Secure spring boot application with JWT | Part 2

{getToc} $title={Table of Contents}

Introduction

In this blog post, I’m going to talk about Jason Web Token (JWT) and how we developed a secure spring boot application using JWT. I think you will be able to get a basic understanding of JWT and how to use that in a real project.

What is JWT?

First, we consider what is JWT. Actually, JWT is an open standard (RFC 7519) that is a good way to exchange information securely as JSON objects between different parties. JWT is very popular in the microservice world and it is widely used in the authorization process in web apps. JWT can send via URL, POST request, HTTP header and it is very fast.

Let’s see what is authorization because you might have some doubts difference between authentication and authorization. In authentication process checks the identity of the user to provide them access to the system, simply checks who are you (By checking username, passwords, or any other methods). Usually, this process is done before authorization. In authorization process verifies whether access is allowed through policies and rules. Usually done after successful authentication.

We can use JWT to implement the authorization process in our application because nowadays JWT is widely used for the authorization process. I have implemented this process with JWT in this blog. Apart from authorization, we can use JWT for information exchanges because we can exchange information very securely using JWT.

Structure of JWT

If we consider a JWT, we can see three main parts separated by dots. These three parts are:

· Header

· Payload

· Signature

In Part 1:

{getCard} $type={post}

I have developed simple project to demonstrate how authorization process work with JWT. 

You already known how to initialize new spring boot project with adding necessary dependencies. 

In this part 2

I have created a user class inside the entity package with several attributes such as id, username, password and email.

Then I have created AuthorizeReq class inside the same package (Entity). In this class has mentioned all the attributes which helps to authenticate the user.

Inside the Repository package I have created UserRepository interface which is very important to handle user details. You can see inside the interface I have created an abstract method with type of User.

Inside the main class I have created a method called UserInit. So in this application I created sample users by creating a list and then saved all users by using repository.

Watch Full Video of This Part 2.

Git : https://github.com/Yuth-Set/Securing-Spring-Boot-with-JWT

{getCard} $type={post}