DEV Community: Abhishek Tiwari

🚀 Open Source Project: Introducing QueryCraftAI

Abhishek Tiwari — Thu, 23 Oct 2025 04:15:23 +0000

After gaining solid hands-on experience from my open-source project — Banking Portal REST API using Spring Boot & Spring Security — we’re now building a new open-source project, QueryCraftAI.
https://github.com/abhi9720/querycraft-ai

“Ever wished you could ask your database a question in plain English and get an instant, accurate SQL query?”

QueryCraftAI is here to make that a reality. This open-source, AI-powered tool bridges the gap between complex databases and natural human language, enabling users—from developers to non-technical stakeholders—to interact with data effortlessly.

🧠 How It Works: The Power of AI Agents

QueryCraftAI operates through a modular, agent-based architecture, each agent specializing in a specific task to ensure accuracy and efficiency. Here’s a simplified breakdown:

User Input: A user submits a natural language query, e.g., “Show me the total revenue from customers in New York.”
Intent Classification (IntentAgent): Determines the user’s primary intent—whether it’s a direct question, a request for data modification, etc.
Table Identification (TableIdentificationAgent): Utilizes vector-based retrieval to identify the most relevant tables from the database schema.
Schema Pruning (ColumnPruneAgent): Narrows down the schema by selecting only the columns pertinent to the user’s query.
SQL Generation (SQLAgent): Employs a Large Language Model (LLM) to generate the SQL query based on the pruned schema and user input.
Query Explanation (QueryExplanationAgent): Provides a step-by-step breakdown of the generated SQL query for transparency and educational purposes.
Orchestration (OrchestratorAgent): Manages the entire workflow, ensuring each agent performs its task in sequence and the final response is correctly assembled.

🎨 Visualizing the Process

To enhance understanding, here’s a visual representation of the QueryCraftAI architecture:

🖥 Working Screenshots

1. Chat Interface in Action
Show how a user can type a natural language query and get instant results:

Example: A user asks “Show me total revenue from New York customers” and gets the SQL query and explanation instantly.

2. Generated SQL Query

Highlight the output from the system:

QueryCraftAI not only generates SQL but explains it step by step.

💡 Why It Matters

QueryCraftAI democratizes data access by allowing users to interact with databases using natural language. Key benefits include:

Empowering Non-Technical Users: Enables individuals without SQL knowledge to retrieve and understand data independently.
Boosting Developer Productivity: Automates the generation of complex SQL queries, allowing developers to focus on core application logic.
Enhancing Data Literacy: Provides clear explanations of SQL queries, aiding in the learning process for those unfamiliar with SQL.

🔮 Looking Ahead

The future of QueryCraftAI includes:

Support for Multiple SQL Dialects: Expanding compatibility to include PostgreSQL, MySQL, and more.
Data Visualization Integration: Automatically generating charts and graphs to visualize query results.
Query History & Saving: Allowing users to save and reuse frequently asked queries.
Integration with BI Tools: Building connectors for platforms like Metabase, Superset, and Tableau.
Advanced Data Context Understanding: Teaching the agent to comprehend complex business logic and metrics beyond the schema.

🌐 Join the QueryCraftAI Journey

QueryCraftAI is more than just a tool; it’s a step towards a future where data is truly accessible to everyone.

At this early stage, the project repository is private to ensure quality and focus. However, we are actively looking for motivated individuals who are passionate about AI, databases, and building tools that empower users to interact with data seamlessly.

If you’re interested in contributing, testing, or exploring the project, please reach out directly. Access will be granted to those genuinely motivated to help shape the future of QueryCraftAI.

You can connect via:
👉🏻 LinkedIn: https://www.linkedin.com/in/abhi9720
👉🏻 Email: abhishek.nitmn@gmail.com
👉🏻 GitHub: https://github.com/abhi9720

Simplified Guide to JWT Authentication with Spring Boot 🔐

Abhishek Tiwari — Fri, 04 Aug 2023 09:31:28 +0000

Introduction:

Securing your applications is paramount in today's digital landscape. One robust approach is JWT (JSON Web Token) authentication. It offers a secure way to verify user identities. In this guide, we will walk through implementing JWT authentication in a Spring Boot app, using a simplified yet effective methodology. We'll cover controllers, services, configurations, and repositories, ensuring you're well-equipped to enhance your app's security.

🚀 Step 1: Setting Up Your Spring Boot Project
Begin by creating a new Spring Boot project or utilizing an existing one. Expedite the process by using Spring Initializr, which sets up essential dependencies like Spring Web, Spring Security, and Spring Data JPA.

<!-- Include necessary dependencies in your pom.xml file -->
<dependencies>
    <!-- Spring Web for creating web APIs -->
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-web</artifactId>
    </dependency>
    <!-- Spring Security for robust authentication and authorization -->
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-security</artifactId>
    </dependency>
    <!-- Spring Data JPA for streamlined database interactions -->
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-data-jpa</artifactId>
    </dependency>
   <dependency>
    <groupId>io.jsonwebtoken</groupId>
    <artifactId>jjwt</artifactId>
    <version>0.9.1</version>
  </dependency>
    <!-- Other dependencies... -->
</dependencies>

📦 Step 2: Crafting User Entity and Repository
Design a User class encompassing attributes like id, username, and password. Develop a UserRepository interface to facilitate smooth user data management.

@Entity
public class User {
    @Id
    @GeneratedValue(strategy = GenerationType.IDENTITY)
    private Long id;
    private String username;
    private String password;
    // Getters, setters...
}

public interface UserRepository extends JpaRepository<User, Long> {
    User findByUsername(String username);
}

🔒 Step 3: Configuring Spring Security
Create a SecurityConfig class extending WebSecurityConfigurerAdapter. Override configure(HttpSecurity http) to establish security rules and manage JWT authentication.

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Autowired
    private UserDetailsService userDetailsService;

    @Autowired
    private JwtUtil jwtUtil;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable()
            .authorizeRequests()
                .antMatchers("/api/auth/**").permitAll()
                .anyRequest().authenticated()
            .and()
            .addFilter(new JwtAuthenticationFilter(authenticationManager(), jwtUtil))
            .addFilter(new JwtAuthorizationFilter(authenticationManager(), jwtUtil, userDetailsService));
    }

    // Additional configurations...
}

👤 Step 4: Implementing UserService
Develop a UserService interface with methods to load a user by username and save a new user. Implement UserDetailsService to retrieve user details from the database.

@Service
public interface UserService extends UserDetailsService {
    UserDetails loadUserByUsername(String username);
    void saveUser(User user);
}

@Service
public class UserServiceImpl implements UserService {
    @Autowired
    private UserRepository userRepository;

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        User user = userRepository.findByUsername(username);
        if (user == null) {
            throw new UsernameNotFoundException("User not found: " + username);
        }
        return new org.springframework.security.core.userdetails.User(
            user.getUsername(),
            user.getPassword(),
            new ArrayList<>()
        );
    }

    @Override
    public void saveUser(User user) {
        userRepository.save(user);
    }
}

🔐 Step 5: Generating and Validating JWT Tokens
Create a JwtUtil class to generate and validate JWT tokens.

import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import org.springframework.stereotype.Component;

import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import java.util.function.Function;

@Component
public class JwtUtil {
    private final String SECRET = "your-secret-key"; // Replace with a secure secret key
    private final long EXPIRATION_TIME = 900_000; // 15 minutes

    public String extractUsername(String token) {
        return extractClaim(token, Claims::getSubject);
    }

    public Date extractExpiration(String token) {
        return extractClaim(token, Claims::getExpiration);
    }

    public <T> T extractClaim(String token, Function<Claims, T> claimsResolver) {
        final Claims claims = extractAllClaims(token);
        return claimsResolver.apply(claims);
    }

    private Claims extractAllClaims(String token) {
        return Jwts.parser().setSigningKey(SECRET).parseClaimsJws(token).getBody();
    }

    public String generateToken(String username) {
        Map<String, Object> claims = new HashMap<>();
        return createToken(claims, username);
    }

    private String createToken(Map<String, Object> claims, String subject) {
        return Jwts.builder()
                .setClaims(claims)
                .setSubject(subject)
                .setIssuedAt(new Date(System.currentTimeMillis()))
                .setExpiration(new Date(System.currentTimeMillis() + EXPIRATION_TIME))
                .signWith(SignatureAlgorithm.HS256, SECRET)
                .compact();
    }

    public boolean isTokenExpired(String token) {
        return extractExpiration(token).before(new Date());
    }

    public boolean validateToken(String token, UserDetails userDetails) {
        final String username = extractUsername(token);
        return (username.equals(userDetails.getUsername()) && !isTokenExpired(token));
    }

    // Additional utility methods...
}

🔑 Step 6: Authentication Controller
Design an AuthController class to handle user registration and authentication.

