From df22bde2f20fd60df7fb139ee760cfd2a16e746a Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Thu, 11 Dec 2025 11:21:25 +0000 Subject: [PATCH 1/6] Initial plan From a46847bdcae7e61c4f4ac722a4c17cb5d2be7dfc Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Thu, 11 Dec 2025 11:25:16 +0000 Subject: [PATCH 2/6] Add Copilot instructions for the repository Co-authored-by: fred-maina <150168105+fred-maina@users.noreply.github.com> --- .github/copilot-instructions.md | 184 ++++++++++++++++++++++++++++++++ 1 file changed, 184 insertions(+) create mode 100644 .github/copilot-instructions.md diff --git a/.github/copilot-instructions.md b/.github/copilot-instructions.md new file mode 100644 index 0000000..989dbc8 --- /dev/null +++ b/.github/copilot-instructions.md @@ -0,0 +1,184 @@ +# Copilot Instructions for ChatApp Backend + +## Project Overview + +ChatApp is a real-time messaging platform backend built with Java 21 and Spring Boot. It enables registered users to receive and respond to messages from anonymous users using WebSocket technology for real-time communication. + +## Tech Stack + +- **Language**: Java 21 +- **Framework**: Spring Boot 3.5.0 +- **Build Tool**: Maven +- **Database**: PostgreSQL with Flyway migrations +- **Real-time**: Spring WebSocket +- **Security**: Spring Security with JWT and OAuth 2.0 (Google) +- **ORM**: Spring Data JPA +- **Utilities**: Lombok, Jackson +- **Monitoring**: Spring Boot Actuator with Prometheus metrics +- **Caching**: Redis (Spring Data Redis) + +## Build and Test Commands + +### Build +```bash +mvn clean install +``` + +### Run Application +```bash +mvn spring-boot:run +``` + +### Run Tests +```bash +mvn test +``` + +### Generate Coverage Report +```bash +mvn verify +``` + +The application runs on `http://localhost:8080` by default. + +## Project Structure + +``` +src/main/java/com/fredmaina/chatapp/ +├── ChatappApplication.java # Main application entry point with @EnableCaching +├── Auth/ # Authentication and authorization module +│ ├── controllers/ # REST controllers for auth endpoints +│ ├── Dtos/ # Data Transfer Objects (note capitalization) +│ ├── Models/ # Entity models +│ ├── Repositories/ # JPA repositories +│ ├── services/ # Business logic (JWT, Auth) +│ ├── configs/ # Security configurations +│ └── exceptions/ # Exception handling +└── core/ # Core chat functionality + ├── Controllers/ # Chat REST controllers + ├── DTOs/ # Data Transfer Objects + ├── models/ # Chat entity models + ├── Repositories/ # Chat repositories + ├── Services/ # Chat and messaging services + └── config/ # WebSocket and other configs +``` + +## Coding Conventions + +### General Practices +- Use **Lombok** annotations to reduce boilerplate (`@Slf4j`, `@Data`, `@Builder`, etc.) +- Follow Spring Boot best practices and conventions +- Use constructor injection with `@Autowired` (or prefer constructor injection without @Autowired) +- Use `@Valid` annotation for request body validation +- Log important operations using SLF4J (`@Slf4j`) + +### Naming Conventions +- **Controllers**: Suffix with `Controller` (e.g., `AuthController`, `ChatController`) +- **Services**: Suffix with `Service` (e.g., `AuthService`, `ChatService`) +- **DTOs**: Place in `Dtos/` or `DTOs/` directories (note mixed case in existing code) +- **Repositories**: Suffix with `Repository` and extend Spring Data JPA interfaces +- **Models/Entities**: Use JPA annotations (`@Entity`, `@Table`, etc.) + +### Package Structure +- **Auth module**: Uses lowercase `controllers`, `services`, but capitalized `Dtos`, `Models`, `Repositories` +- **Core module**: Uses capitalized `Controllers`, `Services`, `DTOs`, etc. +- Maintain consistency within each module when adding new files + +### REST API Conventions +- Base paths: `/api/auth` for authentication, `/api` for chat operations +- Return `ResponseEntity` with appropriate HTTP status codes +- Use standard HTTP status codes: + - 200 OK for successful GET + - 201 Created for successful POST (registration) + - 401 Unauthorized for authentication failures + - 409 Conflict for duplicate resources +- Use `@RequestBody` for request payloads +- Use `@PathVariable` and `@RequestParam` for URL parameters + +### Security +- **JWT Authentication**: Use for API authentication +- **Google OAuth 2.0**: Supported for social login +- **WebSocket Security**: Token-based for authenticated users, session-based for anonymous +- Always validate and sanitize user input +- Use Spring Security for endpoint protection +- Store sensitive configuration in environment variables + +## Database + +### Flyway Migrations +- Located in: `src/main/resources/db/migration/` +- Naming: `V{number}__{description}.sql` (e.g., `V1__create_users_table.sql`) +- Always create migrations for schema changes +- Never modify existing migration files + +### Configuration +Use environment variables for database connection: +- `SPRING_DATASOURCE_URL` +- `SPRING_DATASOURCE_USERNAME` +- `SPRING_DATASOURCE_PASSWORD` + +## WebSocket + +- **Endpoint**: `/ws/chat` +- **Authenticated users**: Connect with JWT token as query parameter (`?token=`) +- **Anonymous users**: Connect with `anonSessionId` in cookie +- Message types: `ANON_TO_USER`, `USER_TO_ANON`, `MARK_AS_READ` + +## Testing + +- Tests located in: `src/test/java/com/fredmaina/chatapp/` +- Use JUnit and Spring Boot Test annotations +- Mock dependencies appropriately +- Follow existing test patterns in `AuthServiceTest.java` +- Code coverage tracked with JaCoCo + +## Environment Configuration + +Configuration is in `src/main/resources/application.properties`. Use environment variables: + +**Required**: +- `JWT_SECRET` - Secret key for JWT signing +- `GOOGLE_CLIENT-ID` - Google OAuth client ID +- `GOOGLE_SECRET-ID` - Google OAuth client secret +- `GOOGLE_REDIRECT_URI` - OAuth redirect URI + +**Optional**: +- `security.allowed-origins` - CORS allowed origins +- `security.allowed-methods` - CORS allowed methods +- `security.allowed-headers` - CORS allowed headers + +## Common Patterns + +### Controller Pattern +```java +@Slf4j +@Controller +@RequestMapping("/api/...") +public class ExampleController { + @Autowired + private ExampleService service; + + @PostMapping("/endpoint") + public ResponseEntity method(@Valid @RequestBody RequestDto request) { + // Implementation + } +} +``` + +### Service Pattern +- Business logic goes in services +- Services interact with repositories +- Use transactions where appropriate (`@Transactional`) + +### Exception Handling +- Global exception handling is implemented +- Use custom exceptions when appropriate +- Return meaningful error messages in responses + +## Additional Notes + +- The application uses caching (Redis) - consider cache invalidation when modifying data +- Actuator endpoints available for monitoring +- Prometheus metrics exposed for observability +- Spring DevTools enabled for development +- Follow the contribution guidelines in `CONTRIBUTING.md` From e8c388ddef6d2c1600a597c3e5344bd5300e54d0 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Thu, 11 Dec 2025 11:46:20 +0000 Subject: [PATCH 3/6] Add AGENTS.md for custom Copilot agents configuration Co-authored-by: fred-maina <150168105+fred-maina@users.noreply.github.com> --- .github/AGENTS.md | 159 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 159 insertions(+) create mode 100644 .github/AGENTS.md diff --git a/.github/AGENTS.md b/.github/AGENTS.md new file mode 100644 index 0000000..3533c83 --- /dev/null +++ b/.github/AGENTS.md @@ -0,0 +1,159 @@ +# Custom Agents for ChatApp Backend + +This file defines custom AI agents that can assist with specific tasks in this repository. + +## Spring Boot Expert + +**Trigger**: When working with Spring Boot configurations, dependency injection, or Spring-specific patterns + +**Expertise**: +- Spring Boot 3.5.0 application architecture +- Spring Security configuration for JWT and OAuth 2.0 +- Spring Data JPA repositories and entity management +- Spring WebSocket configuration and handlers +- Spring Boot Actuator and monitoring setup +- Dependency injection patterns and best practices + +**Context**: +This is a Spring Boot application using: +- Java 21 +- Spring Security with JWT and Google OAuth 2.0 +- Spring Data JPA with PostgreSQL +- Spring WebSocket for real-time messaging +- Spring Boot Actuator with Prometheus metrics +- Redis caching with Spring Data Redis + +## Database Migration Expert + +**Trigger**: When working with database schema changes, migrations, or data persistence + +**Expertise**: +- Flyway migration scripts +- PostgreSQL database schema design +- JPA entity relationships and mappings +- Database indexing and optimization +- Transaction management + +**Context**: +- Database migrations are in `src/main/resources/db/migration/` +- Naming convention: `V{number}__{description}.sql` +- Never modify existing migration files +- Always create new migrations for schema changes +- Database: PostgreSQL with JPA entities + +## WebSocket & Real-time Communication Expert + +**Trigger**: When working with WebSocket connections, real-time messaging, or chat functionality + +**Expertise**: +- Spring WebSocket configuration +- WebSocket handler implementation +- Real-time message routing +- Session management for authenticated and anonymous users +- Message payload serialization/deserialization + +**Context**: +- WebSocket endpoint: `/ws/chat` +- Authenticated users: JWT token as query parameter +- Anonymous users: Session ID in cookie +- Message types: `ANON_TO_USER`, `USER_TO_ANON`, `MARK_AS_READ` +- Bidirectional communication between registered and anonymous users + +## Security & Authentication Expert + +**Trigger**: When working with authentication, authorization, or security configurations + +**Expertise**: +- JWT token generation and validation +- Google OAuth 2.0 integration +- Spring Security configuration +- CORS configuration +- Endpoint security and access control +- Password encryption and validation + +**Context**: +- JWT-based authentication for API endpoints +- Google OAuth 2.0 for social login +- Separate security for WebSocket connections +- Environment variables for sensitive configuration +- Base path: `/api/auth` for authentication endpoints + +## Testing & Quality Assurance Expert + +**Trigger**: When writing or fixing tests, or ensuring code quality + +**Expertise**: +- JUnit 5 test patterns +- Spring Boot Test configurations +- Mocking with Mockito +- Integration testing +- JaCoCo code coverage analysis +- Test-driven development practices + +**Context**: +- Tests in: `src/test/java/com/fredmaina/chatapp/` +- Use Spring Boot Test annotations +- Follow existing test patterns in `AuthServiceTest.java` +- Coverage reports generated with: `mvn verify` +- Mock dependencies appropriately + +## REST API Design Expert + +**Trigger**: When designing or implementing REST endpoints + +**Expertise**: +- RESTful API design principles +- Spring MVC controller patterns +- Request/Response DTO design +- HTTP status code usage +- API documentation +- Validation with Bean Validation + +**Context**: +- Base paths: `/api/auth` for auth, `/api` for chat +- Return `ResponseEntity` with appropriate status codes +- Use `@Valid` for request validation +- Standard status codes: + - 200 OK for successful GET + - 201 Created for successful POST + - 401 Unauthorized for auth failures + - 409 Conflict for duplicates +- Lombok DTOs in `Dtos/` or `DTOs/` directories + +## Maven & Build Expert + +**Trigger**: When working with dependencies, build configuration, or project structure + +**Expertise**: +- Maven POM configuration +- Dependency management +- Maven plugins (JaCoCo, Maven Compiler) +- Build lifecycle and phases +- Spring Boot Maven plugin + +**Context**: +- Build: `mvn clean install` +- Run: `mvn spring-boot:run` +- Test: `mvn test` +- Coverage: `mvn verify` +- Java 