From 5787aa15ad7cd066f2ee1ef0d8b89d31506774f2 Mon Sep 17 00:00:00 2001 From: zhengjie Date: Mon, 15 Apr 2019 10:06:16 +0800 Subject: [PATCH] update JwtTokenUtil and JwtPermissionService --- .../modules/security/service/JwtPermissionService.java | 7 ++----- .../me/zhengjie/modules/security/utils/JwtTokenUtil.java | 2 +- .../modules/system/repository/PermissionRepository.java | 2 ++ 3 files changed, 5 insertions(+), 6 deletions(-) diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/security/service/JwtPermissionService.java b/eladmin-system/src/main/java/me/zhengjie/modules/security/service/JwtPermissionService.java index e82bdea9..e1ee55ca 100644 --- a/eladmin-system/src/main/java/me/zhengjie/modules/security/service/JwtPermissionService.java +++ b/eladmin-system/src/main/java/me/zhengjie/modules/security/service/JwtPermissionService.java @@ -34,11 +34,8 @@ public class JwtPermissionService { Set roles = roleRepository.findByUsers_Id(user.getId()); Set permissions = new HashSet<>(); - for (Role role : roles) { - Set roleSet = new HashSet<>(); - roleSet.add(role); - permissions.addAll(permissionRepository.findByRoles_Id(role.getId())); - } + + permissions.addAll(permissionRepository.findByRoles(roles)); return permissions.stream() .map(permission -> new SimpleGrantedAuthority(permission.getName())) diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/security/utils/JwtTokenUtil.java b/eladmin-system/src/main/java/me/zhengjie/modules/security/utils/JwtTokenUtil.java index a3aefa5a..ee7517a7 100644 --- a/eladmin-system/src/main/java/me/zhengjie/modules/security/utils/JwtTokenUtil.java +++ b/eladmin-system/src/main/java/me/zhengjie/modules/security/utils/JwtTokenUtil.java @@ -108,7 +108,7 @@ public class JwtTokenUtil implements Serializable { final Date created = getIssuedAtDateFromToken(token); // final Date expiration = getExpirationDateFromToken(token); // 如果token存在,且token创建日期 > 最后修改密码的日期 则代表token有效 - return (isTokenExpired(token) + return (!isTokenExpired(token) && !isCreatedBeforeLastPasswordReset(created, user.getLastPasswordResetDate()) ); } diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/system/repository/PermissionRepository.java b/eladmin-system/src/main/java/me/zhengjie/modules/system/repository/PermissionRepository.java index c37941e2..0cad1f4b 100644 --- a/eladmin-system/src/main/java/me/zhengjie/modules/system/repository/PermissionRepository.java +++ b/eladmin-system/src/main/java/me/zhengjie/modules/system/repository/PermissionRepository.java @@ -30,4 +30,6 @@ public interface PermissionRepository extends JpaRepository, J List findByPid(long pid); Set findByRoles_Id(Long id); + + Set findByRoles(Set roles); }