Merge pull request #345 from tallyto/23.17

Obtendo usuário autenticado no Resource Server
tallyto · Jan 11, 2024 · e8ba168 · e8ba168
2 parents 4992876 + f8a3b4a
commit e8ba168
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 2 deletions.
diff --git a/src/main/java/com/tallyto/algafood/api/v1/controller/PedidoController.java b/src/main/java/com/tallyto/algafood/api/v1/controller/PedidoController.java
@@ -9,6 +9,7 @@
 import com.tallyto.algafood.api.v1.openapi.controller.PedidoControllerOpenApi;
 import com.tallyto.algafood.core.data.PageWrapper;
 import com.tallyto.algafood.core.data.PageableTranslator;
+import com.tallyto.algafood.core.security.AlgaSecurity;
 import com.tallyto.algafood.domain.exception.EntidadeNaoEncontradaException;
 import com.tallyto.algafood.domain.exception.NegocioException;
 import com.tallyto.algafood.domain.model.Pedido;
@@ -48,6 +49,9 @@ public class PedidoController implements PedidoControllerOpenApi {
     @Autowired
     private PagedResourcesAssembler<Pedido> pagedResourcesAssembler;
 
+    @Autowired
+    private AlgaSecurity algaSecurity;
+
     @GetMapping
     public PagedModel<PedidoResumoModel> pesquisar(PedidoFilter filtro,
                                                    @PageableDefault(size = 10) Pageable pageable) {
@@ -68,9 +72,8 @@ public PedidoModel adicionar(@Valid @RequestBody PedidoInput pedidoInput) {
         try {
             Pedido novoPedido = assembler.toEntity(pedidoInput);
 
-            // TODO pegar usuário autenticado
             novoPedido.setCliente(new Usuario());
-            novoPedido.getCliente().setId(1L);
+            novoPedido.getCliente().setId(algaSecurity.getUsuarioId());
 
             novoPedido = emissaoPedido.emitir(novoPedido);
 

diff --git a/src/main/java/com/tallyto/algafood/core/security/AlgaSecurity.java b/src/main/java/com/tallyto/algafood/core/security/AlgaSecurity.java
@@ -0,0 +1,19 @@
+package com.tallyto.algafood.core.security;
+
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.oauth2.jwt.Jwt;
+import org.springframework.stereotype.Component;
+
+@Component
+public class AlgaSecurity {
+
+    public Authentication getAuthentication() {
+        return SecurityContextHolder.getContext().getAuthentication();
+    }
+    public Long getUsuarioId() {
+        Jwt jwt = (Jwt) getAuthentication().getPrincipal();
+
+        return jwt.getClaim("usuario_id");
+    }
+}