去除 LoginUser 的 updateTime、username、password、status 字段，简化

2025-07-12 18:15:07 +08:00 · 2022-05-07 01:30:37 +08:00
parent 8737674d74
commit 73bf0b6f4f
10 changed files with 184 additions and 201 deletions
--- a/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/core/LoginUser.java
+++ b/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/core/LoginUser.java
@ -1,14 +1,12 @@
 package cn.iocoder.yudao.framework.security.core;

 import cn.hutool.core.map.MapUtil;
-import cn.iocoder.yudao.framework.common.enums.CommonStatusEnum;
 import cn.iocoder.yudao.framework.common.enums.UserTypeEnum;
 import com.fasterxml.jackson.annotation.JsonIgnore;
 import lombok.Data;
-import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.userdetails.UserDetails;

-import java.util.*;
+import java.util.HashMap;
+import java.util.Map;

 /**
 * 登录用户信息
@ -16,7 +14,7 @@ import java.util.*;
 * @author 芋道源码
 */
@Data
-public class LoginUser implements UserDetails {
+public class LoginUser {

    /**
     * 用户编号
@ -28,23 +26,6 @@ public class LoginUser implements UserDetails {
     * 关联 {@link UserTypeEnum}
     */
    private Integer userType;
-    /**
-     * 最后更新时间
-     */
-    private Date updateTime;
-
-    /**
-     * 用户名
-     */
-    private String username;
-    /**
-     * 密码
-     */
-    private String password;
-    /**
-     * 状态
-     */
-    private Integer status;
    /**
     * 租户编号
     */
@ -59,49 +40,6 @@ public class LoginUser implements UserDetails {
    @JsonIgnore
    private Map<String, Object> context;

-    @Override
-    @JsonIgnore// 避免序列化
-    public String getPassword() {
-        return password;
-    }
-
-    @Override
-    public String getUsername() {
-        return username;
-    }
-
-    @Override
-    @JsonIgnore// 避免序列化
-    public boolean isEnabled() {
-        return CommonStatusEnum.ENABLE.getStatus().equals(status);
-    }
-
-    @Override
-    @JsonIgnore// 避免序列化
-    public Collection<? extends GrantedAuthority> getAuthorities() {
-        return new HashSet<>();
-    }
-
-    @Override
-    @JsonIgnore// 避免序列化
-    public boolean isAccountNonExpired() {
-        return true; // 返回 true，不依赖 Spring Security 判断
-    }
-
-    @Override
-    @JsonIgnore// 避免序列化
-    public boolean isAccountNonLocked() {
-        return true; // 返回 true，不依赖 Spring Security 判断
-    }
-
-    @Override
-    @JsonIgnore// 避免序列化
-    public boolean isCredentialsNonExpired() {
-        return true;  // 返回 true，不依赖 Spring Security 判断
-    }
-
-    // ========== 上下文 ==========
-
    public void setContext(String key, Object value) {
        if (context == null) {
            context = new HashMap<>();
--- a/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/core/authentication/SpringSecurityUser.java
+++ b/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/core/authentication/SpringSecurityUser.java
@ -0,0 +1,78 @@
+package cn.iocoder.yudao.framework.security.core.authentication;
+
+import cn.iocoder.yudao.framework.common.enums.CommonStatusEnum;
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+
+import java.util.Collection;
+import java.util.Collections;
+
+/**
+ * 登录用户信息
+ *
+ * @author 芋道源码
+ */
+@Data
+@AllArgsConstructor
+public class SpringSecurityUser implements UserDetails {
+
+    /**
+     * 用户编号
+     */
+    private Long id;
+
+    /**
+     * 用户名
+     */
+    private String username;
+    /**
+     * 密码
+     */
+    private String password;
+    /**
+     * 状态
+     */
+    private Integer status;
+    /**
+     * 租户编号
+     */
+    private Long tenantId;
+
+    @Override
+    public String getPassword() {
+        return password;
+    }
+
+    @Override
+    public String getUsername() {
+        return username;
+    }
+
+    @Override
+    public boolean isEnabled() {
+        return CommonStatusEnum.ENABLE.getStatus().equals(status);
+    }
+
+    @Override
+    public Collection<? extends GrantedAuthority> getAuthorities() {
+        return Collections.emptyList();
+    }
+
+    @Override
+    public boolean isAccountNonExpired() {
+        return true; // 返回 true，不依赖 Spring Security 判断
+    }
+
+    @Override
+    public boolean isAccountNonLocked() {
+        return true; // 返回 true，不依赖 Spring Security 判断
+    }
+
+    @Override
+    public boolean isCredentialsNonExpired() {
+        return true;  // 返回 true，不依赖 Spring Security 判断
+    }
+
+}
--- a/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/core/util/SecurityFrameworkUtils.java
+++ b/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/core/util/SecurityFrameworkUtils.java
@ -11,6 +11,7 @@ import org.springframework.security.web.authentication.WebAuthenticationDetailsS
 import org.springframework.util.StringUtils;

 import javax.servlet.http.HttpServletRequest;
+import java.util.Collections;

 /**
 * 安全服务工具类
@ -98,7 +99,7 @@ public class SecurityFrameworkUtils {
    private static Authentication buildAuthentication(LoginUser loginUser, HttpServletRequest request) {
        // 创建 UsernamePasswordAuthenticationToken 对象
        UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(
-                loginUser, null, loginUser.getAuthorities());
+                loginUser, null, Collections.emptyList());
        authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
        return authenticationToken;
    }