How to implement JWT authentication in Spring Security and Angular – Part 5

In this last part of the series, I’ll show you how to implement a token renewal mechanism. This is necessary because the tokens issued by the backend expire after a certain amount of time. This means, that logged-in users can not authenticate themselves once the JWTs expire. To prevent this from happening, the frontend will automatically request a new token from the server shortly before the old one expires.

Continue reading How to implement JWT authentication in Spring Security and Angular – Part 5

How to implement JWT authentication in Spring Security and Angular – Part 4

Now that we’ve secured the backend with Spring security and implemented all the necessary basic JWT features, it’s time to allow users to log in from a user interface. In this example, I’ll show you how to implement a very basic authentication form in an Angular frontend. The pages, that may only be visited by authenticated users, will be protected by a special guard. For that purpose, I’ll show you how to implement such a guard and how to use the Angular router to redirect unauthenticated users to the login page.

Continue reading How to implement JWT authentication in Spring Security and Angular – Part 4

How to implement JWT authentication in Spring Security and Angular – Part 3

In this part of the series, we’ll look at the most complex part of the project: Generating, reading, and validating JWT tokens. The backend server issues tokens and returns them to users who requested one. When a user tries to access a restricted resource, they have to submit a previously generated token which the server validates. If the token validation is successful, the user may access the requested resource.

Continue reading How to implement JWT authentication in Spring Security and Angular – Part 3

How to implement JWT authentication in Spring Security and Angular – Part 2

In this part of the series we’ll make sure that Spring Security restricts access to certain resources and uses our custom bearer token authorization method to allow authenticated users to access resources.

Continue reading How to implement JWT authentication in Spring Security and Angular – Part 2

How to implement JWT authentication in Spring Security and Angular – Part 1

I recently had to implement a bearer token authentication mechanism in a Spring backend and an Angular frontend. I wasn’t surprised to see that there are already a lot of tutorials around, however, I was shocked by how poorly most of them are written and how bad some solutions were. Now, don’t get me wrong: By no means do I want to claim that my solution is the state-of-the art single way to go. However, this has worked for me and I think it’s much easier to understand and follow than other guides. Additionally, there are a few things that almost all tutorials get wrong and I’ll try to address these as well.

Continue reading How to implement JWT authentication in Spring Security and Angular – Part 1