"success": true,
"message": "Successfully connected to radio station",
"data": {
"client": {
"id": "client-uuid",
"username": "john_doe",
"radioStationId": "station-uuid",
"connectedAt": "2025-08-01T10:00:00",
"active": true
},
"clientToken": "jwt-token-here",
"message": "Successfully connected to radio station. Use this token for further requests."
}
}
```
#### Disconnect Client
Disconnects a client from a station. Only the station owner can disconnect clients.
**Endpoint:** `DELETE /clients/{clientId}/disconnect`
**Response:**
```json
{
"success": true,
"message": "Client disconnected successfully",
"data": null
}
```
#### Get Client Information
Retrieves information about a specific client. Requires authentication.
**Endpoint:** `GET /clients/{clientId}`
**Response:**
```json
{
"success": true,
"message": "Success",
"data": {
"id": "client-uuid",
"username": "john_doe",
"radioStationId": "station-uuid",
"connectedAt": "2025-08-01T10:00:00",
"active": true
}
}
```
#### Get Connected Clients
Retrieves all clients connected to a radio station. Requires authentication.
**Endpoint:** `GET /clients/station/{radioStationId}`
**Response:**
```json
{
"success": true,
"message": "Success",
"data": [
{
"id": "client-uuid",
"username": "john_doe",
"radioStationId": "station-uuid",
"connectedAt": "2025-08-01T10:00:00",
"active": true
}
]
}
```
### Song Management
#### Add Song to Queue
Adds a song to the station's queue. Requires authentication.
**Endpoint:** `POST /radio-stations/{stationId}/songs`
**Request Body:**
```json
{
"title": "Bohemian Rhapsody",
"artist": "Queen",
"album": "A Night at the Opera",
"duration": 355,
"url": "https://example.com/song.mp3"
}
```
**Response:**
```json
{
"success": true,
"message": "Song added to queue successfully",
"data": {
"id": "song-uuid",
"title": "Bohemian Rhapsody",
"artist": "Queen",
"album": "A Night at the Opera",
"duration": 355,
"url": "https://example.com/song.mp3",
"addedBy": "user-uuid",
"addedAt": "2025-08-01T10:00:00",
"votes": {},
"upvotes": 0,
"downvotes": 0
}
}
```
#### Get Song Queue
Retrieves the current song queue, sorted by score (upvotes - downvotes). Requires authentication.
**Endpoint:** `GET /radio-stations/{stationId}/songs/queue`
**Response:**
```json
{
"success": true,
"message": "Success",
"data": [
{
"id": "song-uuid",
"title": "Bohemian Rhapsody",
"artist": "Queen",
"album": "A Night at the Opera",
"duration": 355,
"url": "https://example.com/song.mp3",
"addedBy": "user-uuid",
"addedAt": "2025-08-01T10:00:00",
"votes": {
"user1": "UPVOTE",
"user2": "DOWNVOTE"
},
"upvotes": 1,
"downvotes": 1
}
]
}
```
#### Get Currently Playing Song
Retrieves the currently playing song. Requires authentication.
**Endpoint:** `GET /radio-stations/{stationId}/songs/current`
**Response:**
```json
{
"success": true,
"message": "Success",
"data": {
"id": "song-uuid",
"title": "Bohemian Rhapsody",
"artist": "Queen",
"album": "A Night at the Opera",
"duration": 355,
"url": "https://example.com/song.mp3",
"addedBy": "user-uuid",
"addedAt": "2025-08-01T10:00:00",
"votes": {},
"upvotes": 0,
"downvotes": 0
}
}
```
#### Play Next Song
Plays the next song from the queue (highest scoring song). Only station owners can control playback.
**Endpoint:** `POST /radio-stations/{stationId}/songs/next`
**Response:**
```json
{
"success": true,
"message": "Playing next song",
"data": {
"id": "song-uuid",
"title": "Bohemian Rhapsody",
"artist": "Queen",
"album": "A Night at the Opera",
"duration": 355,
"url": "https://example.com/song.mp3",
"addedBy": "user-uuid",
"addedAt": "2025-08-01T10:00:00",
"votes": {},
"upvotes": 0,
"downvotes": 0
}
}
```
#### Vote on Song
Casts a vote (upvote or downvote) on a song. Requires authentication.
**Endpoint:** `POST /radio-stations/{stationId}/songs/{songId}/vote`
**Request Body:**
```json
{
"voteType": "UPVOTE"
}
```
**Vote Types:**
- `UPVOTE`: Positive vote
- `DOWNVOTE`: Negative vote
**Response:**
```json
{
"success": true,
"message": "Vote recorded successfully",
"data": {
"id": "song-uuid",
"title": "Bohemian Rhapsody",
"artist": "Queen",
"album": "A Night at the Opera",
"duration": 355,
"url": "https://example.com/song.mp3",
"addedBy": "user-uuid",
"addedAt": "2025-08-01T10:00:00",
"votes": {
"current-user-id": "UPVOTE"
},
"upvotes": 1,
"downvotes": 0
}
}
```
#### Remove Vote from Song
Removes the current user's vote from a song. Requires authentication.
**Endpoint:** `DELETE /radio-stations/{stationId}/songs/{songId}/vote`
**Response:**
```json
{
"success": true,
"message": "Vote removed successfully",
"data": null
}
```
## Error Responses
All error responses follow this format:
```json
{
"success": false,
"message": "Error description",
"data": null
}
```
### Common HTTP Status Codes
- `200 OK`: Request successful
- `201 Created`: Resource created successfully
- `400 Bad Request`: Invalid request data
- `401 Unauthorized`: Authentication required or token invalid
- `403 Forbidden`: Access denied (e.g., not station owner)
- `404 Not Found`: Resource not found
### Common Error Messages
- `"User not authenticated"`: Missing or invalid authentication token
- `"Radio station not found"`: Station ID or join code not found
- `"Only the station owner can..."`: Action requires owner privileges
- `"Failed to connect to radio station. Invalid join code or station not found."`: Join code is invalid
- `"Client not found"`: Client ID not found
## Usage Examples
### Creating a Station and Adding Songs
1. **Create a station:**
```bash
curl -X POST http://localhost:8080/api/radio-stations \
-H "Content-Type: application/json" \
-d '{"name": "My Station", "description": "Great music"}'
```
2. **Use the returned owner token for authenticated requests:**
```bash
curl -X POST http://localhost:8080/api/radio-stations/{stationId}/songs \
-H "Authorization: Bearer {ownerToken}" \
-H "Content-Type: application/json" \
-d '{"title": "Song Title", "artist": "Artist", "duration": 180, "url": "http://example.com/song.mp3"}'
```
### Joining a Station and Voting
1. **Join a station:**
```bash
curl -X POST http://localhost:8080/api/clients/connect \
-H "Content-Type: application/json" \
-d '{"username": "john", "joinCode": "ABC123"}'
```
2. **Vote on a song:**
```bash
curl -X POST http://localhost:8080/api/radio-stations/{stationId}/songs/{songId}/vote \
-H "Authorization: Bearer {clientToken}" \
-H "Content-Type: application/json" \
-d '{"voteType": "UPVOTE"}'
```
## Notes
- Join codes are 6-character alphanumeric strings automatically generated for each station
- Songs in the queue are sorted by score (upvotes - downvotes) in descending order
- Users can change their vote on a song, but only have one vote per song
- Only station owners can control playback (play next song)
- Tokens expire after 7 days
- The system uses in-memory storage, so data is lost when the server restarts

2
backend/build.gradle
View file

@ -4,7 +4,7 @@ plugins {
id 'io.spring.dependency-management' version '1.1.7'
}
group = 'com.hackathon'
group = 'com.serena'
version = '0.0.1-SNAPSHOT'
java {

2
backend/settings.gradle
View file

@ -1 +1 @@
rootProject.name = 'backend'
rootProject.name = 'serena_backend'

69
backend/src/main/java/com/hackathon/backend/config/JwtAuthenticationFilter.java
View file

@ -1,69 +0,0 @@
package com.hackathon.backend.config;
import com.hackathon.backend.service.JwtService;
import com.hackathon.backend.service.UserService;
import com.hackathon.backend.model.User;
import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.lang.NonNull;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
import org.springframework.stereotype.Component;
import org.springframework.web.filter.OncePerRequestFilter;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Optional;
