marcel/mealprep
1
0
Fork 0
Code Issues 22 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0b182a33fd94662b885e4531cc9a21748c20199e
mealprep/backend/src/main/java/com/recipeapp/household/HouseholdController.java
Marcel Raddatz 0b182a33fd refactor(auth): extract authenticateInSession to AuthService 
Remove duplicated private authenticateInSession from AuthController and
HouseholdController. Add a single public implementation on AuthService
with session fixation protection built in. HouseholdController now
injects AuthService and passes role "user" for invite-accepted accounts.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-10 22:24:58 +02:00

95 lines
4.0 KiB
Java
Raw Blame History

package com.recipeapp.household;
import com.recipeapp.auth.AuthService;
import com.recipeapp.common.ApiResponse;
import com.recipeapp.household.dto.*;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.validation.Valid;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*;
import java.security.Principal;
import java.util.List;
import java.util.Optional;
import java.util.UUID;
@RestController
@RequestMapping("/v1")
public class HouseholdController {
private final HouseholdService householdService;
private final AuthService authService;
public HouseholdController(HouseholdService householdService, AuthService authService) {
this.householdService = householdService;
this.authService = authService;
}
@PostMapping("/households")
public ResponseEntity<ApiResponse<HouseholdResponse>> createHousehold(
Principal principal,
@Valid @RequestBody CreateHouseholdRequest request) {
HouseholdResponse response = householdService.createHousehold(principal.getName(), request);
return ResponseEntity.status(HttpStatus.CREATED).body(ApiResponse.success(response));
}
@GetMapping("/households/mine")
public ResponseEntity<ApiResponse<HouseholdResponse>> getMyHousehold(Principal principal) {
HouseholdResponse response = householdService.getMyHousehold(principal.getName());
return ResponseEntity.ok(ApiResponse.success(response));
}
@GetMapping("/households/mine/members")
public ResponseEntity<List<MemberResponse>> getMembers(Principal principal) {
List<MemberResponse> members = householdService.getMembers(principal.getName());
return ResponseEntity.ok(members);
}
@GetMapping("/households/mine/invites")
public ResponseEntity<ApiResponse<InviteResponse>> getActiveInvite(Principal principal) {
Optional<InviteResponse> invite = householdService.getActiveInvite(principal.getName());
return invite
.map(r -> ResponseEntity.ok(ApiResponse.success(r)))
.orElse(ResponseEntity.noContent().build());
}
@PostMapping("/households/mine/invites")
public ResponseEntity<ApiResponse<InviteResponse>> createInvite(Principal principal) {
InviteResponse response = householdService.createInvite(principal.getName());
return ResponseEntity.status(HttpStatus.CREATED).body(ApiResponse.success(response));
}
@DeleteMapping("/households/mine/members/{userId}")
public ResponseEntity<Void> removeMember(Principal principal, @PathVariable UUID userId) {
householdService.removeMember(principal.getName(), userId);
return ResponseEntity.noContent().build();
}
@PatchMapping("/households/mine/members/{userId}")
public ResponseEntity<ApiResponse<MemberResponse>> changeMemberRole(
Principal principal,
@PathVariable UUID userId,
@Valid @RequestBody ChangeRoleRequest request) {
MemberResponse response = householdService.changeMemberRole(principal.getName(), userId, request.role());
return ResponseEntity.ok(ApiResponse.success(response));
}
@GetMapping("/invites/{code}")
public ResponseEntity<ApiResponse<InviteInfoResponse>> getInviteInfo(@PathVariable String code) {
InviteInfoResponse response = householdService.getInviteInfo(code);
return ResponseEntity.ok(ApiResponse.success(response));
}
@PostMapping("/invites/{code}/accept")
public ResponseEntity<ApiResponse<AcceptInviteResponse>> acceptInvite(
@PathVariable String code,
@Valid @RequestBody AcceptInviteRequest request,
HttpServletRequest httpRequest) {
AcceptInviteResponse response = householdService.acceptInvite(
code, request.name(), request.email(), request.password());
authService.authenticateInSession(request.email(), "user", httpRequest);
return ResponseEntity.ok(ApiResponse.success(response));
}
}
Reference in New Issue View Git Blame Copy Permalink