API REST production-ready para gestiΓ³n de librerΓa con autenticaciΓ³n JWT, HATEOAS (Richardson Level 3), control de acceso por roles, y 98% de cobertura de tests. Incluye Docker, Swagger UI, y arquitectura empresarial.
π Quick Start β’ π API Docs β’ π HATEOAS β’ π§ͺ Tests
This API now features full HATEOAS implementation with API V2, providing:
- π Hypermedia Navigation: Auto-discoverable API with contextual links
- π‘ API Discovery: Root endpoint (
/api/v2) for complete resource exploration - ποΈ Richardson Level 3: True RESTful implementation with hypermedia controls
- π Backward Compatibility: V1 API maintained with deprecation strategy
- π HAL + HAL-FORMS: Industry-standard hypermedia formats
# Run the complete HATEOAS demonstration
./demo-hateoas.sh
# Or explore manually:
curl http://localhost:8080/api/v2 -H "Accept: application/hal+json"This project includes dual-version API documentation using OpenAPI 3.0 (Swagger):
- Interactive API Explorer:
http://localhost:8080/swagger-ui.html - API V2 (HATEOAS): Complete hypermedia navigation with discovery
- API V1 (Deprecated): Original endpoints marked for migration
- OpenAPI JSON:
http://localhost:8080/api-docs - Complete endpoint documentation with request/response examples
- Authentication integration - test JWT-protected endpoints directly from the UI
- Schema documentation for all data models with hypermedia support
- Start the application with Docker:
docker-compose up --build --no-cache - Navigate to:
http://localhost:8080/swagger-ui.html - To test protected endpoints:
- First, use
/api/auth/loginto get a JWT token - Click the "Authorize" button in Swagger UI
- Enter:
Bearer YOUR_JWT_TOKEN - Now you can test all protected endpoints in both V1 and V2
- First, use
GET /api/v2β API Discovery root with navigation linksGET /api/v2/clientesβ Hypermedia client managementGET /api/v2/productosβ Product catalog with navigationGET /api/v2/pedidosβ Order management with contextual linksGET /api/v2/reservasβ Reservation system with hypermedia
-
POST /api/auth/registerβ Registro de usuario con rol
-
POST /api/auth/loginβ AutenticaciΓ³n y obtenciΓ³n de JWT
-
GET /api/test/empleadoβ Endpoint protegido para rol EMPLEADO
- π HATEOAS Navigation: Richardson Level 3 RESTful implementation with hypermedia
- π API Versioning: V2 with HATEOAS + V1 backward compatibility
- π Stateless Authentication: JWT-based authentication system for scalable applications
- π₯ Role-Based Authorization: Multi-level access control (CLIENT, EMPLOYEE, MANAGER, ADMIN)
- π‘οΈ Secure Endpoints: Protected routes with granular permission management
- ποΈ Modern Architecture: Clean, maintainable code following Spring Boot best practices
- πΎ Database Integration: Full JPA/Hibernate support with relational database design
- π Security First: BCrypt password hashing and comprehensive security filters
- π§ͺ High Test Coverage: 98% code coverage with comprehensive unit and integration tests (426 tests passing)
- π API Documentation: Complete OpenAPI 3.0 documentation with interactive Swagger UI
- π― HAL + HAL-FORMS: Industry-standard hypermedia formats for API discoverability
- Backend: Java 17+, Spring Boot 3.x
- Security: Spring Security 6, JWT (jjwt library)
- Database: JPA/Hibernate with MySQL/MariaDB support
- Testing: JUnit 5, Mockito, JaCoCo for coverage analysis
- Code Quality: SonarCloud integration for continuous code quality monitoring
- Documentation: OpenAPI 3.0 (Swagger), SpringDoc OpenAPI
- DevOps: Docker, Docker Compose ready
POST /api/auth/registerβ User registration with role assignmentPOST /api/auth/loginβ Authentication and JWT token generation
GET /api/clientsβ Client management (role-based access)GET /api/productsβ Product catalog managementGET /api/reservationsβ Reservation system with stock validationGET /api/inventoryβ Inventory tracking and restock alerts
GET /api/test/employeeβ Employee-only accessGET /api/test/managerβ Manager-level operationsGET /api/test/adminβ Administrative functions
βββ src/main/java/com/letrasypapeles/backend/
β βββ controller/ # REST controllers
β βββ service/ # Business logic layer
β βββ repository/ # Data access layer
β βββ entity/ # JPA entities
β βββ security/ # JWT and security configuration
β βββ exception/ # Global exception handling
β βββ config/ # Application configuration
βββ src/test/java/ # Comprehensive test suite (426+ tests)
βββ src/main/resources/ # Configuration files
- Java 17 or higher
- Maven 3.6+
- MySQL/MariaDB database
