'll'

build.gradle

@@ -105,6 +105,8 @@ subprojects {
         // shiro
         compile("org.apache.shiro:shiro-spring:$shiro_version")
 
+        compile group: 'com.fasterxml.jackson.module', name: 'jackson-module-kotlin', version: '2.9.6'
+
         // commons
         compile("commons-io:commons-io:$commons_io_version")
         compile("org.apache.commons:commons-lang3:$commons_lang3_version")

zen-api/build.gradle

@@ -11,5 +11,8 @@ buildscript {
 
 
 dependencies {
+    compile 'io.jsonwebtoken:jjwt-api:0.10.5'
+    runtime 'io.jsonwebtoken:jjwt-impl:0.10.5',
+            'io.jsonwebtoken:jjwt-jackson:0.10.5'
     compile project(":zen-core")
 }

zen-api/src/main/java/cn/gygxzc/envir/sys/dao/IUserDao.java

@@ -0,0 +1,14 @@
+package cn.gygxzc.envir.sys.dao;
+
+import cn.gygxzc.envir.sys.model.SysUser;
+import com.gxzc.zen.common.base.IBaseMapper;
+import org.springframework.stereotype.Repository;
+
+/**
+ * Created by niantuo on 2018/9/21.
+ * 向数据库获取用户信息
+ */
+
+@Repository
+public interface IUserDao extends IBaseMapper<SysUser> {
+}

zen-api/src/main/java/cn/gygxzc/tina/config/properties/ShiroSessionProperties.java

@@ -15,6 +15,16 @@ public class ShiroSessionProperties {
 
     private String prefix;
     private Duration expired = Duration.ofDays(1);
+    private String jwtKey;
+
+
+    public void setJwtKey(String jwtKey) {
+        this.jwtKey = jwtKey;
+    }
+
+    public String getJwtKey() {
+        return jwtKey;
+    }
 
     public String getPrefix() {
         return prefix;

zen-api/src/main/kotlin/com/gxzc/zen/api/sys/model/SysUser.kt → zen-api/src/main/kotlin/cn/gygxzc/envir/sys/model/SysUser.kt

@@ -1,5 +1,6 @@
-package com.gxzc.zen.api.sys.model
+package cn.gygxzc.envir.sys.model
 
+import com.baomidou.mybatisplus.annotation.TableField
 import com.baomidou.mybatisplus.annotation.TableName
 import com.gxzc.zen.common.base.BaseModel
 
@@ -56,7 +57,7 @@ open class SysUser : BaseModel() {
     /**
      * 账号锁定（1.锁定；0.不锁定；）
      */
-    var lock: Boolean? = null
+    var lock_: Boolean? = null
     /**
      * 备用字段
      */

zen-api/src/main/kotlin/cn/gygxzc/envir/sys/service/ILoginService.kt

@@ -0,0 +1,13 @@
+package cn.gygxzc.envir.sys.service
+
+/**
+ * Created by niantuo on 2018/9/21.
+ */
+
+interface ILoginService {
+
+    /**
+     * 登陆，返回jwt token验证
+     */
+    fun login(username: String, password: String): String
+}