@Component
public class JwtAuthenticationFilter extends OncePerRequestFilter {
@Autowired
private JwtService jwtService;
@Autowired
private UserService userService;
@Override
protected void doFilterInternal(
@NonNull HttpServletRequest request,
@NonNull HttpServletResponse response,
@NonNull FilterChain filterChain) throws ServletException, IOException {
final String authHeader = request.getHeader("Authorization");
final String jwt;
final String userId;
if (authHeader == null || !authHeader.startsWith("Bearer ")) {
filterChain.doFilter(request, response);
return;
}
jwt = authHeader.substring(7);
userId = jwtService.extractUserId(jwt);
if (userId != null && SecurityContextHolder.getContext().getAuthentication() == null) {
Optional<User> userOpt = userService.getUserById(userId);
if (userOpt.isPresent()) {
User user = userOpt.get();
if (jwtService.isTokenValid(jwt, userId) && user.isActive()) {
UsernamePasswordAuthenticationToken authToken = new UsernamePasswordAuthenticationToken(
user,
null,
new ArrayList<>());
authToken.setDetails(
new WebAuthenticationDetailsSource().buildDetails(request));
SecurityContextHolder.getContext().setAuthentication(authToken);
}
}
}
filterChain.doFilter(request, response);
}
}

123
backend/src/main/java/com/hackathon/backend/controller/AuthController.java
View file

@ -1,123 +0,0 @@
package com.hackathon.backend.controller;
import com.hackathon.backend.dto.ApiResponse;
import com.hackathon.backend.dto.AuthResponse;
import com.hackathon.backend.dto.LoginRequest;
import com.hackathon.backend.dto.RegisterRequest;
import com.hackathon.backend.model.User;
import com.hackathon.backend.service.JwtService;
import com.hackathon.backend.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*;
import java.util.Optional;
@RestController
@RequestMapping("/api/auth")
@CrossOrigin(origins = "*")
public class AuthController {
@Autowired
private UserService userService;
@Autowired
private JwtService jwtService;
@PostMapping("/register")
public ResponseEntity<ApiResponse<AuthResponse>> register(@RequestBody RegisterRequest request) {
if (request.getUsername() == null || request.getUsername().trim().isEmpty()) {
return ResponseEntity.badRequest()
.body(ApiResponse.error("Username is required"));
}
if (request.getPassword() == null || request.getPassword().length() < 6) {
return ResponseEntity.badRequest()
.body(ApiResponse.error("Password must be at least 6 characters long"));
}
if (request.getEmail() == null || request.getEmail().trim().isEmpty()) {
return ResponseEntity.badRequest()
.body(ApiResponse.error("Email is required"));
}
Optional<User> userOpt = userService.registerUser(
request.getUsername().trim(),
request.getPassword(),
request.getEmail().trim());
if (userOpt.isEmpty()) {
return ResponseEntity.status(HttpStatus.CONFLICT)
.body(ApiResponse.error("Username already exists"));
}
User user = userOpt.get();
String token = jwtService.generateToken(user.getId(), user.getUsername());
AuthResponse authResponse = new AuthResponse(
token,
user.getId(),
user.getUsername(),
jwtService.getExpirationTime());
return ResponseEntity.status(HttpStatus.CREATED)
.body(ApiResponse.success("User registered successfully", authResponse));
}
@PostMapping("/login")
public ResponseEntity<ApiResponse<AuthResponse>> login(@RequestBody LoginRequest request) {
if (request.getUsername() == null || request.getUsername().trim().isEmpty()) {
return ResponseEntity.badRequest()
.body(ApiResponse.error("Username is required"));
}
if (request.getPassword() == null || request.getPassword().isEmpty()) {
return ResponseEntity.badRequest()
.body(ApiResponse.error("Password is required"));
}
Optional<User> userOpt = userService.authenticateUser(
request.getUsername().trim(),
request.getPassword());
if (userOpt.isEmpty()) {
return ResponseEntity.status(HttpStatus.UNAUTHORIZED)
.body(ApiResponse.error("Invalid username or password"));
}
User user = userOpt.get();
String token = jwtService.generateToken(user.getId(), user.getUsername());
AuthResponse authResponse = new AuthResponse(
token,
user.getId(),
user.getUsername(),
jwtService.getExpirationTime());
return ResponseEntity.ok(ApiResponse.success("Login successful", authResponse));
}
@GetMapping("/me")
public ResponseEntity<ApiResponse<User>> getCurrentUser(@RequestHeader("Authorization") String authHeader) {
try {
String token = authHeader.substring(7); // Remove "Bearer "
String userId = jwtService.extractUserId(token);
Optional<User> userOpt = userService.getUserById(userId);
if (userOpt.isEmpty()) {
return ResponseEntity.status(HttpStatus.NOT_FOUND)
.body(ApiResponse.error("User not found"));
}
User user = userOpt.get();
// Don't send password in response
user.setPassword(null);
return ResponseEntity.ok(ApiResponse.success(user));
} catch (Exception e) {
return ResponseEntity.status(HttpStatus.UNAUTHORIZED)
.body(ApiResponse.error("Invalid token"));
}
}
}

75
backend/src/main/java/com/hackathon/backend/model/User.java
View file

@ -1,75 +0,0 @@
package com.hackathon.backend.model;
import java.time.LocalDateTime;
import java.util.UUID;
public class User {
private String id;
private String username;
private String password; // This would be hashed in a real application
private String email;
private LocalDateTime createdAt;
private boolean isActive;
public User() {
this.id = UUID.randomUUID().toString();
this.createdAt = LocalDateTime.now();
this.isActive = true;
}
public User(String username, String password, String email) {
this();
this.username = username;
this.password = password;
this.email = email;
}
// Getters and Setters
public String getId() {
return id;
}
public void setId(String id) {
this.id = id;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getEmail() {
return email;
}
public void setEmail(String email) {
this.email = email;
}
public LocalDateTime getCreatedAt() {
return createdAt;
}
public void setCreatedAt(LocalDateTime createdAt) {
this.createdAt = createdAt;
}
public boolean isActive() {
return isActive;
}
public void setActive(boolean active) {
isActive = active;
}
}

85
backend/src/main/java/com/hackathon/backend/service/SimpleTokenService.java
View file

@ -1,85 +0,0 @@
package com.hackathon.backend.service;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.security.Keys;
import org.springframework.stereotype.Service;
import javax.crypto.SecretKey;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import java.util.UUID;
import java.util.function.Function;
@Service
public class SimpleTokenService {
private static final String SECRET_KEY = "404E635266556A586E3272357538782F413F4428472B4B6250645367566B5970";
private static final long TOKEN_EXPIRATION = 7 * 24 * 60 * 60 * 1000; // 7 days
public String generateToken(String username, String role) {
String userId = UUID.randomUUID().toString();
Map<String, Object> claims = new HashMap<>();
claims.put("username", username);
claims.put("role", role); // "owner" or "client"
return Jwts.builder()
.claims(claims)
.subject(userId)
.issuedAt(new Date(System.currentTimeMillis()))
.expiration(new Date(System.currentTimeMillis() + TOKEN_EXPIRATION))
.signWith(getSignInKey())
.compact();
}
public String extractUserId(String token) {
return extractClaim(token, Claims::getSubject);
}
public String extractUsername(String token) {
return extractClaim(token, claims -> claims.get("username", String.class));
}
public String extractRole(String token) {
return extractClaim(token, claims -> claims.get("role", String.class));
}
public <T> T extractClaim(String token, Function<Claims, T> claimsResolver) {
final Claims claims = extractAllClaims(token);
return claimsResolver.apply(claims);
}
public boolean isTokenValid(String token) {
try {
return !isTokenExpired(token);
} catch (Exception e) {
return false;
}
}
private boolean isTokenExpired(String token) {
return extractExpiration(token).before(new Date());
}
private Date extractExpiration(String token) {
return extractClaim(token, Claims::getExpiration);
}
private Claims extractAllClaims(String token) {
return Jwts.parser()
.verifyWith(getSignInKey())
.build()
.parseSignedClaims(token)
.getPayload();
}
private SecretKey getSignInKey() {
byte[] keyBytes = SECRET_KEY.getBytes();
return Keys.hmacShaKeyFor(keyBytes);
}
public long getExpirationTime() {
return TOKEN_EXPIRATION;
}
}

60
backend/src/main/java/com/hackathon/backend/service/UserService.java
View file

@ -1,60 +0,0 @@
package com.hackathon.backend.service;
import com.hackathon.backend.model.User;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;
import java.util.HashMap;
import java.util.Map;
import java.util.Optional;
@Service
public class UserService {
private final Map<String, User> users = new HashMap<>();
private final Map<String, String> usersByUsername = new HashMap<>();
@Autowired
private PasswordEncoder passwordEncoder;
public Optional<User> registerUser(String username, String password, String email) {
// Check if username already exists
if (usersByUsername.containsKey(username)) {
return Optional.empty();
}
// Hash the password
String hashedPassword = passwordEncoder.encode(password);
User user = new User(username, hashedPassword, email);
users.put(user.getId(), user);
usersByUsername.put(username, user.getId());
return Optional.of(user);
}
public Optional<User> authenticateUser(String username, String password) {
String userId = usersByUsername.get(username);
if (userId != null) {
User user = users.get(userId);
// Compare hashed passwords
if (user != null && passwordEncoder.matches(password, user.getPassword()) && user.isActive()) {
return Optional.of(user);
}
}
return Optional.empty();
}
public Optional<User> getUserById(String userId) {
return Optional.ofNullable(users.get(userId));
}
public Optional<User> getUserByUsername(String username) {
String userId = usersByUsername.get(username);
return userId != null ? Optional.ofNullable(users.get(userId)) : Optional.empty();
}
public boolean userExists(String username) {
return usersByUsername.containsKey(username);
}
}

2
backend/src/main/java/com/hackathon/backend/BackendApplication.java → backend/src/main/java/com/serena/backend/BackendApplication.java
View file

@ -1,4 +1,4 @@
package com.hackathon.backend;
package com.serena.backend;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;

4
backend/src/main/java/com/hackathon/backend/config/SecurityConfig.java → backend/src/main/java/com/serena/backend/config/SecurityConfig.java
View file

@ -1,4 +1,4 @@
package com.hackathon.backend.config;
package com.serena.backend.config;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
@ -6,8 +6,6 @@ import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.web.cors.CorsConfiguration;

16
backend/src/main/java/com/hackathon/backend/config/SimpleTokenFilter.java → backend/src/main/java/com/serena/backend/config/SimpleTokenFilter.java
View file

@ -1,7 +1,7 @@
package com.hackathon.backend.config;
package com.serena.backend.config;
import com.hackathon.backend.service.SimpleTokenService;
import com.hackathon.backend.model.TokenUser;
import com.serena.backend.service.JwtService;
import com.serena.backend.model.TokenUser;
import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
@ -21,7 +21,7 @@ import java.util.ArrayList;
public class SimpleTokenFilter extends OncePerRequestFilter {
@Autowired
private SimpleTokenService tokenService;
private JwtService jwtService;
@Override
protected void doFilterInternal(
@ -41,10 +41,10 @@ public class SimpleTokenFilter extends OncePerRequestFilter {
if (SecurityContextHolder.getContext().getAuthentication() == null) {
try {
if (tokenService.isTokenValid(token)) {
String userId = tokenService.extractUserId(token);
String username = tokenService.extractUsername(token);
String role = tokenService.extractRole(token);
if (jwtService.isTokenValid(token)) {
String userId = jwtService.extractUserId(token);
String username = jwtService.extractUsername(token);
String role = jwtService.extractRole(token);
TokenUser tokenUser = new TokenUser(userId, username, role);

20
