├── .gitignore ├── .mvn └── wrapper │ ├── MavenWrapperDownloader.java │ ├── maven-wrapper.jar │ └── maven-wrapper.properties ├── README.md ├── mvnw ├── mvnw.cmd ├── pom.xml ├── spring-boot-refresh-token-jwt-example-flow.png ├── spring-boot-spring-security-postgresql-jwt-authentication-architecture.png ├── spring-boot-spring-security-postgresql-jwt-authentication-flow.png └── src ├── main ├── java │ └── com │ │ └── bezkoder │ │ └── spring │ │ └── security │ │ └── postgresql │ │ ├── SpringBootSecurityPostgresqlApplication.java │ │ ├── controllers │ │ ├── AuthController.java │ │ └── TestController.java │ │ ├── models │ │ ├── ERole.java │ │ ├── Role.java │ │ └── User.java │ │ ├── payload │ │ ├── request │ │ │ ├── LoginRequest.java │ │ │ └── SignupRequest.java │ │ └── response │ │ │ ├── JwtResponse.java │ │ │ └── MessageResponse.java │ │ ├── repository │ │ ├── RoleRepository.java │ │ └── UserRepository.java │ │ └── security │ │ ├── WebSecurityConfig.java │ │ ├── jwt │ │ ├── AuthEntryPointJwt.java │ │ ├── AuthTokenFilter.java │ │ └── JwtUtils.java │ │ └── services │ │ ├── UserDetailsImpl.java │ │ └── UserDetailsServiceImpl.java └── resources │ └── application.properties └── test └── java └── com └── bezkoder └── spring └── security └── postgresql └── SpringBootSecurityPostgresqlApplicationTests.java /.gitignore: -------------------------------------------------------------------------------- 1 | HELP.md 2 | target/ 3 | !.mvn/wrapper/maven-wrapper.jar 4 | !**/src/main/**/target/ 5 | !**/src/test/**/target/ 6 | 7 | ### STS ### 8 | .apt_generated 9 | .classpath 10 | .factorypath 11 | .project 12 | .settings 13 | .springBeans 14 | .sts4-cache 15 | 16 | ### IntelliJ IDEA ### 17 | .idea 18 | *.iws 19 | *.iml 20 | *.ipr 21 | 22 | ### NetBeans ### 23 | /nbproject/private/ 24 | /nbbuild/ 25 | /dist/ 26 | /nbdist/ 27 | /.nb-gradle/ 28 | build/ 29 | !**/src/main/**/build/ 30 | !**/src/test/**/build/ 31 | 32 | ### VS Code ### 33 | .vscode/ 34 | -------------------------------------------------------------------------------- /.mvn/wrapper/MavenWrapperDownloader.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2007-present the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * https://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | import java.net.*; 17 | import java.io.*; 18 | import java.nio.channels.*; 19 | import java.util.Properties; 20 | 21 | public class MavenWrapperDownloader { 22 | 23 | private static final String WRAPPER_VERSION = "0.5.6"; 24 | /** 25 | * Default URL to download the maven-wrapper.jar from, if no 'downloadUrl' is provided. 26 | */ 27 | private static final String DEFAULT_DOWNLOAD_URL = "https://repo.maven.apache.org/maven2/io/takari/maven-wrapper/" 28 | + WRAPPER_VERSION + "/maven-wrapper-" + WRAPPER_VERSION + ".jar"; 29 | 30 | /** 31 | * Path to the maven-wrapper.properties file, which might contain a downloadUrl property to 32 | * use instead of the default one. 33 | */ 34 | private static final String MAVEN_WRAPPER_PROPERTIES_PATH = 35 | ".mvn/wrapper/maven-wrapper.properties"; 36 | 37 | /** 38 | * Path where the maven-wrapper.jar will be saved to. 39 | */ 40 | private static final String MAVEN_WRAPPER_JAR_PATH = 41 | ".mvn/wrapper/maven-wrapper.jar"; 42 | 43 | /** 44 | * Name of the property which should be used to override the default download url for the wrapper. 45 | */ 46 | private static final String PROPERTY_NAME_WRAPPER_URL = "wrapperUrl"; 47 | 48 | public static void main(String args[]) { 49 | System.out.println("- Downloader started"); 50 | File baseDirectory = new File(args[0]); 51 | System.out.println("- Using base directory: " + baseDirectory.getAbsolutePath()); 52 | 53 | // If the maven-wrapper.properties exists, read it and check if it contains a custom 54 | // wrapperUrl parameter. 55 | File mavenWrapperPropertyFile = new File(baseDirectory, MAVEN_WRAPPER_PROPERTIES_PATH); 56 | String url = DEFAULT_DOWNLOAD_URL; 57 | if(mavenWrapperPropertyFile.exists()) { 58 | FileInputStream mavenWrapperPropertyFileInputStream = null; 59 | try { 60 | mavenWrapperPropertyFileInputStream = new FileInputStream(mavenWrapperPropertyFile); 61 | Properties mavenWrapperProperties = new Properties(); 62 | mavenWrapperProperties.load(mavenWrapperPropertyFileInputStream); 63 | url = mavenWrapperProperties.getProperty(PROPERTY_NAME_WRAPPER_URL, url); 64 | } catch (IOException e) { 65 | System.out.println("- ERROR loading '" + MAVEN_WRAPPER_PROPERTIES_PATH + "'"); 66 | } finally { 67 | try { 68 | if(mavenWrapperPropertyFileInputStream != null) { 69 | mavenWrapperPropertyFileInputStream.close(); 70 | } 71 | } catch (IOException e) { 72 | // Ignore ... 73 | } 74 | } 75 | } 76 | System.out.println("- Downloading from: " + url); 77 | 78 | File outputFile = new File(baseDirectory.getAbsolutePath(), MAVEN_WRAPPER_JAR_PATH); 79 | if(!outputFile.getParentFile().exists()) { 80 | if(!outputFile.getParentFile().mkdirs()) { 81 | System.out.println( 82 | "- ERROR creating output directory '" + outputFile.getParentFile().getAbsolutePath() + "'"); 83 | } 84 | } 85 | System.out.println("- Downloading to: " + outputFile.getAbsolutePath()); 86 | try { 87 | downloadFileFromURL(url, outputFile); 88 | System.out.println("Done"); 89 | System.exit(0); 90 | } catch (Throwable e) { 91 | System.out.println("- Error downloading"); 92 | e.printStackTrace(); 93 | System.exit(1); 94 | } 95 | } 96 | 97 | private static void downloadFileFromURL(String urlString, File destination) throws Exception { 98 | if (System.getenv("MVNW_USERNAME") != null && System.getenv("MVNW_PASSWORD") != null) { 99 | String username = System.getenv("MVNW_USERNAME"); 100 | char[] password = System.getenv("MVNW_PASSWORD").toCharArray(); 101 | Authenticator.setDefault(new Authenticator() { 102 | @Override 103 | protected PasswordAuthentication getPasswordAuthentication() { 104 | return new PasswordAuthentication(username, password); 105 | } 106 | }); 107 | } 108 | URL website = new URL(urlString); 109 | ReadableByteChannel rbc; 110 | rbc = Channels.newChannel(website.openStream()); 111 | FileOutputStream fos = new FileOutputStream(destination); 112 | fos.getChannel().transferFrom(rbc, 0, Long.MAX_VALUE); 113 | fos.close(); 114 | rbc.close(); 115 | } 116 | 117 | } 118 | -------------------------------------------------------------------------------- /.mvn/wrapper/maven-wrapper.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/bezkoder/spring-boot-security-postgresql/beac7948962abae3c5bced0e67ae8ac49e957eb4/.mvn/wrapper/maven-wrapper.jar -------------------------------------------------------------------------------- /.mvn/wrapper/maven-wrapper.properties: -------------------------------------------------------------------------------- 1 | distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.6.3/apache-maven-3.6.3-bin.zip 2 | wrapperUrl=https://repo.maven.apache.org/maven2/io/takari/maven-wrapper/0.5.6/maven-wrapper-0.5.6.jar 3 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Spring Boot, Spring Security, PostgreSQL: JWT Authentication & Authorization example 2 | 3 | ## User Registration, User Login and Authorization process. 4 | The diagram shows flow of how we implement User Registration, User Login and Authorization process. 5 | 6 | ![spring-boot-spring-security-postgresql-jwt-authentication-flow](spring-boot-spring-security-postgresql-jwt-authentication-flow.png) 7 | 8 | ## Spring Boot Server Architecture with Spring Security 9 | You can have an overview of our Spring Boot Server with the diagram below: 10 | 11 | ![spring-boot-spring-security-postgresql-jwt-authentication-architecture](spring-boot-spring-security-postgresql-jwt-authentication-architecture.png) 12 | 13 | ## Configure Spring Datasource, JPA, App properties 14 | Open `src/main/resources/application.properties` 15 | 16 | ``` 17 | spring.datasource.url= jdbc:postgresql://localhost:5432/testdb 18 | spring.datasource.username= postgres 19 | spring.datasource.password= 123 20 | 21 | spring.jpa.properties.hibernate.jdbc.lob.non_contextual_creation= true 22 | spring.jpa.properties.hibernate.dialect= org.hibernate.dialect.PostgreSQLDialect 23 | 24 | # Hibernate ddl auto (create, create-drop, validate, update) 25 | spring.jpa.hibernate.ddl-auto= update 26 | 27 | # App Properties 28 | bezkoder.app.jwtSecret= ======================BezKoder=Spring=========================== 29 | bezkoder.app.jwtExpirationMs= 86400000 30 | ``` 31 | 32 | ## Run Spring Boot application 33 | ``` 34 | mvn spring-boot:run 35 | ``` 36 | 37 | ## Run following SQL insert statements 38 | ``` 39 | INSERT INTO roles(name) VALUES('ROLE_USER'); 40 | INSERT INTO roles(name) VALUES('ROLE_MODERATOR'); 41 | INSERT INTO roles(name) VALUES('ROLE_ADMIN'); 42 | ``` 43 | 44 | For more detail, please visit: 45 | > [Spring Boot, Spring Security, PostgreSQL: JWT Authentication & Authorization example](https://bezkoder.com/spring-boot-security-postgresql-jwt-authentication/) 46 | 47 | > [For MySQL](https://bezkoder.com/spring-boot-jwt-authentication/) 48 | 49 | > [For MongoDB](https://bezkoder.com/spring-boot-jwt-auth-mongodb/) 50 | 51 | ## Refresh Token 52 | 53 | ![spring-boot-refresh-token-jwt-example-flow](spring-boot-refresh-token-jwt-example-flow.png) 54 | 55 | For instruction: [Spring Boot Refresh Token with JWT example](https://bezkoder.com/spring-boot-refresh-token-jwt/) 56 | 57 | ## More Practice: 58 | > [Spring Boot File upload example with Multipart File](https://bezkoder.com/spring-boot-file-upload/) 59 | 60 | > [Exception handling: @RestControllerAdvice example in Spring Boot](https://bezkoder.com/spring-boot-restcontrolleradvice/) 61 | 62 | > [Spring Boot Repository Unit Test with @DataJpaTest](https://bezkoder.com/spring-boot-unit-test-jpa-repo-datajpatest/) 63 | 64 | > [Spring Boot Rest Controller Unit Test with @WebMvcTest](https://www.bezkoder.com/spring-boot-webmvctest/) 65 | 66 | > [Spring Boot Pagination & Sorting example](https://www.bezkoder.com/spring-boot-pagination-sorting-example/) 67 | 68 | > Validation: [Spring Boot Validate Request Body](https://www.bezkoder.com/spring-boot-validate-request-body/) 69 | 70 | > Documentation: [Spring Boot and Swagger 3 example](https://www.bezkoder.com/spring-boot-swagger-3/) 71 | 72 | > Caching: [Spring Boot Redis Cache example](https://www.bezkoder.com/spring-boot-redis-cache-example/) 73 | 74 | Associations: 75 | > [Spring Boot One To Many example with Spring JPA, Hibernate](https://www.bezkoder.com/jpa-one-to-many/) 76 | 77 | > [Spring Boot Many To Many example with Spring JPA, Hibernate](https://www.bezkoder.com/jpa-many-to-many/) 78 | 79 | > [JPA One To One example with Spring Boot](https://www.bezkoder.com/jpa-one-to-one/) 80 | 81 | ## Fullstack Authentication 82 | 83 | > [Spring Boot + Vue.js JWT Authentication](https://bezkoder.com/spring-boot-vue-js-authentication-jwt-spring-security/) 84 | 85 | > [Spring Boot + Angular 8 JWT Authentication](https://bezkoder.com/angular-spring-boot-jwt-auth/) 86 | 87 | > [Spring Boot + Angular 10 JWT Authentication](https://bezkoder.com/angular-10-spring-boot-jwt-auth/) 88 | 89 | > [Spring Boot + Angular 11 JWT Authentication](https://bezkoder.com/angular-11-spring-boot-jwt-auth/) 90 | 91 | > [Spring Boot + Angular 12 JWT Authentication](https://www.bezkoder.com/angular-12-spring-boot-jwt-auth/) 92 | 93 | > [Spring Boot + Angular 13 JWT Authentication](https://www.bezkoder.com/angular-13-spring-boot-jwt-auth/) 94 | 95 | > [Spring Boot + Angular 14 JWT Authentication](https://www.bezkoder.com/angular-14-spring-boot-jwt-auth/) 96 | 97 | > [Spring Boot + Angular 15 JWT Authentication](https://www.bezkoder.com/angular-15-spring-boot-jwt-auth/) 98 | 99 | > [Spring Boot + Angular 16 JWT Authentication](https://www.bezkoder.com/angular-16-spring-boot-jwt-auth/) 100 | 101 | > [Spring Boot + Angular 17 JWT Authentication](https://www.bezkoder.com/angular-17-spring-boot-jwt-auth/) 102 | 103 | > [Spring Boot + React JWT Authentication](https://bezkoder.com/spring-boot-react-jwt-auth/) 104 | 105 | ## Fullstack CRUD App 106 | 107 | > [Vue.js + Spring Boot + PostgreSQL example](https://www.bezkoder.com/spring-boot-vue-js-postgresql/) 108 | 109 | > [Angular 8 + Spring Boot + PostgreSQL example](https://bezkoder.com/angular-spring-boot-postgresql/) 110 | 111 | > [Angular 10 + Spring Boot + PostgreSQL example](https://bezkoder.com/angular-10-spring-boot-postgresql/) 112 | 113 | > [Angular 11 + Spring Boot + PostgreSQL example](https://bezkoder.com/angular-11-spring-boot-postgresql/) 114 | 115 | > [Angular 12 + Spring Boot + PostgreSQL example](https://www.bezkoder.com/angular-12-spring-boot-postgresql/) 116 | 117 | > [Angular 13 + Spring Boot + PostgreSQL example](https://www.bezkoder.com/spring-boot-angular-13-postgresql/) 118 | 119 | > [Angular 14 + Spring Boot + PostgreSQL example](https://www.bezkoder.com/spring-boot-angular-14-postgresql/) 120 | 121 | > [Angular 15 + Spring Boot + PostgreSQL example](https://www.bezkoder.com/spring-boot-angular-15-postgresql/) 122 | 123 | > [Angular 16 + Spring Boot + PostgreSQL example](https://www.bezkoder.com/spring-boot-angular-16-postgresql/) 124 | 125 | > [Angular 17 + Spring Boot + PostgreSQL example](https://www.bezkoder.com/spring-boot-angular-17-postgresql/) 126 | 127 | > [React + Spring Boot + PostgreSQL example](https://bezkoder.com/spring-boot-react-postgresql/) 128 | 129 | Run both Back-end & Front-end in one place: 130 | > [Integrate Angular with Spring Boot Rest API](https://bezkoder.com/integrate-angular-spring-boot/) 131 | 132 | > [Integrate React.js with Spring Boot Rest API](https://bezkoder.com/integrate-reactjs-spring-boot/) 133 | 134 | > [Integrate Vue.js with Spring Boot Rest API](https://bezkoder.com/integrate-vue-spring-boot/) 135 | -------------------------------------------------------------------------------- /mvnw: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # ---------------------------------------------------------------------------- 3 | # Licensed to the Apache Software Foundation (ASF) under one 4 | # or more contributor license agreements. See the NOTICE file 5 | # distributed with this work for additional information 6 | # regarding copyright ownership. The ASF licenses this file 7 | # to you under the Apache License, Version 2.0 (the 8 | # "License"); you may not use this file except in compliance 9 | # with the License. You may obtain a copy of the License at 10 | # 11 | # https://www.apache.org/licenses/LICENSE-2.0 12 | # 13 | # Unless required by applicable law or agreed to in writing, 14 | # software distributed under the License is distributed on an 15 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 16 | # KIND, either express or implied. See the License for the 17 | # specific language governing permissions and limitations 18 | # under the License. 19 | # ---------------------------------------------------------------------------- 20 | 21 | # ---------------------------------------------------------------------------- 22 | # Maven Start Up Batch script 23 | # 24 | # Required ENV vars: 25 | # ------------------ 26 | # JAVA_HOME - location of a JDK home dir 27 | # 28 | # Optional ENV vars 29 | # ----------------- 30 | # M2_HOME - location of maven2's installed home dir 31 | # MAVEN_OPTS - parameters passed to the Java VM when running Maven 32 | # e.g. to debug Maven itself, use 33 | # set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000 34 | # MAVEN_SKIP_RC - flag to disable loading of mavenrc files 35 | # ---------------------------------------------------------------------------- 36 | 37 | if [ -z "$MAVEN_SKIP_RC" ] ; then 38 | 39 | if [ -f /etc/mavenrc ] ; then 40 | . /etc/mavenrc 41 | fi 42 | 43 | if [ -f "$HOME/.mavenrc" ] ; then 44 | . "$HOME/.mavenrc" 45 | fi 46 | 47 | fi 48 | 49 | # OS specific support. $var _must_ be set to either true or false. 50 | cygwin=false; 51 | darwin=false; 52 | mingw=false 53 | case "`uname`" in 54 | CYGWIN*) cygwin=true ;; 55 | MINGW*) mingw=true;; 56 | Darwin*) darwin=true 57 | # Use /usr/libexec/java_home if available, otherwise fall back to /Library/Java/Home 58 | # See https://developer.apple.com/library/mac/qa/qa1170/_index.html 59 | if [ -z "$JAVA_HOME" ]; then 60 | if [ -x "/usr/libexec/java_home" ]; then 61 | export JAVA_HOME="`/usr/libexec/java_home`" 62 | else 63 | export JAVA_HOME="/Library/Java/Home" 64 | fi 65 | fi 66 | ;; 67 | esac 68 | 69 | if [ -z "$JAVA_HOME" ] ; then 70 | if [ -r /etc/gentoo-release ] ; then 71 | JAVA_HOME=`java-config --jre-home` 72 | fi 73 | fi 74 | 75 | if [ -z "$M2_HOME" ] ; then 76 | ## resolve links - $0 may be a link to maven's home 77 | PRG="$0" 78 | 79 | # need this for relative symlinks 80 | while [ -h "$PRG" ] ; do 81 | ls=`ls -ld "$PRG"` 82 | link=`expr "$ls" : '.*-> \(.*\)$'` 83 | if expr "$link" : '/.*' > /dev/null; then 84 | PRG="$link" 85 | else 86 | PRG="`dirname "$PRG"`/$link" 87 | fi 88 | done 89 | 90 | saveddir=`pwd` 91 | 92 | M2_HOME=`dirname "$PRG"`/.. 93 | 94 | # make it fully qualified 95 | M2_HOME=`cd "$M2_HOME" && pwd` 96 | 97 | cd "$saveddir" 98 | # echo Using m2 at $M2_HOME 99 | fi 100 | 101 | # For Cygwin, ensure paths are in UNIX format before anything is touched 102 | if $cygwin ; then 103 | [ -n "$M2_HOME" ] && 104 | M2_HOME=`cygpath --unix "$M2_HOME"` 105 | [ -n "$JAVA_HOME" ] && 106 | JAVA_HOME=`cygpath --unix "$JAVA_HOME"` 107 | [ -n "$CLASSPATH" ] && 108 | CLASSPATH=`cygpath --path --unix "$CLASSPATH"` 109 | fi 110 | 111 | # For Mingw, ensure paths are in UNIX format before anything is touched 112 | if $mingw ; then 113 | [ -n "$M2_HOME" ] && 114 | M2_HOME="`(cd "$M2_HOME"; pwd)`" 115 | [ -n "$JAVA_HOME" ] && 116 | JAVA_HOME="`(cd "$JAVA_HOME"; pwd)`" 117 | fi 118 | 119 | if [ -z "$JAVA_HOME" ]; then 120 | javaExecutable="`which javac`" 121 | if [ -n "$javaExecutable" ] && ! [ "`expr \"$javaExecutable\" : '\([^ ]*\)'`" = "no" ]; then 122 | # readlink(1) is not available as standard on Solaris 10. 123 | readLink=`which readlink` 124 | if [ ! `expr "$readLink" : '\([^ ]*\)'` = "no" ]; then 125 | if $darwin ; then 126 | javaHome="`dirname \"$javaExecutable\"`" 127 | javaExecutable="`cd \"$javaHome\" && pwd -P`/javac" 128 | else 129 | javaExecutable="`readlink -f \"$javaExecutable\"`" 130 | fi 131 | javaHome="`dirname \"$javaExecutable\"`" 132 | javaHome=`expr "$javaHome" : '\(.*\)/bin'` 133 | JAVA_HOME="$javaHome" 134 | export JAVA_HOME 135 | fi 136 | fi 137 | fi 138 | 139 | if [ -z "$JAVACMD" ] ; then 140 | if [ -n "$JAVA_HOME" ] ; then 141 | if [ -x "$JAVA_HOME/jre/sh/java" ] ; then 142 | # IBM's JDK on AIX uses strange locations for the executables 143 | JAVACMD="$JAVA_HOME/jre/sh/java" 144 | else 145 | JAVACMD="$JAVA_HOME/bin/java" 146 | fi 147 | else 148 | JAVACMD="`which java`" 149 | fi 150 | fi 151 | 152 | if [ ! -x "$JAVACMD" ] ; then 153 | echo "Error: JAVA_HOME is not defined correctly." >&2 154 | echo " We cannot execute $JAVACMD" >&2 155 | exit 1 156 | fi 157 | 158 | if [ -z "$JAVA_HOME" ] ; then 159 | echo "Warning: JAVA_HOME environment variable is not set." 160 | fi 161 | 162 | CLASSWORLDS_LAUNCHER=org.codehaus.plexus.classworlds.launcher.Launcher 163 | 164 | # traverses directory structure from process work directory to filesystem root 165 | # first directory with .mvn subdirectory is considered project base directory 166 | find_maven_basedir() { 167 | 168 | if [ -z "$1" ] 169 | then 170 | echo "Path not specified to find_maven_basedir" 171 | return 1 172 | fi 173 | 174 | basedir="$1" 175 | wdir="$1" 176 | while [ "$wdir" != '/' ] ; do 177 | if [ -d "$wdir"/.mvn ] ; then 178 | basedir=$wdir 179 | break 180 | fi 181 | # workaround for JBEAP-8937 (on Solaris 10/Sparc) 182 | if [ -d "${wdir}" ]; then 183 | wdir=`cd "$wdir/.."; pwd` 184 | fi 185 | # end of workaround 186 | done 187 | echo "${basedir}" 188 | } 189 | 190 | # concatenates all lines of a file 191 | concat_lines() { 192 | if [ -f "$1" ]; then 193 | echo "$(tr -s '\n' ' ' < "$1")" 194 | fi 195 | } 196 | 197 | BASE_DIR=`find_maven_basedir "$(pwd)"` 198 | if [ -z "$BASE_DIR" ]; then 199 | exit 1; 200 | fi 201 | 202 | ########################################################################################## 203 | # Extension to allow automatically downloading the maven-wrapper.jar from Maven-central 204 | # This allows using the maven wrapper in projects that prohibit checking in binary data. 205 | ########################################################################################## 206 | if [ -r "$BASE_DIR/.mvn/wrapper/maven-wrapper.jar" ]; then 207 | if [ "$MVNW_VERBOSE" = true ]; then 208 | echo "Found .mvn/wrapper/maven-wrapper.jar" 209 | fi 210 | else 211 | if [ "$MVNW_VERBOSE" = true ]; then 212 | echo "Couldn't find .mvn/wrapper/maven-wrapper.jar, downloading it ..." 213 | fi 214 | if [ -n "$MVNW_REPOURL" ]; then 215 | jarUrl="$MVNW_REPOURL/io/takari/maven-wrapper/0.5.6/maven-wrapper-0.5.6.jar" 216 | else 217 | jarUrl="https://repo.maven.apache.org/maven2/io/takari/maven-wrapper/0.5.6/maven-wrapper-0.5.6.jar" 218 | fi 219 | while IFS="=" read key value; do 220 | case "$key" in (wrapperUrl) jarUrl="$value"; break ;; 221 | esac 222 | done < "$BASE_DIR/.mvn/wrapper/maven-wrapper.properties" 223 | if [ "$MVNW_VERBOSE" = true ]; then 224 | echo "Downloading from: $jarUrl" 225 | fi 226 | wrapperJarPath="$BASE_DIR/.mvn/wrapper/maven-wrapper.jar" 227 | if $cygwin; then 228 | wrapperJarPath=`cygpath --path --windows "$wrapperJarPath"` 229 | fi 230 | 231 | if command -v wget > /dev/null; then 232 | if [ "$MVNW_VERBOSE" = true ]; then 233 | echo "Found wget ... using wget" 234 | fi 235 | if [ -z "$MVNW_USERNAME" ] || [ -z "$MVNW_PASSWORD" ]; then 236 | wget "$jarUrl" -O "$wrapperJarPath" 237 | else 238 | wget --http-user=$MVNW_USERNAME --http-password=$MVNW_PASSWORD "$jarUrl" -O "$wrapperJarPath" 239 | fi 240 | elif command -v curl > /dev/null; then 241 | if [ "$MVNW_VERBOSE" = true ]; then 242 | echo "Found curl ... using curl" 243 | fi 244 | if [ -z "$MVNW_USERNAME" ] || [ -z "$MVNW_PASSWORD" ]; then 245 | curl -o "$wrapperJarPath" "$jarUrl" -f 246 | else 247 | curl --user $MVNW_USERNAME:$MVNW_PASSWORD -o "$wrapperJarPath" "$jarUrl" -f 248 | fi 249 | 250 | else 251 | if [ "$MVNW_VERBOSE" = true ]; then 252 | echo "Falling back to using Java to download" 253 | fi 254 | javaClass="$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.java" 255 | # For Cygwin, switch paths to Windows format before running javac 256 | if $cygwin; then 257 | javaClass=`cygpath --path --windows "$javaClass"` 258 | fi 259 | if [ -e "$javaClass" ]; then 260 | if [ ! -e "$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.class" ]; then 261 | if [ "$MVNW_VERBOSE" = true ]; then 262 | echo " - Compiling MavenWrapperDownloader.java ..." 263 | fi 264 | # Compiling the Java class 265 | ("$JAVA_HOME/bin/javac" "$javaClass") 266 | fi 267 | if [ -e "$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.class" ]; then 268 | # Running the downloader 269 | if [ "$MVNW_VERBOSE" = true ]; then 270 | echo " - Running MavenWrapperDownloader.java ..." 271 | fi 272 | ("$JAVA_HOME/bin/java" -cp .mvn/wrapper MavenWrapperDownloader "$MAVEN_PROJECTBASEDIR") 273 | fi 274 | fi 275 | fi 276 | fi 277 | ########################################################################################## 278 | # End of extension 279 | ########################################################################################## 280 | 281 | export MAVEN_PROJECTBASEDIR=${MAVEN_BASEDIR:-"$BASE_DIR"} 282 | if [ "$MVNW_VERBOSE" = true ]; then 283 | echo $MAVEN_PROJECTBASEDIR 284 | fi 285 | MAVEN_OPTS="$(concat_lines "$MAVEN_PROJECTBASEDIR/.mvn/jvm.config") $MAVEN_OPTS" 286 | 287 | # For Cygwin, switch paths to Windows format before running java 288 | if $cygwin; then 289 | [ -n "$M2_HOME" ] && 290 | M2_HOME=`cygpath --path --windows "$M2_HOME"` 291 | [ -n "$JAVA_HOME" ] && 292 | JAVA_HOME=`cygpath --path --windows "$JAVA_HOME"` 293 | [ -n "$CLASSPATH" ] && 294 | CLASSPATH=`cygpath --path --windows "$CLASSPATH"` 295 | [ -n "$MAVEN_PROJECTBASEDIR" ] && 296 | MAVEN_PROJECTBASEDIR=`cygpath --path --windows "$MAVEN_PROJECTBASEDIR"` 297 | fi 298 | 299 | # Provide a "standardized" way to retrieve the CLI args that will 300 | # work with both Windows and non-Windows executions. 301 | MAVEN_CMD_LINE_ARGS="$MAVEN_CONFIG $@" 302 | export MAVEN_CMD_LINE_ARGS 303 | 304 | WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain 305 | 306 | exec "$JAVACMD" \ 307 | $MAVEN_OPTS \ 308 | -classpath "$MAVEN_PROJECTBASEDIR/.mvn/wrapper/maven-wrapper.jar" \ 309 | "-Dmaven.home=${M2_HOME}" "-Dmaven.multiModuleProjectDirectory=${MAVEN_PROJECTBASEDIR}" \ 310 | ${WRAPPER_LAUNCHER} $MAVEN_CONFIG "$@" 311 | -------------------------------------------------------------------------------- /mvnw.cmd: -------------------------------------------------------------------------------- 1 | @REM ---------------------------------------------------------------------------- 2 | @REM Licensed to the Apache Software Foundation (ASF) under one 3 | @REM or more contributor license agreements. See the NOTICE file 4 | @REM distributed with this work for additional information 5 | @REM regarding copyright ownership. The ASF licenses this file 6 | @REM to you under the Apache License, Version 2.0 (the 7 | @REM "License"); you may not use this file except in compliance 8 | @REM with the License. You may obtain a copy of the License at 9 | @REM 10 | @REM https://www.apache.org/licenses/LICENSE-2.0 11 | @REM 12 | @REM Unless required by applicable law or agreed to in writing, 13 | @REM software distributed under the License is distributed on an 14 | @REM "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 15 | @REM KIND, either express or implied. See the License for the 16 | @REM specific language governing permissions and limitations 17 | @REM under the License. 18 | @REM ---------------------------------------------------------------------------- 19 | 20 | @REM ---------------------------------------------------------------------------- 21 | @REM Maven Start Up Batch script 22 | @REM 23 | @REM Required ENV vars: 24 | @REM JAVA_HOME - location of a JDK home dir 25 | @REM 26 | @REM Optional ENV vars 27 | @REM M2_HOME - location of maven2's installed home dir 28 | @REM MAVEN_BATCH_ECHO - set to 'on' to enable the echoing of the batch commands 29 | @REM MAVEN_BATCH_PAUSE - set to 'on' to wait for a keystroke before ending 30 | @REM MAVEN_OPTS - parameters passed to the Java VM when running Maven 31 | @REM e.g. to debug Maven itself, use 32 | @REM set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000 33 | @REM MAVEN_SKIP_RC - flag to disable loading of mavenrc files 34 | @REM ---------------------------------------------------------------------------- 35 | 36 | @REM Begin all REM lines with '@' in case MAVEN_BATCH_ECHO is 'on' 37 | @echo off 38 | @REM set title of command window 39 | title %0 40 | @REM enable echoing by setting MAVEN_BATCH_ECHO to 'on' 41 | @if "%MAVEN_BATCH_ECHO%" == "on" echo %MAVEN_BATCH_ECHO% 42 | 43 | @REM set %HOME% to equivalent of $HOME 44 | if "%HOME%" == "" (set "HOME=%HOMEDRIVE%%HOMEPATH%") 45 | 46 | @REM Execute a user defined script before this one 47 | if not "%MAVEN_SKIP_RC%" == "" goto skipRcPre 48 | @REM check for pre script, once with legacy .bat ending and once with .cmd ending 49 | if exist "%HOME%\mavenrc_pre.bat" call "%HOME%\mavenrc_pre.bat" 50 | if exist "%HOME%\mavenrc_pre.cmd" call "%HOME%\mavenrc_pre.cmd" 51 | :skipRcPre 52 | 53 | @setlocal 54 | 55 | set ERROR_CODE=0 56 | 57 | @REM To isolate internal variables from possible post scripts, we use another setlocal 58 | @setlocal 59 | 60 | @REM ==== START VALIDATION ==== 61 | if not "%JAVA_HOME%" == "" goto OkJHome 62 | 63 | echo. 64 | echo Error: JAVA_HOME not found in your environment. >&2 65 | echo Please set the JAVA_HOME variable in your environment to match the >&2 66 | echo location of your Java installation. >&2 67 | echo. 68 | goto error 69 | 70 | :OkJHome 71 | if exist "%JAVA_HOME%\bin\java.exe" goto init 72 | 73 | echo. 74 | echo Error: JAVA_HOME is set to an invalid directory. >&2 75 | echo JAVA_HOME = "%JAVA_HOME%" >&2 76 | echo Please set the JAVA_HOME variable in your environment to match the >&2 77 | echo location of your Java installation. >&2 78 | echo. 79 | goto error 80 | 81 | @REM ==== END VALIDATION ==== 82 | 83 | :init 84 | 85 | @REM Find the project base dir, i.e. the directory that contains the folder ".mvn". 86 | @REM Fallback to current working directory if not found. 87 | 88 | set MAVEN_PROJECTBASEDIR=%MAVEN_BASEDIR% 89 | IF NOT "%MAVEN_PROJECTBASEDIR%"=="" goto endDetectBaseDir 90 | 91 | set EXEC_DIR=%CD% 92 | set WDIR=%EXEC_DIR% 93 | :findBaseDir 94 | IF EXIST "%WDIR%"\.mvn goto baseDirFound 95 | cd .. 96 | IF "%WDIR%"=="%CD%" goto baseDirNotFound 97 | set WDIR=%CD% 98 | goto findBaseDir 99 | 100 | :baseDirFound 101 | set MAVEN_PROJECTBASEDIR=%WDIR% 102 | cd "%EXEC_DIR%" 103 | goto endDetectBaseDir 104 | 105 | :baseDirNotFound 106 | set MAVEN_PROJECTBASEDIR=%EXEC_DIR% 107 | cd "%EXEC_DIR%" 108 | 109 | :endDetectBaseDir 110 | 111 | IF NOT EXIST "%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config" goto endReadAdditionalConfig 112 | 113 | @setlocal EnableExtensions EnableDelayedExpansion 114 | for /F "usebackq delims=" %%a in ("%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config") do set JVM_CONFIG_MAVEN_PROPS=!JVM_CONFIG_MAVEN_PROPS! %%a 115 | @endlocal & set JVM_CONFIG_MAVEN_PROPS=%JVM_CONFIG_MAVEN_PROPS% 116 | 117 | :endReadAdditionalConfig 118 | 119 | SET MAVEN_JAVA_EXE="%JAVA_HOME%\bin\java.exe" 120 | set WRAPPER_JAR="%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.jar" 121 | set WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain 122 | 123 | set DOWNLOAD_URL="https://repo.maven.apache.org/maven2/io/takari/maven-wrapper/0.5.6/maven-wrapper-0.5.6.jar" 124 | 125 | FOR /F "tokens=1,2 delims==" %%A IN ("%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.properties") DO ( 126 | IF "%%A"=="wrapperUrl" SET DOWNLOAD_URL=%%B 127 | ) 128 | 129 | @REM Extension to allow automatically downloading the maven-wrapper.jar from Maven-central 130 | @REM This allows using the maven wrapper in projects that prohibit checking in binary data. 131 | if exist %WRAPPER_JAR% ( 132 | if "%MVNW_VERBOSE%" == "true" ( 133 | echo Found %WRAPPER_JAR% 134 | ) 135 | ) else ( 136 | if not "%MVNW_REPOURL%" == "" ( 137 | SET DOWNLOAD_URL="%MVNW_REPOURL%/io/takari/maven-wrapper/0.5.6/maven-wrapper-0.5.6.jar" 138 | ) 139 | if "%MVNW_VERBOSE%" == "true" ( 140 | echo Couldn't find %WRAPPER_JAR%, downloading it ... 141 | echo Downloading from: %DOWNLOAD_URL% 142 | ) 143 | 144 | powershell -Command "&{"^ 145 | "$webclient = new-object System.Net.WebClient;"^ 146 | "if (-not ([string]::IsNullOrEmpty('%MVNW_USERNAME%') -and [string]::IsNullOrEmpty('%MVNW_PASSWORD%'))) {"^ 147 | "$webclient.Credentials = new-object System.Net.NetworkCredential('%MVNW_USERNAME%', '%MVNW_PASSWORD%');"^ 148 | "}"^ 149 | "[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; $webclient.DownloadFile('%DOWNLOAD_URL%', '%WRAPPER_JAR%')"^ 150 | "}" 151 | if "%MVNW_VERBOSE%" == "true" ( 152 | echo Finished downloading %WRAPPER_JAR% 153 | ) 154 | ) 155 | @REM End of extension 156 | 157 | @REM Provide a "standardized" way to retrieve the CLI args that will 158 | @REM work with both Windows and non-Windows executions. 159 | set MAVEN_CMD_LINE_ARGS=%* 160 | 161 | %MAVEN_JAVA_EXE% %JVM_CONFIG_MAVEN_PROPS% %MAVEN_OPTS% %MAVEN_DEBUG_OPTS% -classpath %WRAPPER_JAR% "-Dmaven.multiModuleProjectDirectory=%MAVEN_PROJECTBASEDIR%" %WRAPPER_LAUNCHER% %MAVEN_CONFIG% %* 162 | if ERRORLEVEL 1 goto error 163 | goto end 164 | 165 | :error 166 | set ERROR_CODE=1 167 | 168 | :end 169 | @endlocal & set ERROR_CODE=%ERROR_CODE% 170 | 171 | if not "%MAVEN_SKIP_RC%" == "" goto skipRcPost 172 | @REM check for post script, once with legacy .bat ending and once with .cmd ending 173 | if exist "%HOME%\mavenrc_post.bat" call "%HOME%\mavenrc_post.bat" 174 | if exist "%HOME%\mavenrc_post.cmd" call "%HOME%\mavenrc_post.cmd" 175 | :skipRcPost 176 | 177 | @REM pause the script if MAVEN_BATCH_PAUSE is set to 'on' 178 | if "%MAVEN_BATCH_PAUSE%" == "on" pause 179 | 180 | if "%MAVEN_TERMINATE_CMD%" == "on" exit %ERROR_CODE% 181 | 182 | exit /B %ERROR_CODE% 183 | -------------------------------------------------------------------------------- /pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 5 | 4.0.0 6 | 7 | org.springframework.boot 8 | spring-boot-starter-parent 9 | 3.1.0 10 | 11 | 12 | com.bezkoder 13 | spring-boot-security-postgresql 14 | 0.0.1-SNAPSHOT 15 | spring-boot-security-postgresql 16 | Spring Boot, Spring Security, PostgreSQL: JWT Authentication & Authorization example 17 | 18 | 19 | 17 20 | 21 | 22 | 23 | 24 | org.springframework.boot 25 | spring-boot-starter-data-jpa 26 | 27 | 28 | 29 | org.springframework.boot 30 | spring-boot-starter-security 31 | 32 | 33 | 34 | org.springframework.boot 35 | spring-boot-starter-validation 36 | 37 | 38 | 39 | org.springframework.boot 40 | spring-boot-starter-web 41 | 42 | 43 | 44 | org.postgresql 45 | postgresql 46 | runtime 47 | 48 | 49 | 50 | io.jsonwebtoken 51 | jjwt-api 52 | 0.11.5 53 | 54 | 55 | 56 | io.jsonwebtoken 57 | jjwt-impl 58 | 0.11.5 59 | runtime 60 | 61 | 62 | 63 | io.jsonwebtoken 64 | jjwt-jackson 65 | 0.11.5 66 | runtime 67 | 68 | 69 | 70 | org.springframework.boot 71 | spring-boot-starter-test 72 | test 73 | 74 | 75 | 76 | org.springframework.security 77 | spring-security-test 78 | test 79 | 80 | 81 | 82 | 83 | 84 | 85 | org.springframework.boot 86 | spring-boot-maven-plugin 87 | 88 | 89 | 90 | 91 | 92 | -------------------------------------------------------------------------------- /spring-boot-refresh-token-jwt-example-flow.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/bezkoder/spring-boot-security-postgresql/beac7948962abae3c5bced0e67ae8ac49e957eb4/spring-boot-refresh-token-jwt-example-flow.png -------------------------------------------------------------------------------- /spring-boot-spring-security-postgresql-jwt-authentication-architecture.