- Implemented a new registration endpoint in AuthController to handle user sign-ups.
- Integrated AuthenticationService to save the user and create a corresponding HDFS directory for the user upon registration.
- Updated User entity to return the username instead of email in getUsername method.
- Rewrote AuthController to inject all dependencies via constructor
- Fixed token refresh/login logic and added rate limiter and blacklist support
- Implemented getters in LoginRequest DTO
- Updated User model to implement UserDetails and extend entity.User
- Switched HDFScontroller to use entity.User instead of models.User
- Rewrote HDFSConfig to include static getHDFS() method and secure config via env vars
- Simplified JwtService, added overload for entity.User, and fixed key handling
- Caffeine cache used to allow max 5 login attempts per minute.
- Login endpoint blocks IPs exceeding rate, returns 429 status.
- Failed attempts are reset after successful login or after 1 minute.
- POST /api/auth/login authenticates user and returns JWT token.
- POST /api/auth/logout is a placeholder (client deletes token).
- JwtService handles token creation and expiry validation.
Kshitij