backend/src/main/java/com/hackathon/backend/controller/ClientController.java → backend/src/main/java/com/serena/backend/controller/ClientController.java
View file

@ -1,12 +1,12 @@
package com.hackathon.backend.controller;
package com.serena.backend.controller;
import com.hackathon.backend.dto.ApiResponse;
import com.hackathon.backend.dto.ConnectClientRequest;
import com.hackathon.backend.model.Client;
import com.hackathon.backend.model.RadioStation;
import com.hackathon.backend.service.RadioStationService;
import com.hackathon.backend.service.SimpleTokenService;
import com.hackathon.backend.util.AuthUtil;
import com.serena.backend.dto.ApiResponse;
import com.serena.backend.dto.ConnectClientRequest;
import com.serena.backend.model.Client;
import com.serena.backend.model.RadioStation;
import com.serena.backend.service.RadioStationService;
import com.serena.backend.service.JwtService;
import com.serena.backend.util.AuthUtil;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
@ -26,7 +26,7 @@ public class ClientController {
private RadioStationService radioStationService;
@Autowired
private SimpleTokenService tokenService;
private JwtService jwtService;
@PostMapping("/connect")
public ResponseEntity<ApiResponse<Map<String, Object>>> connectClient(@RequestBody ConnectClientRequest request) {
@ -48,7 +48,7 @@ public class ClientController {
if (client.isPresent()) {
// Generate a client token
String clientToken = tokenService.generateToken(request.getUsername(), "client");
String clientToken = jwtService.generateTokenWithRole(request.getUsername(), "client");
Map<String, Object> response = new HashMap<>();
response.put("client", client.get());

25
backend/src/main/java/com/hackathon/backend/controller/RadioStationController.java → backend/src/main/java/com/serena/backend/controller/RadioStationController.java
View file

@ -1,12 +1,12 @@
package com.hackathon.backend.controller;
package com.serena.backend.controller;
import com.hackathon.backend.dto.ApiResponse;
import com.hackathon.backend.dto.CreateRadioStationRequest;
import com.hackathon.backend.dto.UpdateRadioStationRequest;
import com.hackathon.backend.model.RadioStation;
import com.hackathon.backend.service.RadioStationService;
import com.hackathon.backend.service.SimpleTokenService;
import com.hackathon.backend.util.AuthUtil;
import com.serena.backend.dto.ApiResponse;
import com.serena.backend.dto.CreateRadioStationRequest;
import com.serena.backend.dto.UpdateRadioStationRequest;
import com.serena.backend.model.RadioStation;
import com.serena.backend.service.RadioStationService;
import com.serena.backend.service.JwtService;
import com.serena.backend.util.AuthUtil;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
@ -26,14 +26,15 @@ public class RadioStationController {
private RadioStationService radioStationService;
@Autowired
private SimpleTokenService tokenService;
private JwtService jwtService;
@PostMapping
public ResponseEntity<ApiResponse<Map<String, Object>>> createRadioStation(@RequestBody CreateRadioStationRequest request) {
public ResponseEntity<ApiResponse<Map<String, Object>>> createRadioStation(
@RequestBody CreateRadioStationRequest request) {
try {
// Generate a token for the station owner
String ownerToken = tokenService.generateToken(request.getName() + "_owner", "owner");
String ownerId = tokenService.extractUserId(ownerToken);
String ownerToken = jwtService.generateTokenWithRole(request.getName() + "_owner", "owner");
String ownerId = jwtService.extractUserId(ownerToken);
RadioStation station = radioStationService.createRadioStation(
request.getName(),

16
backend/src/main/java/com/hackathon/backend/controller/SongController.java → backend/src/main/java/com/serena/backend/controller/SongController.java
View file

@ -1,12 +1,12 @@
package com.hackathon.backend.controller;
package com.serena.backend.controller;
import com.hackathon.backend.dto.AddSongRequest;
import com.hackathon.backend.dto.ApiResponse;
import com.hackathon.backend.dto.VoteRequest;
import com.hackathon.backend.model.RadioStation;
