Secure Spring Boot Application with JWT
For this last part of Secure Spring Boot Application with JWT, in the controller I have created two endpoints as GET and POST.
Generate Token
In generateToken method you can see AuthorizeReq is pass with request body. After validation generated token has returned.
If the user is authenticated and authorized person then user redirect to the Welcome page.
In application.properties
Local Postgres Database
Testing
In this section we are going to test our application whether it works fine or not. I have used Postman for this, but you can use any API platform like Postman, Insomnia.
First we check “/authenticate” endpoint.
We need to provide credentials in the body, then we can send the request. After that you can see a toke is generated successfully. This token is encoded token.
eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJraG1lcnNpZGUiLCJpYXQiOjE2NTg4Mzk4NzUsImV4cCI6MTY1ODkyNjI3NX0.MsJFQeCS0AhQQwxmBpt2qYP9blD16GRcuoPDSdkpbuU
You can decode JWT from their official site https://jwt.io/. when we paste generated token encoded area you can see all the details in the decode area. you can see the algorithm in the HEADER section that used to encode. You can see all the data in the PAYLOAD section.
We need to send GET request here. You should provide the token that we generated previously, you can provide it in the header section. Remember, you should provide your token as Bearer token.
If its success you will able to see the welcome massage. That means our authorization process is working fine.
I think you can get better understand about how JWT is working from these videos.
Git: https://github.com/Yuth-Set/Securing-Spring-Boot-with-JWT
