You have no idea how much you have helped me. Due to other tutorials being backdated, I just couldn't find a proper step by step procedure on how to implement jwt in spring boot. You saved my university major project. I wish you lifetime of happiness and health.
Thank you !!! all others tutorial were not clear at all, I love the fact that you explain each thing you use Next step is to retrieve user info based on the authenticated user
I just finished this tutorial and trust me, if you want to learn about Spring Security using JWT, this is the way. Thanks @Bouli Ali for such awesome content
Thank you for this amazing tutorial, i had a hard time understanding the process behind spring security, but you explained it very well and didn't just focus on the code itself
Amazing course, i get all workflow about jwt spring security, how to extractAllClaims, single claims, how to use JWTAuthenticationFilter and more. Thanks for this update spring security jwt and hope you take care of you!! Great time!!
Hello, it was a great step-by-step tutorial. The things that weren't clear to me became clear after I watched this video for the second time. The only moment (just statistical) - the token expiry date wasn't 24h from the moment of creation. 1000 ms -> 1s; 60 * 1000 -> 1m; 60 * 60 * 1000 -> 1h. So adjustment should be settled to 24 * 60 * 60 * 1000. Your token expiry date is 24 m.
I just finished watching this tutorial, and I'm incredibly impressed by the level of explanation presented throughout the video. Thanks to Bouali, I've been able to successfully complete a task I've been working on for the past week. Thank you so much for your help! You're truly a lifesaver. God bless you!
And how you're going to handle the situation that most of the methods are deprecated now. I'm new and I need you help if it is the right way to learn or this source is already old by now?
@@la-dev just follow the video and I assure you some googling would rescue you in case there are such issues. However, I did not encounter it as he is using spring boot 3 which is latest :)
Your tutorials are really helpful for me as a beginner. Thanks a lot!!! Your way of teaching is really nice and I feel if you show an implementation video at the start of the tutorial we can easily understand what we are going to build Again, thanks a ton!!!!
Thank you so much for this fantastic Spring Security video! It was incredibly helpful and provided me with valuable insights. I really appreciate the clear explanations and the practical examples demonstrated throughout the tutorial. Your expertise and teaching style made it easy for me to grasp the concepts.
Many thanks! Your tutorials are absolutely fantastic. Pure gold! The content, your delivery and the speed - everything is just perfect. Sending loads of love your way!
Very awesome tutorial, great explanations on the concepts, easy to follow along. I have really learned alot Ali. Looking forward to learn more courses on Springboot and Java.
really great video!!!! thanks!!! I would adapt the title just put (registration & login) because RUclips does not show your video, when searching for spring boot registration & login
Great video man, I have recently started learning Springboot and there wasn't many content for 3.0 out there, was exactly looking for this, the way you explained everything was very well done and understable, Thanks and Keep it up!
that's perfect, please keep on keeping on!! could you please tell how you learned it and how you would recommend people learn it?? imho documentation usually gives the "What" about everything in it, not "Why"
Thank you so much, I followed this guide and everything works great. I have a question though. In the isTokenValid method of JwtService we check if the username(email) from the parameter userDetails is equal to the username found in the token. However the parameter userDetails is always aquired from the username found in the token (e.g. in AuthenticationService or in JwtAuthenticationFilter). So the way I see it we extract the username from the token and then check if the extracted username is equal to the username found in the token. Wont that always be true?
This is soooooo long ! Thank you for doing everything step by step but its my request please bring a Course on Spring Security where you can explain things on a slow pace. That would help us get more clarity.
thank you so much for the course, it is very helpful. I hope you could make a continuation video implementing the APIs in Angular. I 'm really stuck right now
Amazing course, I learned so much! It is even more amazing the code you gave on github, however I wish I could have some explanations on all the additional stuff there is in the repo
For the Spring Security package to be complete on your channel, could you please make a video explaining how to configure CORS using Spring Security? For example, as routes from other origins that need authentication with the head "Authorization" in the request, I would be very grateful
I can't really express how you are amazing Mr. Bouali. The explanation is clear and straight to the point. I wanted to ask you if there is a way to not to hit the database for each request as this will be overhead for it. can we make it in the register & authenticate part only?
