Angular 10 Spring Boot JWT Authentication Example – Angular 6, 8, 9, 10 + Spring Security + MySQL/PostgreSQL

Author: loizenai

Angular10 SpringBoot Jwt Authentication - Backend Development/pom.xml

@@ -0,0 +1,74 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
+	<modelVersion>4.0.0</modelVersion>
+	<parent>
+		<groupId>org.springframework.boot</groupId>
+		<artifactId>spring-boot-starter-parent</artifactId>
+		<version>2.2.7.RELEASE</version>
+		<relativePath/> <!-- lookup parent from repository -->
+	</parent>
+	<groupId>com.loizenai</groupId>
+	<artifactId>SpringBootJwtAuthenticationExamples</artifactId>
+	<version>1</version>
+	<name>SpringBootJwtAuthenticationExamples</name>
+	<description>SpringBootJwtAuthenticationExamples</description>
+
+	<properties>
+		<java.version>1.8</java.version>
+	</properties>
+
+	<dependencies>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-data-jpa</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-security</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-web</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>mysql</groupId>
+			<artifactId>mysql-connector-java</artifactId>
+			<scope>runtime</scope>
+		</dependency>
+
+		<!-- For Working with Json Web Tokens (JWT) -->
+		<dependency>
+			<groupId>io.jsonwebtoken</groupId>
+			<artifactId>jjwt</artifactId>
+			<version>0.9.0</version>
+		</dependency>	
+	
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter</artifactId>
+		</dependency>
+
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-test</artifactId>
+			<scope>test</scope>
+			<exclusions>
+				<exclusion>
+					<groupId>org.junit.vintage</groupId>
+					<artifactId>junit-vintage-engine</artifactId>
+				</exclusion>
+			</exclusions>
+		</dependency>
+	</dependencies>
+
+	<build>
+		<plugins>
+			<plugin>
+				<groupId>org.springframework.boot</groupId>
+				<artifactId>spring-boot-maven-plugin</artifactId>
+			</plugin>
+		</plugins>
+	</build>
+
+</project>

Angular10 SpringBoot Jwt Authentication - Backend Development/src/main/java/com/loizenai/jwtauthentication/SpringBootJwtAuthenticationExamplesApplication.java

@@ -0,0 +1,13 @@
+package com.loizenai.jwtauthentication;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication
+public class SpringBootJwtAuthenticationExamplesApplication {
+
+	public static void main(String[] args) {
+		SpringApplication.run(SpringBootJwtAuthenticationExamplesApplication.class, args);
+	}
+
+}

Angular10 SpringBoot Jwt Authentication - Backend Development/src/main/java/com/loizenai/jwtauthentication/controller/AuthRestAPIs.java

@@ -0,0 +1,113 @@
+package com.loizenai.jwtauthentication.controller;
+
+import java.util.HashSet;
+import java.util.Set;
+
+import javax.validation.Valid;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.web.bind.annotation.CrossOrigin;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import com.loizenai.jwtauthentication.message.request.LoginForm;
+import com.loizenai.jwtauthentication.message.request.SignUpForm;
+import com.loizenai.jwtauthentication.message.response.JwtResponse;
+import com.loizenai.jwtauthentication.message.response.ResponseMessage;
+import com.loizenai.jwtauthentication.model.Role;
+import com.loizenai.jwtauthentication.model.RoleName;
+import com.loizenai.jwtauthentication.model.User;
+import com.loizenai.jwtauthentication.repository.RoleRepository;
+import com.loizenai.jwtauthentication.repository.UserRepository;
+import com.loizenai.jwtauthentication.security.jwt.JwtProvider;
+
+@CrossOrigin(origins = "*", maxAge = 3600)
+@RestController
+@RequestMapping("/api/auth")
+public class AuthRestAPIs {
+
+	@Autowired
+	AuthenticationManager authenticationManager;
+
+	@Autowired
+	UserRepository userRepository;
+
+	@Autowired
+	RoleRepository roleRepository;
+
+	@Autowired
+	PasswordEncoder encoder;
+
+	@Autowired
+	JwtProvider jwtProvider;
+
+	@PostMapping("/signin")
+	public ResponseEntity<?> authenticateUser(@Valid @RequestBody LoginForm loginRequest) {
+
+		Authentication authentication = authenticationManager.authenticate(
+				new UsernamePasswordAuthenticationToken(loginRequest.getUsername(), loginRequest.getPassword()));
+
+		SecurityContextHolder.getContext().setAuthentication(authentication);
+
+		String jwt = jwtProvider.generateJwtToken(authentication);
+		UserDetails userDetails = (UserDetails) authentication.getPrincipal();
+
+		return ResponseEntity.ok(new JwtResponse(jwt, userDetails.getUsername(), userDetails.getAuthorities()));
+	}
+
+	@PostMapping("/signup")
+	public ResponseEntity<?> registerUser(@Valid @RequestBody SignUpForm signUpRequest) {
+		if (userRepository.existsByUsername(signUpRequest.getUsername())) {
+			return new ResponseEntity<>(new ResponseMessage("Fail -> Username is already taken!"),
+					HttpStatus.BAD_REQUEST);
+		}
+
+		if (userRepository.existsByEmail(signUpRequest.getEmail())) {
+			return new ResponseEntity<>(new ResponseMessage("Fail -> Email is already in use!"),
+					HttpStatus.BAD_REQUEST);
+		}
+
+		// Creating user's account
+		User user = new User(signUpRequest.getName(), signUpRequest.getUsername(), signUpRequest.getEmail(),
+				encoder.encode(signUpRequest.getPassword()));
+
+		Set<String> strRoles = signUpRequest.getRole();
+		Set<Role> roles = new HashSet<>();
+
+		strRoles.forEach(role -> {
+			switch (role) {
+			case "admin":
+				Role adminRole = roleRepository.findByName(RoleName.ROLE_ADMIN)
+						.orElseThrow(() -> new RuntimeException("Fail! -> Cause: User Role not find."));
+				roles.add(adminRole);
+
+				break;
+			case "pm":
+				Role pmRole = roleRepository.findByName(RoleName.ROLE_PM)
+						.orElseThrow(() -> new RuntimeException("Fail! -> Cause: User Role not find."));
+				roles.add(pmRole);
+
+				break;
+			default:
+				Role userRole = roleRepository.findByName(RoleName.ROLE_USER)
+						.orElseThrow(() -> new RuntimeException("Fail! -> Cause: User Role not find."));
+				roles.add(userRole);
+			}
+		});
+
+		user.setRoles(roles);
+		userRepository.save(user);
+
+		return new ResponseEntity<>(new ResponseMessage("User registered successfully!"), HttpStatus.OK);
+	}
+}

Angular10 SpringBoot Jwt Authentication - Backend Development/src/main/java/com/loizenai/jwtauthentication/controller/TestRestAPIs.java

@@ -0,0 +1,29 @@
+package com.loizenai.jwtauthentication.controller;
+
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.web.bind.annotation.CrossOrigin;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@CrossOrigin(origins = "*", maxAge = 3600)
+@RestController
+public class TestRestAPIs {
+	
+	@GetMapping("/api/test/user")
+	@PreAuthorize("hasRole('USER') or hasRole('ADMIN')")
+	public String userAccess() {
+		return ">>> User Contents!";
+	}
+
+	@GetMapping("/api/test/pm")
+	@PreAuthorize("hasRole('PM') or hasRole('ADMIN')")
+	public String projectManagementAccess() {
+		return ">>> Project Management Board";
+	}
+	
+	@GetMapping("/api/test/admin")
+	@PreAuthorize("hasRole('ADMIN')")
+	public String adminAccess() {
+		return ">>> Admin Contents";
+	}
+}

Angular10 SpringBoot Jwt Authentication - Backend Development/src/main/java/com/loizenai/jwtauthentication/message/request/LoginForm.java

@@ -0,0 +1,30 @@
+package com.loizenai.jwtauthentication.message.request;
+
+import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.Size;
+
+public class LoginForm {
+    @NotBlank
+    @Size(min=3, max = 60)
+    private String username;
+
+    @NotBlank
+    @Size(min = 6, max = 40)
+    private String password;
+
+    public String getUsername() {
+        return username;
+    }
+
+    public void setUsername(String username) {
+        this.username = username;
+    }
+
+    public String getPassword() {
+        return password;
+    }
+
+    public void setPassword(String password) {
+        this.password = password;
+    }
+}

Angular10 SpringBoot Jwt Authentication - Backend Development/src/main/java/com/loizenai/jwtauthentication/message/request/SignUpForm.java

@@ -0,0 +1,66 @@
+package com.loizenai.jwtauthentication.message.request;
+
+import java.util.Set;
+
+import javax.validation.constraints.*;
+
+public class SignUpForm {
+    @NotBlank
+    @Size(min = 3, max = 50)
+    private String name;
+
+    @NotBlank
+    @Size(min = 3, max = 50)
+    private String username;
+
+    @NotBlank
+    @Size(max = 60)
+    @Email
+    private String email;
+    
+    private Set<String> role;
+    
+    @NotBlank
+    @Size(min = 6, max = 40)
+    private String password;
+
+    public String getName() {
+        return name;
+    }
+
+    public void setName(String name) {
+        this.name = name;
+    }
+
+    public String getUsername() {
+        return username;
+    }
+
+    public void setUsername(String username) {
+        this.username = username;
+    }
+
+    public String getEmail() {
+        return email;
+    }
+
+    public void setEmail(String email) {
+        this.email = email;
+    }
+
+    public String getPassword() {
+        return password;
+    }
+
+    public void setPassword(String password) {
+        this.password = password;
+    }
+    
+    public Set<String> getRole() {
+    	return this.role;
+    }
+    
+    public void setRole(Set<String> role) {
+    	this.role = role;
+    }
+}

Angular10 SpringBoot Jwt Authentication - Backend Development/src/main/java/com/loizenai/jwtauthentication/message/response/JwtResponse.java

@@ -0,0 +1,46 @@
+package com.loizenai.jwtauthentication.message.response;
+
+import java.util.Collection;
+
+import org.springframework.security.core.GrantedAuthority;
+
+public class JwtResponse {
+	private String token;
+	private String type = "Bearer";
+	private String username;
+	private Collection<? extends GrantedAuthority> authorities;
+
+	public JwtResponse(String accessToken, String username, Collection<? extends GrantedAuthority> authorities) {
+		this.token = accessToken;
+		this.username = username;
+		this.authorities = authorities;
+	}
+
+	public String getAccessToken() {
+		return token;
+	}
+
+	public void setAccessToken(String accessToken) {
+		this.token = accessToken;
+	}
+
+	public String getTokenType() {
+		return type;
+	}
+
+	public void setTokenType(String tokenType) {
+		this.type = tokenType;
+	}
+
+	public String getUsername() {
+		return username;
+	}
+
+	public void setUsername(String username) {
+		this.username = username;
+	}
+	
+    public Collection<? extends GrantedAuthority> getAuthorities() {
+        return authorities;
+    }
+}