我正在实现一个项目RESTful API,它应该登录(用户名/密码)并返回一个令牌,我想使用令牌来检索用户信息。
我按照说明操作: https://github.com/virgo47/restful-spring-security
但是:我不知道如何在我的功能中使用它,你可以帮我吗?
@RequestMapping(value = "/login", method = RequestMethod.POST)
public @ResponseBody ResponseObject<Object> login(
@RequestParam(value = "username", required = true) String username,
@RequestParam(value = "password", required = true) String password,
@RequestHeader(value = "token") String token,
HttpSession session) {
//TODO
return new ResponseObject<Object>(1, "Success", data);
}
@RequestMapping(value = "/info", method = RequestMethod.GET)
public @ResponseBody ResponseObject<User> getInfo(@RequestHeader(value = "token", required = true) String token,
HttpSession session) {
//TODO
return null;
}
答案 0 :(得分:0)
你为什么要那样做?为什么不从SecurityContext中获取登录用户,如下所示
SET @FinancialIncremental:=0;
SELECT j.ErrorCategory,
COUNT(IF(j.ErrorType = 'P',j.ErrorType,NULL)) AS Financial,
COUNT(IF(j.ErrorType = 'NP',j.ErrorType,NULL)) AS Procedural,
SUM(j.OverPaymentAmount) AS 'Financial Over Paid Amount ($)',
(@FinancialIncremental := @FinancialIncremental + COUNT(IF(j.ErrorType = 'P',j.ErrorType,0))
AS 'Financial Incremental'
FROM DemoScheme.TestTable j WHERE IsDeleted = 0 AND ErrorType IN ('P','NP')
GROUP BY ErrorCategory;
如果您坚持这样做,您可以执行以下操作。
@RequestMapping(value = "/test", method = RequestMethod.GET)
public String test() {
System.out.println(" *** MainRestController.test");
// Spring Security dependency is unwanted in controller, typically some
// @Component (UserContext) hides it.
// Not that we don't use Spring Security annotations anyway...
return "SecurityContext: "
+ SecurityContextHolder.getContext().getAuthentication()
.getName();
}