crud-app

ā­ 0 Stars
šŸ“ 0 Forks
šŸ›  Java
šŸ•’ 12/9/2025

This is a simple RESTful application for testing new technologies and new ways of working!

dockermysqlredis

šŸ” Spring Boot JWT Authentication API

Production-ready REST API built with Spring Boot implementing a complete JWT-based authentication and authorization system, including:

  • āœ… JWT Login
  • āœ… Access Token & Refresh Token
  • āœ… Role-based Authorization
  • āœ… Docker + MySQL
  • āœ… Global Exception Handling (@ControllerAdvice)
  • āœ… SecurityFilterChain Configuration
  • āœ… Token Refresh Flow
  • āœ… Clean User ā†’ UserDetails Mapping

šŸš€ Tech Stack

  • Java 17+
  • Spring Boot 3+
  • Spring Security
  • JWT (JJWT)
  • MySQL
  • Docker & Docker Compose
  • Lombok
  • gradle

šŸ”‘ JWT Authentication

šŸ“Œ Token Types

| Token | Lifetime | Purpose | | ------------- | ------------- | -------------------------- | | Access Token | 10ā€“15 minutes | Access protected endpoints | | Refresh Token | 7ā€“30 days | Generate new access tokens |

šŸ”“ Authentication Endpoints

āœ… Login

POST /api/auth/login

Response:

{
  "accessToken": "...",
  "refreshToken": "..."
}

āœ… Refresh Token

POST /api/auth/refresh

Request Body:

{
  "refreshToken": "..."
}

Response:

{
  "accessToken": "new-access-token"
}

šŸ§  Security Architecture

šŸ” JwtService

Service responsible for:

  • Generating Access Tokens
  • Generating Refresh Tokens
  • Extracting username from token
  • Validating token signature and expiration

šŸ§© UserDetailsFactory

Utility class that converts the User entity into a UserDetails instance:

public class UserDetailsFactory {

    public static UserDetails create(User user) {
        List<GrantedAuthority> authorities = user.getRoles().stream()
                .map(role -> new SimpleGrantedAuthority(role.getName()))
                .toList();

        return new org.springframework.security.core.userdetails.User(
                user.getUsername(),
                user.getPassword(),
                user.isEnabled(),
                true,
                true,
                true,
                authorities
        );
    }
}

šŸ” Refresh Token Flow

  1. User logs in
  2. Receives Access Token + Refresh Token
  3. Access Token expires
  4. Frontend sends Refresh Token
  5. Backend validates Refresh Token
  6. New Access Token is generated āœ…

šŸ§± Role-Based Authorization

  • Roles are mapped to GrantedAuthority
  • Roles are included as claims inside JWT
  • Access rules defined using:
.hasAuthority("ADMIN")

šŸ³ Docker

The project uses:

  • MySQL container
  • Backend connected via application.properties

āš ļø Global Exception Handling

Implemented using @ControllerAdvice for:

  • Validation errors
  • Authentication errors
  • Resource not found
  • Custom business exceptions

āœ… Best Practices Applied

  • Layered architecture
  • DTOs for requests and responses
  • Stateless security
  • Decoupled role management
  • Token expiration control
  • Entity to UserDetails mapping

āœ… Project Status

āœ”ļø Production-ready āœ”ļø Complete security layer āœ”ļø Clean architecture āœ”ļø Ready for deployment

šŸ‘Øā€šŸ’» Author

Developed as part of an advanced backend learning process using Spring Boot.

šŸ”„ This project follows real-world backend security standards and practices.

View in GitHub ā†’ā† Back