Use JWT & Springboot-3 for API Authentication Authorization

Name: Use JWT & Springboot-3 for API Authentication Authorization
Rating: 4.2 (6 reviews)

Develop production ready secure REST API's using latest JWT and Springboot 3 in 2024

Created byObify Consulting

Last updated 11/2024

English

What you'll learn

You will about Authentication & Authorization
You will learn about JWT - Json Web Token and its working
You will learn to implement Springboot 3.3.5 with JWT
You will learn to secure your REST API using Springboot 3 & JWT
You will learn to develop applications with multiple roles
You will also get the source code for the course.
You will learn about global custom error handling

Course content

8 sections • 32 lectures • 2h 2m total length

Everything about Authentication, Authorization and JWT22:06

Generating the starter springboot 3.3.5 project2:13
Create a starter spring boot 3.3.5 project on start.spring.io with maven and java 17; include web, security, h2, mysql, lombok, and spring data jpa, then import into IntelliJ.
Adding JWT dependencies2:40
Adding Different User Roles1:34
Creating Role Entity1:43
Create the role entity with Spring Data JPA, mapping a roles table and an auto generated id, using Lombok for getters/setters and a role enum.
Creating User Entity3:00
Adding profile based application properties files1:45
Adding H2 file based Database configuration2:55

Creating Role Repository with required custom queries4:12
Creating User Repository with required custom queries1:20
Adding logic for UserDetailsImpl class for mapping the User Entity and Role6:36
Map the user entity and its roles to spring security authorities with a user details impl, including fields like phone, nationality, date of birth, and gender.
Adding logic for UserServiceImpl to load user and save user2:53
Service for generating validating token and extracting claims6:21

Implementing JWT Authentication Filter6:51
Implementing and understanding Security Config bean4:06
Exception handling for all security errors1:55
Understanding Security Filter Chain configuration.mp42:34
Configure the security filter chain by using http security to disable CSRF, enable exception handling, and enforce stateless sessions with URL-based authentication rules and a JWT filter.
Handling Cors Configuration in the application1:24

Creating Signup Request DTO3:34
Creating LoginRequest and Response DTO and Message DTO2:43
Create login request dto with email and password; define JWT response dto returning token, user id, and token type. Add a message response dto for errors or success messages.
Implementing Signup and Registration functionality in Auth Controller7:42
Implement signup and registration in the auth controller using JWT to issue tokens, configure roles (admin, user, moderator), and integrate with Spring Boot 3 for secure API authentication and authorization.
Understanding Auth Controller2:48
Startup command to insert roles into database2:28
Solving circular dependency2:42

Testing the application4:22
Test the application with postman by posting to api/v1/no auth to create a user, then sign up with first name, last name, email, and password, expecting default user role.
Updating Security Config rules and testing again4:44
Implement Test Controller to test Authentication and Authorization1:59
Testing different roles with API endpoints security3:24
Get LoggedIn user information4:25
Learn to retrieve the currently logged-in user via a util that reads authentication from the security context, using JWT with Spring Boot 3 and Spring Security 6.

Requirements

Basics of Java & Springboot

Description

In this course you will learn to secure REST API with Springboot-3 and JWT.

JSON Web Tokens (JWT) and Spring Boot together provide a powerful solution for securing web applications. JWT is a compact, URL-safe means of representing claims to be transferred between two parties. The token is digitally signed, allowing the receiving party to verify its authenticity. This is particularly useful in stateless authentication, where the server does not need to store session information.

In a Spring Boot application, JWT can be integrated easily for authentication and authorization purposes. When a user logs in, the server generates a JWT containing user information and permissions. This token is sent back to the client, which stores it (typically in local storage or cookies). For subsequent requests, the client includes the JWT in the HTTP headers, allowing the server to validate the token and grant access to protected resources.

To implement JWT in Spring Boot, developers can use libraries like jjwt for token creation and parsing. Spring Security can be configured to intercept requests and validate the JWT. By using filters, developers can ensure that each request is authenticated based on the token. This combination not only enhances security but also simplifies scaling, as each request is stateless, reducing server-side overhead and improving performance.

You will also get the source code for the course.

Who this course is for:

Anyone who wants to implement JWT based Authentication and Authorization with Springboot 3.3.5 and Spring security

Use JWT & Springboot-3 for API Authentication Authorization

What you'll learn

Explore related topics

Course content

All About Authentication, Authorization & working of JWT1 lecture • 22min

Setup and Configuration7 lectures • 16min

Working on Repository and Services5 lectures • 21min

Working on Filter and Configuration5 lectures • 17min

Login and Signup Functionality6 lectures • 22min

Testing the application5 lectures • 19min

Custom Error Handling2 lectures • 5min

Source code1 lecture0

Requirements

Description

Who this course is for: