[代码优化](v2.6)：优化权限过多导致Token过长的问题，现修改角色权限立即生效，无需退出重新登录

close https://github.com/elunez/eladmin/issues/476

[代码优化](v2.6)：优化权限过多导致Token过长的问题，现修改角色权限立即生效，无需退出重新登录
close https://github.com/elunez/eladmin/issues/476
2807dc08 · ZhengJie · 10a35314 · 2807dc08
Commit 2807dc08 authored Nov 17, 2020 by ZhengJie
--- a/eladmin-system/src/main/java/me/zhengjie/modules/security/security/TokenProvider.java
+++ b/eladmin-system/src/main/java/me/zhengjie/modules/security/security/TokenProvider.java
@@ -18,7 +18,6 @@ package me.zhengjie.modules.security.security;
 import cn.hutool.core.date.DateField;
 import cn.hutool.core.date.DateUtil;
 import cn.hutool.core.util.IdUtil;
-import cn.hutool.core.util.ObjectUtil;
 import io.jsonwebtoken.*;
 import io.jsonwebtoken.io.Decoders;
 import io.jsonwebtoken.security.Keys;
@@ -28,19 +27,12 @@ import me.zhengjie.utils.RedisUtils;
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
-import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.userdetails.User;
 import org.springframework.stereotype.Component;
-
 import javax.servlet.http.HttpServletRequest;
 import java.security.Key;
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.Date;
+import java.util.*;
 import java.util.concurrent.TimeUnit;
-import java.util.stream.Collectors;

 /**
 * @author /
@@ -79,17 +71,9 @@ public class TokenProvider implements InitializingBean {
     * @return /
     */
    public String createToken(Authentication authentication) {
-        /*
-         * 获取权限列表
-         */
-        String authorities = authentication.getAuthorities().stream()
-                .map(GrantedAuthority::getAuthority)
-                .collect(Collectors.joining(","));
-
        return jwtBuilder
                // 加入ID确保生成的 Token 都不一致
                .setId(IdUtil.simpleUUID())
-                .claim(AUTHORITIES_KEY, authorities)
                .setSubject(authentication.getName())
                .compact();
    }
@@ -102,16 +86,8 @@ public class TokenProvider implements InitializingBean {
     */
    Authentication getAuthentication(String token) {
        Claims claims = getClaims(token);
-
-        // fix bug: 当前用户如果没有任何权限时，在输入用户名后，刷新验证码会抛IllegalArgumentException
-        Object authoritiesStr = claims.get(AUTHORITIES_KEY);
-        Collection<? extends GrantedAuthority> authorities =
-                ObjectUtil.isNotEmpty(authoritiesStr) ?
-                        Arrays.stream(authoritiesStr.toString().split(","))
-                                .map(SimpleGrantedAuthority::new)
-                                .collect(Collectors.toList()) : Collections.emptyList();
-        User principal = new User(claims.getSubject(), "******", authorities);
-        return new UsernamePasswordAuthenticationToken(principal, token, authorities);
+        User principal = new User(claims.getSubject(), "******", new ArrayList<>());
+        return new UsernamePasswordAuthenticationToken(principal, token, new ArrayList<>());
    }

    public Claims getClaims(String token) {