Enable authentication and JWT tokens emission

api/build.gradle.kts

@@ -54,6 +54,10 @@ dependencies {
     //======================PROMETHEUS======================
     runtimeOnly("io.micrometer:micrometer-registry-prometheus")
 
+    //======================JWT======================
+    implementation("org.springframework.boot:spring-boot-starter-oauth2-resource-server")
+    implementation("org.springframework.security:spring-security-oauth2-jose")
+
     //======================OTHER======================
     developmentOnly("org.springframework.boot:spring-boot-devtools")
     developmentOnly("org.springframework.boot:spring-boot-docker-compose")

api/compose-dev.yaml

@@ -1,65 +0,0 @@
-services:
-  boardmate-api:
-    build:
-      context: .
-      dockerfile: Dockerfile
-    container_name: boardmate-api
-    ports:
-      - "8000:8080"
-      - "5005:5005"
-    environment:
-      SPRING_DATA_MONGODB_URI: "mongodb://board-mate-user:apx820kcng@mongodb:27017/board-mate-db"
-      JAVA_TOOL_OPTIONS: "-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005"
-    depends_on:
-      - mongodb
-      - elasticsearch
-    volumes:
-      - ./.gradle:/home/gradle/.gradle # Use your existing local Gradle and build directories
-      - ./build:/app/.gradle           # optional, only if you want project cache mapped too
-
-  elasticsearch:
-    image: 'docker.elastic.co/elasticsearch/elasticsearch:7.17.10'
-    environment:
-      - 'ELASTIC_PASSWORD=secret'
-      - 'discovery.type=single-node'
-      - 'xpack.security.enabled=false'
-    ports:
-      - '8100:9200'
-      - '8101:9300'
-  grafana-lgtm:
-    image: 'grafana/otel-lgtm:latest'
-    ports:
-      - '8200:3000'
-      - '8201:4317'
-      - '8202:4318'
-  prometheus:
-    image: 'prom/prometheus:latest'
-    container_name: prometheus
-    ports:
-      - "8300:9090"
-    volumes:
-      - ./prometheus.yaml:/etc/prometheus/prometheus.yml
-
-  mongodb:
-    image: mongo:latest
-    environment:
-      - MONGO_INITDB_DATABASE=board-mate-db
-      - MONGO_INITDB_ROOT_PASSWORD=secret
-      - MONGO_INITDB_ROOT_USERNAME=root
-    ports:
-      - "8400:27017"
-    volumes:
-      - ./mongo-data:/data/db
-      - ./mongo-init:/docker-entrypoint-initdb.d
-  #mongo-express:
-  #  image: mongo-express:latest
-  #  depends_on:
-  #   - mongodb
-  #  ports:
-  #    - "8401:8081"
-  #  environment:
-  #    - ME_CONFIG_MONGODB_SERVER=mongodb
-  #    - ME_CONFIG_MONGODB_PORT=27017
-  #    - ME_CONFIG_MONGODB_ADMINUSERNAME=root
-  #    - ME_CONFIG_MONGODB_ADMINPASSWORD=secret
-  #    - ME_CONFIG_MONGODB_AUTH_DATABASE=admin

api/compose.yaml

@@ -6,7 +6,10 @@ services:
     container_name: boardmate-api
     ports:
       - "8000:8080"
+      - "5005:5005"
     environment:
+      JWT_SECRET: "enY3OWU4djFyMTByNTZhcG9uY3Z0djQ5cnY0eDhhNWM0bjg5OTRjNDhidA=="
+      SSL_KEYSTORE_PATH: "/certs/keystore.p12"
       SPRING_DATA_MONGODB_URI: "mongodb://board-mate-user:apx820kcng@mongodb:27017/board-mate-db"
       JAVA_TOOL_OPTIONS: "-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005"
     depends_on:
@@ -16,6 +19,7 @@ services:
     volumes:
       - ./.gradle:/home/gradle/.gradle
       - ./build:/app/.gradle
+      - ./certs:/certs
 
   elasticsearch:
     image: 'docker.elastic.co/elasticsearch/elasticsearch:7.17.10'

api/mosquitto/log/mosquitto.log

@@ -22,3 +22,432 @@ To fix this, use `chmod 0700 /mosquitto/config/passwords`.
 1766752156: New client connected from 172.18.0.1:60816 as auto-6747DC9C-65B9-8421-1946-2BEA4E74334D (p2, c1, k60, u'rpi').
 1766752156: Client auto-6747DC9C-65B9-8421-1946-2BEA4E74334D disconnected.
 1766752160: Client auto-D579FA3E-E74B-F0BC-909C-27A7F304D55A disconnected.
+1766933235: mosquitto version 2.0.22 starting
+1766933235: Config loaded from /mosquitto/config/mosquitto.conf.
+1766933235: Warning: File /mosquitto/config/passwords has world readable permissions. Future versions will refuse to load this file.
+To fix this, use `chmod 0700 /mosquitto/config/passwords`.
+1766933235: Opening ipv4 listen socket on port 1883.
+1766933235: Opening ipv6 listen socket on port 1883.
+1766933235: Opening websockets listen socket on port 9001.
+1766933235: Opening ipv4 listen socket on port 8883.
+1766933235: Opening ipv6 listen socket on port 8883.
+1766933235: mosquitto version 2.0.22 running
+1766935027: Saving in-memory database to /mosquitto/data//mosquitto.db.
+1766936481: mosquitto version 2.0.22 terminating
+1766936481: Saving in-memory database to /mosquitto/data//mosquitto.db.
+1766937848: mosquitto version 2.0.22 starting
+1766937848: Config loaded from /mosquitto/config/mosquitto.conf.
+1766937848: Warning: File /mosquitto/config/passwords has world readable permissions. Future versions will refuse to load this file.
+To fix this, use `chmod 0700 /mosquitto/config/passwords`.
+1766937848: Opening ipv4 listen socket on port 1883.
+1766937848: Opening ipv6 listen socket on port 1883.
+1766937848: Opening websockets listen socket on port 9001.
+1766937848: Opening ipv4 listen socket on port 8883.
+1766937848: Opening ipv6 listen socket on port 8883.
+1766937848: mosquitto version 2.0.22 running
+1766937905: mosquitto version 2.0.22 terminating
+1766937905: Saving in-memory database to /mosquitto/data//mosquitto.db.
+1766937912: mosquitto version 2.0.22 starting
+1766937912: Config loaded from /mosquitto/config/mosquitto.conf.
+1766937912: Warning: File /mosquitto/config/passwords has world readable permissions. Future versions will refuse to load this file.
+To fix this, use `chmod 0700 /mosquitto/config/passwords`.
+1766937912: Opening ipv4 listen socket on port 1883.
+1766937912: Opening ipv6 listen socket on port 1883.
+1766937912: Opening websockets listen socket on port 9001.
+1766937912: Opening ipv4 listen socket on port 8883.
+1766937912: Opening ipv6 listen socket on port 8883.
+1766937912: mosquitto version 2.0.22 running
+1766938116: mosquitto version 2.0.22 terminating
+1766938116: Saving in-memory database to /mosquitto/data//mosquitto.db.
+1766938121: mosquitto version 2.0.22 starting
+1766938121: Config loaded from /mosquitto/config/mosquitto.conf.
+1766938121: Warning: File /mosquitto/config/passwords has world readable permissions. Future versions will refuse to load this file.
+To fix this, use `chmod 0700 /mosquitto/config/passwords`.
+1766938121: Opening ipv4 listen socket on port 1883.
+1766938121: Opening ipv6 listen socket on port 1883.
+1766938121: Opening websockets listen socket on port 9001.
+1766938121: Opening ipv4 listen socket on port 8883.
+1766938121: Opening ipv6 listen socket on port 8883.
+1766938121: mosquitto version 2.0.22 running
+1766938145: mosquitto version 2.0.22 terminating
+1766938145: Saving in-memory database to /mosquitto/data//mosquitto.db.
+1766938307: mosquitto version 2.0.22 starting
+1766938307: Config loaded from /mosquitto/config/mosquitto.conf.
+1766938307: Warning: File /mosquitto/config/passwords has world readable permissions. Future versions will refuse to load this file.
+To fix this, use `chmod 0700 /mosquitto/config/passwords`.
+1766938307: Opening ipv4 listen socket on port 1883.
+1766938307: Opening ipv6 listen socket on port 1883.
+1766938307: Opening websockets listen socket on port 9001.
+1766938307: Opening ipv4 listen socket on port 8883.
+1766938307: Opening ipv6 listen socket on port 8883.
+1766938307: mosquitto version 2.0.22 running
+1766938502: mosquitto version 2.0.22 terminating
+1766938502: Saving in-memory database to /mosquitto/data//mosquitto.db.
+1766938504: mosquitto version 2.0.22 starting
+1766938504: Config loaded from /mosquitto/config/mosquitto.conf.
+1766938504: Warning: File /mosquitto/config/passwords has world readable permissions. Future versions will refuse to load this file.
+To fix this, use `chmod 0700 /mosquitto/config/passwords`.
+1766938504: Opening ipv4 listen socket on port 1883.
+1766938504: Opening ipv6 listen socket on port 1883.
+1766938504: Opening websockets listen socket on port 9001.
+1766938504: Opening ipv4 listen socket on port 8883.
+1766938504: Opening ipv6 listen socket on port 8883.
+1766938504: mosquitto version 2.0.22 running
+1766938589: mosquitto version 2.0.22 terminating
+1766938589: Saving in-memory database to /mosquitto/data//mosquitto.db.
+1766938591: mosquitto version 2.0.22 starting
+1766938591: Config loaded from /mosquitto/config/mosquitto.conf.
+1766938591: Warning: File /mosquitto/config/passwords has world readable permissions. Future versions will refuse to load this file.
+To fix this, use `chmod 0700 /mosquitto/config/passwords`.
+1766938591: Opening ipv4 listen socket on port 1883.
+1766938591: Opening ipv6 listen socket on port 1883.
+1766938591: Opening websockets listen socket on port 9001.
+1766938591: Opening ipv4 listen socket on port 8883.
+1766938591: Opening ipv6 listen socket on port 8883.
+1766938591: mosquitto version 2.0.22 running
+1766939073: mosquitto version 2.0.22 starting
+1766939073: Config loaded from /mosquitto/config/mosquitto.conf.
+1766939073: Warning: File /mosquitto/config/passwords has world readable permissions. Future versions will refuse to load this file.
+To fix this, use `chmod 0700 /mosquitto/config/passwords`.
+1766939073: Opening ipv4 listen socket on port 1883.
+1766939073: Opening ipv6 listen socket on port 1883.
+1766939073: Opening websockets listen socket on port 9001.
+1766939073: Opening ipv4 listen socket on port 8883.
+1766939073: Opening ipv6 listen socket on port 8883.
+1766939073: mosquitto version 2.0.22 running
+1766939246: mosquitto version 2.0.22 terminating
+1766939246: Saving in-memory database to /mosquitto/data//mosquitto.db.
+1766939249: mosquitto version 2.0.22 starting
+1766939249: Config loaded from /mosquitto/config/mosquitto.conf.
+1766939249: Warning: File /mosquitto/config/passwords has world readable permissions. Future versions will refuse to load this file.
+To fix this, use `chmod 0700 /mosquitto/config/passwords`.
+1766939249: Opening ipv4 listen socket on port 1883.
+1766939249: Opening ipv6 listen socket on port 1883.
+1766939249: Opening websockets listen socket on port 9001.
