Implementation of JWT Token - vignesh01105/UserLoginSystem GitHub Wiki

Generate JWT Token

1. To generate Token, there are few important fields like username, Issue date, expiry date and password
2. We considered all fields is under claim, to add claim we have to add username, issue date and expiry date in code.
3. And create key to add digital signature with token. scenario of verify this one is valid token.

Validate the Token

1. At first time, the user is login with credentials and get token from the server.
2. when the user access the resources in application, it will send back the token in authorization header to server.
3. To validate token there are steps to be followed.
4. At first,in security config we have to add JWT Filter in security filter chain. Add this filter chain in place before UsernamePasswordAuthenticationToken
5. In JWT Filter, extract token from Authorization Header and retrive the username and token.
6. By retrive the username, checking the userdetails service by validating data from the DB.
7. By retrive token, checking the expiration and check its valid.
8. once it is valid, sending the userdetails data to next filter chain (UsernamePasswordAuthenticationToken).