Spring Security JWT: Implementing the client (frontend) using Json Web Tokens (JWT)
HTML-код
- Опубликовано: 28 сен 2024
- In this tutorial, you will learn how to create a client (frontend) that will log in to your secure Spring Boot application with JSON Web Tokens (JWT).
🔗Resources & Links mentioned in this video:
Github Repository: github.com/dan...
Spring Security JWT Username & Password: • Spring Boot Spring Sec...
👋🏻Connect with me:
Website: www.danvega.dev
Twitter: / therealdanvega
Github: github.com/dan...
LinkedIn: / danvega
Newsletter: www.danvega.de...
SUBSCRIBE TO MY CHANNEL: bit.ly/2re4GH0 ❤️
Great content! To the point, easy to follow examples even for someone who has never worked with Vue. Also, I love that you didn't cut out the debugging and googling stack overflow. I think too many people cut this in their videos and in my opinion this is as much a part of the learning process as learning how to your Spring Security's API. Too many people just show the curated happy path.
Hello Dan, thank you so much for your effort, can you also create a JWT tutorial for reactive spring? There isn't muc resources out there when it comes to managing jwts within a Reactive Spring Project
Thx!
There is almost no information on another equally interesting but more complex area - domain object security (ACL). It would be great if you could explain this topic in detail in some future video!
Great suggestion!
Excellent! Thank you.
Hi Dan, great video! I'm curious if returning the JWT to a front-end client is secure enough for real-world applications or if it's better to have a BFF server that the front end can register a session with instead & which will communicate with the API on the front end's behalf. Most of the tutorials (including yours) that I've found demonstrate the former, but I've seen a lot of discourse that suggests it's preferred to do the latter for production and would love to know your thoughts.
Hello sir, in this is rest endpoint, and according good practise, REST should be stateless, and in this case we're storing state in the client. doesn't this violate the stateless nature of REST api?
Hey Dan, across the web can be seen posts that storing jwt in localStorage is unsecure (in relation to CSS) and proposing using HttpOnly cookies which are hashing the jwt. What do you think, is this approach of directly storing the jwt in localStorage secured enough?
Why did it spazz out near the end( 49:00 ) and started throwing ERR_CONNECTION_REFUSED? And why did it do it so many times?
Thanks
thanks for your sharing
Where can i find the spring security code too?
Thanks!
Thank you for watching!
Thank you for the awesome content and for your recommendations! Is it possible to do a tutorial for the best way/practice to use JWT auth in a spring Boot application with an idp AWS cognito user pool? Do we still need an encoder in this case? Thank you
Nice video. Loved your teaching :). How to do in Thymeleaf and spring boot using JWT token. Please suggest. It will be great.
good🤌🤟
And another question sir, according to security best practises, is really ok to trust jwt tokens on the client? could you give us some insight on the matter based on your experience
Thank you, there could be one little adjustment. I think JSON.stringify and parse are for JSON object, however both user and token are plain string, so I think no need to stringify and parse them.
Yes, you are right. Nice catch. I think at one point I was passing in the object.
Thank you!
Thanks Dan , is there is a way to decrypt the token on client side for getting claims for role based authorization. An example demo would be great
awesome content dan!
when using the access token to access the resource server, how can we get the resources for a particular owner?
Thanks for the very good content, I guess a natural extension would be sign up? Also do you have spring boot spring security with Auth Server working with micro services?
The micro services scenario is what I am looking for. My service is a client to back-end resource servers.
Hey Dan, great video! Keep up the great work man!
Thank you!
Wow, awesome content! Thank you, Dan!
Thank you so much for watching!
Hi Dan. Thanks for useful information. Could you please tell which Intelij theme do you use?
intellij settings > appearance > enable new UI
I think it is Monokai Pro Theme
@@daniellaerachannel It is not UI. UI organizes display elements not the color
@@imaqtkatt yes you are correct. I checked it. Thanks.