joeclark-phd / granite Goto Github PK
View Code? Open in Web Editor NEWA model or starter for a Java web application that will be highly-maintainable over a long period of time (20+ years)
A model or starter for a Java web application that will be highly-maintainable over a long period of time (20+ years)
Authentication with REST API should issue both an access token and a refresh token. Refresh tokens should have a long expiration and there should be an endpoint you can submit the refresh token to get a new access token.
When requesting an access token, the client should also get the precise expiration date for it, so he can know when to refresh.
For example, how to import headers/footers from other files.
they should at least have timestamps. also maybe different HTTP codes and messages depending on reason for error. without giving away too much info that might create a security risk.
JWTAuthenticationFilter could probably be replaced by an endpoint in a RestController, and the part that extracts information from the POST may be made simpler and clearer as well.
The "refresh token" flow could then go into the same RestController.
get JWT authentication working for API at an endpoint like /api/login without using the "loginForm()" directive.
Find an answer to this SO:
https://stackoverflow.com/questions/58983086/how-to-make-a-custom-usernamepasswordauthenticationfilter-register-at-an-endpoin
[ ] do one thing
[ ] do another
Vulnerabilities
DepShield reports that this application's usage of com.fasterxml.jackson.core:jackson-databind:2.9.9 results in the following vulnerability(s):
Occurrences
com.fasterxml.jackson.core:jackson-databind:2.9.9 is a transitive dependency introduced by the following direct dependency(s):
• io.jsonwebtoken:jjwt:0.9.1
└─ com.fasterxml.jackson.core:jackson-databind:2.9.9
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
It takes over 15 lines of code to spin up a testcontainer in AgencyControllerIntegrationTest, which will have to be copied over into potentially dozens of other test cases. Using the JDBC URL method of setting up Testcontainers would be better, but I don't know if it can be done with our custom database image.
If possible, find a way to do it, preferably generating the image on the fly. If not, consider whether we can get the same result using a library image and calling our scripts some other way.
This will make sure JUnit5 is correctly specified in the POM file and that tests run when expected during the build.
this is so test containers won't conflict with any other service(s) listening on port 5432
The test database should be deployed as a docker image (with version number) and so should the Granite application itself.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.