21 with Spring Boot 3.5.0 +- Key dependencies: Lombok, Jackson, Flyway, JJWT + +## Code Review Expert + +**Trigger**: When reviewing code changes or ensuring code quality + +**Expertise**: +- Java coding standards +- Spring Boot best practices +- Security vulnerability detection +- Performance optimization +- Code maintainability +- Logging and error handling + +**Context**: +- Use Lombok annotations (`@Slf4j`, `@Data`, `@Builder`) +- Follow existing naming conventions per module +- Consistent error handling with global exception handlers +- Proper transaction management +- Environment-based configuration From 1b54fa51c4fcb7f72831203e9d124d628de961c4 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Thu, 11 Dec 2025 11:59:51 +0000 Subject: [PATCH 4/6] Move AGENTS.md to root directory with enhanced documentation Co-authored-by: fred-maina <150168105+fred-maina@users.noreply.github.com> --- .github/AGENTS.md => AGENTS.md | 128 ++++++++++++++++++++++----------- 1 file changed, 85 insertions(+), 43 deletions(-) rename .github/AGENTS.md => AGENTS.md (50%) diff --git a/.github/AGENTS.md b/AGENTS.md similarity index 50% rename from .github/AGENTS.md rename to AGENTS.md index 3533c83..b908dc1 100644 --- a/.github/AGENTS.md +++ b/AGENTS.md @@ -1,12 +1,22 @@ -# Custom Agents for ChatApp Backend +# AGENTS.md -This file defines custom AI agents that can assist with specific tasks in this repository. +## About This File -## Spring Boot Expert +This file defines custom AI agents for GitHub Copilot Workspace and other AI-powered development tools. It enables specialized agents with domain-specific knowledge to assist with different aspects of development in this repository. -**Trigger**: When working with Spring Boot configurations, dependency injection, or Spring-specific patterns +**Purpose**: Custom agents provide targeted expertise for specific tasks (e.g., Spring Boot configuration, database migrations, security) rather than general coding assistance. This improves code quality, maintains consistency with repository conventions, and accelerates development. -**Expertise**: +**Location**: This file should be placed in the **root directory** of the repository to be automatically discovered by AI development tools. + +--- + +## Custom Agents for ChatApp Backend + +### Spring Boot Expert + +**When to use**: Working with Spring Boot configurations, dependency injection, or Spring-specific patterns + +**Specialization**: - Spring Boot 3.5.0 application architecture - Spring Security configuration for JWT and OAuth 2.0 - Spring Data JPA repositories and entity management @@ -14,56 +24,61 @@ This file defines custom AI agents that can assist with specific tasks in this r - Spring Boot Actuator and monitoring setup - Dependency injection patterns and best practices -**Context**: -This is a Spring Boot application using: -- Java 21 +**Repository Context**: +- Java 21 with Spring Boot 3.5.0 - Spring Security with JWT and Google OAuth 2.0 - Spring Data JPA with PostgreSQL - Spring WebSocket for real-time messaging - Spring Boot Actuator with Prometheus metrics - Redis caching with Spring Data Redis -## Database Migration Expert +--- + +### Database Migration Expert -**Trigger**: When working with database schema changes, migrations, or data persistence +**When to use**: Working with database schema changes, migrations, or data persistence -**Expertise**: +**Specialization**: - Flyway migration scripts - PostgreSQL database schema design - JPA entity relationships and mappings - Database indexing and optimization - Transaction management -**Context**: -- Database migrations are in `src/main/resources/db/migration/` +**Repository Context**: +- Migrations location: `src/main/resources/db/migration/` - Naming convention: `V{number}__{description}.sql` - Never modify existing migration files - Always create new migrations for schema changes - Database: PostgreSQL with JPA entities -## WebSocket & Real-time Communication Expert +--- + +### WebSocket & Real-time Communication Expert -**Trigger**: When working with WebSocket connections, real-time messaging, or chat functionality +**When to use**: Working with WebSocket connections, real-time messaging, or chat functionality -**Expertise**: +**Specialization**: - Spring WebSocket configuration - WebSocket handler implementation - Real-time message routing - Session management for authenticated and anonymous users - Message payload serialization/deserialization -**Context**: +**Repository Context**: - WebSocket endpoint: `/ws/chat` -- Authenticated users: JWT token as query parameter +- Authenticated users: JWT token as query parameter (`?token=`) - Anonymous users: Session ID in cookie - Message types: `ANON_TO_USER`, `USER_TO_ANON`, `MARK_AS_READ` - Bidirectional communication between registered and anonymous users -## Security & Authentication Expert +--- -**Trigger**: When working with authentication, authorization, or security configurations +### Security & Authentication Expert -**Expertise**: +**When to use**: Working with authentication, authorization, or security configurations + +**Specialization**: - JWT token generation and validation - Google OAuth 2.0 integration - Spring Security configuration @@ -71,18 +86,20 @@ This is a Spring Boot application using: - Endpoint security and access control - Password encryption and validation -**Context**: +**Repository Context**: - JWT-based authentication for API endpoints - Google OAuth 2.0 for social login - Separate security for WebSocket connections - Environment variables for sensitive configuration -- Base path: `/api/auth` for authentication endpoints +- Auth base path: `/api/auth` + +--- -## Testing & Quality Assurance Expert +### Testing & Quality Assurance Expert -**Trigger**: When writing or fixing tests, or ensuring code quality +**When to use**: Writing or fixing tests, or ensuring code quality -**Expertise**: +**Specialization**: - JUnit 5 test patterns - Spring Boot Test configurations - Mocking with Mockito @@ -90,18 +107,20 @@ This is a Spring Boot application using: - JaCoCo code coverage analysis - Test-driven development practices -**Context**: -- Tests in: `src/test/java/com/fredmaina/chatapp/` +**Repository Context**: +- Test location: `src/test/java/com/fredmaina/chatapp/` - Use Spring Boot Test annotations -- Follow existing test patterns in `AuthServiceTest.java` -- Coverage reports generated with: `mvn verify` +- Follow patterns in `AuthServiceTest.java` +- Generate coverage: `mvn verify` - Mock dependencies appropriately -## REST API Design Expert +--- -**Trigger**: When designing or implementing REST endpoints +### REST API Design Expert -**Expertise**: +**When to use**: Designing or implementing REST endpoints + +**Specialization**: - RESTful API design principles - Spring MVC controller patterns - Request/Response DTO design @@ -109,29 +128,31 @@ This is a Spring Boot application using: - API documentation - Validation with Bean Validation -**Context**: +**Repository Context**: - Base paths: `/api/auth` for auth, `/api` for chat - Return `ResponseEntity` with appropriate status codes - Use `@Valid` for request validation -- Standard status codes: +- HTTP status codes: - 200 OK for successful GET - 201 Created for successful POST - 401 Unauthorized for auth failures - 409 Conflict for duplicates - Lombok DTOs in `Dtos/` or `DTOs/` directories -## Maven & Build Expert +--- + +### Maven & Build Expert -**Trigger**: When working with dependencies, build configuration, or project structure +**When to use**: Working with dependencies, build configuration, or project structure -**Expertise**: +**Specialization**: - Maven POM configuration - Dependency management - Maven plugins (JaCoCo, Maven Compiler) - Build lifecycle and phases - Spring Boot Maven plugin -**Context**: +**Repository Context**: - Build: `mvn clean install` - Run: `mvn