!5 同步RuoYi更新

Merge pull request !5 from Bo/master
2021-06-23 01:36:15 +00:00 · 2021-06-23 01:36:15 +00:00 · f59af90793
parent e4b254e6de e431e6d486
commit f59af90793
3 changed files with 18 additions and 2 deletions
--- a/pom.xml
+++ b/pom.xml
@ -24,7 +24,7 @@
        <kaptcha.version>2.3.2</kaptcha.version>
        <swagger.version>3.0.0</swagger.version>
        <mybatis-spring-boot.version>2.1.4</mybatis-spring-boot.version>
-        <pagehelper.boot.version>1.3.0</pagehelper.boot.version>
+        <pagehelper.boot.version>1.3.1</pagehelper.boot.version>
        <fastjson.version>1.2.76</fastjson.version>
        <oshi.version>5.7.4</oshi.version>
        <jna.version>5.8.0</jna.version>
--- a/ruoyi-admin/src/main/resources/application.yml
+++ b/ruoyi-admin/src/main/resources/application.yml
@ -108,6 +108,8 @@ shiro:
    httpOnly: true
    # 设置Cookie的过期时间，天为单位
    maxAge: 30
+    # 设置密钥，务必保持唯一性（生成方式，直接拷贝到main运行即可）Base64.encodeToString(CipherUtils.generateNewKey(128, "AES").getEncoded()) （默认启动生成随机秘钥，随机秘钥会导致之前客户端RememberMe Cookie无效，如设置固定秘钥RememberMe Cookie则有效）
+    cipherKey: 
  session:
    # Session超时时间，-1代表永不过期（默认30分钟）
    expireTime: 30
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/ShiroConfig.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/ShiroConfig.java
@ -8,6 +8,7 @@ import java.util.Map;
 import javax.servlet.Filter;
 import org.apache.commons.io.IOUtils;
 import org.apache.shiro.cache.ehcache.EhCacheManager;
+import org.apache.shiro.codec.Base64;
 import org.apache.shiro.config.ConfigurationException;
 import org.apache.shiro.io.ResourceUtils;
 import org.apache.shiro.mgt.SecurityManager;
@ -104,6 +105,12 @@ public class ShiroConfig
    @Value("${shiro.cookie.maxAge}")
    private int maxAge;

+    /**
+     * 设置cipherKey密钥
+     */
+    @Value("${shiro.cookie.cipherKey}")
+    private String cipherKey;
+
    /**
     * 登录地址
     */
@ -353,7 +360,14 @@ public class ShiroConfig
    {
        CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
        cookieRememberMeManager.setCookie(rememberMeCookie());
+        if (StringUtils.isNotEmpty(cipherKey))
+        {
+            cookieRememberMeManager.setCipherKey(Base64.decode(cipherKey));
+        }
+        else
+        {
            cookieRememberMeManager.setCipherKey(CipherUtils.generateNewKey(128, "AES").getEncoded());
+        }
        return cookieRememberMeManager;
    }