Complete User Registration / Login Flow | Spring Boot 3 With Email Verification.| Spring security 6

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hello guys welcome back to another demo video so into in today's the most video we're going to look at a complete user registration and login flow with email verification so what we're going to do today is that we're going to create a simple application with the complete flow for user registration but after the user have registered they have to verify their emails which means we have to send the application has to send a verification email code to their email so they can follow the link to verify their registration so it is after the verification they can they will be able to log into their accounts and this is just like a kind of scenario we see every day every time we register for programs online where we have to verify our email before we can actually log into our account right so that is what we'll be doing here in in this little demo that we're going to have in a few in the next few um few minutes so um for this I'm just going to go to IntelliJ and generate a brand new project from IntelliJ so here we're going to have this as some spring boats right so spring boots email verification spring boot email very verification demo so we're going to call this verification demo right and now I'm going to change this the ID to daily good work daily code the liquid work and here I'm going to click on next and we're just going to have the long book I'm going to have the lombok dependency and we're going to have jpa data GPA and we're going to have the web right sorry the web I'm going to have the web spring web and we're going to have the MySQL MySQL driver because we'll be using my Square database and then we're going to have what else we're going to have we have the jpa we have the web we have um lombok we have my schedule we'll have the the security so we're going to have the security this one here so I think these are the things we just need just dependencies we need for now if you know our time goes on if we have um if we if there is any need for other dependencies we can always come here to to add them as as per need so this one I'm just going to open on the same window and then let's um wait until this one is generated so here our project has been created we have generated a brand new project and I'm just going to close this down and close this down so we're going to open up our project so the first thing I'm going to do here is to create a new package here we're going to create a new package and this package is going to be called user right so let's what is happening okay here we create a new package right user so this user package and inside here we're going to create a new class so what we're just going to do right now is to is to create the user entity right so we're going to create the user module because this is what we'll be using for for the demo yes just add to get so we're going to do this with user right user registration so now the first I'm going to do is to create the complete user module that's the controller The Entity the service the repository everything about user right so that's what we're going to do right now so for then this is the user class and so now we're going to have some attribute for the user as usual so here we have the IDE a the first name first name and of course we're gonna have um the last name as usual and here we're gonna have the eBay in front of types of string as well you may I'm gonna have the password so here we have the password and uh what else do we want to have for the user so we would need um we need the user rule the user is going to have row right so here we have um we're just going to make this as a simple string of row right and the last one I'm going to have is some piece of Boolean so this one is going to be is enabled and is is enabled and straight away we're just going to set this one to First here enabled but okay no problem so um these are the these are the attributes we need for the user so what we're just going to do we're going to make this one a managed manage type which is I'm going to make it we're going to make use of The lombok annotation we we the the lumber we added so we're going to make a lot of annotations here so we're just gonna have to get us and we're gonna have the settings and we're gonna have um the no AG Constructor at no AG Constructor and we're going to have a all AG Constructor yes and the last thing we're going to have is the entity to make it a jpa entity right so um this is what we've gotten so the next thing here we're going to specify the ID so here we just have at sorry the ID and we're gonna have generated I'm sorry generated value we have this one here and we're going to set this strategy identity yeah that's what we need and now I'm going to make this email a natural ID so that no user note to users can have the same email right natural ID and we're going to set this mutable true so that we can the user can change their email if they want to change the calculator email right or they can correct their email okay so these are what we need right here for this um for our user entity so now I'm going to close this down and we're going to create a service class for our user user service so have user service um so this digital service but I'm just going to make I'm going to create an interface for the user service so we can actually um user service user service and this was going to be interface interface and here it's going to be interface here and here we're going to create a couple of methods here so here we're going to create a method to get our users from the database yes list of users this one is get against users and the next one we're going to do here is um so we're going to add a user right we're going to add a user so here we have a user so we're going to call this one register register user and registration we're going to create registration request we're going to create this class in a moment and next we're going to we're going to find a user from this option um files bye file by email and here we're going to take a string give me right so these are the things we just need to write and so now I'm going to create I'm going to create this class here so let's create this class registration request and this one here I'm going to I'm going to put this one in a separate package so here I'm going to call this package registration registration yeah just choose this and put it inside and put it inside right so um what we just need to get actually I'm going to change this to a record don't change the record so in case you you have not used record before or you don't know what is record I there's a video in my channel here where I talk about records so I'm going to leave the link below this video so you can just follow this link that link and watch um try to know about records so that you can actually know how records work right so um this one here we're going to just have everything we have here except we're just going to have everything here except the ID and the is enabled so what I'm just going to do here is to I'm sorry is to paste it here but um no I'm going to remove all this access modifiers remove all these because we are using record right so we don't need access modifiers here so this one here um here here and just remove this and this one too this so this is our record class okay and okay so this is all we need for the record for our registration request so like I said in case you don't know how Record Works there's a video in my channel that you can just watch so I have the link below there's a link below there I've dropped the link below this video so just follow that link and try to learn about records how they work okay so now I'm going to go I'm just going to close this and now the error is gone so I'm going to close this as well so here I'm going to implement our user service so say implement I user service here and then we're going to implement all the all the methods we've created in there so Implement methods so we Implement all this so here we go and now we're going to just finish up with our user module right so what I'm going to do here is to we're going to get um we're going to create a repository so we're going to say user repository repository repository I'll just call it user Repository here and this one here we're going to before I forget we're going to add this at service annotation and we're going to have to require because we're going to Auto wired we're going to inject our user repository so we're going to have this here so for that we're going to make this as final right to make this finer and we're going to Let's create this um something it's going to be an interface um in user right so so this one is our user repository and of course this one is going to extend the jpa repository right jpa Repository jpa repository here and this one is user and of ID is long right so this is what we we just need here and now we're just going to find all users so we're just going to say return user Repository dot find all dot find all so that is all we need to get our users from the database to fetch every user from database right so here we're going to come back to this method in a moment um this one here we're just going to return um user Repository dot find by email um find yeah filed by find by email so um we're going to pass in the email here so now we're going to um we're going to create this method in our in our repository so because this one is a finder method right so we just create it here and that is done and he's done two so now we're going to we're going to go back here we're going to come back to our re user registration so what we're just going to do here before the user will be registered we're going to we're going to check if the user is already in existence right so for that we're just going to um so for that I'm just going to call I'm just going to check check for the user existence in a database so now we're going to have the optional right optional um user optional user and we'll see user we just call this one user because user repository let me just save it let's let's find because this dot find by email right and we're going to find we're going to call request request dots request dot email so now we're going to check if the user exists or not right so here we have if if user if the user is present if the user is present then we just have to throw um you don't have to give a message right so have to throw a new user already exist so we're going to create this an exception class we're going to create this exception class later already exists exception except exception and we're just going to pass in a simple message here with email Plus request dot gaming so this one I'm going to make it the full screen so we can actually see what we're doing here and I'm going to zoom out a little bit so I use that with this email Plus so already exists so this was this is just a simple message you want to display for the user so if the user already exists so we're going to throw this message to the user right um here um I think I'm going to break this down so we can see it clearly so what we just did here is that we check if the user already exists in our database so basically we're going to be checking the email because we don't want a user that already exists to be recreated right so we're going to check the email if this already exists it's going to send this message a user with with this email with email this one here already exists in a database now if the user if that is not the case if the user if we've not gotten such a user before then we're going to continue with the registration process so for that we're going to have we're going to create an empty container for the user new user because new new user please make sure you are getting the user you are taking the user from our from the one we created right because here we have a couple of different users from different libraries so the one we're taking is the one we created our own user defined object right so here we just say new user right and now we're going to we're going to say near user new user dot sets the set first name to sets first name so we're going to get registration that's first name the first name here so this is how records work right so here we don't need to get you don't need to have to call the get first name we just say we show the first name so in case you've not watched that video please try to watch the video I have a video that talk about records here in my channel the link is below this video so please try to watch that video okay so now we go here and say sets last name so here we have registered dot last name and we're going to do the same thing for the the rest of the attributes right so here let's just go so it's email register dot dot email and password as well that says password so this one we're going to come back we're going to come back to this in a moment this is set not yet we'll get to come back to this in a moment so let's say um so let's set the row so new user But Central so have restriction dot row registration.row and after this now we're going to call we're going to actually save this user to the database right so here we're just going to call the user Repository dot save so we're going to save the user so this one is um it's just the normal process of saving of creating um crowd application applications right um springboard crotch so there's nothing new here we have not done anything strange here right so in case you are not familiar with Cloud operation I there's a video here in my channel that actually talks about a video on my channel here that actually talked about how to create a complete Cloud application with spring boots so I'm going to drop the link below as well I'll just checked the below this video um check for the link you can watch that to actually get the glass the graphs of how to create um a complete crowd operation for spring boots application so now let's come back to our password so here before we save this user password we're going to we're going to encrypt we're going to encrypt the password right so for that we're going to create um we're going to create a bins that we actually encrypt that we encode this password before it can be saved to the database so for that here I'm going to come here to create a new package called security so I'm going to call this package security and in here I'm going to click on right click on the Security package and create a new package called sorry a new class called um user user registration Regis so we're going to call this class user registration security config this registration secure which is the correct I supposed to be here security config is it configured it's