From e8b2ca46862565b7b6d2f05c3f45f7873afe044e Mon Sep 17 00:00:00 2001
From: xubinbin <1323875150@qq.com>
Date: 星期四, 31 八月 2023 16:39:18 +0800
Subject: [PATCH] 将生成jwt令牌和验证jwt令牌时使用的公钥私钥由固定值修改为每次启动服务时动态生产；剔除jwt token中包含的password和roleId，防止密码泄露。

---
 src/main/java/com/genersoft/iot/vmp/conf/security/dto/LoginUser.java |   16 ++++++++++++++++
 1 files changed, 16 insertions(+), 0 deletions(-)

diff --git a/src/main/java/com/genersoft/iot/vmp/conf/security/dto/LoginUser.java b/src/main/java/com/genersoft/iot/vmp/conf/security/dto/LoginUser.java
index 4bb7017..61bd6fa 100644
--- a/src/main/java/com/genersoft/iot/vmp/conf/security/dto/LoginUser.java
+++ b/src/main/java/com/genersoft/iot/vmp/conf/security/dto/LoginUser.java
@@ -1,5 +1,6 @@
 package com.genersoft.iot.vmp.conf.security.dto;
 
+import com.genersoft.iot.vmp.storager.dao.dto.Role;
 import com.genersoft.iot.vmp.storager.dao.dto.User;
 import org.springframework.security.core.CredentialsContainer;
 import org.springframework.security.core.GrantedAuthority;
@@ -17,6 +18,8 @@
      * 鐢ㄦ埛
      */
     private User user;
+
+    private String accessToken;
 
 
     /**
@@ -92,4 +95,17 @@
     public int getId() {
         return user.getId();
     }
+
+    public Role getRole() {
+        return user.getRole();
+    }
+
+
+    public String getAccessToken() {
+        return accessToken;
+    }
+
+    public void setAccessToken(String accessToken) {
+        this.accessToken = accessToken;
+    }
 }

--
Gitblit v1.8.0