Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/twin/spring-as-backend
A ready-to-go secure Spring backend
https://github.com/twin/spring-as-backend
quickstart spring spring-boot spring-framework spring-security
Last synced: 4 months ago
JSON representation
A ready-to-go secure Spring backend
- Host: GitHub
- URL: https://github.com/twin/spring-as-backend
- Owner: TwiN
- License: apache-2.0
- Created: 2018-06-16T17:53:26.000Z (over 6 years ago)
- Default Branch: master
- Last Pushed: 2023-07-11T02:27:59.000Z (over 1 year ago)
- Last Synced: 2024-05-02T03:36:38.368Z (9 months ago)
- Topics: quickstart, spring, spring-boot, spring-framework, spring-security
- Language: Java
- Homepage: https://twinnation.org/articles/23/project-spring-as-backend
- Size: 101 KB
- Stars: 5
- Watchers: 3
- Forks: 2
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- License: LICENSE.md
Awesome Lists containing this project
README
# spring-as-backend
A ready-to-go secure Spring backend.
This setup assumes that anybody can access your website,
but only specific features are meant to be accessed for authenticated users.If you wish to force everything to be only accessible by authenticated users, uncomment the following lines
in `SecurityConfiguration.java`:.authorizeRequests()
.antMatchers(HttpMethod.POST, "/api/v1/users").permitAll()
.anyRequest().authenticated()
.and()
By doing so, any request to the API will redirect you to the default [login page](#login) except for:
| Method | Path | Justification |
|:------:|:-------------:|:-------------:|
| POST | /api/v1/users | Register |
| POST | /api/v1/login | Login |## Usage with Docker
```
docker-compose up
```## Features
- Swagger UI
- Spring Security
- Spring Session
- RESTful API
- User authentication + register
- Page with some example## Sample Page
A index page is included to help developers getting started.
It contains the link to the application's Swagger, the link to the default login form
as well as another login form that uses the [login processing url](#login-processing-url)
with a container for the server response of said example.![Sample page](/docs/img/sab-sample-page.png)
## Endpoints
Only the necessary endpoints will be listed here. A full list of endpoints can be found using the Swagger UI.
### Swagger UI
The Swagger UI is there to facilitate the development of your application, as it can allow you
to easily view and interact with the backend's API.You can view the swagger API by going at the following url: `/swagger-ui.html`
### Login
Initially, there is no user other than `root:root`, which is an admin.
By default, there's a login form at the following url: `/login`
#### Login Processing URL
Alternatively, you can use the **login processing url** to login from your frontend.
| Key | Value |
|:---:|:---:|
| **Method** | POST |
| **Path** | `/api/v1/login` |
| **Parameters** | username, password |Due to the nature of authentication itself, you'll need to use `POST` in order to login using the **login processing url**.
### Logout
| Key | Value |
|:---:|:---:|
| **Method** | GET |
| **Path** | `/logout` |
| **Parameters** | - |### Creating an user
By default, the username must be at least 4 characters long and the password must be at least 8 characters long.
The only exception is the default `root:root` user, which **you should remove before publishing the project in production**.| Key | Value |
|:---:|:---:|
| **Method** | POST |
| **Path** | `/api/v1/users` |
| **Parameters** | username, password |### Getting the Authenticated User
| Key | Value |
|:---:|:---:|
| **Method** | GET |
| **Path** | `/api/v1/users/me` |
| **Parameters** | - |## TODO
- Authentication button on Swagger UI
- More tests