优化token密钥生成逻辑

2024-07-23 11:39:15 +08:00 · 2024-07-23 11:39:15 +08:00 · d0752ebe9c
commit d0752ebe9c
parent 87a01e1292
1 changed files with 6 additions and 2 deletions
--- a/src/main/java/dev/surl/surl/cfg/BaseConfig.kt
+++ b/src/main/java/dev/surl/surl/cfg/BaseConfig.kt
@ -40,8 +40,12 @@ class BaseConfig(
    /**
     * JWT密钥
     */
-    secret: String = numberToKey(Date().time).repeat(5),
+    secret: String,
 ) {
-    val secretKey: SecretKey = Keys.hmacShaKeyFor(secret.toByteArray())
+    val secretKey: SecretKey = Keys.hmacShaKeyFor(if (secret.isBlank()) {
+        numberToKey(Date().time).repeat(10).toByteArray().apply { shuffle() }
+    } else {
+        secret.toByteArray()
+    })
    val whiteList: List<Regex> = whiteList.map { it.toRegex() }
 }