增加权限

wisenergy-service/src/main/java/cn/wisenergy/service/app/UserService.java

@@ -59,6 +59,13 @@ public interface UserService {
      */
     R<UserShowVo> getById(Integer id);
 
+    /**
+     * 获取用户信息
+     * @param phone 电话号码
+     * @return 用户信息
+     */
+    User getByPhone(String phone);
+
     R<List<User>> test();
 
 }

wisenergy-service/src/main/java/cn/wisenergy/service/app/impl/UserServiceImpl.java

@@ -273,6 +273,12 @@ public class UserServiceImpl extends ServiceImpl<UsersMapper, User> implements U
         return R.ok(userShowVo);
     }
 
+    @Override
+    public User getByPhone(String phone) {
+        User user=usersMapper.getByPhone(phone);
+        return user;
+    }
+
     @Override
     public R<List<User>> test() {
         List<String> names = new ArrayList<>();

wisenergy-service/src/main/java/cn/wisenergy/service/app/impl/WxPayServiceImpl.java

@@ -5,14 +5,12 @@ import cn.wisenergy.model.dto.PayPageDto;
 import cn.wisenergy.model.dto.PayQueryDto;
 import cn.wisenergy.service.app.WxPayService;
 
-import cn.wisenergy.service.httpClient.Credentials;
 import cn.wisenergy.service.httpClient.WechatPayHttpClientBuilder;
 import cn.wisenergy.service.httpClient.auth.AutoUpdateCertificatesVerifier;
 import cn.wisenergy.service.httpClient.auth.PrivateKeySigner;
 import cn.wisenergy.service.httpClient.auth.WechatPay2Credentials;
 import cn.wisenergy.service.httpClient.auth.WechatPay2Validator;
 import cn.wisenergy.service.httpClient.util.PemUtil;
-import cn.wisenergy.service.httpClient.util.RsaCryptoUtil;
 import cn.wisenergy.service.util.SignDemo;
 import cn.wisenergy.service.wxpay.WxCommon;
 import com.alibaba.fastjson.JSONObject;
@@ -20,11 +18,9 @@ import lombok.extern.slf4j.Slf4j;
 import okhttp3.HttpUrl;
 import org.apache.commons.lang.StringUtils;
 import org.apache.http.HttpEntity;
-import org.apache.http.HttpRequest;
 import org.apache.http.client.methods.CloseableHttpResponse;
 import org.apache.http.client.methods.HttpGet;
 import org.apache.http.client.methods.HttpPost;
-import org.apache.http.client.methods.HttpRequestWrapper;
 import org.apache.http.entity.ContentType;
 import org.apache.http.entity.StringEntity;
 import org.apache.http.impl.client.CloseableHttpClient;
@@ -32,12 +28,8 @@ import org.apache.http.impl.client.HttpClients;
 import org.apache.http.util.EntityUtils;
 import org.junit.After;
 import org.junit.Before;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.http.HttpHeaders;
-import org.springframework.http.MediaType;
-import org.springframework.http.ResponseEntity;
 import org.springframework.stereotype.Service;
-import org.springframework.web.client.RestTemplate;
+
 
 import javax.crypto.IllegalBlockSizeException;
 import java.io.ByteArrayInputStream;

wisenergy-service/src/main/java/cn/wisenergy/service/util/WxPayUtil.java

 package cn.wisenergy.service.util;
 
-import cn.wisenergy.common.utils.R;
-import cn.wisenergy.model.dto.PayPageDto;
 import cn.wisenergy.service.httpClient.WechatPayHttpClientBuilder;
 import cn.wisenergy.service.httpClient.auth.AutoUpdateCertificatesVerifier;
 import cn.wisenergy.service.httpClient.auth.PrivateKeySigner;
@@ -9,7 +7,6 @@ import cn.wisenergy.service.httpClient.auth.WechatPay2Credentials;
 import cn.wisenergy.service.httpClient.auth.WechatPay2Validator;
 import cn.wisenergy.service.httpClient.util.PemUtil;
 import cn.wisenergy.service.wxpay.WxCommon;
-import com.alibaba.fastjson.JSONObject;
 import okhttp3.HttpUrl;
 import org.apache.http.HttpEntity;
 import org.apache.http.client.methods.CloseableHttpResponse;
@@ -17,10 +14,8 @@ import org.apache.http.client.methods.HttpPost;
 import org.apache.http.entity.ContentType;
 import org.apache.http.entity.StringEntity;
 import org.apache.http.impl.client.CloseableHttpClient;
-import org.apache.http.impl.client.HttpClients;
 import org.apache.http.util.EntityUtils;
 import org.junit.After;
-import org.junit.Before;
 
