This project demonstrates user authentication and authorization using Spring Security in a Spring Boot application. It supports secure login, JWT-based authentication, role-based access control (RBAC), and protects RESTful APIs, providing a scalable and maintainable security solution for microservices.
- User authentication with username and password.
- JWT token generation and validation for stateless authentication.
- Role-based access control (RBAC) to secure endpoints.
- Password encryption using BCrypt.
- Secure RESTful APIs with protected and public endpoints.
- Unit testing for controllers and service layers.
- Java 17+
- Spring Boot
- Spring Security
- JWT (JSON Web Token)
- Maven/Gradle
Dependencies org.springframework.boot spring-boot-starter-security io.jsonwebtoken jjwt 0.9.1 org.springframework.boot spring-boot-starter-web org.springframework.boot spring-boot-starter-data-jpa com.h2database h2
Security Features
Stateless authentication using JWT.
Password encryption using BCryptPasswordEncoder.
Endpoint protection with role-based access.
Token expiration handling and validation.
Exception handling for unauthorized access.
Benefits
Secure microservices and REST APIs.
Centralized authentication and authorization.
Scalable and maintainable security architecture.
Easy integration with frontend or mobile applications.
License
This project is licensed under the MIT License.