Hey there! If you ever want to provide passwordless authentication to your users, sending them a one-time sign-in link can be a good option. In this tutorial, we will use Spring Security and Spring Boot to build a simple application to send users magic sign-in links. We focus on making the links cryptographically secure so they cannot be guessed.
⚡ Danger Zone
This code disables some sensitive defaults in Spring Security. Don't just blindly copy the code as is! Make sure you know what you are doing and understand the implications. Also, if you spot any mistakes or you see me saying the wrong things, call me out for it in the comments!
⛩️ Navigation
00:00 - Intro
00:25 - Let's Code
01:17 - Dependencies
01:50 - Database Schema
04:37 - Security Configuration
06:57 - Magic Link Rest Controller
09:31 - Security Filter Chain
10:44 - Cryptographically Secure Tokens
18:40 - Authenticate Users
23:16 - Expire Tokens
🍃 Code & Resources
Grab the code for this tutorial here axgr.dev/posts/spring-magic-l...
🙌 Get in Touch
Join my newsletter and say hi here axgr.dev/newsletter/?...
🎙 Gear & Links
Mechanical Keyboard: x.axgr.dev/keyboard
Studio Camera: x.axgr.dev/studio-camera
Studio Lens: x.axgr.dev/studio-lens
Studio Mic: x.axgr.dev/studio-mic
Vlog Camera: x.axgr.dev/vlog-camera
Vlog Lens: x.axgr.dev/vlog-lens
All my affiliate links axgr.dev/deals/?...
I may earn a small commission for purchases made through the links above at no additional cost to you.
🎶 Music
Background music by / @kainbeats
🍿 Subscribe
Want to see more tech tutorials? Subscribe now!