 import java.io.ByteArrayInputStream;
 import java.io.IOException;
@@ -103,37 +98,37 @@ public class WxPayUtil {
                 + "\"out_trade_no\":\"" + tradeNo + "\","
                 + "\"goods_tag\":\"WXG\","
                 + "\"appid\":\"" + WxCommon.APP_ID + "\","
-                + "\"attach\":\"自定义数据说明\","
-                + "\"detail\": {"
-                + "\"invoice_id\":\"wx123\","
-                + "\"goods_detail\": ["
-                + "{"
-                + "\"goods_name\":\"iPhoneX 256G\","
-                + "\"wechatpay_goods_id\":\"1001\","
-                + "\"quantity\":1,"
-                + "\"merchant_goods_id\":\"商品编码\","
-                + "\"unit_price\":828800"
-                + "},"
-                + "{"
-                + "\"goods_name\":\"iPhoneX 256G\","
-                + "\"wechatpay_goods_id\":\"1001\","
-                + "\"quantity\":1,"
-                + "\"merchant_goods_id\":\"商品编码\","
-                + "\"unit_price\":828800"
-                + "}"
-                + "],"
-                + "\"cost_price\":608800"
-                + "},"
-                + "\"scene_info\": {"
-                + "\"store_info\": {"
-                + "\"address\":\"广东省深圳市南山区科技中一道10000号\","
-                + "\"area_code\":\"440305\","
-                + "\"name\":\"腾讯大厦分店\","
-                + "\"id\":\"0001\""
-                + "},"
-                + "\"device_id\":\"013467007045764\","
-                + "\"payer_client_ip\":\"14.23.150.211\""
-                + "}"
+//                + "\"attach\":\"自定义数据说明\","
+//                + "\"detail\": {"
+//                + "\"invoice_id\":\"wx123\","
+//                + "\"goods_detail\": ["
+//                + "{"
+//                + "\"goods_name\":\"iPhoneX 256G\","
+//                + "\"wechatpay_goods_id\":\"1001\","
+//                + "\"quantity\":1,"
+//                + "\"merchant_goods_id\":\"商品编码\","
+//                + "\"unit_price\":828800"
+//                + "},"
+//                + "{"
+//                + "\"goods_name\":\"iPhoneX 256G\","
+//                + "\"wechatpay_goods_id\":\"1001\","
+//                + "\"quantity\":1,"
+//                + "\"merchant_goods_id\":\"商品编码\","
+//                + "\"unit_price\":828800"
+//                + "}"
+//                + "],"
+//                + "\"cost_price\":608800"
+//                + "},"
+//                + "\"scene_info\": {"
+//                + "\"store_info\": {"
+//                + "\"address\":\"广东省深圳市南山区科技中一道10000号\","
+//                + "\"area_code\":\"440305\","
+//                + "\"name\":\"腾讯大厦分店\","
+//                + "\"id\":\"0001\""
+//                + "},"
+//                + "\"device_id\":\"013467007045764\","
+//                + "\"payer_client_ip\":\"14.23.150.211\""
+//                + "}"
                 + "}";
         StringEntity reqEntity = new StringEntity(
                 reqdata, ContentType.create("application/json", "utf-8"));

wisenergy-web-admin/src/main/java/cn/wisenergy/web/admin/controller/app/UserController.java

 package cn.wisenergy.web.admin.controller.app;
 
+import cn.wisenergy.common.constant.RedisConsts;
 import cn.wisenergy.common.utils.R;
 import cn.wisenergy.model.app.User;
 import cn.wisenergy.model.dto.UserCommitDto;
@@ -8,12 +9,16 @@ import cn.wisenergy.model.vo.UserInfoVo;
 import cn.wisenergy.model.vo.UserQueryVo;
 import cn.wisenergy.model.vo.UserShowVo;
 import cn.wisenergy.service.app.UserService;
+import cn.wisenergy.web.config.JwtConfig;
+import cn.wisenergy.web.shiro.JwtUtil;
 import com.github.pagehelper.PageInfo;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiImplicitParam;
 import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.web.bind.annotation.*;
 
 import java.util.List;
@@ -33,6 +38,13 @@ public class UserController {
     @Autowired
     private UserService userService;
 
+    @Autowired
+    private JwtUtil jwtUtil;
+    @Autowired
+    private JwtConfig jwtConfig;
+    @Autowired
+    private RedisTemplate<String, Object> redisTemplate;
+
 
     @ApiOperation(value = "用户管理", notes = "用户管理", httpMethod = "POST")
     @ApiImplicitParam(name = "queryVo", value = "用户信息", dataType = "UserQueryVo")
@@ -92,4 +104,26 @@ public class UserController {
         return userService.test();
     }
 
+    /**
+     * shiro登录
+     *
+     * @return
+     */
+    @ApiOperation(value = "获取token接口", notes = "获取token接口", httpMethod = "POST")
+    @PostMapping(value = "/login")
+    public R<String> login(String phone) {
+        if (StringUtils.isBlank(phone)) {
+            return R.error("入参为空!");
+        }
+
+        //用户信息
+        User user = userService.getByPhone(phone);
+
+        // 创建token
+        String token = jwtUtil.generateToken(user);
+        // 保存Redis
+        redisTemplate.opsForValue().set(RedisConsts.JWT_ACCESS_TOKEN + token, token);
+        return R.ok(token);
+    }
+
 }

wisenergy-web-admin/src/main/java/cn/wisenergy/web/admin/controller/app/UserLoginController.java

@@ -4,6 +4,7 @@ package cn.wisenergy.web.admin.controller.app;
 import cn.wisenergy.common.utils.R;
 import cn.wisenergy.model.vo.*;
 import cn.wisenergy.service.app.UserLoginService;
+import cn.wisenergy.web.common.BaseController;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiImplicitParam;
 import io.swagger.annotations.ApiOperation;
@@ -22,7 +23,7 @@ import org.springframework.web.bind.annotation.*;
 @Api(tags = "PC-用户登录")
 @RequestMapping("/user/login")
 @Slf4j
-public class UserLoginController {
+public class UserLoginController extends BaseController {
 
     @Autowired
     private UserLoginService userLoginService;
@@ -117,4 +118,5 @@ public class UserLoginController {
 