+1766939249: Opening ipv4 listen socket on port 8883.
+1766939249: Opening ipv6 listen socket on port 8883.
+1766939249: mosquitto version 2.0.22 running
+1766939386: mosquitto version 2.0.22 terminating
+1766939386: Saving in-memory database to /mosquitto/data//mosquitto.db.
+1766939389: mosquitto version 2.0.22 starting
+1766939389: Config loaded from /mosquitto/config/mosquitto.conf.
+1766939389: Warning: File /mosquitto/config/passwords has world readable permissions. Future versions will refuse to load this file.
+To fix this, use `chmod 0700 /mosquitto/config/passwords`.
+1766939389: Opening ipv4 listen socket on port 1883.
+1766939389: Opening ipv6 listen socket on port 1883.
+1766939389: Opening websockets listen socket on port 9001.
+1766939389: Opening ipv4 listen socket on port 8883.
+1766939389: Opening ipv6 listen socket on port 8883.
+1766939389: mosquitto version 2.0.22 running
+1766939433: mosquitto version 2.0.22 terminating
+1766939433: Saving in-memory database to /mosquitto/data//mosquitto.db.
+1766939435: mosquitto version 2.0.22 starting
+1766939435: Config loaded from /mosquitto/config/mosquitto.conf.
+1766939435: Warning: File /mosquitto/config/passwords has world readable permissions. Future versions will refuse to load this file.
+To fix this, use `chmod 0700 /mosquitto/config/passwords`.
+1766939435: Opening ipv4 listen socket on port 1883.
+1766939435: Opening ipv6 listen socket on port 1883.
+1766939435: Opening websockets listen socket on port 9001.
+1766939435: Opening ipv4 listen socket on port 8883.
+1766939435: Opening ipv6 listen socket on port 8883.
+1766939435: mosquitto version 2.0.22 running
+1766939512: mosquitto version 2.0.22 terminating
+1766939512: Saving in-memory database to /mosquitto/data//mosquitto.db.
+1766939515: mosquitto version 2.0.22 starting
+1766939515: Config loaded from /mosquitto/config/mosquitto.conf.
+1766939515: Warning: File /mosquitto/config/passwords has world readable permissions. Future versions will refuse to load this file.
+To fix this, use `chmod 0700 /mosquitto/config/passwords`.
+1766939515: Opening ipv4 listen socket on port 1883.
+1766939515: Opening ipv6 listen socket on port 1883.
+1766939515: Opening websockets listen socket on port 9001.
+1766939515: Opening ipv4 listen socket on port 8883.
+1766939515: Opening ipv6 listen socket on port 8883.
+1766939515: mosquitto version 2.0.22 running
+1766939583: mosquitto version 2.0.22 terminating
+1766939583: Saving in-memory database to /mosquitto/data//mosquitto.db.
+1766939585: mosquitto version 2.0.22 starting
+1766939585: Config loaded from /mosquitto/config/mosquitto.conf.
+1766939585: Warning: File /mosquitto/config/passwords has world readable permissions. Future versions will refuse to load this file.
+To fix this, use `chmod 0700 /mosquitto/config/passwords`.
+1766939585: Opening ipv4 listen socket on port 1883.
+1766939585: Opening ipv6 listen socket on port 1883.
+1766939585: Opening websockets listen socket on port 9001.
+1766939585: Opening ipv4 listen socket on port 8883.
+1766939585: Opening ipv6 listen socket on port 8883.
+1766939585: mosquitto version 2.0.22 running
+1766939845: mosquitto version 2.0.22 terminating
+1766939845: Saving in-memory database to /mosquitto/data//mosquitto.db.
+1766939847: mosquitto version 2.0.22 starting
+1766939847: Config loaded from /mosquitto/config/mosquitto.conf.
+1766939847: Warning: File /mosquitto/config/passwords has world readable permissions. Future versions will refuse to load this file.
+To fix this, use `chmod 0700 /mosquitto/config/passwords`.
+1766939847: Opening ipv4 listen socket on port 1883.
+1766939847: Opening ipv6 listen socket on port 1883.
+1766939847: Opening websockets listen socket on port 9001.
+1766939847: Opening ipv4 listen socket on port 8883.
+1766939847: Opening ipv6 listen socket on port 8883.
+1766939847: mosquitto version 2.0.22 running
+1766939952: mosquitto version 2.0.22 terminating
+1766939952: Saving in-memory database to /mosquitto/data//mosquitto.db.
+1766939954: mosquitto version 2.0.22 starting
+1766939954: Config loaded from /mosquitto/config/mosquitto.conf.
+1766939954: Warning: File /mosquitto/config/passwords has world readable permissions. Future versions will refuse to load this file.
+To fix this, use `chmod 0700 /mosquitto/config/passwords`.
+1766939954: Opening ipv4 listen socket on port 1883.
+1766939954: Opening ipv6 listen socket on port 1883.
+1766939954: Opening websockets listen socket on port 9001.
+1766939954: Opening ipv4 listen socket on port 8883.
+1766939954: Opening ipv6 listen socket on port 8883.
+1766939954: mosquitto version 2.0.22 running
+1766939984: mosquitto version 2.0.22 terminating
+1766939984: Saving in-memory database to /mosquitto/data//mosquitto.db.
+1766939987: mosquitto version 2.0.22 starting
+1766939987: Config loaded from /mosquitto/config/mosquitto.conf.
+1766939987: Warning: File /mosquitto/config/passwords has world readable permissions. Future versions will refuse to load this file.
+To fix this, use `chmod 0700 /mosquitto/config/passwords`.
+1766939987: Opening ipv4 listen socket on port 1883.
+1766939987: Opening ipv6 listen socket on port 1883.
+1766939987: Opening websockets listen socket on port 9001.
+1766939987: Opening ipv4 listen socket on port 8883.
+1766939987: Opening ipv6 listen socket on port 8883.
+1766939987: mosquitto version 2.0.22 running
+1766940134: mosquitto version 2.0.22 terminating
+1766940134: Saving in-memory database to /mosquitto/data//mosquitto.db.
+1766940136: mosquitto version 2.0.22 starting
+1766940136: Config loaded from /mosquitto/config/mosquitto.conf.
+1766940136: Warning: File /mosquitto/config/passwords has world readable permissions. Future versions will refuse to load this file.
+To fix this, use `chmod 0700 /mosquitto/config/passwords`.
+1766940136: Opening ipv4 listen socket on port 1883.
+1766940136: Opening ipv6 listen socket on port 1883.
+1766940136: Opening websockets listen socket on port 9001.
+1766940136: Opening ipv4 listen socket on port 8883.
+1766940136: Opening ipv6 listen socket on port 8883.
+1766940136: mosquitto version 2.0.22 running
+1766940434: mosquitto version 2.0.22 terminating
+1766940434: Saving in-memory database to /mosquitto/data//mosquitto.db.
+1766940437: mosquitto version 2.0.22 starting
+1766940437: Config loaded from /mosquitto/config/mosquitto.conf.
+1766940437: Warning: File /mosquitto/config/passwords has world readable permissions. Future versions will refuse to load this file.
+To fix this, use `chmod 0700 /mosquitto/config/passwords`.
+1766940437: Opening ipv4 listen socket on port 1883.
+1766940437: Opening ipv6 listen socket on port 1883.
+1766940437: Opening websockets listen socket on port 9001.
+1766940437: Opening ipv4 listen socket on port 8883.
