{"id":21307315,"url":"https://github.com/jdegand/link-sharing-app-backend","last_synced_at":"2026-05-09T01:37:35.840Z","repository":{"id":223787134,"uuid":"761546943","full_name":"jdegand/link-sharing-app-backend","owner":"jdegand","description":"Spring boot backend for my link-sharing-app-frontend repo","archived":false,"fork":false,"pushed_at":"2025-01-17T03:23:33.000Z","size":102,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-01-17T03:29:22.372Z","etag":null,"topics":["h2-database","java","jwt","maven","spring-boot"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jdegand.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-02-22T03:07:22.000Z","updated_at":"2025-01-17T03:23:34.000Z","dependencies_parsed_at":"2025-01-17T03:26:25.381Z","dependency_job_id":"acfc2fb4-0635-4859-8808-c32b46158f3e","html_url":"https://github.com/jdegand/link-sharing-app-backend","commit_stats":null,"previous_names":["jdegand/link-sharing-app-backend"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jdegand%2Flink-sharing-app-backend","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jdegand%2Flink-sharing-app-backend/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jdegand%2Flink-sharing-app-backend/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jdegand%2Flink-sharing-app-backend/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jdegand","download_url":"https://codeload.github.com/jdegand/link-sharing-app-backend/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243784103,"owners_count":20347409,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["h2-database","java","jwt","maven","spring-boot"],"created_at":"2024-11-21T16:31:14.715Z","updated_at":"2026-05-09T01:37:30.817Z","avatar_url":"https://github.com/jdegand.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Link Sharing App Backend\n\nThis is a Spring Boot backend designed to work with this [frontend](https://github.com/jdegand/link-sharing-app-frontend).\n\n## Built With\n\n- Spring Boot 3\n- Java 17\n- Maven\n- H2\n- JWT\n\n## Thoughts\n\n- The link sharing app frontend doesn't need user roles for route access.  \n- User roles could be useful to add extra functionality.  Maybe, a user could click a button and be able to add more links than a `free` or default user.  \n- I don't want to add too many properties to `UserInfo`.  It could be better to create an intermediate entity called `Profile` and save the `Link` and `UserInfo` IDs and extra properties inside it.  But it doesn't really matter since I am going to send only DTOs back to the frontend.\n- Authentication takes a lot of work.  You wouldn't save passwords in your entity, and you would probably need a separate spring boot server that just handles login.  Then you have to handle cross origin issues.  \n- I added basic image upload functionality.  At first, I saved the photos in the file system rather than storing them in the database.\n- In the frontend, I used `PrimeNg` and its file input component.  The file input component is shown in the documentation as standalone and not as part of a form group.  You could use `ControlValueAccessor` to get the file input inside a form group.  I refactored the frontend to send `formData` so I didn't have the issue of including the file input inside the reactive form group.\n- I was able to make the file input component part of the profile form by storing the image data as a `lob` in the database.  You have to convert the base64 string in the frontend to display the image.\n- The `JJWT` library has deprecated a few methods frequently used in `11.5` implementations.  So I looked into using OAuth 2 Resource server and its included JWT nimbus package.  There are some useful resources included from that research.\n- There was a frontend issue where the image was sent back as a string. I initialized the `file` field as an empty string instead of as `null`.  The entity can't have 2 different types unless you use a generic type or `object`.  One possible solution is to have duplicate fields in the entity for either scenario.  \n- I changed the file field to be required in the frontend.\n- There was a problem when a registered user logs in for the second time. The refresh token had a `OneToOne` relationship.  If you don't delete a refresh token already linked to a user, the user can't sign in.  A quick fix was to change to a `ManyToOne` relationship.  The database could be flooded with refresh tokens so you would have to implement a `CommandLineRunner` etc to periodically clear the refresh tokens from the database.