         return userLoginService.smsResetPassword(userVo);
     }
+
 }

wisenergy-web-admin/src/main/java/cn/wisenergy/web/aspect/DataAuthAspect.java

+package cn.wisenergy.web.aspect;
+
+import cn.wisenergy.common.annotation.DataAuth;
+import cn.wisenergy.common.constant.CommonConstants;
+import cn.wisenergy.common.enums.RespCodeEnum;
+import cn.wisenergy.common.utils.exception.Result;
+import cn.wisenergy.model.app.AccountInfo;
+import cn.wisenergy.service.app.AccountSerivce;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.SecurityUtils;
+import org.aspectj.lang.ProceedingJoinPoint;
+import org.aspectj.lang.annotation.Around;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.annotation.Pointcut;
+import org.aspectj.lang.reflect.MethodSignature;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+import java.lang.reflect.Method;
+import java.util.Map;
+
+/**
+ * 数据权限，切面处理类
+ */
+@Aspect
+@Component
+public class DataAuthAspect {
+    @Autowired
+    AccountSerivce sysUserService;
+
+    @Pointcut("@annotation(cn.wisenergy.common.annotation.DataAuth)")
+    public void dataPointCut() {
+    }
+
+    @Around("dataPointCut()")
+    public Object around(ProceedingJoinPoint pjp) throws Throwable {
+        MethodSignature signature = (MethodSignature) pjp.getSignature();
+        Method method = signature.getMethod();
+        // 获取方法上的注解
+        DataAuth dataAuth = method.getAnnotation(DataAuth.class);
+        if (dataAuth != null) {
+            // 获取注解值
+            String mapKey = dataAuth.value();
+            // 获取请求参数
+            Object[] args = pjp.getArgs();
+            for (Object obj : args) {
+                if (obj instanceof Map) {
+                    Map<String, Object> map = (Map<String, Object>) obj;
+                    // 获取当前用户
+                    AccountInfo sysUser = (AccountInfo) SecurityUtils.getSubject().getPrincipal();
+                    if (sysUser != null) {
+                        // 超级管理员返回全量数据
+                        if (!StringUtils.equals(sysUser.getId().toString(), CommonConstants.SUPER_ADMIN)) {
+                            // 查询用户的数据权限信息，如果存在数据权限集合，将集合存入请求参数map中
+//                            Set<String> dataAuthList = sysUserService.getUserDataAuth(sysUser);
+//                            if (dataAuthList != null && !dataAuthList.isEmpty()) {
+//                                map.put(mapKey, dataAuthList);
+//                            }
+                        }
+                        return pjp.proceed();
+                    }
+                }
+            }
+        }
+        Result result = new Result();
+        result.setResult(Result.RESULT_FLG.FAIL.getValue());
+        result.setErrorCode(RespCodeEnum.DATA_AUTH_UNAUTHORIZED.getCode());
+        result.setErrorMsg(RespCodeEnum.DATA_AUTH_UNAUTHORIZED.getMsg());
+        return result;
+    }
+}

wisenergy-web-admin/src/main/java/cn/wisenergy/web/aspect/SysLogAspect.java

+package cn.wisenergy.web.aspect;
+
+import cn.wisenergy.common.utils.exception.Result;
+import cn.wisenergy.common.utils.ip.IpUtils;
+import com.alibaba.fastjson.JSON;
+import org.apache.shiro.SecurityUtils;
+import org.aspectj.lang.ProceedingJoinPoint;
+import org.aspectj.lang.annotation.Around;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.annotation.Pointcut;
+import org.aspectj.lang.reflect.MethodSignature;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import javax.servlet.http.HttpServletRequest;
+import java.lang.reflect.Method;
+import java.util.Date;
+
+/**
+ * 系统日志，切面处理类
+ */
+@Aspect
+@Component
+public class SysLogAspect {
+//	@Autowired
+//	private SysLogService sysLogService;
+//
+//	@Pointcut("@annotation(cn.wisenergy.common.annotation.SysLog)")
+//	public void logPointCut() {
+//	}
+//
+//	@Around("logPointCut()")
+//	public Object around(ProceedingJoinPoint point) throws Throwable {
+//		long beginTime = System.currentTimeMillis();
+//		//执行方法
+//		Object result = point.proceed();
+//		//执行时长(毫秒)
+//		long time = System.currentTimeMillis() - beginTime;
+//
+//		//保存日志
+//		saveSysLog(point, time, result);
+//
+//		return result;
+//	}
+//
+//	private void saveSysLog(ProceedingJoinPoint joinPoint, long time,Object result) {
+//		MethodSignature signature = (MethodSignature) joinPoint.getSignature();
+//		Method method = signature.getMethod();
+//
+//		SysLogEntity sysLog = new SysLogEntity();
+//		cn.wisenergy.common.annotation.SysLog syslog = method.getAnnotation(cn.wisenergy.common.annotation.SysLog.class);
+//		if(syslog != null){
+//			//注解上的描述
+//			sysLog.setOperation(syslog.value());
+//		}
+//
+//		//请求的方法名
+//		String className = joinPoint.getTarget().getClass().getName();
+//		String methodName = signature.getName();
+//		sysLog.setMethod(className + "." + methodName + "()");
+//
+//		//请求的参数
+//		Object[] args = joinPoint.getArgs();
+//		String params = JSON.toJSONString(args);
+//		sysLog.setParams(params);
+//
+//		//返回值
+//		Result<?> r= (Result<?>) result;
+//		if("success".equals(r.getResult())) {
+//			sysLog.setState("成功");
+//		}else {
+//			sysLog.setState("失败");
+//		}
+//		//获取request
+//        HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
+//        //设置IP地址
+//		sysLog.setIp(IpUtils.getIpAddr(request));
+//		//用户名
+//		SysUserEntity principal = (SysUserEntity) SecurityUtils.getSubject().getPrincipal();
+//		String username =principal.getUsername();
+//		sysLog.setUsername(username);
+//		sysLog.setTime(time);
+//		sysLog.setCreateDate(new Date());
+//		//保存系统日志
+//		try {
+//			sysLogService.save(sysLog);
+//		} catch (Exception e) {
+//			e.printStackTrace();
+//		}
+//	}
+}

wisenergy-web-admin/src/main/java/cn/wisenergy/web/aspect/WebLogAspect.java

+package cn.wisenergy.web.aspect;
+
+import com.alibaba.fastjson.JSON;
+import lombok.extern.slf4j.Slf4j;
+import org.aspectj.lang.JoinPoint;
+import org.aspectj.lang.ProceedingJoinPoint;
+import org.aspectj.lang.annotation.*;
+import org.springframework.stereotype.Component;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * AOP日志
+ */
+@Aspect
+@Component
+@Slf4j
+public class WebLogAspect {
+
+    /**
+     * 两个..代表所有子目录，最后括号里的两个..代表所有参数
+     */
+    @Pointcut("execution( * cn.wisenergy.web.admin.controller..*.*(..))")
+    public void logPointCut() {
+    }
+
+    @Before("logPointCut()")
+    public void doBefore(JoinPoint joinPoint) {
+        // 接收到请求，记录请求内容
+        ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
+        HttpServletRequest request = attributes.getRequest();
+
+        // 记录下请求内容
+        log.info(" ___________________________________________________________");
+        log.info("| 请求地址 : {}", request.getRequestURL().toString());
+        log.info("| 请求方式 : {}", request.getMethod());
+        // 获取执行的方法全路径
+        String methodName = joinPoint.getSignature().getName();
+        log.info("| 执行方法 : {}.{}", joinPoint.getSignature().getDeclaringTypeName(), methodName);
+    }
+
+    /**
+     * returning的值和doAfterReturning的参数名一致
+     */
+    @AfterReturning(returning = "ret", pointcut = "logPointCut()")
+    public void doAfterReturning(Object ret) {
+        // 处理完请求，返回内容
+        log.info("| 返回值 : {}", JSON.toJSONString(ret));
+        log.info(" ———————————————————————————————————————————");
+    }
+
+    @Around("logPointCut()")
+    public Object doAround(ProceedingJoinPoint pjp) throws Throwable {
+        long startTime = System.currentTimeMillis();
+        // ob 为方法的返回值
+        Object ob = pjp.proceed();
+        log.info("| 耗时 : {}", (System.currentTimeMillis() - startTime));
+        return ob;
+    }
+}

