Json Web Token (Jwt) With Spring Security And Angular

Learn how to use JSON Web Token to secure REST applications, manage user roles and permissions, & way much more!

What you'll learn
JSON Web Token (JWT)
Authentication
Authorization
Stateless Session Policy
Manage User Security Roles
Manage User Security Permissions
Mitigation of Brute Force Attack
Secure API Endpoints
Password Encryption
Role-based Access Control
Requirements
Familiarity with Java, Spring Framework
Familiarity with Angular
Familiarity with front-end web technologies (HTML, CSS, JavaScript, TypeScript)
Description
Java Spring Framework (Spring Framework) is a popular, open source, enterprise-level framework for creating standalone, production-grade applications that run on the Java Virtual Machine (JVM). Java Spring Boot (Spring Boot) is a tool that makes developing web application and micro-services with Spring Framework faster and easier through three core capabilities, mainly its auto-configuration An opinionated approach to configuration.Spring Boot is an open source Java-based framework used to create a micro Services. It is developed by Pivotal Team and is used to build stand-alone and production ready spring applications. This course will give you an introduction to Spring Boot and familiarize you with its basic concepts. For practice, we will build a Spring Boot REST API that manages employees.The ability to create standalone applications These features work together to provide you with a tool that allows you to set up a Spring-based application with minimal configuration and setup. Spring security provides authentication and authorization to applications using servlet filters - a security filter chain.Web applications are susceptible to security threats and attacks, as they are accessible by anyone uses the internet. In this course, we will build a REST API that will expose endpoints having restricted access to specific only authenticated users, for to manage the employees, for creating, updating , editing existing, and deleting employees. We can use spring security to secure URLs. Spring Security is a security framework that secures J2EE-based enterprise applications, by providing powerful, customizable security features like authentication and authorization . It is the de facto standard for securing Spring-based applications.

Overview

Section 1: Introduction

Lecture 1 Introduction

Lecture 2 Application demo

Lecture 3 Prerequisites

Lecture 4 How do I teach

Lecture 5 How to get the most out of this course

Lecture 6 Environment Setup

Lecture 7 Asking questions and Source code

Section 2: Web Application Overview

Lecture 8 Web application structure

Lecture 9 What is front-end

Lecture 10 What is back-end

Lecture 11 Data Store

Lecture 12 What about the Cloud

Lecture 13 Useful articles & Course presentation

Section 3: Application Domain

Lecture 14 User domain - part 1

Lecture 15 User domain - part 2

Lecture 16 Custom Http Response domain

Lecture 17 Spring Security User domain

Lecture 18 Database Configuration

Lecture 19 Run Application

Section 4: Security

Lecture 20 Web Application Security

Lecture 21 Authentication and Authorization

Lecture 22 Json Web Toke (JWT)

Lecture 23 Security with Json Web Token (JWT)

Lecture 24 Security constants

Lecture 25 Java JWT Library

Lecture 26 JWT Token Provider - Part 1

Lecture 27 JWT Token Provider - Part 2

Lecture 28 JWT Token Provider - Part 3

Lecture 29 JWT Authorization Filter - Part 1

Lecture 30 JWT Authorization Filter - Part 2

Lecture 31 Authentication entry point

Lecture 32 Access denied handler

Lecture 33 User Repository

Lecture 34 User Details Service Implementation

Lecture 35 Security configuration

Lecture 36 Test endpoint for security

Section 5: Custom Exception Handling

Lecture 37 Exception handling

Lecture 38 Custom exception classes

Lecture 39 Custom exception handling - Part 1

Lecture 40 Custom exception handling - Part 2

Lecture 41 Custom exception handling - Part 3

Lecture 42 Test custom exception handling

Lecture 43 Override Spring default white label error

Section 6: User Registration

Lecture 44 User authorities

Lecture 45 User roles

Lecture 46 User registration - Part 1

Lecture 47 User registration - Part 2

Lecture 48 User registration - Part 3

Lecture 49 User registration - Part 4

Lecture 50 User registration - Part 5

Lecture 51 Code clean up

Lecture 52 User registration test

Section 7: Generate JWT

Lecture 53 Security With Json Web Token (JWT)

Lecture 54 Logging in and generating JWT

Lecture 55 User logging in test

Lecture 56 Source code

Section 8: Brute Force Attack

Lecture 57 What is brute for attack

Lecture 58 Brute force attack cache - Part 1

Lecture 59 Brute force attack cache - Part 2

Lecture 60 Authentication failure listener

Lecture 61 Authentication success listener

Lecture 62 Validate user login

Lecture 63 Test Brute force attack

Section 9: Email Notification

Lecture 64 Email constants

Lecture 65 Email session

Lecture 66 Email content

Lecture 67 Sending email

Lecture 68 Test email notification

Lecture 69 Enabling allow less secure app for Gmail

Section 10: User Service

Lecture 70 User service

Lecture 71 File Constant

Lecture 72 User service implementation - Part 1

Lecture 73 User service implementation - Part 2

Lecture 74 User service implementation - Part 3

Lecture 75 User service implementation - Part 4

Section 11: User Resource

Lecture 76 User resource

Lecture 77 Add new user

Lecture 78 Update, find, and reset user password

Lecture 79 Delete and update profile image of user

Lecture 80 Get user profile image

Lecture 81 Get user temporary profile image

Lecture 82 Types of tests

Section 12: API Test

Lecture 83 Introduction

Lecture 84 Test register

Lecture 85 Test login

Lecture 86 Test add

Lecture 87 Test update

Lecture 88 Test find

Lecture 89 Test list

Lecture 90 Test reset password

Lecture 91 Test delete

Lecture 92 Test update image

Section 13: Front End

Lecture 93 Introduction

Lecture 94 Front end design

Lecture 95 Creating Angular app

Section 14: Authentication service

Lecture 96 Creating service

Lecture 97 Configure HTTP and environment variable

Lecture 98 Login service call

Lecture 99 Creating user class

Lecture 100 Register service call

Lecture 101 Logout

Lecture 102 Save token to local storage

Lecture 103 Add user to local cache

Lecture 104 Get user from local cache

Lecture 105 Load token from local storage

Lecture 106 Get token from local storage

Lecture 107 Check for logged in user

Section 15: User service

Lecture 108 User list service call

Lecture 109 Add user service call

Lecture 110 Update user service call

Lecture 111 Reset password service call

Lecture 112 Update profile image service call

Lecture 113 Delete user service call

Lecture 114 Add users to local cache

Lecture 115 Get users from local cache

Lecture 116 Adding user class properties

Lecture 117 Creating form data

Lecture 118 Custom HTTP response mapping

Section 16: Interceptor

Lecture 119 Introduction

Lecture 120 Creating Interceptor - Part 1

Lecture 121 Creating Interceptor - Part 2

Lecture 122 Configure HTTP Interceptor

Section 17: Guard

Lecture 123 Introduction

Lecture 124 Creating Guard - Part 1

Lecture 125 Creating Guard - Part 2

Lecture 126 Configure Guard

Section 18: Notification

Lecture 127 Notification library

Lecture 128 Creating notification module

Lecture 129 Configure notification module

Lecture 130 Creating notification service

Lecture 131 Notification types

Section 19: HTML Template

Lecture 132 HTML template walk-through

Lecture 133 Generating component

Lecture 134 Configuring routes

Lecture 135 Test routes

Lecture 136 Adding router outlet

Section 20: Login Page

Lecture 137 Login template - Part 1

Lecture 138 Login template - Part 2

Lecture 139 Login component - Part 1

Lecture 140 Login component - Part 2

Lecture 141 Login component - Part 3

Lecture 142 Login component - Part 4

Lecture 143 Login component - Part 5

Lecture 144 Adding header type

Lecture 145 Login template - Part 3

Lecture 146 Login template - Part 4

Lecture 147 Test login - Part 1

Lecture 148 Adding notification styles and tag element

Lecture 149 Test login - Part 2

Lecture 150 Test login - Part 3

Lecture 151 Test login - Part 4

Section 21: Register Page

Lecture 152 Register template

Lecture 153 Register component

Lecture 154 Test register

Section 22: User Page - Display User Info

Lecture 155 Adding page header

Lecture 156 Adding tab name - Part 1

Lecture 157 Adding tab name - Part 2

Lecture 158 Adding user table template

Lecture 159 Fetching users

Lecture 160 Adding users to the table

Lecture 161 User info modal - Part 1

Lecture 162 User info modal - Part 2

Section 23: User Page - Add a New User

Lecture 163 Adding new user form

Lecture 164 Understanding file change event

Lecture 165 Getting profile image and click save button

Lecture 166 Saving new user

Lecture 167 Refactor and test adding new user

Lecture 168 About the implementation

Lecture 169 Search user list - Part 1

Lecture 170 Search user list - Part 2

Section 24: User Page - Edit User

Lecture 171 Open edit model logic

Lecture 172 Edit user back end call

Lecture 173 Test edit user

Section 25: User Page - Delete User

Lecture 174 Delete user back end call

Lecture 175 Test delete user

Section 26: User Page - Reset Password

Lecture 176 Reset password back end call

Lecture 177 Test reset password

Section 27: User Page - Profile

Lecture 178 User profile template

Lecture 179 Update user / test user update

Lecture 180 Log out

Lecture 181 Adding profile image form

Lecture 182 Update profile image back end call

Lecture 183 Report upload progress - Part 1

Lecture 184 Report upload progress - Part 2

Lecture 185 Report upload progress - Part 3

Section 28: Enhancement

Lecture 186 Hide sensitive information

Lecture 187 Refactor delete user

Lecture 188 Delete user image on delete user

Lecture 189 Only allow image files - Part 1

Lecture 190 Only allow image files - Part 2

Lecture 191 Reset password route

Section 29: Security Management - Front End

Lecture 192 Security management

Lecture 193 Mapping user roles

Lecture 194 Getting current user role

Lecture 195 Modifying UI by role - Part 1

Lecture 196 Modifying UI by role - Part 2

Lecture 197 Modifying UI by role - Part 3

Lecture 198 Unsubscribe upon component destruction

Lecture 199 Unsubscribe using Subsink library

Section 30: Deployment

Lecture 200 Introduction

Lecture 201 Using AWS

Lecture 202 Creating EC2 instance

Lecture 203 Configure EC2 instance - Part 1

Lecture 204 Configure EC2 instance - Part 2

Lecture 205 Configure Spring Boot Application

Lecture 206 Running in AWS

Lecture 207 Deploying Angular Application

Lecture 208 Creating Unix Service

Lecture 209 Testing in Production

Section 31: Final Note

Lecture 210 Becoming a Software Engineer

Lecture 211 Stay in touch

Lecture 212 Bonus Lecture

Developers interested in JSON Web Token (JWT),Developers interested in Spring Security,Developers interested in role-based application management,Developers interested in Angular