Jwt-Spring-Security-JPA

A demo project explaining the backend authentication using JWT (Json Web Token) authentication using Spring Security & MySQL JPA.

There's support for the following features:

• Conventional email/username based registration with admin support
• Conventional Login using Spring Security and generation of JWT token
• Multiple device login and logout support
• In memory store for blacklisting logged out tokens
• Support for expiration bases email verification. Mail is sent upon registration.
• Resend the email confirmation email if old one expires
• Support for password updation once logged in
• Support for forgot-password functionality with password reset token sent to mail.
• Supports admin protected urls leveraging Spring security
• API to refresh JWT tokens once the temporary JWT expires.
• API to check availability of username/email during registration.

---

Swagger Docs

The project has been configured with a basic Swagger docket that exposes the commonly used API's along with the expected params.

---

JWT

JSON Web Tokens are an open, industry standard RFC 7519 method for representing claims securely between two parties.

Exception Handling

The app throws custom exceptions wherever necessary which are captured through a controller advice. It then returns the appropriate error response to the caller

• AppException
• BadRequestException
• ResourceAlreadyInUseException
• ResourceNotFoundException
• UserLoginException
• UserRegistrationException
• MethodArgumentNotValidException
• UserLogoutException
• TokenRefreshException
• UpdatePasswordException
• PasswordResetException
• PasswordResetLinkException

Moreover, entities are validated using JSR-303 Validation constraints.

---

Steps to Setup the Spring Boot Back end app

1. Clone the application

   git clone https://github.com/isopropylcyanide/Jwt-Spring-Security-JPA.git
   cd AuthApp

2. Create a MySQL database

   create database login_db

3. Change MySQL username and password as per your MySQL installation

   • open src/main/resources/application.properties file.

   • change spring.datasource.username and spring.datasource.password properties as per your mysql installation

   • open src/main/resources/mail.properties file.

   • change spring.mail.username and spring.mail.password properties as per your mail installation

4. Run the app

   You can run the spring boot app by typing the following operating system specific command -

   For UNIX/Linux based operating systems,

   ./mvnw spring-boot:run

   For Windows based operating systems,

   mvnw.cmd spring-boot:run

   The server will start on port 9004. Token default expiration is 600000ms i.e 10 minutes.

5. Add the default Roles

   The spring boot app uses role based authorization powered by spring security. Please execute the following sql queries in the database to insert the USER and ADMIN roles.

   INSERT INTO ROLE (ROLE_NAME) VALUES ('ROLE_USER');
   INSERT INTO ROLE (ROLE_NAME) VALUES ('ROLE_ADMIN');

   Any new user who signs up to the app is assigned the ROLE_USER by default.

---

Contribution

• Please fork the project and adapt it to your use case.
• Submit a pull request.

---

Demo Screens

1. Registering a user

---

2. Logging in a valid user

---

3. Logging in an invalid user

---

3. Using the token in request header & accessing resource

---

4. Accessing admin resource with invalid permissions/token

---

5. Logging out the user device

---

6. Resetting the password

---

7. Refreshing the authentication token

---

8. Confirming the user email verification token

---