PR: Homework from Chenfei Xu

.dockerignore

@@ -0,0 +1 @@
+target

.github/dependabot.yml

@@ -0,0 +1,21 @@
+version: 2
+updates:
+  - package-ecosystem: maven
+    directory: "/"
+    schedule:
+      interval: daily
+      time: "15:40"
+      timezone: "Asia/Shanghai"
+    open-pull-requests-limit: 10
+    labels:
+      - dependencies
+
+  - package-ecosystem: 'github-actions'
+    directory: '/'
+    schedule:
+      interval: daily
+      time: "15:40"
+      timezone: "Asia/Shanghai"
+    open-pull-requests-limit: 10
+    labels:
+      - dependencies

.github/workflows/ci.yml

@@ -0,0 +1,57 @@
+name: CI
+
+on:
+  pull_request:
+  push:
+    branches: [master]
+
+permissions:
+  contents: write
+
+concurrency:
+  group: ci-${{ github.ref }}-group
+  cancel-in-progress: true
+
+jobs:
+  default:
+    runs-on: ubuntu-22.04
+
+    steps:
+      - uses: actions/checkout@v4
+      - name: Install libssl1.1
+        run: |
+          echo "deb http://security.ubuntu.com/ubuntu focal-security main" | sudo tee /etc/apt/sources.list.d/focal-security.list
+          sudo apt-get update && sudo apt-get install -y libssl1.1
+      - name: Set up JDK
+        uses: actions/setup-java@v3
+        with:
+          java-version: '17'
+          distribution: 'temurin'
+          cache: 'maven'
+      - name: Cache embedded mongo
+        id: cache-mongo
+        uses: actions/cache@v3
+        env:
+          cache-name: cache-mongo
+        with:
+          path: ~/.embedmongo
+          key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/application-test.yml') }}
+          restore-keys: |
+            ${{ runner.os }}-build-${{ env.cache-name }}-
+            ${{ runner.os }}-build-
+            ${{ runner.os }}-
+      - name: Build with Maven
+        run: mvn -B package --file pom.xml
+      - name: Submit Dependency Snapshot
+        uses: advanced-security/maven-dependency-submission-action@v3
+      - name: Upload coverage reports to Codecov
+        uses: codecov/codecov-action@v5
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}
+          verbose: true
+      - name: Save Jar file
+        uses: actions/upload-artifact@v4
+        with:
+          name: wc-api-jar
+          path: target/*.jar
+          retention-days: 14

.github/workflows/docker-release.yml

@@ -0,0 +1,44 @@
+name: docker-release
+
+on:
+  push:
+    branches:
+      - "master"
+    tags:
+      - "v*"
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Docker Login
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKER_HUB_USERNAME }}
+          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Prepare build tag
+        id: tag
+        run: |
+          IMAGE=${{ secrets.DOCKER_HUB_USERNAME }}/wc-api
+          if [ -z "${GITHUB_REF_NAME}" ] || [ "${GITHUB_REF_NAME}" = "master" ]; then
+            TAGS="${IMAGE}:latest"
+          else
+            TAGS=`echo ${IMAGE}:latest --tag ${IMAGE}:${GITHUB_REF_NAME}`
+          fi
+          echo "TAGS=${TAGS}" >> $GITHUB_OUTPUT
+
+      - name: Build and push
+        run: >-
+          docker buildx build
+          --file ./Dockerfile
+          --platform linux/amd64,linux/arm64
+          --tag ${{ steps.tag.outputs.TAGS }}
+          --push .

