Spring security 使用SpringWebFlux在SpringAOP中获取当前登录用户

我正在将SpringWebFlux与Kotlin协同程序和SpringAOP一起使用。我有这样的简单建议

@Around("@annotation(LogAccess)")
public Object logErrorAccess(ProceedingJoinPoint joinPoint) throws Throwable {

    MethodSignature methodSignature = (MethodSignature) joinPoint.getSignature();
    Method method = methodSignature.getMethod();
    LogAccess logAccess = method.getAnnotation(LogAccess.class);

    try {
        var result = joinPoint.proceed();
        // Get the current user and user id and log
        return result;
    } catch (Exception e) {
        // Get the current user and user id and log
        throw e;
    }
}

@GetMapping("/profile")
suspend fun profile(authentication: Authentication): Response

我试着用这个

ReactiveSecurityContextHolder.getContext().map(ct -> ct.getAuthentication().getPrincipal());

但是我得到了

null

。我使用JWT进行身份验证，但是在我的控制器中，我可以像这样访问这些信息

@Around("@annotation(LogAccess)")
public Object logErrorAccess(ProceedingJoinPoint joinPoint) throws Throwable {

    MethodSignature methodSignature = (MethodSignature) joinPoint.getSignature();
    Method method = methodSignature.getMethod();
    LogAccess logAccess = method.getAnnotation(LogAccess.class);

    try {
        var result = joinPoint.proceed();
        // Get the current user and user id and log
        return result;
    } catch (Exception e) {
        // Get the current user and user id and log
        throw e;
    }
}

@GetMapping("/profile")
suspend fun profile(authentication: Authentication): Response

---

有没有办法在通知中获得这些信息。

您可以使用reactor context（），这意味着您要访问的上下文已附加到您的Mono或Flux。我现在在同一个pb上。可能通过访问Mono或Flux in参数？ReactiveSecurityContextHolder使用后面的上下文API。您能否在建议中提供如何使用ReactiveSecurityContextHolder？