import com.hackathon.backend.model.Song;
import com.hackathon.backend.service.RadioStationService;
import com.hackathon.backend.util.AuthUtil;
import com.serena.backend.dto.AddSongRequest;
import com.serena.backend.dto.ApiResponse;
import com.serena.backend.dto.VoteRequest;
import com.serena.backend.model.RadioStation;
import com.serena.backend.model.Song;
import com.serena.backend.service.RadioStationService;
import com.serena.backend.util.AuthUtil;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;

2
backend/src/main/java/com/hackathon/backend/dto/AddSongRequest.java → backend/src/main/java/com/serena/backend/dto/AddSongRequest.java
View file

@ -1,4 +1,4 @@
package com.hackathon.backend.dto;
package com.serena.backend.dto;
public class AddSongRequest {
private String title;

2
backend/src/main/java/com/hackathon/backend/dto/ApiResponse.java → backend/src/main/java/com/serena/backend/dto/ApiResponse.java
View file

@ -1,4 +1,4 @@
package com.hackathon.backend.dto;
package com.serena.backend.dto;
public class ApiResponse<T> {
private boolean success;

2
backend/src/main/java/com/hackathon/backend/dto/AuthResponse.java → backend/src/main/java/com/serena/backend/dto/AuthResponse.java
View file

@ -1,4 +1,4 @@
package com.hackathon.backend.dto;
package com.serena.backend.dto;
public class AuthResponse {
private String token;

2
backend/src/main/java/com/hackathon/backend/dto/ConnectClientRequest.java → backend/src/main/java/com/serena/backend/dto/ConnectClientRequest.java
View file

@ -1,4 +1,4 @@
package com.hackathon.backend.dto;
package com.serena.backend.dto;
public class ConnectClientRequest {
private String username;

2
backend/src/main/java/com/hackathon/backend/dto/CreateRadioStationRequest.java → backend/src/main/java/com/serena/backend/dto/CreateRadioStationRequest.java
View file

@ -1,4 +1,4 @@
package com.hackathon.backend.dto;
package com.serena.backend.dto;
public class CreateRadioStationRequest {
private String name;

2
backend/src/main/java/com/hackathon/backend/dto/LoginRequest.java → backend/src/main/java/com/serena/backend/dto/LoginRequest.java
View file

@ -1,4 +1,4 @@
package com.hackathon.backend.dto;
package com.serena.backend.dto;
public class LoginRequest {
private String username;

2
backend/src/main/java/com/hackathon/backend/dto/RegisterRequest.java → backend/src/main/java/com/serena/backend/dto/RegisterRequest.java
View file

@ -1,4 +1,4 @@
package com.hackathon.backend.dto;
package com.serena.backend.dto;
public class RegisterRequest {
private String username;

2
backend/src/main/java/com/hackathon/backend/dto/UpdateRadioStationRequest.java → backend/src/main/java/com/serena/backend/dto/UpdateRadioStationRequest.java
View file

@ -1,4 +1,4 @@
package com.hackathon.backend.dto;
package com.serena.backend.dto;
public class UpdateRadioStationRequest {
private String name;

4
backend/src/main/java/com/hackathon/backend/dto/VoteRequest.java → backend/src/main/java/com/serena/backend/dto/VoteRequest.java
View file

@ -1,6 +1,6 @@
package com.hackathon.backend.dto;
package com.serena.backend.dto;
import com.hackathon.backend.model.VoteType;
import com.serena.backend.model.VoteType;
public class VoteRequest {
private String clientId;

2
backend/src/main/java/com/hackathon/backend/model/Client.java → backend/src/main/java/com/serena/backend/model/Client.java
View file

@ -1,4 +1,4 @@
package com.hackathon.backend.model;
package com.serena.backend.model;
import java.time.LocalDateTime;
import java.util.UUID;

2
backend/src/main/java/com/hackathon/backend/model/RadioStation.java → backend/src/main/java/com/serena/backend/model/RadioStation.java
View file

@ -1,4 +1,4 @@
package com.hackathon.backend.model;
package com.serena.backend.model;
import java.time.LocalDateTime;
import java.util.ArrayList;

2
backend/src/main/java/com/hackathon/backend/model/Song.java → backend/src/main/java/com/serena/backend/model/Song.java
View file

@ -1,4 +1,4 @@
package com.hackathon.backend.model;
package com.serena.backend.model;
