Spring Security JWT: Implementing the client (frontend) using Json Web Tokens (JWT)

Great content! To the point, easy to follow examples even for someone who has never worked with Vue. Also, I love that you didn't cut out the debugging and googling stack overflow. I think too many people cut this in their videos and in my opinion this is as much a part of the learning process as learning how to your Spring Security's API. Too many people just show the curated happy path.

Hello Dan, thank you so much for your effort, can you also create a JWT tutorial for reactive spring? There isn't muc resources out there when it comes to managing jwts within a Reactive Spring Project

Thx!
There is almost no information on another equally interesting but more complex area - domain object security (ACL). It would be great if you could explain this topic in detail in some future video!

Excellent! Thank you.

Hi Dan, great video! I'm curious if returning the JWT to a front-end client is secure enough for real-world applications or if it's better to have a BFF server that the front end can register a session with instead & which will communicate with the API on the front end's behalf. Most of the tutorials (including yours) that I've found demonstrate the former, but I've seen a lot of discourse that suggests it's preferred to do the latter for production and would love to know your thoughts.

Hello sir, in this is rest endpoint, and according good practise, REST should be stateless, and in this case we're storing state in the client. doesn't this violate the stateless nature of REST api?

Hey Dan, across the web can be seen posts that storing jwt in localStorage is unsecure (in relation to CSS) and proposing using HttpOnly cookies which are hashing the jwt. What do you think, is this approach of directly storing the jwt in localStorage secured enough?

Why did it spazz out near the end( 49:00 ) and started throwing ERR_CONNECTION_REFUSED? And why did it do it so many times?
Thanks

thanks for your sharing

Where can i find the spring security code too?

Thanks!

Thank you for the awesome content and for your recommendations! Is it possible to do a tutorial for the best way/practice to use JWT auth in a spring Boot application with an idp AWS cognito user pool? Do we still need an encoder in this case? Thank you

Nice video. Loved your teaching :). How to do in Thymeleaf and spring boot using JWT token. Please suggest. It will be great.

good🤌🤟

And another question sir, according to security best practises, is really ok to trust jwt tokens on the client? could you give us some insight on the matter based on your experience

Thank you, there could be one little adjustment. I think JSON.stringify and parse are for JSON object, however both user and token are plain string, so I think no need to stringify and parse them.

Thanks Dan , is there is a way to decrypt the token on client side for getting claims for role based authorization. An example demo would be great

awesome content dan!
when using the access token to access the resource server, how can we get the resources for a particular owner?

Thanks for the very good content, I guess a natural extension would be sign up? Also do you have spring boot spring security with Auth Server working with micro services?

Hey Dan, great video! Keep up the great work man!

Wow, awesome content! Thank you, Dan!

Hi Dan. Thanks for useful information. Could you please tell which Intelij theme do you use?