Pre Merge pull request !427 from mark/dev-master-threadlocal

优化用户序列化忽略密码字段
TransmittableThreadLocal.withInitial(ConcurrentHashMap::new) 比 new TransmittableThreadLocal<>() 更优雅
2025-12-05 07:10:09 +00:00 · 2025-12-05 15:09:48 +08:00 · 2025-07-24 10:47:09 +08:00
3 changed files with 6 additions and 3 deletions
--- a/ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/domain/SysUser.java
+++ b/ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/domain/SysUser.java
@ -5,11 +5,12 @@ import java.util.List;
 import javax.validation.constraints.*;
 import org.apache.commons.lang3.builder.ToStringBuilder;
 import org.apache.commons.lang3.builder.ToStringStyle;
+import com.fasterxml.jackson.annotation.JsonProperty;
 import com.ruoyi.common.core.annotation.Excel;
 import com.ruoyi.common.core.annotation.Excel.ColumnType;
 import com.ruoyi.common.core.annotation.Excel.Type;
-import com.ruoyi.common.core.constant.UserConstants;
 import com.ruoyi.common.core.annotation.Excels;
+import com.ruoyi.common.core.constant.UserConstants;
 import com.ruoyi.common.core.web.domain.BaseEntity;
 import com.ruoyi.common.core.xss.Xss;

@ -201,6 +202,7 @@ public class SysUser extends BaseEntity
        this.avatar = avatar;
    }

+    @JsonProperty(access = JsonProperty.Access.WRITE_ONLY)
    public String getPassword()
    {
        return password;
--- a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/context/SecurityContextHolder.java
+++ b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/context/SecurityContextHolder.java
@ -15,7 +15,7 @@ import com.ruoyi.common.core.utils.StringUtils;
 */
 public class SecurityContextHolder
 {
-    private static final TransmittableThreadLocal<Map<String, Object>> THREAD_LOCAL = new TransmittableThreadLocal<>();
+    private static final TransmittableThreadLocal<Map<String, Object>> THREAD_LOCAL = TransmittableThreadLocal.withInitial(ConcurrentHashMap::new);

    public static void set(String key, Object value)
    {
--- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysProfileController.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysProfileController.java
@ -101,7 +101,8 @@ public class SysProfileController extends BaseController
        String newPassword = params.get("newPassword");
        LoginUser loginUser = SecurityUtils.getLoginUser();
        Long userId = loginUser.getUserid();
-        String password = loginUser.getSysUser().getPassword();
+        SysUser user = userService.selectUserById(userId);
+        String password = user.getPassword();
        if (!SecurityUtils.matchesPassword(oldPassword, password))
        {
            return error("修改密码失败，旧密码错误");
Author	SHA1	Message	Date
mark	2d01b3b718	Pre Merge pull request !427 from mark/dev-master-threadlocal	2025-12-05 07:10:09 +00:00
RuoYi	d488b79c2d	优化用户序列化忽略密码字段	2025-12-05 15:09:48 +08:00
mark	c4578cca3e	TransmittableThreadLocal.withInitial(ConcurrentHashMap::new) 比 new TransmittableThreadLocal<>() 更优雅	2025-07-24 10:47:09 +08:00