.gitignore

@@ -0,0 +1,38 @@
+HELP.md
+target/
+!.mvn/wrapper/maven-wrapper.jar
+!**/src/main/**/target/
+!**/src/test/**/target/
+
+### STS ###
+.apt_generated
+.classpath
+.factorypath
+.project
+.settings
+.springBeans
+.sts4-cache
+
+### IntelliJ IDEA ###
+.idea
+*.iws
+*.iml
+*.ipr
+
+### NetBeans ###
+/nbproject/private/
+/nbbuild/
+/dist/
+/nbdist/
+/.nb-gradle/
+build/
+!**/src/main/**/build/
+!**/src/test/**/build/
+
+### VS Code ###
+.vscode/
+
+### Mac OS ###
+.DS_Store
+
+.history

.java-version

@@ -0,0 +1 @@
+17.0

.mvn/wrapper/maven-wrapper.properties

@@ -0,0 +1,18 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.9.1/apache-maven-3.9.1-bin.zip
+wrapperUrl=https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.2.0/maven-wrapper-3.2.0.jar

Dockerfile

@@ -0,0 +1,13 @@
+FROM eclipse-temurin:17-jdk-jammy as builder
+WORKDIR /opt/app
+COPY .mvn/ .mvn
+COPY mvnw pom.xml ./
+RUN ./mvnw dependency:go-offline
+COPY ./src ./src
+RUN ./mvnw -Dmaven.test.skip=true clean package
+
+FROM eclipse-temurin:17-jre-jammy
+WORKDIR /opt/app
+EXPOSE 8080
+COPY --from=builder /opt/app/target/*.jar /opt/app/*.jar
+ENTRYPOINT ["java", "-jar", "/opt/app/*.jar" ]

README.md

@@ -1,73 +1,100 @@
 # Wiredcraft Back-end Developer Test
+![GitHub Workflow Status](https://img.shields.io/github/actions/workflow/status/bigfei/test-backend-java/docker-release.yml)
+[![Codecov branch](https://img.shields.io/codecov/c/github/bigfei/test-backend-java/master?token=YACNVNL1OB)](https://codecov.io/gh/bigfei/test-backend-java)
 
-Make sure you read the whole document carefully and follow the guidelines in it.
+## Introduction
+It is a simple LBS service that offers nearby searches, following/followers lists, 
+and profile updates, according to the [Requirement](docs/REQ.md).
 