+1766940437: Opening ipv6 listen socket on port 8883.
+1766940437: mosquitto version 2.0.22 running
+1766940588: mosquitto version 2.0.22 terminating
+1766940588: Saving in-memory database to /mosquitto/data//mosquitto.db.
+1766940591: mosquitto version 2.0.22 starting
+1766940591: Config loaded from /mosquitto/config/mosquitto.conf.
+1766940591: Warning: File /mosquitto/config/passwords has world readable permissions. Future versions will refuse to load this file.
+To fix this, use `chmod 0700 /mosquitto/config/passwords`.
+1766940591: Opening ipv4 listen socket on port 1883.
+1766940591: Opening ipv6 listen socket on port 1883.
+1766940591: Opening websockets listen socket on port 9001.
+1766940591: Opening ipv4 listen socket on port 8883.
+1766940591: Opening ipv6 listen socket on port 8883.
+1766940591: mosquitto version 2.0.22 running
+1766940862: mosquitto version 2.0.22 terminating
+1766940862: Saving in-memory database to /mosquitto/data//mosquitto.db.
+1766940864: mosquitto version 2.0.22 starting
+1766940864: Config loaded from /mosquitto/config/mosquitto.conf.
+1766940864: Warning: File /mosquitto/config/passwords has world readable permissions. Future versions will refuse to load this file.
+To fix this, use `chmod 0700 /mosquitto/config/passwords`.
+1766940864: Opening ipv4 listen socket on port 1883.
+1766940864: Opening ipv6 listen socket on port 1883.
+1766940864: Opening websockets listen socket on port 9001.
+1766940864: Opening ipv4 listen socket on port 8883.
+1766940864: Opening ipv6 listen socket on port 8883.
+1766940864: mosquitto version 2.0.22 running
+1766942655: Saving in-memory database to /mosquitto/data//mosquitto.db.
+1766944446: Saving in-memory database to /mosquitto/data//mosquitto.db.
+1766946237: Saving in-memory database to /mosquitto/data//mosquitto.db.
+1766946370: mosquitto version 2.0.22 terminating
+1766946370: Saving in-memory database to /mosquitto/data//mosquitto.db.
+1766946372: mosquitto version 2.0.22 starting
+1766946372: Config loaded from /mosquitto/config/mosquitto.conf.
+1766946372: Warning: File /mosquitto/config/passwords has world readable permissions. Future versions will refuse to load this file.
+To fix this, use `chmod 0700 /mosquitto/config/passwords`.
+1766946372: Opening ipv4 listen socket on port 1883.
+1766946372: Opening ipv6 listen socket on port 1883.
+1766946372: Opening websockets listen socket on port 9001.
+1766946372: Opening ipv4 listen socket on port 8883.
+1766946372: Opening ipv6 listen socket on port 8883.
+1766946372: mosquitto version 2.0.22 running
+1766946453: mosquitto version 2.0.22 terminating
+1766946453: Saving in-memory database to /mosquitto/data//mosquitto.db.
+1766946455: mosquitto version 2.0.22 starting
+1766946455: Config loaded from /mosquitto/config/mosquitto.conf.
+1766946455: Warning: File /mosquitto/config/passwords has world readable permissions. Future versions will refuse to load this file.
+To fix this, use `chmod 0700 /mosquitto/config/passwords`.
+1766946455: Opening ipv4 listen socket on port 1883.
+1766946455: Opening ipv6 listen socket on port 1883.
+1766946455: Opening websockets listen socket on port 9001.
+1766946455: Opening ipv4 listen socket on port 8883.
+1766946455: Opening ipv6 listen socket on port 8883.
+1766946455: mosquitto version 2.0.22 running
+1766946577: mosquitto version 2.0.22 terminating
+1766946577: Saving in-memory database to /mosquitto/data//mosquitto.db.
+1766946580: mosquitto version 2.0.22 starting
+1766946580: Config loaded from /mosquitto/config/mosquitto.conf.
+1766946580: Warning: File /mosquitto/config/passwords has world readable permissions. Future versions will refuse to load this file.
+To fix this, use `chmod 0700 /mosquitto/config/passwords`.
+1766946580: Opening ipv4 listen socket on port 1883.
+1766946580: Opening ipv6 listen socket on port 1883.
+1766946580: Opening websockets listen socket on port 9001.
+1766946580: Opening ipv4 listen socket on port 8883.
+1766946580: Opening ipv6 listen socket on port 8883.
+1766946580: mosquitto version 2.0.22 running
+1766947501: mosquitto version 2.0.22 terminating
+1766947501: Saving in-memory database to /mosquitto/data//mosquitto.db.
+1766947503: mosquitto version 2.0.22 starting
+1766947503: Config loaded from /mosquitto/config/mosquitto.conf.
+1766947503: Warning: File /mosquitto/config/passwords has world readable permissions. Future versions will refuse to load this file.
+To fix this, use `chmod 0700 /mosquitto/config/passwords`.
+1766947503: Opening ipv4 listen socket on port 1883.
+1766947503: Opening ipv6 listen socket on port 1883.
+1766947503: Opening websockets listen socket on port 9001.
+1766947503: Opening ipv4 listen socket on port 8883.
+1766947503: Opening ipv6 listen socket on port 8883.
+1766947503: mosquitto version 2.0.22 running
+1766947641: mosquitto version 2.0.22 terminating
+1766947641: Saving in-memory database to /mosquitto/data//mosquitto.db.
+1766947644: mosquitto version 2.0.22 starting
+1766947644: Config loaded from /mosquitto/config/mosquitto.conf.
+1766947644: Warning: File /mosquitto/config/passwords has world readable permissions. Future versions will refuse to load this file.
+To fix this, use `chmod 0700 /mosquitto/config/passwords`.
+1766947644: Opening ipv4 listen socket on port 1883.
+1766947644: Opening ipv6 listen socket on port 1883.
+1766947644: Opening websockets listen socket on port 9001.
+1766947644: Opening ipv4 listen socket on port 8883.
+1766947644: Opening ipv6 listen socket on port 8883.
+1766947644: mosquitto version 2.0.22 running
+1766948074: mosquitto version 2.0.22 starting
+1766948074: Config loaded from /mosquitto/config/mosquitto.conf.
+1766948074: Warning: File /mosquitto/config/passwords has world readable permissions. Future versions will refuse to load this file.
+To fix this, use `chmod 0700 /mosquitto/config/passwords`.
+1766948074: Opening ipv4 listen socket on port 1883.
+1766948074: Opening ipv6 listen socket on port 1883.
+1766948074: Opening websockets listen socket on port 9001.
+1766948074: Opening ipv4 listen socket on port 8883.
+1766948074: Opening ipv6 listen socket on port 8883.
+1766948074: mosquitto version 2.0.22 running
+1766948307: mosquitto version 2.0.22 terminating
+1766948307: Saving in-memory database to /mosquitto/data//mosquitto.db.
+1766948310: mosquitto version 2.0.22 starting
+1766948310: Config loaded from /mosquitto/config/mosquitto.conf.
+1766948310: Warning: File /mosquitto/config/passwords has world readable permissions. Future versions will refuse to load this file.
+To fix this, use `chmod 0700 /mosquitto/config/passwords`.
+1766948310: Opening ipv4 listen socket on port 1883.
+1766948310: Opening ipv6 listen socket on port 1883.
+1766948310: Opening websockets listen socket on port 9001.
+1766948310: Opening ipv4 listen socket on port 8883.
