#Spring Boot authenticating login

1 messages · Page 1 of 1 (latest)

opaque pecan
#

I've been using Spring Boot to develop an e commerce API backend. I've managed to do the registration and add them to a PostgreSQL database, but how would I handle user login? Are there any resources that can help me do this?

strange bearBOT
#

<@&1004656351647117403> please have a look, thanks.

#

You can use </chatgpt:1108714622413963314> to ask ChatGPT about your question while you wait for a human to respond.

#
TJ-Bot
I've been using Spring Boot to develop an e commerce API backend. I've managed to do the registration and add them to a PostgreSQL database, but how would I handle user login? Are there any resources?

To handle user login in your Spring Boot e-commerce API backend, you can use Spring Security. Spring Security is a powerful and customizable authentication and access control framework that provides a wide range of features for securing your application.

To implement user login with Spring Security, you will need to configure authentication providers, define login/logout endpoints, and secure your API endpoints based on user roles. You can also use JSON Web Tokens (JWT) for stateless authentication.

Here are some resources to help you get started with implementing user login using Spring Security in your e-commerce API backend:

  1. Official Spring Security documentation: The official documentation provides detailed guides and tutorials on how to set up authentication and authorization using Spring Security.

  2. Baeldung's Spring Security tutorials: Baeldung offers a wide range of tutorials on Spring Security, including how to implement custom authentication providers, JWT-based authentication, and more.

  3. YouTube tutorials: There are many YouTube tutorials available that walk through the process of setting up user login with Spring Security in a Spring Boot application.

By following these resources, you can successfully implement user login functionality in your e-commerce API backend using Spring Boot and Spring Security.

- AI generated response
formal heron
# opaque pecan I've been using Spring Boot to develop an e commerce API backend. I've managed t...

If you're asking how you would store user credentials:
So, what do you need to identify a user?

  • the login name (must be unique)
  • the password

Obviously you don't want to store passwords as plain text, so you store the following instead:

  • a hash of your password
  • a salt (each user has their own random salt)
  • the hashing algorithm used

Then when the user enters their password you apply that hashing algorithm + salt to the password and check if the resulting hash matches the hash you stored in your database.

neat idol
#

This is a good start tutorial

neat idol
#

Or whatever the default is they recommend now

opaque pecan
neat idol
#

BCrypt I think

opaque pecan
#

Yeah

#

Bcrypt (typo)

formal heron
neat idol
#

Then the question wouldn't be "but how would I handle user login", but more like, "how would I implement a login system myself from scratch"