
A simple role based authentication implementation using MySQL and JWT

Primary LanguageJava

Spring Boot Security - MySQL and JWT Implementation

This is a simple role based authentication implementation using MySQL and JWT.


  • User authentication using JWT tokens
  • User registration
  • User roles
  • Secured endpoints
  • Password encryption using bcrypt
  • Services and controllers tested using JUnit, Mockito and MockMvc


  • Java 1.8
  • Maven


* Update the application.properties file with your database configuration
* Update the application.properties file with your jwt secret key and expiration time
* Execute the following queries into your database:
    * INSERT INTO roles(name) VALUES('ROLE_USER');
    * INSERT INTO roles(name) VALUES('ROLE_ADMIN');

API Endpoints

Authenticate user


POST /api/auth

curl -H 'Content-Type: application/json' -d '{ "username": "Ermal", "password": "123"}' -X POST http://localhost:8080/api/auth


HTTP/1.1 200 
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Sun, 05 May 2019 21:39:12 GMT


Get authenticated user


GET /api/auth

curl -i -H "Accept: application/json" -H "Authorization: Bearer JWT_TOKEN" http://localhost:8080/api/auth


HTTP/1.1 200 
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Sun, 05 May 2019 21:42:37 GMT


Register user


POST /api/users/register

curl -i -H 'Content-type: application/json' -d '{"name": "Ermali", "username": "MoliFerati", "email": "ermalferatiii@gmail.com", "password": "1234567"}' -X POST http://localhost:8080/api/users/register


HTTP/1.1 201 
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Sun, 05 May 2019 21:44:10 GMT


Create user with custom roles


POST /api/users/create

curl -i -H 'Content-type: application/json' -H 'Authorization: Bearer JWT_TOKEN' -d '{ "name": "Ermal", "username": "Ermaliiii", "email": "ermalferatsi@gmail.com", "password": "ErmalFerati", "roles": [ { "id": 1, "name": "ROLE_USER" }, { "id": 2, "name": "ROLE_ADMIN" } ] }' -X POST http://localhost:8080/api/users/create


HTTP/1.1 201 
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Sun, 05 May 2019 22:50:40 GMT
