Johns Hopkins University Center for Systems Science and Engineering (JHU CSSE) publishes data about Coronavirus COVID-19 impact on a daily basis. This Spring Boot Restful service project uses a subset of that data-set and exposes some restful end-points for analytical purposes.
- Architecture
- Authentication and Authorization
- End-Points and Assumptions
- Tradeoffs
1. Architecture I used Spring Tools Suit as it uses maven architecture. I created separate packages for each module.
- Security related working is placed under io.munib.covid19impactanalysisapi.security package.
- Api related working is placed under io.munib.covid19impactanalysisapi package and sub packages.
2. Authentication and Authorization: For Authentication and Authorization, I used JWT (JSON Web Tokens). As payload is encoded in base64 using a secret key to create JWT, I used secret as secret key.
- For JWT reference: Java Brains: https://www.youtube.com/watch?v=X80nJ5T7YpE&list=PLqq-6Pq4lTTYTEooakHchTGglSvkZAjnE&index=12
3. End-Points and Assumptions
- To get a JWT token: http://localhost:8080/authenticate/{username} (GET)
- All new cases reported today: http://localhost:8080/api/totalcasestoday (GET, Authorization header attribute with JWT token)
- All new cases reported today country wise (sorted by cases reported today descending): http://localhost:8080/api/totalcasestoday-countrywise (GET, Authorization header attribute with JWT token)
- All new cases reported today in a country: http://localhost:8080/api/totalcasestoday/{country-name} (GET, Authorization header attribute with JWT token)
- All new cases reported since a date in a country: http://localhost:8080/api/totalcasessince/{country-name}/{date} (Date format: yyyy-MM-dd i.e. 2020-8-3) (GET, Authorization header attribute with JWT token)
- Top N countries with most reported cases today: http://localhost:8080/api/top-n-countries/{topNCountries} (topNCountries int i.e. 10, 20) (GET, Authorization header attribute with JWT token)
4. Tradeoffs: I have a method with @PostConstruct and @Scheduling annotations which will be called after the creation of the instance and after 24 hours.
- I am not storing covid data in any database or in any file instead I am storing it in a List. It will be a lost of space to store it as remote covid data is changing every day.
- On each request, data is retrieved from the list and sent as response.
- I used H2 database for storing and retrieving Jwt token associated with a username.
- Previous jwt token is invalidated and new jwt token is generated if a user again sends request to /authenticate with the same username.