Jwt Angular Spring

JSON Web Token example that integrates both a Spring backend with an AngularJS frontend.
Alternatives To Jwt Angular Spring
Project NameStarsDownloadsRepos Using ThisPackages Using ThisMost Recent CommitTotal ReleasesLatest ReleaseOpen IssuesLicenseLanguage
Springboot Jwt Starter671
8 days ago1mitJava
A Spring Boot JWT starter kit for stateless and token-based authentication apps.
Angular Rest Springsecurity635
3 years ago9apache-2.0Java
An example AngularJS Application that uses a Spring Security protected Jersey REST backend based on Hibernate/JPA
Microservices Event Sourcing634
6 years ago12apache-2.0Java
Microservices Event Sourcing 是一个微服务架构的在线购物网站,使用Spring Boot、Spring Cloud、Spring Reactor、OAuth2、CQRS 构建,实现了基于Event Sourcing的最终一致性,提供了构建端到端微服务的最佳实践
Study Step By Step471
3 years ago3
Spring Mvc Angularjs Sample App461
8 years ago8JavaScript
A sample AngularJs /Spring MVC app
Spring Cloud Microservice Examples362
6 years ago7Java
Jwt Angular Spring355
6 years ago1mitJava
JSON Web Token example that integrates both a Spring backend with an AngularJS frontend.
Angularjs Springmvc Sample Boot301
5 years agoapache-2.0Java
A RESTful sample using Spring Boot, Spring MVC, Spring Data and Angular/Bootstrap.
Angularjs Springmvc Sample292
3 years ago1Java
A RESTful sample using AnguarJS/Bootstrap as frontend and Spring MVC as REST API producer
Spring Mvc Angularjs280
7 years ago3Java
A simple application to demonstrate how to configure angularjs with Spring MVC
Alternatives To Jwt Angular Spring
Select To Compare

Alternative Project Comparisons

JSON Web Token / AngularJS / Spring Boot example

Blog post on this subject

This is an example project where a Spring REST API is secured using JSON Web Tokens. Since there are relatively few examples available for Java and there are some pitfalls (such as most sources pointing to a Java lib that's not straightforward to use) I decided to extract my proof of concept into a stand-alone example and publish it for all to see.

JSON Web Tokens

JSON Web Tokens have a few benefits over just sending a 'regular' token over the line. The more common approach to securing a REST API (outside of normal HTTP Basic Auth) is to send a random string as a token on succesful login from the server to the client. The client then sends this token on every request, and the server does an internal lookup on that token (in for example a REDIS cache or a simple Hashtable) to retrieve the corresponding user data.

With JSON Web Tokens the latter part isn't needed: the token itself contains a representation of the 'claims' of client: this can be just a username, but can also be extended to include any data you wish. This token is transmitted from the client on every request. The contents of the token are encrypted and a hash is added to prevent tampering: this way the content is secure: the server is the one signing and encrypting the token and is also the only one who had the key needed to decrypt the token.

In this example this key is fixed ("secretkey") but in a real life situations the secret key would simply be an array of bytes randomly generated on application startup. This has the added benefit that any tokens get automatically invalidated when you restart the service. If this behaviour is undesired you can persist the keys in for example REDIS.

Server side: Spring Boot

I like using Spring (Boot) to create RESTful services. On the server side, the JWT signing is done in the user/login REST call in UserController. It contains a tiny 'database' of 2 users, one of which has the 'admin' rights. The verification is done in a Filter (JwtFilter): it filters every request that matches "/api/*". If a correct token isn't found an exception is thrown. If a correct token is found, the claims object is added to the Http Request object and can be used in any REST endpoint (as shown in ApiController).

The heavy lifting for JWT signing is done by the more than excellent Java JWT library.

Client Side: AngularJS

The simple Angular app shows a login page. On successful login it checks with 'the API' which roles are available (of which the 'foo' role doesn't exist for any user).


It is a standard Maven project and can be imported into your favorite IDE. You run the example by starting the WebApplication class (it has a main) and navigating to http://localhost:8080/. If everything is correct you should see a "Welcome to the JSON Web Token / AngularJR / Spring example!" message and a login form.

Popular Angularjs Projects
Popular Spring Projects
Popular Web User Interface Categories
Related Searches

Get A Weekly Email With Trending Projects For These Categories
No Spam. Unsubscribe easily at any time.
Spring Boot