zen-api/src/main/kotlin/cn/gygxzc/envir/sys/service/impl/LoginService.kt

@@ -0,0 +1,64 @@
+package cn.gygxzc.envir.sys.service.impl
+
+import cn.gygxzc.envir.sys.dao.IUserDao
+import cn.gygxzc.envir.sys.model.SysUser
+import cn.gygxzc.envir.sys.service.ILoginService
+import cn.gygxzc.tina.config.jwt.JwtConfig
+import cn.gygxzc.tina.config.jwt.JwtPayload
+import cn.gygxzc.tina.config.jwt.JwtUtils
+import cn.gygxzc.tina.config.shiro.cache.JwtRedisCache
+import cn.gygxzc.tina.config.shiro.common.ZenAuthToken
+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper
+import org.apache.shiro.SecurityUtils
+import org.apache.shiro.authc.AuthenticationException
+import org.apache.shiro.session.mgt.SimpleSession
+import org.apache.shiro.subject.support.DelegatingSubject
+import org.apache.shiro.web.subject.support.WebDelegatingSubject
+import org.slf4j.LoggerFactory
+import org.springframework.beans.factory.annotation.Autowired
+import org.springframework.stereotype.Service
+
+/**
+ * Created by niantuo on 2018/9/21.
+ * 实际上客户端只能从redis缓存中去取数据，也就是说
+ * 登陆需要在授权服务器，授权服务器会将用户数据存入redis缓存
+ * 客户端可以获取用户数据，如果redis没有改数据，那么表示该用户没有登录
+ */
+
+@Service
+class LoginService : ILoginService {
+
+    private val logger = LoggerFactory.getLogger(LoginService::class.java)
+
+    @Autowired
+    private lateinit var userDao: IUserDao
+
+    @Autowired
+    private lateinit var jwtConfig: JwtConfig
+
+    @Autowired
+    private lateinit var redisCache: JwtRedisCache
+
+
+    /**
+     * 登陆之后将用户信息保存到redis缓存
+     */
+    override fun login(username: String, password: String): String {
+        val wrapper = QueryWrapper<SysUser>()
+        wrapper.eq("account", username)
+
+        logger.info("login select user : ${wrapper.expression}")
+
+        val user = userDao.selectOne(wrapper)
+        val authToken = ZenAuthToken(username, password, user)
+        val subject = SecurityUtils.getSubject() as WebDelegatingSubject
+        try {
+            subject.login(authToken)
+            redisCache.put(username, authToken)
+            return JwtUtils.sign(JwtPayload(user.id.toString(), user.account!!), jwtConfig)
+        } catch (e: AuthenticationException) {
+            throw e
+        }
+
+    }
+}

zen-api/src/main/kotlin/cn/gygxzc/tina/config/jwt/JwtConfig.kt

@@ -0,0 +1,12 @@
+package cn.gygxzc.tina.config.jwt
+
+import java.security.Key
+import java.time.Duration
+
+/**
+ * Created by niantuo on 2018/9/21.
+ */
+
+data class JwtConfig(var expired: Duration,
+                     var key: Key) {
+}

zen-api/src/main/kotlin/cn/gygxzc/tina/config/jwt/JwtPayload.kt

@@ -0,0 +1,9 @@
+package cn.gygxzc.tina.config.jwt
+
+/**
+ * Created by niantuo on 2018/9/21.
+ */
+
+data class JwtPayload(var id:String,
+                      var username:String) {
+}

zen-api/src/main/kotlin/cn/gygxzc/tina/config/jwt/JwtUtils.kt

@@ -0,0 +1,45 @@
+package cn.gygxzc.tina.config.jwt
+
+import io.jsonwebtoken.Jwts
+import io.jsonwebtoken.SignatureAlgorithm
+import java.security.Key
+import java.util.*
+
+/**
+ * Created by niantuo on 2018/9/21.
+ * 签发jwt方法，
+ */
+
+object JwtUtils {
+
+
+    /**
+     * 暂时如此，后期可以考虑ip，域名这些加强验证
+     */
+    fun sign(payload: JwtPayload, jwtConfig: JwtConfig): String {
+        val calendar = Calendar.getInstance(Locale.CANADA)
+        calendar.add(Calendar.HOUR_OF_DAY, jwtConfig.expired.toHours().toInt())
+        return Jwts.builder()
+                .setId(payload.id)
+                .setSubject(payload.username)
+                .setExpiration(calendar.time)
+                .signWith(jwtConfig.key,SignatureAlgorithm.HS256)
+                .compact()
+    }
+
+
+    /**
+     * 解析出放进去的结果
+     */
+    @Throws(Exception::class)
+    fun parseJwt(key: Key, jwtToken: String): JwtPayload {
+        val parser = Jwts.parser()
+                .setSigningKey(key)
+                .parseClaimsJws(jwtToken)
+        val id = parser.body.id
+        val username = parser.body.subject
+        return JwtPayload(id, username)
+    }
+
+
+}

