CheckInn - Hotel Management Application

A comprehensive RESTful API built with Java Spring Boot for managing hotel operations including room management, reservations, billing, and manager authentication.

✨ Features

Room Management

• Create, read, update, and delete hotel rooms
• Check room availability for specific date ranges
• Filter available rooms by check-in and check-out dates
• Room type categorization (Standard, Deluxe, Suite, etc.)

Reservation System

• Create and manage guest reservations
• Prevent double-booking with overlap detection
• View all reservations or specific reservation details
• Update and cancel reservations

Billing System

• Automatic bill calculation based on nights stayed
• Support for reservation extensions
• Tax calculation (12%)
• Service charge calculation (5%)
• Detailed billing breakdown

Manager Authentication & Authorization

• Secure JWT-based authentication
• BCrypt password hashing
• Role-based access control
• Protected endpoints for critical operations
• 30 minutes token validity

🛠️ Technologies Used

• Java 17+
• Spring Boot 3.x
• Spring Security - Authentication and authorization
• Spring Data JPA - Database interaction
• JWT (JSON Web Tokens) - Secure token-based authentication
• BCrypt - Password hashing
• MySQL - Database
• Maven - Dependency management
• Lombok - Boilerplate code reduction

📚 API Documentation

Base URL

http://localhost:8080/api

Authentication Endpoints

1. Manager Login

POST /api/managers/login
Content-Type: application/json

{
  "username": "admin",
  "password": "admin123"
}

Response:

{
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "manager": {
    "id": "MGR_1234567890",
    "username": "admin",
    "name": "System Administrator",
    "email": "admin@hotel.com"
  },
  "message": "Login successful"
}

Room Endpoints

2. Create Room (Protected)

POST /api/rooms
Authorization: Bearer <token>
Content-Type: application/json

{
  "roomNumber": 101,
  "roomType": "Deluxe",
  "price": 150.00,
  "isAvailable": true
}

3. Get All Rooms (Public)

GET /api/rooms

4. Get Single Room (Public)

GET /api/rooms/101

5. Get Available Rooms (Public)

GET /api/rooms/available?checkIn=2024-12-01&checkOut=2024-12-05

6. Update Room (Protected)

PUT /api/rooms/101
Authorization: Bearer <token>
Content-Type: application/json

{
  "roomType": "Suite",
  "price": 250.00,
  "isAvailable": true
}

7. Delete Room (Protected)

DELETE /api/rooms/101
Authorization: Bearer <token>

Reservation Endpoints

8. Create Reservation (Public)

POST /api/reservations
Content-Type: application/json

{
  "roomNumber": 101,
  "guestName": "John Doe",
  "guestEmail": "john@example.com",
  "guestPhone": "+1234567890",
  "checkIn": "2024-12-01",
  "checkOut": "2024-12-05",
  "numberOfGuests": 2
}

9. Get All Reservations (Public)

GET /api/reservations

10. Get Single Reservation (Public)

GET /api/reservations/1

11. Update Reservation (Public)

PUT /api/reservations/1
Content-Type: application/json

{
  "guestName": "John Updated",
  "checkIn": "2024-12-01",
  "checkOut": "2024-12-06"
}

12. Delete Reservation (Public)

DELETE /api/reservations/1

Billing Endpoints

13. Generate Bill (Public)

POST /api/reservations/1/bill?extended=false

Response:

{
  "reservationId": 1,
  "totalPayable": "702.00"
}

14. Generate Bill with Extension (Public)

POST /api/reservations/1/bill?extended=true&newCheckOut=2024-12-10

Manager Endpoints

15. Create Manager (Protected)

POST /api/create/manager
Authorization: Bearer <token>
Content-Type: application/json

{
  "username": "manager2",
  "passwordHash": "password123",
  "name": "Jane Smith",
  "email": "jane@hotel.com"
}

16. Get All Managers (Public)

GET /api/managers/all

17. Get Manager by ID (Public)

GET /api/managers/id/MGR_1234567890

18. Get Manager by Username (Public)

GET /api/managers/admin

19. Update Manager (Protected)

PUT /api/managers/MGR_1234567890
Authorization: Bearer <token>
Content-Type: application/json

{
  "name": "Updated Name",
  "email": "updated@hotel.com"
}

20. Delete Manager (Protected)

DELETE /api/managers/MGR_1234567890
Authorization: Bearer <token>

🔐 Authentication

This application uses JWT (JSON Web Token) based authentication.

How It Works

1. Login: Manager logs in with username and password
2. Token Generation: Server validates credentials and returns JWT token
3. Token Usage: Include token in subsequent requests:

   Authorization: Bearer <your_jwt_token>
   

4. Token Expiry: Tokens expire after 30 minutes

Protected Endpoints

The following operations require authentication:

• ✅ Create Room (POST /api/rooms)
• ✅ Update Room (PUT /api/rooms/{id})
• ✅ Delete Room (DELETE /api/rooms/{id})
• ✅ Create Manager (POST /api/create/manager)
• ✅ Update Manager (PUT /api/managers/{id})
• ✅ Delete Manager (DELETE /api/managers/{id})

🔒 Security

Password Security

• Passwords are hashed using BCrypt with salt rounds of 12
• Plain text passwords are never stored in the database

JWT Security

• Tokens are signed using HS256 algorithm
• Secret key should be stored in environment variables (not hardcoded)
• Tokens expire after 30 minutes

📊 Database Schema

Room Table

CREATE TABLE room (
  room_number INT PRIMARY KEY,
  room_type VARCHAR(50),
  price DECIMAL(10,2),
  is_available BOOLEAN
);

Reservation Table

CREATE TABLE reservation (
  reservation_id INT PRIMARY KEY AUTO_INCREMENT,
  room_number INT,
  guest_name VARCHAR(100),
  guest_email VARCHAR(100),
  guest_phone VARCHAR(20),
  check_in DATE,
  check_out DATE,
  number_of_guests INT,
  FOREIGN KEY (room_number) REFERENCES room(room_number)
);

Manager Table

CREATE TABLE manager (
  id VARCHAR(50) PRIMARY KEY,
  username VARCHAR(50) UNIQUE,
  password_hash VARCHAR(255),
  name VARCHAR(100),
  email VARCHAR(100)
);

👥 Author

• Abhishek Sahay - CheckInn - abhi5hek001

🙏 Acknowledgments

• Spring Boot Documentation
• JWT.io for JWT insights
• BCrypt for password hashing
• Spring Security team

---

⭐ If you found this project helpful, please give it a star!