Why is there both a User and JwtUser class?
Closed this issue · 1 comments
Firstly thank you for sharing this - i finally managed to implement a working Spring Security + JTW looking at your project here!
I am not sure i understand why these 2 classes exists in the project and why the loadUserByUsername() method in JwtUserDetailsServiceImpl is not just returning a custom user class that implements UserDetails?
I changed my own implementation to this:
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
return repo.findByUsername(username);
}where in my case the repo returns a UserAccount which implements UserDetails and the above works.
This is purely a question to try and understand the differences between the 2 implementations.
thanks -
You're welcome!
I'm returning the "JwtUser" instead the entity bean "User" directly because it is a good practice not to expose entity beans directly. Entity beans may have information that you don't want to expose outside your application. So I'm mapping the User to the JwtUser and exposing this as a DTO (Data Transfer Object).
But it is totally fine, if it is okay for you to expose the entity bean directly from the repo!