The document summarizes a backend project created by a team of 4 members over 7 weeks. It outlines the technologies used, including Spring Boot, Hibernate, MySQL, JWT authentication, and deployment to Heroku. It provides details on the project structure, including 54 classes in 5 packages, 19 test classes, 7 controllers, and 19 entity models mapped to the MySQL database. It also describes some methods and endpoints, and where to find the GitHub repository and running application. Security is handled through JWT authentication and authorization filters. Database migrations are managed through Flyway to support database versioning.

1. VULPES TRIBES BACKEND
OUR TEAM PROJECT AT GFA/HÚLI
08. 02. 2019

2. OUR TEAM HAS FOUR MEMBERS
JIŘINA KOPSOVÁ
• https://github.com/Kopsova/
• www.linkedin.com/in/jirinakopsova
PETER KOŽUCH
• https://github.com/PeterXMR
• www.linkedin.com/in/PeterKozuch
VOJTĚCH BLUDSKÝ
• https://github.com/Organt
• www.linkedin.com/in/vojtech-
bludsky
JIŘÍ SOUŠEK
• https://github.com/jsousek
• https://www.linkedin.com/in/jirisous
ek/

3. WE ALREADY SPEND 7 WEEKS WORKING ON
OUR APP
WHICH IS BEAUTIFUL :
SINCE IT IS A RESTFUL APPLICATION


4. LIST OF TECHNOLOGIES USED IN THE
PROJECT
• SPRING BOOT
• HIBERNATE
• ORACLE MYSQL
• FLYWAY DB MIGRATION
• JWT TOKEN AUTHENTICATION
• BCRYPT PW ENCRYPTION
• JUNIT
• MOCKITO TEST FRAMEWORK
• MOCK MVC
• JENKINS CI
• HEROKU DEPLOYMENT
• POSTMAN

5. WE ALREADY HAVE
• 54 CLASSES IN 5 PACKAGES
• 19 TESTS CLASSES WITH 53 TESTS

7. REQUESTS ARE PROCESSED WITH 7
CONTROLLERS

8. 19 MODELS WITH DEPENDECIES

9. MAPPED AS ENTITIES FOR MYSQL DATABASE

11. SOME METHODS IN OUR PROJECT ARE
ELEGANT AND SIMPLE
public int getSumOfBuildingLevels(Kingdom kingdom, String buildingType) {
return kingdom.getBuildings().stream()
.filter(b -> b.getType().equals(buildingType))
.mapToInt(Building::getLevel)
.sum();
}

12. SOME COULD USE SOME REFACTORING OR
SIMPLIFICATION 
public List<ResourcesModel> resourceDisplayandUpdate(String username) {
Kingdom kingdomFromDB = kingdomService.verifyKingdom(username);
List<ResourcesModel> rmListFromDB = kingdomFromDB.getResourcesModel();
List<String>buildingTypes = Arrays.asList("mine","farm");
for (int i = 0; i < 2; i++) {
long OriginalUpdatedAt = rmListFromDB.get(i).getUpdatedAt();
String buildingType = buildingTypes.get(i);
long timeDiff = timeDifferenceInMinIn(OriginalUpdatedAt, System.currentTimeMillis());
long sumRes = getSumOfBuildingLevels(kingdomFromDB, buildingType);
rmListFromDB.get(i).setAmount(rmListFromDB.get(i).getAmount() + (timeDiff * sumRes));
rmListFromDB.get(i).setUpdatedAt(getCurrentTimestamp().getTime());
rmListFromDB.get(i).setGenerated(timeDiff * sumRes);
resourceRepository.save(rmListFromDB.get(i));
}
return rmListFromDB;
}

13. WHERE TO FIND OUR APP
URL:
https://vulpes-tribes-backend.herokuapp.com
GitHub Repository:
https://github.com/green-fox-academy/vulpes-
tribes-backend

14. BUT MOST OF ALL, IT
WORKS
👍
AS VOJTA WILL DEMONSTRATE IN POSTMAN

15. JWT TOKEN
AUTHENTICATION
JIŘINA KOPSOVA

16. public class SecurityConfig extends
WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf().disable()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.authorizeRequests()
.antMatchers("/kingdom/**", "/user/**").authenticated()
.antMatchers("/").permitAll()
.and()
.addFilter(new JWTAuthorizationFilter(authenticationManager()))
.exceptionHandling().authenticationEntryPoint(forbiddenExceptionHandler);
}

17. {
"username": "adamgyulavari",
"password": "abc123"
}
Player loggs in with username and password:

18. } else if
(userTRepository.findTribesUserByUsername(tribesUser.getUsername()).get().getPasswo
rd().equals(tribesUser.getPassword())) {
TribesUser user =
userTRepository.findTribesUserByUsername(tribesUser.getUsername()).get();
user.setLoggedIn(true);
userTRepository.save(user);
return new ResponseEntity(
new
OKstatus(JWTService.createToken(tribesUser.getUsername())),HttpStatus.OK);
@PostMapping(value = "/login")
public ResponseEntity loginUser(@RequestBody TribesUser tribesUser) {
UserRestController

19. public class JWTService {
public static String createToken (String username){
String jwtToken = JWT.create()
.withSubject(username)
.withExpiresAt(new
Date(System.currentTimeMillis() + EXPIRATION_TIME))
.sign(HMAC512(SecurityConstants.SECRET.getBytes()))
;
return jwtToken;
}
Method createToken

20. USER IS LOGGED IN SUCCESSFULLY.
JWT TOKEN IS CREATED.
{ "status": "ok",
"tribes_token":
"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJhZGFtZ3l1bGF2YXJpIiwiZX
hwIjoxNTQ5Mjc2NzQ1fQ.xYiud2OUo8TycTUt3nueW-
ULDEDA_sAc_fyi0joMUjb2uUF_1SfvhoC7zbU9uWNWHHuPO-zbxXiY1BkWJQ-
fmg "
}
To access secured endpoint, JWT token must be present in the header of each
HTTP request.

21. SECURITY IS HANDLED BY
JWTAUTHORISATIONFILTER
IT IS NOT NECESSARY TO SECURE EVERY
SINGLE ENDPOINT SEPARATELY.

22. public class JWTAuthorizationFilter extends BasicAuthenticationFilter {
public JWTAuthorizationFilter(AuthenticationManager authManager) {
super(authManager);
}
@Override
protected void doFilterInternal(HttpServletRequest req,
HttpServletResponse res,
FilterChain chain) throws IOException, ServletException {
String header = req.getHeader(HEADER_STRING);
if (header == null) {
chain.doFilter(req, res);
return;
}
try {
UsernamePasswordAuthenticationToken authentication = getAuthentication(req);
SecurityContextHolder.getContext().setAuthentication(authentication);
chain.doFilter(req, res);
}catch (JWTDecodeException e ){
JWTService.invalidTokenResponce(res);
}
}

23. DATABASE MIGRATION
PETER KOŽUCH

24. WE ARE USING
FLYWAY
• TO HANDLE OUR
DATABASES MIGRATIONS

25. WHY WE HAVE DATABASE MIGRATIONS IN
OUR APP
• WE CAN HAVE SEVERAL VERSIONS OF OUR DATABASE
• WE CAN FILL DATABASE WITH DATA IN A CONTROLLED MANNER
• WE DO NOT NEED DROP DATABASE AT HEROKU IF DATABASE
STRUCTURE HAS BEEN CHANGED

26. TABLE OF OUR MIGRATIONS