[英]How to handle user information after login succeed in Spring Security
I want to use user-information after login succeed. 登录成功后,我想使用用户信息。 I thought about storing it into session attribute. 我考虑过将其存储到会话属性中。 or using @scope('session) annotation. 或使用@scope('session)注释。 but I haven't found the best way of doing it. 但是我还没有找到最好的方法。 so I just stored it into model-attribute. 所以我只是将其存储到模型属性中。
@Controller
@RequestMapping(value = "/user")
public class UserController {
@Autowired
private UserService userService;
@Autowired
private UserProfileService userProfileService;
@ModelAttribute("user")
public User getUserModel () {
return userService.findByEmail(SecurityContextHolder.getContext().getAuthentication().getName());
}
@ModelAttribute("userProfile")
public UserProfile getUserProfile() {
return userProfileService.findByUser(userService.findByEmail(SecurityContextHolder.getContext().getAuthentication().getName()));
}
@GetMapping("/")
public String userIndex() {
logger.info("UserIndex");
return "userPage";
}
As you can see, SecurityContextHolder.getContext().getAuthentication().getName() --> this method repeated. 如您所见,SecurityContextHolder.getContext()。getAuthentication()。getName()->重复此方法。 every time user make HTTP request, is this good practice? 每次用户发出HTTP请求时,这是一种好习惯吗? or any better way of store user-infomation in application? 还是在应用程序中存储用户信息的更好方法?
I would go with this. 我会同意这一点。
@RequestMapping(value = "/username", method = RequestMethod.GET)
@ResponseBody
public String currentUserName(Authentication authentication) {
return authentication.getName();
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.