All geek questions in one place

How to implement AngularJS JWT Authentication for Java Spring REST API

I want to implement local user management for my application. for the back-end I use java spring REST. I do not use a cloud user management service like Auth0 or UserApp . Due to some function, I want to use the JWT method for user authentication and authorization, but I don’t see how to implement it in Java and AngularJS?

+5
source share
3 answers

I talked about how to add authentication using JWT to an AngularJS application.

You can see it here: https://www.youtube.com/watch?v=lDb_GANDR8U

The code for this presentation is here: https://github.com/auth0/angularjs-jwt-authentication-tutorial

In this example, the server is NodeJS. If you need Java, you can do something similar to https://github.com/auth0/spring-security-auth0/tree/master/examples/spring-boot-api-example . This example is for Auth0, but the JWT check also applies to your case :), since it is generic.

Let me know if this helps.

Hurrah!

+11
source

Try the satellizer . They provide a Java server implementation in the sample folder. Check it out

+1
source

Although this may seem complicated, it will be very useful for you to take a look at the Stormpath . For this, we have a fairly simple solution. Please take a look at Using Stormpath for API Authentication .

As a result, your solution will look like this:

  • You will use the Stormpath Java SDK to easily delegate all your user management needs.

  • When the user clicks the login button, your interface will safely send credentials to your backend-end through its REST API.

    2.1. By the way, Stormpath significantly expands all the features here. Instead of your own login page, you can fully delegate the login / registration function to Stormpath via IDSite or you can also delegate it to our Servlet plugin . Stormpath also supports Google, Facebook, LinkedIn, and Github login.

  • Then your backend will try to authenticate the user using the Stormpath Backend and return an access token as a result:

     /** This code will throw an Exception if the authentication fails */ public void postOAuthToken(HttpServletRequest request, HttpServletResponse response) { Application application = client.getResource(applicationRestUrl, Application.class); //Getting the authentication result AccessTokenResult result = (AccessTokenResult) application.authenticateApiRequest(request); //Here you can get all the user data stored in Stormpath Account account = accessTokenResult.getAccount(); response.setStatus(HttpServletResponse.SC_OK); response.setContentType("application/json"); //Output the json of the Access Token response.getWriter().print(token.toJson()); response.getWriter().flush(); }

  • Then for each authenticated request, your backend will do:

     public void getEquipment(HttpServletRequest request, HttpServletResponse response) { Application application = client.getResource(applicationRestUrl, Application.class); OauthAuthenticationResult result = (OauthAuthenticationResult) application.authenticateOauthRequest(request).execute(); System.out.println(result.getApiKey()); System.out.println(result.getAccount()); //Return what you need to return in the response handleEquipmentRequest(response); }

Please see here for more information.

Hope this helps!

Disclaimer, I am an active member of the Stormpath.

-2
source

Source: https://habr.com/ru/post/1216283/

More articles:


All Articles