@RestController
@RequestMapping("/api/auth")
public class AuthController {
    @Autowired
    private AuthenticationManager authenticationManager;

    @Autowired
    private UserService userService;

    @Autowired
    private JwtUtil jwtUtil;

    @PostMapping("/register")
    public ResponseEntity<String> registerUser(@RequestBody User user) {
        userService.saveUser(user);
        return ResponseEntity.ok("User registered successfully!");
    }

    @PostMapping("/login")
    public ResponseEntity<String> loginUser(@RequestBody AuthenticationRequest request) {
        try {
            authenticationManager.authenticate(
                new UsernamePasswordAuthenticationToken(request.getUsername(), request.getPassword())
            );
        } catch (BadCredentialsException e) {
            return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("Invalid username or password");
        }

        UserDetails userDetails = userService.loadUserByUsername(request.getUsername());
        String token = jwtUtil.generateToken(userDetails);

        return ResponseEntity.ok(token);
    }
}

🔍 Step 7: Implementing JwtAuthenticationFilter
Create a JwtAuthenticationFilter class to handle JWT authentication and authorization for each request.

@Component
public class JwtAuthenticationFilter extends OncePerRequestFilter {
    @Autowired
    private UserDetailsService userDetailsService;

    @Autowired
    private JwtUtil jwtTokenUtil;

    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
            throws ServletException, IOException {
        final String authorizationHeader = request.getHeader("Authorization");

        String username = null;
        String jwtToken = null;

        if (authorizationHeader != null && authorizationHeader.startsWith("Bearer ")) {
            jwtToken = authorizationHeader.substring(7);
            try {
                username = jwtTokenUtil.extractUsername(jwtToken);
            } catch (Exception e) {
                // Handle token extraction/validation errors
                System.out.println("Error extracting username from token: " + e.getMessage());
            }
        }

        if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) {
            UserDetails userDetails = userDetailsService.loadUserByUsername(username);

            if (jwtTokenUtil.validateToken(jwtToken, userDetails)) {
                UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(
                        userDetails, null, userDetails.getAuthorities());

                authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));

                SecurityContextHolder.getContext().setAuthentication(authenticationToken);
            }
        }

        filterChain.doFilter(request, response);
    }
}

🌟 Conclusion
You've successfully implemented JWT authentication in your Spring Boot app! 🎉 Your application now boasts heightened security, ensuring only authorized users access sensitive resources. Remember, security is an ongoing journey, so keep yourself informed about best practices and continuously enhance your app's defenses. Happy coding and stay secure! 🔒🔐

Smooth Sailing with Angular Forms: A Beginner's Odyssey ⛵️

Abhishek Tiwari — Fri, 04 Aug 2023 08:32:55 +0000

I Ahoy, brave sailors of the Angular seas! Are you ready to embark on an exciting journey into the world of forms? In this beginner-friendly tutorial, we'll guide you through the process of creating interactive forms using Angular's Template-Driven and Reactive Forms. By the end of this voyage, you'll be equipped with the knowledge and skills to build stunning and user-friendly forms in your Angular applications. So, let's raise the sails and set course for exploration!

Form Approach	Advantages
Template-Driven Forms	Easier setup for simple forms; Suitable for beginners; Less code for basic scenarios
Reactive Forms	Flexible and ideal for complex forms; Precise control over form elements; Dynamic interactions

Setting Sail: Anchoring Your Project 🚀

To start our adventure, we need a solid foundation. Let's create a new Angular project and generate a component to serve as the centerpiece of our forms exploration:

ng new AngularFormsAdventure
cd AngularFormsAdventure
ng generate component form-adventure

Navigating the Shores of Template-Driven Forms ⛵️

Imagine gliding through calm waters, guided by a trusty map. That's the feeling of using Angular's Template-Driven Forms – they simplify form creation by automatically synchronizing form controls with our template. Let's set up a basic form with three fields: name, email, and password.

form-adventure.component.html:

