diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/ShiroConfig.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/ShiroConfig.java index 7872cb2af21c54f97e59a211895a10a9b9fe389c..7c8460b2a4b8ffaecfd784204cc04c84800f2240 100644 --- a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/ShiroConfig.java +++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/ShiroConfig.java @@ -358,10 +358,15 @@ public class ShiroConfig return cookie; } - /** - * 记住我 - */ - public CustomCookieRememberMeManager rememberMeManager() + /** + * 记住我功能管理器Bean配置 + * + * 配置自定义的CookieRememberMeManager用于处理用户的"记住我"功能, + * 使用自定义实现以优化rememberMe cookie的大小,减少HTTP请求头体积 + * + * @return CustomCookieRememberMeManager 记住我管理器实例,配置了加密密钥和Cookie属性 + */ + public CustomCookieRememberMeManager rememberMeManager() { CustomCookieRememberMeManager cookieRememberMeManager = new CustomCookieRememberMeManager(); cookieRememberMeManager.setCookie(rememberMeCookie()); diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/shiro/rememberMe/CustomCookieRememberMeManager.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/shiro/rememberMe/CustomCookieRememberMeManager.java index 8123092752499ffc8835de97fd25b7084417389c..3cd995e0b445bbdedca9fb25ae7dccb8f932bb61 100644 --- a/ruoyi-framework/src/main/java/com/ruoyi/framework/shiro/rememberMe/CustomCookieRememberMeManager.java +++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/shiro/rememberMe/CustomCookieRememberMeManager.java @@ -21,7 +21,13 @@ import com.ruoyi.framework.shiro.service.SysLoginService; public class CustomCookieRememberMeManager extends CookieRememberMeManager { /** - * 记住我时去掉角色的permissions权限字符串,防止http请求头过大。 + * 记住我功能核心方法,重写父类方法以优化rememberMe cookie的大小 + * + * 在保存记住我信息时,暂时移除角色对象的permissions权限集合, + * 序列化主体信息后再恢复,以减少HTTP请求头的体积 + * + * @param subject Subject对象,包含当前用户的主体信息 + * @param principalCollection 用户身份信息集合,包含角色和权限数据 */ @Override protected void rememberIdentity(Subject subject, PrincipalCollection principalCollection) @@ -57,7 +63,13 @@ public class CustomCookieRememberMeManager extends CookieRememberMeManager } /** - * 取记住我身份时恢复角色permissions权限字符串。 + * 获取记住的用户身份信息,并恢复角色的权限集合 + * + * 当用户通过rememberMe cookie登录时,调用父类方法获取存储的身份信息, + * 然后通过SysLoginService重新加载并设置角色对应的权限信息 + * + * @param subjectContext SubjectContext上下文对象,包含请求相关的上下文信息 + * @return PrincipalCollection 用户身份信息集合,如果无记住的用户则返回null或空集合 */ @Override public PrincipalCollection getRememberedPrincipals(SubjectContext subjectContext)