新增课程id

cooleshow-auth/auth-api/src/main/java/com/yonge/cooleshow/auth/api/client/SysUserFeignService.java

@@ -1,20 +1,20 @@
 package com.yonge.cooleshow.auth.api.client;
 
-import java.util.List;
-
+import com.yonge.cooleshow.auth.api.client.fallback.SysUserFeignServiceFallback;
 import com.yonge.cooleshow.auth.api.dto.RealnameAuthReq;
+import com.yonge.cooleshow.auth.api.dto.SysUserQueryInfo;
+import com.yonge.cooleshow.auth.api.entity.SysUser;
+import com.yonge.cooleshow.common.config.FeignConfiguration;
+import com.yonge.cooleshow.common.entity.HttpResponseResult;
+import com.yonge.cooleshow.common.page.PageInfo;
 import com.yonge.toolset.utils.idcard.IdcardInfoExtractor;
 import io.swagger.annotations.ApiOperation;
 import org.springframework.cloud.openfeign.FeignClient;
 import org.springframework.http.MediaType;
 import org.springframework.web.bind.annotation.*;
 
-import com.yonge.cooleshow.auth.api.client.fallback.SysUserFeignServiceFallback;
-import com.yonge.cooleshow.auth.api.entity.SysUser;
-import com.yonge.cooleshow.common.config.FeignConfiguration;
-import com.yonge.cooleshow.common.entity.HttpResponseResult;
-
-import javax.validation.Valid;
+import javax.servlet.http.HttpServletRequest;
+import java.util.List;
 
 @FeignClient(contextId = "sysUserFeignService", name = "auth-server", configuration = { FeignConfiguration.class }, fallback = SysUserFeignServiceFallback.class)
 public interface SysUserFeignService {
@@ -48,4 +48,15 @@ public interface SysUserFeignService {
 
 	@PostMapping(value = "user/bindOpenId")
 	HttpResponseResult<Boolean> bindOpenId(@RequestBody SysUser user);
+
+	@PostMapping(value = "/refreshToken")
+	@ApiOperation(value = "刷新token")
+	HttpResponseResult refreshToken(@RequestParam("refreshToken")String refreshToken,
+										   @RequestParam("clientId")String clientId,
+										   @RequestParam("clientSecret")String clientSecret);
+
+	@GetMapping(value = "/remote/exit")
+	@ApiOperation(value = "退出登录")
+	public HttpResponseResult<String> remoteExit();
+
 }

cooleshow-auth/auth-api/src/main/java/com/yonge/cooleshow/auth/api/client/fallback/SysUserFeignServiceFallback.java

@@ -3,6 +3,8 @@ package com.yonge.cooleshow.auth.api.client.fallback;
 import java.util.List;
 
 import com.yonge.cooleshow.auth.api.dto.RealnameAuthReq;
+import com.yonge.cooleshow.auth.api.dto.SysUserQueryInfo;
+import com.yonge.cooleshow.common.page.PageInfo;
 import com.yonge.toolset.utils.idcard.IdcardInfoExtractor;
 import org.springframework.stereotype.Component;
 
@@ -10,6 +12,8 @@ import com.yonge.cooleshow.auth.api.client.SysUserFeignService;
 import com.yonge.cooleshow.auth.api.entity.SysUser;
 import com.yonge.cooleshow.common.entity.HttpResponseResult;
 
+import javax.servlet.http.HttpServletRequest;
+
 @Component
 public class SysUserFeignServiceFallback implements SysUserFeignService {
 
@@ -61,4 +65,15 @@ public class SysUserFeignServiceFallback implements SysUserFeignService {
 	public HttpResponseResult<Boolean> bindOpenId(SysUser user) {
 		return HttpResponseResult.failed("请求失败");
 	}
+
+	@Override
+	public HttpResponseResult refreshToken(String refreshToken, String clientId, String clientSecret) {
+		return HttpResponseResult.failed("请求失败");
+	}
+
+	@Override
+	public HttpResponseResult<String> remoteExit() {
+		return HttpResponseResult.failed("请求失败");
+	}
+
 }

cooleshow-auth/auth-server/src/main/java/com/yonge/cooleshow/auth/web/controller/queryInfo/SysUserQueryInfo.java → cooleshow-auth/auth-api/src/main/java/com/yonge/cooleshow/auth/api/dto/SysUserQueryInfo.java

@@ -1,4 +1,4 @@
-package com.yonge.cooleshow.auth.web.controller.queryInfo;
+package com.yonge.cooleshow.auth.api.dto;
 
 import com.yonge.cooleshow.common.page.QueryInfo;
 

cooleshow-auth/auth-server/src/main/java/com/yonge/cooleshow/auth/web/controller/TokenController.java

@@ -143,6 +143,23 @@ public class TokenController extends BaseController {
 		return succeed("退出成功");
 	}
 
+	@GetMapping(value = "/remote/exit")
+	@ApiOperation(value = "退出登录")
+	public HttpResponseResult<String> remoteExit(HttpServletRequest request) {
+
+		String authHeader = request.getHeader(HttpHeaders.AUTHORIZATION);
+		if (StringUtils.isBlank(authHeader)) {
+			return failed("退出失败，token 为空");
+		}
+
+		String tokenValue = authHeader.toLowerCase().replace(OAuth2AccessToken.BEARER_TYPE.toLowerCase(), StringUtils.EMPTY).trim();
+
+		tokenService.revokeToken(tokenValue);
+
+		return succeed("退出成功");
+	}
+
+
 	@PostMapping(value = "exit/{clientId}/{phone}", consumes = MediaType.APPLICATION_FORM_URLENCODED_VALUE)
 	@ApiOperation(value = "指定用户退出登录")
 	public HttpResponseResult<String> exitByPhone(@PathVariable("clientId") String clientId, @PathVariable("phone") String phone) {

cooleshow-auth/auth-server/src/main/java/com/yonge/cooleshow/auth/web/controller/UserController.java

@@ -3,12 +3,12 @@ package com.yonge.cooleshow.auth.web.controller;
 import com.yonge.cooleshow.auth.api.dto.RealnameAuthReq;
 import com.yonge.cooleshow.auth.api.dto.UpdatePasswordDto;
 import com.yonge.cooleshow.auth.api.dto.UserSetReq;
-import com.yonge.cooleshow.auth.api.entity.SysConfig;
 import com.yonge.cooleshow.auth.api.entity.SysRole;
 import com.yonge.cooleshow.auth.api.vo.UserSetVo;
 import com.yonge.cooleshow.auth.service.SysConfigService;
 import com.yonge.cooleshow.common.constant.CommonConstants;
 import com.yonge.cooleshow.common.constant.SysConfigConstant;
+import com.yonge.cooleshow.common.page.PageInfo;
 import com.yonge.toolset.thirdparty.user.realname.RealnameAuthenticationPlugin;
 import com.yonge.toolset.utils.idcard.IdcardInfoExtractor;
 import com.yonge.toolset.utils.idcard.IdcardValidator;
@@ -22,7 +22,6 @@ import java.util.Date;
 import java.util.List;
 
 import org.apache.commons.lang3.StringUtils;
-import org.apache.ibatis.annotations.Param;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.http.HttpStatus;
@@ -35,7 +34,7 @@ import com.yonge.cooleshow.auth.api.entity.SysUser;
 import com.yonge.cooleshow.auth.service.SysRoleService;
 import com.yonge.cooleshow.auth.service.SysUserRoleService;
 import com.yonge.cooleshow.auth.service.SysUserService;
-import com.yonge.cooleshow.auth.web.controller.queryInfo.SysUserQueryInfo;
+import com.yonge.cooleshow.auth.api.dto.SysUserQueryInfo;
 import com.yonge.cooleshow.common.controller.BaseController;
 import com.yonge.cooleshow.common.entity.HttpResponseResult;
 import com.yonge.cooleshow.common.exception.BizException;
@@ -78,6 +77,16 @@ public class UserController extends BaseController {
         return succeed(sysUserService.queryPage(queryInfo));
     }
 
+    @ApiOperation(value = "分页查询用户信息")
+    @ApiImplicitParams({@ApiImplicitParam(name = "userType", value = "用户类型", required = false, dataType = "String"),
+                        @ApiImplicitParam(name = "createStartDate", value = "开始注册时间", required = true, dataType = "String"),
+                        @ApiImplicitParam(name = "createEndDate", value = "结束注册时间", required = true, dataType = "String")})
+    @PostMapping(value = "/page")
+    @ResponseBody
+    public HttpResponseResult<PageInfo<SysUser>> page(@RequestBody SysUserQueryInfo queryInfo) {
+        return succeed(sysUserService.queryPage(queryInfo));
+    }
+
     @ApiOperation(value = "查询用户信息接口")
     @GetMapping("/query")
     @PreAuthorize("@pcs.hasPermissions('user/query')")

cooleshow-mall/mall-admin/pom.xml

@@ -36,10 +36,10 @@
             <groupId>com.yonge.cooleshow</groupId>
             <artifactId>mall-common</artifactId>
         </dependency>
-        <dependency>
-            <groupId>com.yonge.cooleshow</groupId>
-            <artifactId>mall-security</artifactId>
-        </dependency>
+<!--        <dependency>-->
+<!--            <groupId>com.yonge.cooleshow</groupId>-->
+<!--            <artifactId>mall-security</artifactId>-->
+<!--        </dependency>-->
         <dependency>
             <groupId>com.yonge.cooleshow</groupId>
             <artifactId>auth-api</artifactId>

cooleshow-mall/mall-admin/src/main/java/com/yonge/cooleshow/admin/MallAdminApplication.java

