update JwtTokenUtil and JwtPermissionService

eladmin-system/src/main/java/me/zhengjie/modules/security/service/JwtPermissionService.java

@@ -34,11 +34,8 @@ public class JwtPermissionService {
         Set<Role> roles = roleRepository.findByUsers_Id(user.getId());
 
         Set<Permission> permissions = new HashSet<>();
-        for (Role role : roles) {
+
-            Set<Role> roleSet = new HashSet<>();
+        permissions.addAll(permissionRepository.findByRoles(roles));
-            roleSet.add(role);
-            permissions.addAll(permissionRepository.findByRoles_Id(role.getId()));
-        }
 
         return permissions.stream()
                 .map(permission -> new SimpleGrantedAuthority(permission.getName()))

eladmin-system/src/main/java/me/zhengjie/modules/security/utils/JwtTokenUtil.java

@@ -108,7 +108,7 @@ public class JwtTokenUtil implements Serializable {
         final Date created = getIssuedAtDateFromToken(token);
 //        final Date expiration = getExpirationDateFromToken(token);
 //        如果token存在，且token创建日期 > 最后修改密码的日期 则代表token有效
-        return (isTokenExpired(token)
+        return (!isTokenExpired(token)
                 && !isCreatedBeforeLastPasswordReset(created, user.getLastPasswordResetDate())
         );
     }

eladmin-system/src/main/java/me/zhengjie/modules/system/repository/PermissionRepository.java

@@ -30,4 +30,6 @@ public interface PermissionRepository extends JpaRepository<Permission, Long>, J
     List<Permission> findByPid(long pid);
 
     Set<Permission> findByRoles_Id(Long id);
+
+    Set<Permission> findByRoles(Set<Role> roles);
 }