Jwt token gets invalidated on each restart of spring boot application

Question

I have a spring boot application which generates a jwt token on successful login. and the token is returned to the user, but on each restart of the application the token is invalidated. I have a secret key stored on the properties file for now to test. here is my code to generate it,

public String createToken(String username, String role) {

    Claims claims = Jwts.claims().setSubject(username);
    claims.put("auth", role);
    claims.put("test", "test");

    Date now = new Date();
    Date validity = new Date(now.getTime() + validityInMilliseconds);

    return Jwts.builder()// 
            .setClaims(claims)//
            .setIssuedAt(now)//
            .setExpiration(validity)//
            .signWith(SignatureAlgorithm.HS256, secretKey)//
            .compact(); 
}

I would like to have the token validated even though the application is restarted. Any suggestions on what I could be doing wrong is appreciated.

My Config class

public class JwtTokenFilterConfigurer extends SecurityConfigurerAdapter<DefaultSecurityFilterChain, HttpSecurity> {

    private JwtTokenProvider jwtTokenProvider;

    public JwtTokenFilterConfigurer(JwtTokenProvider jwtTokenProvider) {
        this.jwtTokenProvider = jwtTokenProvider;
    }

    @Override
    public void configure(HttpSecurity http) throws Exception {
        JwtTokenFilter customFilter = new JwtTokenFilter(jwtTokenProvider);
        http.addFilterBefore(customFilter, UsernamePasswordAuthenticationFilter.class);
    }

}

security.jwt.token.secret-key=secret-key that's in application.properties file — Shashank, Jan 11 '19 at 08:31

Jwt token gets invalidated on each restart of spring boot application

0 Answers0