Skip to content

Develop#101

Closed
rebecanonato89 wants to merge 3 commits intostgfrom
develop
Closed

Develop#101
rebecanonato89 wants to merge 3 commits intostgfrom
develop

Conversation

@rebecanonato89
Copy link
Copy Markdown
Contributor

@rebecanonato89 rebecanonato89 commented Jul 31, 2025

No description provided.

@rebecanonato89 rebecanonato89 requested a review from Copilot July 31, 2025 16:43
Copilot AI reviewed Jul 31, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR refactors authentication to use user IDs instead of usernames, updates environment variable names for consistency, and removes the test service from Docker Compose. The changes include JWT token modifications to extract user IDs, updating login responses to include user information, and simplifying the Docker configuration.

  • JWT authentication now uses user IDs instead of usernames for token validation
  • Environment variables standardized with consistent naming (DB_* prefix)
  • Docker Compose simplified by removing test service and using env_file

Reviewed Changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 2 comments.

Show a summary per file
File Description
ChangePasswordValidatorTest.java Code formatting cleanup by combining multi-line method calls
JwtAuthenticationFilter.java Authentication logic updated to use user IDs instead of usernames
AuthUseCaseImpl.java Login response enhanced to include user login and email information
compose.yaml Docker configuration simplified and environment variables standardized
.env Environment variables reorganized and standardized with DB_ prefix

Comment thread src/main/java/com/fiap/techchallenge/infrastructure/security/JwtAuthenticationFilter.java
String username = jwtUtil.extractUsername(token);
UserDetails ud = uds.loadUserByUsername(username);
UUID userId = jwtUtil.extractUserId(token);
UserDetails ud = ((UserDetailsServiceImpl) uds).loadUserById(userId);
Copy link

Copilot AI Jul 31, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Casting to UserDetailsServiceImpl creates tight coupling and breaks the abstraction. Consider adding a loadUserById method to the UserDetailsService interface or creating a separate service interface that extends UserDetailsService with this method.

Copilot uses AI. Check for mistakes.
Comment thread src/main/java/com/fiap/techchallenge/infrastructure/security/JwtAuthenticationFilter.java
SecurityContextHolder.getContext().setAuthentication(auth);

logger.debug("Authenticated user: {}", username);
logger.debug("Authenticated user: {}", userId);
Copy link

Copilot AI Jul 31, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Logging user IDs in debug messages could expose sensitive information in log files. Consider logging a non-sensitive identifier or removing this debug log entirely for production security.

Suggested change
logger.debug("Authenticated user: {}", userId);
logger.debug("User successfully authenticated.");

Copilot uses AI. Check for mistakes.
@rebecanonato89 rebecanonato89 deleted the branch stg July 31, 2025 16:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@rebecanonato89