feat : 권한별로 접근 가능한 API 추가

2022-04-04 00:04:50 +09:00
parent 2aba6999bd
commit 409b3e4ae1
1 changed files with 24 additions and 0 deletions
--- a/작성)/spring-security/src/main/kotlin/com/banjjoknim/playground/jwt/domain/user/JwtUserController.kt
+++ b/작성)/spring-security/src/main/kotlin/com/banjjoknim/playground/jwt/domain/user/JwtUserController.kt
@@ -1,6 +1,10 @@
 package com.banjjoknim.playground.jwt.domain.user

+import com.banjjoknim.playground.jwt.config.security.PrincipalDetails
+import org.springframework.security.core.Authentication
+import org.springframework.security.core.annotation.AuthenticationPrincipal
 import org.springframework.security.crypto.password.PasswordEncoder
+import org.springframework.web.bind.annotation.GetMapping
 import org.springframework.web.bind.annotation.PostMapping
 import org.springframework.web.bind.annotation.RequestBody
 import org.springframework.web.bind.annotation.RestController
@@ -18,4 +22,24 @@ class JwtUserController(
        jwtUserRepository.save(jwtUser)
        return "회원가입완료"
    }
+
+    // user 권한만 접근 가능
+    @GetMapping("/api/v1/user")
+    fun user(@AuthenticationPrincipal authentication: Authentication): String {
+        val principalDetails = authentication.principal as PrincipalDetails
+        println("Authentication: ${principalDetails.username}")
+        return "user"
+    }
+
+    // manager, admin 권한만 접근 가능
+    @GetMapping("/api/v1/manager")
+    fun manager(): String {
+        return "manager"
+    }
+
+    // admin 권한만 접근 가능
+    @GetMapping("/api/v1/admin")
+    fun admin(): String {
+        return "admin"
+    }
 }