build.sbt

@@ -14,7 +14,6 @@ val vaultVersion = "3.6.0"
 val doobieVersion = "1.0.0-RC5"
 val postgresqlVersion = "42.7.4"
 val bcryptVersion = "0.10.2"
-val jwtVersion = "10.0.1"
 
 
 lazy val root = (project in file("."))
@@ -49,9 +48,6 @@ lazy val root = (project in file("."))
       "org.postgresql" % "postgresql" % postgresqlVersion,
 
       // Bcrypt
-      "at.favre.lib" % "bcrypt" % bcryptVersion,
-
-      // JWT
-      "com.github.jwt-scala" %% "jwt-circe" % jwtVersion
+      "at.favre.lib" % "bcrypt" % bcryptVersion
     )
   )

src/main/scala/org/yobble/scala_monolith/api/endpoint/auth/AuthEndpoints.scala

@@ -11,13 +11,11 @@ import sttp.tapir.json.circe.*
 
 object AuthEndpoints {
 
-  val loginEndpoint: PublicEndpoint[(LoginRequest, Option[String], Option[String]), ErrorResponse, LoginResponse, Any] =
+  val loginEndpoint: PublicEndpoint[LoginRequest, ErrorResponse, LoginResponse, Any] =
     endpoint.post
       .in("auth" / "login")
       .tags(List("Auth"))
       .in(jsonBody[LoginRequest])
-      .in(header[Option[String]]("X-Real-IP"))
-      .in(header[Option[String]]("X-User-Agent"))
       .out(jsonBody[LoginResponse])
       .errorOut(
         oneOf[ErrorResponse](

src/main/scala/org/yobble/scala_monolith/api/route/AllServerEndpoints.scala

@@ -3,32 +3,17 @@ package org.yobble.scala_monolith.api.route
 import cats.effect.IO
 import doobie.Transactor
 import org.yobble.scala_monolith.api.endpoint.auth.AuthEndpoints
+import sttp.tapir.server.ServerEndpoint
 import org.yobble.scala_monolith.api.endpoint.info.{ErrorsEndpoint, PingEndpoint, TestErrorEndpoint}
 import org.yobble.scala_monolith.api.response.{BaseResponse, ErrorResponse}
-import org.yobble.scala_monolith.api.util.errorByStatus
-import org.yobble.scala_monolith.config.JwtConfig
-import org.yobble.scala_monolith.repository.{UserRepositoryImpl, UserSessionRepositoryImpl}
-import org.yobble.scala_monolith.service.{AuthService, JwtService}
+import org.yobble.scala_monolith.repository.UserRepositoryImpl
+import org.yobble.scala_monolith.service.AuthService
 import sttp.model.StatusCode
-import sttp.tapir.server.ServerEndpoint
+import org.yobble.scala_monolith.api.util.errorByStatus
 
 object AllServerEndpoints {
   def all(transactor: Transactor[IO]): List[ServerEndpoint[Any, IO]] = {
 
-    // === Repositories ===
-    val userRepository = new UserRepositoryImpl(transactor)
-    val userSessionRepository = new UserSessionRepositoryImpl(transactor)
-
-    // === Services ===
-    val jwtService = new JwtService(JwtConfig.default)
-    val authService = new AuthService(userRepository, userSessionRepository, jwtService)
-
-    val authEndpoints = List(
-      AuthEndpoints.loginEndpoint.serverLogic { case (loginRequest, ipAddress, userAgent) =>
-        authService.login(loginRequest, ipAddress, userAgent)
-      }
-    )
-
     val infoEndpoints: List[ServerEndpoint[Any, IO]] = List(
       PingEndpoint.pingEndpoint.serverLogicSuccess(_ => IO.pure(BaseResponse(message = "pong"))),
       ErrorsEndpoint.errorsEndpoint.serverLogicSuccess(_ => IO.pure(BaseResponse(message = "errors"))),
@@ -37,6 +22,12 @@ object AllServerEndpoints {
       })
     )
 
-    authEndpoints ++ infoEndpoints
+    val authService = new AuthService(new UserRepositoryImpl(transactor))
+
+    val authEndpoints = List(
+      AuthEndpoints.loginEndpoint.serverLogic(authService.login)
+    )
+
+    infoEndpoints ++ authEndpoints
   }
 }

src/main/scala/org/yobble/scala_monolith/config/JwtConfig.scala

@@ -1,20 +0,0 @@
-package org.yobble.scala_monolith.config
-
-import scala.concurrent.duration.FiniteDuration
-import scala.concurrent.duration._
-
-case class JwtConfig(
-  secret: String,
-  issuer: String,
-  accessTokenExpiration: FiniteDuration,
-  refreshTokenExpiration: FiniteDuration
-)
-
-object JwtConfig {
-  def default: JwtConfig = JwtConfig(
-    secret = "your-super-secret-key-that-is-long-and-secure", // TODO: Load from a secure source
-    issuer = "yobble-inc",
-    accessTokenExpiration = 30.minutes,
-    refreshTokenExpiration = 30.days
-  )
-}

src/main/scala/org/yobble/scala_monolith/models/UserSession.scala

@@ -1,16 +0,0 @@
-package org.yobble.scala_monolith.models
-
-import java.time.Instant
-import java.util.UUID
-
-case class UserSession(
-  id: UUID,
-  userId: UUID,
-  accessToken: String,
-  refreshToken: String,
-  ipAddress: Option[String],
-  userAgent: Option[String],
-  isActive: Boolean,
-  createdAt: Instant,
-  lastRefreshAt: Instant
-)

