-
- UserPrincipal record + JwtAuthenticationFilter 注入用户上下文 - SecurityConfig 补充 authenticationEntryPoint 返回 401 - UserService/UserServiceImpl: 创建用户、获取员工列表、获取权限组 - UserController: POST /users、GET /users/staffs、GET /users/permission-groups - UserServiceTest (6 cases) + UserControllerTest (5 cases) 全部通过
-
- SecurityConfig: STATELESS, permitAll /api/auth/**, JWT filter - JwtAuthenticationFilter: Bearer token → SecurityContext - AuthController: POST /login, POST /refresh, GET /brands - BrandVO: @JsonProperty to fix Jackson serialization of sNo/sName - AuthControllerTest: 4/4 PASS; all 22 backend tests GREEN
