-
Notifications
You must be signed in to change notification settings - Fork 3.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
token获取用户信息 #93
Comments
这个接口是根据用户唯一 id 查询用户信息,只该token有 /user?uniqueId=?的权限 就可以查询到,场景 比如,用户登陆时,根据用户名查询 用户账号信息 |
如果使用zhoutaoo 进行认证取得的token,去调用/user?uniqueId=admin 也可以调用成功。用户与用户之间的信息是完全透明的 |
我觉得这个接口不应该主动调用,而是后台通过解析token获得uniqueId |
|
登陆的时候 没有token ,同学 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
认证授权时,获得token。那么调用 /user?uniqueId= 的接口,即使token所属的uniqueId不一致也可以获取。相当于用户与用户直接的信息可以相互看到
The text was updated successfully, but these errors were encountered: