Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/devrezaur/jwt-refresh-token-spring-boot

Ready to use implementation of JWT with refresh token using Spring Boot
https://github.com/devrezaur/jwt-refresh-token-spring-boot

refresh-token spring-boot spring-security-jwt

Last synced: 2 days ago
JSON representation

Ready to use implementation of JWT with refresh token using Spring Boot

Host: GitHub
URL: https://github.com/devrezaur/jwt-refresh-token-spring-boot
Owner: DevRezaur
Created: 2021-06-21T17:51:04.000Z (over 3 years ago)
Default Branch: main
Last Pushed: 2021-06-25T20:08:00.000Z (over 3 years ago)
Last Synced: 2023-07-20T04:27:19.258Z (over 1 year ago)
Topics: refresh-token, spring-boot, spring-security-jwt
Language: Java
Homepage:
Size: 418 KB
Stars: 3
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

        # JWT Auth with Refresh Token using Spring Boot

This is a ready to use template code for implementing `JWT based authentication` with `refresh token` using Spring Boot.




## Documentation and Usage

### Authentication API

`POST` URI: `localhost:8080/auth/authenticate`




![authenticate-api](https://github.com/DevRezaur/JWT-refresh-token-spring-boot/blob/main/screenshots/authenticate-api.PNG)

### Access User Controller

`GET` URI: `localhost:8080/user/`




![user-content](https://github.com/DevRezaur/JWT-refresh-token-spring-boot/blob/main/screenshots/user-content.PNG)

### Access Admin Controller

`GET` URI: `localhost:8080/admin/`




![admin-content](https://github.com/DevRezaur/JWT-refresh-token-spring-boot/blob/main/screenshots/admin-content.PNG)

### Token Expired / Access Denied Example

`GET` URI: `localhost:8080/admin/`




![access-denied](https://github.com/DevRezaur/JWT-refresh-token-spring-boot/blob/main/screenshots/access-denied.PNG)

### Request New Token API

`POST` URI: `localhost:8080/auth/refreshtoken`




![token-refresh-api](https://github.com/DevRezaur/JWT-refresh-token-spring-boot/blob/main/screenshots/token-refresh-api.PNG)

### Refresh Token Expired Example

`POST` URI: `localhost:8080/auth/refreshtoken`




![refresh-token-expired](https://github.com/DevRezaur/JWT-refresh-token-spring-boot/blob/main/screenshots/refresh-token-expired.PNG)

### User Registration API

`POST` URI: `localhost:8080/user/registerUser`




![user-registration](https://github.com/DevRezaur/JWT-refresh-token-spring-boot/blob/main/screenshots/user-registration.PNG)

### Admin Registration API

Since admin registration is a `admin privileged` feature, we protected it via `/admin/` mapping. So sending authentication header is required with this request.

`POST` URI: `localhost:8080/admin/registerAdmin`




![admin-registration](https://github.com/DevRezaur/JWT-refresh-token-spring-boot/blob/main/screenshots/admin-registration.PNG)

### Logout from server API

`POST` URI: `localhost:8080/auth/logout`




![logout](https://github.com/DevRezaur/JWT-refresh-token-spring-boot/blob/main/screenshots/logout.PNG)




## Migrate to MySQL

By default this module uses H2 database. To use MySQL edit the following configuration.




Open `pom.xml` and configure it as below:

```xml

	4.0.0

	

		org.springframework.boot

		spring-boot-starter-parent

		2.5.0

		 

	

	com.devrezaur

	JWT-refresh-token-spring-boot

	v-1.0 alpha

	JWT-refresh-token-spring-boot

	Ready to use implementation of JWT refresh token using Spring Boot

	

		15

	

	

		

			org.springframework.boot

			spring-boot-starter-data-jpa

		

		

			org.springframework.boot

			spring-boot-starter-security

		

		

			org.springframework.boot

			spring-boot-starter-web

		

		

			io.jsonwebtoken

			jjwt

			0.9.1

		

		

			org.springframework.boot

			spring-boot-devtools

			runtime

			true

		

		

			mysql

			mysql-connector-java

		

		

			com.fasterxml.jackson.module

			jackson-module-kotlin

		

		

			org.springframework.boot

			spring-boot-starter-test

			test

		

		

			org.springframework.security

			spring-security-test

			test

		

	

	

		

			

				org.springframework.boot

				spring-boot-maven-plugin

			

		

	

```




After that open `src/main/resources/application.properties` and configure like below:

```properties

server.port=8080

spring.jpa.open-in-view=false

spring.h2.console.enabled=true

spring.datasource.url=jdbc:mysql://localhost:3306/database_name

spring.datasource.username=username

spring.datasource.password=password

spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MySQL8Dialect

spring.jpa.show-sql=true

spring.jpa.defer-datasource-initialization=true

# JWT secret key

jwt.secret=secret

# Access token lifespan (5 min)

jwt.jwtExp=300000

# Refresh token lifespan (24 hours)

jwt.refreshExp=86400000

```




## Additional Configuration

`src/main/resources/data.sql` file is used to insert initial data to the database. This file is not mandatory. Feel free to `modify/delete` this `data.sql` file.

```sql

INSERT INTO roles

VALUES(1, 'ROLE_ADMIN');

INSERT INTO roles

VALUES(2, 'ROLE_USER');

INSERT INTO users (user_id, fullname, username, password)

VALUES('101', 'Rezaur Rahman', 'DevRezaur', 'iamadmin');

INSERT INTO users (user_id, fullname, username, password)

VALUES('102', 'Sanzida Sultana', 'SanzidaSultana', 'iamuser');

INSERT INTO user_role

VALUES('101', 1);

INSERT INTO user_role

VALUES('101', 2);

INSERT INTO user_role

VALUES('102', 2);

```




## Run the Project

* `Clone the repository`

* `Update maven build (Project > Maven > Update Project)`

* `Run (Project > Run As > Spring Boot App)`




## Relevant Projects

> [JWT Auth with Spring Boot (No Refresh Token)](https://github.com/DevRezaur/spring-security-JWT-module)




Feel free to leave a star if you find this helpful :smile: