ЛР6(Vue) еще чуть-чуть безопасности
This commit is contained in:
parent
24190594f1
commit
cf09538c11
@ -5,7 +5,39 @@
|
||||
components: {
|
||||
Header,
|
||||
Footer
|
||||
},
|
||||
data() {
|
||||
return {
|
||||
tokenFromServer: undefined,
|
||||
userFromServer: undefined,
|
||||
securityError: false,
|
||||
}
|
||||
},
|
||||
created() {
|
||||
const self = this
|
||||
window.addEventListener('storage', function(e){
|
||||
console.log(e)
|
||||
if(e.key === "token")
|
||||
if(this.tokenFromServer !== e.newValue) {
|
||||
self.storageSecurity()
|
||||
}
|
||||
if(e.key === "user")
|
||||
if(this.userFromServer !== e.newValue) {
|
||||
self.storageSecurity()
|
||||
}
|
||||
})
|
||||
},
|
||||
methods: {
|
||||
storageSecurity(){
|
||||
localStorage.clear()
|
||||
this.$router.push("/login")
|
||||
this.securityError = true
|
||||
},
|
||||
saveServerData(data){
|
||||
this.tokenFromServer = data.token
|
||||
this.userFromServer = data.user
|
||||
},
|
||||
},
|
||||
}
|
||||
</script>
|
||||
|
||||
|
BIN
data.mv.db
BIN
data.mv.db
Binary file not shown.
@ -2,7 +2,9 @@ package ru.ulstu.is.lab1.DataBase.controller;
|
||||
|
||||
import ru.ulstu.is.lab1.DataBase.configuration.OpenAPI30Configuration;
|
||||
import ru.ulstu.is.lab1.DataBase.model.User;
|
||||
import ru.ulstu.is.lab1.DataBase.model.UserRole;
|
||||
import ru.ulstu.is.lab1.DataBase.service.UserService;
|
||||
import org.springframework.security.access.annotation.Secured;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
@ -19,6 +21,7 @@ public class UserController {
|
||||
this.userService = userService;
|
||||
}
|
||||
@GetMapping(OpenAPI30Configuration.API_PREFIX + "/user")
|
||||
@Secured({UserRole.AsString.ADMIN})
|
||||
public List<User> getUsers() {
|
||||
return userService.findAllUsers();
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user