1. Spring Boot 2.1.x
2. Spring Security 5 (remember me)
3. Spring Data JPA
4. Spring Logging
5. Spring Bean Validation (JSR-303)
6. Spring Global Exception Handler
7. Thymeleaf
8. jQuery/Bootstrap 4.3/FontAwesome/webjars
9. Tomcat 9
10. H2 In-Memory Database

git clone https://github.com/uniquejava/FSD.git
cd FSD/lab06/course-app
mvn spring-boot:run -Dspring.profiles.active=dev

1. Open in browser: http://localhost:8080/course-app/
2. Built-in users: admin/admin and tomcat/tomcat.

Official reference doc

Spring Security Guides

checkbox: remember-me

https://docs.spring.io/spring-security/site/docs/5.1.6.RELEASE/reference/htmlsingle/#remember-me

娓娓道来 REST Security with JWT using Java and Spring Security

https://grokonez.com/spring-framework/spring-security/spring-boot-spring-security-jwt-authentication-architecture-tutorial

When should you use CSRF protection? Our recommendation is to use CSRF protection for any request that could be processed by a browser by normal users. If you are only creating a service that is used by non-browser clients, you will likely want to disable CSRF protection.

https://docs.spring.io/spring-security/site/docs/5.1.6.RELEASE/reference/htmlsingle/#csrf

https://www.baeldung.com/global-error-handler-in-a-spring-rest-api

https://www.baeldung.com/exception-handling-for-rest-with-spring

https://www.mkyong.com/maven/how-to-create-a-web-application-project-with-maven/

https://stackoverflow.com/questions/30571319/spring-boot-logging-pattern

https://lmonkiewicz.com/programming/get-noticed-2017/spring-boot-rest-request-validation/

https://www.baeldung.com/global-error-handler-in-a-spring-rest-api

1. https://stackoverflow.com/questions/24916894/serving-static-web-resources-in-spring-boot-spring-security-application