<form #form="ngForm" (ngSubmit)="submitForm(form)">
  <label>Name:</label>
  <input type="text" name="name" ngModel required>

  <label>Email:</label>
  <input type="email" name="email" ngModel required email>

  <label>Password:</label>
  <input type="password" name="password" ngModel required>

  <button type="submit">Set Sail</button>
</form>

form-adventure.component.ts:

import { Component } from '@angular/core';
import { NgForm } from '@angular/forms';

@Component({
  selector: 'app-form-adventure',
  templateUrl: './form-adventure.component.html',
  styleUrls: ['./form-adventure.component.css']
})
export class FormAdventureComponent {
  submitForm(form: NgForm) {
    if (form.valid) {
      console.log(form.value);
    }
  }
}

Steadying the Ship with Reactive Forms 🌊

Reactive Forms provide a more flexible and robust way to handle forms in Angular. Think of it as steering a ship with precise control. Let's equip our vessel for this journey.

app.module.ts:

import { NgModule } from '@angular/core';
import { BrowserModule } from '@angular/platform-browser';
import { FormsModule, ReactiveFormsModule } from '@angular/forms'; // Don't forget to import FormsModule and ReactiveFormsModule

import { AppComponent } from './app.component';
import { FormAdventureComponent } from './form-adventure/form-adventure.component';

@NgModule({
  declarations: [
    AppComponent,
    FormAdventureComponent
  ],
  imports: [
    BrowserModule,
    FormsModule, // Add FormsModule here
    ReactiveFormsModule, // Add ReactiveFormsModule here for reactive form
  ],
  providers: [],
  bootstrap: [AppComponent]
})
export class AppModule { }

form-adventure.component.ts:

import { FormBuilder, FormGroup, Validators } from '@angular/forms';

@Component({
  // ...
})
export class FormAdventureComponent implements OnInit {
  form: FormGroup;

  constructor(private fb: FormBuilder) { }

  ngOnInit(): void {
    this.form = this.fb.group({
      name: ['', [Validators.required]],
      email: ['', [Validators.required, Validators.email]],
      password: ['', [Validators.required]],
    });
  }

  submitForm() {
    if (this.form.valid) {
      console.log(this.form.value);
    }
  }
}

Setting Sail: Anchoring Your Project ⚓️

With our sails raised, it's time to navigate the waters of form submission. As the intrepid captain, you'll lead the way:

// form-adventure.component.ts
submitForm() {
  if (this.form.valid) {
    console.log(this.form.value);
  }
}

Navigating the Storm: Handling Errors 🌦️

Every sailor faces rough seas, and in our case, these are errors in form fields. Angular offers an elegant way to handle these errors and display user-friendly messages.

form-adventure.component.html:

<!-- Inside the form -->
<label>Name:</label>
<input type="text" name="name" ngModel required>
<div *ngIf="form.controls['name'].hasError('required')" class="error">Name is required!</div>

<!-- Similar blocks for other fields -->

Navigating Uncharted Waters: Custom Validation 🛡️

To ensure the security of our ship, we'll implement custom validation for the password field. This ensures that the password is strong and meets specific criteria.

form-adventure.component.ts:

import { FormBuilder, FormGroup, Validators, AbstractControl } from '@angular/forms';

function strongPasswordValidator(control: AbstractControl): { [key: string]: boolean } | null {
  const value: string = control.value;

  // Check if the password is strong
  if (!/(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.{8,})/.test(value)) {
    return { 'strongPassword': true };
  }

  return null;
}

@Component({
  // ...
})
export class FormAdventureComponent implements OnInit {
  // ... Existing code ...

  ngOnInit(): void {
    this.form = this.fb.group({
      // ... Existing fields ...
      password: ['', [Validators.required, strongPasswordValidator]],
    });
  }

  // ... Existing code ...
}

Final Thoughts: Charting Your Angular Course 🗺️

Congratulations, intrepid explorer! With newfound knowledge of Angular's forms, you're ready to embark on your form-building quests. Every line of code is a step toward mastering forms, whether you choose Template-Driven or Reactive Forms. Embrace challenges, celebrate successes, and let your Angular journey be legendary! 🚢🌟 Set forth, fellow adventurer. May your code be bug-free, forms delightful, and your passion unquenchable. Smooth seas and clear skies await! 🌊⚡️

Spring Boot + MySQL + Spring Data JPA: A Beginner's Guide to REST API CRUD Operations

Abhishek Tiwari — Mon, 31 Jul 2023 16:11:32 +0000

Introduction:

In the world of modern web development, creating robust and scalable APIs is a fundamental task. Spring Boot, a powerful framework built on top of the Spring framework, makes it easier for developers to develop production-ready applications quickly.

