starkey/notesvault
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add main entry point for Spring

Browse Source
This commit is contained in:
Sean Starkey
2026-05-29 13:49:50 -06:00
parent 6ca1117565
commit 80fc9230a7
1 changed files with 53 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
src/main/java/com/seanstarkey/notesvault/NotesVaultApplication.java Normal file
View File

@@ -0,0 +1,53 @@
/**
* NotesVaultApplication.java
*
* Entry point for the Secure Notes Vault API. Bootstraps the Spring Boot application,
* enables JPA auditing for automatic timestamp management, and emits a startup warning
* if the JWT secret is still set to the insecure development default.
*/
package com.seanstarkey.notesvault;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.context.event.EventListener;
import org.springframework.boot.context.event.ApplicationReadyEvent;
import org.springframework.data.jpa.repository.config.EnableJpaAuditing;
/**
* Root Spring Boot application class. Enables JPA auditing so that {@code @CreatedDate}
* and {@code @LastModifiedDate} annotations on entities are populated automatically.
*/
@SpringBootApplication
@EnableJpaAuditing
public class NotesVaultApplication {
private static final Logger log = LoggerFactory.getLogger(NotesVaultApplication.class);
private static final String INSECURE_DEFAULT = "dev-secret-change-me-do-not-use-in-production";
@Value("${app.jwt.secret}")
private String jwtSecret;
/**
* Application entry point. Delegates to Spring Boot to bootstrap the context.
*
* @param args command-line arguments passed to the JVM
*/
public static void main(String[] args) {
SpringApplication.run(NotesVaultApplication.class, args);
}
/**
* Fires after the application context is fully started. Logs a WARN-level message if
* the JWT secret has not been overridden from the insecure development default, so that
* operators are alerted before the application is exposed to traffic.
*/
@EventListener(ApplicationReadyEvent.class)
public void warnIfInsecureSecret() {
if (INSECURE_DEFAULT.equals(jwtSecret)) {
log.warn("SECURITY WARNING: JWT_SECRET is using the insecure default — do not use in production");
}
}
}