If I understood correctly, you want to just add this project
info to a User, during login/sign-up.
As @HarshVerma pointed out, in Spring it's only the login and the password you need to autheticate.
You could implement user's project
as a JWT claim:
Jwts.builder()
.setSubject(Long.toString(userPrincipal.getId()))
.claim("project", myProject)
.setIssuedAt(new Date())
.setExpiration(expiryDate)
.signWith(SignatureAlgorithm.HS512, jwtSecret)
.compact();
and then retreive it to authorize accordingly:
Claims claims = new DefaultClaims();
try{
claims = Jwts.parser().setSigningKey(jwtSecret).parseClaimsJws(jwt).getBody();
} catch (SignatureException e){
// signature exception
}
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…