This project is a small web service (REST API) developed using Java 21 with Spring Boot 3.2.5, employing an H2 database for quick setup and testing. The assignment involves implementing JWT (JSON Web Token) security to safeguard resources from unauthorized access.
![Flowchart](JWT Bearer Flowchart.png)
- Java 21
- Spring Boot Framework 3.2.5
- H2 Database
- Maven Build Tool
- Intellij IDEA
- Source Code: The provided Spring Boot project contains the following resources:
- Admin/Login API
- User/List API
- User/Add New Account API
To facilitate testing and interaction with the Spring Boot project, we have provided a Postman collection along with a corresponding environment file.
- File Name: admin-test-api.postman_collection.json
- Description: This collection contains three APIs for testing:
- Admin/Login
- User/List
- User/Add New Account
- File Name: Local - Admin Test API.postman_environment.json
- Description: This environment file is configured for local testing of the APIs within the Spring Boot project.
The assignment requires implementing JWT security to ensure that only authorized users can access the resources. Here are the specific requirements:
- Admin/Login API: Upon successful authentication, the administrator should receive a JWT Token along with account details.
- User/Add New Account API: When the administrator calls this API, the current logged-in admin's username and ID should be logged out.
- All APIs except Admin/Login should be secured with JWT tokens.
- Sensitive data should not be stored in the JWT body.