zen-api/src/main/kotlin/cn/gygxzc/tina/config/shiro/ShiroConfig.kt

@@ -1,13 +1,12 @@
 package cn.gygxzc.tina.config.shiro
 
-import cn.gygxzc.tina.config.properties.ShiroRedisCacheProperties
+import cn.gygxzc.tina.config.jwt.JwtConfig
+import cn.gygxzc.tina.config.shiro.cache.JwtRedisCache
+import cn.gygxzc.tina.config.shiro.cache.RedisConfiguration
 import cn.gygxzc.tina.config.shiro.cache.ShiroRedisSessionDAO
+import cn.gygxzc.tina.config.shiro.filter.*
 import cn.gygxzc.tina.config.shiro.realm.ZenShiroRealm
 import cn.gygxzc.tina.config.shiro.session.ZenWebSessionManager
-import cn.gygxzc.tina.config.shiro.filter.AjaxAuthorizationFilter
-import cn.gygxzc.tina.config.shiro.filter.UrlPermissionsFilter
-import cn.gygxzc.tina.config.shiro.filter.ZenCorsAnonymousFilter
-import cn.gygxzc.tina.config.shiro.filter.ZenCorsPathMatchingFilter
 import org.apache.shiro.authc.credential.HashedCredentialsMatcher
 import org.apache.shiro.cache.CacheManager
 import org.apache.shiro.mgt.SecurityManager
@@ -18,8 +17,7 @@ import org.apache.shiro.spring.web.ShiroFilterFactoryBean
 import org.apache.shiro.web.filter.authc.AnonymousFilter
 import org.apache.shiro.web.mgt.DefaultWebSecurityManager
 import org.apache.shiro.web.servlet.SimpleCookie
-import org.springframework.beans.factory.annotation.Autowired
-import org.springframework.boot.context.properties.EnableConfigurationProperties
+import org.springframework.boot.autoconfigure.condition.ConditionalOnClass
 import org.springframework.boot.web.servlet.FilterRegistrationBean
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration
@@ -37,13 +35,9 @@ import javax.servlet.Filter
  * @url https://noahlan.com
  */
 @Configuration
-@EnableConfigurationProperties(ShiroRedisCacheProperties::class)
+@ConditionalOnClass(value = [RedisConfiguration::class])
 class ShiroConfig {
 
-    @Autowired
-    private lateinit var redisProperties: ShiroRedisCacheProperties
-
-
     @Bean("shiroLifecycleBeanPostProcessor")
     fun lifecycleBeanPostProcessor(): LifecycleBeanPostProcessor {
         return LifecycleBeanPostProcessor()
@@ -54,7 +48,7 @@ class ShiroConfig {
     fun userRealm(cacheManager: CacheManager): ZenShiroRealm {
         val shiroRealm = ZenShiroRealm()
                 .apply {
-                    isCachingEnabled = redisProperties.isEnable
+                    isCachingEnabled = true
                     isAuthenticationCachingEnabled = true
                     isAuthorizationCachingEnabled = true
                     //加密验证方法
@@ -108,7 +102,8 @@ class ShiroConfig {
 
     @Bean(name = ["shiroFilter"])
     @Order(2)
-    fun shiroFilter(securityManager: SecurityManager): ShiroFilterFactoryBean {
+    fun shiroFilter(securityManager: SecurityManager,
+                    config: JwtConfig, jwtRedisCache: JwtRedisCache): ShiroFilterFactoryBean {
         return ShiroFilterFactoryBean().apply {
             setSecurityManager(securityManager)
 
@@ -117,7 +112,8 @@ class ShiroConfig {
                     "cors" to ZenCorsPathMatchingFilter(),
                     "perms" to UrlPermissionsFilter(),
                     "authc" to AjaxAuthorizationFilter(),
-                    "anon" to AnonymousFilter()
+                    "anon" to AnonymousFilter(),
+                    "jwt" to JwtPathMatchingFilter(config, jwtRedisCache)
             )
             /**
              * anon（匿名）  org.apache.shiro.web.filter.authc.AnonymousFilter
@@ -143,6 +139,7 @@ class ShiroConfig {
                     "/api/**" to "canon", // api 免登陆
                     "/ws/**" to "canon", // websocket 免登陆
                     "/" to "canon",
+                    "/v1/login/**" to "canon",
                     ////////////////////// 静态资源 /////////////////////
                     "/v2/api-docs" to "canon",
                     "/swagger-resources/**" to "anon",
@@ -154,7 +151,7 @@ class ShiroConfig {
                     "/**/favicon.*" to "anon",
                     "/eureka/**" to "anon",
                     ////////////////////// 静态资源 /////////////////////
-                    "/**" to "cors,authc,perms" // 对于其他未配置的所有url 先设置cors头 再进行登陆判定 最后判定权限
+                    "/**" to "cors,jwt,authc" // 对于其他未配置的所有url 先设置cors头 再进行登陆判定 最后判定权限
             )
         }
     }