-## Context
 
-Build a RESTful API that can `get/create/update/delete` user data from a persistence database
-
-### User Model
-
-```
-{
-  "id": "xxx",                  // user ID 
-  "name": "test",               // user name
-  "dob": "",                    // date of birth
-  "address": "",                // user address
-  "description": "",            // user description
-  "createdAt": ""               // user created date
-}
+## Quick Start and Demo
+### Prerequisite
+1. Run docker-compose to setup a mongodb server:
+```shell
+docker-compose up -d --build
 ```
+After the mongodb get started, login into `http://localhost:8081` to verify the db collections status:
+![Step1](docs/m1.png)
+then change the mongodb settings in file `src/main/resources/application.yml` accordingly.
+2. Register an auth0.com account and app for oauth2 integration.
+   1. Visit auth0.com and create an app as follows: ![Step1](docs/s1.png)
+   2. Copy the domain / ClientID / ClientSecret from the settings page: ![Step2](docs/s2.png)
+   3. Add the callback Urls and logout Urls on settings page: ![Step2](docs/s3.png)
+   3. Modify the `src/main/resources/application.yml` with the auth0 settings from the last step.
+3. Run `./mvnw spring-boot:run` to start the app.
+
+### Demo
+Or if you want just to feel the app, visit `https://wc-api.bigfei.me`.
+
+## Under the hood
+### Tech Stack
+- **MongoDB** Use mongodb as the DB for faster searches and [geospatial](https://www.mongodb.com/docs/manual/reference/operator/aggregation/geoNear/) functions.
+- **Springboot Framework** as the de factro for Java world to build any restful api things.
+- Use jWT and **Auth0** as the oauth2 provider for prototype building and MVP.
+- **Github Actions** are used for CI solution.
+- Cloudflare Tunnel for free https access and CDN services.
+- Docker for deployment and testing.
+- **Thymeleaf** adds support for Server-Side View Rendering.
+- **Sentry** for logging APM.
+
+## System design and User Story
+
+### User Restful API
+
+| Method | Endpoints      | Usage                                      |
+|--------|----------------|--------------------------------------------|
+| POST   | /users         | create a User                              |
+| GET    | /users         | list Users                                 |
+| GET    | /users/{id}    | list single User                           |
+| PUT    | /users/{id}    | update a User                              |
+| DELETE | /users/{id}    | delete a User                              |
+| GET    | /users/profile | show a profile page for current logon user |
+| GET    | /users/me      | show user details for current user         |
+
+### OAuth2
+Use auth0.com as the backend oauth provider and okta-spring-boot-starter for springboot supports.
+See the config details from the [Prerequisite](#prerequisite)
+
+### Followers/Friend List
+Add a mongodb collection as the follower/followee relationship. 
+Use [DBRef](https://www.mongodb.com/docs/manual/reference/database-references/) 
+for mapping the reference relationship.
+
+| follows   |   |
+|-----------|---|
+| followee  |   |
+| follower  |   |
+| createdAt |   |
+
+APIs:
+
+| Method | Endpoints                      | Usage                                                       |
+|--------|--------------------------------|-------------------------------------------------------------|
+| GET    | /users/{id}/followers          | a list of users who are followers of the specified user ID. |
+| GET    | /users/{id}/following          | a list of users the specified user ID is following          |
+| POST   | /users/{id}/following/{target} | let a user to follow another user                           |
+| DELETE | /users/{id}/following/{target} | let a user to unfollow another user                         |
+
+### Near me
+Use mongodb geospatial search to do geo search around a specific geo points (aka geocaches).
+1. Friends: they are following each other.
+2. Nearme: Near the location point using geo search (`$geoNear`).
+
+APIs: 
+
+| Method | Endpoints                             | Usage                                                             |
+|--------|---------------------------------------|-------------------------------------------------------------------|
+| GET    | /users/{id}/nearFriends?distanceKm=10 | a list of friends within a distance of 10 kilometers from userId. |
+
+
+## Todos and Caveats
+
+### Backlog
+- [ ] Sentry APM integration.
+- [x] Github Actions CI.
+- [ ] Swagger API docs.
+- [ ] Put secrets into .env file for safety.
+
+### Caveats
+1. Use Mongodb match/in pipelines for checking a user friends list rather than naive recursive searching.
 
-## Requirements
-
-### Functionality
-
-- The API should follow typical RESTful API design pattern.
-- The data should be saved in the DB.
-- Provide proper unit test.
-- Provide proper API document.
-
-### Tech stack
-
-- Use Java and any framework.
-- Use any DB.
-
-### Bonus
-
-- Write clear documentation on how it's designed and how to run the code.
-- Write good in-code comments.
-- Write good commit messages.
-- An online demo is always welcome.
-
-### Advanced requirements
-
-*These are used for some further challenges. You can safely skip them if you are not asked to do any, but feel free to try out.*
-
-- Provide a complete user auth (authentication/authorization/etc.) strategy, such as OAuth. This should provide a way to allow end users to securely login, autenticate requests and only access their own information.
-- Provide a complete logging (when/how/etc.) strategy.
-- Imagine we have a new requirement right now that the user instances need to link to each other, i.e., a list of "followers/following" or "friends". Can you find out how you would design the model structure and what API you would build for querying or modifying it?
-- Related to the requirement above, suppose the address of user now includes a geographic coordinate(i.e., latitude and longitude), can you build an API that,
-  - given a user name
-  - return the nearby friends
-
-
-## What We Care About
-
-Feel free to use any open-source library as you see fit, but remember that we are evaluating your coding skills and problem solving skills.
-
-Here's what you should aim for:
-
-- Good use of current Java & API design best practices.
-- Good testing approach.
-- Extensible code.
-
-## FAQ
-
-> Where should I send back the result when I'm done?
-
-Fork this repo and send us a pull request when you think it's ready for review. You don't have to finish everything prior and you can continue to work on it. We don't have a deadline for the task.
-
-> What if I have a question?
-
-Feel free to make your own assumptions about the scope of this task but try to document those. You can also reach to us for questions.