{"id":26282963,"url":"https://github.com/roymasad/springboot3-api","last_synced_at":"2026-05-18T06:05:18.020Z","repository":{"id":282395357,"uuid":"948444116","full_name":"roymasad/springboot3-api","owner":"roymasad","description":"Springboot 3 api SaaS template with social media posts","archived":false,"fork":false,"pushed_at":"2025-03-14T11:05:55.000Z","size":67,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-03-14T12:22:33.363Z","etag":null,"topics":["emails","jwt","social-media","springboot","template"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/roymasad.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2025-03-14T10:52:36.000Z","updated_at":"2025-03-14T11:05:59.000Z","dependencies_parsed_at":"2025-03-14T12:22:42.540Z","dependency_job_id":"8587fc9b-9b5c-44b2-b3ae-d4123eac828f","html_url":"https://github.com/roymasad/springboot3-api","commit_stats":null,"previous_names":["roymasad/springboot3-api"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/roymasad/springboot3-api","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/roymasad%2Fspringboot3-api","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/roymasad%2Fspringboot3-api/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/roymasad%2Fspringboot3-api/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/roymasad%2Fspringboot3-api/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/roymasad","download_url":"https://codeload.github.com/roymasad/springboot3-api/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/roymasad%2Fspringboot3-api/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":273926395,"owners_count":25192316,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-06T02:00:13.247Z","response_time":2576,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["emails","jwt","social-media","springboot","template"],"created_at":"2025-03-14T17:16:08.409Z","updated_at":"2026-05-18T06:05:12.988Z","avatar_url":"https://github.com/roymasad.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Spring Boot 3 API Template with Social media posts\n\nAs part of a series of templates i created to meet my own projects needs and regularly use, i am sharing in this repo a modern feature-rich REST API template i built with Spring Boot 3 and Java 17 that can be used to jumpstart your backend development with industry best practices. It is designed with multi tenant/business SaaS solutions in mind and has a social media/posts module with likes.\n\n[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)\n[![Java Version](https://img.shields.io/badge/Java-17-blue)](https://www.oracle.com/java/technologies/javase/jdk17-archive-downloads.html)\n[![Spring Boot](https://img.shields.io/badge/Spring%20Boot-3.3.7-brightgreen)](https://spring.io/projects/spring-boot)\n[![MongoDB](https://img.shields.io/badge/MongoDB-Latest-green)](https://www.mongodb.com/)\n\n## 📋 Features\n\n- **Authentication \u0026 Authorization**:\n  - JWT-based authentication\n  - OAuth2 integration (Google, Apple)\n  - Role-based access control (SUPER_ADMIN, ADMIN, DEFAULT, PENDING)\n  - Password management with secure validation\n  - Email verification flow\n  - Password reset functionality\n\n- **Security**:\n  - Request rate limiting\n  - CSRF protection configuration\n  - Stateless session management\n  - Configurable security policies\n\n- **MongoDB Integration**:\n  - Document-based data storage\n  - Repository pattern implementation\n  - Configurable via environment variables\n\n- **API Features**:\n  - RESTful endpoints\n  - Structured request/response models\n  - DTO pattern implementation\n  - Comprehensive model architecture\n\n- **File Management**:\n  - File upload/download capabilities\n  - File metadata storage in MongoDB\n  - File type detection with Apache Tika\n  - WebP/Jpg/Png image support\n\n- **Email Services**:\n  - SendGrid integration\n  - Email templating with Thymeleaf\n  - Verification and notification flows\n\n- **DevOps Ready**:\n  - Docker and Docker Compose setup\n  - Health checks via Spring Actuator\n  - Environment variable configuration\n\n## 🛠️ Tech Stack\n\n- **Java 17**\n- **Spring Boot 3.3.7**\n- **Spring Security** with JWT authentication\n- **Spring Data MongoDB**\n- **OAuth2** for social login\n- **Docker** \u0026 **Docker Compose** for containerization\n- **SendGrid** for email services\n- **Thymeleaf** for HTML templates\n- **Lombok** for boilerplate reduction\n- **Apache Tika** for file type detection\n- **Bucket4j** \u0026 **Caffeine** for rate limiting\n- **Maven** for dependency management\n\n## 🚀 Getting Started\n\n### Prerequisites\n\n- Java 17 or higher\n- Docker and Docker Compose (for containerized deployment)\n- MongoDB (can be run via Docker)\n- SendGrid API key (for email functionality)\n\n### Environment Setup\n\nCreate a `.env` file in the project root with the following variables:\n\n```\n# MongoDB Configuration\nMONGODB_USER=your_mongodb_user\nMONGODB_PASSWORD=your_mongodb_password\nMONGODB_HOST=localhost\nMONGODB_PORT=27017\nMONGODB_DATABASE=springboot3_api\n\n# JWT Configuration\nJWT_SECRET=your_jwt_secret_key_at_least_32_chars\n\n# File Storage\nUPLOAD_PATH=/path/to/file/storage\nMAX_FILE_SIZE=2MB\n\n# Email Configuration\nSENDGRID_KEY=your_sendgrid_api_key\nEMAIL_FROM=your_email@example.com\n\n# OAuth2 Configuration\nGOOGLE_CLIENT_ID=your_google_client_id\nGOOGLE_CLIENT_SECRET=your_google_client_secret\nOAUTH2_GOOGLE_REPLY_URI=https://your-domain.com/login/oauth2/code/google\nAPPLE_CLIENT_ID=your_apple_client_id\nAPPLE_CLIENT_SECRET=your_apple_client_secret\nOAUTH2_APPLE_REPLY_URI=https://your-domain.com/login/oauth2/code/apple\nOAUTH2_REDIRECT_URI=https://your-domain.com/oauth2/redirect\nAPI_DEEPLINK_URI=your-app://oauth2/redirect\n\n# Server