\n- Storing refresh tokens in the database is usually taught in tutorials, but it is probably bad practice.  I will look into to alternative refresh token implementations.\n- In the course of testing, I started questioning my service implementation.  I could return a dto in the service or controller layer.  What is the better approach?  Are the service tests less useful if the service doesn't handle the dto conversion? This [Stack Overflow](https://stackoverflow.com/questions/47822938/which-layer-should-be-used-for-conversion-to-dto-from-domain-object#:~:text=its%20best%20practice%20to%20convert,any%20logic%20in%20the%20controllers.\u0026text=top%20down.) answer has no definitive answer.  This [Stack Exchange](https://softwareengineering.stackexchange.com/questions/400953/service-layer-returns-dto-to-controller-but-need-it-to-return-model-for-other-se) answer favors converting to DTO in the controller layer when you really need it.  This [Reddit post](https://www.reddit.com/r/SpringBoot/comments/1ao7gm1/in_which_layer_should_i_use_dto_as_return_type/?rdt=57719) favors the service layer.  \n- `@AllArgsConstructor(staticName = \"build\")` can be used to replace `new Profile()` etc for conversions.\n- JJWT implementation is changing in the near future (recommendation is to wait until `1.0` release).  I would have tried to use a later version, but original post made it seem like `1.0` was closer to release than it is (6 months).  \n- In the `JwtService` methods, `username` is actually referring to a saved `email`.\n- There is a problem adding a custom validator to make sure the `UserInfo` email is unique. `Autowiring` the UserInfo repository does not work, and the application will not start. Part of the reason is the fact that I use `new` to create the objects, and thus these objects are not under Spring's control. This [Stack Overflow](https://stackoverflow.com/questions/72152222/spring-boot-repository-does-not-autowire-in-the-custom-validator) gives a good overview of the problem and potential remedies.\n\n## Continued Development\n\n- application-local.properties file with JWT secret\n- UserPrincipalServiceImpl -\u003e necessary?\n- Javadoc -\u003e could add `maven-javadoc-plugin`?\n- Could extend or reduce CRUD functionality.\n- UserService's `findById` method is not really necessary.  Delete?\n- Use `record` for the DTOs?\n- Improve exception handling\n- Improve controller advice\n- Improve validation\n- Improve or delete CommandLineRunner.  Setting the file and multi-part file for profile could be problematic.\n\n## Useful Resources\n\n- [YouTube](https://www.youtube.com/watch?v=jQrExUrNbQE) - Spring Security Crash Course | JWT Authentication and Authorization in Spring Boot 3.1\n- [Baeldung](https://www.baeldung.com/spring-boot-h2-database) - h2 database\n- [Blog](https://www.danvega.dev/blog/spring-security-jwt) - spring security jwt\n- [Github](https://github.com/spring-projects/spring-security/issues/13446) - spring security oauth2 impl\n- [Reddit](https://www.reddit.com/r/SpringBoot/comments/18kkyqo/jwt_with_spring_security_resource_server_or_with/) - jwt spring security resource server or jjwt?\n- [Spring Docs](https://docs.spring.io/spring-security/reference/servlet/oauth2/resource-server/index.html) - oauth2 resource server\n- [Stack Overflow](https://stackoverflow.com/questions/60265755/spring-security-for-web-service-without-roles-and-authorities) - spring security for web service without roles and authorities\n- [Dev.to](https://dev.to/mittalyashu/best-way-to-store-array-type-data-inside-database-3m09) - best way to store array type data inside database\n- [Stack Overflow](https://stackoverflow.com/questions/72040490/how-to-save-array-of-object-in-sprig-boot-with-crudrepository) - how to save array of object in sprig boot with crudrepository\n- [Baeldung](https://www.baeldung.com/spring-boot-properties-env-variables) - spring boot properties env variables\n- [Stack Overflow](https://stackoverflow.com/questions/59089072/spring-boot-rest-to-read-json-array-payload) - spring boot rest to read json array payload\n- [Stack Overflow](https://stackoverflow.com/questions/61895276/post-array-in-requestbody-to-spring-controller-as-list-of-objects) - post array in request body to spring controller as list of objects\n- [YouTube](https://www.youtube.com/watch?v=4N2WghOYihs) - 36. Create Simple JSON Arrays Payload Using Java List\n- [Rest API Project](https://restapiproject.com/create-restapi-to-save-json-array-list-in-database-using-jpa-and-spring-boot/) - create