Skip to main content
The User service manages user profiles and addresses for the QeetMart platform. It provides CRUD operations for user data with role-based access control.

Overview

Built with Spring Boot 3.3.8, the user service handles user profile information, address management, and integrates with the auth service for JWT-based authentication.
The User service runs on port 8082 by default and uses PostgreSQL for data persistence.

Technology stack

  • Framework: Spring Boot 3.3.8
  • Language: Java 17
  • Database: PostgreSQL
  • Security: Spring Security + OAuth2 Resource Server
  • Key dependencies:
    • Spring Data JPA
    • Spring Security OAuth2 Resource Server
    • Spring Boot Actuator
    • Micrometer Prometheus
    • Lombok

Configuration

Environment variables

SERVER_PORT
number
default:"8082"
Server port

Database configuration

DB_HOST
string
default:"localhost"
PostgreSQL host
DB_PORT
number
default:"5432"
PostgreSQL port
DB_NAME
string
default:"user_db"
Database name
DB_USERNAME
string
default:"postgres"
Database username
DB_PASSWORD
string
required
Database password
JPA_DDL_AUTO
string
default:"validate"
Hibernate DDL auto (update for dev, validate for prod)

JWT configuration

JWT_SECRET
string
required
JWT verification secret (must match auth-service)
JWT_ISSUER_URI
string
default:"http://localhost:4001"
JWT issuer URI for validation

API endpoints

User profile endpoints

Create user profile

curl -X POST http://localhost:8082/users \
  -H "Authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
    "userId": 1,
    "name": "John Doe",
    "email": "[email protected]",
    "phone": "+1234567890"
  }'

Get all users (Admin only)

curl "http://localhost:8082/users?page=0&size=10&sortBy=createdAt&sortDir=desc" \
  -H "Authorization: Bearer <admin-token>"

Get user by ID

curl http://localhost:8082/users/1 \
  -H "Authorization: Bearer <token>"

Update user profile

curl -X PUT http://localhost:8082/users/1 \
  -H "Authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "John Updated",
    "phone": "+0987654321"
  }'

Delete user profile

curl -X DELETE http://localhost:8082/users/1 \
  -H "Authorization: Bearer <token>"

Address endpoints

The service also provides address management endpoints for user shipping/billing addresses. See the AddressController for full details.

Data models

UserProfile entity

@Entity
@Table(name = "user_profiles")
public class UserProfile {
    @Id
    @GeneratedValue(strategy = GenerationType.IDENTITY)
    private Long id;

    @Column(name = "user_id", nullable = false, unique = true)
    private Long userId;

    @Column(nullable = false, length = 120)
    private String name;

    @Column(nullable = false, length = 255)
    private String email;

    @Column(length = 20)
    private String phone;

    @Column(name = "created_at", nullable = false, updatable = false)
    private Instant createdAt;

    @Column(name = "updated_at", nullable = false)
    private Instant updatedAt;
}

Address entity

Users can have multiple addresses for shipping and billing purposes.

Authorization

The service uses Spring Security with custom authorization logic:
  • Admin users can access all user profiles
  • Regular users can only access their own profile
  • Authorization is handled by @authorizationService.canAccessUser(authentication, #userId)
@GetMapping("/{userId}")
@PreAuthorize("@authorizationService.canAccessUser(authentication, #userId)")
public ResponseEntity<UserProfileResponse> getUserByUserId(@PathVariable Long userId) {
    return ResponseEntity.ok(userProfileService.getByUserId(userId));
}

Health check

curl http://localhost:8082/actuator/health

Metrics

Prometheus metrics are available at /actuator/prometheus.

Running the service

cd user-service
mvn spring-boot:run

Security

  • JWT Authentication: All endpoints require valid JWT token
  • Role-based access: ADMIN role required for listing all users
  • Resource-based authorization: Users can only access their own data
Ensure the JWT_SECRET matches the secret used in the auth-service for proper token validation.

Dependencies

  • PostgreSQL: For user profile and address storage
  • Auth service: For JWT token issuance and user ID mapping

Source code

Location: ~/workspace/source/micros/user-service/ Key files:
  • src/main/java/com/qeetmart/user/api/controller/UserController.java - User endpoints
  • src/main/java/com/qeetmart/user/api/controller/AddressController.java - Address endpoints
  • src/main/java/com/qeetmart/user/domain/entity/UserProfile.java - User entity
  • src/main/java/com/qeetmart/user/infrastructure/security/AuthorizationService.java - Authorization logic
  • src/main/resources/application.yml - Configuration

Build docs developers (and LLMs) love

Get started for freeTalk to us