How to get the user in the @RestController?

Question

I am creating a jwt based authentication. That is working as a charm. I have created the sign up and login methods in the @restcontroller via the post.

Now, i need to create the update user method. For updating the informations of the logged users itself.

Before JWT we used to take the id of the logged user from the session. How to do this with JWT?

@PostMapping("/user/profile")
public ResponseEntity<?> saveProfile(@Valid @RequestBody UserProfileDTO userProfile) {

    /*  Of course the userPofileForm does not contain a hidden field 
        with the ID of the user because it woud allow the user to mofify 
         it and update another user.
    */

    return null;
}

Check [this](https://stackoverflow.com/questions/49127791/extract-currently-logged-in-user-information-from-jwt-token-using-spring-securit) and [this](https://stackoverflow.com/a/47807045/1724809) — AsifM, Apr 18 '18 at 18:21

score 0 · Answer 1 · answered Apr 18 '18 at 18:24

Try adding the user id to the jwt's body and accept the jwt token in header for every authenticated request.

Once your controller is able to get the jwt token, decrypt it and get the user Id.
While authenticating the jwt token, add authentication to SecurityContextHolder and get user auth any where in the application

score 0 · Accepted Answer · edited Apr 19 '18 at 09:49

0

This is an example of how you could solve this:

@PostMapping("/user/profile")
public ResponseEntity<?> saveProfile(@Valid @RequestBody UserProfileDTO userProfile,Principal userLogin) {
String username=userLogin.getName();
return username;
}

edited Apr 19 '18 at 09:49

jwg

5,547
3
43
57

answered Apr 19 '18 at 08:47

David Shiref

29
1
2

How to get the user in the @RestController?

2 Answers2