- Docker (optional)
-
Clone the repository:
git clone https://github.com/RodrigoSanchezDev/jwt-springboot-api.git cd jwt-springboot-api -
Database Configuration: Configure your database settings in
src/main/resources/application.properties:spring.datasource.url=jdbc:mysql://localhost:3306/letrasypapeles spring.datasource.username=your_username spring.datasource.password=your_password
-
Build and Run:
./mvnw clean install ./mvnw spring-boot:run
-
Docker Alternative:
docker-compose up --build
The API will be available at http://localhost:8080
- User registers/logs in with credentials
- Server validates and returns JWT token
- Client includes token in Authorization header
- Server validates token for protected endpoints
- CLIENT: Basic user operations
- EMPLOYEE: Customer service functions
- MANAGER: Business operations and reporting
- ADMIN: Full system administration
- Password encryption with BCrypt
- JWT token expiration management
- CORS configuration for cross-origin requests
- SQL injection prevention with JPA
- Input validation and sanitization
- Total Tests: 426+ comprehensive test cases
- Overall Coverage: 98% code coverage achieved
- Critical Components: 100% coverage on business logic
- Test Types: Unit, Integration, and Security tests
- Entity Testing: Complete validation of business entities
- Service Layer: Business logic validation with mocked dependencies
- Security Testing: Authentication and authorization validation
- Repository Testing: Data access layer validation
Inventory Management Tests:
@Test
public void testControlDeUmbrales() {
Inventario inventario = new Inventario(4, 5);
boolean resultado = inventario.necesitaReabastecimiento();
assertTrue(resultado);
}
@Test
public void testNoNecesitaReabastecimiento() {
Inventario inventario = new Inventario();
inventario.setStockActual(20);
inventario.setUmbralMinimo(5);
assertFalse(inventario.necesitaReabastecimiento());
}- SonarCloud Integration: Continuous code quality monitoring
- Code Coverage: JaCoCo reports with detailed coverage analysis
- Security Analysis: Automated vulnerability scanning
- Performance: Sub-100ms response times for most endpoints
# Run all tests
./mvnw test
# Generate coverage report
./mvnw jacoco:report
# Run specific test suite
./mvnw test -Dtest=InventarioTest- Response Times: Optimized for <100ms average response
- Concurrent Users: Tested for 500+ simultaneous connections
- Database Optimization: Indexed queries and connection pooling
- Memory Management: Efficient resource utilization
- Test Execution: All 426+ tests complete in under 20 seconds
# Database
DB_HOST=localhost
DB_PORT=3306
DB_NAME=letrasypapeles
DB_USERNAME=your_username
DB_PASSWORD=your_password
# JWT
JWT_SECRET=your_jwt_secret_key
JWT_EXPIRATION=86400000
# Server
SERVER_PORT=8080dev- Development environment with H2 databasetest- Testing environment with in-memory databaseprod- Production environment with MySQL
- GraphQL API support
- Real-time notifications with WebSocket
- Advanced analytics dashboard
- Multi-tenant architecture
- OAuth2 integration
- Kubernetes deployment manifests
- Enhanced monitoring with Micrometer and Prometheus
Contributions are welcome! Please feel free to submit a Pull Request. For major changes, please open an issue first to discuss what you would like to change.
- Fork the project
- Create your feature branch (
git checkout -b feature/AmazingFeature) - Write comprehensive tests for new functionality
- Ensure all tests pass and maintain >95% coverage
- Commit your changes (
git commit -m 'Add some AmazingFeature') - Push to the branch (
git push origin feature/AmazingFeature) - Open a Pull Request
- Maintain test coverage above 95%
- Follow Spring Boot best practices
- Include proper documentation
- Use meaningful commit messages
This project is licensed under the MIT License - see the LICENSE file for details.
Rodrigo Sanchez
- Website: sanchezdev.com
- GitHub: @RodrigoSanchezDev
- LinkedIn: Rodrigo Sanchez
If you found this project helpful, please give it a star! Your support means a lot and helps others discover this project.
- β 98% Test Coverage - Comprehensive testing strategy
- β 426+ Test Cases - Extensive validation coverage
- β Zero Failed Tests - Robust and reliable codebase
- β SonarCloud Integration - Continuous quality monitoring
- β Production-Ready - Enterprise-grade security and architecture
Built with β€οΈ using Spring Boot, comprehensive testing, and modern Java practices