A comprehensive, production-ready Notes/Task Management REST API built with Spring Boot 3, featuring JWT authentication, role-based authorization, Redis caching, and comprehensive testing.
- CRUD Operations: Create, read, update, and delete notes
- User Management: User registration and authentication
- Advanced Filtering: Filter notes by status, priority, category, and date range
- Search: Full-text search across note titles and content
- Statistics: Comprehensive note statistics and analytics
- Note Management: Archive, complete, and reactivate notes
- JWT Authentication: Secure token-based authentication
- Role-based Authorization: User and Admin roles with different permissions
- Password Encryption: BCrypt password hashing
- Spring Security: Comprehensive security configuration
- Redis Caching: High-performance caching layer
- Pagination: Efficient data retrieval with sorting
- Database Optimization: JPA/Hibernate with optimized queries
- Connection Pooling: PostgreSQL with connection pooling
- Docker Support: Complete containerization with docker-compose
- Database Migration: Flyway for version-controlled database changes
- API Documentation: OpenAPI 3.0 (Swagger) documentation
- Comprehensive Testing: Unit, integration, and service layer tests
- Health Checks: Application health monitoring
- Environment Configuration: Multiple environment support (dev, prod)
- Spring Boot 3.5.4 - Main application framework
- Spring Security - Authentication and authorization
- Spring Data JPA - Data persistence layer
- Spring Data Redis - Caching layer
- PostgreSQL - Primary database (production)
- H2 Database - In-memory database (testing)
- Redis - Caching and session storage
- Flyway - Database migration tool
- Maven - Dependency management and build tool
- Docker & Docker Compose - Containerization
- Java 17 - Runtime environment
- SpringDoc OpenAPI - API documentation
- JUnit 5 - Unit testing framework
- Testcontainers - Integration testing
- Lombok - Code generation
- Java 17 or higher
- Maven 3.6 or higher
- Docker and Docker Compose (for containerized setup)
- PostgreSQL (for local development)
- Redis (for caching)
git clone https://github.com/hakimasyrofi/java-spring-notes-app.git
cd java-spring-notes-app# Copy environment file
cp .env.dev .env
# Start all services
docker-compose up -d
# View logs
docker-compose logs -f notes-api# Install dependencies
./mvnw clean install
# Configure environment variables
export JWT_SECRET=your-secret-key-here
export JWT_EXPIRATION=86400000
export DB_USERNAME=your-db-username
export DB_PASSWORD=your-db-password
export DB_NAME=notesdb
# Run the application
./mvnw spring-boot:run- API Base URL: http://localhost:8080
- Swagger Documentation: http://localhost:8080/swagger-ui.html
- Database Admin (Adminer): http://localhost:8081 (Docker only)
- Health Check: http://localhost:8080/actuator/health
./mvnw test# Unit tests only
./mvnw test -Dtest="*Test"
# Integration tests only
./mvnw test -Dtest="*IntegrationTest"
# Service layer tests
./mvnw test -Dtest="*ServiceTest"The project includes comprehensive testing:
- Unit Tests: Service layer, utilities, and components
- Integration Tests: Full API endpoint testing
- Controller Tests: Web layer testing with MockMvc
- Repository Tests: Data layer testing
# Start development environment
docker-compose up -d
# Scale API instances
docker-compose up -d --scale notes-api=3# Use production configuration
cp .env.prod .env
docker-compose --env-file .env.prod -f docker-compose.yml up -d- notes-api: Spring Boot application
- postgres: PostgreSQL database
- redis: Redis cache
- adminer: Database administration tool (optional)
- Application Health:
/actuator/health - Application Info:
/actuator/info - Custom Health Checks: Database, Redis connectivity
Structured logging with different levels:
- Application logs:
com.spring.notes.app - SQL logs: Hibernate SQL queries
- Security logs: Authentication/authorization events
- User registers with username, email, and password
- User logs in with credentials
- Server returns JWT token
- Client includes token in Authorization header
- Server validates token for protected endpoints
- PUBLIC: Registration, login, home page
- USER: CRUD operations on own notes
- ADMIN: Manage all notes, view statistics, Redis management
- CORS configuration
- CSRF protection
- Security headers (XSS, clickjacking protection)
- Redis: User sessions, frequently accessed data
- JPA Second Level Cache: Entity caching
- Query Result Caching: Expensive queries
- Indexes: Optimized database indexes
- Connection Pooling: HikariCP connection pool
- Lazy Loading: Efficient entity relationships
- Lombok: Reduces boilerplate code
- Validation: Bean validation with custom messages
- Exception Handling: Global exception handler
- API Responses: Standardized response format
src/
βββ main/
β βββ java/com/spring/notes/app/
β β βββ config/ # Configuration classes
β β βββ controller/ # REST controllers
β β βββ dto/ # Data Transfer Objects
β β βββ entity/ # JPA entities
β β βββ exception/ # Custom exceptions
β β βββ repository/ # Data repositories
β β βββ service/ # Business logic
β βββ resources/
β βββ db/migration/ # Flyway migrations
β βββ application.properties
βββ test/ # Test classes
Hakim Asyrofi
- GitHub: @hakimasyrofi
Happy Coding! π