update README.md

README.md

@@ -1,6 +1,65 @@
-# auth-service
+# Auth Service
 
-Generic authentication service using spring boot security.
+This is a basic authentication service providing user registration, authentication (login), and authorization checks. The service is built using Spring Boot and is intended to be integrated as a backend module in larger systems.
 
-### Requirements
-Java 21 or newer
+## Endpoints
+
+All endpoints are prefixed with `/api`.
+
+### `POST /api/register`
+
+**Registers a new user.**
+
+- **Request Body**:
+  ```json
+  {
+    "username": "imusername",
+    "password": "supersecret123"
+  }
+- **Response (201 CREATED)**
+  ```json
+  {
+    "id": "a435bf57-f4b8-6j3h-g362-a5adbffd6fft",
+    "username": "imusername",
+    "token": "eyJhbGciOiJIUzI1NiJ4.eyJzdWIiOiJkYm3ocnkiLCJleHAiOjE3NDcwNTA4NTcsImlhdCI6MTc0Njg3ODE1NywiYXV0aG9yaXRpZXMiOlsiQURNSU4iLCJVU0VSIl19.PRcIp7Jds65ScSSxBgzLFImP4BF5LcAHYAx7Q1y7ij5",
+    "expirationDate": "2025-05-12T11:55:57.349Z",
+    "roles": [
+        "USER"
+    ]
+}
+
+### `POST /api/authenticate`
+
+**Authenticates an existing user and returns a JWT token.**
+
+- **Request Body**:
+  ```json
+  {
+    "username": "imusername",
+    "password": "supersecret123"
+  }
+- **Response (200 OK)**
+  ```json
+  {
+    "id": "a435bf57-f4b8-6j3h-g362-a5adbffd6fft",
+    "username": "imusername",
+    "token": "eyJhbGciOiJIUzI1NiJ4.eyJzdWIiOiJkYm3ocnkiLCJleHAiOjE3NDcwNTA4NTcsImlhdCI6MTc0Njg3ODE1NywiYXV0aG9yaXRpZXMiOlsiQURNSU4iLCJVU0VSIl19.PRcIp7Jds65ScSSxBgzLFImP4BF5LcAHYAx7Q1y7ij5",
+    "expirationDate": "2025-05-12T11:55:57.349Z",
+    "roles": [
+        "USER"
+    ]
+}
+
+### `POST /api/authorize`
+
+**Validates whether the currently authenticated user has the required authority.**
+
+Headers:
+
+    Authorization: Bearer <JWT token>
+
+Response:
+
+    200 OK if authorized
+
+    403 FORBIDDEN if not authorized

src/main/java/com/danielbohry/authservice/api/AuthController.java

@@ -13,6 +13,8 @@ import org.springframework.security.core.context.SecurityContext;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.web.bind.annotation.*;
 
+import static org.springframework.http.HttpStatus.CREATED;
+
 @Slf4j
 @RestController
 @AllArgsConstructor
@@ -24,14 +26,14 @@ public class AuthController {
 
     @PostMapping("register")
     public ResponseEntity<AuthenticationResponse> register(@RequestBody AuthenticationRequest request) {
-        log.info("New signup for username [{}]", request.getUsername());
+        log.info("Registering new username [{}]", request.getUsername());
         var response = service.signup(request);
-        return ResponseEntity.ok(response);
+        return ResponseEntity.status(CREATED).body(response);
     }
 
     @PostMapping("authenticate")
     public ResponseEntity<AuthenticationResponse> authenticate(@RequestBody AuthenticationRequest request) {
-        log.info("New signing for username [{}]", request.getUsername());
+        log.info("Authenticating username [{}]", request.getUsername());
         var response = service.signin(request);
         return ResponseEntity.ok(response);
     }