you are fetching user from database every time you want to check the token and authenticate the user. actually the power of JWT is that in can have the user information in it, you can store username and roles into token and just need to validate the token and then you already have all the data you need so no need to fetch it from database again.
https://github.com/amezenin/encyclopedia-kn/blob/d8c6159568b556e048a823cd49be0563c1b78f0b/src/main/java/com/knits/product/security/jwt/JwtTokenProvider.java#L66
you are fetching user from database every time you want to check the token and authenticate the user. actually the power of JWT is that in can have the user information in it, you can store username and roles into token and just need to validate the token and then you already have all the data you need so no need to fetch it from database again.