rest api to save json array list in database using jpa and spring boot\n- [Medium](https://medium.com/shoutloudz/spring-boot-upload-and-download-images-using-jpa-b1c9ef174dc0) - spring boot upload and download images using jpa\n- [JPA Buddy](https://jpa-buddy.com/blog/lombok-and-jpa-what-may-go-wrong/) - lombok and jpa what may go wrong\n- [Stack Overflow](https://stackoverflow.com/questions/57557763/how-to-send-array-of-objects-in-spring-boot-post-request) - how to send array of objects in spring boot post request\n- [Hello Koding](https://hellokoding.com/jpa-many-to-many-extra-columns-relationship-mapping-example-with-spring-boot-hsql/) - jpa many to many extra columns relationship mapping example with spring boot hsql\n- [Medium](https://medium.com/@kkarththi15/saving-images-locally-in-a-spring-boot-web-application-01405a988bc7) - saving images locally in a spring boot web application\n- [Medium](https://medium.com/@miguelangelperezdiaz444/the-hidden-dangers-of-lombok-annotations-in-your-java-code-what-you-need-to-know-8acdce2d6b89) - the hidden dangers of lombok annotations in your java code what you need to know\n- [Stack Overflow](https://stackoverflow.com/questions/31159075/how-to-find-out-the-currently-logged-in-user-in-spring-boot) - how to find out the currently logged in user in spring boot\n- [Stack Overflow](https://stackoverflow.com/questions/67951256/spring-boot-make-sure-data-belongs-to-current-logged-in-user) - spring boot make sure data belongs to current logged in user\n- [Stack Overflow](https://stackoverflow.com/questions/72230836/how-to-get-an-object-of-current-user-in-spring-bootjpa) - how to get an object of current user in springboot jpa\n- [Stack Overflow](https://stackoverflow.com/questions/4871051/how-to-get-the-current-working-directory-in-java) - how to get the current working directory in java\n- [Stack Overflow](https://stackoverflow.com/questions/48303350/persisting-an-entity-via-a-logged-in-user-in-spring) - persisting an entity via a logged in user in spring\n- [YouTube](https://www.youtube.com/watch?v=MlKT8IOTfcw\u0026list=PLGXpHMFOMTTbCC4t6WSoKfVnUxHmyGXKJ\u0026index=17) - Spring Security 17 Security Context Holder\n- [Baeldung](https://www.baeldung.com/get-user-in-spring-security) - get user in spring security\n- [Stack Overflow](https://stackoverflow.com/questions/32052076/how-to-get-the-current-logged-in-user-object-from-spring-security) - how to get the current logged in user object from spring security\n- [Stack Overflow](https://stackoverflow.com/questions/51456096/spring-boot-rest-crud-how-to-post-an-entitiy-with-a-one-to-one-relationship) - spring boot rest crud how to post an entity with a one to one relationship\n- [Stack Exchange](https://softwareengineering.stackexchange.com/questions/423121/best-practices-for-retrieving-data-scattered-over-multiple-tables) - best practices for retrieving data scattered over multiple tables\n- [Stack Overflow](https://stackoverflow.com/questions/38168985/jpa-onetoone-relation-automatic-creation) - jpa one to one relation automatic creation\n- [Stack Overflow](https://stackoverflow.com/questions/10687529/onetoone-bidirectional-mapping-with-joincolumn/10687818#10687818) - OneToOne bidirectional mapping with join column\n- [Spring Java](https://springjava.com/spring-data-jpa/one-to-one-unidirectional-mapping-in-spring-boot-jpa) - one to one unidirectional mapping in spring boot jpa\n- [Stack Overflow](https://stackoverflow.com/questions/64543266/mocking-authenticationprincipal-for-a-unit-test) - mocking authnetication principal for a unit test\n- [Stack Overflow](https://stackoverflow.com/questions/20603638/what-is-the-use-of-annotations-id-and-generatedvaluestrategy-generationtype) - generation types\n- [CodeRanch](https://coderanch.com/t/695720/databases/int-Integer-JPA-entity-Id) - int vs Integer in entities\n- [YouTube](https://www.youtube.com/watch?v=k29A07LCRY8) - Full Stack Mastery: Let's Build E-Commerce Project with Spring Boot, Angular \u0026 MySQL\n- [YouTube](https://www.youtube.com/watch?v=pqahN8UDQOU\u0026list=PLgYFT7gUQL8E6DmEySCcSdNvQlKVYfEd7\u0026index=6) - Creating Signup API, WebSecurity \u0026 Admin Account | E-Commerce Project Spring Boot + Angular | Part 6\n- [Stack Overflow](https://stackoverflow.com/questions/73295132/how-do-i-bind-a-primeng-file-upload-component-to-my-angular-form-control) - how do I bind a primeng file upload component to my angular form control\n- [Stack Blitz](https://stackblitz.com/edit/jhcz9a?file=src%2Fapp%2FFileUploadControlValueAccessor.directive.ts) - FileUploadControlValueAccessor\n- [YouTube](https://www.youtube.com/watch?v=MlKT8IOTfcw\u0026t=91s) - Spring Security 17 Security Context Holder\n- [YouTube](https://www.youtube.com/watch?v=lIxLNx4ciEo) - Spring Boot tutorials | Spring Data JPA - One-to-One Mapping with Spring Data JPA\n- [Baeldung](https://www.baeldung.com/jpa-return-multiple-entities) - JPA return multiple entities\n- [Baeldung](https://www.baeldung.com/jpa-one-to-one) - JPA one to one\n- [Stack Overflow](https://stackoverflow.com/questions/60115021/how-to-deal-with-one-to-one-json-loop) - how to deal with one to one json loop\n- [Baeldung](https://www.baeldung.com/jackson-bidirectional-relationships-and-infinite-recursion) - jackson bidirectional relationships and infinite recursion\n- [Stack Overflow](https://stackoverflow.com/questions/49579531/java-util-nosuchelementexception-no-value-present-error-optional-get-in-jun) - java util no such element exception no value present error optional get\n- [Stack Overflow](https://stackoverflow.com/questions/22191386/securitycontextholder-getcontext-getauthentication-returning-null) - security context holder returning null\n- [YouTube](https://www.youtube.com/watch?v=vOWcbY7sjGM) - Image Uploading || Profile Picture uploading using Postman \u0026 MySQL in Spring Boot\n- [Stack Overflow](https://stackoverflow.com/questions/29511133/what-is-the-significance-of-javax-persistence-lob-annotation-in-jpa) - @Lob\n- [Stack Overflow](https://stackoverflow.com/questions/33115446/authorization-in-spring-security-based-on-path-variables) - authorization in spring security based on path variables\n- [Stack Overflow](https://stackoverflow.com/questions/66086000/should-a-user-has-more-than-one-or-one-refresh-token-on-its-own) - should a user has more than one or one refresh token on its own\n- [Curity](https://curity.io/resources/learn/jwt-best-practices/) - jwt best practices\n- [Stack Overflow](https://stackoverflow.com/questions/3021200/how-to-check-hasrole-in-java-code-with-spring-security) - how to check hasrole in java code with spring security\n- [Baeldung](https://www.baeldung.com/spring-security-method-security) - spring security method security\n- [Spring Docs](https://docs.spring.io/spring-security/reference/6.0/servlet/authorization/authorize-http-requests.html) - authorize http requests\n- [Stack Overflow](https://stackoverflow.com/questions/32196451/environment-specific-application-properties-file-in-spring-boot-application) - environment specific application properties file in spring boot application\n- [Stack Overflow](https://stackoverflow.com/questions/3502279/how-to-handle-jpa-unique-constraint-violations) - how to handle jpa unique constraint violations\n- [Stack Overflow](https://stackoverflow.com/questions/360520/unit-testing-with-spring-security) - unit testing with spring security\n- [Medium](https://medium.com/@kjavaman12/testing-securitycontextholder-in-spring-security-tests-with-withmockuser-38ce8060088b) - testing securitycontextholder in spring security tests withmockuser\n- [Medium](https://medium.com/@techisbeautiful/mastering-data-validation-in-spring-boot-best-practices-and-expert-tips-for-robust-and-secure-ba24dd79bc0a) - mastering data validation in spring boot best practices and expert tips for robust and secure\n- [Stack Overflow](https://stackoverflow.com/questions/42280355/spring-rest-api-validation-should-be-in-dto-or-in-entity) - spring rest api validation should be in dto or in entity\n- [Medium](https://medium.com/techpanel/multipartfile-with-springboot-d4901ee3e77d) - multipartfile with springboot\n- [Java In User](https://www.javainuse.com/webseries/spring-security-jwt/chap7) - spring security jwt chap7\n- [YouTube](https://www.youtube.com/watch?v=O9jhPB-zTc8) - Spring Boot Security - Refresh Expired JSON Web Token(JWT)\n- [Stack Overflow](https://stackoverflow.com/questions/49085433/jjwt-library-and-handle-expiration-expiredjwtexception) - jjwt library and handle expiration expired jwt exception\n- [Medium](https://medium.com/spring-boot/invalidate-revoked-the-jwt-force-logout-the-user-from-spring-security-a20ef3a2a928) - invalidate revoked the jwt force logut the user from spring security\n- [Stack Overflow](https://stackoverflow.com/questions/66549737/how-to-check-if-a-jwt-token-has-expired-without-throw-exceptions) - how to check if a jwt token has expired without throw exceptions\n- [Code Java](https://www.codejava.net/frameworks/spring-boot/spring-security-jwt-authentication-tutorial) - spring