+1766948310: Opening ipv6 listen socket on port 8883.
+1766948310: mosquitto version 2.0.22 running
+1766948571: mosquitto version 2.0.22 terminating
+1766948571: Saving in-memory database to /mosquitto/data//mosquitto.db.
+1766948574: mosquitto version 2.0.22 starting
+1766948574: Config loaded from /mosquitto/config/mosquitto.conf.
+1766948574: Warning: File /mosquitto/config/passwords has world readable permissions. Future versions will refuse to load this file.
+To fix this, use `chmod 0700 /mosquitto/config/passwords`.
+1766948574: Opening ipv4 listen socket on port 1883.
+1766948574: Opening ipv6 listen socket on port 1883.
+1766948574: Opening websockets listen socket on port 9001.
+1766948574: Opening ipv4 listen socket on port 8883.
+1766948574: Opening ipv6 listen socket on port 8883.
+1766948574: mosquitto version 2.0.22 running
+1766948746: mosquitto version 2.0.22 terminating
+1766948746: Saving in-memory database to /mosquitto/data//mosquitto.db.
+1766948748: mosquitto version 2.0.22 starting
+1766948748: Config loaded from /mosquitto/config/mosquitto.conf.
+1766948748: Warning: File /mosquitto/config/passwords has world readable permissions. Future versions will refuse to load this file.
+To fix this, use `chmod 0700 /mosquitto/config/passwords`.
+1766948748: Opening ipv4 listen socket on port 1883.
+1766948748: Opening ipv6 listen socket on port 1883.
+1766948748: Opening websockets listen socket on port 9001.
+1766948748: Opening ipv4 listen socket on port 8883.
+1766948748: Opening ipv6 listen socket on port 8883.
+1766948748: mosquitto version 2.0.22 running
+1766948837: mosquitto version 2.0.22 terminating
+1766948837: Saving in-memory database to /mosquitto/data//mosquitto.db.
+1766948851: mosquitto version 2.0.22 starting
+1766948851: Config loaded from /mosquitto/config/mosquitto.conf.
+1766948851: Warning: File /mosquitto/config/passwords has world readable permissions. Future versions will refuse to load this file.
+To fix this, use `chmod 0700 /mosquitto/config/passwords`.
+1766948851: Opening ipv4 listen socket on port 1883.
+1766948851: Opening ipv6 listen socket on port 1883.
+1766948851: Opening websockets listen socket on port 9001.
+1766948851: Opening ipv4 listen socket on port 8883.
+1766948851: Opening ipv6 listen socket on port 8883.
+1766948851: mosquitto version 2.0.22 running
+1766948862: mosquitto version 2.0.22 terminating
+1766948862: Saving in-memory database to /mosquitto/data//mosquitto.db.
+1766948877: mosquitto version 2.0.22 starting
+1766948877: Config loaded from /mosquitto/config/mosquitto.conf.
+1766948877: Warning: File /mosquitto/config/passwords has world readable permissions. Future versions will refuse to load this file.
+To fix this, use `chmod 0700 /mosquitto/config/passwords`.
+1766948877: Opening ipv4 listen socket on port 1883.
+1766948877: Opening ipv6 listen socket on port 1883.
+1766948877: Opening websockets listen socket on port 9001.
+1766948877: Opening ipv4 listen socket on port 8883.
+1766948877: Opening ipv6 listen socket on port 8883.
+1766948877: mosquitto version 2.0.22 running
+1766949171: mosquitto version 2.0.22 terminating
+1766949171: Saving in-memory database to /mosquitto/data//mosquitto.db.
+1766949173: mosquitto version 2.0.22 starting
+1766949173: Config loaded from /mosquitto/config/mosquitto.conf.
+1766949173: Warning: File /mosquitto/config/passwords has world readable permissions. Future versions will refuse to load this file.
+To fix this, use `chmod 0700 /mosquitto/config/passwords`.
+1766949173: Opening ipv4 listen socket on port 1883.
+1766949173: Opening ipv6 listen socket on port 1883.
+1766949173: Opening websockets listen socket on port 9001.
+1766949173: Opening ipv4 listen socket on port 8883.
+1766949173: Opening ipv6 listen socket on port 8883.
+1766949173: mosquitto version 2.0.22 running
+1766949728: mosquitto version 2.0.22 terminating
+1766949728: Saving in-memory database to /mosquitto/data//mosquitto.db.
+1766949731: mosquitto version 2.0.22 starting
+1766949731: Config loaded from /mosquitto/config/mosquitto.conf.
+1766949731: Warning: File /mosquitto/config/passwords has world readable permissions. Future versions will refuse to load this file.
+To fix this, use `chmod 0700 /mosquitto/config/passwords`.
+1766949731: Opening ipv4 listen socket on port 1883.
+1766949731: Opening ipv6 listen socket on port 1883.
+1766949731: Opening websockets listen socket on port 9001.
+1766949731: Opening ipv4 listen socket on port 8883.
+1766949731: Opening ipv6 listen socket on port 8883.
+1766949731: mosquitto version 2.0.22 running
+1766949844: mosquitto version 2.0.22 terminating
+1766949844: Saving in-memory database to /mosquitto/data//mosquitto.db.
+1766949846: mosquitto version 2.0.22 starting
+1766949846: Config loaded from /mosquitto/config/mosquitto.conf.
+1766949846: Warning: File /mosquitto/config/passwords has world readable permissions. Future versions will refuse to load this file.
+To fix this, use `chmod 0700 /mosquitto/config/passwords`.
+1766949846: Opening ipv4 listen socket on port 1883.
+1766949846: Opening ipv6 listen socket on port 1883.
+1766949846: Opening websockets listen socket on port 9001.
+1766949846: Opening ipv4 listen socket on port 8883.
+1766949846: Opening ipv6 listen socket on port 8883.
+1766949846: mosquitto version 2.0.22 running
+1766950761: mosquitto version 2.0.22 starting
+1766950761: Config loaded from /mosquitto/config/mosquitto.conf.
+1766950761: Warning: File /mosquitto/config/passwords has world readable permissions. Future versions will refuse to load this file.
+To fix this, use `chmod 0700 /mosquitto/config/passwords`.
+1766950761: Opening ipv4 listen socket on port 1883.
+1766950761: Opening ipv6 listen socket on port 1883.
+1766950761: Opening websockets listen socket on port 9001.
+1766950761: Opening ipv4 listen socket on port 8883.
+1766950761: Opening ipv6 listen socket on port 8883.
+1766950761: mosquitto version 2.0.22 running
+1766951049: mosquitto version 2.0.22 terminating
+1766951049: Saving in-memory database to /mosquitto/data//mosquitto.db.
+1766951052: mosquitto version 2.0.22 starting
+1766951052: Config loaded from /mosquitto/config/mosquitto.conf.
+1766951052: Warning: File /mosquitto/config/passwords has world readable permissions. Future versions will refuse to load this file.
+To fix this, use `chmod 0700 /mosquitto/config/passwords`.
+1766951052: Opening ipv4 listen socket on port 1883.
+1766951052: Opening ipv6 listen socket on port 1883.
+1766951052: Opening websockets listen socket on port 9001.
+1766951052: Opening ipv4 listen socket on port 8883.
+1766951052: Opening ipv6 listen socket on port 8883.
+1766951052: mosquitto version 2.0.22 running
+1766952808: Saving in-memory database to /mosquitto/data//mosquitto.db.