@@ -15,7 +15,8 @@ import org.springframework.context.annotation.ComponentScan;
 @SpringBootApplication
 @EnableDiscoveryClient
 @MapperScan({"com.yonge.cooleshow.admin.dao","com.yonge.cooleshow.mbg.mapper"})
-@ComponentScan(basePackages = {"com.yonge.cooleshow.admin", "com.yonge.cooleshow.mbg", "com.yonge.cooleshow.mall.common" ,"com.yonge.cooleshow.mall.security"})
+@ComponentScan(basePackages = {"com.yonge.cooleshow.admin", "com.yonge.cooleshow.mbg", "com.yonge.cooleshow.mall.common",
+                               "com.yonge.cooleshow.common"})
 @EnableSwagger2Doc
 @EnableFeignClients("com.yonge.cooleshow")
 public class MallAdminApplication {

cooleshow-mall/mall-admin/src/main/java/com/yonge/cooleshow/admin/bo/AdminUserDetails.java

@@ -1,64 +0,0 @@
-package com.yonge.cooleshow.admin.bo;
-
-import com.yonge.cooleshow.mbg.model.UmsAdmin;
-import com.yonge.cooleshow.mbg.model.UmsResource;
-import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.authority.SimpleGrantedAuthority;
-import org.springframework.security.core.userdetails.UserDetails;
-
-import java.util.Collection;
-import java.util.List;
-import java.util.stream.Collectors;
-
-/**
- * SpringSecurity需要的用户详情
- * Created by macro on 2018/4/26.
- */
-public class AdminUserDetails implements UserDetails {
-    //后台用户
-    private UmsAdmin umsAdmin;
-    //拥有资源列表
-    private List<UmsResource> resourceList;
-    public AdminUserDetails(UmsAdmin umsAdmin, List<UmsResource> resourceList) {
-        this.umsAdmin = umsAdmin;
-        this.resourceList = resourceList;
-    }
-
-    @Override
-    public Collection<? extends GrantedAuthority> getAuthorities() {
-        //返回当前用户的角色
-        return resourceList.stream()
-                .map(role ->new SimpleGrantedAuthority(role.getId()+":"+role.getName()))
-                .collect(Collectors.toList());
-    }
-
-    @Override
-    public String getPassword() {
-        return umsAdmin.getPassword();
-    }
-
-    @Override
-    public String getUsername() {
-        return umsAdmin.getUsername();
-    }
-
-    @Override
-    public boolean isAccountNonExpired() {
-        return true;
-    }
-
-    @Override
-    public boolean isAccountNonLocked() {
-        return true;
-    }
-
-    @Override
-    public boolean isCredentialsNonExpired() {
-        return true;
-    }
-
-    @Override
-    public boolean isEnabled() {
-        return umsAdmin.getStatus().equals(1);
-    }
-}

cooleshow-mall/mall-admin/src/main/java/com/yonge/cooleshow/admin/config/MallSecurityConfig.java

@@ -1,54 +0,0 @@
-package com.yonge.cooleshow.admin.config;
-
-import com.yonge.cooleshow.mbg.model.UmsResource;
-import com.yonge.cooleshow.mall.security.component.DynamicSecurityService;
-import com.yonge.cooleshow.mall.security.config.SecurityConfig;
-import com.yonge.cooleshow.admin.service.UmsAdminService;
-import com.yonge.cooleshow.admin.service.UmsResourceService;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.security.access.ConfigAttribute;
-import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.core.userdetails.UserDetailsService;
-
-import java.util.List;
-import java.util.Map;
-import java.util.concurrent.ConcurrentHashMap;
-
-/**
- * mall-security模块相关配置
- * Created by macro on 2019/11/9.
- */
-@Configuration
-@EnableWebSecurity
-@EnableGlobalMethodSecurity(prePostEnabled = true)
-public class MallSecurityConfig extends SecurityConfig {
-
-    @Autowired
-    private UmsAdminService adminService;
-    @Autowired
-    private UmsResourceService resourceService;
-
-    @Bean
-    public UserDetailsService userDetailsService() {
-        //获取登录用户信息
-        return username -> adminService.loadUserByUsername(username);
-    }
-
-    @Bean
-    public DynamicSecurityService dynamicSecurityService() {
-        return new DynamicSecurityService() {
-            @Override
-            public Map<String, ConfigAttribute> loadDataSource() {
-                Map<String, ConfigAttribute> map = new ConcurrentHashMap<>();
-                List<UmsResource> resourceList = resourceService.listAll();
-                for (UmsResource resource : resourceList) {
-                    map.put(resource.getUrl(), new org.springframework.security.access.SecurityConfig(resource.getId() + ":" + resource.getName()));
-                }
-                return map;
-            }
-        };
-    }
-}

cooleshow-mall/mall-admin/src/main/java/com/yonge/cooleshow/admin/config/OssConfig.java

@@ -1,24 +0,0 @@
-package com.yonge.cooleshow.admin.config;
-
-import com.aliyun.oss.OSSClient;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-
-/**
- * OSS对象存储相关配置
- * Created by macro on 2018/5/17.
- */
-@Configuration
-public class OssConfig {
-    @Value("${aliyun.oss.endpoint}")
-    private String ALIYUN_OSS_ENDPOINT;
-    @Value("${aliyun.oss.accessKeyId}")
-    private String ALIYUN_OSS_ACCESSKEYID;
-    @Value("${aliyun.oss.accessKeySecret}")
-    private String ALIYUN_OSS_ACCESSKEYSECRET;
-    @Bean
-    public OSSClient ossClient(){
-        return new OSSClient(ALIYUN_OSS_ENDPOINT,ALIYUN_OSS_ACCESSKEYID,ALIYUN_OSS_ACCESSKEYSECRET);
-    }
-}

cooleshow-mall/mall-admin/src/main/java/com/yonge/cooleshow/admin/config/ResourceServerConfig.java

@@ -0,0 +1,41 @@
+package com.yonge.cooleshow.admin.config;
+
+import com.yonge.cooleshow.common.security.BaseAccessDeniedHandler;
+import com.yonge.cooleshow.common.security.BaseAuthenticationEntryPoint;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpMethod;
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
+import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
+import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
+
+@Configuration
+@EnableResourceServer
+@EnableGlobalMethodSecurity(prePostEnabled = true)
+public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
+
+    @Autowired
+    private BaseAccessDeniedHandler baseAccessDeniedHandler;
+
+    @Autowired
+    private BaseAuthenticationEntryPoint baseAuthenticationEntryPoint;
+
+    @Override
+    public void configure(HttpSecurity http) throws Exception {
+        http.cors().and().csrf().disable().exceptionHandling().accessDeniedHandler(baseAccessDeniedHandler).authenticationEntryPoint(baseAuthenticationEntryPoint).and()
+                .authorizeRequests()
+                .antMatchers(HttpMethod.OPTIONS)
+                .permitAll()
+            .and()
+                .authorizeRequests()
+                .antMatchers("/wechat/*","/v2/api-docs", "/code/*","/payment/callback","/admin/login")
+            .permitAll().anyRequest().authenticated().and().httpBasic();
+    }
+
+    @Override
+    public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
+        resources.authenticationEntryPoint(baseAuthenticationEntryPoint).accessDeniedHandler(baseAccessDeniedHandler);
+    }
+}

cooleshow-mall/mall-admin/src/main/java/com/yonge/cooleshow/admin/config/WebMvcConfig.java

@@ -2,11 +2,14 @@ package com.yonge.cooleshow.admin.config;
 
 import com.yonge.cooleshow.common.config.EnumConverterFactory;
 import com.yonge.cooleshow.common.config.LocalFastJsonHttpMessageConverter;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.autoconfigure.http.HttpMessageConverters;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.format.FormatterRegistry;
 import org.springframework.http.MediaType;
+import org.springframework.web.servlet.config.annotation.CorsRegistry;
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 
 import java.util.ArrayList;
@@ -16,7 +19,6 @@ import java.util.List;
 public class WebMvcConfig implements WebMvcConfigurer {
 
 
-
 	/**
 	 * 枚举类的转换器 addConverterFactory
 	 */
@@ -25,11 +27,25 @@ public class WebMvcConfig implements WebMvcConfigurer {
 		registry.addConverterFactory(new EnumConverterFactory());
 	}
 
+	@Override
+	public void addInterceptors(InterceptorRegistry registry) {
+		// addPathPatterns 用于添加拦截规则, 这里假设拦截 /url 后面的全部链接
+		List<String> includePathPatterns = new ArrayList<String>();
+		includePathPatterns.add("/**");
+
+		// excludePathPatterns 用户排除拦截
+		List<String> excludePathPatterns = new ArrayList<String>();
+		excludePathPatterns.add("/login");
+
+		// registry.addInterceptor(mdcInterceptor).addPathPatterns(includePathPatterns).excludePathPatterns(excludePathPatterns);
+
+//		registry.addInterceptor(operationLogInterceptor).addPathPatterns("/**").excludePathPatterns("/login");
+	}
 
 	@Bean
 	public HttpMessageConverters fastJsonHttpMessageConverters() {
 		LocalFastJsonHttpMessageConverter converter = new LocalFastJsonHttpMessageConverter();
-		List<MediaType> fastMediaTypes = new ArrayList<>();
+		List<MediaType> fastMediaTypes = new ArrayList<MediaType>();
 		fastMediaTypes.add(MediaType.APPLICATION_JSON_UTF8);
 		converter.setSupportedMediaTypes(fastMediaTypes);
 		return new HttpMessageConverters(converter);

cooleshow-mall/mall-admin/src/main/java/com/yonge/cooleshow/admin/controller/UmsAdminController.java

@@ -1,27 +1,25 @@
 package com.yonge.cooleshow.admin.controller;
 
 import cn.hutool.core.collection.CollUtil;
+import com.yonge.cooleshow.admin.dto.UmsAdminLoginParam;
+import com.yonge.cooleshow.admin.service.UmsAdminService;
+import com.yonge.cooleshow.admin.service.UmsRoleService;
 import com.yonge.cooleshow.auth.api.client.SysUserFeignService;
 import com.yonge.cooleshow.auth.api.entity.SysUser;
+import com.yonge.cooleshow.common.entity.HttpResponseResult;
 import com.yonge.cooleshow.mall.common.api.CommonPage;
 import com.yonge.cooleshow.mall.common.api.CommonResult;
-import com.yonge.cooleshow.admin.dto.UmsAdminLoginParam;
-import com.yonge.cooleshow.admin.dto.UmsAdminParam;
-import com.yonge.cooleshow.admin.dto.UpdateAdminPasswordParam;
+import com.yonge.cooleshow.mall.common.api.ResultCode;
 import com.yonge.cooleshow.mbg.model.UmsAdmin;
 import com.yonge.cooleshow.mbg.model.UmsRole;
-import com.yonge.cooleshow.admin.service.UmsAdminService;
-import com.yonge.cooleshow.admin.service.UmsRoleService;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Controller;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
 import javax.servlet.http.HttpServletRequest;
-import java.security.Principal;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
@@ -35,10 +33,6 @@ import java.util.stream.Collectors;
 @Api(tags = "UmsAdminController", description = "后台用户管理")
 @RequestMapping("/admin")
 public class UmsAdminController {
-    @Value("${jwt.tokenHeader}")
-    private String tokenHeader;
-    @Value("${jwt.tokenHead}")
-    private String tokenHead;
     @Autowired
     private UmsAdminService adminService;
     @Autowired
@@ -46,85 +40,50 @@ public class UmsAdminController {
     @Autowired
     private SysUserFeignService sysUserFeignService;
 
-    @ApiOperation(value = "用户注册")
-    @RequestMapping(value = "/register", method = RequestMethod.POST)
-    @ResponseBody
-    public CommonResult<UmsAdmin> register(@Validated @RequestBody UmsAdminParam umsAdminParam) {
-        UmsAdmin umsAdmin = adminService.register(umsAdminParam);
-        if (umsAdmin == null) {
-            return CommonResult.failed();
-        }
-        return CommonResult.success(umsAdmin);
-    }
 
     @ApiOperation(value = "登录以后返回token")
     @RequestMapping(value = "/login", method = RequestMethod.POST)
     @ResponseBody
     public CommonResult login(@Validated @RequestBody UmsAdminLoginParam umsAdminLoginParam) {
-        String token = adminService.login(umsAdminLoginParam.getUsername(), umsAdminLoginParam.getPassword());
-        if (token == null) {
-            return CommonResult.validateFailed("用户名或密码错误");
-        }
-        Map<String, String> tokenMap = new HashMap<>();
-        tokenMap.put("token", token);
-        tokenMap.put("tokenHead", tokenHead);
-        return CommonResult.success(tokenMap);
-    }
-
-
-    @ApiOperation(value = "登录以后返回token")
-    @RequestMapping(value = "/login/token", method = RequestMethod.POST)
-    @ResponseBody
-    public CommonResult login() {
-        SysUser sysUser = sysUserFeignService.queryUserInfo();
-
-        UmsAdmin admin = adminService.getAdminById(sysUser.getId());
-        // 设置首次登录 拥有全部权限
-        if (admin == null || admin.getId() == null) {
-            admin = new UmsAdmin();
-            admin.setId(sysUser.getId());
-            admin.setCreateTime(sysUser.getCreateTime());
-            admin.setUsername(sysUser.getUsername());
-            admin.setPassword(sysUser.getPassword());
-            admin.setStatus(1);
-            admin.setIcon(sysUser.getAvatar());
-            adminService.createRootAdmin(admin);
-        }
 
-        String token = adminService.login(admin.getUsername(), admin.getPassword());
-        if (token == null) {
-            return CommonResult.validateFailed("用户名或密码错误");
-        }
         Map<String, String> tokenMap = new HashMap<>();
-        tokenMap.put("token", token);
-        tokenMap.put("tokenHead", tokenHead);
+        tokenMap.put("token", "token");
+        tokenMap.put("tokenHead", "tokenHead");
         return CommonResult.success(tokenMap);
     }
 
+
     @ApiOperation(value = "刷新token")
     @RequestMapping(value = "/refreshToken", method = RequestMethod.GET)
     @ResponseBody
-    public CommonResult refreshToken(HttpServletRequest request) {
-        String token = request.getHeader(tokenHeader);
-        String refreshToken = adminService.refreshToken(token);
-        if (refreshToken == null) {
-            return CommonResult.failed("token已经过期！");
+    public CommonResult refreshToken(String refreshToken, String clientId, String clientSecret) {
+
+        HttpResponseResult httpResponseResult = sysUserFeignService.refreshToken(refreshToken, clientId, clientSecret);
+        if (httpResponseResult.getStatus()) {
+            return CommonResult.success(httpResponseResult.getData());
+        } else {
+            return CommonResult.failed(httpResponseResult.getMsg());
         }
-        Map<String, String> tokenMap = new HashMap<>();
-        tokenMap.put("token", refreshToken);
-        tokenMap.put("tokenHead", tokenHead);
-        return CommonResult.success(tokenMap);
     }
 
     @ApiOperation(value = "获取当前登录用户信息")
     @RequestMapping(value = "/info", method = RequestMethod.GET)
-    @ResponseBody
-    public CommonResult getAdminInfo(Principal principal) {
-        if(principal==null){
-            return CommonResult.unauthorized(null);
+    public CommonResult getAdminInfo() {
+
+        SysUser sysUser = sysUserFeignService.queryUserInfo();
+        if (sysUser == null || sysUser.getId() == null) {
+            return CommonResult.failed(ResultCode.FORBIDDEN, "请登录");
+        }
+
+        adminService.saveAdmin();
+
+        UmsAdmin umsAdmin = adminService.getAdminById(sysUser.getId());
+        if (umsAdmin == null) {
+            return CommonResult.failed("用户同步失败");
+        }
+        if (umsAdmin.getStatus() == 0) {
+            return CommonResult.failed("用户被禁用");
         }
-        String username = principal.getName();
-        UmsAdmin umsAdmin = adminService.getAdminByUsername(username);
         Map<String, Object> data = new HashMap<>();
         data.put("username", umsAdmin.getUsername());
         data.put("menus", roleService.getMenuList(umsAdmin.getId()));
@@ -140,8 +99,13 @@ public class UmsAdminController {
     @ApiOperation(value = "登出功能")
     @RequestMapping(value = "/logout", method = RequestMethod.POST)
     @ResponseBody
-    public CommonResult logout() {
-        return CommonResult.success(null);
+    public CommonResult logout(HttpServletRequest request) {
+        HttpResponseResult<String> logout = sysUserFeignService.remoteExit();
+        if (logout.getStatus()) {
+            return CommonResult.success(logout.getData());
+        } else {
+            return CommonResult.failed(logout.getMsg());
+        }
     }
 
     @ApiOperation("根据用户名或姓名分页获取用户列表")
@@ -173,24 +137,6 @@ public class UmsAdminController {
         return CommonResult.failed();
     }
 
-    @ApiOperation("修改指定用户密码")
-    @RequestMapping(value = "/updatePassword", method = RequestMethod.POST)
-    @ResponseBody
-    public CommonResult updatePassword(@Validated @RequestBody UpdateAdminPasswordParam updatePasswordParam) {
-        int status = adminService.updatePassword(updatePasswordParam);
-        if (status > 0) {
-            return CommonResult.success(status);
-        } else if (status == -1) {
-            return CommonResult.failed("提交参数不合法");
-        } else if (status == -2) {
-            return CommonResult.failed("找不到该用户");
-        } else if (status == -3) {
-            return CommonResult.failed("旧密码错误");
-        } else {
-            return CommonResult.failed();
-        }
-    }
-
     @ApiOperation("删除指定用户信息")
     @RequestMapping(value = "/delete/{id}", method = RequestMethod.POST)
     @ResponseBody

cooleshow-mall/mall-admin/src/main/java/com/yonge/cooleshow/admin/controller/UmsResourceController.java

@@ -3,7 +3,6 @@ package com.yonge.cooleshow.admin.controller;
 import com.yonge.cooleshow.mall.common.api.CommonPage;
 import com.yonge.cooleshow.mall.common.api.CommonResult;
 import com.yonge.cooleshow.mbg.model.UmsResource;
-import com.yonge.cooleshow.mall.security.component.DynamicSecurityMetadataSource;
 import com.yonge.cooleshow.admin.service.UmsResourceService;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
@@ -24,15 +23,12 @@ public class UmsResourceController {
 
     @Autowired
     private UmsResourceService resourceService;
-    @Autowired
-    private DynamicSecurityMetadataSource dynamicSecurityMetadataSource;
 
     @ApiOperation("添加后台资源")
     @RequestMapping(value = "/create", method = RequestMethod.POST)
     @ResponseBody
     public CommonResult create(@RequestBody UmsResource umsResource) {
         int count = resourceService.create(umsResource);
-        dynamicSecurityMetadataSource.clearDataSource();
         if (count > 0) {
             return CommonResult.success(count);
         } else {
@@ -46,7 +42,6 @@ public class UmsResourceController {
     public CommonResult update(@PathVariable Long id,
                                @RequestBody UmsResource umsResource) {
         int count = resourceService.update(id, umsResource);
-        dynamicSecurityMetadataSource.clearDataSource();
         if (count > 0) {
             return CommonResult.success(count);
         } else {
@@ -67,7 +62,6 @@ public class UmsResourceController {
     @ResponseBody
     public CommonResult delete(@PathVariable Long id) {
         int count = resourceService.delete(id);
-        dynamicSecurityMetadataSource.clearDataSource();
         if (count > 0) {
             return CommonResult.success(count);
         } else {

cooleshow-mall/mall-admin/src/main/java/com/yonge/cooleshow/admin/service/UmsAdminService.java

@@ -20,24 +20,6 @@ public interface UmsAdminService {
      */
     UmsAdmin getAdminByUsername(String username);
 
-    /**
-     * 注册功能
-     */
-    UmsAdmin register(UmsAdminParam umsAdminParam);
-
-    /**
-     * 登录功能
-     * @param username 用户名
-     * @param password 密码
-     * @return 生成的JWT的token
-     */
-    String login(String username,String password);
-
-    /**
-     * 刷新token的功能
-     * @param oldToken 旧的token
-     */
-    String refreshToken(String oldToken);
 
     /**
      * 根据用户id获取用户
@@ -76,16 +58,6 @@ public interface UmsAdminService {
     List<UmsResource> getResourceList(Long adminId);
 
     /**
-     * 修改密码
-     */
-    int updatePassword(UpdateAdminPasswordParam updatePasswordParam);
-
-    /**
-     * 获取用户信息
-     */
-    UserDetails loadUserByUsername(String username);
-
-    /**
      * 获取用户信息
      *
      * @param id id
@@ -100,4 +72,17 @@ public interface UmsAdminService {
      * @return
      */
     boolean createRootAdmin(UmsAdmin admin);
+
+    /**
+     * 创建root用户
+     *
+     * @param adminList
+     */
+    boolean addRootAdmin(List<UmsAdmin> adminList);
+
+    /**
+     * 同步远程用户
+     */
+    @Transactional
+    void saveAdmin();
 }

cooleshow-mall/mall-admin/src/main/java/com/yonge/cooleshow/admin/service/impl/UmsAdminServiceImpl.java

@@ -1,31 +1,26 @@
 package com.yonge.cooleshow.admin.service.impl;
 
 import cn.hutool.core.collection.CollUtil;
+import cn.hutool.core.date.LocalDateTimeUtil;
 import cn.hutool.core.util.StrUtil;
 import com.github.pagehelper.PageHelper;
-import com.yonge.cooleshow.admin.bo.AdminUserDetails;
-import com.yonge.cooleshow.mall.common.exception.Asserts;
-import com.yonge.cooleshow.mall.common.util.RequestUtil;
 import com.yonge.cooleshow.admin.dao.UmsAdminRoleRelationDao;
-import com.yonge.cooleshow.admin.dto.UmsAdminParam;
-import com.yonge.cooleshow.admin.dto.UpdateAdminPasswordParam;
+import com.yonge.cooleshow.admin.service.UmsAdminCacheService;
+import com.yonge.cooleshow.admin.service.UmsAdminService;
+import com.yonge.cooleshow.auth.api.client.SysUserFeignService;
+import com.yonge.cooleshow.auth.api.dto.SysUserQueryInfo;
+import com.yonge.cooleshow.auth.api.entity.SysUser;
+import com.yonge.cooleshow.common.entity.HttpResponseResult;
+import com.yonge.cooleshow.common.page.PageInfo;
+import com.yonge.cooleshow.mall.common.util.RequestUtil;
+import com.yonge.cooleshow.mbg.mapper.SysConfigMapper;
 import com.yonge.cooleshow.mbg.mapper.UmsAdminLoginLogMapper;
 import com.yonge.cooleshow.mbg.mapper.UmsAdminMapper;
 import com.yonge.cooleshow.mbg.mapper.UmsAdminRoleRelationMapper;
 import com.yonge.cooleshow.mbg.model.*;
-import com.yonge.cooleshow.mall.security.util.JwtTokenUtil;
-import com.yonge.cooleshow.admin.service.UmsAdminCacheService;
-import com.yonge.cooleshow.admin.service.UmsAdminService;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.security.core.userdetails.UsernameNotFoundException;
-import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Service;
 import org.springframework.util.CollectionUtils;
 import org.springframework.util.StringUtils;
@@ -33,9 +28,10 @@ import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
 
 import javax.servlet.http.HttpServletRequest;
-import java.util.ArrayList;
-import java.util.Date;
-import java.util.List;
+import java.time.LocalDateTime;
+import java.time.format.DateTimeFormatter;
+import java.util.*;
+import java.util.stream.Collectors;
 
 /**
  * 后台用户管理Service实现类
@@ -45,9 +41,7 @@ import java.util.List;
 public class UmsAdminServiceImpl implements UmsAdminService {
     private static final Logger LOGGER = LoggerFactory.getLogger(UmsAdminServiceImpl.class);
     @Autowired
-    private JwtTokenUtil jwtTokenUtil;
-    @Autowired
-    private PasswordEncoder passwordEncoder;
+    private SysUserFeignService sysUserFeignService;
     @Autowired
     private UmsAdminMapper adminMapper;
     @Autowired
@@ -59,6 +53,9 @@ public class UmsAdminServiceImpl implements UmsAdminService {
     @Autowired
     private UmsAdminCacheService adminCacheService;
 
+    @Autowired
+    private SysConfigMapper configMapper;
+
     @Override
     public UmsAdmin getAdminByUsername(String username) {
         UmsAdmin admin = adminCacheService.getAdmin(username);
@@ -74,48 +71,6 @@ public class UmsAdminServiceImpl implements UmsAdminService {
         return null;
     }
 
-    @Override
-    public UmsAdmin register(UmsAdminParam umsAdminParam) {
-        UmsAdmin umsAdmin = new UmsAdmin();
-        BeanUtils.copyProperties(umsAdminParam, umsAdmin);
-        umsAdmin.setCreateTime(new Date());
-        umsAdmin.setStatus(1);
-        //查询是否有相同用户名的用户
-        UmsAdminExample example = new UmsAdminExample();
-        example.createCriteria().andUsernameEqualTo(umsAdmin.getUsername());
-        List<UmsAdmin> umsAdminList = adminMapper.selectByExample(example);
-        if (umsAdminList.size() > 0) {
-            return null;
-        }
-        //将密码进行加密操作
-        String encodePassword = passwordEncoder.encode(umsAdmin.getPassword());
-        umsAdmin.setPassword(encodePassword);
-        adminMapper.insert(umsAdmin);
-        return umsAdmin;
-    }
-
-    @Override
-    public String login(String username, String password) {
-        String token = null;
-        //密码需要客户端加密后传递
-        try {
-            UserDetails userDetails = loadUserByUsername(username);
-            // if(!passwordEncoder.matches(password,userDetails.getPassword())){
-            //     Asserts.fail("密码不正确");
-            // }
-            if(!userDetails.isEnabled()){
-                Asserts.fail("帐号已被禁用");
-            }
-            UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
-            SecurityContextHolder.getContext().setAuthentication(authentication);
-            token = jwtTokenUtil.generateToken(userDetails);
-//            updateLoginTimeByUsername(username);
-            insertLoginLog(username);
-        } catch (AuthenticationException e) {
-            LOGGER.warn("登录异常:{}", e.getMessage());
-        }
-        return token;
-    }
 
     /**
      * 添加登录记录
@@ -144,10 +99,6 @@ public class UmsAdminServiceImpl implements UmsAdminService {
         adminMapper.updateByExampleSelective(record, example);
     }
 
-    @Override
-    public String refreshToken(String oldToken) {
-        return jwtTokenUtil.refreshHeadToken(oldToken);
-    }
 
     @Override
     public UmsAdmin getItem(Long id) {
@@ -178,7 +129,7 @@ public class UmsAdminServiceImpl implements UmsAdminService {
             if(StrUtil.isEmpty(admin.getPassword())){
                 admin.setPassword(null);
             }else{
-                admin.setPassword(passwordEncoder.encode(admin.getPassword()));
+                admin.setPassword(null);
             }
         }
         int count = adminMapper.updateByPrimaryKeySelective(admin);
@@ -234,39 +185,7 @@ public class UmsAdminServiceImpl implements UmsAdminService {
         return resourceList;
     }
 
-    @Override
-    public int updatePassword(UpdateAdminPasswordParam param) {
-        if(StrUtil.isEmpty(param.getUsername())
-                ||StrUtil.isEmpty(param.getOldPassword())
-                ||StrUtil.isEmpty(param.getNewPassword())){
-            return -1;
-        }
-        UmsAdminExample example = new UmsAdminExample();
-        example.createCriteria().andUsernameEqualTo(param.getUsername());
-        List<UmsAdmin> adminList = adminMapper.selectByExample(example);
-        if(CollUtil.isEmpty(adminList)){
-            return -2;
-        }
-        UmsAdmin umsAdmin = adminList.get(0);
-        if(!passwordEncoder.matches(param.getOldPassword(),umsAdmin.getPassword())){
-            return -3;
-        }
-        umsAdmin.setPassword(passwordEncoder.encode(param.getNewPassword()));
-        adminMapper.updateByPrimaryKey(umsAdmin);
-        adminCacheService.delAdmin(umsAdmin.getId());
-        return 1;
-    }
 
-    @Override
-    public UserDetails loadUserByUsername(String username){
-        //获取用户信息
-        UmsAdmin admin = getAdminByUsername(username);
-        if (admin != null) {
-            List<UmsResource> resourceList = getResourceList(admin.getId());
-            return new AdminUserDetails(admin,resourceList);
-        }
-        throw new UsernameNotFoundException("用户名或密码错误");
-    }
 
     @Override
     public UmsAdmin getAdminById(Long id) {
@@ -280,4 +199,77 @@ public class UmsAdminServiceImpl implements UmsAdminService {
         roleIds.add(1L);
         return updateRole(admin.getId(),roleIds) > 0;
     }
+
+    @Override
+    public boolean addRootAdmin(List<UmsAdmin> adminList) {
+        adminMapper.saveRootAdminList(adminList);
+        return addAdminRootRole(adminList);
+    }
+
+    @Override
+    public void saveAdmin() {
+        // 调用远程，保存用户
+        SysUserQueryInfo sysUserQueryInfo = new SysUserQueryInfo();
+        String now = LocalDateTimeUtil.format(LocalDateTime.now(), DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss"));
+        String syncTime = configMapper.getConfig(SysConfig.SYNC_TIME);
+        sysUserQueryInfo.setUserType("SYSTEM");
+        sysUserQueryInfo.setCreateEndDate(now);
+        sysUserQueryInfo.setCreateStartDate(syncTime);
+        sysUserQueryInfo.setPage(1);
+        sysUserQueryInfo.setRows(9999);
+        HttpResponseResult<PageInfo<SysUser>> result = sysUserFeignService.page(sysUserQueryInfo);
+
+        if (result.getStatus()) {
+            List<SysUser> rows = result.getData().getRows();
+            List<UmsAdmin> adminList = new ArrayList<>();
+            for (SysUser row : rows) {
+                UmsAdmin admin = new UmsAdmin();
+                admin.setId(row.getId());
+                admin.setCreateTime(row.getCreateTime());
+                admin.setUsername(row.getUsername());
+                admin.setPassword(row.getPassword());
+                admin.setStatus(1);
+                admin.setIcon(row.getAvatar());
+                adminList.add(admin);
+            }
+            addRootAdmin(adminList);
+        }
+        configMapper.setConfig(SysConfig.SYNC_TIME,now);
+    }
+
+    /**
+     * 添加默认权限
+     *
+     * @param adminList
+     */
+    private boolean addAdminRootRole(List<UmsAdmin> adminList) {
+        List<Long> adminIdList = adminList.stream().map(UmsAdmin::getId).collect(Collectors.toList());
+
+        // 已经设置里权限的不做处理
+        UmsAdminRoleRelationExample adminRoleRelationExample = new UmsAdminRoleRelationExample();
+        adminRoleRelationExample.createCriteria().andAdminIdIn(adminIdList);
+        List<UmsAdminRoleRelation> umsAdminRoleRelations = adminRoleRelationMapper.selectByExample(
+                adminRoleRelationExample);
+        Set<Long> hasRoleAdminIdList = new HashSet<>();
+        if (CollUtil.isNotEmpty(umsAdminRoleRelations)) {
+            hasRoleAdminIdList = umsAdminRoleRelations.stream()
+                                                     .map(UmsAdminRoleRelation::getAdminId)
+                                                     .collect(Collectors.toSet());
+        }
+        Set<Long> finalHasRoleAdminIdList = hasRoleAdminIdList;
+        adminIdList = adminIdList.stream()
+                                 .filter(id -> !finalHasRoleAdminIdList.contains(id))
+                                 .collect(Collectors.toList());
+
+        // 设置权限
+        List<UmsAdminRoleRelation> list = new ArrayList<>();
+        for (Long adminId : adminIdList) {
+            UmsAdminRoleRelation roleRelation = new UmsAdminRoleRelation();
+            roleRelation.setAdminId(adminId);
+            roleRelation.setRoleId(1L);
+            list.add(roleRelation);
+        }
+        return adminRoleRelationDao.insertList(list) > 0;
+
+    }
 }

cooleshow-mall/mall-mbg/src/main/java/com/yonge/cooleshow/mbg/mapper/SysConfigMapper.java

@@ -0,0 +1,22 @@
+package com.yonge.cooleshow.mbg.mapper;
+
+import org.apache.ibatis.annotations.Param;
+
+public interface SysConfigMapper {
+    /**
+     * 获取配置信息
+     *
+     * @param config 配置名
+     * @return
+     */
+    String getConfig(String config);
+
+    /**
+     * 设置配置信息
+     *
+     * @param configName  配置名
+     * @param configValue 配置值
+     * @return
+     */
+    int setConfig(@Param("configName") String configName, @Param("configValue") String configValue);
+}

cooleshow-mall/mall-mbg/src/main/java/com/yonge/cooleshow/mbg/mapper/UmsAdminMapper.java

@@ -2,7 +2,9 @@ package com.yonge.cooleshow.mbg.mapper;
 
 import com.yonge.cooleshow.mbg.model.UmsAdmin;
 import com.yonge.cooleshow.mbg.model.UmsAdminExample;
+
 import java.util.List;
+
 import org.apache.ibatis.annotations.Param;
 
 public interface UmsAdminMapper {
@@ -29,4 +31,6 @@ public interface UmsAdminMapper {
     int updateByPrimaryKey(UmsAdmin record);
 
     int addRootAdmin(UmsAdmin admin);
+
+    int saveRootAdminList(@Param("adminList") List<UmsAdmin> adminList);
 }

cooleshow-mall/mall-mbg/src/main/java/com/yonge/cooleshow/mbg/model/SysConfig.java

@@ -0,0 +1,114 @@
+package com.yonge.cooleshow.mbg.model;
+
+import io.swagger.annotations.ApiModelProperty;
+
+/**
+ * 对应数据库表(sys_config):
+ */
+public class SysConfig {
+
+	/**
+	 * 人员同步时间
+	 */
+	public static final String SYNC_TIME = "sync_time";
+
+	/**  */
+	private Long id;
+	
+	/** 参数名称 */
+	@ApiModelProperty(value = "参数名称", required = true)
+	private String paramName;
+	
+	/** 参数值 */
+	@ApiModelProperty(value = "参数值", required = true)
+	private String paramValue;
+	
+	/** 描述 */
+	@ApiModelProperty(value = "描述", required = true)
+	private String description;
+	
+	/** 创建时间 */
+	private java.util.Date createOn;
+	
+	/** 修改时间 */
+	private java.util.Date modifyOn;
+	
+	private Long modifyBy;
+	
+	@ApiModelProperty(value = "消息组", required = true)
+	private String group;
+	
+	public void setId(Long id){
+		this.id = id;
+	}
+	
+	public Long getId(){
+		return this.id;
+	}
+			
+	public void setParamName(String paramName){
+		this.paramName = paramName;
+	}
+	
+	public String getParamName(){
+		return this.paramName;
+	}
+			
+	public void setParamValue(String paramValue){
+		this.paramValue = paramValue;
+	}
+	
+	public String getParamValue(){
+		return this.paramValue;
+	}
+
+	public <T> T getParamValue(Class<T> cla){
+		try {
+			return cla.cast(cla.getMethod("valueOf", String.class).invoke(cla.getInterfaces(),this.paramValue));
+		} catch (Exception e) {
+			return (T)this.paramValue.getClass();
+		}
+	}
+			
+	public void setDescription(String description){
+		this.description = description;
+	}
+	
+	public String getDescription(){
+		return this.description;
+	}
+			
+	public void setCreateOn(java.util.Date createOn){
+		this.createOn = createOn;
+	}
+	
+	public java.util.Date getCreateOn(){
+		return this.createOn;
+	}
+			
+	public void setModifyOn(java.util.Date modifyOn){
+		this.modifyOn = modifyOn;
+	}
+	
+	public java.util.Date getModifyOn(){
+		return this.modifyOn;
+	}
+			
+	public String getGroup() {
+		return group;
+	}
+
+	public void setGroup(String group) {
+		this.group = group;
+	}
+
+	public Long getModifyBy() {
+		return modifyBy;
+	}
+
+	public void setModifyBy(Long modifyBy) {
+		this.modifyBy = modifyBy;
+	}
+
+
+}

cooleshow-mall/mall-mbg/src/main/resources/config/mybatis/SysConfigMapper.xml

@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+<mapper namespace="com.yonge.cooleshow.mbg.mapper.SysConfigMapper">
+
+<select id="getConfig" resultType="java.lang.String">
+    select param_value_ from sys_config where param_name_ = #{config,jdbcType=VARCHAR}
+    </select>
+
+<update id="setConfig">
+    update sys_config set param_value_ = #{configValue} where param_name_ = #{configName}
+    </update>
+</mapper>

cooleshow-mall/mall-mbg/src/main/resources/config/mybatis/UmsAdminMapper.xml

@@ -298,4 +298,18 @@
     #{createTime,jdbcType=TIMESTAMP}, #{loginTime,jdbcType=TIMESTAMP}, #{status,jdbcType=INTEGER}
     )
   </insert>
+
+  <insert id="saveRootAdminList">
+    replace into ums_admin (id,username, password, icon,
+    email, nick_name, note,
+    create_time, login_time, status
+    )
+    values
+    <foreach collection="adminList" separator="," close="" open="" item="item">
+      (#{item.id,jdbcType=BIGINT},#{item.username,jdbcType=VARCHAR}, #{item.password,jdbcType=VARCHAR}, #{item.icon,jdbcType=VARCHAR},
+      #{item.email,jdbcType=VARCHAR}, #{item.nickName,jdbcType=VARCHAR}, #{item.note,jdbcType=VARCHAR},
+      #{item.createTime,jdbcType=TIMESTAMP}, #{item.loginTime,jdbcType=TIMESTAMP}, #{item.status,jdbcType=INTEGER}
+      )
+    </foreach>
+  </insert>
 </mapper>

cooleshow-mall/mall-security/pom.xml

@@ -1,41 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
-    <modelVersion>4.0.0</modelVersion>
-    <artifactId>mall-security</artifactId>
-    <version>1.0</version>
-    <packaging>jar</packaging>
-
-    <name>mall-security</name>
-    <description>mall-security project for mall</description>
-
-    <parent>
-        <groupId>com.yonge.cooleshow</groupId>
-        <artifactId>cooleshow-mall</artifactId>
-        <version>1.0</version>
-    </parent>
-
-    <dependencies>
-        <dependency>
-            <groupId>com.yonge.cooleshow</groupId>
-            <artifactId>mall-common</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-web</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-security</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-data-redis</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>io.jsonwebtoken</groupId>
-            <artifactId>jjwt</artifactId>
-        </dependency>
-    </dependencies>
-
-</project>

cooleshow-mall/mall-security/src/main/java/com/yonge/cooleshow/mall/security/annotation/CacheException.java

