I am studying Spring Boot and Android. I've played front-end on Android twice, but it's my first time playing back-end. Currently, only the bulletin board creation/modification/deletion function has been implemented without logging in with spring boot, and only user membership has been registered. But I don't know what to do to implement springboot and Android login.<
There seems to be a lot of ways to use security, session interceptors, and jwt tokens, so what are some ways to make it easier to understand when you're new to the backend?
I'd appreciate it if you could also tell me how to do it with Logic. ㅜ<
ex) When saving a session and making a request with a mapped url on Android, what to save and so on...
spring-boot spring android
Typically, authentication between the mobile application and the backend is performed using the JWT token.
The Rest Controller seems to know how to write, modify, and delete posts.
You need to create a separate login endpoint, but you need to log in, so basically you need to send your ID and password from the app to the server.
Using the ID and password you received, implement a login success or failure, and create and send a JWT token when you log in successfully.
It is difficult to answer in detail because you do not mention how DB modeling is done on the bulletin board side, but it usually includes user identification information and the expiration time of the token when creating the JWT token.
After successful login, the JWT received from the server is stored in the app, and when calling the back-end API that requires permission, the JWT token is attached and delivered to the server.
Below is the API call scenario for writing posts using JWT authentication.
jwt is There are many, but there are two main ways to deliver a token.
I usually put a token in the request header and deliver it to the server. It is implemented in two main styles even when calling APIs that require authentication.
So far, I've explained the process of delivering the JWT token to the server in the app group.
There are various methods on the server side, but when performing JWT token-related processing using a spring, the filter was registered and processed.
© 2024 OneMinuteCode. All rights reserved.