public/dataease
1
0
Fork 0
mirror of https://github.com/dataease/dataease.git synced 2026-05-21 12:45:37 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: JWT Token 漏洞

Browse Source
This commit is contained in:
fit2cloud-chenyw
2025-12-25 16:58:13 +08:00
committed by fit2cloud-chenyw
parent ec04214ebd
commit cac165ee84
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
sdk/common/src/main/java/io/dataease/auth/filter/CommunityTokenFilter.java
View File

@@ -43,7 +43,7 @@ public class CommunityTokenFilter implements Filter {
Object apisixCacheManage = CommonBeanFactory.getBean("apisixCacheManage");
Method method = DeReflectUtil.findMethod(apisixCacheManage.getClass(), "userCacheBO");
Object o = ReflectionUtils.invokeMethod(method, apisixCacheManage, userId);
Method pwdMethod = DeReflectUtil.findMethod(o.getClass(), "getPwd");
Method pwdMethod = DeReflectUtil.findMethod(o.getClass(), "getSecret");
Object pwdObj = ReflectionUtils.invokeMethod(pwdMethod, o);
secret = pwdObj.toString();
}