ContiNew/continew-admin
1
1
Fork 0
mirror of https://github.com/continew-org/continew-admin.git synced 2025-09-13 13:01:39 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: 禁止密码过期用户访问业务接口

Browse Source
This commit is contained in:
Charles7c
2024-06-15 22:44:32 +08:00
parent 624f5e0114 3fbe688f17
commit 3bf3372899
8 changed files with 118 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
continew-admin-webapi/src/main/java/top/continew/admin/webapi/auth/AuthController.java
View File

@@ -128,7 +128,7 @@ public class AuthController {
UserInfoResp userInfoResp = BeanUtil.copyProperties(userDetailResp, UserInfoResp.class);
userInfoResp.setPermissions(loginUser.getPermissions());
userInfoResp.setRoles(loginUser.getRoleCodes());
userInfoResp.setPwdExpired(userService.isPasswordExpired(userDetailResp.getPwdResetTime()));
userInfoResp.setPwdExpired(loginUser.isPasswordExpired());
return R.ok(userInfoResp);
}

10
continew-admin-webapi/src/main/resources/config/application.yml
View File

@@ -190,6 +190,16 @@ cosid:
machine-bit: 3
sequence-bit: 9
--- ### 认证配置
auth:
## 密码配置
password:
excludes:
- /auth/route
- /auth/user/info
- /auth/logout
- /system/user/password
--- ### 服务器配置
server:
servlet: