Implement Spring Boot Security + JSON Web Token + MySQL
package com.javainuse.springbootsecurity.config; import java.util.Arrays; import java.util.List; import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.userdetails.User; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.stereotype.Service; @Service public class CustomUserDetailsService implements UserDetailsService { @Override public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { List<SimpleGrantedAuthority> roles = null; if (username.equals("admin")) { roles = Arrays.asList(new SimpleGrantedAuthority("ROLE_ADMIN")); return new User("admin", "$2a$10$0Nv/Qa7m8DdjWpBS2XRZWeP8rWDB7OdScb2grQSRDS9I9fWWlBNG2", roles); } if (username.equals("user")) { roles = Arrays.asList(new SimpleGrantedAuthority("ROLE_USER")); return new User("user", "$2a$10$5VikX1NNQFL9f.N7Ta5wVuBL5HuPi7ro5Q3UZYGVOCURwiotGrVCS", roles); } throw new UsernameNotFoundException("User not found with the name " + username); } }
This implementation we will be dividing into 2 parts -
- Register new User to MySQL database
- Use the MySQL for authenticating users
Video
This tutorial is explained in the below Youtube Video.Spring Boot JSON Web Token- Table of Contents
Understanding the need for JSON Web Token(JWT) Understanding JWT Structure Implement Spring Boot Security Implement Spring Boot + JSON Web Token Security Implement Spring Boot Security + JSON Web Token + MySQL Spring Boot RestTemplate + JWT Authentication Example Spring Boot Security - Refresh Expired JSON Web Token Angular 7 + Spring Boot JWT Authentication Hello World Example Online JWT Generator Online JWT Decoder
Register new User to MySQL database
The new user registration process will be as follows -In the pom.xml add the jpa and mysql dependency-
<?xml version="1.0" encoding="UTF-8"?> <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd"> <modelVersion>4.0.0</modelVersion> <parent> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-parent</artifactId> <version>2.2.0.RELEASE</version> <relativePath /> <!-- lookup parent from repository --> </parent> <groupId>com.javainuse</groupId> <artifactId>spring-boot-security</artifactId> <version>0.0.1-SNAPSHOT</version> <name>spring-boot-security</name> <description>Demo project for Spring Boot</description> <properties> <java.version>1.8</java.version> </properties> <dependencies> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-web</artifactId> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-security</artifactId> </dependency> <dependency> <groupId>io.jsonwebtoken</groupId> <artifactId>jjwt</artifactId> <version>0.9.1</version> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-test</artifactId> <scope>test</scope> <exclusions> <exclusion> <groupId>org.junit.vintage</groupId> <artifactId>junit-vintage-engine</artifactId> </exclusion> </exclusions> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-data-jpa</artifactId> </dependency> <dependency> <groupId>mysql</groupId> <artifactId>mysql-connector-java</artifactId> </dependency> </dependencies> <build> <plugins> <plugin> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-maven-plugin</artifactId> </plugin> </plugins> </build> </project>In application properties specify mysql config properties-
jwt.secret = javainuse jwt.expirationDateInMs=18000000 spring.datasource.url=jdbc:mysql://localhost/bootjwt?createDatabaseIfNotExist=true&autoReconnect=true&useSSL=false spring.datasource.username=root spring.datasource.password=root spring.jpa.hibernate.ddl-auto=create-dropCreate the Entity class as follows. It will be used while performing database operations-
package com.javainuse.springbootsecurity.model; import com.fasterxml.jackson.annotation.JsonIgnore; import javax.persistence.*; @Entity @Table(name = "user") public class DAOUser { @Id @GeneratedValue(strategy = GenerationType.IDENTITY) private long id; @Column private String username; @Column private String password; @Column private String role; public String getRole() { return role; } public void setRole(String role) { this.role = role; } public String getUsername() { return username; } public void setUsername(String username) { this.username = username; } public String getPassword() { return password; } public void setPassword(String password) { this.password = password; } }