api/src/main/java/be/naaturel/boardmateapi/BoardmateApiApplication.java

@@ -3,6 +3,7 @@ package be.naaturel.boardmateapi;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 
+
 @SpringBootApplication
 public class BoardmateApiApplication {
 

api/src/main/java/be/naaturel/boardmateapi/common/models/Client.java

@@ -0,0 +1,44 @@
+package be.naaturel.boardmateapi.common.models;
+
+public class Client {
+
+    private String id;
+    private String name;
+    private String username;
+    private String key;
+
+    public Client(String id, String name, String username, String key){
+        this.id = id;
+        this.name = name;
+        this.username = username;
+        this.key = key;
+    }
+
+    public String getId() {
+        return id;
+    }
+
+    public void setId(String id) {
+        this.id = id;
+    }
+
+    public String getName() {
+        return name;
+    }
+
+    public void setUsername(String username) {
+        this.username = username;
+    }
+
+    public String getUsername() {
+        return username;
+    }
+
+    public String getKey() {
+        return key;
+    }
+
+    public void setKey(String key) {
+        this.key = key;
+    }
+}

api/src/main/java/be/naaturel/boardmateapi/configurations/configurations/AppSecurityConfig.java

@@ -1,18 +1,30 @@
 package be.naaturel.boardmateapi.configurations.configurations;
 
 import be.naaturel.boardmateapi.configurations.properties.AppProperties;
+import com.nimbusds.jose.jwk.source.ImmutableSecret;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.oauth2.jwt.JwtDecoder;
+import org.springframework.security.oauth2.jwt.JwtEncoder;
+import org.springframework.security.oauth2.jwt.NimbusJwtDecoder;
+import org.springframework.security.oauth2.jwt.NimbusJwtEncoder;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.transaction.annotation.EnableTransactionManagement;
 import org.springframework.web.cors.CorsConfiguration;
 import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
 import org.springframework.web.filter.CorsFilter;
 
+import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
+import java.nio.charset.StandardCharsets;
 import java.util.Arrays;
 
 @Configuration
@@ -28,10 +40,29 @@ public class AppSecurityConfig {
     }
 
     @Bean
-    public SecurityFilterChain filterChain(HttpSecurity http) {
+    public PasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
 
+    @Bean
+    SecurityFilterChain filterChain(HttpSecurity http, @Autowired JwtDecoder jwtDecoder) throws Exception {
         return http
                 .csrf(AbstractHttpConfigurer::disable)
+                .authorizeHttpRequests(auth -> auth
+                        .requestMatchers(
+                                "/health",
+                                "/actuator/**",
+                                "/v3/api-docs/**",
+                                "/v3/api-docs/swagger-config",
+                                "/webjars/**",
+                                "/swagger-ui/**",
+                                "/docs/**",
+                                "/v1/docs/**",
+                                "/swagger-ui.html",
+                                "/authenticate",
+                                "/client/create").permitAll()
+                        .anyRequest().authenticated()
+            ).oauth2ResourceServer(oauth2 -> oauth2.jwt(Customizer.withDefaults()))
                 .build();
     }
 

api/src/main/java/be/naaturel/boardmateapi/configurations/configurations/JWTConfig.java

@@ -0,0 +1,49 @@
+package be.naaturel.boardmateapi.configurations.configurations;
+
+import be.naaturel.boardmateapi.configurations.properties.AppProperties;
+import com.nimbusds.jose.JWSAlgorithm;
+import com.nimbusds.jose.jwk.JWKSet;
+import com.nimbusds.jose.jwk.KeyUse;
+import com.nimbusds.jose.jwk.OctetSequenceKey;
+import com.nimbusds.jose.jwk.source.ImmutableSecret;
+import com.nimbusds.jose.jwk.source.JWKSource;
+import com.nimbusds.jose.proc.SecurityContext;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Primary;
+import org.springframework.security.oauth2.jwt.JwtDecoder;
+import org.springframework.security.oauth2.jwt.JwtEncoder;
+import org.springframework.security.oauth2.jwt.NimbusJwtDecoder;
+import org.springframework.security.oauth2.jwt.NimbusJwtEncoder;
+
+import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
+import java.nio.charset.StandardCharsets;
+import java.util.Base64;
+
+@Configuration
+public class JWTConfig {
+
+    private final AppProperties conf;
+
+    @Autowired
+    public JWTConfig(AppProperties appConf) {
+        this.conf = appConf;
+    }
+
+    @Bean
+    public JwtEncoder jwtEncoder() {
+        byte[] keyBytes = Base64.getDecoder().decode(conf.jwtSecret);
+        SecretKey key = new SecretKeySpec(keyBytes, "HmacSHA256");
+        return new NimbusJwtEncoder(new ImmutableSecret<>(key));
+    }
+
+    @Bean
+    public JwtDecoder jwtDecoder() {
+        byte[] keyBytes = Base64.getDecoder().decode(conf.jwtSecret);
+        SecretKey key = new SecretKeySpec(keyBytes, "HmacSHA256");
+        return NimbusJwtDecoder.withSecretKey(key).build();
+    }
+}

api/src/main/java/be/naaturel/boardmateapi/configurations/configurations/SwaggerConfig.java

