Gitlab-Migration/rheinsw-mono-repo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
113 Commits 2 Branches 0 Tags
d9ff535ac028f1d85bb7e8139559af293dab23bd
Commit Graph

7 Commits

Author SHA1 Message Date
Thatsaphorn Atchariyaphap
0759f23b22 Backend Refactoring 
1. Enhanced User Session Management & Logging

  CurrentSessionProvider (backend/server/src/main/java/dev/rheinsw/server/security/session/CurrentSessionProvider.java):
  - Added comprehensive null safety checks for JWT authentication
  - Implemented detailed logging for user session retrieval
  - Added validation for all required JWT claims (sub, preferred_username, email)
  - Enhanced error messages with specific validation failures

  UserSessionFilter (backend/server/src/main/java/dev/rheinsw/server/security/session/UserSessionFilter.java):
  - Replaced silent exception handling with proper logging
  - Added request context logging (method, URI)
  - Categorized different exception types for better debugging
  - Enhanced error visibility while maintaining non-blocking behavior

  UserService (backend/server/src/main/java/dev/rheinsw/server/security/user/UserService.java):
  - Added comprehensive null safety validations
  - Implemented detailed logging for user creation and lookup operations
  - Enhanced exception handling with proper error context
  - Added input validation for session data

  2. Improved Controller Logging & Validation

  CustomerController (backend/server/src/main/java/dev/rheinsw/server/internal/customer/controller/CustomerController.java):
  - Added comprehensive logging for all user actions
  - Implemented input validation with @Valid annotations
  - Enhanced error handling with user context
  - Added null checks for path parameters

  ProjectController (backend/server/src/main/java/dev/rheinsw/server/internal/project/controller/ProjectController.java):
  - Similar logging and validation improvements
  - Added comprehensive user action tracking
  - Enhanced error handling with proper validation

  3. Enhanced DTO Validation

  CreateCustomerDto (backend/server/src/main/java/dev/rheinsw/server/internal/customer/dtos/CreateCustomerDto.java):
  - Added Bean Validation annotations (@NotBlank, @Email, @Size)
  - Implemented comprehensive field validation
  - Added proper error messages in German

  CustomerValidationRequest & CreateCustomerProjectDto: Similar validation enhancements

  4. Improved Exception Handling

  GlobalExceptionHandler (backend/common/src/main/java/dev/rheinsw/common/controller/exception/handler/GlobalExceptionHandler.java):
  - Added correlation IDs for better error tracking
  - Replaced unsafe error message exposure with secure error responses
  - Enhanced logging with proper log levels and context
  - Added specific handlers for validation errors and illegal arguments
  - Implemented structured error responses with correlation tracking

  ProjectUseCaseImpl (backend/server/src/main/java/dev/rheinsw/server/internal/project/usecase/ProjectUseCaseImpl.java):
  - Fixed null return issue (now throws exceptions instead)
  - Added comprehensive input validation
  - Enhanced error handling with proper exception types
  - Added detailed logging for all operations

  5. Test Coverage & Quality

  Added comprehensive unit tests:
  - CurrentSessionProviderTest: 8 test cases covering all authentication scenarios
  - UserServiceTest: 7 test cases covering user creation and validation
  - ProjectUseCaseImplTest: 14 test cases covering project operations
  - Added test dependencies (spring-boot-starter-test, spring-security-test)

  6. Frontend Compatibility

  Updated frontend error handling:
  - Enhanced validateCustomer.ts and addCustomer.ts to log correlation IDs
  - Maintained backward compatibility with existing error handling
  - Added debugging support for new correlation ID feature

  7. Build & Deployment

  -  Backend: Builds successfully with all tests passing
  -  Frontend: Both frontend projects build successfully
  -  Dependencies: Added necessary test dependencies
  -  Validation: Bean Validation is properly configured and working

  🔒 Security & Reliability Improvements

  1. Authentication Security: Robust JWT validation with proper error handling
  2. Input Validation: Comprehensive validation across all DTOs
  3. Error Handling: Secure error responses that don't expose internal details
  4. Null Safety: Extensive null checks throughout the codebase
  5. Logging Security: No sensitive data logged, proper correlation IDs for debugging

  📈 Monitoring & Debugging

  1. Correlation IDs: Every error response includes a unique correlation ID
  2. Structured Logging: Consistent logging patterns with user context
  3. Request Tracing: User actions are logged with proper context
  4. Error Classification: Different error types handled appropriately
 2025-07-23 00:18:26 +02:00
Thatsaphorn Atchariyaphap
916dbfcf95 Add customer management 2025-07-06 08:31:48 +00:00
Thatsaphorn Atchariyaphap
e6ca52e72d Refactor ContactRequest to separate date and time fields, add Flyway for database migrations, and initialize schema. 2025-06-29 21:11:29 +09:00
Thatsaphorn Atchariyaphap
5a73be331b Gitlab CI/CD Pipeline 2025-05-29 18:51:59 +00:00
Thatsaphorn Atchariyaphap
cb4eb80105 Refactoring + migrate mail package to server. 2025-05-04 19:17:26 +02:00
Thatsaphorn Atchariyaphap
eb17e24511 Implement backend for contact form with gateway integration 2025-05-04 12:56:55 +02:00
Thatsaphorn Atchariyaphap
a4f1a58f15 Initial Commit 2025-05-04 12:18:13 +02:00