发表新帖
发表新帖

How do I configure @PreAuthorize to recognize the ID of my logged in user?

前端 未结
关注
2 2007
一整个雨季
一整个雨季 2021-01-27 03:32

I\'m trying to create a Spring Boot 2.1 application. I have created the following rest controller ...

@RestController
@RequestMapping("/api/users")
pub
2条回答
  • 执念已碎
    执念已碎 (楼主)
    2021-01-27 04:04

    • you can create a service that does the check for you like this:

        @Service
  public class AuthenticatedUserService {

  @Autowired
  private IUserRepository userRepository;

   public boolean hasId(UUID ID){          
      String username =  SecurityContextHolder.getContext().getAuthentication().getPrincipal().getUsername();
      User user = userRepository.findByEmail(username);
      return user.getId().equals(id);

   }

  }

    add this to your controller

    @Autowired
private AuthenticatedUserService  authenticatedUserService;

    and replace preauth annotation by this one:

    @PreAuthorize("@authenticatedUserService.hasId(#id)")

    0 讨论(0)
 看不清?
提交回复
热议问题