src/main/scala/org/yobble/scala_monolith/repository/UserSessionRepository.scala

@@ -1,44 +0,0 @@
-package org.yobble.scala_monolith.repository
-
-import cats.effect.IO
-import doobie.util.transactor.Transactor
-import doobie.implicits.*
-import doobie.postgres.implicits.*
-import org.yobble.scala_monolith.models.UserSession
-
-import java.util.UUID
-
-trait UserSessionRepository {
-  def insert(
-    userId: UUID,
-    accessToken: String,
-    refreshToken: String,
-    ipAddress: Option[String],
-    userAgent: Option[String]
-  ): IO[UUID]
-
-  def updateTokens(sessionId: UUID, accessToken: String, refreshToken: String): IO[Int]
-}
-
-class UserSessionRepositoryImpl(transactor: Transactor[IO]) extends UserSessionRepository {
-  override def insert(
-    userId: UUID,
-    accessToken: String,
-    refreshToken: String,
-    ipAddress: Option[String],
-    userAgent: Option[String]
-  ): IO[UUID] = {
-    sql"""
-      INSERT INTO user_sessions (user_id, access_token, refresh_token, ip_address, user_agent)
-      VALUES ($userId, $accessToken, $refreshToken, $ipAddress, $userAgent)
-    """.update.withUniqueGeneratedKeys[UUID]("id").transact(transactor)
-  }
-
-  override def updateTokens(sessionId: UUID, accessToken: String, refreshToken: String): IO[Int] = {
-    sql"""
-      UPDATE user_sessions
-      SET access_token = $accessToken, refresh_token = $refreshToken
-      WHERE id = $sessionId
-    """.update.run.transact(transactor)
-  }
-}

src/main/scala/org/yobble/scala_monolith/service/AuthService.scala

@@ -2,45 +2,29 @@ package org.yobble.scala_monolith.service
 
 import at.favre.lib.crypto.bcrypt.BCrypt
 import cats.effect.IO
-import cats.implicits.*
 import org.yobble.scala_monolith.api.dto.{LoginRequest, LoginResponse, Tokens}
 import org.yobble.scala_monolith.api.response.ErrorResponse
 import org.yobble.scala_monolith.api.util.ErrorUtils
-import org.yobble.scala_monolith.repository.{UserRepository, UserSessionRepository}
+import org.yobble.scala_monolith.repository.UserRepository
 
-import java.util.UUID
+class AuthService(userRepository: UserRepository) {
 
-class AuthService(
-  userRepository: UserRepository,
-  userSessionRepository: UserSessionRepository,
-  jwtService: JwtService
-) {
-
-  def login(
-    request: LoginRequest,
-    ipAddress: Option[String],
-    userAgent: Option[String]
-  ): IO[Either[ErrorResponse, LoginResponse]] = {
-    userRepository.findByLogin(request.login).flatMap {
+  def login(request: LoginRequest): IO[Either[ErrorResponse, LoginResponse]] = {
+    userRepository.findByLogin(request.login).map {
       case Some(user) =>
         val passwordMatches = BCrypt.verifyer().verify(request.password.toCharArray, user.passwordHash).verified
         if (!passwordMatches) {
-          IO.pure(Left(ErrorUtils.unauthorized("Invalid login or password")))
+          Left(ErrorUtils.unauthorized("Invalid login or password"))
         } else if (user.isBlocked) {
-          IO.pure(Left(ErrorUtils.forbidden("User account is disabled")))
+          Left(ErrorUtils.forbidden("User account is disabled"))
         } else if (user.isDeleted) {
-          IO.pure(Left(ErrorUtils.forbidden("User account is deleted")))
+          Left(ErrorUtils.forbidden("User account is deleted"))
         } else {
-          for {
-            sessionId <- userSessionRepository.insert(user.id, "temp", "temp", ipAddress, userAgent)
-            tokens    <- jwtService.createTokens(user.id, sessionId)
-            (accessToken, refreshToken) = tokens
-            _         <- userSessionRepository.updateTokens(sessionId, accessToken, refreshToken)
-            // TODO: Save session to Redis
-          } yield Right(LoginResponse(message = Tokens(accessToken = accessToken, refreshToken = refreshToken)))
+          // TODO: Implement real token generation
+          Right(LoginResponse(message = Tokens(accessToken = "fake-access-token", refreshToken = "fake-refresh-token")))
         }
       case None =>
-        IO.pure(Left(ErrorUtils.unauthorized("Invalid login or password")))
+        Left(ErrorUtils.unauthorized("Invalid login or password"))
     }
   }
 }

src/main/scala/org/yobble/scala_monolith/service/JwtService.scala

@@ -1,39 +0,0 @@
-package org.yobble.scala_monolith.service
-
-import cats.effect.IO
-import org.yobble.scala_monolith.config.JwtConfig
-import pdi.jwt.{JwtAlgorithm, JwtCirce, JwtClaim}
-
-import java.time.Clock
-import java.util.UUID
-
-class JwtService(config: JwtConfig) {
-  private implicit val clock: Clock = Clock.systemUTC()
-
-  private val algorithm = JwtAlgorithm.HS256
-
-  def createTokens(userId: UUID, sessionId: UUID): IO[(String, String)] = IO {
-    val accessToken = createJwt(
-      userId,
-      sessionId,
-      config.accessTokenExpiration.toSeconds
-    )
-    val refreshToken = createJwt(
-      userId,
-      sessionId,
-      config.refreshTokenExpiration.toSeconds
-    )
-    (accessToken, refreshToken)
-  }
-
-  private def createJwt(userId: UUID, sessionId: UUID, expirationSeconds: Long): String = {
-    val claim = JwtClaim()
-      .by(config.issuer)
-      .to(userId.toString)
-      .issuedNow
-      .expiresIn(expirationSeconds)
-      .withId(sessionId.toString) // Using session ID as JTI
-
-    JwtCirce.encode(claim, config.secret, algorithm)
-  }
-}