tangzheng/block-health-record
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: 移除JwtUserDto中的密码字段,修改验证密码逻辑

Browse Source
This commit is contained in:
Jie Zheng 2025-02-18 15:55:28 +08:00
parent 13dad5bcba
commit af0aa425c2
4 changed files with 7 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
eladmin/eladmin-system/src/main/java/me/zhengjie/modules/security/rest/AuthController.java
View File

@ -101,8 +101,6 @@ public class AuthController {
SecurityContextHolder.getContext().setAuthentication(authentication); SecurityContextHolder.getContext().setAuthentication(authentication);
// 生成令牌 // 生成令牌
String token = tokenProvider.createToken(jwtUser); String token = tokenProvider.createToken(jwtUser);
// 将密码设置为空
jwtUser.setPassword(null);
// 返回 token 用户信息 // 返回 token 用户信息
Map<String, Object> authInfo = new HashMap<String, Object>(2) {{ Map<String, Object> authInfo = new HashMap<String, Object>(2) {{
put("token", properties.getTokenStartWith() + token); put("token", properties.getTokenStartWith() + token);
@ -122,8 +120,6 @@ public class AuthController {
@GetMapping(value = "/info") @GetMapping(value = "/info")
public ResponseEntity<UserDetails> getUserInfo() { public ResponseEntity<UserDetails> getUserInfo() {
JwtUserDto jwtUser = (JwtUserDto) SecurityUtils.getCurrentUser(); JwtUserDto jwtUser = (JwtUserDto) SecurityUtils.getCurrentUser();
// 将密码设置为空
jwtUser.setPassword(null);
return ResponseEntity.ok(jwtUser); return ResponseEntity.ok(jwtUser);
} }

2
eladmin/eladmin-system/src/main/java/me/zhengjie/modules/security/service/UserDetailsServiceImpl.java
View File

@ -55,7 +55,7 @@ public class UserDetailsServiceImpl implements UserDetailsService {
// 获取用户的权限 // 获取用户的权限
List<AuthorityDto> authorities = roleService.buildPermissions(user); List<AuthorityDto> authorities = roleService.buildPermissions(user);
// 初始化JwtUserDto // 初始化JwtUserDto
jwtUserDto = new JwtUserDto(user, dataService.getDeptIds(user), authorities, user.getPassword()); jwtUserDto = new JwtUserDto(user, dataService.getDeptIds(user), authorities);
// 添加缓存数据 // 添加缓存数据
userCacheManager.addUserCache(username, jwtUserDto); userCacheManager.addUserCache(username, jwtUserDto);
} }

10
eladmin/eladmin-system/src/main/java/me/zhengjie/modules/security/service/dto/JwtUserDto.java
View File

@ -43,14 +43,16 @@ public class JwtUserDto implements UserDetails {
@ApiModelProperty(value = "角色") @ApiModelProperty(value = "角色")
private final List<AuthorityDto> authorities; private final List<AuthorityDto> authorities;
@Setter
@ApiModelProperty(value = "密码")
private String password;
public Set<String> getRoles() { public Set<String> getRoles() {
return authorities.stream().map(AuthorityDto::getAuthority).collect(Collectors.toSet()); return authorities.stream().map(AuthorityDto::getAuthority).collect(Collectors.toSet());
} }
@Override
@JSONField(serialize = false)
public String getPassword() {
return user.getPassword();
}
@Override @Override
@JSONField(serialize = false) @JSONField(serialize = false)
public String getUsername() { public String getUsername() {

2
eladmin/eladmin-system/src/main/java/me/zhengjie/modules/system/domain/User.java
View File

@ -15,7 +15,6 @@
*/ */
package me.zhengjie.modules.system.domain; package me.zhengjie.modules.system.domain;
import com.alibaba.fastjson2.annotation.JSONField;
import com.baomidou.mybatisplus.annotation.IdType; import com.baomidou.mybatisplus.annotation.IdType;
import com.baomidou.mybatisplus.annotation.TableField; import com.baomidou.mybatisplus.annotation.TableField;
import com.baomidou.mybatisplus.annotation.TableId; import com.baomidou.mybatisplus.annotation.TableId;
@ -88,7 +87,6 @@ public class User extends BaseEntity implements Serializable {
@ApiModelProperty(value = "头像存储的路径", hidden = true) @ApiModelProperty(value = "头像存储的路径", hidden = true)
private String avatarPath; private String avatarPath;
@JSONField(serialize = false)
@ApiModelProperty(value = "密码") @ApiModelProperty(value = "密码")
private String password; private String password;