TestController

package com.shark.example.controller;

import com.shark.base.entity.ResponseDataEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class TestController {

    @RequestMapping(value = "/userId", method = RequestMethod.GET)
    public ResponseDataEntity<String> userId() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        String id = authentication.getName();
        ResponseDataEntity<String> responseDataEntity = new ResponseDataEntity<>();
        responseDataEntity.setData(id);
        responseDataEntity.setReturnCode(1);
        return  responseDataEntity;
    }


    @RequestMapping(value = "/role1", method = RequestMethod.GET)
    @PreAuthorize("hasAuthority('role1')")
    public ResponseDataEntity<String> role1() {
        ResponseDataEntity<String> responseDataEntity = new ResponseDataEntity<>();
        responseDataEntity.setData("Role1");
        responseDataEntity.setReturnCode(1);
        return  responseDataEntity;
    }

    @RequestMapping(value = "/role2", method = RequestMethod.GET)
    @PreAuthorize("hasAuthority('role2')")
    public ResponseDataEntity<String> role2() {
        ResponseDataEntity<String> responseDataEntity = new ResponseDataEntity<>();
        responseDataEntity.setData("Role2");
        responseDataEntity.setReturnCode(1);
        return  responseDataEntity;
    }
}

/userId: 當登入成功後，從SecurityContextHolder Context Authentication中取得使用者Id並回傳
/role1: 驗證使用者有沒有role1權限
/role2: 驗證使用者有沒有role2權限

TestController

TestController

results matching ""

No results matching ""