I have a desktop java application, a MySQL database and a spring boot server. Users log in through the desktop application and verifies the user through the database separate from the server.

But after it verifies the user I want it to log the user into the server, and be able to log out the user when they log out of the program.

I have connected the application to the server and able to send GET and POST requests. I have looked around the internet and stack overflow however I can't see any answer or resources that can help. The only sort of solution I saw was using a repository to store logged in users and to remove them when they log out.

How would I log users into the server and log them out?

CodePudding user response：

You could go with a token based log in mechanism, But since you are using a desktop app, you would need to check the security of tokens. Steps would involve:

1. User enter u/p and desktop app sends a login request to get a JWT token.
2. Send this token via an interceptor in HTTP headers so you would validate the user in SpringBoot service app.
3. When user logs out, keep the token if it is not expired, so if the user logs in back use the token again (keeping tokens would be a security risk so research more on that!). If not ask u/p and do the step 1->3 again