We have two controllers, namely DefaultController (mapped to the / and /login paths) and AuthController (mapped to the /auth main route and /token sub-route). The /auth/token path can be used to retrieve the token, which can be used for a subsequent API call (Bearer <Token>). The code snippet for AuthController is as shown here:

@RestController
@RequestMapping(path = "/auth", produces = { APPLICATION_JSON_UTF8_VALUE })
public class AuthController {

    @Autowired
    private MapReactiveUserDetailsService userDetailsRepository;
        @RequestMapping(method = POST, value = "/token")
        @CrossOrigin("*")
        public Mono<ResponseEntity<JWTAuthResponse>> token(@RequestBody     
                JWTAuthRequest jwtAuthRequest) throws AuthenticationException {
            String username =  jwtAuthRequest.getUsername();
            String password =  jwtAuthRequest.getPassword();
            return userDetailsRepository.findByUsername(username)
               .map(user -> ok().contentType(APPLICATION_JSON_UTF8).body(
                 new JWTAuthResponse(JWTUtil.generateToken(user.getUsername(),                  user.getAuthorities()), user.getUsername())))
                 .defaultIfEmpty(notFound().build());
        }
    }
}