# Banking Service REST API

## Development assignment for Backend Developer at Finologee

See [Finologee - Java Development Assignment - Luxembourg.pdf](resources/Finologee%20-%20Java%20Development%20Assignment%20-%20Luxembourg.pdf) for assignment instructions.

### What has been implemented

* All the main requirements
* Payment execution as a single transaction
* Swagger specification for the REST API
* Docker build

The application runs on Java 20 using Spring Boot 3.0.6.
An H2 database is populated on startup. The initial data is described below.

### What has not been implemented

* Pagination for payments
* Registering of fraud tentatives
* Final execution of payments (mark payment as executed and update end-of-day balances)

### How to run the application

The application runs on Java 20, so a JDK should be installed on the build system.

#### Manually

Using Maven, you can run the following command:

```shell
./mvnw install
```

This will put an executable JAR in `./target`, which can be run using:

```shell
java -jar target/*.jar
```

#### Using Docker

Build the JAR file as before and then execute the following command to extract the layers from the JAR:

```shell
mkdir target/extracted && java -Djarmode=layertools -jar target/*.jar extract --destination target/extracted
```

Building the image:

```shell
docker build -t bankingservice .
```

Run it using the following command:

```shell
docker run -p 8080:8080 bankingservice
```

### Application summary

Using a tool like Postman (see `resources` folder for a sample collection), a user can send requests to the REST API.

First the user has to log in using the `POST /login` endpoint providing username and password as basic authentication.

Then the now authenticated user can execute payments, view his/her payments, delete a payment or list his/her bank accounts.
The user can also update the user details (address, password) using the dedicated endpoint.

To create a payment, the following constraints apply:
* The giver bank account has to be owned by the user
* Payments to the same account as the giver are not valid
* Payments only be executed if the account balance is sufficient
* Payments to the following list of accounts are forbidden:
  * LU280019400644750000
  * LU120010001234567891
* The IBAN of the beneficiary is validated with [https://openiban.com/validate](https://openiban.com/validate)

The account balances will be updated, if they belong to this banking service.

The payment is processed in a single transaction, creating the payment in the database and updating the available balances.

When the user has finished, he can log out using the `POST /logout` endpoint, which will invalidate the session.

### Endpoints

* `POST /login`: The user can log in using basic authentication
* `POST /logout`: The user can log out
* `PUT /update-user`: Update the user details and password
* `POST /payment`: Create a new payment
* `GET /accounts`: List the user's bank accounts
* `GET /payments`: List the created payments for the authenticated user
* `DELETE /payment`: Delete a payment using its ID. Only payments that have not yet been executed can be deleted.

For a detailed overview of the API, visit the Swagger documentation at [http://localhost:8080/swagger-ui.html](http://localhost:8080/swagger-ui.html)

### Populated data

#### Users

| ID | User  | Password      | Accounts   |
|----|-------|---------------|------------|
| 1  | user1 | user1Password | 1,2        |
| 2  | user2 | user2Password | 2,3,4,9,19 |
| 3  | user3 | user3Password | 2,8,13,16  |
| 4  | user4 | user4Password | 8,14       |
| 5  | user5 | user5Password | 4,12,13,16 |
| 6  | user6 | user6Password | 10,15,18   |
| 7  | user7 | user7Password | 5,6,17     |
| 8  | user8 | user8Password | 7,11,13,20 |

#### Accounts

| ID | Account name  | IBAN                 | Balance   | Users |
|----|---------------|----------------------|-----------|-------|
| 1  | Personal      | LU584022594948990503 | 578.98    | 1     |
| 2  | Work          | LU907047173626189281 | 4135.14   | 1,2,3 |
| 3  | Checking      | LU337685598868536287 | 21545.32  | 2     |
| 4  | Joint         | LU840552586110383855 | 201.00    | 2,5   |
| 5  | Primary       | LU068976849336652168 | 984512.23 | 7     |
| 6  | Secondary     | LU148716017016374383 | 382690.16 | 7     |
| 7  | Joy           | LU798574254737992988 | 232663.94 | 8     |
| 8  | Holidays      | LU881912185721376358 | 421234.41 | 3,4   |
| 9  | Personal      | LU191013601444141763 | 158052.05 | 2     |
| 10 | Savings       | LU710564368935005652 | 292888.94 | 6     |
| 11 | Personal      | LU222549371173567471 | 168211.44 | 8     |
| 12 | Savings       | LU261309808416076323 | 223757.44 | 5     |
| 13 | Work          | LU654310230678616664 | 207268.46 | 3,5,8 |
| 14 | Expenses      | LU231866912041681639 | 326704.48 | 4     |
| 15 | Personal      | LU429127592687822778 | 98377.59  | 6     |
| 16 | Joint account | LU786522695111559649 | 23818.53  | 3,5   |
| 17 | Savings       | LU259786109895524005 | 252442.60 | 7     |
| 18 | Pension       | LU744005943189772712 | 412747.20 | 6     |
| 19 | Savings       | LU130189044953642517 | 359691.69 | 2     |
| 20 | Trading       | LU081651725326393823 | 278739.76 | 8     |