@@ -1,13 +0,0 @@
-package com.yonge.cooleshow.mall.security.annotation;
-
-import java.lang.annotation.*;
-
-/**
- * 自定义注解，有该注解的缓存方法会抛出异常
- * Created by macro on 2020/3/17.
- */
-@Documented
-@Target(ElementType.METHOD)
-@Retention(RetentionPolicy.RUNTIME)
-public @interface CacheException {
-}

cooleshow-mall/mall-security/src/main/java/com/yonge/cooleshow/mall/security/aspect/RedisCacheAspect.java

@@ -1,50 +0,0 @@
-package com.yonge.cooleshow.mall.security.aspect;
-
-import com.yonge.cooleshow.mall.security.annotation.CacheException;
-import org.aspectj.lang.ProceedingJoinPoint;
-import org.aspectj.lang.Signature;
-import org.aspectj.lang.annotation.Around;
-import org.aspectj.lang.annotation.Aspect;
-import org.aspectj.lang.annotation.Pointcut;
-import org.aspectj.lang.reflect.MethodSignature;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.core.annotation.Order;
-import org.springframework.stereotype.Component;
-
-import java.lang.reflect.Method;
-
-/**
- * Redis缓存切面，防止Redis宕机影响正常业务逻辑
- * Created by macro on 2020/3/17.
- */
-@Aspect
-@Component
-@Order(2)
-public class RedisCacheAspect {
-    private static Logger LOGGER = LoggerFactory.getLogger(RedisCacheAspect.class);
-
-    @Pointcut("execution(public * com.yonge.cooleshow.admin.service.*CacheService.*(..)) || execution(public * com.yonge.cooleshow.admin.service.*CacheService.*(..))")
-    public void cacheAspect() {
-    }
-
-    @Around("cacheAspect()")
-    public Object doAround(ProceedingJoinPoint joinPoint) throws Throwable {
-        Signature signature = joinPoint.getSignature();
-        MethodSignature methodSignature = (MethodSignature) signature;
-        Method method = methodSignature.getMethod();
-        Object result = null;
-        try {
-            result = joinPoint.proceed();
-        } catch (Throwable throwable) {
-            //有CacheException注解的方法需要抛出异常
-            if (method.isAnnotationPresent(CacheException.class)) {
-                throw throwable;
-            } else {
-                LOGGER.error(throwable.getMessage());
-            }
-        }
-        return result;
-    }
-
-}

cooleshow-mall/mall-security/src/main/java/com/yonge/cooleshow/mall/security/component/DynamicAccessDecisionManager.java

@@ -1,51 +0,0 @@
-package com.yonge.cooleshow.mall.security.component;
-
-import cn.hutool.core.collection.CollUtil;
-import org.springframework.security.access.AccessDecisionManager;
-import org.springframework.security.access.AccessDeniedException;
-import org.springframework.security.access.ConfigAttribute;
-import org.springframework.security.authentication.InsufficientAuthenticationException;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.GrantedAuthority;
-
-import java.util.Collection;
-import java.util.Iterator;
-
-/**
- * 动态权限决策管理器，用于判断用户是否有访问权限
- * Created by macro on 2020/2/7.
- */
-public class DynamicAccessDecisionManager implements AccessDecisionManager {
-
-    @Override
-    public void decide(Authentication authentication, Object object,
-                       Collection<ConfigAttribute> configAttributes) throws AccessDeniedException, InsufficientAuthenticationException {
-        // 当接口未被配置资源时直接放行
-        if (CollUtil.isEmpty(configAttributes)) {
-            return;
-        }
-        Iterator<ConfigAttribute> iterator = configAttributes.iterator();
-        while (iterator.hasNext()) {
-            ConfigAttribute configAttribute = iterator.next();
-            //将访问所需资源或用户拥有资源进行比对
-            String needAuthority = configAttribute.getAttribute();
-            for (GrantedAuthority grantedAuthority : authentication.getAuthorities()) {
-                if (needAuthority.trim().equals(grantedAuthority.getAuthority())) {
-                    return;
-                }
-            }
-        }
-        throw new AccessDeniedException("抱歉，您没有访问权限");
-    }
-
-    @Override
-    public boolean supports(ConfigAttribute configAttribute) {
-        return true;
-    }
-
-    @Override
-    public boolean supports(Class<?> aClass) {
-        return true;
-    }
-
-}

cooleshow-mall/mall-security/src/main/java/com/yonge/cooleshow/mall/security/component/DynamicSecurityFilter.java

@@ -1,77 +0,0 @@
-package com.yonge.cooleshow.mall.security.component;
-
-import com.yonge.cooleshow.mall.security.config.IgnoreUrlsConfig;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.http.HttpMethod;
-import org.springframework.security.access.SecurityMetadataSource;
-import org.springframework.security.access.intercept.AbstractSecurityInterceptor;
-import org.springframework.security.access.intercept.InterceptorStatusToken;
-import org.springframework.security.web.FilterInvocation;
-import org.springframework.util.AntPathMatcher;
-import org.springframework.util.PathMatcher;
-
-import javax.servlet.*;
-import javax.servlet.http.HttpServletRequest;
-import java.io.IOException;
-
-/**
- * 动态权限过滤器，用于实现基于路径的动态权限过滤
- * Created by macro on 2020/2/7.
- */
-public class DynamicSecurityFilter extends AbstractSecurityInterceptor implements Filter {
-
-    @Autowired
-    private DynamicSecurityMetadataSource dynamicSecurityMetadataSource;
-    @Autowired
-    private IgnoreUrlsConfig ignoreUrlsConfig;
-
-    @Autowired
-    public void setMyAccessDecisionManager(DynamicAccessDecisionManager dynamicAccessDecisionManager) {
-        super.setAccessDecisionManager(dynamicAccessDecisionManager);
-    }
-
-    @Override
-    public void init(FilterConfig filterConfig) throws ServletException {
-    }
-
-    @Override
-    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
-        HttpServletRequest request = (HttpServletRequest) servletRequest;
-        FilterInvocation fi = new FilterInvocation(servletRequest, servletResponse, filterChain);
-        //OPTIONS请求直接放行
-        if(request.getMethod().equals(HttpMethod.OPTIONS.toString())){
-            fi.getChain().doFilter(fi.getRequest(), fi.getResponse());
-            return;
-        }
-        //白名单请求直接放行
-        PathMatcher pathMatcher = new AntPathMatcher();
-        for (String path : ignoreUrlsConfig.getUrls()) {
-            if(pathMatcher.match(path,request.getRequestURI())){
-                fi.getChain().doFilter(fi.getRequest(), fi.getResponse());
-                return;
-            }
-        }
-        //此处会调用AccessDecisionManager中的decide方法进行鉴权操作
-        InterceptorStatusToken token = super.beforeInvocation(fi);
-        try {
-            fi.getChain().doFilter(fi.getRequest(), fi.getResponse());
-        } finally {
-            super.afterInvocation(token, null);
-        }
-    }
-
-    @Override
-    public void destroy() {
-    }
-
-    @Override
-    public Class<?> getSecureObjectClass() {
-        return FilterInvocation.class;
-    }
-
-    @Override
-    public SecurityMetadataSource obtainSecurityMetadataSource() {
-        return dynamicSecurityMetadataSource;
-    }
-
-}

cooleshow-mall/mall-security/src/main/java/com/yonge/cooleshow/mall/security/component/DynamicSecurityMetadataSource.java

@@ -1,64 +0,0 @@
-package com.yonge.cooleshow.mall.security.component;
-
-import cn.hutool.core.util.URLUtil;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.ConfigAttribute;
-import org.springframework.security.web.FilterInvocation;
-import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
-import org.springframework.util.AntPathMatcher;
-import org.springframework.util.PathMatcher;
-
-import javax.annotation.PostConstruct;
-import java.util.*;
-
-/**
- * 动态权限数据源，用于获取动态权限规则
- * Created by macro on 2020/2/7.
- */
-public class DynamicSecurityMetadataSource implements FilterInvocationSecurityMetadataSource {
-
-    private static Map<String, ConfigAttribute> configAttributeMap = null;
-    @Autowired
-    private DynamicSecurityService dynamicSecurityService;
-
-    @PostConstruct
-    public void loadDataSource() {
-        configAttributeMap = dynamicSecurityService.loadDataSource();
-    }
-
-    public void clearDataSource() {
-        configAttributeMap.clear();
-        configAttributeMap = null;
-    }
-
-    @Override
-    public Collection<ConfigAttribute> getAttributes(Object o) throws IllegalArgumentException {
-        if (configAttributeMap == null) this.loadDataSource();
-        List<ConfigAttribute>  configAttributes = new ArrayList<>();
-        //获取当前访问的路径
-        String url = ((FilterInvocation) o).getRequestUrl();
-        String path = URLUtil.getPath(url);
-        PathMatcher pathMatcher = new AntPathMatcher();
-        Iterator<String> iterator = configAttributeMap.keySet().iterator();
-        //获取访问该路径所需资源
-        while (iterator.hasNext()) {
-            String pattern = iterator.next();
-            if (pathMatcher.match(pattern, path)) {
-                configAttributes.add(configAttributeMap.get(pattern));
-            }
-        }
-        // 未设置操作请求权限，返回空集合
-        return configAttributes;
-    }
-
-    @Override
-    public Collection<ConfigAttribute> getAllConfigAttributes() {
-        return null;
-    }
-
-    @Override
-    public boolean supports(Class<?> aClass) {
-        return true;
-    }
-
-}

cooleshow-mall/mall-security/src/main/java/com/yonge/cooleshow/mall/security/component/DynamicSecurityService.java