can you please recommend me a good way for In memory caching? or any other way that make me avoid using things like Redis aka other database with its own server?@@BoualiAli
Hello sir i saw video tutorial n these are awesome like each n every topic will convered in videos. One request from my side for desktop native application using electron js with angular in details project like books library project i possible please consider it in your upcoming playlist because no one is on you tube who is doing electron js tutorial.
that is the best vedio about jwt implementation so far, thank you for your simple explanation that even a new user of the spring framework could understand clearly. i have a question please if you don t mind, I'm using spring mvc with thymeleaf, i don t know how to send the jwt token in the header with thymeleaf like in your case with postman you sent it in the authorization type bearer token, and there is no one talking about it thank you
@@adrianfee9131 i manage to do it using session like instead of retrunin the jwt token to the user and send it from the header you can just save it into the session than in the dofliter function you take the jwt token and validate it from the session i ll join the code below i hope this helps
@@muniapriyansu8805 you need to add the annotation @enableglobalsecuritymethod on the security config class and the @preuathorize will work like a charm I have another spring security in the same playlist that explains authorization and how it works
Hi! Great Tutorial! One of the best I ever seen. I have only one problem, I can still add more users with the same email. You don't check this in tutorial too.
Thank you for your awesome tutorial! I learn a lot from your video. Let's say if we had multiple microservices and Spring Cloud Gateway routing to process requests to those (downstream) services. I was wondering if you could let me know how we can apply the jwt from your video (user microservice) to other microservices as a global one. Thank you once again for your time and consideration!
Great content, thank you. can you please provide a tutorial in Oauth2 implementation in spring boot 3 (Authorisation server + Resource server) using JWT?
Hi sir, Can you make a video how to handle the exceptions of Json web token, as the @RestControllerAdvice approach is not working for handling the Jwt exceptions.
Hi and thank you for the amazing content. I was wondering, if you need to initialize your admin with first name, last name, email and password in the project settings, how would you do it in this case? It looks like that you can only register it through the registration form, but I need to set one and the only admin in the project configuration settings. Thanks!
Great! One question, you take the jwt of the authenticate(log-in) to send the Demo Controller request. If I use jwt I got from Register, it is the same ? In simple words, if I want log-in directly after the register (and not log in again), is there any extra step I need to do? (for example set SecurityContextHolder). I guess both in log-in and Register the SecurityContextHolder must be set ! Thanks !
Hi. I have two questions, if you like to help me. 1. Why do you save tokens in the database? 2. What is the difference between access token and refresh token. Thank you.
Friend, a question, I see that many people in other videos create the UserDetails within the entity that they call, for example, user, but others create the entity and create another class called UserDetails to implement the methods, but in your case you overwrite the UserDetails in your UserDetailsService class. My question is, what would be the most ideal way to do this?
Hello friend, how are you, thank you very much in advance for the video... I would like to ask you a question... how can I add ADDITIONAL INFORMATION TO THE TOKEN? thank you so much. c:
Join the Micro Services course waiting list and get and get an exclusive *EARLY-BIRD discount*
aliboucoding.ck.page/d0f9317e13
You have no idea how much you have helped me. Due to other tutorials being backdated, I just couldn't find a proper step by step procedure on how to implement jwt in spring boot. You saved my university major project. I wish you lifetime of happiness and health.
Really happy you liked it
@@BoualiAli A small error check : the token will get expired in only 24 minutes not 24 hours. Apart from that everything is crystal clear.
جزاك الله خير
It's amazing content
Thank you !!! all others tutorial were not clear at all, I love the fact that you explain each thing you use
Next step is to retrieve user info based on the authenticated user
The best course you'll find anywhere. Thank you Alibou !
Glad you think so!
I just finished this tutorial and trust me, if you want to learn about Spring Security using JWT, this is the way. Thanks @Bouli Ali for such awesome content
I really appreciate your great and honest feedback.
This keeps me motivated to provide more and better content
Thank you for this amazing tutorial, i had a hard time understanding the process behind spring security, but you explained it very well and didn't just focus on the code itself
Amazing course, i get all workflow about jwt spring security, how to extractAllClaims, single claims, how to use JWTAuthenticationFilter and more. Thanks for this update spring security jwt and hope you take care of you!! Great time!!
Fantastic!
Hello, it was a great step-by-step tutorial. The things that weren't clear to me became clear after I watched this video for the second time. The only moment (just statistical) - the token expiry date wasn't 24h from the moment of creation. 1000 ms -> 1s; 60 * 1000 -> 1m; 60 * 60 * 1000 -> 1h. So adjustment should be settled to 24 * 60 * 60 * 1000. Your token expiry date is 24 m.
True, but just for the sake of the tutorial I removed the *24 to have short living token.
Sorry for the confusion
I just finished watching this tutorial, and I'm incredibly impressed by the level of explanation presented throughout the video. Thanks to Bouali, I've been able to successfully complete a task I've been working on for the past week. Thank you so much for your help! You're truly a lifesaver. God bless you!
And how you're going to handle the situation that most of the methods are deprecated now. I'm new and I need you help if it is the right way to learn or this source is already old by now?
@@la-dev just follow the video and I assure you some googling would rescue you in case there are such issues. However, I did not encounter it as he is using spring boot 3 which is latest :)
Thanks @@rustamnarayan2376
Just check the latest spring security video
Your tutorials are really helpful for me as a beginner. Thanks a lot!!!
Your way of teaching is really nice and I feel if you show an implementation video at the start of the tutorial we can easily understand what we are going to build
Again, thanks a ton!!!!
Thank you so much for this fantastic Spring Security video!
Glad you enjoyed it!
thanks a lot Ali
Thank you from South Korea!
how is the job Market in Seoul for Java Devs, I am in China and looking for new opportunities in other countries
It is astonishing with what fast pace spring boot is moving forwards. Alot of the methods shown here are already deprecated and marked for removal.
I want to give you a huge thank you. I've been struggling with this for days due to other tutorials being outdated. You really saved the day.
Glad I could help!
Gold. 👍
Thank you.
Happy you liked it!
Thank you too!
this is the video perfectly understand the spring security for me. Thank you so much @Bouali Ali
Happy you liked it
This is just what I needed, great explanation and the most important, it works!!! , Thanks and greetings from Colombia.
Great to hear!
Greetings from 🇹🇳
Intéressant ! mister bouali ...
Thank you
Too good. Awesome.
🙏 thank you
super! thank you !
Thank you so much for this fantastic Spring Security video! It was incredibly helpful and provided me with valuable insights. I really appreciate the clear explanations and the practical examples demonstrated throughout the tutorial. Your expertise and teaching style made it easy for me to grasp the concepts.
Glad it was helpful!
thank you very much for the information and excellent explanation
Glad it was helpful!
Thank you very much. you save me and my university project. Subscribed
Glad I could help!
OMG this is the most awesome tutorial I've ever watched
Thank youuuuuu. Happy to know that
Thank you so much, very well explained! Very useful!!
love the way u teach (:
This video made all my doubts clear. Thank you so much.
Really happy you liked it
Very awesome tutorial, great explanations on the concepts, easy to follow along
Glad you liked it!
Many thanks! Your tutorials are absolutely fantastic. Pure gold! The content, your delivery and the speed - everything is just perfect. Sending loads of love your way!
Glad you like them!
muchas gracias por la explicación y por compartir el repositorio 🤓
My pleasure!
Excellent tutorial
Thank you
Absolutely great tutorial!
Happy you liked it
baraka al Allahu fik. Keep up the good work!
my pleasure
Check the new one, it is more updated with no deprecations
@@BoualiAli Awesome! may you share the link for it?
@@mahmoudotri6103 check the videos and you will notice it. It is a recent upload
Great explanation !! Thank you very much, u're awesome
Glad you liked it!
Great Job Ali,
thans is the best Tutorial I ever see.
I like and Subscribe right now.
More thank happy to have here
awesome tutorial!
Glad you liked it!
I just discovered your channel, what a great content, Allah y3tik lkhir
Thank you so much 😊
thank you khouya, merci beaucoup pour ton effort.
My pleasure
Thank you Ali!
Great Video, you saved my life on a bug that I've been searching for so long since I migrated to spring 3.0, Keep it up! from Tunisia
My pleasure bro
I like Tunisian people 🇹🇳
Thank you so much bro ! Best tutorial I've ever seen.
Glad you think so!
Great Video, thanks a lot
Glad you liked it!
Very awesome tutorial, great explanations on the concepts, easy to follow along. I have really learned alot Ali. Looking forward to learn more courses on Springboot and Java.
Thank you so much for your feedback 🙏
this tutorial is very helpful. thanks a million
My pleasure
Wonderful ! thanks for the effort and clear tutorial!
My pleasure
thanks for your efforts
Welcome 🙏
thank you for this video!
My pleasure
Good job ,and i realy appreciate you so much .
Thank youuuu
Amazing content. Thank you for your good work to enable us acquire skills.
really happy I helped you learn
great!
Thanks
Great work and content! Thank you very much for this.
Happy you like it
I am subscribed
Really happy you liked it
Thank you
Thanks a lot man, your explanations are the best! Subscribed! I will see the refresh token vid now :)
Thank you 🙏. Check the spring security playlist for more videos
Great Video Bouali ! I have learned many things. Subscribed your channel also . Thanks a lot !
Great to have you
What a great video! you have gained a subscriber forever!
You’re welcome forever
really great video!!!! thanks!!! I would adapt the title just put (registration & login) because RUclips does not show your video, when searching for spring boot registration & login
Thanks for the tip!
Great video Bro keep going 😀😀😍
Thank you, I will
Thank you very much for this. this was great. you have gained a subscriber forever!
So happy and proud to have you here
Thank you for your efforts, your brother from morocco..
Keep it up 🙂
My pleasure
Great video man, I have recently started learning Springboot and there wasn't many content for 3.0 out there, was exactly looking for this, the way you explained everything was very well done and understable, Thanks and Keep it up!
Thank you for the great feedback.
I had the same issue and it turns out I had left User's isEnabled() to false, when it should be true.
that's perfect, please keep on keeping on!! could you please tell how you learned it and how you would recommend people learn it?? imho documentation usually gives the "What" about everything in it, not "Why"
Loving this. Great start as I migrate to Spring Boot 3. Thanks man 🔥.
Happy to know 🔥
Thank you so much, I followed this guide and everything works great. I have a question though. In the isTokenValid method of JwtService we check if the username(email) from the parameter userDetails is equal to the username found in the token. However the parameter userDetails is always aquired from the username found in the token (e.g. in AuthenticationService or in JwtAuthenticationFilter). So the way I see it we extract the username from the token and then check if the extracted username is equal to the username found in the token. Wont that always be true?
great content, I'll be finishing the one on amigos code cause I'm still using spring 2.7, I'll book this video once I upgrade!
That’s good
Good job aloulou ;)
thank you 3chiri
This is soooooo long ! Thank you for doing everything step by step but its my request please bring a Course on Spring Security where you can explain things on a slow pace. That would help us get more clarity.
Sure
thank you so much for the course, it is very helpful. I hope you could make a continuation video implementing the APIs in Angular. I 'm really stuck right now
Happy you liked it
I'm already preparing a video for that
❤️👏👏
Amazing course, I learned so much! It is even more amazing the code you gave on github, however I wish I could have some explanations on all the additional stuff there is in the repo
Happy you liked it!
Just follow the playlist order and you will get each line of the code
Thank you 🎉
You’re welcome 😊
For the Spring Security package to be complete on your channel, could you please make a video explaining how to configure CORS using Spring Security? For example, as routes from other origins that need authentication with the head "Authorization" in the request, I would be very grateful
Coming soon 😁
16:50 You don’t need to specify the driver-class-name since Spring Boot can deduce it for most databases from the url. See Spring Boot 3.0 Data docs.
True, but if I don’t specify it people will ask about and I forgot to mention that in the video.
Good comment 👍
I can't really express how you are amazing Mr. Bouali. The explanation is clear and straight to the point.
I wanted to ask you if there is a way to not to hit the database for each request as this will be overhead for it. can we make it in the register & authenticate part only?
You can implement caching
can you please recommend me a good way for In memory caching? or any other way that make me avoid using things like Redis aka other database with its own server?@@BoualiAli
thank uuuu so much !!!
You're welcome!
Hi Ali, if possible, could you show the imports of the class briefly after you finish with a class, for comparison next time? Thank you!
Check the code on Github
Hello sir i saw video tutorial n these are awesome like each n every topic will convered in videos. One request from my side for desktop native application using electron js with angular in details project like books library project i possible please consider it in your upcoming playlist because no one is on you tube who is doing electron js tutorial.
I will try my best
Awesome, I love your explanation. Can you make video on Spring boot 3.0 - Webflux with JWT Token
I will take note of that.
