How I Built a Production-Ready JWT Auth Template with Java 21 and Spring Security 6

How I Built a Production-Ready JWT Auth Template with Java 21 and Spring Security 6 Every Java project needs authentication. And every time, you spend days wiring up Spring Security, configuring JWT, setting up roles, handling token refresh... before you even write a single line of business logic. I got tired of it. So I built a template I can reuse — and decided to share it. What's Inside Spring Boot 3.2 + Spring Security 6 stateless JWT auth Java 21 features used throughout — Records, Sealed classes, Pattern matching Role-based authorization — USER, ADMIN, MODERATOR out of the box Access token + refresh token rotation React + TypeScript frontend demo with password strength indicator Docker + PostgreSQL — one command to run everything Postman collection included Why Java 21 Features Matter Here This isn't just a Spring Boot project with Java 21 slapped on it. The modern Java features are used where they actually improve the code. Records for DTOs Instead of bloated POJOs with getters,