security jwt authentication tutorial\n- [Stack Overflow](https://stackoverflow.com/questions/19767267/handle-spring-security-authentication-exceptions-with-exceptionhandler) - handle spring security authentication exceptions with exceptionhandler\n- [Reflectoring IO](https://reflectoring.io/bean-validation-with-spring-boot/) - bean validation with spring boot\n- [Medium](https://medium.com/@AlexanderObregon/enhancing-logging-with-log-and-slf4j-in-spring-boot-applications-f7e70c6e4cc7) - enhancing logging with log and slf4j in spring boot application\n- [Stack Overflow](https://stackoverflow.com/questions/54339794/how-to-get-claims-value-from-jwt-token-authentication) - how to get claims value from jwt token authentication\n- [Stack Overflow](https://stackoverflow.com/questions/64015805/how-to-properly-handle-jwtexception) - how to properly handle jwtexception\n- [Medium](https://medium.com/@mandeepdhakal11/using-problemdetail-specification-for-error-response-in-spring-boot-3-5d25956ef421) - problem detail specification for error response in spring boot 3\n- [YouTube](https://www.youtube.com/watch?v=YiQYhXorMAI\u0026t=172s) - Spring Security Exception Handling | HandlerExceptionResolver | ProblemDetail | JavaTechie\n- [Medium](https://medium.com/@himani.prasad016/validations-in-spring-boot-e9948aa6286b) - validations in spring boot\n- [Spring Docs](https://docs.spring.io/spring-framework/reference/core/validation/validator.html) - validator interface\n- [Baeldung](https://www.baeldung.com/hibernate-creationtimestamp-updatetimestamp) - hibernate creationtimestamp updatetimestamp\n- [Stack Overflow](https://stackoverflow.com/questions/1600291/validating-url-in-java) - validating url in java\n- [Stack Overflow](https://stackoverflow.com/questions/49856984/how-to-implement-rest-service-validation-with-spring-boot) - how to implement rest service validation with spring boot\n- [Stack Overflow](https://stackoverflow.com/questions/22658572/spring-annotations-modelattribute-and-valid) - spring annotations model attribute and valid\n- [Stack Overflow](https://stackoverflow.com/questions/68231771/how-can-i-validate-the-string-length-using-java-spring-validation) - how can i validate the string length using java spring validation\n- [Stack Overflow](https://stackoverflow.com/questions/3802192/regexp-java-for-password-validation) - regexp java for password validation\n- [Stack Overflow](https://stackoverflow.com/questions/48345922/reference-password-validation) - reference password validation\n- [Reflectoring](https://reflectoring.io/bean-validation-with-spring-boot/) - bean validation with spring boot\n- [YouTube](https://www.youtube.com/watch?v=MzlLSSUoBD0) - Custom Annotations and Validation in Spring Boot with Demo | Code Decode\n- [Stack Overflow](https://stackoverflow.com/questions/76940910/spring-boot-custom-validation-annotation-not-working-as-expected) - spring boot custom validation annotation not working as expected\n- [YouTube](https://www.youtube.com/watch?v=DkZr7_c9ry8) - Annotations In Java Tutorial - How To Create And Use Your Own Custom Annotations\n- [Stack Overflow](https://stackoverflow.com/questions/62896233/how-to-throw-custom-exception-in-proper-way-when-using-javax-validation-valid) - how to throw custom exception in proper way when using javax validation valid\n- [Stack Overflow](https://stackoverflow.com/questions/28150405/validation-of-a-list-of-objects-in-spring) - validation of a list of objects in spring\n- [Baeldung](https://www.baeldung.com/spring-validate-list-controller) - spring validate list controller\n- [Stack Overflow](https://stackoverflow.com/questions/9284450/jsr-303-validation-if-one-field-equals-something-then-these-other-fields-sho) - jsr 303 validation if one field equals something then these other fields sho\n- [Hibernate](https://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/?v=5.3#section-class-level-constraints) - type level annotations\n- [YouTube](https://www.youtube.com/watch?v=_U-3FtWzd0g) - How to write custom validation with spring boot\n- [Stack Overflow](https://stackoverflow.com/questions/72152222/spring-boot-repository-does-not-autowire-in-the-custom-validator) - spring boot repository does not autowire in the custom validator\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjdegand%2Flink-sharing-app-backend","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjdegand%2Flink-sharing-app-backend","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjdegand%2Flink-sharing-app-backend/lists"}