zen-api/src/main/kotlin/cn/gygxzc/tina/config/shiro/cache/JwtRedisCache.kt

@@ -0,0 +1,66 @@
+package cn.gygxzc.tina.config.shiro.cache
+
+import cn.gygxzc.tina.config.shiro.common.ZenAuthToken
+import com.google.gson.Gson
+import org.apache.shiro.cache.Cache
+import org.springframework.data.redis.core.HashOperations
+import org.springframework.data.redis.core.RedisTemplate
+
+/**
+ * Created by niantuo on 2018/9/21.
+ * 帮助jwt缓存信息的缓存管理
+ */
+
+class JwtRedisCache(redisTemplate: RedisTemplate<String, Any>)
+    : Cache<String, ZenAuthToken> {
+
+    companion object {
+        private const val mCacheKey = "JwtToken"
+        private val mGson = Gson()
+    }
+
+    private val mHashOperations: HashOperations<String, String, String> = redisTemplate.opsForHash<String, String>()
+
+
+    override fun values(): MutableCollection<ZenAuthToken?> {
+        return keys().map { get(it) }
+                .filter { it != null }
+                .toMutableList()
+    }
+
+    override fun clear() {
+        val keys = mHashOperations.keys(mCacheKey)
+        keys.forEach { mHashOperations.delete(mCacheKey, it) }
+    }
+
+    override fun put(p0: String, p1: ZenAuthToken): ZenAuthToken {
+        mHashOperations.put(mCacheKey, p0, mGson.toJson(p1))
+        return p1
+    }
+
+    override fun remove(p0: String?): ZenAuthToken? {
+        if (p0 == null) return null
+        val subject = mHashOperations.get(mCacheKey, p0)
+        if (subject != null) {
+            mHashOperations.delete(mCacheKey, p0)
+            return mGson.fromJson<ZenAuthToken>(subject, ZenAuthToken::class.java)
+        }
+        return null
+    }
+
+    override fun size(): Int {
+        return mHashOperations.keys(mCacheKey).size
+    }
+
+    override fun get(p0: String?): ZenAuthToken? {
+        if (p0 == null) return null
+        val json = mHashOperations.get(mCacheKey, p0)
+        if (json.isNullOrBlank()) return null
+        return mGson.fromJson(json, ZenAuthToken::class.java)
+
+    }
+
+    override fun keys(): MutableSet<String> {
+        return mHashOperations.keys(mCacheKey)
+    }
+}

zen-api/src/main/kotlin/cn/gygxzc/tina/config/shiro/cache/RedisConfiguration.kt

@@ -1,7 +1,13 @@
 package cn.gygxzc.tina.config.shiro.cache
 
+import cn.gygxzc.tina.config.jwt.JwtConfig
 import cn.gygxzc.tina.config.properties.ShiroRedisCacheProperties
 import cn.gygxzc.tina.config.properties.ShiroSessionProperties
+import cn.gygxzc.tina.config.shiro.common.ZenAuthToken
+import com.fasterxml.jackson.databind.ObjectMapper
+import com.fasterxml.jackson.module.kotlin.KotlinModule
+import org.apache.shiro.subject.support.DelegatingSubject
+import org.apache.shiro.web.subject.support.WebDelegatingSubject
 import org.springframework.beans.factory.annotation.Autowired
 import org.springframework.boot.context.properties.EnableConfigurationProperties
 import org.springframework.context.annotation.Bean
@@ -9,9 +15,12 @@ import org.springframework.context.annotation.Configuration
 import org.springframework.context.annotation.DependsOn
 import org.springframework.data.redis.connection.jedis.JedisConnectionFactory
 import org.springframework.data.redis.core.RedisTemplate
+import org.springframework.data.redis.serializer.GenericJackson2JsonRedisSerializer
 import org.springframework.data.redis.serializer.Jackson2JsonRedisSerializer
 import org.springframework.data.redis.serializer.JdkSerializationRedisSerializer
 import org.springframework.data.redis.serializer.StringRedisSerializer
+import java.util.*
+import javax.crypto.spec.SecretKeySpec
 
 /**
  * @program: Zen-Framework
@@ -23,11 +32,12 @@ import org.springframework.data.redis.serializer.StringRedisSerializer
  * @create: 2018-09-20 21:41
  **/
 @Configuration
-@EnableConfigurationProperties(ShiroRedisCacheProperties::class, ShiroSessionProperties::class)
+@EnableConfigurationProperties(value = [ShiroRedisCacheProperties::class, ShiroSessionProperties::class])
 class RedisConfiguration {
 