correct um so um what's what happened oh maybe I made a mistake sorry I made a mistake here this is not what I wanted to do um okay let me just right click on this and create a new class oh so here user user registration security config so I'm going to click on this and what I'm going to do here is to is to remove it from here I'm going to delete this this one is a mistake so remove and so we're going to move it here right so let's move here move into Security package so now I'm going to I'm going to remove this I don't need this one here it was a mistake so now this class here is where we're going to configure all our beams so for that we're going to use an annotation call at configuration configuration right and next we're going to enable web security enable enable web enable web security yeah this annotation here so these are the two annotations we need for now so now let's create a beams called password encoder that will enable us to encode our password right so here I'm just going to say public password encoder and I'm going to call this bins password encoder so what we're going to return we're just going to return a new a new instance of big credit so we have return new new decrypts password encoder so that's all we need um here we're going to um we're going to annotate this with the bin annotation to make it a valid beings right so now we're going back here we're going to inject so let's inject the bins we've just created to our user service so for that we're going to say private password encoder password encoder this was going to be fine now we're going to make this one final so that it can be it can be Auto wired it can be injected by this this annotation we got from lombok right so we're using this annotation to to inject all this one that be Constructor to Auto wire all this was through the Constructor right so that is why you can see here require ax Constructor and this annotation can only pick um fields that are marked as finer so any figure that is not marked that is not final it's not going to be Auto wired by this adaptation here okay so take note of that so what here we're going to come here to say password encoder dot encode dot encode so we have password encoder dot encode and here we're just going to call registered dot password here so that is all we need to save our user to the database so now before we go ahead we're going to create this class this exception is a custom exception class right so now I'm going to for that I'm going to create a new package here called exception so this one I'm going to call exception right exception so we're going to click okay and I'm going to click OK yeah and okay okay so this is how we created so we're going to make this one to to extend runable um run time sorry runtime exception here and for that we're going to I'm going to let me just um take a controller from here so just pick this from here so that is all we need and so this all we need for now this is all we need for now right so this is all we need for now so now I'm going to close this down I'm just going to close this and here it is actually the error has gone away so now we have done we which means we have done with our user module creation right so now I'm going to close this down close these down and close this for now and this one also close this and I have this one also we're gonna we're done with this so I'm going to close this as well so the next we're going to do here is to create a controller so let's create a user controller here a controller class so this one will just call user control user controller class like this user controller and this one actually is um it's going to be a rest controller as usual and we're going to specify the request mapping the request mapping here and we're going to call this as users and in here we're going to have a method that can actually get all users from our database so just say list we'll be using list for this okay here we just see a list of users sorry use ER yes this is our user and we say get get users and so here we're just going to return obviously so for now we're going to need the object of our we're going to inject our user service class in here so we say user service and this also I will call it user service and it's going to be fine as well so we can it can be Auto wired through the Constructor so here we're going to have The lombok annotation here at required at required AG Constructors so here so that we can Auto wire this so straight ahead we're just going to call this return user service oh no not usual repository this is user service oh sorry I uh what have I done here um we don't need this here did I do this how really okay actually what we need was the user of service so what we just need here is return user service dot gets users so this is what we just need here simple method here to actually get all users from our database so this one here is going to be at post request no no not at Port this is a get because we are getting users so this one is going to be get mapping here of users right I'm just going to push this in we will format it and so this is what we need to actually get to or for us to get our users from the database right for now I'm going to close this down so now we're going to create we're going to go back to our registration package so we're going to create a registration controller so this where we're going to an end point for us that we're going to use to register user right so here I'm just going to say this one as usual registration registration registration controller controller so this one here we have so have the registration request and we have the registration controller here so I'm just hit enter and what we're going to be doing here is to actually register a new user right so so um for this I'm just going to open this controller and I think we're going to have let me just a little bit lazy so I'm going to copy those annotations because we're going to be needing the same thing we're going to need the same thing here right but this one here I'm going to change it to register register so this is what we need here um for that as well we're going to need our user um the user service here so I'm just going to copy this please I'm sorry for copy or paste um kind of a little bit legit today for typing so now I'm just going to copy this here and this one is going to be Auto Wire by this annotation as well right so this one is our user service so we can we can inject it here to actually do the work of saving the user or restarting the user to the database right so now we're going to create um we're going to create an add point that we actually do the registration process for the user right so for that here we're going to have um we're going to create a post we're going to create a method an endpoint so it's not going to be public public user oh I'm going to make this one a string because we're going to be returning a string message to the user after the user has successfully registered right so here I'm going to Circuit string register register register user and for this we're going to need the registration um request we created last time this one here so we're gonna need this and we're just going to call it registration request as well uh maybe we're just going to save requests right or let's just call it Regional request registration request here um now um so what we're going to do here is to actually um we're just going to call the user the user service to actually register the user so for here we're going to have um user because we're going to return the user that we just save to the database so we're going to just say user service dots dot save or maybe dot registered okay cool don't register the user so we're going to say um use a registration request right and this one we're going to import from our our own package so this one here I'm just going to terminate now we're going to what we're going to do here so after the user have been saved to the database so here we're going to publish an event right so we're going to create an event publisher we're going to publish registration registration event here so we're going to come back to this in a moment so for now we're going to return his message to the user so if everything went well so we're going to return a message to the user so it's not going to say success success so now we're going to say please please check your email check your check your email to to confirm to complete to complete um check your email for registration Regis sorry for registration confirmation right this grammar is too much so I just want to give a simple message here like please check your email to complete to to complete your your registrations something simple like this this one is okay okay so if everything went well so the user is going to we're going to send we're going to return this message to the user right so that when the user comes you open it their email to confirm the registration so that is when they can log into the system so now um like I said we are going to come back to this here because here after the user have been saved to the database we are going to publish an event right so before we do that I'm going to just annotate this with a post sorry I post mapping before I forget register right um now we are going to so for that we're going to create a package called event so that we can create we can we can create an event to publish right so now I'm going to create another package here called events um package and this one is going to be called events and inside this package inside this package we're going to inside this package we're going to create an event right we're going to create an event so this event here we're going to publish so what event are we going to publish here is registration event so this event this publication is going to lead to the the sending of the image of the user right so for now we're going to create a class here called um use registration complete event so here I'm going to create a new class called registration registration complete completes events um sorry this one is event registration complete events so this is going to be here and this one here is going to exchange the application event right so here we're going to extend the application application events and here we're going to we're going to have so before this before this we're going to before we before we um sorry before we um create Constructor we're going to have some some feed here so we're going to have the feet oh sorry so here we're going to have private user user because this user we're going to be we're going to we're going to let's do the import here so this these are going to publish the event for right so here we're going to have another um field here string type because here we're going to call this application application URL now this URL is this application URL so this is the URL we're going to we're going to build to send along to the user email so when they click on this URL they should be able to verify their emails right so that they can log into the system right now have done this here I'm just going to uh have the lombok gator and setter get a sector so this annotation is coming from lombok okay so now we're going to generate um let's have um let's create a Constructor um this yes this and here um what I'm just going to do I'm going to generate my reconstructor so we can actually um so we can take this okay the same thing yeah so we can take this through here and just click ok so this one here we're going to call this the user right and call this user and oh sorry we got we got we got it there already sorry my mistake so now we're going to change this to user so this one is the user right so I think this all we need to do with our events registration complete event here so now we're going to go back to our researcher controller to actually public to um to actually publish the event Okay so so for that we're going to we're going to get a handle of the application um application um event publisher right so we're going to get the application event publisher here so I'm going to say private application event publisher this one here so I'm going to need this one here from Spring I was just going to call it publisher right and this one's going to be finer because we're going to be we're going to inject it so we're just going to make it finer here final and terminate so here we're going to call the publisher to publish the event publisher dot publish events so what event I'll publishing so if you look here we are this one is expecting application event so now we're going to call the application registration complete event we just created so here we're not going to say new registration new registration complete event this one here and here we're going to pass in the user and so here we're going to pass in the application application URL but here we don't have it so we're going to create a method whereby we're going to so I'm going to make this a full screen so I'm going to create a method where we're going to build this URL so here I'm going to edit application the URL for now and for that um we're going to need something here finer we're going to have a final so here we're going to need the servlet the HTTP servlet that that we actually get us the that we go that we get this message for us right and get the URL for us right so now we're going to we're going to have um the HTTP um sublet request here so here I'm just going to say http serverless servlet request this one here and I'm going to call this request so I'm going to pass this request in here I think our front is becoming too big so it's going out of screen so I'm going to zoom out a little bit so we can see everything we're doing here Okay cool so now um we're going to build this this URL okay so we're going to build this URL so here I'm just going to create a method but I'm going to make it a public key maybe we can use it somewhere else right so now what we're just going to do we're going to return we're going to return a URL that we've built right so for here we're going to get the server name the name of the server the port and the Azure the context path of our application right so that the user can actually click on that link so at the link I can actually link back the user to our application to verify their their registration before they can log into our application right okay so for that I'm going to just return a string of um URL right so here I'm just going to say http and double slash plus so we're going to get the name of the server request.get server name so again we get the name of the server and after getting the name of the server we're going to add column right here before the port so now we're going to get the port name um so we're going to say Plus request.get um request Dot dot get server Port the port of the server and after that we're going to get the context part so we're going to say request dot get contest path here so this is all we need to to build um the link um the the URL we're going to send for the user right so now this is what we're using here right now right okay um now I think we are done with this for now let me zoom out a little bit I think our font is too big and let me open open it up here okay cool so now we uh we are successfully so this what what this one is doing here is to actually register the user to our database and when the user is saved successfully to our database then um the application we're going to call we're going to publish an event right so what event are we publishing we are publishing this event our registration complete event now how are we going to send this email now the event has been published now we're going to create a listener another class a listener class that we actually listen to this event publication so that that listener is going to be the one to actually send the email to the user right okay so for that I'm going to come here I'm just going to copy the name of this class what is the class here yes I'm going to copy the name of this class and I'm going to go to our events folder uh event directory so I'm going to create a new package here so this package I'm going to call it listener listener so this one is going to be the event listener right so inside this listener I'm going to create a class called registration complete event listener so that was the reason why I copy this because it's a long name so what I'm just going to do here is to add The Listener to the end here right so we'll create this here and this listener here is going to is going to extend so this listener is going to it's going to extend uh the application listener right here so it's going to extend uh application listener I've not actually extended because it implements the application um application listener here and this one is a generic so we're going to so what are we listening what event are we listening here so is the registration complete event so that is what we're going to pass here registration complete event this one here so this is the event we're going to be listening we're going to be listening to right I'm going to make it full screen um maybe I'm going to break it down let me break it down uh because our font is Big right so let's break it down so we can see it clearly so now um so this is the event we're going to be listening to right so this one is the registration complete event listener and this one is the registration complete event right so we'll be listening to this event to actually send email so now we're going to we're going to implement the method in here we're going to implement this method here right so now in here inside this method I'm going to I'm going to give us a roadmap so things we're going to do here so actually the steps we're going to follow to actually send the email so now number one here the first I'm going to do here number one number one so here we're going to get we're going to get the the newly created user that he newly saved user right the newly registered so we're going to call this what the new registered user registered user and number two number two we're going to create after getting the user we're going to create a verification token for that user create a very education token foreign for the user this one is the user creates a verification token for the user then number three number three we're going to see we're going to actually save that verification it's looking for these are safe the save the verification token for the user this one is talking not talking it's not talking it's talking right so now um number four we're going to build the URL so number one we get the user number two we create after getting the user we're going to create a verification token for the user then after the verification is created so we're going to save it to the database we're going to save it for the user right and number four we're going to build we're going to actually build the the verification URL verification verification URL and to be sent to be sent to to be sent to the user and number five we're going to actually send the email so number five so these are the steps we're just going to follow Okay so saint send the email cool so we're going to take this one step by step we'll take them one after the other right so before I forget I'm going to make we're going to make this one a component because it's going to be a spring bin so make a carbonate and we're going to inject a couple of dependencies here so for that we're not going to have um this annotation from lamb box so we can actually inject some dependencies here right that can help us to complete this job um here I'm going to zoom in a little bit I'll zoom out let's zoom out of zoom in I don't know maybe zoom zoom out right so I'm going to zoom out a little bit okay so now the first thing I'm going to do here is to actually get the user so here I'm just going to say user user the user equals um so here we're going to get our user from the event remember we have already gotten our user in this event so if we go here we have the user here already right so we're going to get our user from the event so we're just going to say event Dot dot get user event.get user right and this one we're going to import the class here and number two we have gotten the user so the next we're going to do is to create the verification token so this one is going to be of type string talking so we're going to create the token so okay so we're going to call this verification token so we're going to call this verification token right so I'm just going to say um very very vacation [Music] verification token here and so this one is going to be you will just go get it from uint dot random Dr string right so so now we have we have gotten the user and here we have gotten the we have gotten we have generated the the token right so the next one here is going to we're going to save the verification token so we're going to come back to this one later I'm going to come back here because we're going to actually create an entity class for this verification token because we are going to be saving this to the database so which means this one is going to be an entity it's going to be a table in the database so we're going to come back to this one in a moment so now I'm going to jump to number four thank you I'm going to jump to number four here uh here number four so number four here we're going to build the URL right so here I'm going to say string string URL so this one we're going to get the event on now events dot get application URL so this one here we're going to say Plus um here um which means because now this application URL the the link to the verification is going to come it's going to it's going to be coming from the um the registration controller here so which means we're going to create an end point here um for for the verification for the email verification right so now we're going to just have this we're going to build the URL here so I'm going to say register register here and so the name of the end point we're going to create is called verify very verify email we're going to call it verify email or verify your email is it is it okay let's just say verify email so let's call this verify email here and now this verify email is going to it's going to take a parameter here so we're going to append a parameter here the token which is the token so we're going to append the talking parameter here and then we're going to get the generated token the token we have generated from here um okay it's called verification technique here so now this is the link um this is the the URL we're going to send for the user for verification now like I said this verification is going to be done through the use through the registration controller here so that's why we are getting this one here registered and we are going to create we are going to create an end point here um with the name of this here what is it with this name here verify email so that is where we're going to verify the email and this one here we're going to have a parameter the token parameter that we're going to embed into the um the URL that user we we actually click to verify the registration right so now we're going to send the email but for now I'm just going we're just going to log so let's just log this to the console to see the the URL we actually generated right so for that I'm going to have the excellent4j here the XL 4G xl4j oh sorry SF 4G here so now we're going to log in we're going to log the URL we've generated in the console so we can actually see what we've generated right so for that I'm going to call the log.info log that info and we're just going to specify a message here for the user to click right click the click the link to verify to verify your click the link to verify your registration right or maybe to complete I'll click the link to verify your your registration so now we're going to pass in we're going to pass in the URL so this is all we need this all we need here um so this all we need is to this is the message we're going to we're going to get the user to click on the link that will so this URL this link we've built here right that contains the token right so they can actually verify their email okay okay now that we have done with this we are going to come back to number three so now we're going to actually save we're going to save the we're going to save the verification token so for that I'm going to come here and so we're going to create a new package and this package here I'm going to create it inside the registration package so I just want everything about registration to be in there so I'm going to call this one as token so this package is going to call the call token so here I'm going to create a class called verification token verification verification token and I'm going to hit on enter right so now we need some we need some what do we need to what what are the things we need we need to verify here so now we're going to have the idea the token is going to have the ID because it's going to serve as an entity this one here is going to serve as a table in our database so it's a complete entity so we're going to have the ID um the ID the token and and some couple of things here so the first I'm going to have here is the ID so here I'm going to have the private um long you're going to type long ID so we're going to have the the actual token of type string so string so the I shot okay we're gonna have the token here and now we're going to have the expiration time for the token so the token is going to have expiration time so when that time um elapsed so the user will no longer be able to verify except you requested for um it's going to request for a new a new Target to be sent um so now we're going to say expiration aspirational type so just look at this expiration time so let's do the Imports for the dates yeah we'll take this from java.util now because this one is this token is going to be generated for the user so we need a way to tie the talking to a user right so this token is going to have a one-on-one one-to-one relationship with the user right so for that we're going to get to have the object of the user so here I'm just going to have the private user the user right this is going to be the user right here so let's do the Imports now do the import here import from our from our package okay from our application so now we're going to make use of the hibernate annotation you want to want annotation for hibernate right okay so now um we're going to find a way to join to to include the user into the into the verification token table right so for that we're going to have the Android column and we're going to call this the name of this one is going to be called excuse me excuse me so this one is going to be called user user ID right so this is the name we're going to this is how we're going to join the user to this verification talking table so now we're going to we're going to make this one an entity so we're going to make it of the lombok annotations yeah I get them at seta at entity and we're going to have a known as Constructor as well you know I Constructor because we're going to be creating a couple of Constructor for ourselves here so I'm just going to have this one as known as Constructor so now let's uh specify the ID and let's hibernate how this ID is going to be generated so let's say the strategy strategy and this one is going to be identity I then TT here right so um basically I think this work which is all we need for now that's all we need to do so now let's generate a Constructor let's create a Constructor so using Windows I'm just going to click on the ALT key and insert to generate the Constructor and this Constructor is going to take it's going to take the user and the token right or no not all um here no yeah so the user and the token is going to be here right here right um now what we're just going to do we're going to calculate we're going to get the expiration time right so here we're going to say these dots expiration the spiritual time equals so this one here we're going to create a method that will actually calculate the time for us that we calculate the expression time for us right so now I'm going to have so we're going to create this method in a moment get token get token expiration expiration get token expiration time is that correct and this one is going to be a method right s expiration expiration time is correct so now let's create this method before we before we go on before we do other things let's create this method to actually calculate um to actually calculate the the exponential time right I'm going to change this to public maybe we can eat somewhere else so the first thing we're going to do here is to get the calendar object calendar and we're going to get the the the the new instance the new Islamic calendar the static method the static method we'll call it static method to get instance here and now we're going to we're going to get we're going to set the time kind of set in time in milliseconds now this time we're setting here is the time when the token is generated in our system right new things new dates dot get time so we're going to get the actual time this token will be generated in our system and after that we're going to add a few minutes or a few seconds to this so that um so we're going to have the ads and here we're just going to call the calendar dot add minutes right dot minutes and now we're going to specify we're going to create a um the constant here I could have just add here maybe like 10 minutes or maybe 15 minutes but what I just want to do here is to I want to make it a little bit standard so here I'm going to create a constant here because we might use it in another place so I don't want to use it's not good to to um so what I just basically what I just want to do is to make this one a constant we're going to make this one a constant here right so for that I'm going to have a private um static I'm gonna make it a static finer ends and so this one we're going to call it expiration time expiration a constant right expiration time and we're going to set it to 15 minutes so now we are telling the system that is correct expiration we're missing I here I total is correct so now instead of writing this one here we're just going to say expiration of time here I'm going to put it here cool and after that we're going to return we're going to return we're going to return the new date right so here we have return new date um it's from java util so here we're going to have the calendar dot get time gettime dot get time so this all we need to do to get our to calculate the expiration time of our token right okay so now we are done with our with our token entity so another thing we're going to do here I'm just going to um maybe this one is not necessarily but I think maybe we might need it later so I'm just going to create another Constructor here that will take already talking so in case we want to make use of the token alone we can just make use of you talking alone here right so um this is what we this um actually what we what we need to do um here let's just maybe call the super Constructor the empty controller from the super and here let's have let's make it here too because the convention it's not really um it's not something that we must do but just for some reasons I have to do that okay so now we are we are done with our verification token creation so now I'm just going to close it down right so now I'm going to close this down just close it down and so we are going to go back here we're going to go back to the safe method we're going to go back to save our verification token for the user we'll use the number three that we that is pending so now here we have so for that because here we're going to call the user service to actually save this token for the user right so for that I'm going we're going to get a reference to really get to reference to the user service so we're going to inject we don't have it as a dependencies here so I'm going to inject the user service dependency so in user service user service right so we're going to make it finer so we can it can be injected to find so it can be injected by this annotation from lombok right so now we're just going to call the user of user service Dot save and this this method is not yet in existence in our data in our user service class so then we're going to we're going to create this method in our user service class okay so now I'm just going to call this method as save um safe user save user verification very user verification this one is very safe user verification token and so we're going to have the user and the token um okay we call this verification document verification token so these are the things we're going to save for the user so now we're going to create this method in our user um in our user service class okay so I believe this is what we just need so right here we get the user and we get the user and we what we did again we we create a token we generated a token for the user and after that we we built we built we generally talking after that we saved the token for the user and then we built the URL the confirmation URL and then we send the email right so now we're going to create this method inside our user um service class so we're going to create the interface then we're going to go to our user registration class and implement it so user service sorry as usual registration is called user service so now we're going to implement this method right so now we we actually we're going to we're going to create we're going to implement um this this method to actually save to actually save the the user verification token to our database right so for that we're going to make use of the forget to make use of the verification entity we've just created last time so for that I'm going to say verification verification talking so we're going to say verification token because new verification taken very vacation check this one here so I'm going to have this one here and what do we need here we need the user and the verification that I can write so we have the user the user and the verification token um yeah what happened verification token so let me just shorten it let me shorten it here and so let's just have look in here to happen oh okay talk this on here so um require string provided okay this one is talking talking and here is the user the user so have you done this so we're just going to call the the token Repository so now we have not gotten a repository for the token to actually save so we're going to go back here and create a token verification repository so for that I'm going to copy the name of this class and we're going to go here to create a repository for this token right so here I'm going to paste it here and just add repo Repository Repository repository here so this one is going to be an interface and this one is going to extend sorry we're going to be extends extend um the jpa jpa Repository and this one is going to be of verification token and the ID is long right so this all we need here so I'm going to zoom out a little bit so we can see it clearly so this all we need here so this optional is optional you can so okay at Repository you can say a repository right but it's optional this one is not it's not needed it's optional so there's no need of I'm not just going to put it here um no need because let's maintain the conversion I have not been putting it right so now we have this here created for us so now we're going to we're going to grab the we get to auto wire we're going to inject it here so here I'm going to get a reference to the user Repository oh we've got it here already user Repository um oh sorry this is user repository so what we need here is the token repository so here we have private um verification of token verification token repository this one here this one so we're just going to cut this on token repository right and we're going to make this final as usual so we can Auto wire right so now we're going to come here to say um talking Repository repository dot save dot safe verification token here okay so now this is all we need to save the verification token for the user right which is this method here we are calling okay um right now I think we were about to to get to the testing point of our application so I'm going to close all this I'm getting confused because we open too many tabs so I'm going to close all these so what we need right now I'm going to reopen I'm going to open this registration controller to see what we've gotten so far so I'm going to remove this one here since we have sent it already so I'm going to remove it so it will be cleaner right okay now what we're going to do here is to be is to test our application but before we test this application we're going to we're going to we're going to um we're going to open up our resource file application properties so I'm going to rename this one to yaml I'm going to name this thing this one to Yemen air yml I'm going to refactor right here and for this I'm going to we're just going to grab some properties we're going to grab some properties and just put it these are the same thing we have been doing from time to time right so it's nothing new um so here I'm just going to grab this properties here and just paste some properties here right so this one is not my thing uh there's the port the server Port this is our database the username the passwords just for the demo purpose and all this so you can just pause and make sure you have this set in your property file you can make it of the properties you can make use of the tml depends on what I just want to you make use of this for some reasons right so now we have gotten this here I put this on create because we're going to create our database our table so that our entities right so we're going to create so now I'm going to close this down and so what we're going to do here is to run we're going to run our project um so that we just want to make sure that our project run up to this point because we have done so many things here we have done so many things right so we are going to test what we have done so far so that if there are any errors so that we can fix those errors before we we continue with our journey right okay so for that I'm going to hit on the play button to actually run this project to see what we have gotten so far so here I'm going to enable I'm going to enable and okay so we can see that our application has started um successfully without any errors and Spring Security has given us a default password Here right but right now we have not gotten anything there is nothing in our database so let's swing over to and we'll see here that our table has been created the token verification table and the user table has been created for us so let's swing over to my SQL workbench to refresh let's refresh and here we have the registration DB and here I'm going to open up so here we have the user so here we have the user table and we have the verification token table so here we have the user ID the token and the exponential time right and we'll close this and we'll close this as well so now we have created um our application has run successfully and our table has been created and that Spring Security has generated a default password for us but right here we have not gotten we have not done any configuration whereby we can actually have any endpoints to log in right now so um now that our application has started successfully so I'm going to shut down the server again I'm going to Shorter the server so the next thing we're going to do we're going to find a way to create to get some users in our database so we're going to open up our Security package so that we can actually create some mix of configuration so to speak so we can make some configuration on how to get some users in our database okay so now the first thing I'm going to do here is to create user detail user detail class so for that I'm going to right click on this or Security package and create a new class called um I'm going to call this one registration and user registration user user Regis [Music] registration details details so say user registration details so this one we're going to this one is going to extend or it's going to implement let's go to implement here we have implements so it's just going to implement the user details from Spring Security user details right so what we're doing here right now is to this is what we've done before and normal user details implementation so in case you're not familiar with doing this there's a video on my channel that actually where we actually talk about we make a demo on how to um on we make a demo on a spring security that basic basic authentication with Spring Security then we actually create all this from the scratch and we talked about all this how it works so there's a link below this video that will actually lead you to that video so you can watch that video and actually get all we have done in that video we've done a lot of things in that video that actually that will give you Insight um to uh to how all these things are working right so um now we're going to implement a couple of methods here we're going to implement all this method here so we're just going to click on okay here good so now what the next thing we're going to do is to get our user our own user defined object so that we can actually take it get a handle of the password some of the properties of our users so that we can actually get an user created and we can actually log in um because it actually registered and log in um and our users right so for that I'm going to create a Constructor here not the Constructor I'm going to create some attributes here of the user so we're going to get the the username so it's going to be type string username user name here and next we're going to have private string this is a password right so we're going to have the pass the password and the next one we're going to have is Ebola type to actually check if the user is enabled or not so we are going to say is enabled enabled so we're going to make use of this in a moment right now this one here this one is going what we're going to flip to actually when the user registered it's going to be disabled right for the first time but after the email verification is going to be enabled so that user can actually log in right so we're going to see all this in a moment so now we're going to have the authority of the user so here we are expected to return a list of authority this one here you see the collection of our granted Authority so here we're going to use the list of granted Authority granted Authority and we're not going to call this one authorities this one here okay um so now um I'm going to I'm going to generate a Constructor where we can actually fix all this inside right so here I'm just going to take this everything here and click on ok but now I'm going to remove some things because I'm not going to I'm not going to um okay because of this one that's why I take all this so now I'm going to remove all this here I'm going to remove all this because I just generated this so that I can get all this one for free I'm ready to type so now we're going to have our user objects uh only that object where we can get a handle on the password and some of the properties of the user so here we're going to import let's import the class yes from our own um our own package so here I'm just going to say user Dot [Music] dot get email because the username is our image that is our email is the username right so I'll just get the email and this one we're going to get the password password is password everywhere so we don't get password right so let's not get password and this one here we're going to say user.is enable user Dot is enabled so that's what we're going to have here and now this one here we're going to find a way to get because a user can we are expected to return a list a collection of this right because a user can have more than one Authority in my user admin moderator and stuff like that so but right here because of this demo the user our users just only have one row maybe all right so now but we are as we are expected to return a collection of this so that's what we're going to do here right now so because of that we're going to have array of this sorry