user management

.idea/libraries/Maven__io_jsonwebtoken_jjwt_0_9_1.xml

-<component name="libraryTable">
-  <library name="Maven: io.jsonwebtoken:jjwt:0.9.1">
-    <CLASSES>
-      <root url="jar://$MAVEN_REPOSITORY$/io/jsonwebtoken/jjwt/0.9.1/jjwt-0.9.1.jar!/" />
-    </CLASSES>
-    <JAVADOC>
-      <root url="jar://$MAVEN_REPOSITORY$/io/jsonwebtoken/jjwt/0.9.1/jjwt-0.9.1-javadoc.jar!/" />
-    </JAVADOC>
-    <SOURCES>
-      <root url="jar://$MAVEN_REPOSITORY$/io/jsonwebtoken/jjwt/0.9.1/jjwt-0.9.1-sources.jar!/" />
-    </SOURCES>
-  </library>
-</component>
\ No newline at end of file

data/rethinkdb_data/log_file

@@ -442,3 +442,16 @@
 2023-05-11T15:28:31.197475600 0.277315s notice: Server ready, "94f92ff17ad0_b5t" 351bd23d-da7f-4829-93f5-9a1d2711b6cb
 2023-05-11T15:28:32.846035600 1.925875s info: Table 0d2cdb10-8d12-4307-bcba-7fb2b6e6d142: Starting a new Raft election for term 10.
 2023-05-11T15:28:32.850296200 1.930136s info: Table 0d2cdb10-8d12-4307-bcba-7fb2b6e6d142: This server is Raft leader for term 10. Latest log index is 29.
+2023-05-12T21:00:35.843529700 0.303847s notice: Running rethinkdb 2.4.2~0bullseye (GCC 10.2.1)...
+2023-05-12T21:00:35.871874000 0.332192s notice: Running on Linux 5.10.16.3-microsoft-standard-WSL2 x86_64
+2023-05-12T21:00:35.872496100 0.332813s notice: Loading data from directory /data/rethinkdb_data
+2023-05-12T21:00:36.181199900 0.641519s info: Automatically using cache size of 2460 MB
+2023-05-12T21:00:36.261168400 0.721485s notice: Listening for intracluster connections on port 29015
+2023-05-12T21:00:36.826960500 1.287278s notice: Listening for client driver connections on port 28015
+2023-05-12T21:00:36.827159900 1.287477s notice: Listening for administrative HTTP connections on port 8080
+2023-05-12T21:00:36.827167800 1.287485s notice: Listening on cluster addresses: 127.0.0.1, 172.18.0.2
+2023-05-12T21:00:36.827175100 1.287492s notice: Listening on driver addresses: 127.0.0.1, 172.18.0.2
+2023-05-12T21:00:36.827183000 1.287500s notice: Listening on http addresses: 127.0.0.1, 172.18.0.2
+2023-05-12T21:00:36.827190200 1.287507s notice: Server ready, "94f92ff17ad0_b5t" 351bd23d-da7f-4829-93f5-9a1d2711b6cb
+2023-05-12T21:00:38.501374800 3.001877s info: Table 9ab94c3e-b3cf-49d9-a5c1-98af7df44d3e: Starting a new Raft election for term 3.
+2023-05-12T21:00:38.506684900 3.007187s info: Table 9ab94c3e-b3cf-49d9-a5c1-98af7df44d3e: This server is Raft leader for term 3. Latest log index is 5.

userManagement/.gitignore

+HELP.md
+target/
+!.mvn/wrapper/maven-wrapper.jar
+!**/src/main/**/target/
+!**/src/test/**/target/
+
+### STS ###
+.apt_generated
+.classpath
+.factorypath
+.project
+.settings
+.springBeans
+.sts4-cache
+
+### IntelliJ IDEA ###
+.idea
+*.iws
+*.iml
+*.ipr
+
+### NetBeans ###
+/nbproject/private/
+/nbbuild/
+/dist/
+/nbdist/
+/.nb-gradle/
+build/
+!**/src/main/**/build/
+!**/src/test/**/build/
+
+### VS Code ###
+.vscode/

userManagement/.mvn/wrapper/maven-wrapper.properties

+distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.8.6/apache-maven-3.8.6-bin.zip
+wrapperUrl=https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar

userManagement/mvnw.cmd

+@REM ----------------------------------------------------------------------------
+@REM Licensed to the Apache Software Foundation (ASF) under one
+@REM or more contributor license agreements.  See the NOTICE file
+@REM distributed with this work for additional information
+@REM regarding copyright ownership.  The ASF licenses this file
+@REM to you under the Apache License, Version 2.0 (the
+@REM "License"); you may not use this file except in compliance
+@REM with the License.  You may obtain a copy of the License at
+@REM
+@REM    https://www.apache.org/licenses/LICENSE-2.0
+@REM
+@REM Unless required by applicable law or agreed to in writing,
+@REM software distributed under the License is distributed on an
+@REM "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+@REM KIND, either express or implied.  See the License for the
+@REM specific language governing permissions and limitations
+@REM under the License.
+@REM ----------------------------------------------------------------------------
+
+@REM ----------------------------------------------------------------------------
+@REM Maven Start Up Batch script
+@REM
+@REM Required ENV vars:
+@REM JAVA_HOME - location of a JDK home dir
+@REM
+@REM Optional ENV vars
+@REM M2_HOME - location of maven2's installed home dir
+@REM MAVEN_BATCH_ECHO - set to 'on' to enable the echoing of the batch commands
+@REM MAVEN_BATCH_PAUSE - set to 'on' to wait for a keystroke before ending
+@REM MAVEN_OPTS - parameters passed to the Java VM when running Maven
+@REM     e.g. to debug Maven itself, use
+@REM set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000
+@REM MAVEN_SKIP_RC - flag to disable loading of mavenrc files
+@REM ----------------------------------------------------------------------------
+
+@REM Begin all REM lines with '@' in case MAVEN_BATCH_ECHO is 'on'
+@echo off
+@REM set title of command window
+title %0
+@REM enable echoing by setting MAVEN_BATCH_ECHO to 'on'
+@if "%MAVEN_BATCH_ECHO%" == "on"  echo %MAVEN_BATCH_ECHO%
+
+@REM set %HOME% to equivalent of $HOME
+if "%HOME%" == "" (set "HOME=%HOMEDRIVE%%HOMEPATH%")
+
+@REM Execute a user defined script before this one
+if not "%MAVEN_SKIP_RC%" == "" goto skipRcPre
+@REM check for pre script, once with legacy .bat ending and once with .cmd ending
+if exist "%USERPROFILE%\mavenrc_pre.bat" call "%USERPROFILE%\mavenrc_pre.bat" %*
+if exist "%USERPROFILE%\mavenrc_pre.cmd" call "%USERPROFILE%\mavenrc_pre.cmd" %*
+:skipRcPre
+
+@setlocal
+
+set ERROR_CODE=0
+
+@REM To isolate internal variables from possible post scripts, we use another setlocal
+@setlocal
+
+@REM ==== START VALIDATION ====
+if not "%JAVA_HOME%" == "" goto OkJHome
+
+echo.
+echo Error: JAVA_HOME not found in your environment. >&2
+echo Please set the JAVA_HOME variable in your environment to match the >&2
+echo location of your Java installation. >&2
+echo.
+goto error
+
+:OkJHome
+if exist "%JAVA_HOME%\bin\java.exe" goto init
+
+echo.
+echo Error: JAVA_HOME is set to an invalid directory. >&2
+echo JAVA_HOME = "%JAVA_HOME%" >&2
+echo Please set the JAVA_HOME variable in your environment to match the >&2
+echo location of your Java installation. >&2
+echo.
+goto error
+
+@REM ==== END VALIDATION ====
+
+:init
+
+@REM Find the project base dir, i.e. the directory that contains the folder ".mvn".
+@REM Fallback to current working directory if not found.
+
+set MAVEN_PROJECTBASEDIR=%MAVEN_BASEDIR%
+IF NOT "%MAVEN_PROJECTBASEDIR%"=="" goto endDetectBaseDir
+
+set EXEC_DIR=%CD%
+set WDIR=%EXEC_DIR%
+:findBaseDir
+IF EXIST "%WDIR%"\.mvn goto baseDirFound
+cd ..
+IF "%WDIR%"=="%CD%" goto baseDirNotFound
+set WDIR=%CD%
+goto findBaseDir
+
+:baseDirFound
+set MAVEN_PROJECTBASEDIR=%WDIR%
+cd "%EXEC_DIR%"
+goto endDetectBaseDir
+
+:baseDirNotFound
+set MAVEN_PROJECTBASEDIR=%EXEC_DIR%
+cd "%EXEC_DIR%"
+
+:endDetectBaseDir
+
+IF NOT EXIST "%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config" goto endReadAdditionalConfig
+
+@setlocal EnableExtensions EnableDelayedExpansion
+for /F "usebackq delims=" %%a in ("%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config") do set JVM_CONFIG_MAVEN_PROPS=!JVM_CONFIG_MAVEN_PROPS! %%a
+@endlocal & set JVM_CONFIG_MAVEN_PROPS=%JVM_CONFIG_MAVEN_PROPS%
+
+:endReadAdditionalConfig
+
+SET MAVEN_JAVA_EXE="%JAVA_HOME%\bin\java.exe"
+set WRAPPER_JAR="%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.jar"
+set WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain
+
+set DOWNLOAD_URL="https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar"
+
+FOR /F "usebackq tokens=1,2 delims==" %%A IN ("%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.properties") DO (
+    IF "%%A"=="wrapperUrl" SET DOWNLOAD_URL=%%B
+)
+
+@REM Extension to allow automatically downloading the maven-wrapper.jar from Maven-central
+@REM This allows using the maven wrapper in projects that prohibit checking in binary data.
+if exist %WRAPPER_JAR% (
+    if "%MVNW_VERBOSE%" == "true" (
+        echo Found %WRAPPER_JAR%
+    )
+) else (
+    if not "%MVNW_REPOURL%" == "" (
+        SET DOWNLOAD_URL="%MVNW_REPOURL%/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar"
+    )
+    if "%MVNW_VERBOSE%" == "true" (
+        echo Couldn't find %WRAPPER_JAR%, downloading it ...
+        echo Downloading from: %DOWNLOAD_URL%
+    )
+
+    powershell -Command "&{"^
+		"$webclient = new-object System.Net.WebClient;"^
+		"if (-not ([string]::IsNullOrEmpty('%MVNW_USERNAME%') -and [string]::IsNullOrEmpty('%MVNW_PASSWORD%'))) {"^
+		"$webclient.Credentials = new-object System.Net.NetworkCredential('%MVNW_USERNAME%', '%MVNW_PASSWORD%');"^
+		"}"^
+		"[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; $webclient.DownloadFile('%DOWNLOAD_URL%', '%WRAPPER_JAR%')"^
+		"}"
+    if "%MVNW_VERBOSE%" == "true" (
+        echo Finished downloading %WRAPPER_JAR%
+    )
+)
+@REM End of extension
+
+@REM Provide a "standardized" way to retrieve the CLI args that will
+@REM work with both Windows and non-Windows executions.
+set MAVEN_CMD_LINE_ARGS=%*
+
+%MAVEN_JAVA_EXE% ^
+  %JVM_CONFIG_MAVEN_PROPS% ^
+  %MAVEN_OPTS% ^
+  %MAVEN_DEBUG_OPTS% ^
+  -classpath %WRAPPER_JAR% ^
+  "-Dmaven.multiModuleProjectDirectory=%MAVEN_PROJECTBASEDIR%" ^
+  %WRAPPER_LAUNCHER% %MAVEN_CONFIG% %*
+if ERRORLEVEL 1 goto error
+goto end
+
+:error
+set ERROR_CODE=1
+
+:end
+@endlocal & set ERROR_CODE=%ERROR_CODE%
+
+if not "%MAVEN_SKIP_RC%"=="" goto skipRcPost
+@REM check for post script, once with legacy .bat ending and once with .cmd ending
+if exist "%USERPROFILE%\mavenrc_post.bat" call "%USERPROFILE%\mavenrc_post.bat"
+if exist "%USERPROFILE%\mavenrc_post.cmd" call "%USERPROFILE%\mavenrc_post.cmd"
+:skipRcPost
+
+@REM pause the script if MAVEN_BATCH_PAUSE is set to 'on'
+if "%MAVEN_BATCH_PAUSE%"=="on" pause
+
+if "%MAVEN_TERMINATE_CMD%"=="on" exit %ERROR_CODE%
+
+cmd /C exit /B %ERROR_CODE%

userManagement/pom.xml

+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
+	<modelVersion>4.0.0</modelVersion>
+	<parent>
+		<groupId>org.springframework.boot</groupId>
+		<artifactId>spring-boot-starter-parent</artifactId>
+		<version>3.0.5</version>
+		<relativePath/> <!-- lookup parent from repository -->
+	</parent>
+	<groupId>com.example</groupId>
+	<artifactId>userManagement</artifactId>
+	<version>0.0.1-SNAPSHOT</version>
+	<name>userManagement</name>
+	<description>role based authentication</description>
+	<properties>
+		<java.version>17</java.version>
+	</properties>
+	<dependencies>
+
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-security</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-web</artifactId>
+		</dependency>
+
+		<dependency>
+			<groupId>io.projectreactor</groupId>
+			<artifactId>reactor-core</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>com.google.code.gson</groupId>
+			<artifactId>gson</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-data-elasticsearch</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.projectlombok</groupId>
+			<artifactId>lombok</artifactId>
+			<optional>true</optional>
+		</dependency>
+		<dependency>
+			<groupId>javax.persistence</groupId>
+			<artifactId>javax.persistence-api</artifactId>
+			<version>2.2</version>
+		</dependency>
+<!--		<dependency>-->
+<!--			<groupId>io.jsonwebtoken</groupId>-->
+<!--			<artifactId>jjwt</artifactId>-->
+<!--			<version>0.9.1</version>-->
+<!--		</dependency>-->
+		<dependency>
+			<groupId>io.jsonwebtoken</groupId>
+			<artifactId>jjwt-api</artifactId>
+			<version>0.11.5</version>
+		</dependency>
+		<dependency>
+			<groupId>io.jsonwebtoken</groupId>
+			<artifactId>jjwt-impl</artifactId>
+			<version>0.11.5</version>
+		</dependency>
+		<dependency>
+			<groupId>io.jsonwebtoken</groupId>
+			<artifactId>jjwt-jackson</artifactId>
+			<version>0.11.5</version>
+		</dependency>
+		<dependency>
+			<groupId>org.springdoc</groupId>
+			<artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
+			<version>2.1.0</version>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-validation</artifactId>
+		</dependency>
+
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-test</artifactId>
+			<scope>test</scope>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.security</groupId>
+			<artifactId>spring-security-test</artifactId>
+			<scope>test</scope>
+		</dependency>
+	</dependencies>
+
+	<build>
+		<plugins>
+			<plugin>
+				<groupId>org.springframework.boot</groupId>
+				<artifactId>spring-boot-maven-plugin</artifactId>
+				<configuration>
+					<excludes>
+						<exclude>
+							<groupId>org.projectlombok</groupId>
+							<artifactId>lombok</artifactId>
+						</exclude>
+					</excludes>
+				</configuration>
+			</plugin>
+		</plugins>
+	</build>
+
+</project>

userManagement/src/main/java/com/example/userManagement/UserManagementApplication.java

+package com.example.userManagement;
+
+import com.example.userManagement.entity.RegisterRequest;
+import com.example.userManagement.entity.Role;
+import com.example.userManagement.services.AuthenticationService;
+import com.example.userManagement.services.RoleService;
+import org.springframework.boot.CommandLineRunner;
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.context.annotation.Bean;
+
+
+@SpringBootApplication
+public class UserManagementApplication {
+
+	public static void main(String[] args) {
+		SpringApplication.run(UserManagementApplication.class, args);
+	}
+//
+//	@Bean
+//	public CommandLineRunner commandLineRunner(
+//			AuthenticationService service,
+//			RoleService roleService
+//	) {
+//		return args -> {
+//
+//			var Role1 = new Role("admin");
+//			var Role2 = new Role("admin");
+//			roleService.insertRole(Role1);
+//			roleService.insertRole(Role2);
+//			var admin = RegisterRequest.builder()
+//					.firstname("admin1")
+//					.lastname("admin1")
+//					.email("admin1@mail.com")
+//					.password("password")
+//					.role("admin")
+//					.build();
+//			System.out.println("Admin token: " + service.register(admin).getAccessToken());
+//
+//			var manager = RegisterRequest.builder()
+//					.firstname("admin2")
+//					.lastname("admin2")
+//					.email("admin2@mail.com")
+//					.password("password")
+//					.role("admin")
+//					.build();
+//			System.out.println("Manager token: " + service.register(manager).getAccessToken());
+//
+//		};
+//	}
+}

userManagement/src/main/java/com/example/userManagement/configuration/ApplicationConfig.java

+package com.example.userManagement.configuration;
+
+import com.example.userManagement.repository.UserRepository;
+import lombok.RequiredArgsConstructor;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.AuthenticationProvider;
+import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
+import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@Configuration
+@RequiredArgsConstructor
+public class ApplicationConfig {
+  @Autowired
+  private  UserRepository repository;
+  @Bean
+  public UserDetailsService userDetailsService() throws UsernameNotFoundException{
+    return username -> repository.findByUsername(username);
+  }
+
+  @Bean
+  public AuthenticationProvider authenticationProvider() {
+    DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider();
+    authProvider.setUserDetailsService(userDetailsService());
+    authProvider.setPasswordEncoder(passwordEncoder());
+    return authProvider;
+  }
+
+  @Bean
+  public AuthenticationManager authenticationManager(AuthenticationConfiguration config) throws Exception {
+    return config.getAuthenticationManager();
+  }
+
+  @Bean
+  public PasswordEncoder passwordEncoder() {
+    return new BCryptPasswordEncoder();
+  }
+
+}

userManagement/src/main/java/com/example/userManagement/configuration/JwtAuthenticationFilter.java

+package com.example.userManagement.configuration;
+
+import com.example.userManagement.repository.TokenRepository;
+import com.example.userManagement.services.JwtService;
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+
+import java.io.IOException;
+import lombok.RequiredArgsConstructor;
+import org.springframework.lang.NonNull;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
+import org.springframework.stereotype.Component;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+@Component
+@RequiredArgsConstructor
+public class JwtAuthenticationFilter extends OncePerRequestFilter {
+
+  private final JwtService jwtService;
+  private final UserDetailsService userDetailsService;
+  private final TokenRepository tokenRepository;
+
+  @Override
+  protected void doFilterInternal(
+      @NonNull HttpServletRequest request,
+      @NonNull HttpServletResponse response,
+      @NonNull FilterChain filterChain
+  ) throws ServletException, IOException {
+    if (request.getServletPath().contains("/api/v1/auth")) {
+      filterChain.doFilter(request, response);
+      return;
+    }
+    final String authHeader = request.getHeader("Authorization");
+    final String jwt;
+    final String username;
+    if (authHeader == null ||!authHeader.startsWith("Bearer ")) {
+      filterChain.doFilter(request, response);
+      return;
+    }
+    jwt = authHeader.substring(7);
+    username = jwtService.extractUsername(jwt);
+    if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) {
+      UserDetails userDetails = this.userDetailsService.loadUserByUsername(username);
+      var isTokenValid = tokenRepository.findByToken(jwt)
+          .map(t -> !t.isExpired() && !t.isRevoked())
+          .orElse(false);
+      if (jwtService.isTokenValid(jwt, userDetails) && isTokenValid) {
+        UsernamePasswordAuthenticationToken authToken = new UsernamePasswordAuthenticationToken(
+            userDetails,
+            null,
+            userDetails.getAuthorities()
+        );
+        authToken.setDetails(
+            new WebAuthenticationDetailsSource().buildDetails(request)
+        );
+        SecurityContextHolder.getContext().setAuthentication(authToken);
+      }
+    }
+    filterChain.doFilter(request, response);
+  }
+}

userManagement/src/main/java/com/example/userManagement/configuration/SecurityConfiguration.java

+package com.example.userManagement.configuration;
+
+import lombok.RequiredArgsConstructor;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationProvider;
+import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+import org.springframework.security.web.authentication.logout.LogoutHandler;
+
+import static org.springframework.http.HttpMethod.DELETE;
+import static org.springframework.http.HttpMethod.GET;
+import static org.springframework.http.HttpMethod.POST;
+import static org.springframework.http.HttpMethod.PUT;
+
+@Configuration
+@EnableWebSecurity
+@RequiredArgsConstructor
+@EnableMethodSecurity
+public class SecurityConfiguration {
+
+  private final JwtAuthenticationFilter jwtAuthFilter;
+  private final AuthenticationProvider authenticationProvider;
+  private final LogoutHandler logoutHandler;
+
+  @Bean
+  public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+    http
+        .csrf()
+        .disable()
+        .authorizeHttpRequests()
+        .requestMatchers(
+                "/api/v1/auth/authenticate"
+        )
+          .permitAll()
+
+//
+//        .requestMatchers("/api/v1/auth/**")
+//            .hasAnyRole(ADMIN.name(), MANAGER.name())
+
+//
+//        .requestMatchers(GET, "/api/v1/management/**").hasAnyAuthority(ADMIN_READ.name(), MANAGER_READ.name())
+//        .requestMatchers(POST, "/api/v1/management/**").hasAnyAuthority(ADMIN_CREATE.name(), MANAGER_CREATE.name())
+//        .requestMatchers(PUT, "/api/v1/management/**").hasAnyAuthority(ADMIN_UPDATE.name(), MANAGER_UPDATE.name())
+//        .requestMatchers(DELETE, "/api/v1/management/**").hasAnyAuthority(ADMIN_DELETE.name(), MANAGER_DELETE.name())
+
+
+       /* .requestMatchers("/api/v1/admin/**").hasRole(ADMIN.name())
+
+        .requestMatchers(GET, "/api/v1/admin/**").hasAuthority(ADMIN_READ.name())
+        .requestMatchers(POST, "/api/v1/admin/**").hasAuthority(ADMIN_CREATE.name())
+        .requestMatchers(PUT, "/api/v1/admin/**").hasAuthority(ADMIN_UPDATE.name())
+        .requestMatchers(DELETE, "/api/v1/admin/**").hasAuthority(ADMIN_DELETE.name())*/
+
+
+        .anyRequest()
+          .authenticated()
+        .and()
+          .sessionManagement()
+          .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
+        .and()
+        .authenticationProvider(authenticationProvider)
+        .addFilterBefore(jwtAuthFilter, UsernamePasswordAuthenticationFilter.class)
+        .logout()
+        .logoutUrl("/api/v1/auth/logout")
+        .addLogoutHandler(logoutHandler)
+        .logoutSuccessHandler((request, response, authentication) -> SecurityContextHolder.clearContext())
+    ;
+
+    return http.build();
+  }
+}

userManagement/src/main/java/com/example/userManagement/controller/AuthenticationController.java

+package com.example.userManagement.controller;
+
+import com.example.userManagement.entity.AuthenticationRequest;
+import com.example.userManagement.entity.AuthenticationResponse;
+import com.example.userManagement.entity.RegisterRequest;
+import com.example.userManagement.services.AuthenticationService;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import lombok.RequiredArgsConstructor;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import java.io.IOException;
+
+@RestController
+@RequestMapping("/api/v1/auth")
+@RequiredArgsConstructor
+public class AuthenticationController {
+
+  private final AuthenticationService service;
+
+  @PostMapping("/register")
+  public ResponseEntity<AuthenticationResponse> register(
+      @RequestBody RegisterRequest request
+  ) {
+    return ResponseEntity.ok(service.register(request));
+  }
+  @PostMapping("/authenticate")
+  public ResponseEntity<AuthenticationResponse> authenticate(
+      @RequestBody AuthenticationRequest request
+  ) {
+    return ResponseEntity.ok(service.authenticate(request));
+  }
+
+//  @PostMapping("/refresh-token")
+//  public void refreshToken(
+//      HttpServletRequest request,
+//      HttpServletResponse response
+//  ) throws IOException {
+//    service.refreshToken(request, response);
+//  }
+
+
+}

userManagement/src/main/java/com/example/userManagement/controller/RoleController.java

+package com.example.userManagement.controller;
+
+import com.example.userManagement.entity.Role;
+import com.example.userManagement.services.RoleService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.*;
+
+
+@RestController
+//@CrossOrigin(origins = {"http://localhost:5173"})
+//@CrossOrigin(origins = {"*"})
+@RequestMapping("/api/roles")
+public class RoleController {
+
+
+    @Autowired
+    private RoleService roleService;
+
+    @GetMapping("/")
+    Iterable<Role> findAll(){
+        return roleService.getRoles();
+
+    }
+
+    @PostMapping("/insertRole")
+    public Role insertRole(@RequestBody final Role role){
+
+        return roleService.insertRole(role);
+    }
+
+    @PutMapping("/updateRole/{id}")
+    public Role updateRole(@RequestBody final Role role,@PathVariable int id){
+
+        return roleService.updateRole(role,id);
+    }
+
+    @DeleteMapping("/{id}")
+    public boolean deleteRole(@PathVariable int id) {
+        return roleService.deleteRole(id);
+    }
+
+}

userManagement/src/main/java/com/example/userManagement/controller/UserController.java

+package com.example.userManagement.controller;
+
+import com.example.userManagement.entity.User;
+import com.example.userManagement.services.UserService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.*;
+
+
+@RestController
+//@CrossOrigin(origins = {"*"})
+@RequestMapping("/api/users")
+public class UserController {
+
+    private final UserService userService;
+
+    @Autowired
+    public UserController(UserService userService) {
+        this.userService = userService;
+    }
+
+    @GetMapping("/")
+    public Iterable<User> findAll() {
+        return userService.getUsers();
+
+    }
+
+    @GetMapping("/Users/{id}")
+    public User findById(@PathVariable int id) {
+        return userService.getUserById(id);
+
+    }
+
+    @PostMapping("/insertUser")
+    public User insertUser(@RequestBody final User user) {
+        return userService.insertUser(user);
+    }
+
+    @PutMapping("/updateUser/{id}")
+    public User updateUser(@RequestBody User user, @PathVariable int id) {
+        return userService.updateUser(user, id);
+    }
+
+    @DeleteMapping("/{id}")
+    public boolean deleteUser(@PathVariable int id) {
+        return userService.deleteUser(id);
+    }
+
+
+}

userManagement/src/main/java/com/example/userManagement/entity/AuthenticationRequest.java

+package com.example.userManagement.entity;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@Builder
+@AllArgsConstructor
+@NoArgsConstructor
+public class AuthenticationRequest {
+
+  private String username;
+  private String password;
+}

userManagement/src/main/java/com/example/userManagement/entity/AuthenticationResponse.java

+package com.example.userManagement.entity;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@Builder
+@AllArgsConstructor
+@NoArgsConstructor
+public class AuthenticationResponse {
+
+  @JsonProperty("access_token")
+  private String accessToken;
+  @JsonProperty("refresh_token")
+  private String refreshToken;
+}

userManagement/src/main/java/com/example/userManagement/entity/RegisterRequest.java

+package com.example.userManagement.entity;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@Builder
+@AllArgsConstructor
+@NoArgsConstructor
+public class RegisterRequest {
+
+  private String firstname;
+  private String lastname;
+  private String email;
+  private String password;
+  private String role;
+}

userManagement/src/main/java/com/example/userManagement/entity/Role.java

+package com.example.userManagement.entity;
+
+import com.example.userManagement.util.Indices;
+import lombok.*;
+import org.springframework.data.annotation.Id;
+import org.springframework.data.elasticsearch.annotations.Document;
+import org.springframework.data.elasticsearch.annotations.Field;
+import org.springframework.data.elasticsearch.annotations.FieldType;
+import org.springframework.data.elasticsearch.annotations.Setting;
+
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+
+@Getter
+@Setter
+@NoArgsConstructor
+@AllArgsConstructor
+@Data
+@Document(indexName = Indices.ROLE_INDEX)
+@Setting(settingPath = "static/es-settings.json")
+public class Role {
+    public Role(String role) {
+        this.role = role;
+    }
+
+    @Id
+    @GeneratedValue(strategy = GenerationType.IDENTITY)
+    @Field(type = FieldType.Text)
+    private String id;
+    @Field(type = FieldType.Text)
+    private String role;
+
+}

userManagement/src/main/java/com/example/userManagement/entity/Token.java

+package com.example.userManagement.entity;
+
+import com.example.userManagement.util.Indices;
+import com.example.userManagement.util.TokenType;
+import lombok.*;
+import org.springframework.data.annotation.Id;
+import org.springframework.data.elasticsearch.annotations.Document;
+import org.springframework.data.elasticsearch.annotations.Field;
+import org.springframework.data.elasticsearch.annotations.FieldType;
+import org.springframework.data.elasticsearch.annotations.Setting;
+
+import javax.persistence.EnumType;
+import javax.persistence.Enumerated;
+import javax.persistence.GeneratedValue;
+
+@Data
+@Builder
+@Getter
+@NoArgsConstructor
+@AllArgsConstructor
+@Document(indexName = Indices.TOKEN_INDEX)
+@Setting(settingPath = "static/es-settings.json")
+public class Token {
+
+  @Id
+  @GeneratedValue
+  @Field(type = FieldType.Text)
+  public String id;
+  @Field(type = FieldType.Keyword)
+  public String token;
+
+  @Enumerated(EnumType.STRING)
+  public TokenType tokenType = TokenType.BEARER;
+  @Field(type = FieldType.Boolean)
+  public boolean revoked;
+  @Field(type = FieldType.Boolean)
+  public boolean expired;
+  @Field(type = FieldType.Text)
+  public String user;
+}

