I am working on a web application developed using Java and AngularJS and chose to implement token authentication and authorization. For the exercise purpose, I've come to the point where I send the credentials to the server, generate a random token store it and send it back to the client. At every request to the server I'm attaching the token in the header and it works perfectly. For the authentication point of view is perfect and wouldn't need more.
However, I now want to keep track of the user type (admin, regular user...), as well as it's id, or any other unique field; as I understood I have to encrypt that in the token that I'm sending back to the client during the log in action. Is that correct?
Is there any JWT library that you used and can generate, encrypt and decrypt such tokens? A link to the library's API and Maven dependency would be much appreciated.
Thanks
JJWT aims to be the easiest to use and understand JWT library for the JVM and Android: