ЛР6(Vue) еще чуть-чуть безопасности
This commit is contained in:
parent
24190594f1
commit
cf09538c11
@ -5,7 +5,39 @@
|
|||||||
components: {
|
components: {
|
||||||
Header,
|
Header,
|
||||||
Footer
|
Footer
|
||||||
|
},
|
||||||
|
data() {
|
||||||
|
return {
|
||||||
|
tokenFromServer: undefined,
|
||||||
|
userFromServer: undefined,
|
||||||
|
securityError: false,
|
||||||
}
|
}
|
||||||
|
},
|
||||||
|
created() {
|
||||||
|
const self = this
|
||||||
|
window.addEventListener('storage', function(e){
|
||||||
|
console.log(e)
|
||||||
|
if(e.key === "token")
|
||||||
|
if(this.tokenFromServer !== e.newValue) {
|
||||||
|
self.storageSecurity()
|
||||||
|
}
|
||||||
|
if(e.key === "user")
|
||||||
|
if(this.userFromServer !== e.newValue) {
|
||||||
|
self.storageSecurity()
|
||||||
|
}
|
||||||
|
})
|
||||||
|
},
|
||||||
|
methods: {
|
||||||
|
storageSecurity(){
|
||||||
|
localStorage.clear()
|
||||||
|
this.$router.push("/login")
|
||||||
|
this.securityError = true
|
||||||
|
},
|
||||||
|
saveServerData(data){
|
||||||
|
this.tokenFromServer = data.token
|
||||||
|
this.userFromServer = data.user
|
||||||
|
},
|
||||||
|
},
|
||||||
}
|
}
|
||||||
</script>
|
</script>
|
||||||
|
|
||||||
|
BIN
data.mv.db
BIN
data.mv.db
Binary file not shown.
@ -2,7 +2,9 @@ package ru.ulstu.is.lab1.DataBase.controller;
|
|||||||
|
|
||||||
import ru.ulstu.is.lab1.DataBase.configuration.OpenAPI30Configuration;
|
import ru.ulstu.is.lab1.DataBase.configuration.OpenAPI30Configuration;
|
||||||
import ru.ulstu.is.lab1.DataBase.model.User;
|
import ru.ulstu.is.lab1.DataBase.model.User;
|
||||||
|
import ru.ulstu.is.lab1.DataBase.model.UserRole;
|
||||||
import ru.ulstu.is.lab1.DataBase.service.UserService;
|
import ru.ulstu.is.lab1.DataBase.service.UserService;
|
||||||
|
import org.springframework.security.access.annotation.Secured;
|
||||||
import org.springframework.web.bind.annotation.GetMapping;
|
import org.springframework.web.bind.annotation.GetMapping;
|
||||||
import org.springframework.web.bind.annotation.PostMapping;
|
import org.springframework.web.bind.annotation.PostMapping;
|
||||||
import org.springframework.web.bind.annotation.RequestBody;
|
import org.springframework.web.bind.annotation.RequestBody;
|
||||||
@ -19,6 +21,7 @@ public class UserController {
|
|||||||
this.userService = userService;
|
this.userService = userService;
|
||||||
}
|
}
|
||||||
@GetMapping(OpenAPI30Configuration.API_PREFIX + "/user")
|
@GetMapping(OpenAPI30Configuration.API_PREFIX + "/user")
|
||||||
|
@Secured({UserRole.AsString.ADMIN})
|
||||||
public List<User> getUsers() {
|
public List<User> getUsers() {
|
||||||
return userService.findAllUsers();
|
return userService.findAllUsers();
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user