Configuration\nSERVER_ADDRESS=0.0.0.0\nSERVER_PORT=8080\nSERVER_NAME=your-domain.com\n```\n\n### Running Locally\n\n1. Clone the repository\n   ```\n   git clone https://github.com/yourusername/springboot3-api.git\n   cd springboot3-api\n   ```\n\n2. Build the project\n   ```\n   ./mvnw clean install\n   ```\n\n3. Run the application\n   ```\n   ./mvnw spring-boot:run\n   ```\n\n### Docker Deployment\n\n1. Build and run with Docker Compose\n   ```\n   docker-compose up -d\n   ```\n\n2. Check container status\n   ```\n   docker ps\n   ```\n\n## 📝 API Documentation\n\n### Authentication Endpoints\n\n- **POST /v1/auth/register** - Register new user\n- **POST /v1/auth/login** - Login and receive JWT token\n- **POST /v1/auth/password-reset/request** - Request password reset\n- **GET /v1/auth/password-reset** - Display password reset form\n- **POST /v1/auth/password-reset** - Submit new password\n- **GET /v1/auth/verify-email** - Verify email address\n- **POST /v1/auth/resend-verification** - Resend verification email\n- **GET /v1/auth/me** - Get current user information\n\n### User Endpoints\n\n- **GET /v1/users** - List users (role restricted)\n- **GET /v1/users/{id}** - Get user by ID\n- **PUT /v1/users/{id}** - Update user information\n- **DELETE /v1/users/{id}** - Delete a user\n\n### File Management Endpoints\n\n- **POST /v1/files/upload** - Upload file\n- **GET /v1/files/{id}** - Download file\n- **GET /v1/files/public/{id}** - Public file access\n- **DELETE /v1/files/{id}** - Delete file\n\n### Post Management Endpoints\n\n- **POST /v1/posts** - Create a new post\n- **GET /v1/posts** - List posts\n- **GET /v1/posts/{id}** - Get post by ID\n- **PUT /v1/posts/{id}** - Update a post\n- **DELETE /v1/posts/{id}** - Delete a post\n\n### Business Management Endpoints\n\n- **POST /v1/business** - Create a new business\n- **GET /v1/business** - List businesses\n- **GET /v1/business/{id}** - Get business by ID\n- **PUT /v1/business/{id}** - Update a business\n- **DELETE /v1/business/{id}** - Delete a business\n\n## 🔒 Security Features\n\n### Rate Limiting\n\nThe API implements a tiered rate limiting system:\n- Unauthenticated users: 30 requests per minute\n- Authenticated users: 60 requests per minute\n- Admin users: 100 requests per minute\n\n### JWT Authentication\n\n- Token-based authentication\n- 1-day expiration by default (configurable)\n- Role-based endpoint access\n\n### Password Security\n\nAll passwords must meet these requirements:\n- 8-50 characters in length\n- At least one uppercase letter\n- At least one lowercase letter\n- At least one number\n- At least one special character\n\n### TODO:\n- Add refresh tokens\n- Add integration with push notification providers\n- Add Swagger and Prometheus integrations\n- Enable Caffeine caching\n\n## 🔧 Customization\n\n### Extending the API\n\n1. Create new models in `model/` directory\n2. Add corresponding repositories in `repository/`\n3. Create DTOs in `dto/` if needed (or request/response classes)\n4. Implement service layer in `service/`\n5. Create controllers in `controller/`\n6. Update security configurations if necessary\n\n### Configuration Properties\n\nMost aspects of the application can be customized through `application.properties` or environment variables.\n\n## 📦 Project Structure\n\n```\nsrc/\n├── main/\n│   ├── java/\n│   │   └── com/roytemplates/springboot3_api/\n│   │       ├── config/            # Configuration classes\n│   │       ├── controller/        # REST controllers\n│   │       ├── dto/               # Data transfer objects\n│   │       ├── filter/            # Security filters\n│   │       ├── model/             # Domain models\n│   │       ├── repository/        # Data repositories\n│   │       ├── request/           # API request models\n│   │       ├── response/          # API response models\n│   │       ├── security/          # Security components\n│   │       ├── service/           # Business logic\n│   │       └── ApiApplication.java # Main application entry\n│   └── resources/\n│       ├── application.properties  # Application configuration\n│       └── templates/             # Email templates\n└── test/\n    └── java/\n        └── com/roytemplates/springboot3/\n            └── ApiApplicationTests.java #Minimal\n```\n\n## 📄 License\n\nThis project is licensed under the MIT License - see below for details:\n\n```\nMIT License\n\nCopyright (c) 2025 Roy Templates\n\nPermission is hereby granted, free of charge, to any person obtaining a copy\nof this software and associated documentation files (the \"Software\"), to deal\nin the Software without restriction, including without limitation the rights\nto use, copy, modify, merge, publish, distribute, sublicense, and/or sell\ncopies of the Software, and to permit persons to whom the Software is\nfurnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all\ncopies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\nFITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\nLIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\nSOFTWARE.\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Froymasad%2Fspringboot3-api","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Froymasad%2Fspringboot3-api","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Froymasad%2Fspringboot3-api/lists"}