In this blog, we will use service layer to handle business logic and interact with the repository. This approach promotes separation of concerns and enhances the maintainability and testability of the codebase. We will walk through the step-by-step process of setting up the development environment, configuring the MySQL database, creating the service layer, defining the application properties, and testing the API endpoints with sample code.

Spring Boot Project High-level Architecture Diagram:

The high-level architecture diagram depicts the flow of data and interactions within the Spring Boot application. It illustrates how frontend UI/Postman communicates with the Spring Boot API, which further coordinates with the service layer and Spring Data JPA to perform CRUD operations on the MySQL database.

Prerequisites:

Basic understanding of Java and Spring Boot.
Familiarity with MySQL database and SQL queries.
Java Development Kit (JDK) installed (version 8 or higher).
An Integrated Development Environment (IDE) like IntelliJ or Eclipse.

Step 1: Setting up the Project

Let's begin by creating a new Spring Boot project:

Go to Spring Initializr (https://start.spring.io/) or use the IDE's project creation wizard to create a new Spring Boot project.
Add the required dependencies:
- Spring Web: Provides the necessary components for building web applications.
- Spring Data JPA: Simplifies database access using JPA (Java Persistence API).
- MySQL Driver: Allows Spring Boot to communicate with the MySQL database.
Generate the project and import it into your IDE.

Step 2: Database Configuration

Now, let's configure the database to store our data. In this example, we will use MySQL:

Install MySQL on your local machine if you haven't already. You can download it from the official website: https://dev.mysql.com/downloads/installer/.
Create a new database and a table to store our data. You can use a MySQL client like phpMyAdmin or MySQL Workbench to create the database and table. For this example, let's create a table called "users" with columns "id," "name," and "email."

Step 3: Creating the Entity

In Spring Boot, an entity represents a table in the database. Let's create an entity class representing our "users" table:

// User.java
import javax.persistence.*;

@Entity
@Table(name = "users")
public class User {

    @Id
    @GeneratedValue(strategy = GenerationType.IDENTITY)
    private Long id;

    private String name;

    private String email;

    // Getters and setters 
}

Step 4: Defining Application Properties

The application.properties (or application.yml) file allows us to configure various properties for our Spring Boot application, including database connection settings:

Create an "application.properties" file in the "src/main/resources" folder and add the following configuration:

# Database Configuration
spring.datasource.url=jdbc:mysql://localhost:3306/your_database_name
spring.datasource.username=your_database_username
spring.datasource.password=your_database_password
spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver

# Hibernate Configuration
spring.jpa.hibernate.ddl-auto=update
spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MySQL8Dialect

Ensure you replace "your_database_name," "your_database_username," and "your_database_password" with your actual MySQL database credentials.

Step 5: Creating the Repository

The repository interface provides the basic CRUD operations for our entity. Spring Data JPA automatically implements these operations for us:

// UserRepository.java
import org.springframework.data.jpa.repository.JpaRepository;

public interface UserRepository extends JpaRepository<User, Long> {

}

Step 6: Implementing the Service Layer

The service layer contains the business logic and coordinates with the repository to perform database operations. Let's create the service class for our API:

// UserService.java
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;

import java.util.List;

@Service
public class UserService {

    @Autowired
    private UserRepository userRepository;

    public User createUser(User user) {
        return userRepository.save(user);
    }

    public List<User> getAllUsers() {
        return userRepository.findAll();
    }

    public User getUserById(Long id) {
        return userRepository.findById(id).orElse(null);
    }

    public User updateUser(Long id, User user) {
        user.setId(id);
        return userRepository.save(user);
    }

    public void deleteUser(Long id) {
        userRepository.deleteById(id);
    }
}

Step 7: Creating the Controller

The controller handles HTTP requests and invokes the service methods. It remains unchanged from the previous blog:

// UserController.java
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;

import java.util.List;

@RestController
@RequestMapping("/api/users")
public class UserController {

    @Autowired
    private UserService userService;

