Common Backend Vulnerabilities
Authentication & Authorization
Spring Security JWT authentication
In this task, you will implement a simple yet robust authentication system using Spring Security. Apply the best practices from this week's content and combine them together.
/register, /login, and /logout endpoints to handle user registration, login, and logout.
/register accepts a username and password and creates a new user in the database./login accepts a username / password combination, verifies the password against the database, and returns a session token (or JWT) to the user./logout ends the user's session (see the note on logout below)./profile endpoint that returns the logged-in user, or an error for unauthenticated requests.Note: /register and /login are public endpoints. /logout and /profile are protected and require a valid token.
/logout deletes the session record./logout, the client discards the token. No logic needed to be implemented on the server-side.401 for unauthenticated, 200 on success).We have set up a simple project for you with controllers, services and a repository. Feel free to change any code.
Follow the Assignment submission guide to submit
The HackYourFuture curriculum is licensed under CC BY-NC-SA 4.0 *https://hackyourfuture.net/*

Built with ❤️ by the HackYourFuture community · Thank you, contributors
Found a mistake or have a suggestion? Let us know in the feedback form.