AuthController.java

package com.example.accessingdatamysql.auth;
import org.springframework.web.bind.annotation.RequestMapping;
import com.example.accessingdatamysql.auth.JWT;

import io.jsonwebtoken.Claims;
import jakarta.ws.rs.GET;
import jakarta.ws.rs.Path;
import jakarta.ws.rs.core.MediaType;
import jakarta.ws.rs.core.Response;

import java.util.Map;
import java.util.HashMap;
import java.util.Optional;
import javax.print.attribute.standard.Media;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.*;

import com.example.accessingdatamysql.UserRepository;
import com.example.accessingdatamysql.User;

@Controller
@CrossOrigin
@RequestMapping(path="/auth") // This means URL's start with /auth (after Application path)
public class AuthController {

    @Autowired // This means to get the bean called userRepository
    // Which is auto-generated by Spring, we will use it to handle the data
    private UserRepository userRepository;
    @PostMapping(path="/login")
    public @ResponseBody Map<String, String> login(@RequestBody Map<String, String> json) 
    {
        // Assuming you have a JSON library for Java, you can use it to build the response
        Map<String, String> res = new HashMap<String, String>();
        if (!json.containsKey("email") || !json.containsKey("password"))
        {
            res.put("result", "bad request");
            return res;
        }
        Optional<User> user = userRepository.findById(json.get("email"));
        if (user.isPresent())
        {
            User usr = user.get();
            if (usr.getEmail().equals(json.get("email")) && usr.getPassword().equals(json.get("password")))
            {
                res.put("user", user.get().getEmail());
                //give them a token
                res.put("jwt", JWT.createJWT("id", "issuer", json.get("email"), 99999999));
                res.put("result", "success");
                return res;
            }
            res.put("result", "bad password");
            return res;
        }
        res.put("result", "bad username");
        return res;
    }

    //create auth/organization end point to authenticate the user for a specific organization. 
    //also create a verification end point to verify their access to this one org.

    @PostMapping(path="/verify")
    public @ResponseBody Map<String, String> verify(@RequestBody Map<String, Object> json)
    {
        Map<String, String> res = new HashMap<String, String>();
        if (json.containsKey("jwt"))
        {
            Claims claim = JWT.decodeJWT((String) json.get("jwt")); //this will be a string
            if (claim != null)
            {
                res.put("user", claim.getSubject());
                res.put("result", "success");
            }
            else
            {
                res.put("login", "failed - expired/bad token");
                res.put("result", "failure");
            }
        }
        else
        {
            res.put("login", "failed");
        }
        return res;
    }
}