Skip to content
/ spring-boot-jwt-auth Public
forked from Nasruddin/spring-boot-3-jwt-auth

🔑 Sample Spring boot application secured using JWT auth in custom header(X-Auth-Token).

License

MIT license
1 star 31 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

avezshaikh067/spring-boot-jwt-auth

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

34 Commits
images
images
 
 
src/main
src/main
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
pom.xml
pom.xml
 
 

Repository files navigation

spring-boot-3-jwt-auth

🔑 Sample Spring boot 3 application for Authentication and Authorization

Features

  • Customizable header(X-Auth-Token) to pass Auth token.
  • JWT for token creation and validation.
  • Role based authorization.
  • Device based auth.
  • Custom Validators
  • Spring doc.

Running the sample app

mvn spring-boot:run

Registering a User

curl -X POST "http://localhost:9000/api/auth/register" -H  "accept: */*" -H  "Content-Type: application/json" -d "{\"username\":\"nasruddin\",\"password\":\"p@ssw00d\",\"device\":\"web\",\"email\":\"nasruddin@gmail.com\"}"

{
    "id":2,
    "username":"nasruddin",
    "password":"$2a$10$U3CR4T1Gowd50Q.0yK/UuOh.XWVx0BYIe7BiAmymXZ.MYPUtU5F.e",
    "email":"nasruddin@gmail.com",
    "lastPasswordReset":"2023-09-14T08:41:10.080+00:00",
    "authorities":"ADMIN"
}

H2-console can be accessed at http://localhost:9000/api/h2-console JWT Decoded

Login a User / Fetch Token

curl -X POST "http://localhost:9000/api/auth" -H  "accept: */*" -H  "Content-Type: application/json" -d "{\"username\":\"nasruddin\",\"password\":\"p@ssw00d\",\"device\":\"web\"}"

{"token":"eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJuYXNydWRkaW4iLCJhdWRpZW5jZSI6IndlYiIsImNyZWF0ZWQiOjE2OTQ2ODE2ODE3MDUsImV4cCI6MTY5NTI4NjQ4MX0.MydwIWzN3SgCvB8cYozKcR2tHMCM5nrIPXUBtx4o82ot1taL_NQM5TRHZ4yOc9uUcZFrz1XQAL_fDNXAIwmZxw"}

JWT Decoded

Accessing User/Protected API

Without setting X-AUTH-TOKEN

curl -X GET "http://localhost:9000/api/user/nasruddin" -H  "accept: */*"

{
    "timestamp":"2023-09-14T08:57:08.403+00:00",
    "status":401,
    "error":"Unauthorized",
    "path":"/api/user/nasruddin"
}

With setting X-AUTH-TOKEN

curl -X GET "http://localhost:9000/api/users/nasruddin" -H  "accept: */*" -H  "X-Auth-Token: eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJuYXNydWRkaW4iLCJhdWRpZW5jZSI6IndlYiIsImNyZWF0ZWQiOjE2OTQ2ODE2ODE3MDUsImV4cCI6MTY5NTI4NjQ4MX0.MydwIWzN3SgCvB8cYozKcR2tHMCM5nrIPXUBtx4o82ot1taL_NQM5TRHZ4yOc9uUcZFrz1XQAL_fDNXAIwmZxw"

{
    "id":1,
    "username":"nasruddin",
    "password":"$2a$10$dq6uFlehtetsfI6glLkA.OaeoIEu5PPqIVNZHDMCCiEej8b/0vhWa","email":"nasruddin@gmail.com",
    "lastPasswordReset":"2023-09-14T08:42:37.758+00:00",
    "authorities":"ADMIN"
}

Admin API

curl -X GET "http://localhost:9000/api/admin" -H  "accept: */*" -H  "X-Auth-Token: eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJuYXNydWRkaW4iLCJhdWRpZW5jZSI6IndlYiIsImNyZWF0ZWQiOjE2OTQ2ODE2ODE3MDUsImV4cCI6MTY5NTI4NjQ4MX0.MydwIWzN3SgCvB8cYozKcR2tHMCM5nrIPXUBtx4o82ot1taL_NQM5TRHZ4yOc9uUcZFrz1XQAL_fDNXAIwmZxw"

:O

OpenAPI Swagger

  1. Swagger can be accessed at http://localhost:9000/api/swagger-ui/index.html

Swagger

  1. API Docs can be accessed at http://localhost:9000/api/api-docs API Docs

About

🔑 Sample Spring boot application secured using JWT auth in custom header(X-Auth-Token).

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Java 100.0%