This repository contains an example Spring project implementing authentication and authorization using Spring Security with JWT. The project provides a set of APIs for user registration, login, and role-based access control.

Features

• User Registration: Allows new users to sign up by providing necessary details.
• User Login: Authenticates users and provides a JWT token for subsequent requests.
• Role-Based Access Control: Access control for specific endpoints based on user roles (MASTER and USER).
• Default Admin Account: A pre-configured admin account is available for testing.

Default Admin Account

You can use the following default admin account to test admin-specific features:

• Username: admin
• Password: adminpassword

Note: The password is hashed using passwordEncoder before storage.

APIs

The following endpoints are available:

• User Signup

  • Endpoint: /signup
  • Method: POST
  • Description: Registers a new user.
  • Request Body: SignupRequestDto (required)

• User Login

  • Endpoint: /sign
  • Method: POST
  • Description: Authenticates a user and returns a JWT token.
  • Request Body: LoginRequestDto (required)

• Admin Only Access

  • Endpoint: /admin
  • Method: GET
  • Description: Grants access to users with the MASTER role.
  • Authorization: Requires a Bearer Token with the MASTER role.

• User Only Access

  • Endpoint: /user
  • Method: GET
  • Description: Grants access to users with the USER role.
  • Authorization: Requires a Bearer Token with the USER role.

Setup Instructions

1. Development Environment
   To run the project in a development environment, execute the following:

   docker-compose -f docker-compose.dev.yml up

2. Production Deployment
   To deploy in production, update the .env file with appropriate production configurations, then run:

   docker-compose -f docker-compose.prod.yml up

API Documentation

The project includes Swagger API documentation, accessible at:

/docs

Dependencies

• Spring Boot
• Spring Security
• JWT
• Swagger (for API documentation)