Skip to content

Sample project on how to implement JWT security role based using Spring boot 3 and Spring security 6

Notifications You must be signed in to change notification settings

caglayantolga/springboot-role-based-jwt-security-rest-api

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Spring Boot JWT REST API Security

Java Spring Boot Gradle

This project is a simple example of JWT-based REST API security developed using Spring Boot and built with Gradle.

Features

  • JWT Authentication: Secure user authentication using JSON Web Tokens.
  • Roles: Access control based on user roles.
  • Refresh Token: Extend user sessions with refresh tokens.
  • RESTful API: Clean and efficient RESTful services.

Requirements

  • Java 17
  • Gradle 7.2

Installation

  1. Clone the project to your local machine:

    git clone https://github.com/caglayantolga/springboot-role-based-jwt-security-rest-api.git
  2. Edit the application.yaml file and add your JWT secret key and password:

    token:
      signing:
        key: SECRET_KEY
      refresh:
        signing:
          key: SECRET_KEY
  3. Compile and run the project:

    cd springboot-role-based-jwt-security-rest-api
    ./gradlew bootRun

Usage

  1. Generate Token:

    POST /api/v1/auth/login
  2. Request Body:

     {
     "username": "yourUsername",
     "password": "yourPassword"
     }
  3. Response:

     {
     "token": "TOKEN",
     "refreshToken": "REFRESH_TOKEN",
     "expiresAt": "EXPIRES_AT"
     }
  4. Access Secure Endpoint:

    GET /api/v1/admin/hello

    HEADER

    Authorization: Bearer TOKEN

    RESPONSE

    Hello Admin

Refresh Token

  1. Refresh Token:

     POST /api/v1/auth/refresh/access
  2. Request Body:

     {
        "refreshToken": "REFRESH_TOKEN"
     }
  3. Response:

     {
     "token": "NEW_TOKEN",
     "refreshToken": "NEW_REFRESH_TOKEN",
     "expiresAt": "NEW_EXPIRES_AT"
     }