userManagement/src/main/java/com/example/userManagement/entity/User.java

+package com.example.userManagement.entity;
+
+import com.example.userManagement.util.Indices;
+import lombok.*;
+import org.springframework.data.annotation.Id;
+import org.springframework.data.elasticsearch.annotations.Document;
+import org.springframework.data.elasticsearch.annotations.Field;
+import org.springframework.data.elasticsearch.annotations.FieldType;
+import org.springframework.data.elasticsearch.annotations.Setting;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+
+import javax.persistence.Entity;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+import java.util.Collection;
+import java.util.List;
+
+@Getter
+@Setter
+@NoArgsConstructor
+@AllArgsConstructor
+@Builder
+@Entity
+@Data
+@Document(indexName = Indices.USER_INDEX)
+@Setting(settingPath = "static/es-settings.json")
+public class User implements UserDetails {
+
+    @Id
+    @GeneratedValue(strategy = GenerationType.IDENTITY)
+    @Field(type = FieldType.Keyword)
+    private String id;
+
+    @Field(type = FieldType.Text)
+    private String username;
+//    @Field(type = FieldType.Text)
+//    private String firstname;
+//    @Field(type = FieldType.Text)
+//    private String lastname;
+    @Field(type = FieldType.Text)
+    private String email;
+
+    @Field(type = FieldType.Text)
+    private String password;
+    @Field(type = FieldType.Text)
+    private String role;
+    @Field(type = FieldType.Keyword)
+    private boolean enabled;
+
+    @Override
+    public Collection<? extends GrantedAuthority> getAuthorities() {
+        return List.of(new SimpleGrantedAuthority(role));
+    }
+
+    @Override
+    public boolean isAccountNonExpired() {
+        return true;
+    }
+
+    @Override
+    public boolean isAccountNonLocked() {
+        return true;
+    }
+
+    @Override
+    public boolean isCredentialsNonExpired() {
+        return true;
+    }
+}
+

userManagement/src/main/java/com/example/userManagement/repository/RoleRepository.java

+package com.example.userManagement.repository;
+
+
+import com.example.userManagement.entity.Role;
+import org.springframework.data.elasticsearch.repository.ElasticsearchRepository;
+import org.springframework.stereotype.Repository;
+
+
+@Repository
+public interface RoleRepository extends ElasticsearchRepository<Role,Integer> {
+
+}

userManagement/src/main/java/com/example/userManagement/repository/TokenRepository.java

+package com.example.userManagement.repository;
+
+import java.util.List;
+import java.util.Optional;
+
+import com.example.userManagement.entity.Token;
+import org.springframework.data.elasticsearch.repository.ElasticsearchRepository;
+
+public interface TokenRepository extends ElasticsearchRepository<Token, Integer> {
+
+  List<Token> findAllValidTokenByUser(String id);
+  Token findByUser(String user);
+  Optional<Token> findByToken(String token);
+}

userManagement/src/main/java/com/example/userManagement/repository/UserRepository.java

+package com.example.userManagement.repository;
+
+
+
+import com.example.userManagement.entity.User;
+import org.springframework.data.elasticsearch.repository.ElasticsearchRepository;
+import org.springframework.stereotype.Repository;
+
+@Repository
+public interface UserRepository extends ElasticsearchRepository<User,Integer> {
+    User findByUsername(String username);
+}
\ No newline at end of file

userManagement/src/main/java/com/example/userManagement/services/AuthenticationService.java

+package com.example.userManagement.services;
+
+import com.example.userManagement.entity.*;
+import com.example.userManagement.repository.TokenRepository;
+import com.example.userManagement.repository.UserRepository;
+import com.example.userManagement.util.TokenType;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import lombok.RequiredArgsConstructor;
+import org.apache.http.HttpHeaders;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.stereotype.Service;
+
+import java.io.IOException;
+
+@Service
+@RequiredArgsConstructor
+public class  AuthenticationService {
+  private final UserRepository repository;
+  private final TokenRepository tokenRepository;
+  private final PasswordEncoder passwordEncoder;
+  private final JwtService jwtService;
+
+  public AuthenticationResponse register(RegisterRequest request) {
+
+    var user = User.builder()
+            .username(request.getFirstname()+"."+request.getLastname())
+            .email(request.getEmail())
+            .password(passwordEncoder.encode(request.getPassword()))
+            .role(request.getRole()).build();
+
+
+    var savedUser = repository.save(user);
+    var jwtToken = jwtService.generateToken(user);
+    var refreshToken = jwtService.generateRefreshToken(user);
+    saveUserToken(savedUser, jwtToken);
+    return AuthenticationResponse.builder()
+        .accessToken(jwtToken)
+            .refreshToken(refreshToken)
+        .build();
+  }
+
+  public AuthenticationResponse authenticate(AuthenticationRequest request){
+
+    var user = repository.findByUsername(request.getUsername());
+    if (passwordEncoder.matches(request.getPassword(),user.getPassword())){
+      var jwtToken = jwtService.generateToken(user);
+    var refreshToken = jwtService.generateRefreshToken(user);
+      revokeAllUserTokens(user);
+      saveUserToken(user, jwtToken);
+      return AuthenticationResponse.builder()
+              .accessToken(jwtToken)
+            .refreshToken(refreshToken)
+              .build();
+    }
+    return AuthenticationResponse.builder().build();
+  }
+
+  private void saveUserToken(User user, String jwtToken) {
+    var token = Token.builder()
+        .user(user.getUsername())
+        .token(jwtToken)
+        .tokenType(TokenType.BEARER)
+        .expired(false)
+        .revoked(false)
+        .build();
+    tokenRepository.save(token);
+  }
+
+  private void revokeAllUserTokens(User user) {
+    var validUserTokens = tokenRepository.findAllValidTokenByUser(user.getId());
+    if (validUserTokens.isEmpty())
+      return;
+    validUserTokens.forEach(token -> {
+      token.setExpired(true);
+      token.setRevoked(true);
+    });
+    tokenRepository.saveAll(validUserTokens);
+  }
+
+  public void refreshToken(
+          HttpServletRequest request,
+          HttpServletResponse response
+  ) throws IOException {
+    final String authHeader = request.getHeader(HttpHeaders.AUTHORIZATION);
+    final String refreshToken;
+    final String username;
+    if (authHeader == null ||!authHeader.startsWith("Bearer ")) {
+      return;
+    }
+    refreshToken = authHeader.substring(7);
+    username = jwtService.extractUsername(refreshToken);
+    if (username != null) {
+      var user = this.repository.findByUsername(username);
+      if (jwtService.isTokenValid(refreshToken, user)) {
+        var accessToken = jwtService.generateToken(user);
+        revokeAllUserTokens(user);
+        saveUserToken(user, accessToken);
+        var authResponse = AuthenticationResponse.builder()
+                .accessToken(accessToken)
+                .refreshToken(refreshToken)
+                .build();
+        new ObjectMapper().writeValue(response.getOutputStream(), authResponse);
+      }
+    }
+  }
+}

userManagement/src/main/java/com/example/userManagement/services/JwtService.java

+package com.example.userManagement.services;
+
+
+import java.security.Key;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.function.Function;
+
+import com.example.userManagement.entity.Token;
+import com.example.userManagement.repository.TokenRepository;
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.SignatureAlgorithm;
+import io.jsonwebtoken.io.Decoders;
+import io.jsonwebtoken.security.Keys;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.data.elasticsearch.core.ElasticsearchOperations;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.stereotype.Service;
+
+@Service
+public class JwtService {
+
+  @Value("${application.security.jwt.secret-key}")
+  private String secretKey;
+  @Value("${application.security.jwt.expiration}")
+  private long jwtExpiration;
+  @Value("${application.security.jwt.refresh-token.expiration}")
+  private long refreshExpiration;
+  @Autowired
+  private TokenRepository tokenRepository;
+  public String extractUsername(String token) {
+    try {
+      return extractClaim(token, Claims::getSubject);
+    }catch (Exception e){
+      System.out.println("Token is not valid");
+      return "Token is not valid";
+    }
+
+  }
+
+  public <T> T extractClaim(String token, Function<Claims, T> claimsResolver) {
+    try {
+      final Claims claims = extractAllClaims(token);
+      return claimsResolver.apply(claims);
+    }catch (Exception e){
+    System.out.println("Token is not valid");
+    return null;
+  }
+  }
+
+  public String generateToken(UserDetails userDetails) {
+    Token token=tokenRepository.findByUser(userDetails.getUsername());
+    if(token!=null){
+      tokenRepository.delete(token);
+    }
+    return generateToken(new HashMap<>(), userDetails);
+  }
+
+  public String generateToken(
+      Map<String, Object> extraClaims,
+      UserDetails userDetails
+  ) {
+    return buildToken(extraClaims, userDetails, jwtExpiration);
+  }
+
+  public String generateRefreshToken(
+      UserDetails userDetails
+  ) {
+    return buildToken(new HashMap<>(), userDetails, refreshExpiration);
+  }
+
+  private String buildToken(
+          Map<String, Object> extraClaims,
+          UserDetails userDetails,
+          long expiration
+  ) {
+    return Jwts
+            .builder()
+            .setClaims(extraClaims)
+            .setSubject(userDetails.getUsername())
+            .setIssuedAt(new Date(System.currentTimeMillis()))
+            .setExpiration(new Date(System.currentTimeMillis() + expiration))
+            .signWith(SignatureAlgorithm.HS256, getSignInKey())
+            .compact();
+  }
+
+  public boolean isTokenValid(String token, UserDetails userDetails) {
+    try {
+      final String username = extractUsername(token);
+      return (username.equals(userDetails.getUsername())) && !isTokenExpired(token);
+    }catch (Exception e){
+    System.out.println("Token is not valid");
+    return false;
+  }
+  }
+
+  private boolean isTokenExpired(String token) {
+    return extractExpiration(token).before(new Date());
+  }
+
+  private Date extractExpiration(String token) {
+    try {
+      return extractClaim(token, Claims::getExpiration);
+    } catch (Exception e) {
+      System.out.println("Token is not valid");
+      return null;
+    }
+  }
+  private Claims extractAllClaims(String token) {
+    return Jwts.parser()
+        .setSigningKey(getSignInKey())
+        .parseClaimsJws(token)
+        .getBody();
+  }
+
+  private Key getSignInKey() {
+    byte[] keyBytes = Decoders.BASE64.decode(secretKey);
+    return Keys.hmacShaKeyFor(keyBytes);
+  }
+}

userManagement/src/main/java/com/example/userManagement/services/LogoutService.java

+package com.example.userManagement.services;
+
+import com.example.userManagement.repository.TokenRepository;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import lombok.RequiredArgsConstructor;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.web.authentication.logout.LogoutHandler;
+import org.springframework.stereotype.Service;
+
+@Service
+@RequiredArgsConstructor
+public class LogoutService implements LogoutHandler {
+
+  private final TokenRepository tokenRepository;
+
+  @Override
+  public void logout(
+      HttpServletRequest request,
+      HttpServletResponse response,
+      Authentication authentication
+  ) {
+    final String authHeader = request.getHeader("Authorization");
+    final String jwt;
+    if (authHeader == null ||!authHeader.startsWith("Bearer ")) {
+      return;
+    }
+    jwt = authHeader.substring(7);
+    var storedToken = tokenRepository.findByToken(jwt)
+        .orElse(null);
+    if (storedToken != null) {
+      storedToken.setExpired(true);
+      storedToken.setRevoked(true);
+      tokenRepository.save(storedToken);
+      SecurityContextHolder.clearContext();
+    }
+  }
+}

userManagement/src/main/java/com/example/userManagement/services/RoleService.java

+package com.example.userManagement.services;
+
+
+import com.example.userManagement.entity.Role;
+import com.example.userManagement.repository.RoleRepository;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+@Service
+public class RoleService {
+    @Autowired
+    private RoleRepository roleRepository;
+
+    private final Logger log = LoggerFactory.getLogger(RoleService.class);
+    public Iterable<Role> getRoles() {
+
+        try{
+            return roleRepository.findAll();
+        } catch (Exception e) {
+            log.error("Error getting data from Elastic", e);
+            return null;
+        }
+    }
+    public Role getRoleById(int id){
+        try {
+            return roleRepository.findById(id).orElse(null);
+        } catch (Exception e) {
+            log.error("Error getting data from Elastic", e);
+            return null;
+        }
+    }
+    public Role insertRole(Role  role) {
+        try {
+            roleRepository.save(role);
+
+            log.info("Data saved successfully in Elastic");
+            return role;
+        }
+        catch (Exception e) {
+            log.error("Error saving data in Elastic", e);
+        }
+        return null;
+    }
+
+    public Role updateRole(Role role, int id) {
+        Role role1  = roleRepository.findById(id).get();
+        role1.setRole(role.getRole());
+        return role1;
+    }
+
+    public boolean deleteRole(int id ) {
+        try {
+
+            roleRepository.deleteById(id);
+
+            log.info("Role deleted successfully in Elastic");
+            return true;
+        }
+        catch (Exception e) {
+            log.error("Error  deleting role in Elastic", e);
+        }
+        return false;
+    }
+}

userManagement/src/main/java/com/example/userManagement/services/UserService.java

+package com.example.userManagement.services;
+
+
+import com.example.userManagement.entity.User;
+import com.example.userManagement.repository.UserRepository;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+
+@Service
+public class UserService {
+
+    @Autowired
+    private UserRepository userRepository;
+
+    @Autowired
+    private RoleService roleService;
+    private final Logger log = LoggerFactory.getLogger(UserService.class);
+//    @Autowired
+//    private PasswordEncoder passwordEncoder;
+//    public void initUser() {
+//
+//        User adminUser = new User();
+//        adminUser.setUsername("reem1");
+//        adminUser.setRole("admin");
+//        adminUser.setEmail("reem1@123.com");
+//        adminUser.setEnabled(true);
+//        adminUser.setPassword(passwordEncoder.encode("admin@pass"));
+//        userRepository.save(adminUser);
+//
+//    }
+    public Iterable<User> getUsers() {
+
+        try{
+            return userRepository.findAll();
+        } catch (Exception e) {
+            log.error("Error getting data from Elastic", e);
+            return null;
+        }
+    }
+    public User getUserById(int id){
+        try{
+            return userRepository.findById(id).orElse(null);
+        } catch (Exception e) {
+            log.error("Error getting data from Elastic", e);
+            return null;
+        }
+    }
+    public User insertUser(final User user) {
+        try {
+            userRepository.save(user);
+
+            log.info("Data saved successfully in Elastic");
+            return user;
+        } catch (Exception e) {
+            log.error("Error saving data in Elastic", e);
+        }
+        return null;
+    }
+    public User updateUser(User user, int id) {
+        try {
+            User user1 = userRepository.findById(id).get();
+            user1.setUsername(user.getUsername());
+            user1.setEmail(user.getEmail());
+            user1.setPassword(
+//                passwordEncode.encode(
+                    user.getPassword()
+//                )
+            );
+            user1.setRole(user.getRole());
+            log.info("Data Updated successfully in Elastic");
+            return user1;
+        } catch (Exception e) {
+            log.error("Error Updating data in Elastic", e);
+        }
+        return null;
+
+    }
+
+    public boolean deleteUser(int id) {
+        try {
+
+            userRepository.deleteById(id);
+
+            log.info("User deleted successfully in Elastic");
+            return true;
+        }
+        catch (Exception e) {
+            log.error("Error  deleting data in Elastic", e);
+        }
+        return false;
+
+    }
+
+}

userManagement/src/main/java/com/example/userManagement/util/Indices.java

+package com.example.userManagement.util;
+
+public final class Indices {
+    public static final String USER_INDEX = "users";
+    public static final String ROLE_INDEX = "roles";
+    public static final String TOKEN_INDEX = "tokens";
+}
\ No newline at end of file

userManagement/src/main/java/com/example/userManagement/util/TokenType.java

+package com.example.userManagement.util;
+
+public enum TokenType {
+  BEARER
+}

userManagement/src/main/resources/application.properties

+server.port = 2007
+spring.data.elasticsearch.cluster-names=trapsService
+spring.data.elasticsearch.cluster-node=localhost:9200
+
+#for generate secret-key https://www.allkeysgenerator.com/
+application.security.jwt.secret-key: 452948404D6351665468576D5A7134743777217A25432A462D4A614E64526755
+application.security.jwt.expiration: 86400000 
+application.security.jwt.refresh-token.expiration: 604800000 
\ No newline at end of file

userManagement/src/main/resources/static/es-settings.json

+{
+  "index": {
+
+  }
+}
\ No newline at end of file

userManagement/src/main/resources/static/mapping/users.json

+{
+  "id": {
+    "type": "keyword"
+  },
+  "username": {
+    "type": "text"
+  },
+  "email": {
+    "type": "text"
+  },
+  "password": {
+    "type": "text"
+  },
+  "role": {
+    "type": "text"
+  }
+}
\ No newline at end of file

userManagement/src/test/java/com/example/userManagement/UserManagementApplicationTests.java

+package com.example.userManagement;
+
+import org.junit.jupiter.api.Test;
+import org.springframework.boot.test.context.SpringBootTest;
+
+@SpringBootTest
+class UserManagementApplicationTests {
+
+	@Test
+	void contextLoads() {
+	}
+
+}