A secure, RESTful backend application built using Spring Boot that enables users to manage recipes, interact via likes & comments, upgrade to premium using Razorpay payments, and participate in admin-created events.
The project follows clean layered architecture, enforces role-based access control, and is designed as an API-first system, tested using Postman.
-
JDBC-based authentication using Spring Security
-
Password encryption with BCrypt
-
Role-based access:
- ROLE_USER
- ROLE_ADMIN
-
Endpoint-level authorization using HTTP methods
-
HTTP Basic authentication (used for API testing & payment flow)
- User registration
- Fetch user details by ID or username
- Admin-only user deletion
- Secure access to user data based on role
- Upgrade normal users to premium users
- Create recipes only for the authenticated user
- View single or all recipes
- Search recipes by keyword
- Update recipes (only by owner)
- Delete recipes (only by owner)
- Users can like/unlike recipes
- Check if a user has liked a recipe
- Get like count per recipe
- Protected endpoints to prevent unauthorized actions
- Add comments to recipes
- Fetch all comments for a recipe
- Delete comments (by owner)
- Maintains proper entity relationships
- Integrated Razorpay payment gateway
- Create payment orders
- Verify payments using Razorpay signature
- Automatically upgrade user to premium on successful payment
- Prevent duplicate premium upgrades
- Admins can create events
- Premium users can register for events
- View individual events or all events
- Secure role-based event access
- Java
- Spring Boot
- Spring Framework
- Spring Security
- Spring Data JPA
- Hibernate
- MySQL
- Git & GitHub
- Postman
- JDBC Authentication
- BCrypt Password Encoder
- Razorpay Payment Gateway
The application follows a layered backend architecture:
Controller β Service β Repository β Database
- Controller Layer β REST API endpoints
- Service Layer β Business logic & validations
- Repository Layer β Database operations using JPA
- Security Layer β Authentication & authorization rules
JdbcUserDetailsManagerfor authentication- Custom SQL queries for users & roles
- Role-based endpoint protection
- CSRF disabled for REST APIs
- Method-level access control using HTTP verbs
| Method | Endpoint | Access |
|---|---|---|
| POST | /api/users/register |
Public |
| GET | /api/users/{id} |
USER / ADMIN |
| GET | /api/users/by-username/{username} |
USER / ADMIN |
| POST | /api/users/upgrade |
USER |
| DELETE | /api/users/{id} |
ADMIN |
| Method | Endpoint | Description |
|---|---|---|
| POST | /api/recipes/{userId} |
Create recipe |
| GET | /api/recipes/{id} |
Get recipe |
| GET | /api/recipes |
Get all recipes |
| GET | /api/recipes/search?keyword= |
Search recipes |
| PUT | /api/recipes/{recipeId}/{userId} |
Update recipe |
| DELETE | /api/recipes/{recipeId}/{userId} |
Delete recipe |
| Method | Endpoint | Description |
|---|---|---|
| POST | /api/likes/{recipeId}/{userId} |
Like recipe |
| GET | /api/likes/{recipeId} |
Get like count |
| GET | /api/likes/{recipeId}/{userId} |
Check user like |
| DELETE | /api/likes/{recipeId}/{userId} |
Unlike recipe |
| Method | Endpoint | Description |
|---|---|---|
| POST | /api/comments/{recipeId}/{userId} |
Add comment |
| GET | /api/comments/{recipeId} |
Get comments |
| DELETE | /api/comments/{commentId}/{userId} |
Delete comment |
| Method | Endpoint | Access |
|---|---|---|
| POST | /api/events/create/{adminId} |
ADMIN |
| POST | /api/events/register/{eventId}/{userId} |
USER |
| GET | /api/events/{id} |
USER / ADMIN |
| GET | /api/events |
USER / ADMIN |
| Method | Endpoint | Description |
|---|---|---|
| POST | /api/payments/create-order |
Create Razorpay order |
| POST | /api/payments/verify |
Verify payment |
| GET | /api/payments/order/{orderId} |
Get payment details |
- Java 17+
- MySQL
- Maven
# Clone the repository
git clone https://github.com/Archii1201/recipe-sharing-platform.git
# Navigate to project
cd recipe-sharing-platform
# Configure database in application.properties
spring.datasource.url=jdbc:mysql://localhost:3306/recipe_db
spring.datasource.username=your_username
spring.datasource.password=your_password
# Run application
mvn spring-boot:runServer will start at:
http://localhost:8080
- User
- Recipe
- Like
- Comment
- Event
- Payment
All relationships are managed using JPA & Hibernate annotations.
The project uses Swagger (OpenAPI) for API documentation.
π Swagger UI:http://localhost:8080/swagger-ui.html
- JWT-based authentication (replace HTTP Basic)
- Pagination & sorting for recipes
- Recipe categories & tags
- Swagger / OpenAPI documentation
- Admin analytics dashboard
Archi Patel Backend Developer | Java | Spring Boot
- π GitHub: https://github.com/Archii1201
- πΌ LinkedIn: https://www.linkedin.com/in/archi-patel-765aa2350/
β This project demonstrates real-world backend development, secure role-based access control, payment integration, and scalable REST API design.