From ce3298b9b01d83aea11bd144ccdc2e890a75cd97 Mon Sep 17 00:00:00 2001
From: RuoYi <yzz_ivy@163.com>
Date: 星期三, 26 六月 2024 19:52:25 +0800
Subject: [PATCH] 升级spring-security到安全版本,防止漏洞风险
---
src/main/java/com/ruoyi/framework/security/LoginUser.java | 72 +++++++++++++++++++++++++++--------
1 files changed, 55 insertions(+), 17 deletions(-)
diff --git a/src/main/java/com/ruoyi/framework/security/LoginUser.java b/src/main/java/com/ruoyi/framework/security/LoginUser.java
index 6b2ff09..93afdff 100644
--- a/src/main/java/com/ruoyi/framework/security/LoginUser.java
+++ b/src/main/java/com/ruoyi/framework/security/LoginUser.java
@@ -4,7 +4,7 @@
import java.util.Set;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
-import com.fasterxml.jackson.annotation.JsonIgnore;
+import com.alibaba.fastjson2.annotation.JSONField;
import com.ruoyi.project.system.domain.SysUser;
/**
@@ -17,12 +17,22 @@
private static final long serialVersionUID = 1L;
/**
+ * 鐢ㄦ埛ID
+ */
+ private Long userId;
+
+ /**
+ * 閮ㄩ棬ID
+ */
+ private Long deptId;
+
+ /**
* 鐢ㄦ埛鍞竴鏍囪瘑
*/
private String token;
/**
- * 鐧婚檰鏃堕棿
+ * 鐧诲綍鏃堕棿
*/
private Long loginTime;
@@ -61,16 +71,6 @@
*/
private SysUser user;
- public String getToken()
- {
- return token;
- }
-
- public void setToken(String token)
- {
- this.token = token;
- }
-
public LoginUser()
{
}
@@ -81,7 +81,45 @@
this.permissions = permissions;
}
- @JsonIgnore
+ public LoginUser(Long userId, Long deptId, SysUser user, Set<String> permissions)
+ {
+ this.userId = userId;
+ this.deptId = deptId;
+ this.user = user;
+ this.permissions = permissions;
+ }
+
+ public Long getUserId()
+ {
+ return userId;
+ }
+
+ public void setUserId(Long userId)
+ {
+ this.userId = userId;
+ }
+
+ public Long getDeptId()
+ {
+ return deptId;
+ }
+
+ public void setDeptId(Long deptId)
+ {
+ this.deptId = deptId;
+ }
+
+ public String getToken()
+ {
+ return token;
+ }
+
+ public void setToken(String token)
+ {
+ this.token = token;
+ }
+
+ @JSONField(serialize = false)
@Override
public String getPassword()
{
@@ -97,7 +135,7 @@
/**
* 璐︽埛鏄惁鏈繃鏈�,杩囨湡鏃犳硶楠岃瘉
*/
- @JsonIgnore
+ @JSONField(serialize = false)
@Override
public boolean isAccountNonExpired()
{
@@ -109,7 +147,7 @@
*
* @return
*/
- @JsonIgnore
+ @JSONField(serialize = false)
@Override
public boolean isAccountNonLocked()
{
@@ -121,7 +159,7 @@
*
* @return
*/
- @JsonIgnore
+ @JSONField(serialize = false)
@Override
public boolean isCredentialsNonExpired()
{
@@ -133,7 +171,7 @@
*
* @return
*/
- @JsonIgnore
+ @JSONField(serialize = false)
@Override
public boolean isEnabled()
{
--
Gitblit v1.9.3