I’m preparing a new video that you’re gonna love absolutely
@@BoualiAli I’m waiting
that is the best vedio about jwt implementation so far, thank you for your simple explanation that even a new user of the spring framework could understand clearly.
i have a question please if you don t mind, I'm using spring mvc with thymeleaf, i don t know how to send the jwt token in the header with thymeleaf like in your case with postman you sent it in the authorization type bearer token, and there is no one talking about it
thank you
I am also trying to figure this out
@@adrianfee9131 i manage to do it using session like instead of retrunin the jwt token to the user and send it from the header you can just save it into the session than in the dofliter function you take the jwt token and validate it from the session i ll join the code below i hope this helps
i don t know if it s the right way to do it but it is working
I was struggling to learn this, thank you so much for this video. It helped a lot
I’m happy to help
@@BoualiAli what changes to make in order to specifically allow USERS to one endpoint? .hasRole("USER") doesnt work SecurityConfiguration
@@muniapriyansu8805 you need to add the annotation @enableglobalsecuritymethod on the security config class and the @preuathorize will work like a charm
I have another spring security in the same playlist that explains authorization and how it works
Thank you very much for the content! Can you write for us the non depricated solution for setSigningKey() and parseClaimsJws()?
Yes, check the playlist and the videos and order by publish date
Hi! Great Tutorial! One of the best I ever seen. I have only one problem, I can still add more users with the same email. You don't check this in tutorial too.
Thanks for the comment.
Yes duplicated users are not prevented. Add @Column(unique=true) on the email field and it will fix it
Randomly found this channel. Wonderfully explained. Thanks a lot. Just a request, could you paste that key generator url in the description?
You can check the code in my github account (link in the description)
Thank you for your awesome tutorial! I learn a lot from your video. Let's say if we had multiple microservices and Spring Cloud Gateway routing to process requests to those (downstream) services. I was wondering if you could let me know how we can apply the jwt from your video (user microservice) to other microservices as a global one.
Thank you once again for your time and consideration!
It works the same way.
Just implement it on the api gateway level
Really happy to have you here
thank you for your tutorial i hope you do tutoril for spring boot microsrvice securty JWT
I’m preparing something already
Great content, thank you. can you please provide a tutorial in Oauth2 implementation in spring boot 3 (Authorisation server + Resource server) using JWT?
Working on it
It's very clear logic, thanks a lot Bouali
Glad you think so!
Thank you for your great explanation. I watched this video many times, it 's very clear. Can we have the sources of your project ?
Hello,
The repo is in the description of the video
thank you for the video. Do you have a video about CSRF ?
I will take note of that and make one soon enough
Hi sir, Can you make a video how to handle the exceptions of Json web token, as the @RestControllerAdvice approach is not working for handling the Jwt exceptions.
COUPON Code: *EARLYBIRD20* => Spring Data J PA course: aliboucoding.com/p/the-full-guide-to-master-spring-boot-data-jpa
Hi and thank you for the amazing content. I was wondering, if you need to initialize your admin with first name, last name, email and password in the project settings, how would you do it in this case? It looks like that you can only register it through the registration form, but I need to set one and the only admin in the project configuration settings. Thanks!
You can use a database migration like Flyway
I already posted a video how to do so.
@@BoualiAli, Thanks!
Great! One question, you take the jwt of the authenticate(log-in) to send the Demo Controller request. If I use jwt I got from Register, it is the same ? In simple words, if I want log-in directly after the register (and not log in again), is there any extra step I need to do? (for example set SecurityContextHolder). I guess both in log-in and Register the SecurityContextHolder must be set ! Thanks !
Hi.
I have two questions, if you like to help me.
1. Why do you save tokens in the database?
2. What is the difference between access token and refresh token.
Thank you.
Finish watch the next two videos (logout and refresh token) and you will get it
Friend, a question, I see that many people in other videos create the UserDetails within the entity that they call, for example, user, but others create the entity and create another class called UserDetails to implement the methods, but in your case you overwrite the UserDetails in your UserDetailsService class. My question is, what would be the most ideal way to do this?
Thank you very much for the tutorial , could you provide us how implement login with social media and jwt
I’m worrking on such tutorial
Hello friend, how are you, thank you very much in advance for the video... I would like to ask you a question... how can I add ADDITIONAL INFORMATION TO THE TOKEN? thank you so much. c:
I already mentioned that.
Use the claims
Thank you so much I always use your method for secure but I have question Can I use
this codes in big project
better use keyclaok.
the video is coming next week