https://github.com/spacecodee/springboot-security-open-template
This repository is a Spring Boot template for implementing JWT-based authentication and role-based access control. It includes secure user management, developer and admin protections, token security features, and integrated API documentation using Swagger and OpenAPI.
https://github.com/spacecodee/springboot-security-open-template
devcontainer docker docs gradle java postgresql springboot swagger
Last synced: 3 months ago
JSON representation
This repository is a Spring Boot template for implementing JWT-based authentication and role-based access control. It includes secure user management, developer and admin protections, token security features, and integrated API documentation using Swagger and OpenAPI.
- Host: GitHub
- URL: https://github.com/spacecodee/springboot-security-open-template
- Owner: spacecodee
- License: other
- Created: 2024-10-25T04:21:17.000Z (9 months ago)
- Default Branch: main
- Last Pushed: 2025-03-11T17:45:07.000Z (4 months ago)
- Last Synced: 2025-03-25T17:21:21.387Z (3 months ago)
- Topics: devcontainer, docker, docs, gradle, java, postgresql, springboot, swagger
- Language: Java
- Homepage:
- Size: 890 KB
- Stars: 30
- Watchers: 1
- Forks: 10
- Open Issues: 0
-
Metadata Files:
- Readme: readme.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md
- Security: .github/SECURITY.md
Awesome Lists containing this project
README
# 🔐 Spring Security JWT Template — Spring Boot 3.3.5
## 📋 Prerequisites
- ☕ Java 23
- 🐘 PostgreSQL
- 💻 IDE: IntelliJ IDEA, Eclipse, etc.## ⚙️ Configuration
Copy and update the `application-local.properties.example` in resources folder, it should be named `application-local.properties`
Copy and update the `.env.example` file in the .devcontainer folder of the application, it should be named `.env`
📚 Documentation
----------------- 📖 Swagger UI available at:`/api/v1/swagger-ui/index.html`
- 🔍 OpenAPI docs at:`/api/v1/v3/api-docs`🛡️ Security Features
---------------------**Authentication & Authorization**
- ✅ JWT-based authentication
- ✅ Role-based access control (RBAC)
- ✅ Permission-based access control
- ✅ Secure password handling
- ✅ Token invalidation on user updates
- ✅ Locale-based responses (en/es)
- ✅ Cache-based permission management
- ✅ Dynamic path pattern matching**Developer Protection**
- ✅ Cannot delete last remaining developer
- ✅ Automatic token invalidation before deletion
- ✅ Username uniqueness validation
- ✅ Safe update operations
- ✅ Path-based permission control
- ✅ Status change validation**Admin Protection**
- ✅ Cannot delete last remaining admin
- ✅ Automatic token invalidation before deletion
- ✅ Username uniqueness validation
- ✅ Safe update operations
- ✅ Enhanced path security**Customer Management**
- ✅ Full CRUD operations
- ✅ Role-based access control
- ✅ Username uniqueness validation
- ✅ Safe update operations
- ✅ Status management**Business Rules**
*User Management:*
- System maintains at least one active user per role
- Validates unique usernames across all user types
- Auto-logout (token invalidation) on profile updates
- Internationalization support (i18n)
- Permission caching with Guava
- Dynamic path pattern matching for endpoints*Token Security:*
- Automatic invalidation on sensitive data changes
- Proper cleanup during user deletion
- Expiration handling
- Refresh token support
- JWT validation and cleanup
- Role-only JWT payload
- Cached permissions management*Path Security:*
- Dynamic path pattern matching
- Support for numeric IDs in paths
- Boolean status handling
- Nested resource protection
- Base path standardization
- API version prefix handling*API Documentation:*
- Swagger UI integration
- OpenAPI 3.0 specification
- Interactive API testing
- Endpoint authorization information
- Permission requirements documentation*Performance Improvements:*
- Guava cache implementation
- Optimized path matching
- Efficient permission checking
- Pattern-based URL matching*Useful links:*
- To convert any text into Markdown format: [Markdown Converter](https://euangoddard.github.io/clipboard2markdown/)
## Contributing
Please read [CONTRIBUTING.md](CONTRIBUTING.md) for details on our code of conduct, and the process for submitting pull requests to us.
## License
[](LICENSE)
This project is licensed under the Apache License 2.0—see the [LICENSE](LICENSE) file for details.