import java.time.LocalDateTime;
import java.util.HashMap;

2
backend/src/main/java/com/hackathon/backend/model/TokenUser.java → backend/src/main/java/com/serena/backend/model/TokenUser.java
View file

@ -1,4 +1,4 @@
package com.hackathon.backend.model;
package com.serena.backend.model;
public class TokenUser {
private String userId;

2
backend/src/main/java/com/hackathon/backend/model/VoteType.java → backend/src/main/java/com/serena/backend/model/VoteType.java
View file

@ -1,4 +1,4 @@
package com.hackathon.backend.model;
package com.serena.backend.model;
public enum VoteType {
UPVOTE,

30
backend/src/main/java/com/hackathon/backend/service/JwtService.java → backend/src/main/java/com/serena/backend/service/JwtService.java
View file

@ -1,4 +1,4 @@
package com.hackathon.backend.service;
package com.serena.backend.service;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
@ -32,6 +32,24 @@ public class JwtService {
return createToken(claims, userId);
}
// New method to generate token with role (for migrating from
// SimpleTokenService)
public String generateTokenWithRole(String username, String role) {
String userId = java.util.UUID.randomUUID().toString();
Map<String, Object> claims = new HashMap<>();
claims.put("username", username);
claims.put("role", role); // "owner" or "client"
return createToken(claims, userId);
}
public String extractUsername(String token) {
return extractClaim(token, claims -> claims.get("username", String.class));
}
public String extractRole(String token) {
return extractClaim(token, claims -> claims.get("role", String.class));
}
private String createToken(Map<String, Object> extraClaims, String userId) {
return Jwts.builder()
.claims(extraClaims)
@ -47,6 +65,16 @@ public class JwtService {
return (extractedUserId.equals(userId)) && !isTokenExpired(token);
}
// Overloaded method for simpler token validation (migrating from
// SimpleTokenService)
public boolean isTokenValid(String token) {
try {
return !isTokenExpired(token);
} catch (Exception e) {
return false;
}
}
private boolean isTokenExpired(String token) {
return extractExpiration(token).before(new Date());
}

10
backend/src/main/java/com/hackathon/backend/service/RadioStationService.java → backend/src/main/java/com/serena/backend/service/RadioStationService.java
View file

@ -1,9 +1,9 @@
package com.hackathon.backend.service;
package com.serena.backend.service;
import com.hackathon.backend.model.RadioStation;
import com.hackathon.backend.model.Song;
import com.hackathon.backend.model.Client;
import com.hackathon.backend.model.VoteType;
import com.serena.backend.model.RadioStation;
import com.serena.backend.model.Song;
import com.serena.backend.model.Client;
import com.serena.backend.model.VoteType;
import org.springframework.stereotype.Service;
import java.util.ArrayList;

4
backend/src/main/java/com/hackathon/backend/util/AuthUtil.java → backend/src/main/java/com/serena/backend/util/AuthUtil.java
View file

@ -1,6 +1,6 @@
package com.hackathon.backend.util;
package com.serena.backend.util;
import com.hackathon.backend.model.TokenUser;
import com.serena.backend.model.TokenUser;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;

2
backend/src/test/java/com/hackathon/backend/BackendApplicationTests.java → backend/src/test/java/com/serena/backend/BackendApplicationTests.java
View file

@ -1,4 +1,4 @@
package com.hackathon.backend;
package com.serena.backend;
import org.junit.jupiter.api.Test;
import org.springframework.boot.test.context.SpringBootTest;

6
backend/src/test/java/com/hackathon/backend/service/RadioStationServiceTest.java → backend/src/test/java/com/serena/backend/service/RadioStationServiceTest.java
View file

@ -1,7 +1,7 @@
package com.hackathon.backend.service;
package com.serena.backend.service;
import com.hackathon.backend.model.RadioStation;
import com.hackathon.backend.model.Client;
import com.serena.backend.model.RadioStation;
import com.serena.backend.model.Client;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.DisplayName;