- Configure Spring Security with in memory authentication.
- Replace all
?userId
@RequestParam in your code with Authentication object. - Add @NonNull, @Min, etc annotations where applicable (add this dependency to your project, see example here)
- Implement custom email validation.
- Implement CustomGlobalExceptionHandler.
- Remove method
login()
in AuthenticationService,HashUtil
andsalt
from User entity. Start usingpasswordEncoder
in UserService -> add() for password hashing.
Advanced:
- In the UserRequestDto add a
repeatPassword
field. - Implement validation to check that password and repeatPassword are the same.
- In your CustomGlobalExceptionHandler, return JSON response with HTTP status 500
if
DataProcessingException
is thrown.
You can check yourself using this checklist