From e8b2ca46862565b7b6d2f05c3f45f7873afe044e Mon Sep 17 00:00:00 2001
From: xubinbin <1323875150@qq.com>
Date: 星期四, 31 八月 2023 16:39:18 +0800
Subject: [PATCH] 将生成jwt令牌和验证jwt令牌时使用的公钥私钥由固定值修改为每次启动服务时动态生产；剔除jwt token中包含的password和roleId，防止密码泄露。

---
 src/main/java/com/genersoft/iot/vmp/vmanager/user/UserController.java |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/src/main/java/com/genersoft/iot/vmp/vmanager/user/UserController.java b/src/main/java/com/genersoft/iot/vmp/vmanager/user/UserController.java
index 5ffb02c..b6f9183 100755
--- a/src/main/java/com/genersoft/iot/vmp/vmanager/user/UserController.java
+++ b/src/main/java/com/genersoft/iot/vmp/vmanager/user/UserController.java
@@ -57,7 +57,7 @@
         if (user == null) {
             throw new ControllerException(ErrorCode.ERROR100.getCode(), "鐢ㄦ埛鍚嶆垨瀵嗙爜閿欒");
         }else {
-            String jwt = JwtUtils.createToken(username, password, user.getRole().getId());
+            String jwt = JwtUtils.createToken(username);
             response.setHeader(JwtUtils.getHeader(), jwt);
             user.setAccessToken(jwt);
         }

--
Gitblit v1.8.0