I raise dots dot stream so now we're going to get the user user rule with other kids dot get rule here and here we're going to split you're gonna get row dots dot split in here put that we're going to call this split methods and now we're going to split with command right so that in case the user has more than one rule so those who are going to be separated by comma that's what we're doing here so now we're going to we're going to actually map this map to simple granted Authority simple granted granted Authority um here we'll have this so I'm going to break this down so we can actually see clearly what we are doing here so I'm going to break this down and break this down and then we're going to collect this we're going to collect them to a list so that's all we need so here I'm gonna break it down so this is all we need here so now we are done with this so what we're just going to do here we're going to come here to return Authority return Authority and here we're going to return the password here's the password returning and here we're returning the username username and here we have to return true through this one too will return it true just for this purpose because we don't have anything to do with this for now but this one here we're going to return is enabled here so that is all we need to do here to get our user details class right and in here this is additive class we're going to have we're just going to annotate this with our data so we can just get our geta set us and some other things that we need for this class to work properly right so now we are done with this um we're done with this so the the the the complete project code you can follow the link below this this video to go to my gate repository to actually get the complete code for this project so you can actually um understand what we are doing because we have done so many things this video is long we have so many things to do here because of um the kind of demo we are trying to do today right so now I'm going to I'm going to close down this and the second one we're going to create is the I'm going to open this again and I'm going to copy I'm going to copy this the name of this class because we're going to create another class here so we're going to create a service for this class so I'm going to paste user registration details service right so we're going to add service to this I don't know if the name doesn't sound well but um I just want to do do it like this for the purpose of the demo so definitely we have the user details and we have the user Detail Service right so now I just add this one here to indicate our own user defined one right so that is why I just added that one to it so now this one also is going to implement the user details the user the surface of from the Spring Security main user details service user details service this one here is coming from the spring framework so now we're going to we're going to implement the method here the load by username so now this one here this is the method that will help us to actually load a user from the database to actually log in a user into our application right and now this one is a service so we're just going to say at service annotation and we are going to we're going to inject some dependencies here so for that we're going to actually have this um a long block annotation again to actually inject some of uh into some dependencies here so what is the dependency we're going to inject here is nothing but our user repository right so for now we're just going to have private um user repository user report this one here is what we need so I'm just going to call this user Repository and this one here we're going to make final as usual so that it can be Auto wired by this annotation here right okay good now have you done this I've done this so we're going to actually return we're going to return the user from the database right I'm going to change it to email because we are finding our user by email because uh the email we make our email as the user ID right so now we're just going to return user Repository dot find by email we're going to make use of that finder email method we create last time and we're going to pass in the user email right now this one is optional right it's optional so we're going to we're going to actually um handle this so we're going to map it to our user detail now if we look here we are returning user details so but but we are getting we have we are we're trying to get um a user so what we're going to do we're going to convert the user to our user details so there's a video in my channel where we actually when I made about um Spring Security um basic authentication with Spring Security and also there's another video in this on this channel um where I made where we make a demo on um um JWT authentication with Spring Security right so all the link up to these videos I lived I leave them under um under this video below this video so you can just follow this link to watch those videos so that you can actually see what we've done in those videos they are very good ones that will actually give you Insight uh into how Spring Security actually work from scratch because in this video we actually developed everything from scratch and we explain we talk more in that video right so um I I really encourage you to take a look at those on those videos so we can actually see what we've done in those videos right okay so having said that we're going to we're going to have this one here as our user registration [Music] user restriction details this one here is what we need and we are going to break this down break this down and because it's optional we're going to get against non-pointer exception so we're going to throw we're going to use the or if um or S through right this one here and then we're going to throw the new user name not found exception right so here we just say this using our Lambda expression here it will say new user not found exception and I'm going to break this down as well I'm going to break it down and so we're just going to pass a simple message here input message we just say user notes found just as simple as that right okay so um I think that's all we need here for this our user details class so this all we need to actually fetch a user from the database right okay cool so now we are done with this we are done with this so the next thing we're going to do here is to actually test run our application so that we can try to we can try to create some users in our database so that we can start our demo proper right okay so for that I'm going to hit on the Run button here I'm going to hit on the play button so that we can actually run this project and and try and try to create some some users right okay so now we can see that our project has started successfully and here um our project has started successfully without any error so now let's go to um let's go to postman um I remember something before we go to postman we're going to actually configure this let's open up our uh configuration class so I forgot we have not configured anything here we have not tell um we have not test break security the how we're going to access our URLs right so we here we see that we have gotten some URL some endpoints here right some apis here we have the user API and also we have the registration API right but now Spring Security has not known about this about this one here right he has not known about other things so what we're just going to do here is to is to declare of this for Spring Security to know about them so that's Spring Security can actually manage them for us so for that I'm going to shorten the server again okay so right here we're going to create a new bin called um security filter chain right so now we're just going to have the public security filter this one here this one here um security with a chain I'm just going to call it security filter chain and this one is going to take the object of the HTTP security this one here and we are going to call this one HTTP okay so now we're going to return this the normal configuration we'll be doing right so we have done this over and over again in the most of our in course of our demo right so it's not new right so now we're gonna do we're going to disable this [Music] and let's see so [Music] disabled the disabled dot authorize authorize request dot request matches right so I'm going to break these down and let's break it down so we can be a little bit clearer what we are doing um so this one I'm going to just say that permit or then after that we're going to continue with the one we're going to secure right Dot and authorize requests let's keep breaking this down let's keep breaking it down um break this window as well and I'll try request dot request matches so this one's here the the users that can that can access this one here are those that has those that have in the correct grammar those that have any role I just want it to be any role if you have the user role you can access this if you have the admin role you can access this because in this application we just have only two rooms only two authorities the user and the admin so we want both the user and the admin to be able to access the endpoints we're going to put here right so here I'm going to say user and and uh to me user in admin so I'm going to do this do this and I haven't done that so I'm going to say that and so we're going to get form for this for identification right so we've got add build and beards so this all we need for for this configuration so this is all we need for Spring Security to take to handle our to handle our our endpoint for us so this one here um this this the ones I'm going to allowed is going to be registered so we're going to allow every API coming from register what is the register controller this one here so we're going to allow every every request that is coming from here we're going to allow them for free but every request that is coming from the user controller is going to be authenticated so the only request we have here is just to view all users right so if you don't have any row if you don't have row maybe if you are not if you don't have the user row or you don't have the admin role you cannot view or use that that's what we're trying to do here just try different purpose right and this one here we're going to see um users right so this one is users so now we're going to we're going to throw the exception here so let's do receptions and um we are going to annotate this with the bin annotation pin annotation okay that's that's all we need that's all we need for here right for this to work so um I haven't done this the next thing we're going to do here is to test run our application to to see um if we can create new users or not okay because now we have not gotten any any users in our database so we cannot test any users right now so what we're going to do right now is to is to actually run our application and see how we can create new users okay so that's what we're going to do so for now I'm just going to hit on the play button to run our application okay so we see that our application has stacked successfully uh so what we just need to do here is to go to postman and see if we can create um the users or not um so here I've I've tested some users here before so I'm just going to change this to to Samsung [Music] and this one is going to be Alfred right and this one is going to be um right at gmail.com so the password is one of the group of access and these guys are user so I'm just going to hit on we're gonna hit on this okay so we are still having we're having a problem here we're having a login problem so let me check let's check our console to see what we what the problem is um oh raw password cannot be known raw password cannot be known by Crypt encoder okay um something is happening here raw password it means our password is our entity is getting is empty right it's not getting values errors through exception request field your password cannot be logged with root cause okay um there's something happening here so [Music] okay we actually got this error because uh we actually got this error raw password cannot be known because our entity is empty all the attributes that are coming here is empty all this one's here all these ones are empty you see all these ones here are empty now why are they empty because we forgot to request the body of this of the registration request this one here we forgot to request the body okay so what we're just going to do here is to go back here at the controller registration controller and here we're going to request the body we forgot to do that so here we're just going to say at request body this one here so this is the problem here that is why we are getting um robots what cannot be done because because we are not getting the body of the of this we are we're not we are not getting the body of of this here so that is why the attributes were empty right we are empty so now this adaptation is what I've put to request the body of this um what is it here so now let's try to run it again and see if it works or not okay so um the application has started again and um everything seems to be okay so now let's go back to postman and see if we can actually post a user right now if we can create any user right now um before we do that um I just want us to check our database again the user um is empty and the verification token is all is empty right so now let's go let's go back to here so I'm just going to I'm just going just going to hit on this and see what we got okay cool everything works successfully right so here we see success please check your email for the com um oh sorry this is a wrong message check your email for to complete your registration oh no wrong we're going to complete this um we're going to correct this later right so so that we supposed to have check your email to complete check your email to complete your registration this one is not here right okay cool but and in whichever way we've seen that a user has been created successfully so let's go let's go here let's see the user cool so we have a user in our database called something different and we see that it is is not enabled yet right so let's check the verification token so here we got in a verification token for the user with ID number one and uh this is the expiration time and this is the verification token um right now we're going to go to the console to see what we actually have right there in the console right um so now if we go back to the console we are going to see that a link has been generated right let me Zoom it out zoom in right let me zoom in a little bit so we see that a link has been generated with the message we we we the message we customize right click the link to verify your registration so this is the message this is the the link will be sending we're going to embed um into the message we're going to send to the user right the user email um right now right now let's try to do something um this this this um what is it called this URL this link this verification link has been created right but right now we cannot verify because uh we have not implemented we have not implemented this um this endpoint here so since this endpoint has not been implemented there is no way the user can verify um their registration but right now let's just try to see um now that we have gotten a user in the database let's try to see what happens if we try to log in because now we see that the user has not been enabled right so which means it cannot log in here it's until the registration has been verified the email has been verified to be valid right um so what we're just going to do here is to we're just going to pretend to logging the user right so let's go to um let's go to the browser here and I'm going to have the HTTP um this okay here so I'm just going to do this and we're going to be redirected to login right so here I'm going to paste in the email because the email is the username of our of our user right and the password we created was uh let's check here okay cool now the password we created was one two three four five six right so now let's try to put it here and see what happens one two three four five six so let's go so here we see the message that the user is disabled right actually the user is disabled because if we go back to our database we see that the user has not been enabled so we can see Zero here right so which means for now the user cannot log into our system until the verification is completed until he clicked on this link from his email from their email um to verify their account that is only when they can um they can log into our system so the next thing we're going to do right now is to implement we're going to implement this endpoint we're going to create this endpoint inside the registration the register controller right here is asking us to log in because there's no end point like that right so now um let's go to um let's um shut down the server I'm going to show that the server so that we can start implementing this endpoint so that the user can actually click on this link to verify their registration okay so now I'm going to shut all this shutdown the server and now we're going to go to our registration controller this one here right so this is where we're going to so this is where we're going to implement that um that verification here this we're going to implement it so now I'm just going to copy where is it um is here is is in the listener right what is the event here is here in the listener so I'm just going to copy this so that I will be exact okay I'm just going to copy this copy and go back to the register controller and create this endpoint so now I'm just going to say string public string then I'm going to paste this verify email and this one here is going to take um the token right because there's an embedded circuit here this token here this this is the token right here so we're going to take this token right so now um I'm going to go back here to say string I'm going to close this down so have enough space string token and this one here is going to be a param right it's going to be request param so we're going to say at [Music] request that request param and this program is going to be the token token here and now I'm just going to do this as get because this one is going to be get mapping right let's just get mapping and um this one here is going to be here so this is going to be the end point right so it's going to be registered register slash verify your email that's what we have here register slash verify email plus this param which is the token here and that is the token we are passing here right now okay so um now the next thing we're going to do here is to we are going to create a method because this token here the application is going to validate this verification by checking the database for this token right it's going to check if this token exists in the database so which means we are going to create a method in our token repository called find by token right because this is the token that we're going to find in the database if it exists or not so this token we're going to use to validate the user because there are so many things tied to the Token if the token exists or not or if you talk it as expired or not right so that is those are things we're going to find now so for that we're going to get the verification um the verification token class we created last time verification token entity oh no not this verification token this one here right okay this one so this was just going to call token right I'm very fine verify token oh my gosh what am I doing very fine [Music] verify token right so I was just going to call this the token I just need a short name so it was token repository so for that we're going to have do we have verification repository here verification second opposition we're going to have the object here so we're going to inject it here so here we have private private [Music] um verification verification token repository so we're going to put this here and this is going to call token Repository here and we're going to we're going to Auto wired which is fine I'm going to make it finer as well so so that we can Auto wire right um so here we're just going to call token Repository dot find this is a new method that we're going to create a find by talking so this method is not already in existence in there so we're just going to say the token right so now we are going to create this method in there in our token Repository here so the method that we create here so this is called finder finder method right find by the attributes right so um now I've done this so we are going to we are going to check so we are going to validate if the user has already been if this account has already been verified so we are going to we are going to return a message to the to the user that if the account has not been verified they're going to proceed with the verification right so now let's check so now we're going to say if we're going to check the talk we're going to get the user from Bluetooth so if talking that get user if token the token this is not token so if the token the token dot dot get user but is enabled now if the user is already enabled it means the the account has been verified so there is no need of verification anymore so now we're just going to return a simple string message to the user to tell the user that this your account has already been verified okay let's just look at this [Music] this account has already been verified verified this account has already been verified then please log in please login please login so this is what we have here right now if this is not the case if the account has not been verified then we are going to proceed with the verification process so for that we're going to we're going to have string we're going to create a string we'll get to check for the result of the verification right um here there's another method we're going to create we're going to create a method because now if the user if the if the user has not been enabled it means the account has not been has not been verified right now if the account has not been verified then we are going to get the token we're going to after getting the token then we're going to validate the token if the token is valid or not right so which means we are going to create a method to validate the token right in the token um um in the in the user service right so now we're just going to say okay string verification verification verification result we're just going to call this on the result of the verification so if the result is if we get the if if we if we get this token we're going to check we're going to check for some conditions in this in this token okay so now I'm going to say verification result equals um user service userservice Dot so we're going to validate this token validate validate token now this this um this method has not is not already in existence so we're going to create this method right um so now we're going to we're going to pass the token here the token just validate the token right so um now we're going to verify again we're going to check the outcome of this we're going to check the outcome of this method but before we do this with our chair we're going to first of all create a method to validate the token before we come here to complete this method right so let's create this method in the user user user service right so here I'm going to go to user service where the user service here and we're going to implement this so let's implement this this method okay implement so that is the method we have here right sorry excuse me so this is the method we have here so now um let's actually check some things in this token right so now coming here we see that the user has not been verified right so if the user has not been verified then we are going to validate the token if that token is still valid or not so which means if the token has expired it means the token is not valid anymore but if the token has not expired it means is valid right so that those are the things we're going to check here right now um so to validate this token we're just going to call the user repository to actually find that token for us so okay validate right so now let's say um verification so we're going to have the verification token verification token token right here because I'm going to call the token repository talking Repository dot find by token so we're just gonna pass in the token here find this token right here and now what what do we have here um no this one this one is uh sorry I made a mistake this one is supposed to be string this one is is on his string yeah it's only string so um something must have happened here what happened okay no no what we are this one here is talking not the talking we are getting talking from here this talking here right so that is what we are getting from here so um what's what problem okay okay I'm going to go here what is it and change this to string so this one we're going to change to the string okay that's that was the issue so now let's go back here and the issue is gone so now um I haven't gotten the token so we're going to start we're going to start the process of validating this token so now if so we're going to check if the token is none or not right which means because the way we are configuring this one here if the token has expired it's going to be deleted from the database right so now as now when the user click on this this verification link um the token repository is going to check the database to find if that token is still there now if that token is there it's going to validate if the token has expired or not so if that token has expired it's going to delete the token so and after the daily token is going to come back with the user to say the token is invalid right it depends on the message we configured so now just for this I'm going to say if token if token not equal empty equal equal not if token is equal equal none then which means the token has been validated has been deleted so we're going to say return we're going to just return a string a string at a plain message to the user so I'm going to say invalid because the token is not fun so we're going to say invalid very verification token so here we're just going to return a message to the user like this invalid beneficial token now if the token is found now we're going to we're going to continue with the process of validating the token right now for that we're going to get the user from the token so here I'm going to say user [Music] user right equals um the token so we're going to get the token dot get user we're going to get the user from the token here right now after getting the user so we're going to call the instance of the calendar to check that to check the expiration time of that token right if it exists or not if if it's still valid or not right so now we're going to call the calendar object again calendar I'm going to record calendar equals calendar dot get instant so we're going to get the study instance of this calendar and now we're going to check the expression time so we're going to say if if verification if if if the token if they could not get verification time is so now we're going to compare the time of the token with the time we set as the expiration time right so that's what we're going to do here right now so you're going to say if token if Tycoon don't get expiration time this one here if gotten the expiration time right and don't get time don't get time right now if token.get expression I will get time minus so we're going to minus the time from the the current time of the calendar right minus calendar calendar dot get time dot get time dot get type now if this token if if the time is less advice if we check the time of the token and it finally terminal is fine so what we're going to do we're just going to call the repository to delete the token from the database so there's no need of keeping expired token in auditor base right so that is what we're going to do here right now so for that I'm going to call we're going to call um the the token Repository so how we tooken repository dot delete so we're just going to delete the token that deletes token right why are they talking here so we are deleting this token from the database right um now after deleting the token we're going to return a message so return a return token already expired so you see it's okay already expired token already expired so that is what we just gonna have here um what is happening here why are we having this bullying is and lung many words okay okay um this one is a verification token get a special time let's see yes get a spiritual time okay let me find out what happened okay we have we have some some issues here so we have to compare we need to compare this like um get time don't get time um here uh okay I think I'm going to get to wrap this here like this okay so here I'm going to say if this one is is lesser or equal zero lesser equals zero here so this one here we're going to this one we're going to do here now if if the token has expired it's going to delete from the database and return this message to the user now if the token has not expired then we are going to proceed for we're going to proceed to actually enable the user so for that we're just going to say user user dots dot set enabled true so that's what I'm going to pass it to true this one is true right sorry dot set we're going to set it dot sets the set enabled true here and after that