The primary goal of this project is to gain a deeper understanding of Spring Security and OAuth2 and explore other related technologies. It serves as a learning ground for implementing secure authentication and authorization.
In addition to the main project goals, the following features have been implemented:
Users can be filtered and paginated using QueryDSL, providing a flexible and efficient way to manage user data.
Tables are created and managed using Liquibase, ensuring a consistent and version-controlled database schema.
Utilizes JpaAuditing for auditing users, providing a mechanism for tracking and managing user activity.
Before running the application, make sure you have the following prerequisites installed:
- Java Development Kit (JDK) - The project is built with Java and requires a compatible JDK. Version 17 is recommended.
- PostgreSQL Database - The project uses PostgreSQL as the database. Download PostgreSQL.
Follow these steps to set up and run the project:
- Clone the repository.
- Ensure you have a PostgreSQL database instance running.
- Update the database configuration in
src/main/resources/application.propertiesorsrc/main/resources/application.yml. - Build and run the project using the following Gradle command:
./gradlew bootRun
To access the application, use the following default authentication credentials:
Admin Credentials: Username: admin@gmail.com Password: root
User Credentials: Username: user@gmail.com Password: root
These credentials are provided for initial testing and demonstration purposes.
In the event that a registered user is not authenticated or forgets their password, the application provides a password recovery mechanism. Follow the steps below to recover your password:
- Navigate to the login page and click on the "Forgot Password" link.
- Complete the form by providing your registered email address.
- If the entered email is associated with a valid user in the database, a password recovery email will be sent to that address.
- Check your email for the recovery link and follow it to a page where you can input a new password.
- The recovery link is valid for 5 minutes for security reasons. After this period, a new recovery request will be required.