     @Autowired
     private lateinit var redisProperties: ShiroRedisCacheProperties
+
     @Autowired
     private lateinit var sessionProperties: ShiroSessionProperties
 
@@ -37,6 +47,15 @@ class RedisConfiguration {
     }
 
 
+    @Bean
+    fun jwtConfig(): JwtConfig {
+        val encodedKey = Base64.getEncoder().encode(sessionProperties.jwtKey.toByteArray())
+        val key = SecretKeySpec(encodedKey, 0, encodedKey.size, "HmacSHA256")
+        return JwtConfig(sessionProperties.expired, key)
+
+    }
+
+
     @Bean(name = ["shiroRedisTemplate"])
     fun redisTemplate(): RedisTemplate<String, Any> {
         return RedisTemplate<String, Any>().apply {
@@ -49,6 +68,21 @@ class RedisConfiguration {
         }
     }
 
+    @Bean
+    fun jwtRedisCache(): JwtRedisCache {
+        val template = RedisTemplate<String, Any>()
+                .apply {
+                    connectionFactory = connectionFactory()
+                    val stringSerializer = StringRedisSerializer()
+                    keySerializer = stringSerializer
+                    valueSerializer = JdkSerializationRedisSerializer()
+                    hashKeySerializer = stringSerializer
+                    hashValueSerializer = stringSerializer
+                }
+        template.afterPropertiesSet()
+        return JwtRedisCache(template)
+    }
+
 
     @Bean(name = ["shrioRedisCacheManager"])
     @DependsOn(value = ["shiroRedisTemplate"])
@@ -63,6 +97,4 @@ class RedisConfiguration {
     }
 
 
-
-
 }

zen-api/src/main/kotlin/cn/gygxzc/tina/config/shiro/common/ZenAuthToken.kt

@@ -1,6 +1,6 @@
 package cn.gygxzc.tina.config.shiro.common
 
-import com.gxzc.zen.api.sys.model.SysUser
+import cn.gygxzc.envir.sys.model.SysUser
 import org.apache.shiro.authc.UsernamePasswordToken
 
 /**

zen-api/src/main/kotlin/cn/gygxzc/tina/config/shiro/filter/JwtPathMatchingFilter.kt

@@ -1,8 +1,16 @@
 package cn.gygxzc.tina.config.shiro.filter
 
+import cn.gygxzc.tina.config.jwt.JwtConfig
+import cn.gygxzc.tina.config.jwt.JwtUtils
+import cn.gygxzc.tina.config.shiro.cache.JwtRedisCache
+import org.apache.commons.lang3.StringUtils
+import org.apache.shiro.SecurityUtils
 import org.apache.shiro.web.filter.PathMatchingFilter
+import org.apache.shiro.web.util.WebUtils
+import org.slf4j.LoggerFactory
 import javax.servlet.ServletRequest
 import javax.servlet.ServletResponse
+import javax.servlet.http.HttpServletRequest
 
 /**
  * @program: Zen-Framework
@@ -14,12 +22,30 @@ import javax.servlet.ServletResponse
  * @create: 2018-09-20 22:20
  * 任然没有想好，这个到底应该这么搞
  **/
-class JwtPathMatchingFilter:PathMatchingFilter() {
+class JwtPathMatchingFilter(private val config: JwtConfig,
+                            private val cache: JwtRedisCache) : PathMatchingFilter() {
+    companion object {
+        private const val authenticationName = "Authentication"
+        private val logger = LoggerFactory.getLogger(JwtPathMatchingFilter::class.java)
+    }
 
     /**
      * 解析header中包含的Authorization ,jwt 格式的，如果有，绑定对应的授权信息
      */
-    override fun onPreHandle(request: ServletRequest?, response: ServletResponse?, mappedValue: Any?): Boolean {
+    override fun onPreHandle(request: ServletRequest, response: ServletResponse, mappedValue: Any?): Boolean {
+        val httpRequest = request as HttpServletRequest
+        val jwtToken: String? = httpRequest.getHeader(authenticationName)
+        val subject = SecurityUtils.getSubject()
+        if (!StringUtils.isBlank(jwtToken) && !subject.isAuthenticated) {
+            try {
+                val jwtPayload = JwtUtils.parseJwt(config.key, jwtToken!!)
+                val authToken = cache.get(jwtPayload.username)
+                if (authToken != null)
+                    subject.login(authToken)
+            } catch (e: Exception) {
+                logger.info("onPreHandle: {}", e)
+            }
+        }
         return true
     }
 }

zen-api/src/main/kotlin/cn/gygxzc/tina/config/shiro/realm/ZenShiroRealm.kt

@@ -24,6 +24,14 @@ class ZenShiroRealm : AuthorizingRealm() {
         this.name = "zen_realm"
     }
 