@@ -1,8 +1,29 @@
 package be.naaturel.boardmateapi.configurations.configurations;
 
+import io.swagger.v3.oas.models.Components;
+import io.swagger.v3.oas.models.OpenAPI;
+import io.swagger.v3.oas.models.security.SecurityRequirement;
+import io.swagger.v3.oas.models.security.SecurityScheme;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 
 @Configuration
 public class SwaggerConfig {
+    @Bean
+    public OpenAPI customOpenAPI() {
+        final String securitySchemeName = "bearerAuth";
 
+        return new OpenAPI()
+                .addSecurityItem(new SecurityRequirement().addList(securitySchemeName))
+                .components(
+                        new Components()
+                                .addSecuritySchemes(securitySchemeName,
+                                        new SecurityScheme()
+                                                .name(securitySchemeName)
+                                                .type(SecurityScheme.Type.HTTP)
+                                                .scheme("bearer")
+                                                .bearerFormat("JWT")
+                                )
+                );
+    }
 }

api/src/main/java/be/naaturel/boardmateapi/configurations/properties/AppProperties.java

@@ -21,4 +21,6 @@ public class AppProperties {
     @Value("${spring.mongodb.database}")
     public String database;
 
+    @Value("${jwt.secret}")
+    public String jwtSecret;
 }

api/src/main/java/be/naaturel/boardmateapi/controllers/AuthController.java

@@ -0,0 +1,80 @@
+package be.naaturel.boardmateapi.controllers;
+
+import be.naaturel.boardmateapi.common.models.Client;
+import be.naaturel.boardmateapi.controllers.dtos.*;
+import be.naaturel.boardmateapi.services.ClientService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.oauth2.jose.jws.MacAlgorithm;
+import org.springframework.security.oauth2.jwt.JwsHeader;
+import org.springframework.security.oauth2.jwt.JwtClaimsSet;
+import org.springframework.security.oauth2.jwt.JwtEncoder;
+import org.springframework.security.oauth2.jwt.JwtEncoderParameters;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RestController;
+
+import java.time.Instant;
+
+@RestController
+public class AuthController {
+
+    private final ClientService service;
+    private final JwtEncoder jwtEncoder;
+
+    @Autowired
+    public AuthController(ClientService service, JwtEncoder jwtEncoder) {
+        this.service = service;
+        this.jwtEncoder = jwtEncoder;
+    }
+
+    @PostMapping("/authenticate")
+    public ResponseEntity<ResponseBody<AuthResponseDto>> login(@RequestBody AuthRequestDto request) {
+        ResponseBody<AuthResponseDto> result = ResponseBody.createEmpty();
+        try {
+            Client user = service.authenticate(
+                    request.getUsername(),
+                    request.getKey()
+            );
+
+            Instant now = Instant.now();
+
+            JwtClaimsSet claims = JwtClaimsSet.builder()
+                    .subject(user.getId())
+                    .claim("name", user.getName())
+                    .claim("username", user.getUsername())
+                    .issuedAt(now)
+                    .expiresAt(now.plusSeconds(3600*12))
+                    .build();
+
+            JwtEncoderParameters params =
+                    JwtEncoderParameters.from(
+                            JwsHeader.with(MacAlgorithm.HS256).build(),
+                            claims
+                    );
+
+            String token = jwtEncoder.encode(params).getTokenValue();
+
+            AuthResponseDto response = new AuthResponseDto();
+            response.setName(user.getName());
+            response.setUsername(user.getUsername());
+            response.setClientId(user.getId());
+            response.setAuthToken(token);
+
+            result.setSuccess(true);
+            result.setData(response);
+            return ResponseEntity
+                    .status(HttpStatus.OK)
+                    .body(result);
+
+        } catch (Exception e){
+            e.printStackTrace();
+            result.setMessage(e.getMessage());
+            return ResponseEntity
+                    .status(HttpStatus.INTERNAL_SERVER_ERROR)
+                    .body(result);
+        }
+    }
+
+}

api/src/main/java/be/naaturel/boardmateapi/controllers/ClientController.java

@@ -0,0 +1,42 @@
+package be.naaturel.boardmateapi.controllers;
+
+import be.naaturel.boardmateapi.controllers.dtos.AuthRequestDto;
+import be.naaturel.boardmateapi.controllers.dtos.AuthResponseDto;
+import be.naaturel.boardmateapi.controllers.dtos.ClientDto;
+import be.naaturel.boardmateapi.controllers.dtos.ResponseBody;
+import be.naaturel.boardmateapi.services.ClientService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+public class ClientController {
+
+    private final ClientService service;
+
+    @Autowired
+    public ClientController(ClientService service){
+        this.service = service;
+    }
+
+
+    @PostMapping("/client/create")
+    public ResponseEntity<ResponseBody<String>> create(@RequestBody ClientDto dto) {
+        ResponseBody<String> result = ResponseBody.createEmpty();
+        try{
+            String clientId = service.create(dto.getName(), dto.getUsername(), dto.getKey());
+            result.setData(clientId);
+            return ResponseEntity.
+                    status(HttpStatus.OK)
+                    .body(result);
+        } catch (Exception e){
+            result.setMessage(e.getMessage());
+            return ResponseEntity
+                    .status(HttpStatus.INTERNAL_SERVER_ERROR)
+                    .body(result);
+        }
+    }
+}

api/src/main/java/be/naaturel/boardmateapi/controllers/dtos/AuthRequestDto.java

@@ -0,0 +1,22 @@
+package be.naaturel.boardmateapi.controllers.dtos;
+
+public class AuthRequestDto {
+    private String username;
+    private String key;
+
+    public String getUsername() {
+        return username;
+    }
+
+    public void setUsername(String username) {
+        this.username = username;
+    }
+
+    public String getKey() {
+        return key;
+    }
+
+    public void setKey(String key) {
+        this.key = key;
+    }
+}

