You can integrate it with Spring security by adding a filter, which extracts the token from the requests headers, and maybe reject the request if the token is invalid or expired. Then most examples uses the payload of the token to build an authentication object, and then put it in the security context holder so Spring can use it, and you can access it from everywhere (via the security context).
Saturday, May 29, 2021
Short description on Spring JWT authentication
This is the short explanation I've come across how Spring Boot with JWT works on reddit:
Subscribe to:
Posts (Atom)