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/bezkoder/spring-boot-security-postgresql/beac7948962abae3c5bced0e67ae8ac49e957eb4/spring-boot-spring-security-postgresql-jwt-authentication-architecture.png -------------------------------------------------------------------------------- /spring-boot-spring-security-postgresql-jwt-authentication-flow.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/bezkoder/spring-boot-security-postgresql/beac7948962abae3c5bced0e67ae8ac49e957eb4/spring-boot-spring-security-postgresql-jwt-authentication-flow.png -------------------------------------------------------------------------------- /src/main/java/com/bezkoder/spring/security/postgresql/SpringBootSecurityPostgresqlApplication.java: -------------------------------------------------------------------------------- 1 | package com.bezkoder.spring.security.postgresql; 2 | 3 | import org.springframework.boot.SpringApplication; 4 | import org.springframework.boot.autoconfigure.SpringBootApplication; 5 | 6 | @SpringBootApplication 7 | public class SpringBootSecurityPostgresqlApplication { 8 | 9 | public static void main(String[] args) { 10 | SpringApplication.run(SpringBootSecurityPostgresqlApplication.class, args); 11 | } 12 | 13 | } 14 | -------------------------------------------------------------------------------- /src/main/java/com/bezkoder/spring/security/postgresql/controllers/AuthController.java: -------------------------------------------------------------------------------- 1 | package com.bezkoder.spring.security.postgresql.controllers; 2 | 3 | import java.util.HashSet; 4 | import java.util.List; 5 | import java.util.Set; 6 | import java.util.stream.Collectors; 7 | 8 | import jakarta.validation.Valid; 9 | 10 | import org.springframework.beans.factory.annotation.Autowired; 11 | import org.springframework.http.ResponseEntity; 12 | import org.springframework.security.authentication.AuthenticationManager; 13 | import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; 14 | import org.springframework.security.core.Authentication; 15 | import org.springframework.security.core.context.SecurityContextHolder; 16 | import org.springframework.security.crypto.password.PasswordEncoder; 17 | import org.springframework.web.bind.annotation.CrossOrigin; 18 | import org.springframework.web.bind.annotation.PostMapping; 19 | import org.springframework.web.bind.annotation.RequestBody; 20 | import org.springframework.web.bind.annotation.RequestMapping; 21 | import org.springframework.web.bind.annotation.RestController; 22 | 23 | import com.bezkoder.spring.security.postgresql.models.ERole; 24 | import com.bezkoder.spring.security.postgresql.models.Role; 25 | import com.bezkoder.spring.security.postgresql.models.User; 26 | import com.bezkoder.spring.security.postgresql.payload.request.LoginRequest; 27 | import com.bezkoder.spring.security.postgresql.payload.request.SignupRequest; 28 | import com.bezkoder.spring.security.postgresql.payload.response.JwtResponse; 29 | import com.bezkoder.spring.security.postgresql.payload.response.MessageResponse; 30 | import com.bezkoder.spring.security.postgresql.repository.RoleRepository; 31 | import com.bezkoder.spring.security.postgresql.repository.UserRepository; 32 | import com.bezkoder.spring.security.postgresql.security.jwt.JwtUtils; 33 | import com.bezkoder.spring.security.postgresql.security.services.UserDetailsImpl; 34 | 35 | @CrossOrigin(origins = "*", maxAge = 3600) 36 | @RestController 37 | @RequestMapping("/api/auth") 38 | public class AuthController { 39 | @Autowired 40 | AuthenticationManager authenticationManager; 41 | 42 | @Autowired 43 | UserRepository userRepository; 44 | 45 | @Autowired 46 | RoleRepository roleRepository; 47 | 48 | @Autowired 49 | PasswordEncoder encoder; 50 | 51 | @Autowired 52 | JwtUtils jwtUtils; 53 | 54 | @PostMapping("/signin") 55 | public ResponseEntity authenticateUser(@Valid @RequestBody LoginRequest loginRequest) { 56 | 57 | Authentication authentication = authenticationManager 58 | .authenticate(new UsernamePasswordAuthenticationToken(loginRequest.getUsername(), loginRequest.getPassword())); 59 | 60 | SecurityContextHolder.getContext().setAuthentication(authentication); 61 | String jwt = jwtUtils.generateJwtToken(authentication); 62 | 63 | UserDetailsImpl userDetails = (UserDetailsImpl) authentication.getPrincipal(); 64 | List roles = userDetails.getAuthorities().stream().map(item -> item.getAuthority()) 65 | .collect(Collectors.toList()); 66 | 67 | return ResponseEntity 68 | .ok(new JwtResponse(jwt, userDetails.getId(), userDetails.getUsername(), userDetails.getEmail(), roles)); 69 | } 70 | 71 | @PostMapping("/signup") 72 | public ResponseEntity registerUser(@Valid @RequestBody SignupRequest signUpRequest) { 73 | if (userRepository.existsByUsername(signUpRequest.getUsername())) { 74 | return ResponseEntity.badRequest().body(new MessageResponse("Error: Username is already taken!")); 75 | } 76 | 77 | if (userRepository.existsByEmail(signUpRequest.getEmail())) { 78 | return ResponseEntity.badRequest().body(new MessageResponse("Error: Email is already in use!")); 79 | } 80 | 81 | // Create new user's account 82 | User user = new User(signUpRequest.getUsername(), signUpRequest.getEmail(), 83 | encoder.encode(signUpRequest.getPassword())); 84 | 85 | Set strRoles = signUpRequest.getRole(); 86 | Set roles = new HashSet<>(); 87 | 88 | if (strRoles == null) { 89 | Role userRole = roleRepository.findByName(ERole.ROLE_USER) 90 | .orElseThrow(() -> new RuntimeException("Error: Role is not found.")); 91 | roles.add(userRole); 92 | } else { 93 | strRoles.forEach(role -> { 94 | switch (role) { 95 | case "admin": 96 | Role adminRole = roleRepository.findByName(ERole.ROLE_ADMIN) 97 | .orElseThrow(() -> new RuntimeException("Error: Role is not found.")); 98 | roles.add(adminRole); 99 | 100 | break; 101 | case "mod": 102 | Role modRole = roleRepository.findByName(ERole.ROLE_MODERATOR) 103 | .orElseThrow(() -> new RuntimeException("Error: Role is not found.")); 104 | roles.add(modRole); 105 | 106 | break; 107 | default: 108 | Role userRole = roleRepository.findByName(ERole.ROLE_USER) 109 | .orElseThrow(() -> new RuntimeException("Error: Role is not found.")); 110 | roles.add(userRole); 111 | } 112 | }); 113 | } 114 | 115 | user.setRoles(roles); 116 | userRepository.save(user); 117 | 118 | return ResponseEntity.ok(new MessageResponse("User registered successfully!")); 119 | } 120 | } 121 | -------------------------------------------------------------------------------- /src/main/java/com/bezkoder/spring/security/postgresql/controllers/TestController.java: -------------------------------------------------------------------------------- 1 | package com.bezkoder.spring.security.postgresql.controllers; 2 | 3 | import org.springframework.security.access.prepost.PreAuthorize; 4 | import org.springframework.web.bind.annotation.CrossOrigin; 5 | import org.springframework.web.bind.annotation.GetMapping; 6 | import org.springframework.web.bind.annotation.RequestMapping; 7 | import org.springframework.web.bind.annotation.RestController; 8 | 9 | @CrossOrigin(origins = "*", maxAge = 3600) 10 | @RestController 11 | @RequestMapping("/api/test") 12 | public class TestController { 13 | @GetMapping("/all") 14 | public String allAccess() { 15 | return "Public Content."; 16 | } 17 | 18 | @GetMapping("/user") 19 | @PreAuthorize("hasRole('USER') or hasRole('MODERATOR') or hasRole('ADMIN')") 20 | public String userAccess() { 21 | return "User Content."; 22 | } 23 | 24 | @GetMapping("/mod") 25 | @PreAuthorize("hasRole('MODERATOR')") 26 | public String moderatorAccess() { 27 | return "Moderator Board."; 28 | } 29 | 30 | @GetMapping("/admin") 31 | @PreAuthorize("hasRole('ADMIN')") 32 | public String adminAccess() { 33 | return "Admin Board."; 34 | } 35 | } 36 | -------------------------------------------------------------------------------- /src/main/java/com/bezkoder/spring/security/postgresql/models/ERole.java: -------------------------------------------------------------------------------- 1 | package com.bezkoder.spring.security.postgresql.models; 2 | 3 | public enum ERole { 4 | ROLE_USER, 5 | ROLE_MODERATOR, 6 | ROLE_ADMIN 7 | } 8 | -------------------------------------------------------------------------------- /src/main/java/com/bezkoder/spring/security/postgresql/models/Role.java: -------------------------------------------------------------------------------- 1 | package com.bezkoder.spring.security.postgresql.models; 2 | 3 | import jakarta.persistence.*; 4 | 5 | @Entity 6 | @Table(name = "roles") 7 | public class Role { 8 | @Id 9 | @GeneratedValue(strategy = GenerationType.IDENTITY) 10 | private Integer id; 11 | 12 | @Enumerated(EnumType.STRING) 13 | @Column(length = 20) 14 | private ERole name; 15 | 16 | public Role() { 17 | 18 | } 19 | 20 | public Role(ERole name) { 21 | this.name = name; 22 | } 23 | 24 | public Integer getId() { 25 | return id; 26 | } 27 | 28 | public void setId(Integer id) { 29 | this.id = id; 30 | } 31 | 32 | public ERole getName() { 33 | return name; 34 | } 35 | 36 | public void setName(ERole name) { 37 | this.name = name; 38 | } 39 | } -------------------------------------------------------------------------------- /src/main/java/com/bezkoder/spring/security/postgresql/models/User.java: -------------------------------------------------------------------------------- 1 | package com.bezkoder.spring.security.postgresql.models; 2 | 3 | import java.util.HashSet; 4 | import java.util.Set; 5 | 6 | import jakarta.persistence.*; 7 | import jakarta.validation.constraints.Email; 8 | import jakarta.validation.constraints.NotBlank; 9 | import jakarta.validation.constraints.Size; 10 | 11 | @Entity 12 | @Table( name = "users", 13 | uniqueConstraints = { 14 | @UniqueConstraint(columnNames = "username"), 15 | @UniqueConstraint(columnNames = "email") 16 | }) 17 | public class User { 18 | @Id 19 | @GeneratedValue(strategy = GenerationType.IDENTITY) 20 | private Long id; 21 | 22 | @NotBlank 23 | @Size(max = 20) 24 | private String username; 25 | 26 | @NotBlank 27 | @Size(max = 50) 28 | @Email 29 | private String email; 30 | 31 | @NotBlank 32 | @Size(max = 120) 33 | private String password; 34 | 35 | @ManyToMany(fetch = FetchType.LAZY) 36 | @JoinTable(name = "user_roles", joinColumns = @JoinColumn(name = "user_id"), inverseJoinColumns = @JoinColumn(name = "role_id")) 37 | private Set roles = new HashSet<>(); 38 | 39 | public User() { 40 | } 41 | 42 | public User(String username, String email, String password) { 43 | this.username = username; 44 | this.email = email; 45 | this.password = password; 46 | } 47 | 48 | public Long getId() { 49 | return id; 50 | } 51 | 52 | public void setId(Long id) { 53 | this.id = id; 54 | } 55 | 56 | public String getUsername() { 57 | return username; 58 | } 59 | 60 | public void setUsername(String username) { 61 | this.username = username; 62 | } 63 | 64 | public String getEmail() { 65 | return email; 66 | } 67 | 68 | public void setEmail(String email) { 69 | this.email = email; 70 | } 71 | 72 | public String getPassword() { 73 | return password; 74 | } 75 | 76 | public void setPassword(String password) { 77 | this.password = password; 78 | } 79 | 80 | public Set getRoles() { 81 | return roles; 82 | } 83 | 84 | public void setRoles(Set roles) { 85 | this.roles = roles; 86 | } 87 | } 88 | -------------------------------------------------------------------------------- /src/main/java/com/bezkoder/spring/security/postgresql/payload/request/LoginRequest.java: -------------------------------------------------------------------------------- 1 | package com.bezkoder.spring.security.postgresql.payload.request; 2 | 3 | import jakarta.validation.constraints.NotBlank; 4 | 5 | public class LoginRequest { 6 | @NotBlank 7 | private String username; 8 | 9 | @NotBlank 10 | private String password; 11 | 12 | public String getUsername() { 13 | return username; 14 | } 15 | 16 | public void setUsername(String username) { 17 | this.username = username; 18 | } 19 | 20 | public String getPassword() { 21 | return password; 22 | } 23 | 24 | public void setPassword(String password) { 25 | this.password = password; 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /src/main/java/com/bezkoder/spring/security/postgresql/payload/request/SignupRequest.java: -------------------------------------------------------------------------------- 1 | package com.bezkoder.spring.security.postgresql.payload.request; 2 | 3 | import java.util.Set; 4 | 5 | import jakarta.validation.constraints.*; 6 | 7 | public class SignupRequest { 8 | @NotBlank 9 | @Size(min = 3, max = 20) 10 | private String username; 11 | 12 | @NotBlank 13 | @Size(max = 50) 14 | @Email 15 | private String email; 16 | 17 | private Set role; 18 | 19 | @NotBlank 20 | @Size(min = 6, max = 40) 21 | private String password; 22 | 23 | public String getUsername() { 24 | return username; 25 | } 26 | 27 | public void setUsername(String username) { 28 | this.username = username; 29 | } 30 | 31 | public String getEmail() { 32 | return email; 33 | } 34 | 35 | public void setEmail(String email) { 36 | this.email = email; 37 | } 38 | 39 | public String getPassword() { 40 | return password; 41 | } 42 | 43 | public void setPassword(String password) { 44 | this.password = password; 45 | } 46 | 47 | public Set getRole() { 48 | return this.role; 49 | } 50 | 51 | public void setRole(Set role) { 52 | this.role = role; 53 | } 54 | } 55 | -------------------------------------------------------------------------------- /src/main/java/com/bezkoder/spring/security/postgresql/payload/response/JwtResponse.java: -------------------------------------------------------------------------------- 1 | package com.bezkoder.spring.security.postgresql.payload.response; 2 | 3 | import java.util.List; 4 | 5 | public class JwtResponse { 6 | private String token; 7 | private String type = "Bearer"; 8 | private Long id; 9 | private String username; 10 | private String email; 11 | private List roles; 12 | 13 | public JwtResponse(String accessToken, Long id, String username, String email, List roles) { 14 | this.token = accessToken; 15 | this.id = id; 16 | this.username = username; 17 | this.email = email; 18 | this.roles = roles; 19 | } 20 | 21 | public String getAccessToken() { 22 | return token; 23 | } 24 | 25 | public void setAccessToken(String accessToken) { 26 | this.token = accessToken; 27 | } 28 | 29 | public String getTokenType() { 30 | return type; 31 | } 32 | 33 | public void setTokenType(String tokenType) { 34 | this.type = tokenType; 35 | } 36 | 37 | public Long getId() { 38 | return id; 39 | } 40 | 41 | public void setId(Long id) { 42 | this.id = id; 43 | } 44 | 45 | public String getEmail() { 46 | return email; 47 | } 48 | 49 | public void setEmail(String email) { 50 | this.email = email; 51 | } 52 | 53 | public String getUsername() { 54 | return username; 55 | } 56 | 57 | public void setUsername(String username) { 58 | this.username = username; 59 | } 60 | 61 | public List getRoles() { 62 | return roles; 63 | } 64 | } 65 | -------------------------------------------------------------------------------- /src/main/java/com/bezkoder/spring/security/postgresql/payload/response/MessageResponse.java: -------------------------------------------------------------------------------- 1 | package com.bezkoder.spring.security.postgresql.payload.response; 2 | 3 | public class MessageResponse { 4 | private String message; 5 | 6 | public MessageResponse(String message) { 7 | this.message = message; 8 | } 9 | 10 | public String getMessage() { 11 | return message; 12 | } 13 | 14 | public void setMessage(String message) { 15 | this.message = message; 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /src/main/java/com/bezkoder/spring/security/postgresql/repository/RoleRepository.java: -------------------------------------------------------------------------------- 1 | package com.bezkoder.spring.security.postgresql.repository; 2 | 3 | import java.util.Optional; 4 | 5 | import org.springframework.data.jpa.repository.JpaRepository; 6 | import org.springframework.stereotype.Repository; 7 | 8 | import com.bezkoder.spring.security.postgresql.models.ERole; 9 | import com.bezkoder.spring.security.postgresql.models.Role; 10 | 11 | @Repository 12 | public interface RoleRepository extends JpaRepository { 13 | Optional findByName(ERole name); 14 | } 15 | -------------------------------------------------------------------------------- /src/main/java/com/bezkoder/spring/security/postgresql/repository/UserRepository.java: -------------------------------------------------------------------------------- 1 | package com.bezkoder.spring.security.postgresql.repository; 2 | 3 | import java.util.Optional; 4 | 5 | import org.springframework.data.jpa.repository.JpaRepository; 6 | import org.springframework.stereotype.Repository; 7 | 8 | import com.bezkoder.spring.security.postgresql.models.User; 9 | 10 | @Repository 11 | public interface UserRepository extends JpaRepository { 12 | Optional findByUsername(String username); 13 | 14 | Boolean existsByUsername(String username); 15 | 16 | Boolean existsByEmail(String email); 17 | } 18 | -------------------------------------------------------------------------------- /src/main/java/com/bezkoder/spring/security/postgresql/security/WebSecurityConfig.java: -------------------------------------------------------------------------------- 1 | package com.bezkoder.spring.security.postgresql.security; 2 | 3 | import org.springframework.beans.factory.annotation.Autowired; 4 | import org.springframework.context.annotation.Bean; 5 | import org.springframework.context.annotation.Configuration; 6 | import org.springframework.security.authentication.AuthenticationManager; 7 | import org.springframework.security.authentication.dao.DaoAuthenticationProvider; 8 | //import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; 9 | import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration; 10 | import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity; 11 | import org.springframework.security.config.annotation.web.builders.HttpSecurity; 12 | //import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; 13 | //import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; 14 | import org.springframework.security.config.http.SessionCreationPolicy; 15 | import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; 16 | import org.springframework.security.crypto.password.PasswordEncoder; 17 | import org.springframework.security.web.SecurityFilterChain; 18 | import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; 19 | 20 | import com.bezkoder.spring.security.postgresql.security.jwt.AuthEntryPointJwt; 21 | import com.bezkoder.spring.security.postgresql.security.jwt.AuthTokenFilter; 22 | import com.bezkoder.spring.security.postgresql.security.services.UserDetailsServiceImpl; 23 | 24 | @Configuration 25 | @EnableMethodSecurity 26 | // (securedEnabled = true, 27 | // jsr250Enabled = true, 28 | // prePostEnabled = true) // by default 29 | public class WebSecurityConfig { // extends WebSecurityConfigurerAdapter { 30 | @Autowired 31 | UserDetailsServiceImpl userDetailsService; 32 | 33 | @Autowired 34 | private AuthEntryPointJwt unauthorizedHandler; 35 | 36 | @Bean 37 | public AuthTokenFilter authenticationJwtTokenFilter() { 38 | return new AuthTokenFilter(); 39 | } 40 | 41 | // @Override 42 | // public void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception { 43 | // authenticationManagerBuilder.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder()); 44 | // } 45 | 46 | @Bean 47 | public DaoAuthenticationProvider authenticationProvider() { 48 | DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider(); 49 | 50 | authProvider.setUserDetailsService(userDetailsService); 51 | authProvider.setPasswordEncoder(passwordEncoder()); 52 | 53 | return authProvider; 54 | } 55 | 56 | // @Bean 57 | // @Override 58 | // public AuthenticationManager authenticationManagerBean() throws Exception { 59 | // return super.authenticationManagerBean(); 60 | // } 61 | 62 | @Bean 63 | public AuthenticationManager authenticationManager(AuthenticationConfiguration authConfig) throws Exception { 64 | return authConfig.getAuthenticationManager(); 65 | } 66 | 67 | @Bean 68 | public PasswordEncoder passwordEncoder() { 69 | return new BCryptPasswordEncoder(); 70 | } 71 | 72 | // @Override 73 | // protected void configure(HttpSecurity http) throws Exception { 74 | // http.cors().and().csrf().disable() 75 | // .exceptionHandling().authenticationEntryPoint(unauthorizedHandler).and() 76 | // .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and() 77 | // .authorizeRequests().antMatchers("/api/auth/**").permitAll() 78 | // .antMatchers("/api/test/**").permitAll() 79 | // .anyRequest().authenticated(); 80 | // 81 | // http.addFilterBefore(authenticationJwtTokenFilter(), UsernamePasswordAuthenticationFilter.class); 82 | // } 83 | 84 | @Bean 85 | public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { 86 | http.csrf(csrf -> csrf.disable()) 87 | .exceptionHandling(exception -> exception.authenticationEntryPoint(unauthorizedHandler)) 88 | .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) 89 | .authorizeHttpRequests(auth -> 90 | auth.requestMatchers("/api/auth/**").permitAll() 91 | .requestMatchers("/api/test/**").permitAll() 92 | .anyRequest().authenticated() 93 | ); 94 | 95 | http.authenticationProvider(authenticationProvider()); 96 | 97 | http.addFilterBefore(authenticationJwtTokenFilter(), UsernamePasswordAuthenticationFilter.class); 98 | 99 | return http.build(); 100 | } 101 | } -------------------------------------------------------------------------------- /src/main/java/com/bezkoder/spring/security/postgresql/security/jwt/AuthEntryPointJwt.java: -------------------------------------------------------------------------------- 1 | package com.bezkoder.spring.security.postgresql.security.jwt; 2 | 3 | import java.io.IOException; 4 | import java.util.HashMap; 5 | import java.util.Map; 6 | 7 | import jakarta.servlet.ServletException; 8 | import jakarta.servlet.http.HttpServletRequest; 9 | import jakarta.servlet.http.HttpServletResponse; 10 | 11 | import org.slf4j.Logger; 12 | import org.slf4j.LoggerFactory; 13 | import org.springframework.http.MediaType; 14 | import org.springframework.security.core.AuthenticationException; 15 | import org.springframework.security.web.AuthenticationEntryPoint; 16 | import org.springframework.stereotype.Component; 17 | 18 | import com.fasterxml.jackson.databind.ObjectMapper; 19 | 20 | @Component 21 | public class AuthEntryPointJwt implements AuthenticationEntryPoint { 22 | 23 | private static final Logger logger = LoggerFactory.getLogger(AuthEntryPointJwt.class); 24 | 25 | @Override 26 | public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) 27 | throws IOException, ServletException { 28 | logger.error("Unauthorized error: {}", authException.getMessage()); 29 | 30 | response.setContentType(MediaType.APPLICATION_JSON_VALUE); 31 | response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); 32 | 33 | final Map body = new HashMap<>(); 34 | body.put("status", HttpServletResponse.SC_UNAUTHORIZED); 35 | body.put("error", "Unauthorized"); 36 | body.put("message", authException.getMessage()); 37 | body.put("path", request.getServletPath()); 38 | 39 | final ObjectMapper mapper = new ObjectMapper(); 40 | mapper.writeValue(response.getOutputStream(), body); 41 | 42 | // response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Error: Unauthorized"); 43 | } 44 | 45 | } 46 | -------------------------------------------------------------------------------- /src/main/java/com/bezkoder/spring/security/postgresql/security/jwt/AuthTokenFilter.java: -------------------------------------------------------------------------------- 1 | package com.bezkoder.spring.security.postgresql.security.jwt; 2 | 3 | import java.io.IOException; 4 | 5 | import jakarta.servlet.FilterChain; 6 | import jakarta.servlet.ServletException; 7 | import jakarta.servlet.http.HttpServletRequest; 8 | import jakarta.servlet.http.HttpServletResponse; 9 | 10 | import org.slf4j.Logger; 11 | import org.slf4j.LoggerFactory; 12 | import org.springframework.beans.factory.annotation.Autowired; 13 | import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; 14 | import org.springframework.security.core.context.SecurityContextHolder; 15 | import org.springframework.security.core.userdetails.UserDetails; 16 | import org.springframework.security.web.authentication.WebAuthenticationDetailsSource; 17 | import org.springframework.util.StringUtils; 18 | import org.springframework.web.filter.OncePerRequestFilter; 19 | 20 | import com.bezkoder.spring.security.postgresql.security.services.UserDetailsServiceImpl; 21 | 22 | public class AuthTokenFilter extends OncePerRequestFilter { 23 | @Autowired 24 | private JwtUtils jwtUtils; 25 | 26 | @Autowired 27 | private UserDetailsServiceImpl userDetailsService; 28 | 29 | private static final Logger logger = LoggerFactory.getLogger(AuthTokenFilter.class); 30 | 31 | @Override 32 | protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) 33 | throws ServletException, IOException { 34 | try { 35 | String jwt = parseJwt(request); 36 | if (jwt != null && jwtUtils.validateJwtToken(jwt)) { 37 | String username = jwtUtils.getUserNameFromJwtToken(jwt); 38 | 39 | UserDetails userDetails = userDetailsService.loadUserByUsername(username); 40 | UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails, null, 41 | userDetails.getAuthorities()); 42 | authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); 43 | 44 | SecurityContextHolder.getContext().setAuthentication(authentication); 45 | } 46 | } catch (Exception e) { 47 | logger.error("Cannot set user authentication: {}", e); 48 | } 49 | 50 | filterChain.doFilter(request, response); 51 | } 52 | 53 | private String parseJwt(HttpServletRequest request) { 54 | String headerAuth = request.getHeader("Authorization"); 55 | 56 | if (StringUtils.hasText(headerAuth) && headerAuth.startsWith("Bearer ")) { 57 | return headerAuth.substring(7, headerAuth.length()); 58 | } 59 | 60 | return null; 61 | } 62 | } 63 | -------------------------------------------------------------------------------- /src/main/java/com/bezkoder/spring/security/postgresql/security/jwt/JwtUtils.java: -------------------------------------------------------------------------------- 1 | package com.bezkoder.spring.security.postgresql.security.jwt; 2 | 3 | import java.security.Key; 4 | import java.util.Date; 5 | 6 | import org.slf4j.Logger; 7 | import org.slf4j.LoggerFactory; 8 | import org.springframework.beans.factory.annotation.Value; 9 | import org.springframework.security.core.Authentication; 10 | import org.springframework.stereotype.Component; 11 | 12 | import com.bezkoder.spring.security.postgresql.security.services.UserDetailsImpl; 13 | 14 | import io.jsonwebtoken.*; 15 | import io.jsonwebtoken.io.Decoders; 16 | import io.jsonwebtoken.security.Keys; 17 | 18 | @Component 19 | public class JwtUtils { 20 | private static final Logger logger = LoggerFactory.getLogger(JwtUtils.class); 21 | 22 | @Value("${bezkoder.app.jwtSecret}") 23 | private String jwtSecret; 24 | 25 | @Value("${bezkoder.app.jwtExpirationMs}") 26 | private int jwtExpirationMs; 27 | 28 | public String generateJwtToken(Authentication authentication) { 29 | 30 | UserDetailsImpl userPrincipal = (UserDetailsImpl) authentication.getPrincipal(); 31 | 32 | return Jwts.builder() 33 | .setSubject((userPrincipal.getUsername())) 34 | .setIssuedAt(new Date()) 35 | .setExpiration(new Date((new Date()).getTime() + jwtExpirationMs)) 36 | .signWith(key(), SignatureAlgorithm.HS256) 37 | .compact(); 38 | } 39 | 40 | private Key key() { 41 | return Keys.hmacShaKeyFor(Decoders.BASE64.decode(jwtSecret)); 42 | } 43 | 44 | public String getUserNameFromJwtToken(String token) { 45 | return Jwts.parserBuilder().setSigningKey(key()).build() 46 | .parseClaimsJws(token).getBody().getSubject(); 47 | } 48 | 49 | public boolean validateJwtToken(String authToken) { 50 | try { 51 | Jwts.parserBuilder().setSigningKey(key()).build().parse(authToken); 52 | return true; 53 | } catch (MalformedJwtException e) { 54 | logger.error("Invalid JWT token: {}", e.getMessage()); 55 | } catch (ExpiredJwtException e) { 56 | logger.error("JWT token is expired: {}", e.getMessage()); 57 | } catch (UnsupportedJwtException e) { 58 | logger.error("JWT token is unsupported: {}", e.getMessage()); 59 | } catch (IllegalArgumentException e) { 60 | logger.error("JWT claims string is empty: {}", e.getMessage()); 61 | } 62 | 63 | return false; 64 | } 65 | } 66 | -------------------------------------------------------------------------------- /src/main/java/com/bezkoder/spring/security/postgresql/security/services/UserDetailsImpl.java: -------------------------------------------------------------------------------- 1 | package com.bezkoder.spring.security.postgresql.security.services; 2 | 3 | import java.util.Collection; 4 | import java.util.List; 5 | import java.util.Objects; 6 | import java.util.stream.Collectors; 7 | 8 | import org.springframework.security.core.GrantedAuthority; 9 | import org.springframework.security.core.authority.SimpleGrantedAuthority; 10 | import org.springframework.security.core.userdetails.UserDetails; 11 | 12 | import com.bezkoder.spring.security.postgresql.models.User; 13 | import com.fasterxml.jackson.annotation.JsonIgnore; 14 | 15 | public class UserDetailsImpl implements UserDetails { 16 | private static final long serialVersionUID = 1L; 17 | 18 | private Long id; 19 | 20 | private String username; 21 | 22 | private String email; 23 | 24 | @JsonIgnore 25 | private String password; 26 | 27 | private Collection authorities; 28 | 29 | public UserDetailsImpl(Long id, String username, String email, String password, 30 | Collection authorities) { 31 | this.id = id; 32 | this.username = username; 33 | this.email = email; 34 | this.password = password; 35 | this.authorities = authorities; 36 | } 37 | 38 | public static UserDetailsImpl build(User user) { 39 | List authorities = user.getRoles().stream() 40 | .map(role -> new SimpleGrantedAuthority(role.getName().name())) 41 | .collect(Collectors.toList()); 42 | 43 | return new UserDetailsImpl(user.getId(), 44 | user.getUsername(), 45 | user.getEmail(), 46 | user.getPassword(), 47 | authorities); 48 | } 49 | 50 | @Override 51 | public Collection getAuthorities() { 52 | return authorities; 53 | } 54 | 55 | public Long getId() { 56 | return id; 57 | } 58 | 59 | public String getEmail() { 60 | return email; 61 | } 62 | 63 | @Override 64 | public String getPassword() { 65 | return password; 66 | } 67 | 68 | @Override 69 | public String getUsername() { 70 | return username; 71 | } 72 | 73 | @Override 74 | public boolean isAccountNonExpired() { 75 | return true; 76 | } 77 | 78 | @Override 79 | public boolean isAccountNonLocked() { 80 | return true; 81 | } 82 | 83 | @Override 84 | public boolean isCredentialsNonExpired() { 85 | return true; 86 | } 87 | 88 | @Override 89 | public boolean isEnabled() { 90 | return true; 91 | } 92 | 93 | @Override 94 | public boolean equals(Object o) { 95 | if (this == o) 96 | return true; 97 | if (o == null || getClass() != o.getClass()) 98 | return false; 99 | UserDetailsImpl user = (UserDetailsImpl) o; 100 | return Objects.equals(id, user.id); 101 | } 102 | } 103 | -------------------------------------------------------------------------------- /src/main/java/com/bezkoder/spring/security/postgresql/security/services/UserDetailsServiceImpl.java: -------------------------------------------------------------------------------- 1 | package com.bezkoder.spring.security.postgresql.security.services; 2 | 3 | import org.springframework.beans.factory.annotation.Autowired; 4 | import org.springframework.security.core.userdetails.UserDetails; 5 | import org.springframework.security.core.userdetails.UserDetailsService; 6 | import org.springframework.security.core.userdetails.UsernameNotFoundException; 7 | import org.springframework.stereotype.Service; 8 | import org.springframework.transaction.annotation.Transactional; 9 | 10 | import com.bezkoder.spring.security.postgresql.models.User; 11 | import com.bezkoder.spring.security.postgresql.repository.UserRepository; 12 | 13 | @Service 14 | public class UserDetailsServiceImpl implements UserDetailsService { 15 | @Autowired 16 | UserRepository userRepository; 17 | 18 | @Override 19 | @Transactional 20 | public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { 21 | User user = userRepository.findByUsername(username) 22 | .orElseThrow(() -> new UsernameNotFoundException("User Not Found with username: " + username)); 23 | 24 | return UserDetailsImpl.build(user); 25 | } 26 | 27 | } 28 | -------------------------------------------------------------------------------- /src/main/resources/application.properties: -------------------------------------------------------------------------------- 1 | spring.datasource.url= jdbc:postgresql://localhost:5432/testdb 2 | spring.datasource.username= postgres 3 | spring.datasource.password= 123 4 | 5 | spring.jpa.properties.hibernate.jdbc.lob.non_contextual_creation= true 6 | spring.jpa.properties.hibernate.dialect= org.hibernate.dialect.PostgreSQLDialect 7 | 8 | # Hibernate ddl auto (create, create-drop, validate, update) 9 | spring.jpa.hibernate.ddl-auto= update 10 | 11 | # App Properties 12 | bezkoder.app.jwtSecret= ======================BezKoder=Spring=========================== 13 | bezkoder.app.jwtExpirationMs= 86400000 -------------------------------------------------------------------------------- /src/test/java/com/bezkoder/spring/security/postgresql/SpringBootSecurityPostgresqlApplicationTests.java: -------------------------------------------------------------------------------- 1 | package com.bezkoder.spring.security.postgresql; 2 | 3 | import org.junit.jupiter.api.Test; 4 | import org.springframework.boot.test.context.SpringBootTest; 5 | 6 | @SpringBootTest 7 | public class SpringBootSecurityPostgresqlApplicationTests { 8 | 9 | @Test 10 | public void contextLoads() { 11 | } 12 | 13 | } --------------------------------------------------------------------------------