Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

🔑 Sample Spring boot application secured using JWT auth in custom header(X-Auth-Token).

License

NotificationsYou must be signed in to change notification settings

Nasruddin/spring-boot-3-jwt-auth

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

40 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

🔑 Sample Spring boot 3 application for Authentication and Authorization

Features

  • Customizable header(X-Auth-Token) to pass Auth token.
  • JWT for token creation and validation.
  • Role based authorization.
  • Device based auth.
  • Custom Validators
  • Spring doc.

Running the sample app

mvn spring-boot:run

Registering a User

curl -X POST "http://localhost:9000/api/auth/register" -H  "accept: */*" -H  "Content-Type: application/json" -d "{\"username\":\"nasruddin\",\"password\":\"p@ssw00d\",\"device\":\"web\",\"email\":\"nasruddin@gmail.com\"}"
{    "id":2,    "username":"nasruddin",    "password":"$2a$10$U3CR4T1Gowd50Q.0yK/UuOh.XWVx0BYIe7BiAmymXZ.MYPUtU5F.e",    "email":"nasruddin@gmail.com",    "lastPasswordReset":"2023-09-14T08:41:10.080+00:00",    "authorities":"ADMIN"}

H2-console can be accessed athttp://localhost:9000/api/h2-consoleJWT Decoded

Login a User / Fetch Token

curl -X POST "http://localhost:9000/api/auth" -H  "accept: */*" -H  "Content-Type: application/json" -d "{\"username\":\"nasruddin\",\"password\":\"p@ssw00d\",\"device\":\"web\"}"
{"token":"eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJuYXNydWRkaW4iLCJhdWRpZW5jZSI6IndlYiIsImNyZWF0ZWQiOjE2OTQ2ODE2ODE3MDUsImV4cCI6MTY5NTI4NjQ4MX0.MydwIWzN3SgCvB8cYozKcR2tHMCM5nrIPXUBtx4o82ot1taL_NQM5TRHZ4yOc9uUcZFrz1XQAL_fDNXAIwmZxw"}

JWT Decoded

Accessing User/Protected API

Without setting X-AUTH-TOKEN

curl -X GET "http://localhost:9000/api/user/nasruddin" -H  "accept: */*"
{    "timestamp":"2023-09-14T08:57:08.403+00:00",    "status":401,    "error":"Unauthorized",    "path":"/api/user/nasruddin"}

With setting X-AUTH-TOKEN

curl -X GET "http://localhost:9000/api/users/nasruddin" -H  "accept: */*" -H  "X-Auth-Token: eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJuYXNydWRkaW4iLCJhdWRpZW5jZSI6IndlYiIsImNyZWF0ZWQiOjE2OTQ2ODE2ODE3MDUsImV4cCI6MTY5NTI4NjQ4MX0.MydwIWzN3SgCvB8cYozKcR2tHMCM5nrIPXUBtx4o82ot1taL_NQM5TRHZ4yOc9uUcZFrz1XQAL_fDNXAIwmZxw"
{    "id":1,    "username":"nasruddin",    "password":"$2a$10$dq6uFlehtetsfI6glLkA.OaeoIEu5PPqIVNZHDMCCiEej8b/0vhWa","email":"nasruddin@gmail.com",    "lastPasswordReset":"2023-09-14T08:42:37.758+00:00",    "authorities":"ADMIN"}

Admin API

curl -X GET "http://localhost:9000/api/admin" -H  "accept: */*" -H  "X-Auth-Token: eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJuYXNydWRkaW4iLCJhdWRpZW5jZSI6IndlYiIsImNyZWF0ZWQiOjE2OTQ2ODE2ODE3MDUsImV4cCI6MTY5NTI4NjQ4MX0.MydwIWzN3SgCvB8cYozKcR2tHMCM5nrIPXUBtx4o82ot1taL_NQM5TRHZ4yOc9uUcZFrz1XQAL_fDNXAIwmZxw"
:O

OpenAPI Swagger

  1. Swagger can be accessed athttp://localhost:9000/api/swagger-ui/index.html

Swagger

  1. API Docs can be accessed athttp://localhost:9000/api/api-docsAPI Docs

Packages

No packages published

Contributors3

  •  
  •  
  •  

Languages

[8]ページ先頭
©2009-2025 Movatter.jp