Skip to content

Nasruddin/spring-boot-3-jwt-auth

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

38 Commits
images
images
 
 
src/main
src/main
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
pom.xml
pom.xml
 
 

Repository files navigation

spring-boot-3-jwt-auth

🔑 Sample Spring boot 3 application for Authentication and Authorization

Features

  • Customizable header(X-Auth-Token) to pass Auth token.
  • JWT for token creation and validation.
  • Role based authorization.
  • Device based auth.
  • Custom Validators
  • Spring doc.

Running the sample app

mvn spring-boot:run

Registering a User

curl -X POST "http://localhost:9000/api/auth/register" -H "accept: */*" -H "Content-Type: application/json" -d "{\"username\":\"nasruddin\",\"password\":\"p@ssw00d\",\"device\":\"web\",\"email\":\"nasruddin@gmail.com\"}" 
{ "id":2, "username":"nasruddin", "password":"$2a$10$U3CR4T1Gowd50Q.0yK/UuOh.XWVx0BYIe7BiAmymXZ.MYPUtU5F.e", "email":"nasruddin@gmail.com", "lastPasswordReset":"2023-09-14T08:41:10.080+00:00", "authorities":"ADMIN" }

H2-console can be accessed at http://localhost:9000/api/h2-console JWT Decoded

Login a User / Fetch Token

curl -X POST "http://localhost:9000/api/auth" -H "accept: */*" -H "Content-Type: application/json" -d "{\"username\":\"nasruddin\",\"password\":\"p@ssw00d\",\"device\":\"web\"}" 
{"token":"eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJuYXNydWRkaW4iLCJhdWRpZW5jZSI6IndlYiIsImNyZWF0ZWQiOjE2OTQ2ODE2ODE3MDUsImV4cCI6MTY5NTI4NjQ4MX0.MydwIWzN3SgCvB8cYozKcR2tHMCM5nrIPXUBtx4o82ot1taL_NQM5TRHZ4yOc9uUcZFrz1XQAL_fDNXAIwmZxw"}

JWT Decoded

Accessing User/Protected API

Without setting X-AUTH-TOKEN

curl -X GET "http://localhost:9000/api/user/nasruddin" -H "accept: */*" 
{ "timestamp":"2023-09-14T08:57:08.403+00:00", "status":401, "error":"Unauthorized", "path":"/api/user/nasruddin" }

With setting X-AUTH-TOKEN

curl -X GET "http://localhost:9000/api/users/nasruddin" -H "accept: */*" -H "X-Auth-Token: eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJuYXNydWRkaW4iLCJhdWRpZW5jZSI6IndlYiIsImNyZWF0ZWQiOjE2OTQ2ODE2ODE3MDUsImV4cCI6MTY5NTI4NjQ4MX0.MydwIWzN3SgCvB8cYozKcR2tHMCM5nrIPXUBtx4o82ot1taL_NQM5TRHZ4yOc9uUcZFrz1XQAL_fDNXAIwmZxw" 
{ "id":1, "username":"nasruddin", "password":"$2a$10$dq6uFlehtetsfI6glLkA.OaeoIEu5PPqIVNZHDMCCiEej8b/0vhWa","email":"nasruddin@gmail.com", "lastPasswordReset":"2023-09-14T08:42:37.758+00:00", "authorities":"ADMIN" }

Admin API

curl -X GET "http://localhost:9000/api/admin" -H "accept: */*" -H "X-Auth-Token: eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJuYXNydWRkaW4iLCJhdWRpZW5jZSI6IndlYiIsImNyZWF0ZWQiOjE2OTQ2ODE2ODE3MDUsImV4cCI6MTY5NTI4NjQ4MX0.MydwIWzN3SgCvB8cYozKcR2tHMCM5nrIPXUBtx4o82ot1taL_NQM5TRHZ4yOc9uUcZFrz1XQAL_fDNXAIwmZxw" 
:O

OpenAPI Swagger

  1. Swagger can be accessed at http://localhost:9000/api/swagger-ui/index.html

Swagger

  1. API Docs can be accessed at http://localhost:9000/api/api-docs API Docs

About

🔑 Sample Spring boot application secured using JWT auth in custom header(X-Auth-Token).

Topics

jwt spring-boot authentication authorization spring-security jwt-tokens swagger-ui swagger-documentation openapi3 spring-security-jwt custom-jwt spring-boot-3 custom-jwt-auth

Resources

Readme

License

MIT license
Activity

Stars

107 stars

Watchers

5 watching

Forks

34 forks
Report repository

Releases 1

first_release Latest
Sep 25, 2023

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages