94 lines
2.8 KiB
Markdown
94 lines
2.8 KiB
Markdown
# JWT Authentication Implementation
|
|
|
|
This Spring Boot application now includes JWT-based authentication with user registration and login functionality.
|
|
|
|
## Features Added
|
|
|
|
- ✅ JWT token generation and validation
|
|
- ✅ User registration endpoint
|
|
- ✅ User login endpoint
|
|
- ✅ Protected endpoints requiring authentication
|
|
- ✅ Public endpoints accessible without authentication
|
|
- ✅ Password encryption using BCrypt
|
|
- ✅ User entity with Spring Security integration
|
|
|
|
## API Endpoints
|
|
|
|
### Public Endpoints (No Authentication Required)
|
|
- `GET /api/test/public` - Test public endpoint
|
|
- `POST /auth/register` - User registration
|
|
- `POST /auth/login` - User login
|
|
- `GET /auth/test` - Test authentication endpoints
|
|
|
|
### Protected Endpoints (Authentication Required)
|
|
- `GET /api/test/protected` - Test protected endpoint
|
|
- All other endpoints in the application
|
|
|
|
## Testing the Authentication
|
|
|
|
### 1. Register a New User
|
|
```bash
|
|
curl -X POST http://localhost:6950/auth/register \
|
|
-H "Content-Type: application/json" \
|
|
-d '{
|
|
"username": "testuser",
|
|
"password": "password123",
|
|
"email": "test@example.com",
|
|
"phone": "+263771234567",
|
|
"firstName": "Test",
|
|
"lastName": "User"
|
|
}'
|
|
```
|
|
|
|
### 2. Login with the User
|
|
```bash
|
|
curl -X POST http://localhost:6950/auth/login \
|
|
-H "Content-Type: application/json" \
|
|
-d '{
|
|
"username": "testuser",
|
|
"password": "password123"
|
|
}'
|
|
```
|
|
|
|
### 3. Access Protected Endpoint
|
|
```bash
|
|
curl -X GET http://localhost:6950/api/test/protected \
|
|
-H "Authorization: Bearer YOUR_JWT_TOKEN_HERE"
|
|
```
|
|
|
|
### 4. Test Public Endpoint
|
|
```bash
|
|
curl -X GET http://localhost:6950/api/test/public
|
|
```
|
|
|
|
## Configuration
|
|
|
|
The JWT configuration is in `application.properties`:
|
|
- `jwt.secret`: Secret key for signing JWT tokens
|
|
- `jwt.expiration`: Token expiration time in milliseconds (default: 24 hours)
|
|
|
|
## Security Features
|
|
|
|
- **Password Encryption**: All passwords are encrypted using BCrypt
|
|
- **JWT Tokens**: Stateless authentication using JSON Web Tokens
|
|
- **CORS Support**: Cross-origin requests are enabled for testing
|
|
- **Input Validation**: Request validation using Bean Validation annotations
|
|
- **Stateless Sessions**: No server-side session storage
|
|
- **Direct Password Validation**: Login uses direct password comparison for simplicity
|
|
|
|
## Database
|
|
|
|
The application will automatically create the `users` table when it starts up. The table includes:
|
|
- User credentials (username, password, email)
|
|
- Personal information (first name, last name)
|
|
- Account status flags
|
|
- Timestamps for creation and updates
|
|
|
|
## Notes
|
|
|
|
- In production, change the `jwt.secret` to a secure, randomly generated key
|
|
- The default JWT expiration is set to 24 hours
|
|
- All passwords must be at least 6 characters long
|
|
- Usernames and emails must be unique
|
|
- The application uses PostgreSQL as the database
|