Through this Spring Boot tutorial, I’d love to guide you to develop a Java web application from scratch with the essential features: user registration, login, logout and view users list – with user information stored in MySQL database. You will go through the process of coding a Spring Boot project using the following technologies:

• Spring Web MVC for the web layer
• Spring Data JPA with Hibernate framework or the data access layer
• Spring Security for authentication, login and logout
• Thymeleaf as template engine
• HTML 5 and Bootstrap 4 for responsive user interface
• JUnit 5 and AssertJ for unit testing
• MySQL database

And to follow this tutorial, make sure that you have these software programs installed on your computer:

• Java Development Kit (JDK)
• Spring Tool Suite IDE (STS)
• MySQL Community server and MySQL Workbench

You can use the latest versions of these software programs.

 

1. Create Spring Boot Project and Configure Dependencies

In Spring Tool Suite, create a new Spring Starter project with type Maven and language Java. And choose these dependencies: Spring Web, Thymeleaf, Spring Data JPA, MySQL Driver, Spring Security and Spring Boot DevTools – so the XML code for these dependencies in the pom.xml file is as follows:

Spring Boot DevTools is optional but I recommend it, for using the Spring Boot automatic reload feature to save development time. You can also notice the IDE includes the dependency for JUnit automatically:

Spring Boot uses JUnit 5 (JUnit Jupiter) by default, and the exclusion means that no support for older versions of JUnit.

 

2. Create Database and Configure Data Source

Use MySQL Workbench or MySQL Command Line Client program to create a new database named codejavadb(you can choose any name you want):

Then open the Spring Boot configuration file application.properties under /src/main/resources directory. Enter the following properties for configuring a data source that will be used by Spring Data JPA:

Note that we set the spring.jpa.hibernate.ddl-auto to create in order to let Hibernate create the tables when we run a unit test in the next section. Other properties are self-explanatory.

 

3. Code Entity Class and Repository Interface

Next, create a new Java class named User to map with the corresponding users table (not yet created) in the database, with the following code:

As you can see, the user information consists of ID, email, password, first name and last name. Here I use common annotations from JPA. The setters and getters are now shown for brevity, so be sure you generate those methods as well.

Next, create a new interface named UserRepository to act as a Spring Data JPA repository with the following simple code:

This interface is a subtype of JpaRepository which defines common persistence operations (including CRUD) and the implementation will be generated at runtime by Spring Data JPA.

To understand Spring Data JPA from scratch, I recommend you to read this tutorial.

 

4. Code and Run Unit Test

Next, code a test class named UserRepositoryTests under src/test/java directory with the following skeleton code:

This is a basic test class for testing Spring Data JPA repositories. It is configured to work with the actual database (@AutoConfigureTestDatabase(replace = Replace.NONE)) and commit the changes (@Rollback(false)). TestEntityManager is a wrapper of JPA’s EntityManager so we can use it in test class like a standard EntityManager.

And write the first test method that persists a User object into the database as follows:

Here, you can see I use AssertJ’s method assertThat() as the assertion statement. It is more readable and more fluent than using traditional JUnit’s assertion methods.

Run this test method (right click on the method name in the code editor, then select Run As > JUnit Test), you will see it prints the following SQL statements in the console output:

That means Hibernate actually created the table users and insert a new row into it (you don’t have to create the table manually, right?).

And Spring Data JPA prints the following statement:

That means the data was stored in the database permanently (as opposed to the default behavior of Spring Data JPA Test is rollback the transaction after each test).

You can use MySQL Workbench to verify that the table and data were really created. And update this property in the application.properties file:

This is to tell Hibernate won’t recreate the table in the next run of the application. Also notice that the user’s password is stored in plain text (for testing purpose). Later you will learn how to encode it.

 

5. Code Controller class and Home Page

Next, let’s create a Spring MVC controller class named AppController, with the first handler method to show the home page, as follows:

Under /src/main/resources/templates directory, create a new HTML file named index.html with the following code:

As you can see, in this webpage we use Bootstrap and JQuery from Webjars, so you must add the following dependencies for the project:

You can also notice Thymeleaf is used to generate the URLs properly.

Now, you can run this Spring Boot Project (using Boot Dashboard of Spring Tool Suite), and access the web application at this URL http://localhost:8080, you should see the homepage appears as shown below:

You see, the home page shows 3 links List of Users, Register and Login. You will learn how to implement each function in the next few minutes.

 

6. Implement User Registration feature

Add a new handler method in the controller class to show the user registration form (sign up), with the following code:

This handler method will be executed when a user clicks the Register hyperlink in the homepage.

And write code for the user registration page as follows (create signup_form.html file):

Click Register link in the homepage, you should see the registration page appears like this:

It looks very nice, isn’t it? Thanks to Bootstrap and HTML 5. You can also notice with HTML 5, the browser provides validation for input fields so you don’t have to use Javascript for that.

Next, code a handler method in the controller class to process registration with the following code:

As you can see, here we use BCryptPasswordEncoder to encode the user’s password so the password itself it not stored in database (for better security) – only the hash value of the password is stored.

After a User object is persisted into the database, it returns a logical view name register_success, so we need to create the corresponding HTML page with the following code:

This page simply displays the successful message after a user has registered, as shown below:

Now you can test the user registration feature and verify result in the database (note that the password should be encoded).

 

7. Code Custom UserDetails and UserDetailsService Classes

Next, in order to implement authentication (login) feature, we need to create a class of subtype UserDetails (defined by Spring Security) to represent an authentication user, with the following code:

Spring Security will invoke methods in this class during the authentication process.

And next, to tell Spring Security how to look up the user information, we need to code a class that implements the UserDetailsService interface, as shown below:

As you can see, Spring Security will invoke the loadUserByUsername() method to authenticate the user, and if successful, a new object of type CustomUserDetails object is created to represent the authenticated user.

Also remember to update the UserRepository interface for adding this method:

Suppose that the email column is unique in the users table, so we define the findByEmail() method that returns a single User object based on email (no two users having the same email).

 

8. Configure Spring Security for Authentication (Login)

Next, create a new Java class for configuring Spring Security with the following code:

Here in the configure() method, a user must login to see the list users page (URL /users) and other pages do not require authentication. We also configure the default login page (generated by Spring Security) with the parameter name of the username field is email and the default success URL is /users – that means after successful login, the user will be redirected to the list users page.

Now you can test the login function. Go to the homepage and click Login link, you should see the default login page appears as follows:

Enter the username (email) and password of the user you have registered previously and click Sign in. You should see an error page because the list users page has not been implemented.

 

9. Code List Users Page and Logout

Next, we’re going to implement the list users and logout features. Update the controller class to have the following handler method:

Here, you can see we call the findAll() method on the UserRepository but we didn’t write that method. It is defined by the Spring Data JPA’s JpaRepository interface.

And create the users.html file with the following code:

This page consists of two parts: the first part shows the user’s full name with Logout button; and the second one lists all users in the database. It should look something like this:

Let test adding more users and you will the list will contain more items. Click the Sign Out button, the application will log the user out and show the homepage.

That’s the complete tutorial for implementing user registration and login features in a Spring Boot application with Spring Data JPA, Spring Security, MySQL database, Thymeleaf, Bootstrap and HTML 5. I hope you find this tutorial as good reference for your development need.

What’s next? You may find this tutorial helpful: Spring Boot Email Verification for User Registration Tutorial

The see to coding in action, I recommend you to watch the following video:

You can also download the sample project in the Attachments section below, or clone the sample project from GitHub via this repository link.

 

Related Spring Security Tutorials:

• Spring Security Remember Me (Remember Login) Examples
• Spring Security Role-based Authorization Tutorial
• Spring Security Customize Login and Logout
• How to Get Logged-in User’s Details with Spring Security
• Spring Security: Prevent User from Going Back to Login Page if Already logged in

 

Other Spring Boot Tutorials:

• How to create a Spring Boot Web Application (Spring MVC with JSP/ThymeLeaf)
• Spring Boot CRUD Example with Spring MVC – Spring Data JPA – ThymeLeaf – Hibernate – MySQL
• Spring Boot Hello World RESTful Web Services Tutorial
• Spring Boot Thymeleaf Form Handling Tutorial
• Spring Data JPA Paging and Sorting Examples
• Spring Boot Error Handling Guide
• Spring Boot Logging Basics