pplate/plate-auth
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
bfcfe83199cc3944f8b26869e3a4905b5b9e9b08
plate-auth/plate-auth-starter/src/main/java/de/platesoft/auth/dto/ReviewAccessRequestRequest.java
T
Patrick Plate bfcfe83199 feat(w8): backend extraction completion — all missing services + controllers 
W8 closes the B3 plan↔code gap (the biggest blocker from Review v3).

New services:
- AuthService: password login/register/refresh/getCurrentUser with audit
- InvitationService: create (SHA-256 hashed token), accept, revoke, list
- AccessRequestService: submit (rate-limited 3/user), approve, deny, list

New controllers:
- AuthController: POST /api/auth/{login,register,refresh}, GET /api/auth/{me,config}
- InvitationController: POST /api/invitations, POST /api/invitations/accept, DELETE/GET
- AccessRequestController: POST /api/access-requests, POST /{id}/{approve,deny}, GET
- AdminAuditController: GET /api/admin/login-events (paginated, admin-only)

New filter:
- OrgContextResolver: reads X-Org-Id/X-Org-Type headers, validates membership,
  sets OrgContext thread-local (cleared in finally block)

New DTOs: LoginRequest, RegisterRequest, RefreshRequest, UserResponse,
AuthConfigResponse, CreateInvitationRequest, CreateAccessRequestRequest,
ReviewAccessRequestRequest

Updated:
- PlateAuthAutoConfiguration: @Import list now includes all 7 new classes
- SecurityConfig: OrgContextResolver bean + filter chain; access-requests
  permitAll scoped to POST only (approve/deny now require auth)

mvn -pl plate-auth-starter compile PASSES.
2026-06-24 22:09:28 +02:00

13 lines
299 B
Java
Raw Blame History

package de.platesoft.auth.dto;
import jakarta.validation.constraints.Size;
/**
* Request body for {@code POST /api/access-requests/{id}/approve} and
* {@code POST /api/access-requests/{id}/deny}.
*/
public record ReviewAccessRequestRequest(
@Size(max = 500) String decisionReason
) {
}
Reference in New Issue View Git Blame Copy Permalink