= JWT Login Sample

This sample demonstrates how to accept JWTs without using a separate authorization server.

This approach is useful in REST APIs when a user would like to locally authenticate with a username and password and then use a JWT thereafter.

[[usage]]
To use the application, first run it:

```bash
./gradlew :servlet:spring-boot:java:jwt:login:bootRun
```

If you `POST` to the `/token` endpoint with the user `user/password`:

```bash
curl -XPOST user:password@localhost:8080/token
```

Then the application responds with something similar to the following:

```bash
eyJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJzZWxmIiwic3ViIjoidXNlciIsImV4cCI6MTYwNDA0MzA1MSwiaWF0IjoxNjA0MDA3MDUxfQ.yDF_JgSwl5sk21CF7AE1AYbYzRd5YYqe3MIgSWpgN0t2UqsjaaEDhmmICKizt-_0iZy8nkEpNnvgqv5bOHDhs7AXlYS1pg8dgPKuyfkhyVIKa3DhuGyb7tFjwJxHpr128BXf1Dbq-p7Njy46tbKsZhP5zGTjdXlqlAhR4Bl5Fxaxr7D0gdTVBVTlUp9DCy6l-pTBpsvHxShkjXJ0GHVpIZdB-c2e_K9PfTW5MDPcHekG9djnWPSEy-fRvKzTsyVFhdy-X3NXQWWkjFv9bNarV-bhxMlzqhujuaeXJGEqUZlkhBxTsqFr1N7XVcmhs3ECdjEyun2fUSge4BoC7budsQ
```

So, next, request the token and export it:

```bash
export TOKEN=`curl -XPOST user:password@localhost:8080/token`
```

Finally, request `/`, including the bearer token for authentication:

```bash
curl -H "Authorization: Bearer $TOKEN" localhost:8080 && echo
```

You should see a response like:

```bash
Hello, user!
```