novalon/gym-manage
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(auth): 内部 JwtAuthenticationFilter 增加 userType 传递

Browse Source 
- 从 Token 解析 userType 并存入 authentication.details
- 供下游 AuthUtil 获取 userType 进行权限校验
This commit is contained in:
张翔
2026-06-03 11:28:40 +08:00
parent 47e9a65497
commit 5c5bc6419a
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
gym-manage-api/manage-sys/src/main/java/cn/novalon/gym/manage/sys/security/JwtAuthenticationFilter.java
+4
View File
@@ -37,6 +37,7 @@ public class JwtAuthenticationFilter implements WebFilter {
String username = jwtTokenProvider.getUsernameFromToken(token);
jwtTokenProvider.getUserIdFromToken(token);
List<String> roles = jwtTokenProvider.getRolesFromToken(token);
String userType = jwtTokenProvider.getUserTypeFromToken(token);
List<SimpleGrantedAuthority> authorities = roles.stream()
.map(role -> new SimpleGrantedAuthority("ROLE_" + role))
@@ -53,6 +54,9 @@ public class JwtAuthenticationFilter implements WebFilter {
authorities
);
// 将 userType 存入 authentication details,供后续 AuthUtil 使用
authentication.setDetails(userType);
return chain.filter(exchange)
.contextWrite(ReactiveSecurityContextHolder.withAuthentication(authentication));
}