Added comment

Author: Rajeev Kumar Singh

polling-app-server/src/main/java/com/example/polls/security/JwtAuthenticationFilter.java

@@ -37,6 +37,11 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
             if (StringUtils.hasText(jwt) && tokenProvider.validateToken(jwt)) {
                 Long userId = tokenProvider.getUserIdFromJWT(jwt);
 
+                /*
+                    Note that you could also encode the user's username and roles inside JWT claims
+                    and create the UserDetails object by parsing those claims from the JWT.
+                    That would avoid the following database hit. It's completely up to you.
+                 */
                 UserDetails userDetails = customUserDetailsService.loadUserById(userId);
                 UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
                 authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));