Awesome

Login and Registration Example Project with Spring Security

If you're already a student of Learn Spring Security, you can get started diving deeper into registration with Module 2 </br> If you're not yet a student, you can get access to the course here: https://bit.ly/github-lss </br></br></br>

Relevant Articles:

• Spring Security Registration Tutorial
• The Registration Process With Spring Security
• Registration – Activate a New Account by Email
• Registration with Spring Security – Password Encoding
• Spring Security – Roles and Privileges
• Prevent Brute Force Authentication Attempts with Spring Security
• Spring Security – Reset Your Password
• Spring Security Registration – Resend Verification Email
• The Registration API becomes RESTful
• Registration – Password Strength and Rules
• Updating Your Password
• Two Factor Auth with Spring Security
• Registration with Spring – Integrate reCAPTCHA
• Purging Expired Tokens Generated by the Registration
• Custom Login Page for Returning User
• Allow Authentication from Accepted Locations Only with Spring Security
• Spring Security – Auto Login User After Registration
• Keep Track of Logged in Users With Spring Security
• Login for a Spring Web App – Error Handling and Localization
• Notify User of Login From New Device or Location
• Preventing Username Enumeration Attacks with Spring Security

Build and Deploy the Project

mvn clean install

This is a Spring Boot project, so you can deploy it by simply using the main class: Application.java

Once deployed, you can access the app at:

https://localhost:8081

Set up MySQL

By default, the project is configured to use the embedded H2 database. If you want to use the MySQL instead, you need to uncomment relevant section in the application.properties and create the db user as shown below:

mysql -u root -p 
> CREATE USER 'tutorialuser'@'localhost' IDENTIFIED BY 'tutorialmy5ql';
> GRANT ALL PRIVILEGES ON *.* TO 'tutorialuser'@'localhost';
> FLUSH PRIVILEGES;

Set up Email

You need to configure the email by providing your own username and password in application.properties You also need to use your own host, you can use Amazon or Google for example.

AuthenticationSuccessHandler configuration for Custom Login Page article

If you want to activate the configuration for the article Custom Login Page for Returning User, then you need to comment the @Component("myAuthenticationSuccessHandler") annotation in the MySimpleUrlAuthenticationSuccessHandler and uncomment the same in MyCustomLoginAuthenticationSuccessHandler.

Feature toggle for Geo IP Lib

The geolocation checks do not work for the IP addresses 127.0.0.1 and 0.0.0.0, which can be a problem when running the application locally or in a test environment. To enable/disable the check on the geolocation, set the property geo.ip.lib.enabled to true/false; this is false by default.