Building a RESTful API with Java Spring Boot and JWT Authentication

-
A Spring Boot RESTful API is a web service built using the Spring Boot framework that follows REST (Representational State Transfer) architectural principles.
It exposes endpoints over HTTP to perform CRUD : Create, Read, Update, Delete operations on resources such as data entities (e.g. models, books, products, items, users ).



Spring Boot uses annotations like @Component@Entity@Repository@Controller@Service .

Main Application

@SpringBootApplication
public class JwtReimbursementApplication {

 public static void main(String[] args) {
  SpringApplication.run(JwtReimbursementApplication.class, args);
  System.out.println("Application Starts..!");
 }
}
Model Class
@Entity
public class ReimbursementModel {

 @Id
 @GeneratedValue(strategy = GenerationType.IDENTITY)
 private int id;
 @Column(unique = true)
 private String employeeName;
 int employeeNumber;
 String productType;
 String productName;
 String productProvidor;
 Double amount;
 String submissionDate;
 String comments;
 String isApproved = "pending";
 String approvalDate;
 String approverRemarks;

 int employeeId;

 // Constructors & Getters/Setters

}
Repository
@Repository
public interface ReimbursementRepository extends JpaRepository {

 List findByEmployeeNumber(int employeeNumber);

}
Controller
@RequestMapping("/reimbursement")
@RestController
public class ReimbursementController {

 @Autowired
 ReimbursementService reimbursementService;

 @GetMapping("/list")
 public ResponseEntity get_list() {
  return reimbursementService.get_list();
 }

 @GetMapping(value = "/{employeeNumber}", produces = { "application/json", "application/xml" })
 public ResponseEntity getReimbursement(@PathVariable("employeeNumber") int employeeNumber) {
  return reimbursementService.getReimbursement(employeeNumber);

 }
}
Service
@Service
public class ReimbursementService {

 @Autowired
 ReimbursementRepository reimbursementRepository;

 public ResponseEntity get_list() {
  return new ResponseEntity<>(reimbursementRepository.findAll(), HttpStatus.OK);
 }

 public ResponseEntity getReimbursement(int employeeNumber) {
  List models_list = reimbursementRepository.findByEmployeeNumber(employeeNumber);

  System.out.println(models_list);
  if (models_list.isEmpty())
   return new ResponseEntity<>("no data available", HttpStatus.BAD_REQUEST);
  else
   return new ResponseEntity<>(models_list, HttpStatus.OK);
 }
}

Let’s do a hands-on project : we’ll build a secure RESTful API using Spring Boot and JWT authentication.

A hands-on guide to building a secure user authentication system using Spring Boot, Spring Security and JWT in a RESTful API architecture.

Problem Statement


💼 In this hands-on project, We will build a secure RESTful API using Spring Boot that manages employee reimbursements. The API will allow users to registerlogin using JWT authentication, and submit or retrieve reimbursement requests securely. This tutorial will guide creating endpoints, securing them with JWT and testing them using Postman.

Initialize the database with the following data.

Implement JWT-based authentication and authorization in Spring Boot application. The JWT token should carry the user’s role either EMPLOYEE or SUPERVISOR — so that the role can be extracted and used for access control.

The token must be included in the Authorization header of each secured request, using the Bearer scheme.

Authorization: Bearer <JWT_TOKEN>


Full Implementation

https://github.com/nimi-soni/Spring-Boot-3.0-JWT-Authentication-RESTful-APIs



API Output & Snapshots

Our Helpers For Reference….


GET API : /public


POST : /login







POST : /reimbursement/add











GET : /reimbursement/{employeeNumber}



PATCH : /reimbursement/update/{id}





DELETE : /reimbursement/delete/{id}






GET : /v3/api-docs

All Test Cases Passed : )

Thanks !
Happy Reading 😇

Press enter or click to view image in full size

Comments

Post a Comment

Popular posts from this blog

The Perspective !

-
Image
F rom NIMI to IWIN : A Mindset Shift | The Power of Perspective | M y Personal Brand Hook | R eframing the Way, We Think About Challenges 🔁     “  N I M I → I W I N  ” In both professional and personal contexts, perspective is everything & mindset matters. In life, the ability to shift perspectives can reveal powerful insights as challenges are constant. But often, the difference between a roadblock and a breakthrough lies in how we choose to see it either challenges or opportunities. A setback can either hold us back or set us up for a stronger comeback & shifting our thinking can turn obstacles into opportunities. And sometimes, that shift can come from the most unexpected places—even a name. Yes sometimes, inspiration comes from the most unexpected places—even in your own name. Much like turning NIMI into IWIN, growth begins with a shift in how we think. | “Hi, I’m Nimi Soni and if you look closely, you’ll see IWIN was always part of me. I’m driven by p...
Read more

ABAP | Advanced Business Application Programming | Dynamic Programming

-
Image
Bringing Dynamism to ABAP : A New Paradigm for Agile Coding !                Dynamic programming in ABAP empowers developers to build logic that adapts at runtime deciding not just the structure of the data, but also the behavior of the code on the fly. By leveraging concepts like dynamic field symbols, data references and runtime type resolution, ABAP developers can achieve true agile coding.                 This approach brings flexibility, scalability and efficiency into modern ABAP applications, where execution flow and data types are determined dynamically based on real-time conditions rather than static design. Use Cases : Processing dynamic structures or tables (e.g. generic data uploads). Building frameworks or re-usable utilities. Working with metadata or generic APIs (like FPM, BRF+, BOPF). Agile Coding in Practice : Dynamic field technology aligns beautifully with agile principles. ...
Read more

SAP MDG : Dynamic Field Control Via Custom Rule Engine, Dynamic Yet Powerful !

-
Image
  R eimagining SAP MDG Field Validations: Low-Code Approach | Simplifying Complexity in SAP MDG-F: Dynamic Field Control via Custom Rule Engine | UI Field Control Made Simple – Hide, Show, Require or Optional. Working with SAP MDG (Master Data Governance) often means balancing two realities: robust governance and agile adaptability. One of the common we face during MDG implementation is managing field validations with user-friendly alerts. Whether a field should be hidden, mandatory or optional often depends on multiple factors like CR type, entity, company code or user role. Traditionally, these validations are implemented via BRF+ expressions, Enhancements in feeder classes, Hard-coded logic in the UI layer/BAdIs.      The Problem: Code Dependency in Field Validation MDG validations are crucial for maintaining clean and consistent master data. However, the standard methods come with limitations & most teams rely on: Feeder class logic: Feeder class enhancemen...
Read more