wisenergy-web-admin/src/main/java/cn/wisenergy/web/common/BaseController.java

+package cn.wisenergy.web.common;
+
+import cn.wisenergy.model.app.User;
+import cn.wisenergy.service.app.UserService;
+import cn.wisenergy.web.shiro.JwtUtil;
+import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.shiro.SecurityUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * 控制器基类
+ *
+ * @author wyy
+ * @date 2019年08月15日
+ */
+@Slf4j
+public abstract class BaseController {
+
+    @Autowired
+    private UserService authUserService;
+    @Autowired
+    JwtUtil jwtUtil;
+    @Autowired
+    HttpServletRequest request;
+
+    /**
+     * 获取当前登录用户
+     *
+     * @return
+     */
+    public User getUser() {
+        return (User) SecurityUtils.getSubject().getPrincipal();
+    }
+
+
+    protected <T> Page<T> getPage(int size) {
+        int _size = size, _index = 1;
+        if (request.getParameter("_size") != null) {
+            _size = Integer.parseInt(request.getParameter("_size"));
+        }
+        if (request.getParameter("_index") != null) {
+            _index = Integer.parseInt(request.getParameter("_index"));
+        }
+        return new Page<T>(_index, _size);
+    }
+}
\ No newline at end of file

wisenergy-web-admin/src/main/java/cn/wisenergy/web/config/FilterConfig.java

+package cn.wisenergy.web.config;
+
+import org.springframework.boot.web.servlet.FilterRegistrationBean;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.filter.DelegatingFilterProxy;
+
+/**
+ * Filter配置
+ */
+@Configuration
+public class FilterConfig {
+
+    @Bean
+    public FilterRegistrationBean shiroFilterRegistration() {
+        FilterRegistrationBean registration = new FilterRegistrationBean();
+        registration.setFilter(new DelegatingFilterProxy("shiroFilter"));
+        //该值缺省为false，表示生命周期由SpringApplicationContext管理，设置为true则表示由ServletContainer管理
+        registration.addInitParameter("targetFilterLifecycle", "true");
+        registration.setEnabled(true);
+        registration.setOrder(Integer.MAX_VALUE - 1);
+        registration.addUrlPatterns("/*");
+        return registration;
+    }
+}

wisenergy-web-admin/src/main/java/cn/wisenergy/web/config/JwtConfig.java

+package cn.wisenergy.web.config;
+
+import lombok.Data;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.stereotype.Component;
+
+/**
+ * Jwt配置
+ *
+ * @author lut
+ */
+@Data
+@Component
+@ConfigurationProperties(prefix = "jwt")
+public class JwtConfig {
+
+    /**
+     * 过期时间
+     */
+    private int expire;
+
+    /**
+     * 秘钥串
+     */
+    private String secret;
+
+}