api/src/main/java/be/naaturel/boardmateapi/controllers/dtos/AuthResponseDto.java

@@ -0,0 +1,40 @@
+package be.naaturel.boardmateapi.controllers.dtos;
+
+public class AuthResponseDto {
+    private String clientId;
+    private String name;
+    private String username;
+    private String authToken;
+
+    public String getClientId() {
+        return clientId;
+    }
+
+    public void setClientId(String clientId) {
+        this.clientId = clientId;
+    }
+
+    public String getUsername() {
+        return username;
+    }
+
+    public void setUsername(String username) {
+        this.username = username;
+    }
+
+    public String getName() {
+        return name;
+    }
+
+    public void setName(String name) {
+        this.name = name;
+    }
+
+    public String getAuthToken() {
+        return authToken;
+    }
+
+    public void setAuthToken(String authToken) {
+        this.authToken = authToken;
+    }
+}

api/src/main/java/be/naaturel/boardmateapi/controllers/dtos/ClientDto.java

@@ -0,0 +1,32 @@
+package be.naaturel.boardmateapi.controllers.dtos;
+
+public class ClientDto {
+
+    private String name;
+    private String username;
+    private String key;
+
+    public String getName() {
+        return name;
+    }
+
+    public void setName(String name) {
+        this.name = name;
+    }
+
+    public String getUsername() {
+        return username;
+    }
+
+    public void setUsername(String username) {
+        this.username = username;
+    }
+
+    public String getKey() {
+        return key;
+    }
+
+    public void setKey(String key) {
+        this.key = key;
+    }
+}

api/src/main/java/be/naaturel/boardmateapi/repository/ClientRepo.java

@@ -0,0 +1,11 @@
+package be.naaturel.boardmateapi.repository;
+
+
+import be.naaturel.boardmateapi.repository.dtos.ClientDto;
+import org.springframework.data.mongodb.repository.MongoRepository;
+
+import java.util.Optional;
+
+public interface ClientRepo extends MongoRepository<ClientDto, String> {
+    Optional<ClientDto> findByServiceUsername(String serviceUsername);
+}

api/src/main/java/be/naaturel/boardmateapi/repository/dtos/ClientDto.java

@@ -0,0 +1,59 @@
+package be.naaturel.boardmateapi.repository.dtos;
+
+import org.springframework.data.annotation.Id;
+import org.springframework.data.mongodb.core.mapping.Document;
+import org.springframework.data.mongodb.core.mapping.Field;
+
+@Document(collection = "clients")
+public class ClientDto {
+    @Id
+    private String id;
+
+    @Field("name")
+    private String name;
+
+    @Field("clientId")
+    private String clientId;
+
+    @Field("serviceUsername")
+    private String serviceUsername;
+
+    @Field("serviceKey")
+    private String serviceKey;
+
+    public String getId() {
+        return id;
+    }
+
+    public void setName(String name) {
+        this.name = name;
+    }
+
+    public String getName() {
+        return name;
+    }
+
+    public String getClientId() {
+        return clientId;
+    }
+
+    public void setClientId(String clientId) {
+        this.clientId = clientId;
+    }
+
+    public String getServiceUsername() {
+        return serviceUsername;
+    }
+
+    public void setServiceUsername(String serviceUsername) {
+        this.serviceUsername = serviceUsername;
+    }
+
+    public void setServiceKey(String serviceKey) {
+        this.serviceKey = serviceKey;
+    }
+
+    public String getServiceKey() {
+        return serviceKey;
+    }
+}

api/src/main/java/be/naaturel/boardmateapi/services/ClientService.java

@@ -0,0 +1,56 @@
+package be.naaturel.boardmateapi.services;
+
+import be.naaturel.boardmateapi.common.exceptions.ServiceException;
+import be.naaturel.boardmateapi.common.models.Client;
+import be.naaturel.boardmateapi.repository.ClientRepo;
+import be.naaturel.boardmateapi.repository.dtos.ClientDto;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.stereotype.Service;
+
+import java.util.UUID;
+
+import static java.util.UUID.randomUUID;
+
+@Service
+public class ClientService {
+
+    private final ClientRepo repo;
+    private final PasswordEncoder passwordEncoder;
+
+    @Autowired
+    public ClientService(ClientRepo repo, PasswordEncoder passwordEncoder){
+        this.repo = repo;
+        this.passwordEncoder = passwordEncoder;
+    }
+
+    public Client authenticate(String username, String key) throws ServiceException {
+        try {
+            ClientDto dto = repo.findByServiceUsername(username)
+                    .orElseThrow(() -> new RuntimeException("Invalid username"));
+
+            if (passwordEncoder.matches(key, dto.getServiceKey())) {
+                return new Client(dto.getClientId(), dto.getName(), dto.getServiceUsername(), dto.getServiceKey());
+            } else {
+                throw new RuntimeException("Invalid username or password");
+            }
+        } catch (Exception e){
+            throw new ServiceException("Authentication failed", e);
+        }
+    }
+
+    public String create(String name, String username, String key) throws ServiceException {
+        try{
+            ClientDto dto = new ClientDto();
+            dto.setClientId(randomUUID().toString());
+            dto.setName(name);
+            dto.setServiceUsername(username);
+            String encodedKey = passwordEncoder.encode(key);
+            dto.setServiceKey(encodedKey);
+            ClientDto result = repo.save(dto);
+            return result.getClientId();
+        } catch (Exception e){
+            throw new ServiceException("Unable to create client", e);
+        }
+    }
+}

api/src/main/resources/application.properties

@@ -10,13 +10,20 @@ sec.cors.authorizedHots=*
 sec.cors.authorizedMethods=GET,POST,PUT,DELETE,OPTION
 sec.cors.authorizedHeader=Authorization,Content-type
 
+jwt.secret=${JWT_SECRET}
+jwt.expiration=3600
+
+server.ssl.key-store=${SSL_KEYSTORE_PATH}
+server.ssl.key-store-password=heplhepl
+server.ssl.key-store-type=PKCS12
+server.ssl.key-alias=board-mate-api
+
 #=============MQTT=============
 mqtt.broker-url=tcp://test.mosquitto.org:1883
 mqtt.client-id=board-mate-client
 
 mqtt.topic=board-mate-test/topic
 
-
 mqtt.username=yourUsername
 mqtt.password=yourPassword
 #=============METRICS=============