Spring Boot User Registration Blueprint

This repository contains a Spring Boot based blueprint project with user registration and authentication workflow via email.

Table of contents

1. Project Setup

2. Features

   2.1 Login

   2.2 Registration

   2.3 Reset password

   2.4 Backend

3. Next features

1 Project Setup

To setup the project please apply the following steps:

• Clone the project via git clone https://github.com/Waginator/SpringBootUserRegistrationBlueprint.git
• Define the data source connection details in file application.properties. Define at least the following properties for mysql connection:
  • spring.datasource.username
  • spring.datasource.password
  • spring.datasource.url
• Define the email server connection details in file application.properties. Define at least the following properties for the connection:
  • spring.mail.host
  • spring.mail.username
  • spring.mail.password
  • mail.from.email
• Define the token secret property token-secret also in file application.properties.
• Execute the main class SpringBootUserRegistrationBlueprintApplication
• Go to your web browser and visit http://localhost:8080
• The welcome page looks like the following:

2 Features

2.1 Login

You can log in via the URL http://localhost:8080/login. The login form looks like this:

There are two example users with the following credentials:

Email	Password
john.doe@example.com	john.doe
maria.thompson@example.com	maria.thompson

2.2 Registration

You can register via the URL http://localhost:8080/register. The register form looks like this:

The register form provides full server-side validation. The validation deals with the following possible incorrect input values:

• empty values (also handle blanks and null values)
• password strength (at least 8 characters)
• email syntax
• emil already registered
• Password must match Verify password

The validation messages are displayed as follows:

After submitting the registration form you will receive an email asking you to confirm your registration:

The confirmation workflow handles the following possible issues:

• token is expired
• token was not found (already confirmed or invalid token)

2.3 Reset password

You can reset your password via the URL http://localhost:8080/reset-password. The reset password form looks like this:

After entering a valid and registered email address you will receive an email with a link to re-enter your password:

The reset password workflow handles the following possible issues:

• token is expired
• token was not found (already used or invalid token)

If you click on the link in your email you get the possibility to assign a new password:

2.4 Backend

After logging in, you will be taken to a simple admin area that displays all created users. You can also log out using the link in the upper right corner.

3 Next Features

The upcoming features are:

• A small frontend demo with better integration of the registration and login workflow
• Distinction between frontend and backend users (user roles)
• Create backend and frontend users via admin area
• Remember me functionality
• See date and time of the last sucessful login
• Logging of all failed login attempts for an account
• Logon delay or complete deactivation of an account if too many failed logon attempts are made
• Immediate logout of a user if his or her account is deactivated but the session is still active
• Configuration of a password policy