From e8b2ca46862565b7b6d2f05c3f45f7873afe044e Mon Sep 17 00:00:00 2001
From: xubinbin <1323875150@qq.com>
Date: 星期四, 31 八月 2023 16:39:18 +0800
Subject: [PATCH] 将生成jwt令牌和验证jwt令牌时使用的公钥私钥由固定值修改为每次启动服务时动态生产；剔除jwt token中包含的password和roleId，防止密码泄露。

---
 src/main/java/com/genersoft/iot/vmp/conf/security/dto/JwtUser.java |   10 ++++++++++
 1 files changed, 10 insertions(+), 0 deletions(-)

diff --git a/src/main/java/com/genersoft/iot/vmp/conf/security/dto/JwtUser.java b/src/main/java/com/genersoft/iot/vmp/conf/security/dto/JwtUser.java
index 1639d1f..8921a30 100644
--- a/src/main/java/com/genersoft/iot/vmp/conf/security/dto/JwtUser.java
+++ b/src/main/java/com/genersoft/iot/vmp/conf/security/dto/JwtUser.java
@@ -25,6 +25,8 @@
 
     private String password;
 
+    private int roleId;
+
     private TokenStatus status;
 
     public String getUserName() {
@@ -50,4 +52,12 @@
     public void setPassword(String password) {
         this.password = password;
     }
+
+    public int getRoleId() {
+        return roleId;
+    }
+
+    public void setRoleId(int roleId) {
+        this.roleId = roleId;
+    }
 }

--
Gitblit v1.8.0