Angular 6 UI with Java REST application as Backend

Question

We have a REST application which uses BASIC authentication and users for our application are configured in tomcat-users.xml. We wanted to develop Angular web UI which make use of REST application as backend. How can we implement login and logout mechanism for angular UI As REST is stateless how can we achieve this?

As part of my analysis I have explored JWT authentication mechanism with which we cannot achieve proper Logout mechanism apart of removing the token from client.

Could someone share some ideas to workout this integration to implement proper Login and Logout mechanism.

I think in JWT authentification you can set an expiration date to the token in order to force the user to logout — Mehdi Bahra, Dec 02 '18 at 11:46
I recommend that you read this: https://stackoverflow.com/a/41650550/1235935 — Saptarshi Basu, Dec 02 '18 at 16:45

score 0 · Answer 1 · answered Dec 02 '18 at 16:36

Using io.jsonwebtoken:

Strin token = Jwts.builder().setSubject(username).claim(template.typeKey(), template.type())
    .setExpiration(new Date(validity)).signWith(SignatureAlgorithm.HS512, template.secret()).compact();

TokenTemplate interface:

public interface TokenTemplate {

    byte[] secret();

    long validity();

    String typeKey();

    String type();
}

I then have both authentication and normal token. Authentication token have a lot shorter duration that refresh token, and refresh token can be used to attain new authentication tokens. Works very well:)

Thanks for your input!! I have a question related to token expiry when the user is active and using the angular application.Could you please share how to handle the use case. — Rocks, Dec 04 '18 at 04:24

Angular 6 UI with Java REST application as Backend

1 Answers1