wisenergy-web-admin/src/main/java/cn/wisenergy/web/config/MvcConfiguration.java

+package cn.wisenergy.web.config;
+
+import com.alibaba.fastjson.PropertyNamingStrategy;
+import com.alibaba.fastjson.serializer.SerializeConfig;
+import com.alibaba.fastjson.serializer.SerializerFeature;
+import com.alibaba.fastjson.serializer.ToStringSerializer;
+import com.alibaba.fastjson.support.config.FastJsonConfig;
+import com.alibaba.fastjson.support.spring.FastJsonHttpMessageConverter;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.core.convert.converter.Converter;
+import org.springframework.format.FormatterRegistry;
+import org.springframework.http.MediaType;
+import org.springframework.http.converter.ByteArrayHttpMessageConverter;
+import org.springframework.http.converter.HttpMessageConverter;
+import org.springframework.http.converter.StringHttpMessageConverter;
+import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
+import org.springframework.web.servlet.config.annotation.CorsRegistry;
+import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+import java.math.BigInteger;
+import java.nio.charset.Charset;
+import java.text.ParseException;
+import java.text.SimpleDateFormat;
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.List;
+
+/**
+ * MVC配置
+ *
+ * @author WYY
+ * @date 2019/4/18
+ */
+@Configuration
+public class MvcConfiguration implements WebMvcConfigurer {
+
+    @Value("${uploadFile.resourceHandler}")
+    private String resourceHandler;
+
+    @Value("${uploadFile.location}")
+    private String location;
+
+    /**
+     * 后置跨域支持【当出现跨域请求,此处会放在拦截器最后执行，CORS失效】
+     *
+     * @param registry
+     */
+    @Override
+    public void addCorsMappings(CorsRegistry registry) {
+        registry.addMapping("/**")
+                .allowedOrigins("*")
+                .allowedHeaders("*")
+                .allowedMethods("*")
+                .allowCredentials(true)
+                .maxAge(3600);
+    }
+
+    /**
+     * 配置消息转换器：Ali开源的fastJson
+     *
+     * @param converters
+     */
+    @Override
+    public void configureMessageConverters(List<HttpMessageConverter<?>> converters) {
+        // 先移除jackson转换器,springBoot1.x可以不排除
+        for (int i = converters.size() - 1; i >= 0; i--) {
+            if (converters.get(i) instanceof MappingJackson2HttpMessageConverter) {
+                converters.remove(i);
+            }
+        }
+        //1.需要定义一个convert转换消息的对象;
+        FastJsonHttpMessageConverter fastJsonHttpMessageConverter = new FastJsonHttpMessageConverter();
+        StringHttpMessageConverter stringHttpMessageConverter = new StringHttpMessageConverter();
+        ByteArrayHttpMessageConverter byteArrayHttpMessageConverter = new ByteArrayHttpMessageConverter();
+
+        //2.添加fastJson的配置信息，比如：是否要格式化返回的json数据;
+        FastJsonConfig fastJsonConfig = new FastJsonConfig();
+        fastJsonConfig.setSerializerFeatures(
+                SerializerFeature.PrettyFormat,
+                SerializerFeature.WriteMapNullValue,
+                SerializerFeature.WriteNullStringAsEmpty,
+                SerializerFeature.DisableCircularReferenceDetect,
+                SerializerFeature.WriteNullListAsEmpty,
+                SerializerFeature.BrowserCompatible,
+                SerializerFeature.WriteDateUseDateFormat);
+        // 设置编码
+        fastJsonConfig.setCharset(Charset.forName("UTF-8"));
+        fastJsonConfig.setDateFormat("yyyy-MM-dd HH:mm:ss");
+
+        // 设置数字转化问题
+        SerializeConfig serializeConfig = SerializeConfig.globalInstance;
+        serializeConfig.put(BigInteger.class, ToStringSerializer.instance);
+        serializeConfig.put(Long.class, ToStringSerializer.instance);
+        serializeConfig.put(Long.TYPE, ToStringSerializer.instance);
+        serializeConfig.setPropertyNamingStrategy( PropertyNamingStrategy.CamelCase);
+        fastJsonConfig.setSerializeConfig(serializeConfig);
+
+        //3处理中文乱码问题
+        List<MediaType> fastMediaTypes = new ArrayList<>();
+        fastMediaTypes.add(MediaType.APPLICATION_JSON);
+        fastMediaTypes.add(MediaType.APPLICATION_JSON_UTF8);
+        fastMediaTypes.add(MediaType.TEXT_HTML);
+        fastMediaTypes.add(MediaType.MULTIPART_FORM_DATA);
+
+        //4.在convert中添加配置信息.
+        fastJsonHttpMessageConverter.setSupportedMediaTypes(fastMediaTypes);
+        fastJsonHttpMessageConverter.setFastJsonConfig(fastJsonConfig);
+
+        //5.将convert添加到converters当中.
+        converters.add(fastJsonHttpMessageConverter);
+        converters.add(stringHttpMessageConverter);
+        converters.add(byteArrayHttpMessageConverter);
+    }
+
+    /**
+     * 启用@EnableWebMvc后，properties文件中的静态路径失效，必须覆盖后重新制定
+     * 配置静态访问资源
+     *
+     * @param registry
+     */
+    @Override
+    public void addResourceHandlers(ResourceHandlerRegistry registry) {
+        // swagger2配置
+        registry.addResourceHandler("swagger-ui.html")
+                .addResourceLocations("classpath:/META-INF/resources/");
+        registry.addResourceHandler("/webjars/**")
+                .addResourceLocations("classpath:/META-INF/resources/webjars/");
+
+        // 静态资源拦截
+        registry.addResourceHandler("/**")
+                .addResourceLocations("classpath:/META-INF/")
+                .addResourceLocations("classpath:/META-INF/resources/")
+                .addResourceLocations("classpath:/resources/")
+                .addResourceLocations("classpath:/static/")
+                .addResourceLocations("classpath:/public/")
+                .addResourceLocations("classpath:/");
+        //上传文件配置
+        registry.addResourceHandler(resourceHandler)
+                .addResourceLocations("file:///"+location);
+    }
+
+    @Override
+    public void addFormatters(FormatterRegistry registry) {
+        registry.addConverter(new Converter<String, Date>(){
+            @Override
+            public Date convert(String source) {
+                SimpleDateFormat simpleDateFormat;
+                if (source.contains(" ")) {
+                    simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
+                } else {
+                    simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd");
+                }
+                try {
+                    return simpleDateFormat.parse(source);
+                } catch (ParseException e) {
+                    e.printStackTrace();
+                }
+                return null;
+            }
+        });
+    }
+}

wisenergy-web-admin/src/main/java/cn/wisenergy/web/shiro/AuthToken.java

+package cn.wisenergy.web.shiro;
+
+
+import org.apache.shiro.authc.AuthenticationToken;
+
+/**
+ * token
+ */
+public class AuthToken implements AuthenticationToken {
+    private String token;
+
+    public AuthToken(String token) {
+        this.token = token;
+    }
+
+    @Override
+    public String getPrincipal() {
+        return token;
+    }
+
+    @Override
+    public Object getCredentials() {
+        return token;
+    }
+}

wisenergy-web-admin/src/main/java/cn/wisenergy/web/shiro/JwtUtil.java

+package cn.wisenergy.web.shiro;
+
+import cn.wisenergy.common.enums.RespCodeEnum;
+import cn.wisenergy.model.app.User;
+import cn.wisenergy.web.config.JwtConfig;
+import com.alibaba.fastjson.JSON;
+import io.jsonwebtoken.*;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.shiro.authc.IncorrectCredentialsException;
+import org.joda.time.DateTime;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
+import org.springframework.stereotype.Component;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * Jwt-Token工具类
+ *
+ * @author lut
+ */
+@Slf4j
+@Component
+@EnableConfigurationProperties(JwtConfig.class)
+public class JwtUtil {
+
+    @Autowired
+    JwtConfig jwtConfig;
+
+    /**
+     * 生成Jwt令牌
+     *
+     * @param jSubject
+     * @return
+     */
+    private String createJWT(String jSubject) {
+        log.info("构建Jwt令牌-->{}", jSubject);
+        return Jwts.builder()
+                .signWith(SignatureAlgorithm.HS512, jwtConfig.getSecret())
+                .setSubject(jSubject)
+                .setIssuedAt(DateTime.now().toDate())
+                //.setExpiration(DateTime.now().plusSeconds(jwtConfig.getExpire() * 2).toDate())
+                .compact();
+    }
+
+    /**
+     * 解析令牌数据
+     *
+     * @param token
+     * @return
+     */
+    public Claims getClaimsFromToken(String token) {
+        Claims claims;
+        try {
+            claims = Jwts.parser()
+                    .setSigningKey(jwtConfig.getSecret())
+                    .parseClaimsJws(token)
+                    .getBody();
+        } catch (ExpiredJwtException e) {
+            throw new IncorrectCredentialsException(RespCodeEnum.TOKEN_IS_NOT_TIMEOUT.getMsg());
+        } catch (MalformedJwtException | SignatureException e) {
+            log.error("JWT解析异常，ex={}", e.getMessage(), e);
+            throw new IncorrectCredentialsException(RespCodeEnum.TOKEN_IS_NOT_ERROR.getMsg());
+        }
+        return claims;
+    }
+
+    /**
+     * 生成Jwt令牌
+     *
+     * @param userDetails 用户信息
+     * @return
+     */
+    public String generateToken(User userDetails) {
+        return createJWT(JSON.toJSONString(userDetails));
+    }
+
+    /**
+     * 从令牌中获取用户信息
+     *
+     * @return
+     */
+    public User getUserFromToken(Claims claims) {
+        return JSON.parseObject(claims.getSubject(), User.class);
+    }
+
+    /**
+     * 判断令牌是否过期
+     *
+     * @param claims
+     * @return 是否过期
+     */
+    public Boolean isTokenExpired(Claims claims) {
+        return claims.getExpiration().before(DateTime.now().plusSeconds(jwtConfig.getExpire()).toDate());
+    }
+
+    /**
+     * 从请求头中获取token
+     *
+     * @return
+     */
+    public String getToken() {
+        HttpServletRequest request = ((ServletRequestAttributes) (RequestContextHolder.currentRequestAttributes())).getRequest();
+        return request.getHeader("Authorization");
+    }
+}

wisenergy-web-admin/src/main/java/cn/wisenergy/web/shiro/ShiroConfig.java

+package cn.wisenergy.web.shiro;
+
+import cn.wisenergy.web.shiro.filter.AuthFilter;
+import cn.wisenergy.web.shiro.filter.AuthRealm;
+import org.apache.shiro.mgt.SecurityManager;
+import org.apache.shiro.spring.LifecycleBeanPostProcessor;
+import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
+import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
+import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
+import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+import javax.servlet.Filter;
+import java.util.HashMap;
+import java.util.LinkedHashMap;
+import java.util.Map;
+
+/**
+ * shiro配置类
+ */
+@Configuration
+public class ShiroConfig {
+
+    /**
+     * 配置拦截器
+     * <p>
+     * 定义拦截URL权限，优先级从上到下
+     * 1). anon  : 匿名访问，无需登录
+     * 2). authc : 登录后才能访问
+     * 3). logout: 登出
+     * 4). frameperms : 自定义的过滤器
+     * <p>
+     * URL 匹配风格
+     * 1). ?：匹配一个字符，如 /admin? 将匹配 /admin1，但不匹配 /admin 或 /admin/；
+     * 2). *：匹配零个或多个字符串，如 /admin* 将匹配 /admin 或/admin123，但不匹配 /admin/1；
+     * 3). **：匹配路径中的零个或多个路径，如 /admin/** 将匹配 /admin/a 或 /admin/a/b
+     * <p>
+     * 配置身份验证成功，失败的跳转路径
+     */
+    @Bean("shiroFilter")
+    public ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager) {
+        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
+        // 设置securityManager
+        shiroFilterFactoryBean.setSecurityManager(securityManager);
+
+        // 自定义的过滤器
+        Map<String, Filter> filterMap = new HashMap<>();
+        // map里面key值要为过滤器的名称，value为过滤器对象
+        filterMap.put("oauth2", new AuthFilter());
+        // 将自定义的过滤器加入到过滤器集合中
+        shiroFilterFactoryBean.setFilters(filterMap);
+
+        // 设置拦截器集合
+        Map<String, String> filterChainDefinitionMap = new LinkedHashMap<String, String>();
+//        filterChainDefinitionMap.put("/authInformation/save", "anon");//存储设备IMEI号和手机SIM卡ID号
+//        filterChainDefinitionMap.put("/sys/login", "anon"); // 登录页面-身份认证
+//        filterChainDefinitionMap.put("/sys/registered", "anon"); // 注册页面
+//        filterChainDefinitionMap.put("/swagger-ui.html", "anon"); // swagger接口-匿名访问
+//        filterChainDefinitionMap.put("/swagger/**", "anon");
+//        filterChainDefinitionMap.put("/admin/anon/**", "anon");
+//        filterChainDefinitionMap.put("/webjars/springfox-swagger-ui/**", "anon");
+//        filterChainDefinitionMap.put("/swagger-resources/**", "anon");
+//        filterChainDefinitionMap.put("/v2/api-docs", "anon");
+//        filterChainDefinitionMap.put("/upload_flowChart/**", "anon");//图片地址
+//        filterChainDefinitionMap.put("/webSocket/**", "anon");//socket
+//        filterChainDefinitionMap.put("/message/**", "anon");//消息推送接口
+//        filterChainDefinitionMap.put("/**", "oauth2");  // 其他路径均需要身份认证，一般位于最下面，优先级最低
+
+        // 设置拦截器
+        shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
+        return shiroFilterFactoryBean;
+    }
+
+    /**
+     * 配置Shiro生命周期处理器
+     */
+    @Bean("lifecycleBeanPostProcessor")
+    public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
+        return new LifecycleBeanPostProcessor();
+    }
+
+    @Bean
+    public static DefaultAdvisorAutoProxyCreator getDefaultAdvisorAutoProxyCreator() {
+        DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();
+        defaultAdvisorAutoProxyCreator.setUsePrefix(true);
+        return defaultAdvisorAutoProxyCreator;
+    }
+
+    /**
+     * 配置加密匹配，使用MD5的方式，进行1024次加密
+     */
+//    @Bean
+//    public HashedCredentialsMatcher hashedCredentialsMatcher() {
+//        HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();
+//        hashedCredentialsMatcher.setHashAlgorithmName("MD5");
+//        hashedCredentialsMatcher.setHashIterations(1024);
+//        return hashedCredentialsMatcher;
+//    }
+    @Bean("securityManager")
+    public SecurityManager securityManager(AuthRealm authRealm) {
+        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
+        securityManager.setRealm(authRealm);
+        securityManager.setRememberMeManager(null);
+        return securityManager;
+    }
+
+    /**
+     * 开启Shiro的注解
+     */
+    @Bean
+    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) {
+        AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor();
+        advisor.setSecurityManager(securityManager);
+        return advisor;
+    }
+
+}

wisenergy-web-admin/src/main/java/cn/wisenergy/web/shiro/filter/AuthFilter.java

+package cn.wisenergy.web.shiro.filter;
+
+import cn.wisenergy.common.enums.RespCodeEnum;
+import cn.wisenergy.common.utils.HttpContextUtils;
+import cn.wisenergy.common.utils.exception.Result;
+import cn.wisenergy.web.shiro.AuthToken;
+import com.alibaba.fastjson.JSON;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.http.HttpStatus;
+import org.apache.shiro.authc.AuthenticationException;
+import org.apache.shiro.authc.AuthenticationToken;
+import org.apache.shiro.web.filter.authc.AuthenticatingFilter;
+import org.springframework.web.bind.annotation.RequestMethod;
+
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+/**
+ * oauth2过滤器
+ */
+@Slf4j
+public class AuthFilter extends AuthenticatingFilter {
+
+    /**
+     * 这里重写了父类的方法，使用我们自己定义的Token类，提交给shiro。
+     * 这个方法返回null的话会直接抛出异常，进入isAccessAllowed() 的异常处理逻辑。
+     *
+     * @throws Exception
+     */
+    @Override
+    protected AuthenticationToken createToken(ServletRequest request, ServletResponse response) throws Exception {
+        //获取请求token
+        String token = getRequestToken((HttpServletRequest) request);
+        if (StringUtils.isBlank(token)) {
+            return null;
+        }
+        return new AuthToken(token);
+    }
+
+    /**
+     * 父类会在请求进入拦截器后调用该方法，返回true则继续，返回false则会调用onAccessDenied()。这里在不通过时，还调用了isPermissive()方法
+     */
+    @Override
+    protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {
+        if (((HttpServletRequest) request).getMethod().equals(RequestMethod.OPTIONS.name())) {
+            return true;
+        }
+//        boolean allowed = false;
+//        try {
+//            allowed = executeLogin(request, response);
+//        } catch(IllegalStateException e){ //not found any token
+//            log.error("Not found any token");
+//        }catch (Exception e) {
+//            log.error("Error occurs when login", e);
+//        }
+
+//        return allowed || super.isPermissive(mappedValue);
+        return false;
+    }
+
+    /**
+     * 如果这个Filter在之前isAccessAllowed（）方法中返回false,则会进入这个方法。这里直接返回错误的response
+     */
+    @Override
+    protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
+        //获取请求token，如果token不存在，直接返回40101
+        String token = getRequestToken((HttpServletRequest) request);
+        if (StringUtils.isBlank(token)) {
+            HttpServletResponse httpResponse = (HttpServletResponse) response;
+            httpResponse.setHeader("Access-Control-Allow-Credentials", "true");
+            httpResponse.setHeader("Access-Control-Allow-Origin", HttpContextUtils.getOrigin());
+            httpResponse.setCharacterEncoding("gbk");
+
+            Result result = new Result();
+            result.setResult(Result.RESULT_FLG.FAIL.getValue());
+            result.setErrorCode(RespCodeEnum.NO_AUTH_REQUEST.getCode());
+            result.setErrorMsg(RespCodeEnum.NO_AUTH_REQUEST.getMsg());
+            String json = JSON.toJSONString(result);
+            httpResponse.getWriter().print(json);
+            return false;
+        }
+
+        return executeLogin(request, response);
+    }
+
+//    /**
+//     *  如果Shiro Login认证成功，会进入该方法，等同于用户名密码登录成功，这里还判断了是否要刷新Token
+//     */
+//    @Override
+//    protected boolean onLoginSuccess(AuthenticationToken token, Subject subject, ServletRequest request, ServletResponse response) throws Exception {
+//        HttpServletResponse httpResponse = WebUtils.toHttp(response);
+//        if(token instanceof AuthToken){
+//            AuthToken jwtToken = (AuthToken)token;
+//            String newtoken  = jwtToken.getPrincipal();
+//            if(StringUtils.isNotBlank(newtoken)){
+//                httpResponse.setHeader("x-auth-token", newtoken);
+//            }
+//        }
+//        return true;
+//    }
+
+    /**
+     * 如果调用shiro的login认证失败，会回调这个方法
+     */
+    @Override
+    protected boolean onLoginFailure(AuthenticationToken token, AuthenticationException e, ServletRequest request, ServletResponse response) {
+        HttpServletResponse httpResponse = (HttpServletResponse) response;
+        httpResponse.setContentType("application/json;charset=utf-8");
+        httpResponse.setHeader("Access-Control-Allow-Credentials", "true");
+        httpResponse.setHeader("Access-Control-Allow-Origin", HttpContextUtils.getOrigin());
+        try {
+            //处理登录失败的异常
+            Throwable throwable = e.getCause() == null ? e : e.getCause();
+            Result result = new Result();
+            result.setErrorCode(String.valueOf(HttpStatus.SC_UNAUTHORIZED));
+            result.setResult(Result.RESULT_FLG.FAIL.getValue());
+            result.setErrorMsg(throwable.getMessage());
+            String json = JSON.toJSONString(result);
+            httpResponse.getWriter().print(json);
+        } catch (IOException e1) {
+        }
+        return false;
+    }
+
+    /**
+     * 获取请求头中的token
+     */
+    private String getRequestToken(HttpServletRequest httpRequest) {
+        //从header中获取token
+        String token = httpRequest.getHeader("Authorization");
+        return token;
+    }
+
+}

wisenergy-web-admin/src/main/java/cn/wisenergy/web/shiro/filter/AuthRealm.java

+package cn.wisenergy.web.shiro.filter;
+
+import cn.wisenergy.common.constant.RedisConsts;
+import cn.wisenergy.common.enums.RespCodeEnum;
+import cn.wisenergy.model.app.AccountInfo;
+import cn.wisenergy.model.app.User;
+import cn.wisenergy.service.app.UserService;
+import cn.wisenergy.web.config.JwtConfig;
+import cn.wisenergy.web.shiro.AuthToken;
+import cn.wisenergy.web.shiro.JwtUtil;
+import io.jsonwebtoken.Claims;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.authc.*;
+import org.apache.shiro.authz.AuthorizationInfo;
+import org.apache.shiro.authz.SimpleAuthorizationInfo;
+import org.apache.shiro.realm.AuthorizingRealm;
+import org.apache.shiro.subject.PrincipalCollection;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.stereotype.Component;
+
+import javax.annotation.Resource;
+import java.util.Set;
+
+/**
+ * 认证
+ *
+ * @author lut
+ */
+@Slf4j
+@Component
+public class AuthRealm extends AuthorizingRealm {
+
+    @Autowired
+    private UserService sysUserService;
+    @Autowired
+    private UserService authUserService;
+    @Autowired
+    private JwtUtil jwtUtil;
+    @Autowired
+    private JwtConfig jwtConfig;
+    @Resource
+    RedisTemplate<String, Object> redisTemplate;
+
+    @Override
+    public boolean supports(AuthenticationToken token) {
+        return token instanceof AuthToken;
+    }
+
+    /**
+     * 授权(验证权限时调用)
+     */
+    @Override
+    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
+        AccountInfo user = (AccountInfo) principals.getPrimaryPrincipal();
+        String userId = user.getId().toString();
+        //用户权限列表
+//        Set<String> permsSet = sysUserService.queryAllPerms(userId);
+        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
+//        info.setStringPermissions(permsSet);
+        return info;
+    }
+
+    /**
+     * 认证(登录时调用)
+     */
+    @Override
+    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
+        // 获取token
+        String accessToken = (String) token.getPrincipal();
+        User userEntity = null;
+        Boolean refreshFlag = false;
+        // 解析token
+        Claims claims = jwtUtil.getClaimsFromToken(accessToken);
+        // 从token中获取用户
+        userEntity = jwtUtil.getUserFromToken(claims);
+        // 获取redis Key
+        String redisKey = RedisConsts.JWT_ACCESS_TOKEN + accessToken;
+        // 从redis中获取token
+        String redisToken = (String) redisTemplate.opsForValue().get(redisKey);
+      /*  try {
+            if (redisToken != null) {
+                //这里刷新token 是否过期，如果过期需要更新token
+                if (jwtUtil.isTokenExpired(claims)) {
+                    // 重新签发token
+                    String refreshToken = jwtUtil.generateToken(userEntity);
+                    // 将新token存入Redis中
+                    redisTemplate.opsForValue().set(RedisConsts.JWT_ACCESS_TOKEN + refreshToken, refreshToken, jwtConfig.getExpire() + 60 * 60);
+                    HttpServletResponse resp = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getResponse();
+                    resp.setHeader("refresh-token", accessToken);
+                    refreshFlag = true;
+                }
+            } else {
+                throw new IncorrectCredentialsException(RespCodeEnum.NO_AUTH_REQUEST.getMsg());
+            }
+        } catch (ExpiredJwtException e) {
+            // token解析异常
+            log.error("token解析异常，ex={}", e.getMessage(), e);
+            throw new IncorrectCredentialsException(RespCodeEnum.TOKEN_IS_NOT_TIMEOUT.getMsg());
+        }*/
+        //查询用户信息
+        User user = authUserService.getByPhone(userEntity.getPhone());
+        // 判断请求token与redis中是否相同，如果token被刷新，则不判断
+        if (!refreshFlag && !StringUtils.equals(accessToken, redisToken)) {
+            throw new IncorrectCredentialsException(RespCodeEnum.NO_AUTH_REQUEST.getMsg());
+        }
+        // 账号不存在
+        if (user == null) {
+            throw new UnknownAccountException("账号不存在");
+        }
+        // 密码错误
+//        if (!password.equals(user.getPassword())) {
+//            throw new IncorrectCredentialsException("账号或密码不正确");
+//        }
+        //账号锁定
+//        if (user.getStatus() == 2) {
+//            throw new LockedAccountException("账号已被锁定,请联系管理员");
+//        }
+        if (refreshFlag) {
+            // 重置Redis中token过期时间，如果token被刷新，则不进行重置
+            redisTemplate.opsForValue().set(redisKey, accessToken, jwtConfig.getExpire() + 60 * 60);
+        }
+        SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, accessToken, getName());
+        return info;
+    }
+
+}

wisenergy-web-admin/src/main/java/cn/wisenergy/web/shiro/filter/AuthorizationFilter.java

+package cn.wisenergy.web.shiro.filter;
+
+import com.alibaba.fastjson.JSONObject;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.web.filter.authz.PermissionsAuthorizationFilter;
+
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.io.PrintWriter;
+
+/**
+ * @author wyy
+ * @date 2019-09-14 17:57
+ */
+public class AuthorizationFilter extends PermissionsAuthorizationFilter {
+     /**
+     * shiro认证perms资源失败后回调方法
+     * @param servletRequest
+     * @param servletResponse
+     * @return
+     * @throws IOException
+     */
+    @Override
+    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws IOException {
+        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
+        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
+        String requestedWith = httpServletRequest.getHeader("X-Requested-With");
+        if (StringUtils.isNotEmpty(requestedWith) && StringUtils.equals(requestedWith, "XMLHttpRequest")) {//如果是ajax返回指定格式数据
+            httpServletResponse.setContentType("application/json");
+            httpServletResponse.setCharacterEncoding("UTF-8");
+            PrintWriter out = httpServletResponse.getWriter();
+            JSONObject json = new JSONObject();
+            json.put("result", "success");
+            json.put("msg", "登录成功");
+            out.write(json.toJSONString());
+            out.flush();
+            out.close();
+        } else {//如果是普通请求进行重定向
+            httpServletResponse.sendRedirect("/403");
+        }
+        return false;
+    }
+}

wisenergy-web-admin/src/main/resources/application-dev.yml

@@ -46,9 +46,9 @@ spring:
 
   redis:
     database: 0
-    host: 192.168.110.165
+    host: localhost
     port: 6379
-    password: adm4HYservice$    # 密码（默认为空）
+    password: root    # 密码（默认为空）
     timeout: 6000ms  # 连接超时时长（毫秒）
     jedis:
       pool: