SpringBoot Token Based Authentication Example – MySQL + JWT+ Spring JPA + RestAPIs
Male avatar

loveprogramming viết ngày 10/11/2020

Tutorial Link:
SpringBoot Token Based Authentication Example – MySQL + JWT+ Spring JPA + RestAPIs

“How to build SpringBoot Token Based Authentication Example?” is one of the most common questions for Java development world. So in the tutorial, I will introduce how to build it with clearly architecture and coding examples

SpringBoot Token Based Authentication Example

Video Guide

https://youtu.be/opd2tYTsDDI

Spring Security JWT Architecture – Springboot Token Based Authentication Example

This is diagram for Spring Security/JWT (Springboot Token Based Authentication Example) classes that are separated into 3 layers:
– HTTP
– Spring Security
– REST API

Spring Security Jwt Authentication Architecture Diagram

Look at the diagram above, we can easily associate these components with Spring Security Authentication process: receive HTTP request, filter, authenticate, store Authentication data, generate token, get User details, authorize, handle exception…

At a glance:
– SecurityContextHolder provides access to the SecurityContext.
– SecurityContext holds the Authentication and possibly request-specific security information.
– Authentication represents the principal which includes GrantedAuthority that reflects the application-wide permissions granted to a principal.
– UserDetails contains necessary information to build an Authentication object from DAOs or other source of security data.
– UserDetailsService helps to create a UserDetails from a String-based username and is usually used by AuthenticationProvider.
– JwtAuthTokenFilter (extends OncePerRequestFilter) pre-processes HTTP request, from Token, create Authentication and populate it to SecurityContext.
– JwtProvider validates, parses token String or generates token String from UserDetails.
– UsernamePasswordAuthenticationToken gets username/password from login Request and combines into an instance of Authentication interface.
– AuthenticationManager uses DaoAuthenticationProvider (with help of UserDetailsService & PasswordEncoder) to validate instance of UsernamePasswordAuthenticationToken, then returns a fully populated Authentication instance on successful authentication.
– SecurityContext is established by calling SecurityContextHolder.getContext().setAuthentication(…​) with returned authentication object above.
– AuthenticationEntryPoint handles AuthenticationException.
– Access to Restful API is protected by HTTPSecurity and authorized with Method Security Expressions.

PROJECT STRUCTURE FOR SPRINGBOOT TOKEN BASED AUTHENTICATION EXAMPLE

PROJECT STRUCTURE FOR SPRINGBOOT TOKEN BASED AUTHENTICATION EXAMPLE

– model package defines 2 entities User & Role that have many-to-many relationship:

Springboot Restapi Jwt Json Web Token Authentication Many To Many User-Role

– repository package contains interfaces that use Hibernate JPA to store/retrieve data from MySQL database.
– controller package defines RestAPIs for user signup/signin and testing protected resources that is secured with JWT.
– message package defines payload data transferred from user agents (Browser/RestClient…) to RestAPIs and message back.
– security package is the main part of the project that implements JWT security.

GOAL

In the tutorial “Springboot Token Based Authentication Example”, we expose 2 RestAPIs to signup and signin:

  • Sign up: /api/auth/signup

Springboot Jwt Authentication – Register User Phrase

– Sign In /api/auth/signin:

springboot jwt authentication – register user phrase – Jack signin

Related post

Bình luận


White
{{ comment.user.name }}
Bỏ hay Hay
{{comment.like_count}}
Male avatar
{{ comment_error }}
Hủy
   

Hiển thị thử

Chỉnh sửa

Male avatar

loveprogramming

11 bài viết.
14 người follow
Kipalog
{{userFollowed ? 'Following' : 'Follow'}}
{{like_count}}

kipalog

{{ comment_count }}

bình luận

{{liked ? "Đã kipalog" : "Kipalog"}}


Male avatar
{{userFollowed ? 'Following' : 'Follow'}}
11 bài viết.
14 người follow

 Đầu mục bài viết

Vẫn còn nữa! x

Kipalog vẫn còn rất nhiều bài viết hay và chủ đề thú vị chờ bạn khám phá!