This repository demonstrates the implementation of authentication, authorization, and role-based permissions using Spring Boot. The project includes the following key features:
-
Token-Based Authentication: Generates a token upon user registration. The user must be authenticated using this token in the header for subsequent requests.
-
Role-Based Access Control:
- RA (Read-Only Access): Users with the RA role can only read data.
- TA (Full Access): Users with the TA role can read, create, update, and delete data. Additionally, changes made by TA users are logged with timestamps, indicating who made the changes and to whom.
-
Database: PostgreSQL is used as the database to store user information and logs.
Database tables:
-
Testing: Postman is used for testing the API endpoints.
-
User Registration:
- Endpoint: '/api/v1/auth/register'
- Registers a new user and generates a token.
-
User Authentication:
- Endpoint: '/api/v1/auth/authenticate'
- Authenticates the user and returns a token.
-
Role-Based Actions:
- RA Role: Can only read data.
- TA Role: Can perform CRUD operations. Changes are logged with timestamps and user details.
This project showcases a basic implementation of security and role management using Spring Boot.