Angular在使用angular-auth-oidc-client进行身份验证后加载用户角色
- 引入angular-auth-oidc-client模块和HttpClient模块:
import { AuthModule, OidcSecurityService } from 'angular-auth-oidc-client'; import { HttpClient, HttpHeaders } from '@angular/common/http';
- 注入OidcSecurityService和HttpClient:
constructor( private oidcSecurityService: OidcSecurityService, private http: HttpClient ) {}
- 在身份验证成功后获取用户信息和角色:
this.oidcSecurityService.userData$.subscribe(userInfo => {
if (userInfo) {
const headers = new HttpHeaders({
'Authorization': Bearer ${this.oidcSecurityService.getToken()}
});
// 发送HTTP请求获取用户角色
this.http.get('https://example.com/roles', { headers }).subscribe(roles => {
console.log('User roles:', roles);
});
}
});
- 在服务器端实现根据Token获取用户角色的API接口:
// 在请求头中读取token const token = req.headers.authorization.split(' ')[1]; // 验证token jwt.verify(token, 'secret-key', (err, decoded) => { if (err) { res.status(401).json({ error: 'Invalid token' }); } else { const userId = decoded.sub; // 查询用户角色 User.findById(userId).select('roles').exec((err, user) => { if (err) { res.status(500).json({ error: err }); } else { res.json(user.roles); } }); } });