Secure a mobile app with JSON web tokens (JWTs).
Firstly, you should review the information included in the email sent by the security lead. This information will provide task details, expectations, and instructions on getting started. Reading the email should take five minutes.
Once you’re up to speed with expectations, you should start to think about how to complete this task. It is always worth spending time before coding to plan exactly how you will build the project. Planning should take five to ten minutes. To get you started, here is an example plan for development that you can use:
- Install Java and the necessary packages to create a Spring Boot application using the installation site provided.
- Research the Spring Boot framework by taking a look at the documentation site.
- Test the Spring Boot template generator and create a starter project with the necessary dependencies.
- Research JWTs using the documentation site and try to understand how the authentication with JWTs will work.
- Start developing an endpoint within the Spring Boot application that returns a simple response without authentication.
- Develop this endpoint further to process a username and password in the body of the request.
- Develop this endpoint further to validate this username and password.
- If the username and password are valid, return a JWT used for authentication.