    @PostMapping
    public User createUser(@RequestBody User user) {
        return userService.createUser(user);
    }

    @GetMapping
    public List<User> getAllUsers() {
        return userService.getAllUsers();
    }

    @GetMapping("/{id}")
    public User getUserById(@PathVariable Long id) {
        return userService.getUserById(id);
    }

    @PutMapping("/{id}")
    public User updateUser(@PathVariable Long id, @RequestBody User user) {
        return userService.updateUser(id, user);
    }

    @DeleteMapping("/{id}")
    public void deleteUser(@PathVariable Long id) {
        userService.deleteUser(id);
    }
}

Step 8: Running the Application

Now that we have implemented the service layer, let's run the Spring Boot application:

Build the project using your IDE's build tools.
Run the Spring Boot application.
The application should start, and you should see log messages indicating a successful startup.

Step 9: Testing the API Endpoints

To test the API endpoints, we can use tools like Postman or cURL. Let's test each CRUD operation:

Create a new user:

-   Endpoint: POST  [http://localhost:8080/api/users](http://localhost:8080/api/users)
-   Request Body: { "name": "John Doe", "email": "[john@example.com](mailto:john@example.com)" }

Get all users:

-   Endpoint: GET  [http://localhost:8080/api/users](http://localhost:8080/api/users)

Get a user by ID:

-   Endpoint: GET  [http://localhost:8080/api/users/1](http://localhost:8080/api/users/1)

Update a user:

-   Endpoint: PUT  [http://localhost:8080/api/users/1](http://localhost:8080/api/users/1)
-   Request Body: { "name": "Updated Name", "email": "[updated@example.com](mailto:updated@example.com)" }

Delete a user:

-   Endpoint: DELETE  [http://localhost:8080/api/users/1](http://localhost:8080/api/users/1)

Spring Boot Asynchronous OTP Generation and Email Sending

Abhishek Tiwari — Sun, 30 Jul 2023 13:12:22 +0000

In modern web applications, security is of paramount importance. One-time passwords (OTPs) are widely used for secure user authentication and transaction verification. However, generating OTPs and sending them via email can be a time-consuming process, potentially affecting the responsiveness of your application. To address this, we will learn how to implement asynchronous OTP generation and email sending in a Spring Boot application.

By using CompletableFuture and the @Async annotation, we can achieve non-blocking behavior, allowing our application to handle other tasks while generating OTPs and sending emails in the background.

Prerequisites:

Basic knowledge of Java and Spring Boot.
A working Spring Boot project with a configured JavaMailSender for sending emails.
An understanding of RESTful APIs and Spring controllers.

This is blog is part of this Banking Portal Api https://github.com/abhi9720/BankingPortal-API/

1. Project Setup: Before we begin, make sure you have set up a Spring Boot project and have a basic understanding of Spring Boot configurations.

2. Implementing Asynchronous OTP Generation: In this step, we will create a service class responsible for OTP generation and database operations.

Creating the OTPService Interface:

public interface OTPService {
    String generateOTP(String accountNumber);
    CompletableFuture<Boolean> sendOTPByEmail(String email, String name, String accountNumber, String otp);
    boolean validateOTP(String accountNumber, String otp);
}

Implementing the OTPServiceImpl Class:

@Service
public class OTPServiceImpl implements OTPService {

    @Autowired
     private EmailService emailService;

    @Override
    public String generateOTP(String accountNumber) {
      Random random = new Random();
      int otpValue = 100_000 + random.nextInt(900_000);
      String otp = String.valueOf(otpValue);

      // Save the new OTP information in the database
      OtpInfo otpInfo = new OtpInfo();
      otpInfo.setAccountNumber(accountNumber);
      otpInfo.setOtp(otp);
      otpInfo.setGeneratedAt(LocalDateTime.now());
      otpInfoRepository.save(otpInfo);
      return otp;
 }

    @Override
    @Async
    public CompletableFuture<Boolean> sendOTPByEmail(String email, String name, String accountNumber, String otp) {
        // Compose the email content
        String subject = "OTP Verification";
        String emailText = emailService.getOtpLoginEmailTemplate(name, "xxx" + accountNumber.substring(3), otp);

        CompletableFuture<Void> emailSendingFuture = emailService.sendEmail(email, subject, emailText);

        return emailSendingFuture.thenApplyAsync(result -> true)
                                .exceptionally(ex -> {
                                    ex.printStackTrace();
                                    return false;
                                });
    }


  // ... Other Code 
}

Configuring Asynchronous Execution: Ensure that the @EnableAsync annotation is present in your main application class to enable asynchronous processing.

@ SpringBootApplication 
@ EnableAsync 
public class YourApplication { 
  // Application setup and configuration code // ... 
}

3. Sending OTP via Email Asynchronously: Now, let’s focus on the implementation of the EmailService responsible for sending emails.

Creating the EmailService Interface:

public interface EmailService {
    public CompletableFuture<Void> sendEmail(String to, String subject, String text);
    public String getOtpLoginEmailTemplate(String name,String accountNumber, String otp) ;
}
Implementing the EmailServiceImpl Class:
@Service
public class EmailServiceImpl implements EmailService {

      private final JavaMailSender mailSender;

     @Autowired
     public EmailServiceImpl(JavaMailSender mailSender) {
         this.mailSender = mailSender;
     }

     @Override
     @Async
     public CompletableFuture<Void> sendEmail(String to, String subject, String text) {
         CompletableFuture<Void> future = new CompletableFuture<>();

         try {
             MimeMessage message = mailSender.createMimeMessage();
             MimeMessageHelper helper = new MimeMessageHelper(message, true);
             helper.setTo(to);
             // No need to set the "from" address; it is automatically set by Spring Boot based on your properties
             helper.setSubject(subject);
             helper.setText(text, true); // Set the second parameter to true to send HTML content
             mailSender.send(message);

             future.complete(null); // Indicate that the email sending is successful
         } catch (MessagingException e) {
             e.printStackTrace();
             future.completeExceptionally(e); // Indicate that the email sending failed
         }

         return future;
     }

     @Override
     public String getOtpLoginEmailTemplate(String name, String accountNumber, String otp) {
         // Create the formatted email template with the provided values
         String emailTemplate = "<div style=\"font-family: Helvetica,Arial,sans-serif;min-width:1000px;overflow:auto;line-height:2\">"
                 + "<div style=\"margin:50px auto;width:70%;padding:20px 0\">"
                 + "<div style=\"border-bottom:1px solid #eee\">"
                 + "<a href=\"https://piggybank.netlify.app/\" style=\"font-size:1.4em;color: #00466a;text-decoration:none;font-weight:600\">piggybank</a>"
                 + "</div>"
                 + "<p style=\"font-size:1.1em\">Hi, " + name + "</p>"
                 + "<p style=\"font-size:0.9em;\">Account Number: " + accountNumber + "</p>"
                 + "<p>Thank you for choosing OneStopBank. Use the following OTP to complete your Log In procedures. OTP is valid for 5 minutes</p>"
                 + "<h2 style=\"background: #00466a;margin: 0 auto;width: max-content;padding: 0 10px;color: #fff;border-radius: 4px;\">" + otp + "</h2>"
                 + "<p style=\"font-size:0.9em;\">Regards,<br />OneStopBank</p>"
                 + "<hr style=\"border:none;border-top:1px solid #eee\" />"
                 + "<p>piggybank Inc</p>"
                 + "<p>1600 Amphitheatre Parkway</p>"
                 + "<p>California</p>"
                 + "</div>"
                 + "</div>";

         return emailTemplate;
     }
}

// application.properties
spring.mail.host=smtp.gmail.com
spring.mail.port=587
spring.mail.username=example@gmail.com
spring.mail.password=xxxxxxxxxxxxxxxx
spring.mail.properties.mail.smtp.auth=true
spring.mail.properties.mail.smtp.starttls.enable=true

4. Creating the RESTful API: Now, let’s create a RESTful API to demonstrate the asynchronous OTP generation and email sending process.

