#JWT
2 posts
-
Implementing FCFS with Tokens: From Entry Tickets to Bot Prevention
Implements a first-come-first-served system that issues entry tokens upfront — only token holders can purchase. Covers JWT-based token design, TTL expiration strategy, and multi-layered bot prevention with Rate Limiting + CAPTCHA.
-
Spring Boot Pre-Interview Guide Part 5: Security & Authentication — Spring Boot 4 · Kotlin 2.3 · Spring Security 7, JWT (oauth2-resource-server), BCrypt vs Argon2, RBAC
On Spring Boot 4 with Kotlin 2.3, how to implement standard JWT authentication using Spring Security 7 and spring-boot-starter-oauth2-resource-server — JwtDecoder/JwtEncoder bean pair for verify and issue, JwtAuthenticationConverter mapping the role claim to ROLE_ authorities, @AuthenticationPrincipal Jwt for extracting the current user in controllers, picking between BCrypt and Argon2, @PreAuthorize plus service-layer resource ownership checks, and the common CORS traps — written from an evaluator's perspective on the security pieces of pre-interview assignments.