Spring Boot Digital Wallet System with TDD

🚀 Built a Secure Payment API using Spring Boot & HmacSHA256 Authentication Today I implemented a mini project to understand how secure communication works between external systems and backend services. In this project, I designed a Spring Boot API where incoming payment requests are verified using HmacSHA256 signatures before reaching the controller layer. 🔹 Implemented a custom HmacFilter using Spring Security 🔹 Added ExceptionHandlerFilter to manage filter-level errors 🔹 Verified request integrity using HmacSHA256 signature validation 🔹 Explored how Spring Security Filter Chain works internally 🔹 Debugged request flow using breakpoints to understand filter execution Request Flow: Client → ExceptionHandlerFilter → HmacFilter → PaymentController This hands-on implementation helped me deeply understand: ✔ API authentication mechanisms ✔ Spring Security filter architecture ✔ Handling exceptions outside controllers Excited to continue exploring backend security patterns and building scalable microservices using Java & Spring Boot. #Java #SpringBoot #SpringSecurity #BackendDevelopment #JavaDeveloper #LearningInPublic

🧠 My Spring Boot API just became more production-ready today 👀 I implemented Global Exception Handling 🚀 Before this 👇 ❌ Errors returned messy stack traces ❌ No clear message for users Now 👇 ✅ Clean JSON error responses ✅ Proper HTTP status codes ✅ Centralized error handling Example 👇 { "message": "User not found", "status": 404 } 💡 My takeaway: Handling errors properly is what separates a basic API from a production-ready backend ⚡ #Java #SpringBoot #ExceptionHandling #BackendDevelopment #LearningInPublic

Your @Transactional might not be working… and Spring won’t warn you. 🚨 I’ve seen this bug more than once: Code looks correct. @Transactional is there. But rollback never happens. Why? 👇 Because Spring transactions work through proxies. That means: Calling a @Transactional method from another method inside the SAME class = Transaction won’t apply. No error. No warning. Just silent failure. Other common traps 👇 → Checked exceptions don’t trigger rollback by default → Private methods won’t be proxied → Async calls break transaction boundaries What I always check 👇 ✔ Is the transactional method being called through Spring proxy? ✔ Is rollback configured for the right exception type? ✔ Are transaction boundaries placed at the service layer? @Transactional is powerful… But dangerous when assumed instead of understood. Framework annotations are not magic. They still follow rules. Have you ever debugged a transaction issue that “should have worked”? 👇 #Java #SpringBoot #Transactional #SpringFramework #BackendDevelopment #SoftwareEngineering

12-Factor Microservice Principles (1,2) The 12-factor app is a set of rules for building cloud-friendly services. 1. Codebase One codebase tracked in Git, many deployments. same repo -> dev same repo -> staging same repo -> production 2. Dependencies Declare dependencies explicitly. Node: {  "dependencies": {    "express": "^5.1.0",    "pg": "^8.13.0"  } } Java: <dependencies>  <dependency>    <groupId>org.springframework.boot</groupId>    <artifactId>spring-boot-starter-web</artifactId>  </dependency> </dependencies>

Understanding HTTP Status Codes Today I focused on an important concept in backend development — HTTP Status Codes While building REST APIs, it’s not just about sending data, but also about sending the right response to the client. 🔹 Learned about different categories of status codes: • 2xx (Success) – 200 OK, 201 Created • 4xx (Client Errors) – 400 Bad Request, 404 Not Found • 5xx (Server Errors) – 500 Internal Server Error 🔹 Understood when to use each status code in real APIs 🔹 Implemented status handling using "ResponseEntity" in Spring Boot This helped me realize how APIs communicate clearly with frontend applications and handle errors properly. Small concept, but very powerful in building real-world applications. Next step: Improving API structure and adding more real-world logic. #Java #SpringBoot #BackendDevelopment #RESTAPI #CodingJourney

Monday insight: Spring Boot 4.1.0-M3 adds refined observability attributes, making metrics and testing even smoother in backend pipelines. Milestone: https://lnkd.in/g5D8_9mS From framework familiarity, these simplify production monitoring. Following the 4.1 milestones? What excites you? #SpringBoot #Java #Observability #Testing #TechMilestones

Monday insight: Spring Boot 4.1.0-M3 adds refined observability attributes, making metrics and testing even smoother in backend pipelines. Milestone: https://lnkd.in/g5D8_9mS From framework familiarity, these simplify production monitoring. Following the 4.1 milestones? What excites you? #SpringBoot #Java #Observability #Testing #TechMilestones

Spent 20 minutes wondering why my @Transactional wasn't rolling back. The code looked fine: @Service public class PaymentService {   @Transactional   public void processPayment() {     savePayment();     throw new Exception("Something went wrong");   } } Exception thrown. But the payment was still saved. The problem: @Transactional only rolls back on unchecked exceptions by default. Exception is checked. RuntimeException is unchecked. The fix: @Transactional(rollbackFor = Exception.class) Or throw a RuntimeException instead. Small detail. Big consequence. #SpringBoot #Java #Transactions #BackendDevelopment

🔐 Building Secure REST APIs using Spring Boot & JWT Security is one of the most critical aspects of backend development, yet many applications still rely on basic authentication mechanisms. Recently, I implemented JWT (JSON Web Token) based authentication in a Spring Boot application, and here are some key takeaways: ✅ Stateless Authentication Unlike session-based authentication, JWT eliminates server-side session storage, making the system more scalable. ✅ Token Flow User logs in with credentials Server validates and generates JWT Token is sent in headers for every request Backend validates token before processing ✅ Why JWT? Improves scalability Works well with microservices Enhances API security ⚙️ Tech Used: Java, Spring Boot, Spring Security, JWT 💡 One challenge I faced was handling token expiration and refresh logic efficiently—but solving it improved both security and user experience. If you're working on REST APIs, I highly recommend exploring JWT-based authentication. #Java #SpringBoot #BackendDevelopment #JWT #Microservices #SoftwareEngineering

Most developers use Spring… but don’t fully understand what it’s actually doing under the hood. Here’s the reality 👇 Earlier, we used to create objects manually using new. That means we controlled everything — object creation, dependency wiring, lifecycle. But that approach leads to: ❌ Tight coupling ❌ Hard-to-test code ❌ Difficult maintenance Spring flips this completely. Instead of us controlling objects, Spring takes control — this is Inversion of Control (IoC). Now the container: ✔ Creates objects ✔ Injects dependencies ✔ Manages lifecycle And this is where Dependency Injection (DI) comes in. From experience and best practices: Constructor Injection → most reliable (preferred) Setter Injection → useful but optional Field Injection → avoid in real projects Another thing many people ignore is the Bean Lifecycle. A Spring Bean is not just created and used — it goes through: ➡ Creation ➡ Dependency Injection ➡ Initialization (@PostConstruct) ➡ Proxy wrapping (like @Transactional) ➡ Destruction (@PreDestroy) Understanding this is what separates: 👉 Someone who “uses Spring” vs 👉 Someone who can debug, design, and scale Spring applications If you're working on real-world backend systems, this is not optional knowledge. This is the foundation. #Spring #SpringBoot #Java #Backend #Microservices #IoC #DependencyInjection