This project contains source code to demonstrate how to work with JWT with Spring Boot 3 and Spring Security 6.
- Clone this repository
- Run
docker compose up -d
to start the database - Run
mvn spring-boot:run
- Register a user by sending a POST request to
http://localhost:8080/api/auth/register
with the following body:
{
"username": "user",
"password": "password",
"email": "user@email.com"
}
- Login by sending a POST request to
http://localhost:8080/api/auth/login
with the following body:
{
"username": "user",
"password": "password"
}
You will receive a JWT token in the response body.
- Access the protected resource by sending a GET request to
http://localhost:8080/api/hello
with the token in the Authorization header.
To make the project easy to run, the Private Key(src/main/resources/app.key) is uploaded in the repository. This is a bad practice and should not be done in production. The Private Key should be stored in a secure place and should not be accessible by anyone.