README.md

#Online BookStore API A comprehensive Library Management API tailored for seamless integration into digital platforms, perfect for powering online book repositories and literary platforms📚.

###👨‍💻Tech stack

• Spring Boot: provides a set of pre-built templates and conventions for creating stand-alone, production-grade Spring-based applications.
• Hibernate: simplifies the interaction between Java applications and databases by mapping Java objects to database tables and vice versa.
• Spring Security: provides features like authentication, authorization, and protection against common security threats.
• Spring Web: includes tools for handling HTTP requests, managing sessions, and processing web-related tasks.
• Spring Data JPA: provides a higher-level abstraction for working with databases and includes support for JPA (Java Persistence API).
• Lombok: helps reduce boilerplate code by automatically generating common code constructs (like getters, setters, constructors, etc.) during compile time.
• Mapstruct: generates mapping code based on annotations, reducing the need for manual, error-prone mapping code.
• Liquibase: helps manage database schema changes over time, making it easier to track and deploy database updates.
• Swagger: provides a framework for generating interactive API documentation, allowing developers to understand, test, and use APIs more easily.
• Docker: provides a consistent and reproducible way to deploy applications across different environments.
• Postman: allows developers to create and send HTTP requests to test APIs, monitor responses, and automate testing workflows.
• Testcontainers is an open source framework for providing throwaway, lightweight instances of databases, message brokers, web browsers, or just about anything that can run in a Docker container.
• Mockito Mockito is a popular open-source Java testing framework that allows the creation of mock objects in unit tests.
• JUnit JUnit is a widely used open-source testing framework for Java. It provides annotations and assertions to facilitate the writing and execution of unit tests.

###🚦Endpoints of controllers

• AuthenticationController: handles user registration and authorization.
• BookController: handles book-related tasks, including the creation, modification, deletion, and retrieval of book information.
• CartController: oversees the status of the shopping cart, enabling users to add, modify, fetch, and remove items from the cart.
• CategoryController: handles category management, permitting administrators to perform actions such as creation, modification, retrieval, and deletion.
• OrderController: manages order-related tasks, including the creation, modification, deletion, and retrieval of order history.#Online BookStore API A comprehensive Library Management API tailored for seamless integration into digital platforms, perfect for powering online book repositories and literary platforms📚.

###📦Postman Collection For your convenience, i've created a Postman collection that includes sample requests for various API endpoints. You can download it here and import it into your Postman workspace to get started quickly.

###🧐How to run and test my application? First, download a repository. You can use git console command:

git clone https://github.com/BohdanTrue/book-store-spring.git

Build a project using Maven:

mvn clean install

Then, rise a Docker container of your app:

docker build -t {your-image-name} .
docker-compose build
docker-compose up

Also, you can run this project without docker, but before that, you need to configure the connection to your local database in the application properties. Run this command after that:

 mvn spring-boot:run

That's all you need to know to start! 🎉

###🥊Challenges and Solutions

######Challenges During the implementation of Spring Security within our Online Book Store API, several challenges were encountered, requiring thoughtful solutions:

• Complex Configuration: Spring Security can be intricate to configure, particularly when dealing with custom authentication and authorization requirements.

• Token-Based Authentication: The integration of JWT (JSON Web Tokens) for token-based authentication posed challenges related to token creation, validation, and secure storage.

• User Management: The efficient management of user roles, permissions, and access control within the API needed a structured approach.

######Solutions Implemented To overcome these challenges and establish a robust and secure authentication and authorization system, the following solutions were put into effect:

• Detailed Configuration Documentation: The Spring Security configuration was documented comprehensively, providing thorough explanations for each aspect. This documentation offers clarity for both contributors and users on the setup of authentication and authorization.

• JWT Integration and Best Practices: JWT was adopted as the authentication mechanism, adhering to industry best practices. Established libraries were utilized, and security guidelines for token creation, validation, and storage were followed.

• Custom UserDetailsService: A custom UserDetailsService was implemented to manage user roles, permissions, and access control. This customization allowed for user management tailored to specific requirements while maintaining security.

By solving these challenges and implementing solutions, a secure and reliable authentication and authorization system using Spring Security was established. This ensures the protection of user data and sensitive operations within our Online Book Store API, creating a secure and trustworthy environment for users.

###⚙️Possible Improvements Your contributions and insights are highly valued! While the current implementation provides a solid foundation for testing and development, there's always room for improvement. I encourage community members to get involved and contribute to the enhancement of our testing strategies. Make comment with your suggestion or send me a message to telegram: @therealbadil

###🎯Happy coding!