we're going to save the user again so we're just going to call the user Repository user repository dot save dot save the user save it battery database okay so this is what we have here right so um now after that we're going to return a string called in string with which we're going to we're going to um we're going to proceed with the validation with the verification right so now um let's let's let's review what we just what we just did here so what we did here we tried to validate the token so the first thing we did here is to get the token from the repository from the database by using the token repository to find the token from the database now if this token is not found then we just okay this token is invalid it's not found in the database right and if this token is is found if this token is found that we're going to get the user from the token right that we're going to do here then after that we're going to call the calendar to check we're going to check the expiration time of that token so if that token has expired then we're going to delete this token from the database right and return this message but if that token has not expired then we are going to enable the user it means the user has verified their registration successfully so we are going to enable this user here right and then we are going to return this string here that is this is all about the validation so like I said the complete source code of this project is right there in my git repository so you can just follow the link below this video to download this project and read the code properly and try to study and try to understand it more okay so that you can just try to play around the code so you can understand it more right so now let's go back to our excuse me so let's go back to here to continue the verification of our of the of the uh sorry to continue the verification of the email right the user verification now this is where we stopped last time right um we said that if the user here so if the user has if the you if if the user has been enabled then it means the account has been verified then it should return this message but if the user has not been enabled then we are going to validate these tokens which is the method we just created right now so now we have validating this token now so now let's check what we have in this verification result so right now we're going to say if verification results if verification results not equal because we are returning a string from the result right from that method now if the string return is this if the string is evaluate which is the one we specify here what is it um here which is this valid here if this string is returned it means the validation has been successful right so if that is valid then what we do next then we are going to return a message to the user to tell the user that your the token your registration has been verified successfully so for that we're just going to return a string message right to the user so now we're just going to circle um email I'm going to make this uh proper sentence like email verified verify successfully success successfully okay it may verify successfully so now [Music] now you can then you can log in log in into your account now you can log into your account is that I can spell it correct it's correct so now you can log into account apps return invalid so we are telling the same string we told last time right in value there should be a way to do this so we don't repeat all this string everywhere but just because of the very because of the demo just this is just a demo purpose so I would just want to see how we can actually send email so but on for um production standard application they are the way we don't have to write messages everywhere like this so we should we should actually configure our message in a property file and just call them in here right that is standard way of doing things in the industry so now we have verification invalid very invalid verification token so this is all about validation this the verification here so now we are done with the token verification and we are about to to start our server again and actually verify what we've gotten so far right okay guys so now um I think this one is cool we are done with the implementation of the method right um so now um I'm going to run the server again I'm going to fire up our server and actually change our project so for that I'm just going to hit on the play button as usual okay so now we can see that our application has started successfully without any errors um so what we're going to do here we we're going we're going to go back to create a new user and and then after that we're going to try to validate or to verify the the email right so now I'm just going to go back to postman and um we have gotten a user in our database before let me check Maybe [Music] okay cool our database has been has been wiped off again um before we move on I'm just going to do something here before I forget I'm going to change this configuration so that I will always have a user in order database you know I put this on create this create means every time we run this project everything we have in our database is going to last it's going to be the table is going to be recreated which means we're going to lost every information we have there so but now I'm going to change this to updates so this update here is not going to recreate the table but rather it's going to update if there are any changes we made to the entity it's going to be updated in our database right so that is the purpose of this update here um now I'm going to go back to postman to actually see if we can create a user and actually verify the user um so now I'm just going to hit on this send again and see what we got Okay cool so here we have the return message called success please check your email for um to complete your registration now we made a mistake here we're going to correct this later so now let's swing over to secret workbench and I'm going to refresh so now we have we got a user here consumption and French and we see that the user has not been enabled right um so let's go to the verification token and see what we got so let's refresh so here we see that we've gotten a verification token actually saved to the database for this user here right um now what we're going to do here is to go back to IntelliJ um here we're going to actually copy the link that was generated for us so now we can see that a verification link has been has been um has been generated for us here right so what I'm just going to do here is to right click and copy we're going to copy this URL and we're going to go back to um we're going to go back to here I'm going to go to the browser let's go to the browser right so here I'm going to refresh refresh right so this one is showing invalid credentials because we have not valid we've not impute our credentials so before we value before we verify this email we're going to let's try to log in with the newly created user to see if the user can be logged in or not so after this now we're going over we're going to actually um verify our email so now I'm going to copy this here so the password is one two three four five six so let's log in so we see here user is disabled so now let's go back to intelligital account so I'm now I'm going to copy this URL and go back to the browser and I'm going to open another Tab and just paste this here so we are going to verify this user so let's hit enter um now something is happening here something is happening here we cannot verify this we cannot verify for some reasons um so let's check our configuration here I'm going to remove this okay okay so we have a mistake here in here the user the user registration here we're supposed to follow by anything it's also say anything here by putting stars right because this one here if we go back to uh um researcher controller here we have the register here but there is something here there is something here so there's something followed but or the only one we allowed is this here we didn't allow this right so that is why in here we just have to go back here and follow by double Styles so this one means register and any request that begins um with register should be allowed now this one here is the same thing so we're going to say any request from the user API followed by anything should be authenticated right um and the the user that are able to to access this API this endpoint uh the user that has the admin uh maybe admin or user row that can actually access these endpoints but this endpoint here is free for everyone to access right okay and for this we're going to restart our server before we can retest okay so let's let's just restart our server okay so uh the application has started again and um so this time around we're going to go back to postman and um now let's go back to postman so this one is still there and let's go back to our database if we still have the user there so here the user is still here and it's not up to 15 minutes right which means this token is a kind of valid so let's go back to our console and actually um but the problem we have uh maybe we still have it in the browser right um let's go back oh our token is lost we can't we cannot find it again is it here oh you stay here you stay here on my click path right so now um let's verify Okay cool so now we can see here the message here email verify successfully now you can log into your account so now that the email has been verified let's try to let's try to log in the user again so and this user here is let's go to database and copy or let's go to postman and just copy the image this is the email and this is the username here so I'm just going to right click and copy this and the password is one two three four five six right so now let's login here and one two three four five six so here um you don't have authorization for this okay now what we're going to do here we're going to say users because yeah this user actually has um the the user row right so now let's go to user and now we can see that we are able to actually fetch the user from the database right we have one user in our database right and we're able to fetch this user so now let's let's create another user in our database so this time I'm going to create a user code reader right and richer average and the image is going to be written here and the password is going to be the same and everything is going to be the same but she's going to be admin so return is going to be an admin admin user here and now let's hit on the send button and see what we got okay cool now a new user has been curated so let's refresh our database here now we got to the user and now one of this user has been enabled I forgot to show you right so now this user has been enabled here by showing one but this one here has not been enabled because because here you can see that is zero here it doesn't be enabled so now this user right now cannot be cannot be um cannot log into our system because the user is has not been enabled but this one here that has been enabled can be can log in right so now let's go back to our browser and see what happens if this one if um we can have like two users from our database let's refresh so now we got two users from our database right and now one of these user has been enabled here true but the second user here has not been enabled right this one enabled its false but this one here enabled what is it enabled is true here is true here so now this user here cannot log in because she has not been enabled so now let's try to let's try to see if we can actually log in this user by copying the email here so I'm going to I'm going to open a new I'm going to open a new um incognito window here so I'm going to say http http [Music] the user here so here we have we're asking the user to log in right so now we're going to paste here and the the password is one two three four five six here so let's login so you see that user is disabled because the account has not been verified right so now let's go back here to see to actually verify the user account so let's go back here I'm going to right click on this to actually verify the account so if I go here if I open here and just put this here and hit enter now the account has been verified so let's go back here and let's go back here and and log in the user one two three four five six so let's login and you see that his eye is able to log in right so which means we are able now we are able to create a user and actually the users has been able to verify their account their email right and after the email verification they are able to log in right Okay cool so now what we are going to do next the next thing we're going to do right I'm going to shut down the server so let's go back here to The Listener so now um what we are saying in the console is this log here this is the URL we are seeing here in the console so but right now we are going to set up our image server we're going to configure um the Gmail so that we can actually send the real email to our Gmail account so we can actually confirm by clicking our email right so that's what we're going to do next this email right so for that I'm going to go back to our Yama file and I'm just going to paste in some um some properties here here so here um this these are the things these are the ones we've gotten before right and from here downward uh the email that we have gotten before this one here right so this one here is my email and this is my password and this is the Gmail configuration here you can see here so make sure you get all these ones in your in your application file right so that we can actually send this um read email to the user so now I haven't got this you can just take a pause and write this but make sure you um this is my email you have to put your own email and your password right because you cannot use this is this is mine you have no access to this right okay um so now we are going to go back to the event listener and actually build we're going to build our email here so we're going to build our email message that we're going to send for the user here so for that I'm going to I'm going to create a method called um send verification email so the name of this method here is going to it's going to be like this um so we're going to say public void so the name of this the name of this method is going to say send very vacation send verification email here and this one here is going to take the URL the email URL so we just say string string u r l that's what we're going to send right [Music] um now we're going to declare a couple of variables here that we're going to we're going to be we're going to that will compose our message so here I'm going to have string [Music] string subjects [Music] string subject equals email verification that is the subject and we're going to have the sender so string [Music] sender sender name let's extend the name and this one is going to be um so this is going to be uh we can just put any name there so but I'm going to post registration I'm just going to say user I'm going to use it I'm going to just put the name of our application right but you can put any name you can put your name you can put any company name you can put your company name you can put your website name right so but now I'm going to put the name of the application we are creating right now so I'm going to say user registration user registration Porter user registration portal surface so this is going to be the sender name right and now we're going to have the the content of the email so here we have string contents contents so this one here we're going to have um so we're going to form some we're going to form some um some HTML here but I have to save our time this video is getting too long I've already prepared this down before so I'm just going to copy this and uh I'm just going to paste in this here because I've already prepared this before right so I'm just going to paste in here so we can actually continue from there right here this one here I'm going to have Java May sender now if you take note we are actually doing this um there's a mistake I made a mistake here we cannot find these ones right now because we have not added the dependency here right but meanwhile before then I'm going to I'm going to we're going to inject the Java mail center here right so here we have um here I'm going to say private private um and it's going to be finer because we're going to Auto wire Java [Music] Java me we don't we don't have it here so now we're going to go back to uh pump file to add the dependency here so we're going to add the dependency to send the email so we're going to use spring Boots Spring Image Center so spring image sender is actually it's built on is is built to simplify the Java May sender so it makes it makes sending of email easier right so here we have the dependency [Music] and this one we're just going to say um let's put me if you come out um it doesn't it didn't come out so let's say spring that's a spring [Music] spring boots starter starter meal let's say me we don't okay we have it here and [Music] okay we have it here so now this is the dependency we just need to send the email so this one here is actually built on Java image sender right Java main sender right so now I'm going to reload our dependency and let's go back here and now we should be able to see this if it has finished reloading so we have Java May um it's not showing yet so let's go again so half Java [Music] it's not it's not showing yet what happened um um this actually [Music] Miss Cinder right supposed to be let's see what happened okay import class so what happened okay so he's here ready and now we are going to just do the Imports we are going to do all these Imports and this one here we're going to call this May sender right Messina okay so um this dependency you see the dependence we added so this is the dependency that actually enabled enables us to send email this one here spring Spring May right so now let's finish up with this so um this one here let's import the class and so um something is missing here okay this one here is okay this user here so you know what happens I'm going to take this I'm going to take up this user so I'm going to take this user off right so I'm going to take it up here so I just will say private private user on here so this one so what happened here okay we're going to add exception right okay um so to save our time that is why I just copy this because I have already done it before so I just um copy and paste it here I've tested it for some time to go so okay so now um let's go through what we have just done here so here we have we've created in my message so after we have formed a message here we've composed a message here that we're going to send for the user so right here we are sending in my message and creating we're creating the message my message and here we actually said we said the message here and we set the form so from where I was sending this image so we are sending the email from this email here to the email that the user has impute right so that's what we're doing here and here's the subject of the email that we've declared here and this is the content which is this one here we have declared here the content so this is simple HTML I just formed here you know it's very easy just normal HTML we're all writing right so um now we're going to actually we're going to start our email right but before then remember this one is supposed to be a component right and now let's call this method in here so instead of logging this here we are going to actually send the email here so let's called send send verification email here and we are going to pass in the URL which is the URL here so here [Music] um okay um let's just make this one collapse it okay so this one is okay there's no point of catching too much of things here so now um we are actually sending so instead of vlogging this one here so we are actually sending this image right so now let's um um let's start our project let's start our server and see um let's see what actually if we can actually send email to the user or not okay so I'm just going to hit on the play button and start our application again okay so we see that our application has started again um without any errors right so what we're going to do right now is to is to head over to postman and uh and see what happened with this how we save oh I made a mistake here I'd rather remove this yeah so this one okay so we actually gets I'm sorry guys I made a mistake so I'm just going to restart again so now we see that our application has started without any errors right um so what we're just going to do here is to Let's head over to postman to see if we can actually create and send email to any user so here I'm going to create um this email here I'm just going to create Samsung so this one's going to be something and it's going to be our friend right Alfred um this is something affects right and this email here so this time around I'm going to put a re email we're going to put a real image that we can confirm right not make not um fake email anymore so I'm going to put my read email so I can check for my email so here I'm going to says in here I'm using some this let me check let me check my email let me check this email address [Music] um here okay this is the image afraid is the image so that is the email I'm using right now so some Alfred here is area.com so now let's hit on this registered button if we got it or not it's taking it's taking much time oh wow so now we have success please check your email for please check your email to complete your registration this one is this message is wrong okay um so now um let's actually go back to our database and see if we have a new user there yeah so have something afraid with unverified email right unverified illustration so now um as usual as usual let's go here let's copy this email and let's go to the browser let's go to the browser and say http [Music] HTTP user so let's see if we can so now we are asked to login so let's put this guy in and put the password one two three four five six and let's see what happens so the user is disabled right so now let's open our email and see if we start you see so here we actually receive an email here so now we receive an email verification user registration portal service right so that is what we that is what we we said here um here user registration portal service that is the the sender name we specify and the subject here is email verification so that is what we have here email verification and the sender is um Let me let me zoom in let me zoom in in a little bit so we can actually see oh oh there's too much okay so now we with this this is the email right so we have um the verification this the verification email verification and user registration portal service right and this is the email right daily code work one minute ago it was sent one minute ago right um past 10 almost 11 in my country here and so right now we have [Music] um we have this here these are the things we said here and we are having this one here High plus the name of the user um here where I'm seeing something here I'm saying Samsung is that what we put here oh it's that is it's a mistake so Samsung that is the mistake we have here and that is what we have in the database as well right over here so which means with you can see that we've gotten our will received the email so hi Samsung thank thank you for restarting with us please follow the link below to complete your registration here thank you and gives us registration portal service so this is the message we defined here right thank you yeah and please follow the link below to complete registration so this is the message you sent so now we are going to verify the image so let's click on this to actually verify our registration right so I click on it and wow so now we see that email verified successfully now you can log into your account so now let's go back to this page and actually uh try to log in if we can so this is the image here and one two three four five six so let's log in and see whoa so now we can see that we are able to verify our image so we are able to actually register email um register a new user in our database and we are able to send email to the user right we send the email to the user and the user is able to verify his account right and after the account verification the user was actually enabled here you see that this has been enabled and the user also was able to to log in and access the endpoint that was secured okay cool right I'm so happy about this and um so um so this is um this all we have for this demo this video is very long right it's very long because a lot of things to do here so it's very very long uh but you know what um the link of this code the link of this project is under this video I dropped the link there for free so you can just follow the link and download the project from my git repository for free so you can actually go through all the packages one after the other you go through the classes one after the other and all the configuration you go through one after the other to actually go through the code and understand how it works if you have any message if you have any question any doubt any comment you can drop don't forget to drop it below in the comment section and um thank you so much for coming and that this this brings us to the end of our today's demo I hope you enjoyed this demo right Edo is is a little bit slow and the video is very long but um um it's good we understand what we are doing here actually right okay guys this brings us to the end of today's demo and thank you for coming and please and please don't forget to subscribe to my channel and please don't forget to thumbs up okay um please support me by subscribing to my channel and by liking my videos and also by sharing my video with your friends by recommending my channels my channel to your friends okay um that is the that is one way you can help me grow my channel and one way you can help me and you can encourage me to actually do more thank you so much thank you so much please don't forget to subscribe and please like my video subscribe to my channel and if you have any comments please drop below there so we can solve it together thank you so much and see you again in our subsequent video there are a lot of videos coming up there are a lot of things like this we are going to be doing together here from time to time in this video and also there are some there there's a video there's some videos on this channel on my channel here that actually talks about Spring Security um um basic authentication and JWT authentication with Spring Security with spring boot 3 on this video so all these links are there below this video so you can just follow this link and watch those videos thank you so much for coming and see you again in our next video thank you and goodbye foreign
Info
Channel: Daily Code Work
Views: 35,194
Rating: undefined out of 5
Keywords: how to learn to code, how to learn java, how to learn java step by step, how to become a programmer, how to become a good programmer, how to, spring security, spring framework, java, hibernate tutorial, spring boot 3 email verification, user registration and login with email verification, how to learn to code for beginners, how to learn programming, learn to code, email verification in spring boot, spring boot microservices, software engineer
Id: 7bIx4B5XhIA
Channel Id: undefined
Length: 164min 59sec (9899 seconds)
Published: Wed Mar 29 2023
Related Videos
The Quick Fix: Re-Sending Expired Verification Token in Spring Security
Daily Code Work
3K
How to Logout from Spring Security - JWT
Bouali Ali
35K
Spring boot 3 & Spring security 6 - Roles and Permissions Based Authorization Explained!
Bouali Ali
52K
Spring Security 6 | How to Create a Login System with Spring Data JPA and JWTs [NEW 2023]
Unknown Koder
66K
JWT with Spring boot Authentication & Authorization | Spring Security full demo in Spring Boot 3 #1
Tech Soft
11K
Easy JWT Authentication & Authorization with Spring Security | Step-by-Step Guide
Learn With Iftekhar
22K
OAuth2 Login Made Easy in Java: A Spring Boot & Spring Security Walkthrough
Dan Vega
94K
MASTER JWT Authentication with Java Spring Boot 3
Wazoo Web Bytes
11K
Spring Boot 3 + Spring Security 6 - JWT Authentication and Authorisation [NEW] [2023]
Amigoscode
656K
Simplify User Role Management with Spring Boot and Spring Security | User Role Management |
Daily Code Work
2.8K
Spring Boot 3 Security Tutorial | Authentication and Authorization | [2024]
Genuine Coder
5.1K
Spring Security JPA Authentication in Spring Boot
Dan Vega
37K
Spring Security Architecture Explained
Amigoscode
88K
How to Easily Secure Your Fullstack ReactJS - Spring Boot Application With the JWT Authentication
The Dev World - by Sergio Lema
45K
Spring boot 3.0 - Secure your API with JWT Token [2023]
Bouali Ali
124K
Spring Security JWT: How to secure your Spring Boot REST APIs with JSON Web Tokens
Dan Vega
106K
Spring Boot 3.0 + Spring Security 6 | JWT Authentication & Authorization | JavaTechie
Java Techie
134K
Spring Boot 3.0 Security | Authentication and Authorization | [New Changes] | javaTechie
Java Techie
182K
SpringBoot REST API CRUD Operations using Spring Data JPA | Postman | MySql #springboottutorial
SJ Programming Solutions
24K
How to Generate QR Code in Spring Boot 3 | Spring Boot 3 | Java | Spring Boot 3
Daily Code Work
5.8K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.