feat: Add RegistrationGuard SPI demo (invite-code example) #58
Description
Summary
Add an example implementation of the new RegistrationGuard SPI (from devondragon/SpringUserFramework#271) to the demo application. This serves as both documentation and validation that the SPI works correctly for consumer apps.
Dependency
Blocked by: devondragon/SpringUserFramework#271 — the RegistrationGuard interface must be published in a new library version first.
Scope
1. Example RegistrationGuard Implementation
Create a simple DemoRegistrationGuard that demonstrates the SPI:
@Component
@ConditionalOnProperty(name = "demo.registration.restricted", havingValue = "true")
public class DemoRegistrationGuard implements RegistrationGuard {
private static final Set<String> ALLOWED_DOMAINS = Set.of("example.com", "demo.com");
@Override
public RegistrationDecision evaluate(RegistrationContext context) {
String email = context.email();
String domain = email.substring(email.indexOf('@') + 1).toLowerCase();
if (ALLOWED_DOMAINS.contains(domain)) {
return RegistrationDecision.allow();
}
return RegistrationDecision.deny(
"Registration is restricted to @example.com and @demo.com email addresses.");
}
}2. Configuration Property
demo:
registration:
restricted: false # Set to true to enable domain-based registration restriction3. Documentation
Update the demo app's README with a section explaining:
- What the
RegistrationGuardSPI is - How the demo guard works (domain-based restriction)
- How to enable it (
demo.registration.restricted=true) - How to implement a custom guard for other use cases (invite codes, email whitelist, etc.)
4. Update Library Dependency
Bump ds-spring-user-framework version to whatever version includes the RegistrationGuard SPI.
Testing
- Start app with
demo.registration.restricted=false→ all registrations succeed - Start app with
demo.registration.restricted=true→ only@example.comand@demo.comemails can register - Test both form registration and OAuth registration paths
- Verify friendly error messages appear on denial