spring-boot:run` - Test: `mvn test` @@ -139,11 +160,13 @@ This is a Spring Boot application using: - Java 21 with Spring Boot 3.5.0 - Key dependencies: Lombok, Jackson, Flyway, JJWT -## Code Review Expert +--- + +### Code Review Expert -**Trigger**: When reviewing code changes or ensuring code quality +**When to use**: Reviewing code changes or ensuring code quality -**Expertise**: +**Specialization**: - Java coding standards - Spring Boot best practices - Security vulnerability detection @@ -151,9 +174,28 @@ This is a Spring Boot application using: - Code maintainability - Logging and error handling -**Context**: +**Repository Context**: - Use Lombok annotations (`@Slf4j`, `@Data`, `@Builder`) - Follow existing naming conventions per module - Consistent error handling with global exception handlers - Proper transaction management - Environment-based configuration + +--- + +## How to Use These Agents + +When working with AI development tools that support custom agents: + +1. **Agent Selection**: The tool automatically selects the appropriate agent based on your task +2. **Context Awareness**: Agents have repository-specific knowledge to provide relevant suggestions +3. **Consistency**: Agents help maintain coding standards and architectural patterns +4. **Efficiency**: Get specialized help without explaining repository context each time + +## Maintenance + +Keep this file updated when: +- Adding new major features or technologies +- Changing architectural patterns +- Updating build or test processes +- Modifying security or authentication approaches From c501e6d4c909a3c496d2f52cd250ce3be038e511 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Thu, 11 Dec 2025 12:20:52 +0000 Subject: [PATCH 5/6] Simplify AGENTS.md following agents.md format Co-authored-by: fred-maina <150168105+fred-maina@users.noreply.github.com> --- AGENTS.md | 238 +++++++++++------------------------------------------- 1 file changed, 49 insertions(+), 189 deletions(-) diff --git a/AGENTS.md b/AGENTS.md index b908dc1..bc6b3ed 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -1,201 +1,61 @@ # AGENTS.md -## About This File - -This file defines custom AI agents for GitHub Copilot Workspace and other AI-powered development tools. It enables specialized agents with domain-specific knowledge to assist with different aspects of development in this repository. - -**Purpose**: Custom agents provide targeted expertise for specific tasks (e.g., Spring Boot configuration, database migrations, security) rather than general coding assistance. This improves code quality, maintains consistency with repository conventions, and accelerates development. - -**Location**: This file should be placed in the **root directory** of the repository to be automatically discovered by AI development tools. - ---- - -## Custom Agents for ChatApp Backend - -### Spring Boot Expert - -**When to use**: Working with Spring Boot configurations, dependency injection, or Spring-specific patterns - -**Specialization**: -- Spring Boot 3.5.0 application architecture -- Spring Security configuration for JWT and OAuth 2.0 -- Spring Data JPA repositories and entity management -- Spring WebSocket configuration and handlers -- Spring Boot Actuator and monitoring setup -- Dependency injection patterns and best practices - -**Repository Context**: -- Java 21 with Spring Boot 3.5.0 -- Spring Security with JWT and Google OAuth 2.0 -- Spring Data JPA with PostgreSQL +A guide for AI coding agents working on this repository. + +## Setup commands +- Install dependencies: `mvn clean install` +- Start dev server: `mvn spring-boot:run` +- Run tests: `mvn test` +- Generate coverage report: `mvn verify` + +## Tech stack +- Java 21 +- Spring Boot 3.5.0 +- PostgreSQL with Flyway migrations +- Spring Security with JWT and OAuth 2.0 - Spring WebSocket for real-time messaging -- Spring Boot Actuator with Prometheus metrics -- Redis caching with Spring Data Redis - ---- - -### Database Migration Expert - -**When to use**: Working with database schema changes, migrations, or data persistence - -**Specialization**: -- Flyway migration scripts -- PostgreSQL database schema design -- JPA entity relationships and mappings -- Database indexing and optimization -- Transaction management - -**Repository Context**: -- Migrations location: `src/main/resources/db/migration/` -- Naming convention: `V{number}__{description}.sql` +- Redis for caching +- Maven for build management + +## Code style +- Use Lombok annotations (`@Slf4j`, `@Data`, `@Builder`) to reduce boilerplate +- Follow Spring Boot best practices and conventions +- Use constructor injection for dependencies +- Use `@Valid` annotation for request body validation +- Log important operations using SLF4J + +## Project structure +- `src/main/java/com/fredmaina/chatapp/Auth/` - Authentication module (lowercase `controllers/`, `services/` but capitalized `Dtos/`, `Models/`, `Repositories/`) +- `src/main/java/com/fredmaina/chatapp/core/` - Core chat functionality (capitalized `Controllers/`, `Services/`, `DTOs/`) +- `src/main/resources/db/migration/` - Flyway database migrations +- `src/test/java/` - Test files + +## Database migrations +- Location: `src/main/resources/db/migration/` +- Naming: `V{number}__{description}.sql` (e.g., `V1__create_users_table.sql`) - Never modify existing migration files - Always create new migrations for schema changes -- Database: PostgreSQL with JPA entities - ---- -### WebSocket & Real-time Communication Expert +## API conventions +- Auth endpoints: `/api/auth` +- Chat endpoints: `/api` +- Return `ResponseEntity` with appropriate HTTP status codes +- Use standard status codes: 200 OK, 201 Created, 401 Unauthorized, 409 Conflict -**When to use**: Working with WebSocket connections, real-time messaging, or chat functionality - -**Specialization**: -- Spring WebSocket configuration -- WebSocket handler implementation -- Real-time message routing -- Session management for authenticated and anonymous users -- Message payload serialization/deserialization - -**Repository Context**: -- WebSocket endpoint: `/ws/chat` +## WebSocket +- Endpoint: `/ws/chat` - Authenticated users: JWT token as query parameter (`?token=`) - Anonymous users: Session ID in cookie - Message types: `ANON_TO_USER`, `USER_TO_ANON`, `MARK_AS_READ` -- Bidirectional communication between registered and anonymous users - ---- -### Security & Authentication Expert - -**When to use**: Working with authentication, authorization, or security configurations - -**Specialization**: -- JWT token generation and validation -- Google OAuth 2.0 integration -- Spring Security configuration -- CORS configuration -- Endpoint security and access control -- Password encryption and validation - -**Repository Context**: -- JWT-based authentication for API endpoints +## Security +- JWT authentication for API endpoints - Google OAuth 2.0 for social login -- Separate security for WebSocket connections -- Environment variables for sensitive configuration -- Auth base path: `/api/auth` - ---- - -### Testing & Quality Assurance Expert - -**When to use**: Writing or fixing tests, or ensuring code quality - -**Specialization**: -- JUnit 5 test patterns -- Spring Boot Test configurations -- Mocking with Mockito -- Integration testing -- JaCoCo code coverage analysis -- Test-driven development practices - -**Repository Context**: -- Test location: `src/test/java/com/fredmaina/chatapp/` -- Use Spring Boot Test annotations -- Follow patterns in `AuthServiceTest.java` -- Generate coverage: `mvn verify` -- Mock dependencies appropriately - ---- - -### REST API Design Expert - -**When to use**: Designing or implementing REST endpoints - -**Specialization**: -- RESTful API design principles -- Spring MVC controller patterns -- Request/Response DTO design -- HTTP status code usage -- API documentation -- Validation with Bean Validation - -**Repository