// DTO For Receving OTP request
public class OtpRequest {
    private String accountNumber;

 public String getAccountNumber() {
  return accountNumber;
 }

 public void setAccountNumber(String accountNumber) {
  this.accountNumber = accountNumber;
 }


}

@RestController
public class OTPController {

    @Autowired
    private OTPService otpService;

    @PostMapping("/generate-otp")
    public ResponseEntity<?> generateOtp(@RequestBody OtpRequest otpRequest) {
        String accountNumber = otpRequest.getAccountNumber();

        // Fetch the user by account number to get the associated email
        User user = userService.getUserByAccountNumber(accountNumber);
        if (user == null) {
            return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("User not found for the given account number");
        }

        // Generate OTP and save it in the database
        String otp = otpService.generateOTP(accountNumber);

        // Send the OTP to the user's email address asynchronously
        CompletableFuture<Boolean> emailSendingFuture = otpService.sendOTPByEmail(user.getEmail(), user.getName(), accountNumber, otp);

        // Wait for the email sending process to complete and handle the response
        try {
            boolean otpSent = emailSendingFuture.get(); // This will block until the email sending is complete

            if (otpSent) {
                // Return JSON response with success message
                return ResponseEntity.ok().body("{\"message\": \"OTP sent successfully\"}");
            } else {
                // Return JSON response with error message
                return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body("{\"message\": \"Failed to send OTP\"}");
            }
        } catch (InterruptedException | ExecutionException e) {
            e.printStackTrace();
            // Return JSON response with error message
            return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body("{\"message\": \"Failed to send OTP\"}");
        }
    }
}

5. Testing the Asynchronous OTP Generation and Email Sending: Now that we have implemented the API, you can use tools like Postman to send a POST request to/generate-otp with the required data. The API will return a response indicating the status of the OTP generation and email sending.

For Any Reference Checkout this repo : https://github.com/abhi9720/BankingPortal-API/

Open-Source Project: Banking Portal Rest API Using Spring Boot & Spring Security

Abhishek Tiwari — Mon, 24 Jul 2023 06:38:17 +0000

Introduction

In this tutorial, we will walk you through the process of building a sophisticated Banking Portal API using Spring Boot. The API will provide essential functionalities for a banking application, including user registration, authentication, PIN management, and financial transactions. We'll also focus on security and data management best practices.

Prerequisites

To follow along with this tutorial, you should have:

Basic knowledge of Java and the Spring Framework.
A code editor of your choice (e.g., VSCode, IntelliJ IDEA, Eclipse).
Postman (or a similar tool) for testing API endpoints.
A MySQL database or any other relational database.

Overview

Our objective is to create a powerful Banking Portal API that acts as a reliable backend for banking applications and financial services platforms. This API empowers users to execute essential banking operations, including account registration, login, PIN management, cash deposits, withdrawals, and fund transfers between accounts.

Technologies Used

We will use the following technologies and tools for building the API:

Spring Boot: For rapid development and easy project setup.
Spring Security: To handle user authentication and authorization.
JSON Web Tokens (JWT): For secure user authentication and token-based authorization.
MySQL Database: To store user and transaction data.

Key Features of the Banking Portal API

1. User Registration and Account Creation

Allow users to register for an account by providing their name, email, address, and other necessary details. Upon successful registration, an associated account with a unique account number and balance will be created for the user.

2. User Authentication with JWT

Secure user authentication using JSON Web Tokens (JWT). Users can log in with their account number and password, and upon successful login, they will receive a JWT token to authenticate future API requests.

3. PIN Management

Enhance security with a PIN management system. Users can create and update their PINs for additional verification during financial transactions and account access.

4. Cash Deposit

Allow users to deposit money into their accounts securely. The API will update the account balance and record the transaction history.

5. Cash Withdrawal

Enable users to withdraw money from their accounts, ensuring sufficient balance and updating the account balance and transaction history accordingly.

6. Fund Transfer

Facilitate fund transfers between accounts. Users can transfer money from their accounts to other accounts securely, updating account balances, and recording transaction histories for both sender and receiver.

7. Error Handling

Implement custom exception handling to gracefully manage various error scenarios, providing appropriate HTTP status codes and error messages to clients.

8. Token-Based Authorization

Token-based authorization using JWT ensures secure communication between the client and the server, preventing unauthorized access to sensitive operations.

Resources

GitHub Repository: BankingPortal-API
Wiki Documentation: API Documentation

The Banking Portal API article is just one piece of the puzzle. In forthcoming articles, we will dive deep into the project's architecture, discussing the various components, design patterns, and principles that we incorporated to ensure scalability, maintainability, and security. Understanding the underlying architecture will empower you to create your APIs that meet industry standards.

Support this article by your reaction ❤️🦄🔖
Put your comment to let know your view on this project