移除 Security 无用的 secret 配置项

2025-07-14 02:55:07 +08:00 · 2022-03-10 00:39:43 +08:00
parent 3c3919545a
commit 9a9dbf0e97
4 changed files with 1 additions and 10 deletions
--- a/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/SecurityProperties.java
+++ b/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/SecurityProperties.java
@ -4,7 +4,6 @@ import lombok.Data;
 import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.validation.annotation.Validated;

-import javax.validation.Valid;
 import javax.validation.constraints.NotEmpty;
 import javax.validation.constraints.NotNull;
 import java.time.Duration;
@ -24,11 +23,6 @@ public class SecurityProperties {
     */
    @NotNull(message = "Token 过期时间不能为空")
    private Duration tokenTimeout;
-    /**
-     * Token 秘钥
-     */
-    @NotEmpty(message = "Token 秘钥不能为空")
-    private String tokenSecret;
    /**
     * Session 过期时间
     *
--- a/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/core/filter/JWTAuthenticationTokenFilter.java
+++ b/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/core/filter/JWTAuthenticationTokenFilter.java
@ -66,7 +66,7 @@ public class JWTAuthenticationTokenFilter extends OncePerRequestFilter {
     * 注意，在线上环境下，一定要关闭该功能！！！
     *
     * @param request 请求
-     * @param token 模拟的 token，格式为 {@link SecurityProperties#getTokenSecret()} + 用户编号
+     * @param token 模拟的 token，格式为 {@link SecurityProperties#getMockSecret()} + 用户编号
     * @return 模拟的 LoginUser
     */
    private LoginUser mockLoginUser(HttpServletRequest request, String token) {