This project implements a full authentication flow using Spring Boot, Spring Security, JWT and Email Verification (Gmail SMTP).
- User registration with email verification
- Login with JWT token generation
- Stateless authentication via JWT
- Google Mail SMTP integration for verification emails
- Secure password hashing (BCrypt)
- Custom security configuration with authentication filters
- H2 in-memory DB (can be easily switched to SQL/NoSQL)
- User signs up → verification code generated & emailed
- User verifies account via verification link or code
- User logs in → receives JWT token
- All secured endpoints require valid JWT token
- JWT token handled via custom JWT filter in security chain
- Spring Boot 3
- Spring Security
- Spring Data JPA
- JWT (
io.jsonwebtoken) - Gmail SMTP (Google App Password)
- Lombok
- H2 Database
POST /auth/signup— Register new userPOST /auth/verify— Verify user emailPOST /auth/login— Login & receive JWTGET /me— Get authenticated user (JWT protected)POST /auth/resend-verification— Resend verification email