Spring Security can be a massive rabbit hole when you get started. This is exactly what happened to me when I started researching how to add encryption to the backend of my Twitter clone here on YouTube. I poured hours and hours of watching tutorials and trying to figure out how to tweak one tutorial to do this, or another tutorial that was outdated to do that. Finally, I stumbled upon some non-outdated tutorials, but they still lacked exactly what I needed and I still had to link multiple different tutorial videos together to get to where I am now. If you have been in my place before, or if you are at where I was right now this is the video for you.

In this video we are going to sit down from the start of an application and build out an entire authenticated backend server with login and register features connected to a database. We are also going to implement the generation of JWT's so you can have a stateless backend, and we will use OAuth2Resource server to verify that the JWT's sent back are valid, and then authorize requests to specific routes based on the users roles. We will do all of this from scratch so you can understand where we started and how we got to the finish line.

I highly recommend that you watch through the entire video for context, however, here is the link to the project code:
https://github.com/unknownkoder/sprin...

~~~ Feeling Generous? Donate to the channel for the all the hard work that made this video ~~~
https://streamlabs.com/unknownkoder/tip

~~~ Stay Up To Date With My Social Media ~~~

Twitter:   / unknownkoder  
Twitch:   / unknownkoderyt  
Be sure to subscribe and turn on the bell notifications on youtube to not miss another episode of Lets Build Twitter: shorturl.at/gnxZ8

~~~ Background Music Used In My Video ~~~

Astroblk - Nothing Really matters that much to me anymore

Aviscerall - Sanctuary

Cøzybøy - Please Don't Drown

Astroblk - explorer

Knwln Ryan - Can't Replace You

NetNavi - How Can You Tell

Astroblk - Vancouver

Aviscerall - Lullabyes

Cøzybøy - Deep In Snow

Astroblk - Courage

Aviscerall - Coffee Shop

Cøzybøy - I'll Do Anything

Astroblk - Pay Up _____

Aviscerall - Chillin'

Cøzybøy - I Feel Okay Today

Astroblk - fleids

Aviscerall - Progress

Cøzybøy - What Do You know About Love

Astroblk - Geneva

Knwln Ryan - Jupiter

Astroblk - Ginger Spice

Aviscerall - Clockin' Out

Knwln Ryan - Waterfalls

Aviscerall - Feelings

Astroblk - Soul in Seoul

NetNavi - To A Song

Astroblk - Sunrise

Aviscerall - Onett

~~~ Video Content ~~~

0:00:00 - Introduction
0:03:05 - Prerequisites
0:04:34 - Project Diagram
0:06:05 - Project Creation
0:12:01 - application.properties setup
0:17:04 - Creating the UserController
0:19:56 - Creating the AdminController
0:21:32 - Testing User and Admin Endpoints
0:22:37 - Installing Spring Security
0:24:43 - Utilizing the default Spring Security password
0:25:57 - Unlocking the API
0:28:45 - Creating the Role model
0:32:26 - Creating the ApplicationUser model
0:38:32 - Creating the UserService
0:42:20 - Configuring basic authentication
0:47:38 - Creating the Repository layer
0:51:20 - Loading Roles and Admin User
0:55:13 - Using the UserRepository in the UserService
0:58:05 - Creating the AuthenticationService and registerUser method
1:04:12 - Creating the AuthenticationController and registerUser method
1:09:22 - Configuring all traffic to AuthenticationController
1:11:53 - Creating the KeyGenerator utility class
1:14:37 - Creating the RSAKeyProperties class
1:16:21 - Installing OAuthResourceServer
1:17:29 - Configuring Spring Security to use OAuthResourceServer
1:22:05 - Creating the TokenService
1:26:54 - Creating the LoginResponseDTO class
1:28:37 - Creating the loginUser method in AuthenticationService
1:32:52 - Creating the loginUser method in the AuthenticationController
1:34:11 - Testing user login
1:36:23 - Configuring role based authorization
1:42:44 - Testing role based authorization
1:43:52 - Outro

#unknownkoder #javaprogramming #springsecurity