移除需要缓存的当前登录用户信息中的密码

1 year ago · fcfc3df74d
parent 4a395fe6e6
commit fcfc3df74d
1 changed files with 4 additions and 1 deletions
--- a/shandan-system/src/main/java/com/keyware/shandan/frame/aspect/SafetyAspect.java
+++ b/shandan-system/src/main/java/com/keyware/shandan/frame/aspect/SafetyAspect.java
@ -7,6 +7,7 @@ import com.keyware.shandan.common.util.*;
 import com.keyware.shandan.frame.config.security.SecurityUtil;
 import com.keyware.shandan.frame.properties.CustomProperties;
 import com.keyware.shandan.system.entity.SysRole;
+import com.keyware.shandan.system.entity.SysUser;
 import com.keyware.shandan.system.service.SysRoleService;
 import com.keyware.shandan.system.utils.SysSettingUtil;
 import lombok.extern.slf4j.Slf4j;
@ -97,7 +98,9 @@ public class SafetyAspect {
                    ModelAndView modelAndView = (ModelAndView) result;
                    modelAndView.addObject("publicKey", RsaUtil.getPublicKey());
                    modelAndView.addObject("sys", SysSettingUtil.getCurrentSysSetting());
-                    modelAndView.addObject("loginUser", SecurityUtil.getLoginSysUser());
+                    SysUser loginUser =  SecurityUtil.getLoginSysUser();
+                    loginUser.setPassword(null);
+                    modelAndView.addObject("loginUser", loginUser);
                    //登录用户角色信息
                    List<SysRole> userRoles = sysRoleService.getUserRoles(SecurityUtil.getLoginSysUser().getUserId());
                    //当用户具有多个角色，只保留权限最大的角色