DEV Community

Webtutsplus.com profile image KunalShekhar
KunalShekhar for Webtutsplus.com

Posted on • Edited on

Let’s Build Signup, SignIn, and Role-Based Access in Our E-Commerce App

An Overview Of The Tutorial!

Introduction

Database Design

API Design

Demo overview

Signup

Dealing with the Android Application

Our Intention

Requirements

Dependencies

Permissions

Creating Models

Updating the API

Creating Activities

The Main Page

Signing Up Users

Signing In Users

Constructing the Dashboard

Running the Application

Resources
Enter fullscreen mode Exit fullscreen mode

Introduction

This is a series of tutorials we are building to demonstrate how to build an E-Commerce App, one component at a time.

We are going to implement a basic authentication which will be extended to role-based access i.e. Admin can change anything, add new Users, a manager can only add/update Category and Products, users can only see the products and Category.

When users/admin sign in, we will generate an authentication token, which will be used to verify the users, when they are going to access an API later.

Database Design
Alt Text

We will have a user table and tokens table. For every user, when they signUp and sign in, we will generate a token, which will have an expiry date. After the expiry day has passed, we should generate a new token, although we will not cover it in the tutorial.

API Design

@PostMapping("/signup")
public ResponseDto Signup(@RequestBody SignupDto signupDto) throws CustomException {
return userService.signUp(signupDto);
}
//TODO token should be updated
@PostMapping("/signIn")
public SignInResponseDto Signup(@RequestBody SignInDto signInDto) throws CustomException {
return userService.signIn(signInDto);
}
view raw ecommerce-signup.java hosted with ❤ by GitHub



UserController will have two methods, Signup and SignIn, which will be POST requests.

Demo Overview

SignUp

Let's look at signUp API. It takes SignupDto as Input and returns True or False as output depending upon if SignUp succeeds.

package com.webtutsplus.ecommerce.dto.userDTOs;
public class SignupDto {
private String firstName;
private String lastName;
private String email;
private String password;
// Getters and setters
...
}
view raw ecommerce-SignupDto.java hosted with ❤ by GitHub

We follow these steps for signup 
1.Encrypt the password
2.Save the User
3.Generate auth token and save it in database
4.Return Success
Enter fullscreen mode Exit fullscreen mode
public ResponseDto signUp(SignupDto signupDto) throws CustomException {
// first encrypt the password
String encryptedPassword = signupDto.getPassword();
try {
encryptedPassword = hashPassword(signupDto.getPassword());
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
logger.error("hashing password failed {}", e.getMessage());
}
User user = new User(signupDto.getFirstName(), signupDto.getLastName(), signupDto.getEmail(), Role.user, encryptedPassword );
User createdUser;
try {
// save the User
createdUser = userRepository.save(user);
// generate token for user
final AuthenticationToken authenticationToken = new AuthenticationToken(createdUser);
// save token in database
authenticationService.saveConfirmationToken(authenticationToken);
// success in creating
return new ResponseDto(ResponseStatus.success.toString(), USER_CREATED);
} catch (Exception e) {
// handle signup error
throw new CustomException(e.getMessage());
}
}
view raw ecommer-user-service.java hosted with ❤ by GitHub

We will now look at models that are mapped as a table in the database

@Entity
@Table(name = "tokens")
public class AuthenticationToken {
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
private Integer id;
private String confirmationToken;
private Date createdDate;
@OneToOne(targetEntity = User.class, fetch = FetchType.EAGER)
@JoinColumn(nullable = false, name = "user_id")
private User user;
// getter setters
// contructors
}
view raw ecommerce-AuthenticationToken.java hosted with ❤ by GitHub

User and Tokens are linked by user_id field in tokens table, which has one to one relationship, i.e one user can have one token and vice versa.

User and Tokens are linked by user_id field in tokens table, which has one to one relationship, i.e one user can have one token and vice versa.

@Entity
@Table(name = "users")
public class User {
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
private Integer id;
@Column(name = "first_name")
private String firstName;
@Column(name = "last_name")
private String lastName;
@Column(name = "email")
private String email;
@Enumerated(EnumType.STRING)
@Column(name = "role")
private Role role;
@Column(name = "password")
private String password;
view raw ecommerce-user.java hosted with ❤ by GitHub

Top comments (0)

Read next

githubopensource profile image

Revolutionizing LLM Development: LangWatch - Your All-in-One LLM Ops Platform

GitHubOpenSource -

mikeyoung44 profile image

A beginner's guide to the Meta-Llama-3.1-405b-Instruct model by Meta on Replicate

Mike Young -

calvinceawitim profile image

Sleep Pattern Analysis using .NET MAUI Toolkit Range Column Chart

Calvince Moth -

mikeyoung44 profile image

AI Breakthrough Links Words to 3D Objects Without Training Examples

Mike Young -