This project is a demo application for authentication using Spring Security 6, Spring Boot 3, and JWT. The purpose of this project is to provide an example of how to implement secure authentication and authorization. On the other hand, the demo application demonstrates providing authentication and authorization without using a third-party token library.
- Spring Boot
- MySQL
- Testcontainers
- Docker
- Maven
- Swagger
- Spring Data JPA
- Spring Security
- Docker
To run the application using Docker, you can use the provided Dockerfile with docker-compose.yml:
docker-compose up -dIt is needed to build and run the application
- Oracle JDK 17
- Maven 3.9
- MySQL 8.3
- Docker
Clone the project and use Maven to build the application
mvn clean package To run the tests for this project, use the following command:
./mvnw test Configuration can be received in application-dev.properties or using environment variables.
If you want to replace the Private and Public Key:
- Change the folder
cd src/main/resources/certs- Generate a Private Key with RSA:
openssl genpkey -algorithm RSA -out private-key.pem- Extract the Public Key from the Private Key
openssl rsa -pubout -in private-key.pem -out public-key.pemThe application requires mail configuration to be set for sending emails. The docker-compose.yml file includes environment variables for this purpose. You can customize the mail configuration by modifying the following variables in docker-compose.yml:
- MYSQL_ROOT_PASSWORD
- MAIL_HOST
- MAIL_PORT
- MAIL_USER
- MAIL_PASSWORD
- MAIL_PROTOCOL
- MAIL_SMTP_AUTH
- MAIL_SMTP_STARTTLS_ENABLE
- MAIL_SMTP_STARTTLS_REQUIRED
In order to run using embedded Apache Tomcat server use:
java -jar target/spring-security-jwt-demo-0.0.1-SNAPSHOT.jarThe application requires some configurations to be run consistently. Thus, the necessary configurations can be found in the application-dev.properties
Swagger: localhost:8080/swagger-ui.html
curl -H 'Content-Type: application/json' \
-d '{"email":"[email protected]","username":"billwilson","password":"12345","registerAsAdmin":true,"firstName":"Bill","lastName":"Wilson"}' \
-X POST \
http://localhost:8080/api/v1/auth/registercurl -H 'Content-Type: application/json' \
-d '{"username":"billwilson","password":"12345"}' \
-X POST \
http://localhost:8080/api/v1/auth/logincurl -H 'Content-Type: application/json' \
-H "Authorization: Bearer <ACCESS_TOKEN>" \
-X GET \
http://localhost:8080/api/v1/users/me curl -H 'Content-Type: application/json' \
-H "Authorization: Bearer <ACCESS_TOKEN>" \
-d '{"firstName":"Bill","lastName":"Wilson"}' \
-X PUT \
http://localhost:8080/api/v1/users/me curl -H 'Content-Type: application/json' \
-d '{"refreshToken": "<REFRESH_TOKEN>"}' \
-X POST \
localhost:8080/api/v1/auth/refreshcurl -H 'Accept: application/json' \
-X GET \
"localhost:8080/api/v1/auth/confirm?token=<REFRESH_TOKEN>"curl -H 'Accept: application/json' \
-X GET \
"localhost:8080/api/v1/auth/checkEmailInUse?email=<EMAIL>" curl -H 'Accept: application/json' \
-X GET \
"localhost:8080/api/v1/auth/checkUsernameInUse?username=<USERNAME>" curl -X GET \
"localhost:8080/api/v1/auth/resendRegistrationToken?token=<TOKEN>"curl -H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-d '{"email":"[email protected]"}' \
-X POST \
http://localhost:8080/api/v1/auth/password/resetlinkcurl -H 'Content-Type: application/json' \
-d '{"email":"[email protected]","password":"12345","confirmPassword":"12345","token":"af95616a-388e-4249-add1-a64577266fdd"}' \
-X POST \
http://localhost:8080/api/v1/auth/password/resetIf you'd like to contribute, please follow these steps:
- Fork the repository
- Clone your forked repository
- Switch to the development branch named as dev
- Commit your changes with a descriptive commit message
- Push your changes to your forked repository
- Create a Pull Request