My name is Okan and I'm a student of Computer Engineer. You can find me on .
- JWT with Spring Security
- Registration and Login
- API
- Private and protected resources
- POST /api/auth/signup for signup new account
- POST /api/auth/signin for login an account
- GET /api/test/all for retrieve public content
- GET /api/test/user for access User's content
- GET /api/test/mod for access Moderator's content
- GET /api/test/admin for access Admin's content
Tables that we define in entites package will be automatically generated in database.
![](https://user-images.githubusercontent.com/67058617/117378717-a3dbdd00-aede-11eb-8f0c-fe2aba72003e.png)
We also need to add some rows into roles table before assigning any role to User.
![](https://user-images.githubusercontent.com/67058617/117378751-b6561680-aede-11eb-8a9b-8592dfa23aaf.png)
We can register with /signup API
- admin with ROLE_ADMIN
- mod with ROLE_MODERATOR
- user with ROLE_USER
![](https://user-images.githubusercontent.com/67058617/117378771-c110ab80-aede-11eb-859b-2820194cbfc7.png)
After registration operation, our tables could look like this.
![](https://user-images.githubusercontent.com/67058617/117378775-c241d880-aede-11eb-936b-5af480cfd7db.png)
We have public and protected resources.
Public resource
- /api/test/all
![](https://user-images.githubusercontent.com/67058617/117442614-afabbb80-af3f-11eb-9a88-4b6ad87ca98b.png)
Protected resources
- /api/test/user
- /api/test/mod
- /api/test/admin
![](https://user-images.githubusercontent.com/67058617/117442619-b1757f00-af3f-11eb-9a79-a5ead4392581.png)
We need sign in to access protected resources.
POST /api/auth/signin
![](https://user-images.githubusercontent.com/67058617/117442876-044f3680-af40-11eb-92d0-4290c5c035be.png)
After signing in, we can access resources with token and its type depends on our roles.
![](https://user-images.githubusercontent.com/67058617/117443094-5001e000-af40-11eb-842b-8b25e109ec1e.png)
![](https://user-images.githubusercontent.com/67058617/117443096-51330d00-af40-11eb-905d-98798dc623ed.png)
We have no permission to access admin content, so we need sign in with admin account.
![](https://user-images.githubusercontent.com/67058617/117454323-b130b000-af4e-11eb-9b08-f30b47ce1c02.png)
![](https://user-images.githubusercontent.com/67058617/117454326-b1c94680-af4e-11eb-8ccb-0704a42dad38.png)
After signing in, we can access admin content.
![](https://user-images.githubusercontent.com/67058617/117443098-51cba380-af40-11eb-88fb-54a55a5f076e.png)