feat: add rag backend and review access fixes
This commit is contained in:
@@ -61,6 +61,8 @@ class JwtService:
|
||||
jti = str(uuid.uuid4())
|
||||
|
||||
# Access Token
|
||||
# Token 只保留鉴权链路真正需要的最小字段,避免省局/管理员权限过多时
|
||||
# 把 permissions / roles 全塞进 JWT,最终导致前端 Cookie Session 超过 4KB。
|
||||
accessPayload = {
|
||||
"jti": jti,
|
||||
"user_id": userId,
|
||||
@@ -68,8 +70,6 @@ class JwtService:
|
||||
"nick_name": nickName,
|
||||
"ou_id": ouId,
|
||||
"ou_name": ouName,
|
||||
"roles": roles or [],
|
||||
"permissions": permissions or [],
|
||||
"area": area,
|
||||
"user_role": userRole,
|
||||
"iat": now,
|
||||
|
||||
Reference in New Issue
Block a user