The motivation for this demo, is just because it is very difficult to find a complete implementation of spring webflux + security + jwt + r2db all in one functional implementation, all that you can find in internet are incomplete, not functional or very older examples, I didn't find any complete example like this from official spring examples neither. That's why I did it and wanted to share it to anybody that is needing it.
Any improvement, fix, contribution are welcome.
Happy codding!!
- Spring webflux
- Spring security implemented with JWT + validation layer
- User register demo endpoint
- User authentication endpoint
- Model to dto mapping (using mapstruct)
- User R2db with Postgresql repository impl
- User validation in spring security layer, according to the user record in db
- If you don't have installed Postgresql locally you can just run it with docker
docker-compose -f src/main/docker/docker-compose.yml up -djust execute the sql script located in src/resources/schema/database.sql or copy teh following sentences:
CREATE DATABASE "webflux-security";
CREATE TABLE users
(
id SERIAL PRIMARY KEY,
username VARCHAR(64),
password VARCHAR(64),
roles TEXT[],
first_name VARCHAR(64),
last_name VARCHAR(64),
enabled BOOLEAN,
created_at TIMESTAMP,
updated_at TIMESTAMP
);curl http://localhost:9000/public/demo-user \
-X POST \
-H 'Content-Type: application/json' \
-d '{
"username": "admin",
"password": "admin",
"first_name": "John",
"last_name": "Doe"
}'curl http://localhost:9000/login \
-X POST \
-H 'Content-Type: application/json' \
-d '{
"username": "admin",
"password": "admin"
}' | json_ppAPI Response
{
"issuedAt" : "2021-04-09T18:48:04.052+00:00",
"userId" : 1,
"expiresAt" : "2021-04-10T02:48:04.052+00:00",
"token" : "eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIxIiwicm9sZSI6WyJST0xFX1VTRVIiXSwiaXNzIjoiYWRtaW4iLCJleHAiOjE2MTgwMjI4ODQsImlhdCI6MTYxNzk5NDA4NCwianRpIjoiODUzNTAwNDUtYjNjNy00MTA3LWIyZjUtOGEwNDUyNjVmZWM5In0.okhxY7BsK3S3ABNMJlm1WhGdjssy676d6bNkZ3ybN34"
}(!) Use jwt token obtained previously
curl http://localhost:9000/user \
-H 'Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIxIiwicm9sZSI6WyJST0xFX1VTRVIiXSwiaXNzIjoiYWRtaW4iLCJleHAiOjE2MTgwMjI4ODQsImlhdCI6MTYxNzk5NDA4NCwianRpIjoiODUzNTAwNDUtYjNjNy00MTA3LWIyZjUtOGEwNDUyNjVmZWM5In0.okhxY7BsK3S3ABNMJlm1WhGdjssy676d6bNkZ3ybN34' | json_ppAPI Response
{
"enabled" : true,
"id" : 1,
"first_name" : "John",
"username" : "admin",
"last_name" : "Doe"
}- The default JWT token expiration is 28800 seconds = 8 hours, you can configure this and other jwt params in
src/resources/application.yml - If you update the user record in db, updating the enabled column to false, and try to fetch
GET /useronce again api will return an error 401
MIT