From e8b2ca46862565b7b6d2f05c3f45f7873afe044e Mon Sep 17 00:00:00 2001
From: xubinbin <1323875150@qq.com>
Date: 星期四, 31 八月 2023 16:39:18 +0800
Subject: [PATCH] 将生成jwt令牌和验证jwt令牌时使用的公钥私钥由固定值修改为每次启动服务时动态生产;剔除jwt token中包含的password和roleId,防止密码泄露。
---
src/main/java/com/genersoft/iot/vmp/conf/GlobalResponseAdvice.java | 15 ++++++++++++++-
1 files changed, 14 insertions(+), 1 deletions(-)
diff --git a/src/main/java/com/genersoft/iot/vmp/conf/GlobalResponseAdvice.java b/src/main/java/com/genersoft/iot/vmp/conf/GlobalResponseAdvice.java
index e1088e5..c8b84fe 100644
--- a/src/main/java/com/genersoft/iot/vmp/conf/GlobalResponseAdvice.java
+++ b/src/main/java/com/genersoft/iot/vmp/conf/GlobalResponseAdvice.java
@@ -1,9 +1,12 @@
package com.genersoft.iot.vmp.conf;
-import com.alibaba.fastjson.JSON;
+import com.alibaba.fastjson2.JSON;
+import com.alibaba.fastjson2.support.spring.http.converter.FastJsonHttpMessageConverter;
import com.genersoft.iot.vmp.vmanager.bean.ErrorCode;
import com.genersoft.iot.vmp.vmanager.bean.WVPResult;
import org.jetbrains.annotations.NotNull;
+import org.springframework.boot.autoconfigure.http.HttpMessageConverters;
+import org.springframework.context.annotation.Bean;
import org.springframework.core.MethodParameter;
import org.springframework.http.MediaType;
import org.springframework.http.converter.HttpMessageConverter;
@@ -24,6 +27,7 @@
public boolean supports(@NotNull MethodParameter returnType, @NotNull Class<? extends HttpMessageConverter<?>> converterType) {
return true;
}
+
@Override
public Object beforeBodyWrite(Object body, @NotNull MethodParameter returnType, @NotNull MediaType selectedContentType, @NotNull Class<? extends HttpMessageConverter<?>> selectedConverterType, @NotNull ServerHttpRequest request, @NotNull ServerHttpResponse response) {
@@ -50,4 +54,13 @@
return WVPResult.success(body);
}
+
+ /**
+ * 闃叉杩斿洖string鏃跺嚭閿�
+ * @return
+ */
+ @Bean
+ public HttpMessageConverters fast() {
+ return new HttpMessageConverters(new FastJsonHttpMessageConverter());
+ }
}
--
Gitblit v1.8.0