Adi Individual Review Ticket

Items	Self Score	Tristan	Samaya	Average
N@tM Attendance	1	1	1	1
N@tM Capture the Moment	1	1	1	1
Frontend Team Presentation	1	1	1	1
Behind the Scenes Team Presentation	1	1	1	1
Other(CD, FE/BE, JWT, DB)-Team Presentation	1	1	1	1
Project Quality	1	1	1	1
UI with Inputs	1	1	1	1
Create and Read	1	1	1	1
Update and Delete	0	0	0	0
Cookies JWT	1	1	1	1
Code Quality	1	1	1	1
Error Handling	1	1	1	1
GET/POST Methods	1	1	1	1
Backend Create/Read	1	1	1	1
Backend Update/Delete	1	1	1	1
Purpose/Theme/Quality	.5	.5	.5	.5
Video	0	0	0	0
Runtime Links	.5	.5	.5	.5
README.md	.5	.5	.5	.5
Blog, Guides for review	.5	.5	.5	.5
75% of individuals have met full stack work.	0	0	0	0
Runtime Links	.5	.5	.5	.5
Technical Accomplishments	.5	.5	.5	.5
Meeting full stack and backend objectives	.5	.5	.5	.5
GitHub analytics	.5	.5	.5	.5
Total	19	19	19	19

Individual Review Ticket Github Analytics More Github Analytics Backend Commits Team Review Ticket

Some Tangibles

BackEnd Tangibles

Security:

@Override
    protected void configure(HttpSecurity httpSecurity) throws Exception {
        httpSecurity
            // no CSRF
            .csrf().disable()
            // list the requests/endpoints need to be authenticated
            .authorizeRequests()
                .antMatchers("/mvc/person/update/**", "/mvc/person/delete/**").authenticated()
                .antMatchers("/api/person/").authenticated()
                .antMatchers("/api/activities/post/**").authenticated()
                .antMatchers("/api/activities/**").authenticated()
                .and()
            // support cors
            .cors().and()
            .headers()
                .addHeaderWriter(new StaticHeadersWriter("Access-Control-Allow-Credentials", "true"))
                .addHeaderWriter(new StaticHeadersWriter("Access-Control-Allow-ExposedHeaders", "*", "Authorization"))
                .addHeaderWriter(new StaticHeadersWriter("Access-Control-Allow-Headers", "Content-Type", "Authorization", "x-csrf-token"))
                .addHeaderWriter(new StaticHeadersWriter("Access-Control-Allow-MaxAge", "600"))
                .addHeaderWriter(new StaticHeadersWriter("Access-Control-Allow-Methods", "POST", "GET", "OPTIONS", "HEAD"))
                .addHeaderWriter(new StaticHeadersWriter("Access-Control-Allow-Origin", "http://localhost:4000"))
                .and()
            .formLogin()
                .loginPage("/login")
                .and()
            .logout()
                .logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
                .logoutSuccessUrl("/")
                .and()
            // make sure we use stateless session; 
            // session won't be used to store user's state.
            .exceptionHandling()
                .authenticationEntryPoint(jwtAuthenticationEntryPoint)
                .and()
                .sessionManagement()
                .sessionCreationPolicy(SessionCreationPolicy.STATELESS)           
        ;

        // Add a filter to validate the tokens with every request
        httpSecurity.addFilterBefore(jwtRequestFilter, UsernamePasswordAuthenticationFilter.class);

    }

Person:

@RestController
@RequestMapping("/api/person")
public class PersonApiController {
    //     @Autowired
    // private JwtTokenUtil jwtGen;
    /*
    #### RESTful API ####
    Resource: https://spring.io/guides/gs/rest-service/
    */

    // Autowired enables Control to connect POJO Object through JPA
    @Autowired
    private PersonJpaRepository repository;
    private PersonDetailsService sign_up_repository;

    /*
    GET List of People
     */
    @GetMapping("/")
    public ResponseEntity<List<Person>> getPeople() {
        return new ResponseEntity<>( repository.findAllByOrderByNameAsc(), HttpStatus.OK);
    }

    /*
    GET individual Person using ID
     */
    @GetMapping("/{id}")
    public ResponseEntity<Person> getPerson(@PathVariable long id) {
        Optional<Person> optional = repository.findById(id);
        if (optional.isPresent()) {  // Good ID
            Person person = optional.get();  // value from findByID
            return new ResponseEntity<>(person, HttpStatus.OK);  // OK HTTP response: status code, headers, and body
        }
        // Bad ID
        return new ResponseEntity<>(HttpStatus.BAD_REQUEST);       
    }

  -[Person API](https://github.com/RohanG326/eventplanbackend/blob/master/src/main/java/com/nighthawk/spring_portfolio/mvc/person/PersonApiController.java)

private void authenticate(String username, String password) throws Exception {
        try {
            authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(username, password));
        } catch (DisabledException e) {
            throw new Exception("USER_DISABLED", e);
        } catch (BadCredentialsException e) {
            throw new Exception("INVALID_CREDENTIALS", e);
        } catch (Exception e) {
            throw new Exception(e);
        }
    }

Signup:

@PostMapping( "/post")
    public ResponseEntity<Object> postPerson(@RequestBody final Map<String,String> map) {

        String email = (String) map.get("email");
        String password = (String) map.get("password");
        String name = (String) map.get("name");
        String dobString = (String) map.get("dob");

        Date dob;
        try {
            dob = new SimpleDateFormat("MM-dd-yyyy").parse(dobString);
        } catch (Exception e) {
            return new ResponseEntity<>(dobString +" error; try MM-dd-yyyy", HttpStatus.BAD_REQUEST);
        }
        // A person object WITHOUT ID will create a new record with default roles as student
        String passwordEncrypt = BCrypt.hashpw(password, BCrypt.gensalt());
        Person newUser = new Person(email, passwordEncrypt, name, dob);
        repository.save(newUser);
        //should hopefully create new user
        return new ResponseEntity<>(newUser, HttpStatus.CREATED);

    }

Adi-K-Coding / tri1CSA

Adi Individual Review Ticket #20

Some Tangibles

BackEnd Tangibles

NATM