Event Controller

In this lesson we will implement the list events functionality in the events controller.

Implementing the List Events Endpoint

Let's add a new endpoint to our EventController that will handle GET requests to list events.

@GetMapping
public ResponseEntity<Page<ListEventResponseDto>> listEvents(
        @AuthenticationPrincipal Jwt jwt, Pageable pageable
) {
    UUID userId = parseUserId(jwt);
    Page<Event> events = eventService.listEventsForOrganizer(userId, pageable);
    return ResponseEntity.ok(
            events.map(eventMapper::toListEventResponseDto)
    );
}

The endpoint takes two parameters:

The @AuthenticationPrincipal Jwt jwt which contains the authenticated user's information
A Pageable object that Spring automatically creates from query parameters

Understanding the Implementation

The endpoint follows a clear flow:

Extract the user ID from the JWT token using our helper method parseUserId
Call the service layer to retrieve a page of events for the organizer
Map the page of events to DTOs using our mapper
Return the mapped page with a 200 OK status

The Pageable parameter deserves special attention. Spring will automatically create this object from standard query parameters:

page - The page number (0-based)
size - The number of items per page
sort - The sorting criteria

For example: /api/v1/events?page=0&size=10&sort=name,desc

Authentication vs Authorization

At this stage, our implementation handles authentication but not full authorization.

We verify that users are who they claim to be through JWT validation, and we filter events by organizer.

However, we haven't yet implemented role-based access control to restrict endpoints to specific user types (organizers, staff, attendees).

This distinction is important:

Authentication confirms identity (Who are you?)
Authorization controls access (What are you allowed to do?)

Summary

Added the list event endpoint to the EventsController