0759f23b22
Backend Refactoring
...
1. Enhanced User Session Management & Logging
CurrentSessionProvider (backend/server/src/main/java/dev/rheinsw/server/security/session/CurrentSessionProvider.java):
- Added comprehensive null safety checks for JWT authentication
- Implemented detailed logging for user session retrieval
- Added validation for all required JWT claims (sub, preferred_username, email)
- Enhanced error messages with specific validation failures
UserSessionFilter (backend/server/src/main/java/dev/rheinsw/server/security/session/UserSessionFilter.java):
- Replaced silent exception handling with proper logging
- Added request context logging (method, URI)
- Categorized different exception types for better debugging
- Enhanced error visibility while maintaining non-blocking behavior
UserService (backend/server/src/main/java/dev/rheinsw/server/security/user/UserService.java):
- Added comprehensive null safety validations
- Implemented detailed logging for user creation and lookup operations
- Enhanced exception handling with proper error context
- Added input validation for session data
2. Improved Controller Logging & Validation
CustomerController (backend/server/src/main/java/dev/rheinsw/server/internal/customer/controller/CustomerController.java):
- Added comprehensive logging for all user actions
- Implemented input validation with @Valid annotations
- Enhanced error handling with user context
- Added null checks for path parameters
ProjectController (backend/server/src/main/java/dev/rheinsw/server/internal/project/controller/ProjectController.java):
- Similar logging and validation improvements
- Added comprehensive user action tracking
- Enhanced error handling with proper validation
3. Enhanced DTO Validation
CreateCustomerDto (backend/server/src/main/java/dev/rheinsw/server/internal/customer/dtos/CreateCustomerDto.java):
- Added Bean Validation annotations (@NotBlank, @Email, @Size)
- Implemented comprehensive field validation
- Added proper error messages in German
CustomerValidationRequest & CreateCustomerProjectDto: Similar validation enhancements
4. Improved Exception Handling
GlobalExceptionHandler (backend/common/src/main/java/dev/rheinsw/common/controller/exception/handler/GlobalExceptionHandler.java):
- Added correlation IDs for better error tracking
- Replaced unsafe error message exposure with secure error responses
- Enhanced logging with proper log levels and context
- Added specific handlers for validation errors and illegal arguments
- Implemented structured error responses with correlation tracking
ProjectUseCaseImpl (backend/server/src/main/java/dev/rheinsw/server/internal/project/usecase/ProjectUseCaseImpl.java):
- Fixed null return issue (now throws exceptions instead)
- Added comprehensive input validation
- Enhanced error handling with proper exception types
- Added detailed logging for all operations
5. Test Coverage & Quality
Added comprehensive unit tests:
- CurrentSessionProviderTest: 8 test cases covering all authentication scenarios
- UserServiceTest: 7 test cases covering user creation and validation
- ProjectUseCaseImplTest: 14 test cases covering project operations
- Added test dependencies (spring-boot-starter-test, spring-security-test)
6. Frontend Compatibility
Updated frontend error handling:
- Enhanced validateCustomer.ts and addCustomer.ts to log correlation IDs
- Maintained backward compatibility with existing error handling
- Added debugging support for new correlation ID feature
7. Build & Deployment
- ✅ Backend: Builds successfully with all tests passing
- ✅ Frontend: Both frontend projects build successfully
- ✅ Dependencies: Added necessary test dependencies
- ✅ Validation: Bean Validation is properly configured and working
🔒 Security & Reliability Improvements
1. Authentication Security: Robust JWT validation with proper error handling
2. Input Validation: Comprehensive validation across all DTOs
3. Error Handling: Secure error responses that don't expose internal details
4. Null Safety: Extensive null checks throughout the codebase
5. Logging Security: No sensitive data logged, proper correlation IDs for debugging
📈 Monitoring & Debugging
1. Correlation IDs: Every error response includes a unique correlation ID
2. Structured Logging: Consistent logging patterns with user context
3. Request Tracing: User actions are logged with proper context
4. Error Classification: Different error types handled appropriately
2025-07-23 00:18:26 +02:00
5c5ed854e4
Code Cleanup
2025-07-22 23:42:18 +02:00
7d901c4273
Update dependencies and remove gateway
...
* Remove Gateway module, configuration, and references
* Update backend services to directly handle requests under `/api` prefix
* Adjust frontend contact route to connect directly to the server
* Centralize authentication logic and integrate token refresh mechanism
2025-07-22 23:32:57 +02:00
c0b3669c30
Remove Gateway service and configuration
...
- Delete Gateway module, associated Spring Boot application, and related configuration (`GatewayApplication.java`, `application.yml`, and `pom.xml`).
- Remove Gateway references in `docker-compose.yml`, `.gitlab-ci.yml`, and `backend/pom.xml`.
- Update backend services to directly handle requests under `/api` prefix (e.g., `/api/customers`, `/api/contact`).
- Adjust frontend contact route to connect directly to the server, replacing gateway references with server URLs.
2025-07-15 20:46:43 +02:00
03f633ae52
Add project management support and integrate customer-project functionality
2025-07-15 18:23:53 +00:00
86be1e8920
Enhance NewCustomerModal with callback support and toast notifications
...
- Add `onCustomerCreated` callback to refresh customer list after creation.
- Integrate `showInfoToast` and `showSuccessToast` for validation and creation feedback.
- Prevent closing modal on backdrop click; add explicit cancel button.
- Refactor `addCustomer` to use `callApi` and centralized routes.
- Simplify customer fetching logic in `CustomersPage` with reusable function.
2025-07-11 19:53:52 +02:00
7ba92dc66c
Remove demo-related tables and indices from initial schema migration
2025-07-06 21:20:32 +02:00
e00142ff81
Customer Detail Page and Enhance dynamic breadcrumbs
2025-07-06 17:24:12 +00:00
916dbfcf95
Add customer management
2025-07-06 08:31:48 +00:00
e6ca52e72d
Refactor ContactRequest to separate date and time fields, add Flyway for database migrations, and initialize schema.
2025-06-29 21:11:29 +09:00
a9d8a8cf43
Remove hCaptcha integration from contact form and API route
2025-06-29 20:39:57 +09:00
42758d7c2d
Refactor HCaptchaValidator to improve token verification and logging.
2025-06-29 19:28:16 +09:00
a72ba69179
Inject plainRestTemplate into SubmitContactUseCaseImpl and update RestTemplateConfig.
2025-06-29 19:14:14 +09:00
5a73be331b
Gitlab CI/CD Pipeline
2025-05-29 18:51:59 +00:00
cb4eb80105
Refactoring + migrate mail package to server.
2025-05-04 19:17:26 +02:00
eb17e24511
Implement backend for contact form with gateway integration
2025-05-04 12:56:55 +02:00
a4f1a58f15
Initial Commit
2025-05-04 12:18:13 +02:00
