Skip to content

emad-eldeen/anti-fraud-system

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
gradle/wrapper
gradle/wrapper
 
 
screenshots
screenshots
 
 
src
src
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
build.gradle
build.gradle
 
 
gradlew
gradlew
 
 
gradlew.bat
gradlew.bat
 
 
settings.gradle
settings.gradle
 
 

Repository files navigation

Anti-fraud System

A system to validate credit cards' transactions. It supports authentication and authorization. Data is saved persistently in a database

Technical Requirements

  • Validating transactions as per the following workflow: transaction validation workflow
  • Authentication:
    • HTTP basic authentication
    • Storing users credentials in a relational database
  • Authorization:
    • Roles: ADMINISTRATOR, MERCHANT, SUPPORT. only one role can be assigned to a user
    • Only one ADMINISTRATOR could exist
    • The first created user should be given ADMINISTRATOR role. Otherwise, MERCHANT
    • All users, except for ADMINISTRATOR, should be locked when created.
    • Role model:
|                                                  | Anonymous | MERCHANT | ADMINISTRATOR | SUPPORT |
|------------------------------------------------  |-----------|----------|---------------|---------|
| POST /api/auth/user                              | -         | +        | +             | +       |
| DELETE /api/auth/user                            | -         | -        | +             | -       |
| GET /api/auth/list                               | -         | -        | +             | +       |
| PUT /api/auth/access                             | -         | -        | +             | -       |
| PUT /api/auth/role                               | -         | -        | +             | -       |
| POST /api/anti-fraud/transaction                 | -         | +        | -             | -       |
| POST, DELETE, GET api/anti-fraud/suspicious-ips  | -         | -        | -             | +       |
| POST, DELETE, GET api/anti-fraud/stolen-cards    | -         | -        | -             | +       |
  • REST APIs for:
    • Anti fraud:
      • Transaction validation
      • add/delete a stolen card
      • list stolen cards
      • add/delete suspicious IP
      • list suspicious IPs
    • Users:
      • creating a user
      • deleting a user
      • list users
      • change user's role
      • to lock/unlock user (ADMINISTRATOR cant be locked)

Knowledge Used

  • Spring Boot:
    • Web
    • Security
    • JPA
    • Validation
  • Lombok
  • H2 Database
  • Data Transfer Objects (DTO)
  • Java Streams

About

A system to validate credit cards' transactions

Topics

spring-boot authentication lombok authorization spring-security spring-web spring-jpa h2-database spring-validation

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages