Merge pull request #4 from nagisa77/codex/add-user-permission-module

Add role-based authorization
2026-02-22 22:21:09 +08:00 · 2025-06-30 18:59:33 +08:00
parent fe894834b7 31b54f6aac
commit dce34461d5
6 changed files with 38 additions and 1 deletions
--- a/src/main/java/com/openisle/config/SecurityConfig.java
+++ b/src/main/java/com/openisle/config/SecurityConfig.java
@@ -43,7 +43,7 @@ public class SecurityConfig {
                .<UserDetails>map(user -> org.springframework.security.core.userdetails.User
                        .withUsername(user.getUsername())
                        .password(user.getPassword())
-                        .authorities("USER")
+                        .authorities(user.getRole().name())
                        .build())
                .orElseThrow(() -> new UsernameNotFoundException("User not found"));
    }
@@ -63,6 +63,7 @@ public class SecurityConfig {
            .sessionManagement(sm -> sm.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
            .authorizeHttpRequests(auth -> auth
                    .requestMatchers(HttpMethod.POST, "/api/auth/**").permitAll()
+                    .requestMatchers("/api/admin/**").hasAuthority("ADMIN")
                    .anyRequest().authenticated()
            )
            .addFilterBefore(jwtAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);