Part 1: Setup & Planning

Abhijeet SinghAbhijeet Singh
2 min read

Introduction:

This blog will document the entire journey of building a Blog Platform with User Authentication using Spring Boot and Spring Security.

It’s my first project using Spring Security and my second overall Spring Boot project. The goal is to gain hands-on experience in creating real-world, logically structured APIs that go beyond simple CRUD.

Tech Stack:

  • Language & Frameworks:

    • Java(17+)

    • Spring Boot (Rapid development)

    • Spring Web (create RESTful APIs)

    • Spring Data JPA (interact with the Databases)

  • Security & Authentication:

    • Spring Security (to secure endpoints)

    • JWT (JSON Web Tokens)

    • BCrypt (Password Hashing)

  • Database

    • PostgreSQL (Primary DB for Production/dev)

    • H2 Database (in-memory database for testing)

  • Tools and Libraries

    • Lombok (reduces boilerplate code)

    • ModelMapper or MapStruct (for Mappinng DTOs)

    • Postman (for API testing)

    • Git + Github (for version control)

Project Goals

The goal of this project is to build a secure, user-centric blog platform using Spring Boot and Spring Security. The app will provide essential features for creating, reading, updating, and deleting blog posts, along with secure user authentication.

Core Features

  • User Registration & Login
    → Secure authentication using Spring Security and JWT

  • Authenticated Blog Post Management
    → Users can create, update, and delete only their own blog posts

  • Public Post Viewing
    → Anyone (including unauthenticated users) can view published posts

  • Clean API Design using DTOs
    → Responses are wrapped, consistent, and secure

Security Features

  • JWT-based stateless authentication

  • Password hashing using BCrypt

  • Access control:
    → Only logged-in users can manage their posts
    → Unauthorized access is blocked at the controller level

Development Practices

  • PostgreSQL for development

  • H2 for testing

  • Modular structure with clear layers:
    Controller → Service → Repository → Entity → DTO

Extras & Project Setup

Folder Structure Preview

Here’s a quick look at the initial folder structure generated using Spring Initializr, after organizing into common layers:

src/
 └── main/
     ├── java/
     │    └── com.example.blog/
     │         ├── controller/
     │         ├── service/
     │         ├── repository/
     │         ├── entity/
     │         ├── dto/
     │         └── config/
     └── resources/
          └── application.properties

Spring Initializr Config

Here’s the setup I used on https://start.spring.io:

  • Project: Maven

  • Language: Java

  • Spring Boot: 3.x

  • Dependencies:

    • Spring Web

    • Spring Security

    • Spring Data JPA

    • PostgreSQL Driver

    • Lombok

    • H2 Database (for testing)

GitHub Repository

I’ll be pushing all code updates here:
https://github.com/abhijeet4725/blog-platform-springboot

0
Subscribe to my newsletter

Read articles from Abhijeet Singh directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Web DevelopmentbackendAPIsJavaSpringSpringbootSpring Data JpaSecurityJWTPostgreSQL

Written by

Abhijeet Singh
Abhijeet Singh

I'm learning backend development with Java and Spring Boot. I build small projects and write blogs to share what I learn. I’m interested in Full Stack development and want to explore DevOps in the future.