validations

aconnect/src/main/java/com/mfsys/aconnect/security/controller/AuthenticationController.java

@@ -35,12 +35,8 @@ public class AuthenticationController {
 
   @PostMapping(SecurityURI.LOGIN)
   public ResponseEntity<LoginResponse> login(@RequestBody LoginRequest loginRequest) {
-    try {
       LoginResponse response = authenticationService.login(loginRequest);
       return ResponseEntity.ok(response);
-    } catch (RuntimeException e) {
-      return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build();
-    }
   }
 
 

aconnect/src/main/java/com/mfsys/aconnect/security/exception/AuthenticationException.java

@@ -0,0 +1,11 @@
+package com.mfsys.aconnect.security.exception;
+
+import com.mfsys.common.configuration.exception.ApplicationException;
+import com.mfsys.common.configuration.exception.ErrorMessage;
+
+public class AuthenticationException extends ApplicationException {
+
+    public AuthenticationException(String context, ErrorMessage errorMessage) {
+        super(context, errorMessage);
+    }
+}

aconnect/src/main/java/com/mfsys/aconnect/security/service/AuthenticationService.java

@@ -1,5 +1,7 @@
 package com.mfsys.aconnect.security.service;
 
+import com.mfsys.aconnect.security.exception.AuthenticationException;
+import com.mfsys.common.configuration.constant.ERRCode;
 import com.mfsys.common.configuration.service.JwtService;
 import com.mfsys.common.configuration.service.PasswordEncryptionService;
 import com.mfsys.aconnect.security.dto.LoginRequest;
@@ -26,12 +28,14 @@ public class AuthenticationService {
   @Transactional
   public LoginResponse login(LoginRequest loginRequest) {
     // Find user by email
-    User user = userRepository.findByUserIdAndIsActiveTrue(loginRequest.getUserId())
+      User user = userRepository.findByUserIdAndIsActiveTrue(loginRequest.getUserId())
-      .orElseThrow(() -> new RuntimeException("Invalid credentials"));
+              .orElseThrow(() ->
+                      new AuthenticationException("Authentication", ERRCode.INVALID_CREDENTIALS)
+              );
 
     // Verify password
     if (!PasswordEncryptionService.verifyPassword(loginRequest.getPassword(), user.getPassword())) {
-      throw new RuntimeException("Invalid credentials");
+        throw new AuthenticationException("Authentication", ERRCode.INVALID_CREDENTIALS);
     }
 
     String token = jwtService.generateToken(loginRequest.getUserId());

common/src/main/java/com/mfsys/common/configuration/constant/ERRCode.java

@@ -5,7 +5,10 @@ import com.mfsys.common.configuration.exception.ErrorMessage;
 public enum ERRCode implements ErrorMessage {
     EMAIL_ALREADY_EXIST("ERR_SEC_0001", "Email already exists"),
     USERNAME_ALREADY_EXIST("ERR_SEC_0002", "Username already exists"),
-    PASSWORD_ALREADY_EXIST("ERR_SEC_0003", "Old Password is not correct");
+    PASSWORD_ALREADY_EXIST("ERR_SEC_0003", "Old Password is not correct"),
+    INVALID_CREDENTIALS("ERR_SEC_0004", "Invalid credentials"),
+    USER_NOT_FOUND("ERR_SEC_0005", "User not found"),
+    WRONG_PASSWORD("ERR_SEC_0006", "Incorrect password");
 
 
     private String code;