Context**: -- Base paths: `/api/auth` for auth, `/api` for chat -- Return `ResponseEntity` with appropriate status codes -- Use `@Valid` for request validation -- HTTP status codes: - - 200 OK for successful GET - - 201 Created for successful POST - - 401 Unauthorized for auth failures - - 409 Conflict for duplicates -- Lombok DTOs in `Dtos/` or `DTOs/` directories - ---- - -### Maven & Build Expert - -**When to use**: Working with dependencies, build configuration, or project structure - -**Specialization**: -- Maven POM configuration -- Dependency management -- Maven plugins (JaCoCo, Maven Compiler) -- Build lifecycle and phases -- Spring Boot Maven plugin - -**Repository Context**: -- Build: `mvn clean install` -- Run: `mvn spring-boot:run` -- Test: `mvn test` -- Coverage: `mvn verify` -- Java 21 with Spring Boot 3.5.0 -- Key dependencies: Lombok, Jackson, Flyway, JJWT - ---- - -### Code Review Expert - -**When to use**: Reviewing code changes or ensuring code quality - -**Specialization**: -- Java coding standards -- Spring Boot best practices -- Security vulnerability detection -- Performance optimization -- Code maintainability -- Logging and error handling - -**Repository Context**: -- Use Lombok annotations (`@Slf4j`, `@Data`, `@Builder`) -- Follow existing naming conventions per module -- Consistent error handling with global exception handlers -- Proper transaction management -- Environment-based configuration - ---- - -## How to Use These Agents - -When working with AI development tools that support custom agents: - -1. **Agent Selection**: The tool automatically selects the appropriate agent based on your task -2. **Context Awareness**: Agents have repository-specific knowledge to provide relevant suggestions -3. **Consistency**: Agents help maintain coding standards and architectural patterns -4. **Efficiency**: Get specialized help without explaining repository context each time - -## Maintenance - -Keep this file updated when: -- Adding new major features or technologies -- Changing architectural patterns -- Updating build or test processes -- Modifying security or authentication approaches +- Store sensitive config in environment variables (`JWT_SECRET`, `GOOGLE_CLIENT-ID`, etc.) +- Always validate and sanitize user input + +## Testing +- Tests in: `src/test/java/com/fredmaina/chatapp/` +- Use JUnit 5 and Spring Boot Test annotations +- Mock dependencies with Mockito +- Follow existing patterns in `AuthServiceTest.java` From 3100effe9d58dcc5dee5f528e63f300b2390959a Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Thu, 11 Dec 2025 12:22:37 +0000 Subject: [PATCH 6/6] Fix environment variable names to use underscores Co-authored-by: fred-maina <150168105+fred-maina@users.noreply.github.com> --- .github/copilot-instructions.md | 4 ++-- AGENTS.md | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/copilot-instructions.md b/.github/copilot-instructions.md index 989dbc8..e9e84cb 100644 --- a/.github/copilot-instructions.md +++ b/.github/copilot-instructions.md @@ -138,8 +138,8 @@ Configuration is in `src/main/resources/application.properties`. Use environment **Required**: - `JWT_SECRET` - Secret key for JWT signing -- `GOOGLE_CLIENT-ID` - Google OAuth client ID -- `GOOGLE_SECRET-ID` - Google OAuth client secret +- `GOOGLE_CLIENT_ID` - Google OAuth client ID +- `GOOGLE_SECRET_ID` - Google OAuth client secret - `GOOGLE_REDIRECT_URI` - OAuth redirect URI **Optional**: diff --git a/AGENTS.md b/AGENTS.md index bc6b3ed..e120acc 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -51,7 +51,7 @@ A guide for AI coding agents working on this repository. ## Security - JWT authentication for API endpoints - Google OAuth 2.0 for social login -- Store sensitive config in environment variables (`JWT_SECRET`, `GOOGLE_CLIENT-ID`, etc.) +- Store sensitive config in environment variables (`JWT_SECRET`, `GOOGLE_CLIENT_ID`, etc.) - Always validate and sanitize user input ## Testing