- Introduction
- Requirements
- Setup
- Building the Application
- Running the Application
- UI Components
- API Endpoints
- Testing
- Troubleshooting
- Contributing
- License
This is a test application demonstrating the use of Spring Boot Security with JWT (JSON Web Token) for authentication and authorization.
- Java 17
- Gradle
- Docker (Optional)
- An IDE like IntelliJ IDEA
-
Clone the repository:
git clone https://github.com/sampathsl/JwtDemo.git cd JwtDemo
-
Configure your IDE:
- Open the project in IntelliJ IDEA.
- Make sure the Java SDK is set to version 17.
- Configured with gradle (otherwise it will be automatically downloaded gradle.zip)
./gradlew clean build
./gradlew bootRun
-
Build the Docker image:
docker build -t spring-boot-security-jwt-app .
-
Run the Docker container:
docker run -p 8080:8080 spring-boot-security-jwt-app
- http://localhost:8080/ - Home Page
- http://localhost:8080/login - Login Page
- http://localhost:8080/home - After Login, Access Token Can Be Seen Here
- http://localhost:8080/access-denied - Unauthorized Access
Below are some of the key API endpoints:
-
Sign Up (Register Application User): POST /api/v1/register/user
- Request Body:
{ "username": "sampath", "password": "sampath@123", "roles": ["USER"] }
- Response:
{ "id": 1, "username": "sampath", "password": "$2a$10$OL8rzYprRf8AhF9/b8RDsuIOjJr5RtmXrcL3mG.Zw9fAAB/cENpQ2", "role": "USER" }
- Request Body:
-
Sign In: POST /api/v1/user-login
- Request Body:
{ "username": "sampath", "password": "sampath@123" }
- Response:
{ "eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJ1c2VyMTIzIiwiaWF0IjoxNzI2MjU0NDY3LCJleHAiOjE3MjYyNTgwNjd9.3ucSIxd986hHq57_0Ioigmp0eNurF4nmpR0STRLcSYFWap7YDeHZn70bE4FQKDW5RErnBCC2ipIi_NTSwemmLg" }
- Request Body:
User Resource:
GET /api/v1/users
- Headers:
- Authorization: Bearer <JWT_TOKEN>
Post Resource:
GET /api/v1/posts
- Headers:
- Authorization: Bearer <JWT_TOKEN>
GET /api/v1/posts/user/{user_id}
- Headers:
- Authorization: Bearer <JWT_TOKEN>
Comment Resource:
GET /api/v1/comments
- Headers:
- Authorization: Bearer <JWT_TOKEN>
GET /api/v1/comments/post/{post_id}
- Headers:
- Authorization: Bearer <JWT_TOKEN>
-
Unit Tests:
./gradlew test
-
Integration Tests Using Bearer Token:
- Sign in to get the JWT token.
- Access the protected resources using the JWT token.
Here is an example using
curl
:# Sign In curl -X POST http://localhost:8080/api/v1/user-login \ -H "Content-Type: application/json" \ -d '{"username":"user123", "password":"password123"}' # Access protected resource /api/v1/users curl -X GET http://localhost:8080/api/v1/users \ -H "Authorization: Bearer $TOKEN" # Access protected resource /api/v1/posts curl -X GET http://localhost:8080/api/v1/posts \ -H "Authorization: Bearer $TOKEN" # Access protected resource /api/v1/comments curl -X GET http://localhost:8080/api/v1/comments \ -H "Authorization: Bearer $TOKEN" # Access protected resource /api/v1/posts/user/{user_id} curl -X GET http://localhost:8080/api/v1/posts/user/{user_id} \ -H "Authorization: Bearer $TOKEN" # Access protected resource /api/v1/comments/post/{post_id} curl -X GET http://localhost:8080/api/v1/comments/post/{post_id} \ -H "Authorization: Bearer $TOKEN"
-
Common Issues:
- Ensure Java version is set to 17.
- In-memory hard coded user database.
- Verify JWT secret key consistency between environment configurations.
-
Logging:
- Logs can be found in the console output by default.
- Configure log levels in
application.properties
.
- Fork the repository from https://github.com/sampathsl/JwtDemo.git.
- Create a new branch (
git checkout -b feature-xyz
). - Make your changes and commit (
git commit -m 'Add some feature'
). - Push to the branch (
git push origin feature-xyz
). - Create a Pull Request.
This project is licensed under the MIT License - see the LICENSE file for details.