Assalaam-Alaikum ---- السَّلامُ عَلَيْكُم ورَحْمَةُ اللهِ وَبَرَكاتُهُ
Welcome to the Secure Platform with Spring Boot 3, Spring Security 6, PostgreSQL, JWT and Vue.js project.
This project is a secure platform designed for user registration, login, and password restoration. It is built using a
combination of Spring Boot, Spring Security, PostgreSQL, JWT (JSON Web Tokens), and Vue.js.
In today's digital world, ensuring the security of user information is of utmost importance. This platform provides a robust and reliable solution for managing user authentication and access control. Whether you are developing a web application, a mobile app, or any system that requires user management, this project provides a solid foundation.
Those are the main technologies used in this project:
The following are in details technologies used to build this application:
✅ Java 17
✅ Spring Boot 3
✅ Spring Security 6
✅ Spring Data JPA
✅ Docker
✅ PostgreSQL
✅ JUnit
✅ Mockito
✅ JWT
✅ Vue.js
✅ Vue router
✅ Pinia
-
Having Java 17 or later installed.
You can download it from Oracle's website. -
Having PostgreSQL DataBase installed, or you can fire up an instance of PostgreSQL using the docker-compose file provided in the project.
Install PostgreSQL from PostgreSQL's website. -
Having Node.js installed.
You can download it from Node.js's website.
- Clone this repository to your local machine using this
command :
git clone https://github.com/NidhalNaffati/SpringSecurity_SpringBoot6_Vue3_JWT.git - Import the project into your IDE.
- Open the
application.ymlfile located insrc/main/resources/and update the database credentials with your own.
spring:
datasource:
url: jdbc:postgresql://${POSTGRES_HOST:localhost}:${POSTGRES_PORT:5432}/${POSTGRES_DB:postgres} # if the host is not specified, it will be localhost, if the port is not specified, it will be 5432 and if the database is not specified, it will be postgres
username: ${POSTGRES_USER:postgres} # if the username is not specified, it will be postgres
password: ${POSTGRES_PASSWORD:postgres} # if the password is not specified, it will be postgres
redis:
host: ${REDIS_HOST:localhost} # if the host is not specified, it will be localhost
port: ${REDIS_PORT:6379} # if the port is not specified, it will be 6379
time-to-live: 60 # the time to live in seconds- Run the backend via your IDE, or using the Maven plugin
mvn spring-boot:run. - Run the frontend via your IDE, or using the following command
npm run dev.
Global Diagram of the application:
Diagram of the architecture of the spring security application:
Diagram of class of the application:
After running the application, you can use Postman to communicate with the REST API endpoints.
Each endpoint expects a specific input format and returns a specific output format.
If you want to test it out in Postman, you can import the collections located in src/test/postman/
The following endpoints are available in the API:
| HTTP Method | Endpoint | Request Body | Response Body | Exception(s) | Authorization Header | Description |
|---|---|---|---|---|---|---|
POST |
/api/v1/auth/register |
RegisterRequest |
String |
PasswordDontMatchExceptionEmailAlreadyExistsExceptionMailSendExceptionException |
- | Registers a new user. |
POST |
/api/v1/auth/authenticate |
AuthenticationRequest |
AuthenticationResponse |
- | - | Authenticates a user and returns an authentication token. |
POST |
/enable-user/{token} |
String |
String |
ExpiredJwtExceptionUserNotFoundExceptionException |
- | Enables a user account with the provided activation token. |
POST |
/api/v1/auth/refresh-token |
HttpServletRequest, HttpServletResponse |
AuthenticationResponse |
- | Bearer {token} |
Refreshes the authentication token for the current user. |
POST |
/api/v1/auth/forgot-password |
EmailRequest |
String |
UserNotFoundExceptionMailSendExceptionException |
- | Sends a reset password link to the user's email. |
POST |
/api/v1/auth/reset-password |
UpdatePasswordRequest |
String |
PasswordDontMatchExceptionExpiredJwtExceptionUserNotFoundExceptionException |
- | Resets the user's password with the provided token and new password. |
| HTTP Method | Endpoint | Request Body | Response Body | Authorization Header | Exception(s) | Description |
|---|---|---|---|---|---|---|
GET |
/api/v1/admin |
- | String |
Bearer {token} |
AccessDeniedException |
Return a message for an admin |
GET |
/api/v1/user |
- | String |
Bearer {token} |
AccessDeniedException |
Return a message for a user |
This is the login page of the application.
This is the login page showing an error message.
This is the register page of the application.
This is the Email received by the user, used to activate the account
This is the forgot password page of the application.
This is the authenticated page of the application, all the authenticated users can access this page.
This is the user page of the application, only the authenticated users can access this page.
This is the admin page of the application, only the authenticated users with the role admin can access this page.
- Fork this repository to your GitHub account.
- Clone the forked repository to your local machine.
- Create a new branch for your changes.
- Make your changes and commit them with descriptive commit messages.
- Push your changes to your GitHub account.
- Create a pull request from your branch to the original repository's main branch.
- Wait for the maintainers to review and merge your changes.
When making contributions, please keep the following in mind:
- Follow the code style and formatting guidelines used in the project.
- Write clear and concise commit messages that explain the changes you made.
- Make sure your changes do not break existing functionality.
- Write tests for new code and ensure that all existing tests pass.
You are allowed to use, copy, modify, and distribute the code freely, just don't create a bomb or something like that xD