avatarNil Madhab

Summary

This context provides a step-by-step guide on how to implement basic JWT-based authentication in Spring Boot.

Abstract

The article "Let’s Implement Basic JWT Based Authentication in Spring boot" is a tutorial that explains how to implement JWT-based authentication in a Spring Boot application. The tutorial starts by explaining the theory behind JWT authentication and provides a link to a detailed article on the topic. It then provides a video tutorial for beginners to understand the concept better. The tutorial outlines the features that will be developed, including creating a JWT util file, a controller to generate JWT tokens, and hardcoding a user for simplicity. The tutorial also highlights that no password encoder will be used in this implementation. The tutorial then provides a step-by-step guide on implementing JWT-based authentication in Spring Boot, including creating a custom MyUserDetailsService, enabling web security, and creating a filter chain. The tutorial concludes by providing a controller to test the authentication and a note that the implementation will be extended to integrate a database and full signup/login functionalities in future tutorials.

Bullet points

  • The tutorial provides a step-by-step guide on implementing JWT-based authentication in Spring Boot.
  • The tutorial starts by explaining the theory behind JWT authentication and provides a link to a detailed article on the topic.
  • The tutorial provides a video tutorial for beginners to understand the concept better.
  • The tutorial outlines the features that will be developed, including creating a JWT util file, a controller to generate JWT tokens, and hardcoding a user for simplicity.
  • The tutorial highlights that no password encoder will be used in this implementation.
  • The tutorial provides a step-by-step guide on implementing JWT-based authentication in Spring Boot, including creating a custom MyUserDetailsService, enabling web security, and creating a filter chain.
  • The tutorial concludes by providing a controller to test the authentication and a note that the implementation will be extended to integrate a database and full signup/login functionalities in future tutorials.

Let’s Implement Basic JWT Based Authentication in Spring boot

Step by step guild how to implement JWT Based Authentication, Part 1

Photo by NeONBRAND on Unsplash

JWT based authentication is very useful when we have web and mobile clients and a backend server, which provides a good alternative to session-based authentication. I did not find a good tutorial on this topic, so I decided to make one.

Theory

Video Tutorial

I found this awesome tutorial for implementing basic JWT based authentication for noobs like me.

In this tutorial, we will implement basic JWT based authentication, with the mock user and no database, to understand the concept. We will extend it later to integrate database and full signup, login functionalities.

If you just want to check out the code, checkout the Github branch.

Features we will develop

  1. JWT util file to create and validate JWT token
  2. A controller to generate JWT token
  3. User will be hardcoded
  4. No password encoder

Youtube Demo

I have created a short video of 7 min, to explain all the component, if you do not have time to watch the full 40 min Javabrains video, or you already know about JWT auth, but do not know how to implement it in spring.

Step 1

Create a Spring project with the following dependency in pom.xml

Step 2

Create a custom MyUserDetailsService service, which extend UserDetailsService of security.core package and override the loadUserByUsername by hardcoding an user, for the sake of simplicity.

We will store and retrieve user from the database in a later tutorial.

Step 3

Create a SecurityConfigurer file and enable EnableWebSecurity annotation

Things to note

  1. We did not use any password encoder in this tutorial. We will use BCrypt encoding in next tutorial
  2. Antmatcher means except the ‘/authenticate’ endpoint, all other apis will be authenticated
  3. We are using a stateless session creation policy, i.e every api will be authenticated.
  4. we are providing our implementation of Userdetail service to Spring AuthenticationManagerBuilder

Step 4

Create the JWT util file to validate and create tokens. Check out the video (forward to 10:00) above to know more about each function.

Step 5

Create a filter chain to extract the JWT token from Authorization header, validate the token, and set the authentication in a security context.

Step 6

Create the controller to test the authentication

Authenticate
Access an API with JWT token

In the next tutorial, we will hook this with real users in the MySQL database and implement signup/login functionality.

https://readmedium.com/lets-implement-jwt-based-authentication-in-spring-boot-7ea5e97fc1f2

If you want a simple authentication

https://readmedium.com/a-simple-user-authentication-api-made-with-spring-boot-4a7135ff1eca

Thanks for reading :)

Java
Software Development
Technology
Jwt
Spring Boot
Recommended from ReadMedium
avatarNagarjun Nagesh
Role-Based Authorization in Spring Boot

In this article, we’ll dive into the concept of role-based authorization in Spring Boot applications. Role-based authorization is a crucial…

4 min read
avatarMohit Sehgal
Spring Security Basic Authentication with Database and Unit Testing

In this article, I will be using Spring Security basic authentication to register and login user and store the username/password in…

6 min read
avatarVikas Taank
Getting started with Spring Security

In this reading we’ll discuss about Spring security and securing Web Applications. The very first step in securing your Spring application…

6 min read
avatarLakshitha Fernando
Spring Security 6 and Spring Boot 3 with Simple Project.

In this article we will learn about basic authentication and role-based authentication and authorization.

8 min read
avatarGerald Nguyen
REST API: 9 Basic Spring Annotations to Master

Learn How To Use Them Effectively to Level Up Your Skills

5 min read
avatarFiras Ahmed
Why is 1 == 1 is true but 1000 == 1000 is false When dealing with Wrapper Classes in Java?

That’s a loaded title.

2 min read