search

Smith-Cruise / Spring-Boot-Shiro

Shiro基于SpringBoot +JWT搭建简单的restful服务
1.64k stars 504 forks source link

既然不需要秘钥就能获得username,那加密还有什么意义? #34

Closed bzsome closed 6 years ago

bzsome commented 6 years ago

懂了,虽然能直接获得username。但是JWTUtil.verify会传入秘钥验证,没有秘钥是验证不成功的。