@@ -1,16 +0,0 @@
-package com.yonge.cooleshow.mall.security.component;
-
-import org.springframework.security.access.ConfigAttribute;
-
-import java.util.Map;
-
-/**
- * 动态权限相关业务类
- * Created by macro on 2020/2/7.
- */
-public interface DynamicSecurityService {
-    /**
-     * 加载资源ANT通配符和资源对应MAP
-     */
-    Map<String, ConfigAttribute> loadDataSource();
-}

cooleshow-mall/mall-security/src/main/java/com/yonge/cooleshow/mall/security/component/JwtAuthenticationTokenFilter.java

@@ -1,57 +0,0 @@
-package com.yonge.cooleshow.mall.security.component;
-
-import com.yonge.cooleshow.mall.security.util.JwtTokenUtil;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.security.core.userdetails.UserDetailsService;
-import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
-import org.springframework.web.filter.OncePerRequestFilter;
-
-import javax.servlet.FilterChain;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-
-/**
- * JWT登录授权过滤器
- * Created by macro on 2018/4/26.
- */
-public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
-    private static final Logger LOGGER = LoggerFactory.getLogger(JwtAuthenticationTokenFilter.class);
-    @Autowired
-    private UserDetailsService userDetailsService;
-    @Autowired
-    private JwtTokenUtil jwtTokenUtil;
-    @Value("${jwt.tokenHeader}")
-    private String tokenHeader;
-    @Value("${jwt.tokenHead}")
-    private String tokenHead;
-
-    @Override
-    protected void doFilterInternal(HttpServletRequest request,
-                                    HttpServletResponse response,
-                                    FilterChain chain) throws ServletException, IOException {
-        String authHeader = request.getHeader(this.tokenHeader);
-        if (authHeader != null && authHeader.startsWith(this.tokenHead)) {
-            String authToken = authHeader.substring(this.tokenHead.length());// The part after "Bearer "
-            String username = jwtTokenUtil.getUserNameFromToken(authToken);
-            LOGGER.info("checking username:{}", username);
-            if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) {
-                UserDetails userDetails = this.userDetailsService.loadUserByUsername(username);
-                if (jwtTokenUtil.validateToken(authToken, userDetails)) {
-                    UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
-                    authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
-                    LOGGER.info("authenticated user:{}", username);
-                    SecurityContextHolder.getContext().setAuthentication(authentication);
-                }
-            }
-        }
-        chain.doFilter(request, response);
-    }
-}

cooleshow-mall/mall-security/src/main/java/com/yonge/cooleshow/mall/security/component/RestAuthenticationEntryPoint.java

@@ -1,28 +0,0 @@
-package com.yonge.cooleshow.mall.security.component;
-
-import cn.hutool.json.JSONUtil;
-import com.yonge.cooleshow.mall.common.api.CommonResult;
-import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.web.AuthenticationEntryPoint;
-import org.springframework.stereotype.Component;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-
-/**
- * 自定义返回结果：未登录或登录过期
- * Created by macro on 2018/5/14.
- */
-public class RestAuthenticationEntryPoint implements AuthenticationEntryPoint {
-    @Override
-    public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException {
-        response.setHeader("Access-Control-Allow-Origin", "*");
-        response.setHeader("Cache-Control","no-cache");
-        response.setCharacterEncoding("UTF-8");
-        response.setContentType("application/json");
-        response.getWriter().println(JSONUtil.parse(CommonResult.unauthorized(authException.getMessage())));
-        response.getWriter().flush();
-    }
-}

cooleshow-mall/mall-security/src/main/java/com/yonge/cooleshow/mall/security/component/RestfulAccessDeniedHandler.java

@@ -1,30 +0,0 @@
-package com.yonge.cooleshow.mall.security.component;
-
-import cn.hutool.json.JSONUtil;
-import com.yonge.cooleshow.mall.common.api.CommonResult;
-import org.springframework.security.access.AccessDeniedException;
-import org.springframework.security.web.access.AccessDeniedHandler;
-import org.springframework.stereotype.Component;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-
-/**
- * 自定义返回结果：没有权限访问时
- * Created by macro on 2018/4/26.
- */
-public class RestfulAccessDeniedHandler implements AccessDeniedHandler{
-    @Override
-    public void handle(HttpServletRequest request,
-                       HttpServletResponse response,
-                       AccessDeniedException e) throws IOException, ServletException {
-        response.setHeader("Access-Control-Allow-Origin", "*");
-        response.setHeader("Cache-Control","no-cache");
-        response.setCharacterEncoding("UTF-8");
-        response.setContentType("application/json");
-        response.getWriter().println(JSONUtil.parse(CommonResult.forbidden(e.getMessage())));
-        response.getWriter().flush();
-    }
-}

cooleshow-mall/mall-security/src/main/java/com/yonge/cooleshow/mall/security/config/IgnoreUrlsConfig.java

@@ -1,25 +0,0 @@
-package com.yonge.cooleshow.mall.security.config;
-
-import org.springframework.boot.context.properties.ConfigurationProperties;
-
-import java.util.ArrayList;
-import java.util.List;
-
-/**
- * SpringSecurity白名单资源路径配置
- * Created by macro on 2018/11/5.
- */
-
-@ConfigurationProperties(prefix = "secure.ignored")
-public class IgnoreUrlsConfig {
-
-    private List<String> urls = new ArrayList<>();
-
-    public List<String> getUrls() {
-        return urls;
-    }
-
-    public void setUrls(List<String> urls) {
-        this.urls = urls;
-    }
-}

cooleshow-mall/mall-security/src/main/java/com/yonge/cooleshow/mall/security/config/SecurityConfig.java

@@ -1,127 +0,0 @@
-package com.yonge.cooleshow.mall.security.config;
-
-import com.yonge.cooleshow.mall.security.component.*;
-import com.yonge.cooleshow.mall.security.util.JwtTokenUtil;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
-import org.springframework.context.annotation.Bean;
-import org.springframework.http.HttpMethod;
-import org.springframework.security.authentication.AuthenticationManager;
-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
-import org.springframework.security.config.http.SessionCreationPolicy;
-import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
-import org.springframework.security.crypto.password.PasswordEncoder;
-import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
-import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
-
-
-/**
- * 对SpringSecurity配置类的扩展，支持自定义白名单资源路径和查询用户逻辑
- * Created by macro on 2019/11/5.
- */
-public class SecurityConfig extends WebSecurityConfigurerAdapter {
-
-    @Autowired(required = false)
-    private DynamicSecurityService dynamicSecurityService;
-
-    @Override
-    protected void configure(HttpSecurity httpSecurity) throws Exception {
-        ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry = httpSecurity
-                .authorizeRequests();
-        // 不需要保护的资源路径允许访问
-        for (String url : ignoreUrlsConfig().getUrls()) {
-            registry.antMatchers(url).permitAll();
-        }
-        // 允许跨域的OPTIONS请求
-        registry.antMatchers(HttpMethod.OPTIONS)
-                .permitAll();
-        // 其他任何请求都需要身份认证
-        registry.and()
-                .authorizeRequests()
-                .anyRequest()
-                .authenticated()
-                // 关闭跨站请求防护及不使用session
-                .and()
-                .csrf()
-                .disable()
-                .sessionManagement()
-                .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
-                // 自定义权限拒绝处理类
-                .and()
-                .exceptionHandling()
-                .accessDeniedHandler(restfulAccessDeniedHandler())
-                .authenticationEntryPoint(restAuthenticationEntryPoint())
-                // 自定义权限拦截器JWT过滤器
-                .and()
-                .addFilterBefore(jwtAuthenticationTokenFilter(), UsernamePasswordAuthenticationFilter.class);
-        //有动态权限配置时添加动态权限校验过滤器
-        if(dynamicSecurityService!=null){
-            registry.and().addFilterBefore(dynamicSecurityFilter(), FilterSecurityInterceptor.class);
-        }
-    }
-
-    @Override
-    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-        auth.userDetailsService(userDetailsService())
-                .passwordEncoder(passwordEncoder());
-    }
-
-    @Bean
-    public PasswordEncoder passwordEncoder() {
-        return new BCryptPasswordEncoder();
-    }
-
-    @Bean
-    public JwtAuthenticationTokenFilter jwtAuthenticationTokenFilter() {
-        return new JwtAuthenticationTokenFilter();
-    }
-
-    @Bean
-    @Override
-    public AuthenticationManager authenticationManagerBean() throws Exception {
-        return super.authenticationManagerBean();
-    }
-
-    @Bean
-    public RestfulAccessDeniedHandler restfulAccessDeniedHandler() {
-        return new RestfulAccessDeniedHandler();
-    }
-
-    @Bean
-    public RestAuthenticationEntryPoint restAuthenticationEntryPoint() {
-        return new RestAuthenticationEntryPoint();
-    }
-
-    @Bean
-    public IgnoreUrlsConfig ignoreUrlsConfig() {
-        return new IgnoreUrlsConfig();
-    }
-
-    @Bean
-    public JwtTokenUtil jwtTokenUtil() {
-        return new JwtTokenUtil();
-    }
-
-    @ConditionalOnBean(name = "dynamicSecurityService")
-    @Bean
-    public DynamicAccessDecisionManager dynamicAccessDecisionManager() {
-        return new DynamicAccessDecisionManager();
-    }
-
-
-    @ConditionalOnBean(name = "dynamicSecurityService")
-    @Bean
-    public DynamicSecurityFilter dynamicSecurityFilter() {
-        return new DynamicSecurityFilter();
-    }
-
-    @ConditionalOnBean(name = "dynamicSecurityService")
-    @Bean
-    public DynamicSecurityMetadataSource dynamicSecurityMetadataSource() {
-        return new DynamicSecurityMetadataSource();
-    }
-
-}

cooleshow-mall/mall-security/src/main/java/com/yonge/cooleshow/mall/security/util/JwtTokenUtil.java

@@ -1,170 +0,0 @@
-package com.yonge.cooleshow.mall.security.util;
-
-import cn.hutool.core.date.DateUtil;
-import cn.hutool.core.util.StrUtil;
-import io.jsonwebtoken.Claims;
-import io.jsonwebtoken.Jwts;
-import io.jsonwebtoken.SignatureAlgorithm;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.security.core.userdetails.UserDetails;
-
-import java.util.Date;
-import java.util.HashMap;
-import java.util.Map;
-
-/**
- * JwtToken生成的工具类
- * JWT token的格式：header.payload.signature
- * header的格式（算法、token的类型）：
- * {"alg": "HS512","typ": "JWT"}
- * payload的格式（用户名、创建时间、生成时间）：
- * {"sub":"wang","created":1489079981393,"exp":1489684781}
- * signature的生成算法：
- * HMACSHA512(base64UrlEncode(header) + "." +base64UrlEncode(payload),secret)
- * Created by macro on 2018/4/26.
- */
-public class JwtTokenUtil {
-    private static final Logger LOGGER = LoggerFactory.getLogger(JwtTokenUtil.class);
-    private static final String CLAIM_KEY_USERNAME = "sub";
-    private static final String CLAIM_KEY_CREATED = "created";
-    @Value("${jwt.secret}")
-    private String secret;
-    @Value("${jwt.expiration}")
-    private Long expiration;
-    @Value("${jwt.tokenHead}")
-    private String tokenHead;
-
-    /**
-     * 根据负责生成JWT的token
-     */
-    private String generateToken(Map<String, Object> claims) {
-        return Jwts.builder()
-                .setClaims(claims)
-                .setExpiration(generateExpirationDate())
-                .signWith(SignatureAlgorithm.HS512, secret)
-                .compact();
-    }
-
-    /**
-     * 从token中获取JWT中的负载
-     */
-    private Claims getClaimsFromToken(String token) {
-        Claims claims = null;
-        try {
-            claims = Jwts.parser()
-                    .setSigningKey(secret)
-                    .parseClaimsJws(token)
-                    .getBody();
-        } catch (Exception e) {
-            LOGGER.info("JWT格式验证失败:{}", token);
-        }
-        return claims;
-    }
-
-    /**
-     * 生成token的过期时间
-     */
-    private Date generateExpirationDate() {
-        return new Date(System.currentTimeMillis() + expiration * 1000);
-    }
-
-    /**
-     * 从token中获取登录用户名
-     */
-    public String getUserNameFromToken(String token) {
-        String username;
-        try {
-            Claims claims = getClaimsFromToken(token);
-            username = claims.getSubject();
-        } catch (Exception e) {
-            username = null;
-        }
-        return username;
-    }
-
-    /**
-     * 验证token是否还有效
-     *
-     * @param token       客户端传入的token
-     * @param userDetails 从数据库中查询出来的用户信息
-     */
-    public boolean validateToken(String token, UserDetails userDetails) {
-        String username = getUserNameFromToken(token);
-        return username.equals(userDetails.getUsername()) && !isTokenExpired(token);
-    }
-
-    /**
-     * 判断token是否已经失效
-     */
-    private boolean isTokenExpired(String token) {
-        Date expiredDate = getExpiredDateFromToken(token);
-        return expiredDate.before(new Date());
-    }
-
-    /**
-     * 从token中获取过期时间
-     */
-    private Date getExpiredDateFromToken(String token) {
-        Claims claims = getClaimsFromToken(token);
-        return claims.getExpiration();
-    }
-
-    /**
-     * 根据用户信息生成token
-     */
-    public String generateToken(UserDetails userDetails) {
-        Map<String, Object> claims = new HashMap<>();
-        claims.put(CLAIM_KEY_USERNAME, userDetails.getUsername());
-        claims.put(CLAIM_KEY_CREATED, new Date());
-        return generateToken(claims);
-    }
-
-    /**
-     * 当原来的token没过期时是可以刷新的
-     *
-     * @param oldToken 带tokenHead的token
-     */
-    public String refreshHeadToken(String oldToken) {
-        if(StrUtil.isEmpty(oldToken)){
-            return null;
-        }
-        String token = oldToken.substring(tokenHead.length());
-        if(StrUtil.isEmpty(token)){
-            return null;
-        }
-        //token校验不通过
-        Claims claims = getClaimsFromToken(token);
-        if(claims==null){
-            return null;
-        }
-        //如果token已经过期，不支持刷新
-        if(isTokenExpired(token)){
-            return null;
-        }
-        //如果token在30分钟之内刚刷新过，返回原token
-        if(tokenRefreshJustBefore(token,30*60)){
-            return token;
-        }else{
-            claims.put(CLAIM_KEY_CREATED, new Date());
-            return generateToken(claims);
-        }
-    }
-
-    /**
-     * 判断token在指定时间内是否刚刚刷新过
-     * @param token 原token
-     * @param time 指定时间（秒）
-     */
-    private boolean tokenRefreshJustBefore(String token, int time) {
-        Claims claims = getClaimsFromToken(token);
-        Date created = claims.get(CLAIM_KEY_CREATED, Date.class);
-        Date refreshDate = new Date();
-        //刷新时间在创建时间的指定时间内
-        if(refreshDate.after(created)&&refreshDate.before(DateUtil.offsetSecond(created,time))){
-            return true;
-        }
-        return false;
-    }
-}

cooleshow-mall/mall-security/src/main/java/com/yonge/cooleshow/mall/security/util/SpringUtil.java

@@ -1,44 +0,0 @@
-package com.yonge.cooleshow.mall.security.util;
-
-import org.springframework.beans.BeansException;
-import org.springframework.context.ApplicationContext;
-import org.springframework.context.ApplicationContextAware;
-import org.springframework.stereotype.Component;
-
-/**
- * Spring工具类
- * Created by macro on 2020/3/3.
- */
-@Component
-public class SpringUtil implements ApplicationContextAware {
-
-    private static ApplicationContext applicationContext;
-
-    // 获取applicationContext
-    public static ApplicationContext getApplicationContext() {
-        return applicationContext;
-    }
-
-    @Override
-    public void setApplicationContext(ApplicationContext applicationContext) throws BeansException {
-        if (SpringUtil.applicationContext == null) {
-            SpringUtil.applicationContext = applicationContext;
-        }
-    }
-
-    // 通过name获取Bean
-    public static Object getBean(String name) {
-        return getApplicationContext().getBean(name);
-    }
-
-    // 通过class获取Bean
-    public static <T> T getBean(Class<T> clazz) {
-        return getApplicationContext().getBean(clazz);
-    }
-
-    // 通过name,以及Clazz返回指定的Bean
-    public static <T> T getBean(String name, Class<T> clazz) {
-        return getApplicationContext().getBean(name, clazz);
-    }
-
-}

cooleshow-mall/pom.xml

@@ -90,6 +90,5 @@
         <module>mall-admin</module>
         <module>mall-common</module>
         <module>mall-portal</module>
-        <module>mall-security</module>
     </modules>
 </project>

cooleshow-user/user-biz/src/main/java/com/yonge/cooleshow/biz/dal/service/impl/CourseGroupServiceImpl.java

@@ -21,10 +21,19 @@ import com.yonge.cooleshow.biz.dal.enums.CourseGroupEnum;
 import com.yonge.cooleshow.biz.dal.enums.CourseScheduleEnum;
 import com.yonge.cooleshow.biz.dal.service.*;
 import com.yonge.cooleshow.biz.dal.support.PageUtil;
+<<<<<<< HEAD
 import com.yonge.cooleshow.biz.dal.vo.*;
+<<<<<<< HEAD
 import com.yonge.cooleshow.biz.dal.support.WrapperUtil;
 import com.yonge.cooleshow.biz.dal.vo.CourseGroupVo;
 import com.yonge.cooleshow.biz.dal.vo.LiveCourseInfoVo;
+=======
+=======
+import com.yonge.cooleshow.biz.dal.support.WrapperUtil;
+import com.yonge.cooleshow.biz.dal.vo.CourseGroupVo;
+import com.yonge.cooleshow.biz.dal.vo.LiveCourseInfoVo;
+>>>>>>> 5047645 (增加  直播课购买流程 部分)
+>>>>>>> 46c4b27 (rebase 268ba9c)
 import com.yonge.cooleshow.common.constant.SysConfigConstant;
 import com.yonge.cooleshow.common.exception.BizException;
 import com.yonge.cooleshow.common.page.PageInfo;
@@ -443,6 +452,7 @@ public class CourseGroupServiceImpl extends ServiceImpl<CourseGroupDao, CourseGr
         return redissonClient.getMap(key);
     }
 
+<<<<<<< HEAD
     @Override
     public IPage<LiveCourseGroupVo> selectAdminLivePage(IPage<LiveCourseGroupVo> page, LiveCourseGroupSearch query) {
 
@@ -477,6 +487,10 @@ public class CourseGroupServiceImpl extends ServiceImpl<CourseGroupDao, CourseGr
         return baseMapper.selectAdminLivePlan(courseGroupId);
     }
 
+<<<<<<< HEAD
+=======
+=======
+>>>>>>> 46c4b27 (rebase 268ba9c)
     /**
      * 学生购买直播课程组
      *
@@ -544,6 +558,10 @@ public class CourseGroupServiceImpl extends ServiceImpl<CourseGroupDao, CourseGr
         //修改 course_group表 pre_student_num_(预计上课人数) - 1
         //删除 course_schedule_student_payment表 数据
         //修改订单为失败
+<<<<<<< HEAD
+=======
+>>>>>>> 5047645 (增加  直播课购买流程 部分)
+>>>>>>> 46c4b27 (rebase 268ba9c)
     }
 
     private SysUser getSysUser(Long userId) {