From 4bf6a74a09d587278ff1b7bd2efe7b95c9bf37eb Mon Sep 17 00:00:00 2001
From: RuoYi <yzz_ivy@163.com>
Date: Mon, 9 Sep 2024 10:56:36 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E8=AE=B0=E4=BD=8F=E6=88=91?=
 =?UTF-8?q?=E8=AF=B7=E6=B1=82=E5=A4=B4=E8=BF=87=E5=A4=A7=E7=9A=84=E9=97=AE?=
 =?UTF-8?q?=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../ruoyi/framework/config/ShiroConfig.java   |  6 +-
 .../CustomCookieRememberMeManager.java        | 79 +++++++++++++++++++
 src/main/resources/application.yml            |  2 -
 3 files changed, 82 insertions(+), 5 deletions(-)
 create mode 100644 src/main/java/com/ruoyi/framework/shiro/rememberMe/CustomCookieRememberMeManager.java

diff --git a/src/main/java/com/ruoyi/framework/config/ShiroConfig.java b/src/main/java/com/ruoyi/framework/config/ShiroConfig.java
index 2f487fa8..80902703 100644
--- a/src/main/java/com/ruoyi/framework/config/ShiroConfig.java
+++ b/src/main/java/com/ruoyi/framework/config/ShiroConfig.java
@@ -15,7 +15,6 @@ import org.apache.shiro.io.ResourceUtils;
 import org.apache.shiro.mgt.SecurityManager;
 import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
 import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
-import org.apache.shiro.web.mgt.CookieRememberMeManager;
 import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
 import org.apache.shiro.web.servlet.SimpleCookie;
 import org.springframework.beans.factory.annotation.Qualifier;
@@ -28,6 +27,7 @@ import com.ruoyi.common.utils.security.CipherUtils;
 import com.ruoyi.common.utils.spring.SpringUtils;
 import com.ruoyi.framework.config.properties.PermitAllUrlProperties;
 import com.ruoyi.framework.shiro.realm.UserRealm;
+import com.ruoyi.framework.shiro.rememberMe.CustomCookieRememberMeManager;
 import com.ruoyi.framework.shiro.session.OnlineSessionDAO;
 import com.ruoyi.framework.shiro.session.OnlineSessionFactory;
 import com.ruoyi.framework.shiro.web.CustomShiroFilterFactoryBean;
@@ -369,9 +369,9 @@ public class ShiroConfig
     /**
      * 记住我
      */
-    public CookieRememberMeManager rememberMeManager()
+    public CustomCookieRememberMeManager rememberMeManager()
     {
-        CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
+        CustomCookieRememberMeManager cookieRememberMeManager = new CustomCookieRememberMeManager();
         cookieRememberMeManager.setCookie(rememberMeCookie());
         if (StringUtils.isNotEmpty(cipherKey))
         {
diff --git a/src/main/java/com/ruoyi/framework/shiro/rememberMe/CustomCookieRememberMeManager.java b/src/main/java/com/ruoyi/framework/shiro/rememberMe/CustomCookieRememberMeManager.java
new file mode 100644
index 00000000..d7bc8b37
--- /dev/null
+++ b/src/main/java/com/ruoyi/framework/shiro/rememberMe/CustomCookieRememberMeManager.java
@@ -0,0 +1,79 @@
+package com.ruoyi.framework.shiro.rememberMe;
+
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import org.apache.shiro.subject.PrincipalCollection;
+import org.apache.shiro.subject.Subject;
+import org.apache.shiro.subject.SubjectContext;
+import org.apache.shiro.web.mgt.CookieRememberMeManager;
+import com.ruoyi.common.utils.spring.SpringUtils;
+import com.ruoyi.framework.shiro.service.LoginService;
+import com.ruoyi.project.system.role.domain.Role;
+import com.ruoyi.project.system.user.domain.User;
+
+/**
+ * 自定义CookieRememberMeManager
+ *
+ * @author ruoyi
+ */
+public class CustomCookieRememberMeManager extends CookieRememberMeManager
+{
+    /**
+     * 记住我时去掉角色的permissions权限字符串，防止http请求头过大。
+     */
+    @Override
+    protected void rememberIdentity(Subject subject, PrincipalCollection principalCollection)
+    {
+        Map<Role, Set<String>> rolePermissions = new HashMap<>();
+        // 清除角色的permissions权限字符串
+        for (Object principal : principalCollection)
+        {
+            if (principal instanceof User)
+            {
+                List<Role> roles = ((User) principal).getRoles();
+                for (Role role : roles)
+                {
+                    rolePermissions.put(role, role.getPermissions());
+                    role.setPermissions(null);
+                }
+            }
+        }
+        byte[] bytes = convertPrincipalsToBytes(principalCollection);
+        // 恢复角色的permissions权限字符串
+        for (Object principal : principalCollection)
+        {
+            if (principal instanceof User)
+            {
+                List<Role> roles = ((User) principal).getRoles();
+                for (Role role : roles)
+                {
+                    role.setPermissions(rolePermissions.get(role));
+                }
+            }
+        }
+        rememberSerializedIdentity(subject, bytes);
+    }
+
+    /**
+     * 取记住我身份时恢复角色permissions权限字符串。
+     */
+    @Override
+    public PrincipalCollection getRememberedPrincipals(SubjectContext subjectContext)
+    {
+        PrincipalCollection principals = super.getRememberedPrincipals(subjectContext);
+        if (principals == null || principals.isEmpty())
+        {
+            return principals;
+        }
+        for (Object principal : principals)
+        {
+            if (principal instanceof User)
+            {
+                SpringUtils.getBean(LoginService.class).setRolePermission((User) principal);
+            }
+        }
+        return principals;
+    }
+}
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
index 1cfdcee3..c6b3db33 100644
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@@ -20,8 +20,6 @@ server:
   servlet:
     # 应用的访问路径
     context-path: /
-  # http请求头大小
-  max-http-header-size: 65536
   tomcat:
     # tomcat的URI编码
     uri-encoding: UTF-8