src/main/java/com/example/demo/controller/auth/LearningAuthController.java

package com.example.demo.controller.auth;

import com.example.demo.common.ApiResponse;
import com.example.demo.dto.auth.LoginRequest;
import com.example.demo.security.LearningJwtUtil;
import jakarta.validation.Valid;
import org.springframework.web.bind.annotation.*;

import java.util.Map;

@RestController
@RequestMapping("/api/auth")
public class LearningAuthController {

    private final LearningJwtUtil jwtUtil;

    public LearningAuthController(LearningJwtUtil jwtUtil) {
        this.jwtUtil = jwtUtil;
    }

    @PostMapping("/login")
    public ApiResponse<Map<String, Object>> login(@Valid @RequestBody LoginRequest req) {
        // 学习演示：仅做最小账号检查
        if (!(("admin".equals(req.username()) && "admin123".equals(req.password()))
                || ("user".equals(req.username()) && "user123".equals(req.password())))) {
            return new ApiResponse<>(401, "用户名或密码错误", null, java.time.Instant.now());
        }
        String token = jwtUtil.generateToken(req.username());
        return ApiResponse.ok(Map.of(
                "token", token,
                "type", "Bearer",
                "username", req.username(),
                "tip", "在请求头中加入 Authorization: Bearer <token> 访问 /api/secure/**"
        ));
    }

    @GetMapping("/mode")
    public ApiResponse<Map<String, Object>> mode() {
        return ApiResponse.ok(Map.of(
                "mode", "learning-jwt",
                "protectedPath", "/api/secure/**",
                "defaultAccounts", "admin/admin123, user/user123"
        ));
    }
}
feat(learning-auth): add optional JWT learning flow with secure demo endpoint 2026-03-09 02:11:49 +08:00			`package com.example.demo.controller.auth;`

			`import com.example.demo.common.ApiResponse;`
			`import com.example.demo.dto.auth.LoginRequest;`
			`import com.example.demo.security.LearningJwtUtil;`
			`import jakarta.validation.Valid;`
			`import org.springframework.web.bind.annotation.*;`

			`import java.util.Map;`

			`@RestController`
			`@RequestMapping("/api/auth")`
			`public class LearningAuthController {`

			`private final LearningJwtUtil jwtUtil;`

			`public LearningAuthController(LearningJwtUtil jwtUtil) {`
			`this.jwtUtil = jwtUtil;`
			`}`

			`@PostMapping("/login")`
			`public ApiResponse<Map<String, Object>> login(@Valid @RequestBody LoginRequest req) {`
			`// 学习演示：仅做最小账号检查`
			`if (!(("admin".equals(req.username()) && "admin123".equals(req.password()))`
			`\|\| ("user".equals(req.username()) && "user123".equals(req.password())))) {`
			`return new ApiResponse<>(401, "用户名或密码错误", null, java.time.Instant.now());`
			`}`
			`String token = jwtUtil.generateToken(req.username());`
			`return ApiResponse.ok(Map.of(`
			`"token", token,`
			`"type", "Bearer",`
			`"username", req.username(),`
			`"tip", "在请求头中加入 Authorization: Bearer <token> 访问 /api/secure/**"`
			`));`
			`}`

			`@GetMapping("/mode")`
			`public ApiResponse<Map<String, Object>> mode() {`
			`return ApiResponse.ok(Map.of(`
			`"mode", "learning-jwt",`
			`"protectedPath", "/api/secure/**",`
			`"defaultAccounts", "admin/admin123, user/user123"`
			`));`
			`}`
			`}`