+
+    /**
+     * 只支持这个
+     */
+    override fun supports(token: AuthenticationToken): Boolean {
+        return token is ZenAuthToken
+    }
+
     /**
      * 登陆验证
      */
@@ -36,10 +44,10 @@ class ZenShiroRealm : AuthorizingRealm() {
         val user = token.user ?: throw UnknownAccountException()
 
         // 账号锁定判定
-        if (user.lock != null && user.lock!!) {
+        if (user.lock_ != null && user.lock_!!) {
             throw LockedAccountException()
         }
-        return SimpleAuthenticationInfo(user.account, user.password, ZenSimpleByteSource(user.account + user.salt), user.username)
+        return SimpleAuthenticationInfo(user, user.password, ZenSimpleByteSource(user.account + user.salt), user.username)
     }
 
     /**

zen-api/src/main/kotlin/cn/gygxzc/tina/config/shiro/utils/SSOUtil.kt

@@ -2,7 +2,7 @@ package cn.gygxzc.tina.config.shiro.utils
 
 import com.gxzc.zen.api.sys.common.MenuTree
 import com.gxzc.zen.api.sys.model.SysRole
-import com.gxzc.zen.api.sys.model.SysUser
+import cn.gygxzc.envir.sys.model.SysUser
 import com.gxzc.zen.api.sys.service.IPermissionService
 import com.gxzc.zen.common.util.SpringContextHolder
 import cn.gygxzc.tina.config.shiro.common.ZenPermission

zen-api/src/main/kotlin/cn/gygxzc/tina/config/shiro/utils/ShiroUtils.java

@@ -0,0 +1,42 @@
+package cn.gygxzc.tina.config.shiro.utils;
+
+import cn.gygxzc.envir.sys.model.SysUser;
+
+import org.apache.shiro.SecurityUtils;
+import org.apache.shiro.subject.Subject;
+
+/**
+ * shiro 工具类
+ *
+ * @author ruoyi
+ */
+public class ShiroUtils {
+
+    public static Subject getSubjct() {
+        return SecurityUtils.getSubject();
+    }
+
+    public static void logout() {
+        getSubjct().logout();
+    }
+
+    public static SysUser getUser() {
+        return (SysUser) getSubjct().getPrincipal();
+    }
+
+    public static Long getUserId() {
+        return getUser().getId();
+    }
+
+    public static String getLoginName() {
+        return getUser().getAccount();
+    }
+
+    public static String getIp() {
+        return getSubjct().getSession().getHost();
+    }
+
+    public static String getSessionId() {
+        return String.valueOf(getSubjct().getSession().getId());
+    }
+}

zen-api/src/main/resources/application-shiro.yml

@@ -1,42 +0,0 @@
-spring:
-  profiles: dev
-  session:
-    store-type: redis
-shiro:
-  redis:
-    database: 1 # redis数据库索引
-    host: 192.168.1.206
-    port: 6379
-    password:
-    timeout: 5000 # 连接超时时间（毫秒）
-    sessionPrefix: zen_s #
-    sessionTime: 604800 # 秒 7天
-    cachePrefix: zen_c
-    cacheTime: 604800 # s
-    pool:
-      min-idle: 1 # 连接池中的最小空闲连接
-      max-idle: 20 # 连接池中的最大空闲连接
-      max-active: 20 # 连接池最大连接数（使用负值表示没有限制）
-      max-wait: -1 # 连接池最大阻塞等待时间（使用负值表示没有限制）
-
----
-spring:
-  profiles: prod
-  session:
-    store-type: redis
-shiro:
-  redis:
-    database: 1 # redis数据库索引
-    host: 192.168.1.10
-    port: 6379
-    password:
-    timeout: 5000 # 连接超时时间（毫秒）
-    sessionPrefix: zen_s #
-    sessionTime: 604800 # 秒 7天
-    cachePrefix: zen_c
-    cacheTime: 604800 # s
-    pool:
-      min-idle: 1 # 连接池中的最小空闲连接
-      max-idle: 20 # 连接池中的最大空闲连接
-      max-active: 20 # 连接池最大连接数（使用负值表示没有限制）
-      max-wait: -1 # 连接池最大阻塞等待时间（使用负值表示没有限制）

zen-core/src/main/kotlin/com/gxzc/zen/common/base/BaseModel.kt

@@ -47,6 +47,7 @@ open class BaseModel : Serializable {
 //    private var updatedByName: String? = null
 
     @TableLogic(value = "1", delval = "0")
+    @TableField("'enable'")
     var enable: Boolean? = null
 
     override fun equals(other: Any?): Boolean {

zen-web/src/main/kotlin/cn/gygxzc/envir/web/MainApplication.kt → zen-web/src/main/kotlin/cn/gygxzc/envir/MainApplication.kt

@@ -1,5 +1,6 @@
-package cn.gygxzc.envir.web
+package cn.gygxzc.envir
 
+import org.mybatis.spring.annotation.MapperScan
 import org.springframework.boot.SpringApplication
 import org.springframework.boot.autoconfigure.SpringBootApplication
 import org.springframework.boot.builder.SpringApplicationBuilder
@@ -9,9 +10,11 @@ import org.springframework.cloud.netflix.eureka.server.EnableEurekaServer
 /**
  * 注解配置
  */
-@SpringBootApplication(scanBasePackages = ["com.gxzc","cn.gygxzc"])
+
 @EnableEurekaServer  //表示该服务为注册中心
 //@EnableDiscoveryClient
+@SpringBootApplication(scanBasePackages = ["com.gxzc","cn.gygxzc"])
+@MapperScan(basePackages = ["com.gxzc","cn.gygxzc"])
 class MainApplication : SpringBootServletInitializer() {
     override fun configure(builder: SpringApplicationBuilder?): SpringApplicationBuilder? {
         return builder?.sources(MainApplication::class.java)

zen-web/src/main/kotlin/cn/gygxzc/envir/api/sys/controller/LoginController.kt

@@ -1,6 +1,10 @@
 package cn.gygxzc.envir.api.sys.controller
 
+import cn.gygxzc.envir.api.sys.dto.LoginDto
+import cn.gygxzc.envir.sys.service.ILoginService
+import org.springframework.beans.factory.annotation.Autowired
 import org.springframework.web.bind.annotation.PostMapping
+import org.springframework.web.bind.annotation.RequestBody
 import org.springframework.web.bind.annotation.RequestMapping
 import org.springframework.web.bind.annotation.RestController
 
@@ -17,15 +21,21 @@ import org.springframework.web.bind.annotation.RestController
 @RequestMapping("/v1/login")
 class LoginController {
 
+    @Autowired
+    private lateinit var loginService: ILoginService
+
 
     @PostMapping
-    fun login(){
+    fun login() {
 
     }
 
+    /**
+     * 登陆成功之后，签发jwt凭证
+     */
     @PostMapping("/app")
-    fun loginForJwt():Any{
-        return ""
+    fun loginForJwt(@RequestBody dto: LoginDto): Any {
+        return loginService.login(dto.username, dto.password)
     }
 
 }

zen-web/src/main/kotlin/cn/gygxzc/envir/api/sys/controller/UserController.kt

@@ -0,0 +1,22 @@
+package cn.gygxzc.envir.api.sys.controller
+
+import cn.gygxzc.tina.config.shiro.utils.ShiroUtils
+import com.gxzc.zen.common.dto.ResponseDto
+import org.springframework.web.bind.annotation.GetMapping
+import org.springframework.web.bind.annotation.RequestMapping
+import org.springframework.web.bind.annotation.RestController
+
+/**
+ * Created by niantuo on 2018/9/21.
+ */
+@RestController
+@RequestMapping("/v1/user")
+class UserController {
+
+
+    @GetMapping("/info")
+    fun userInfo(): Any {
+        val user = ShiroUtils.getUser()
+        return ResponseDto().data(user)
+    }
+}

zen-web/src/main/kotlin/cn/gygxzc/envir/api/sys/dto/LoginDto.kt

@@ -0,0 +1,9 @@
+package cn.gygxzc.envir.api.sys.dto
+
+/**
+ * Created by niantuo on 2018/9/21.
+ * 原则上这些数据传输中需要加密
+ * 后期可以把这块做进去
+ */
+data class LoginDto(var username: String = "",
+                    var password: String = "")

zen-web/src/main/kotlin/cn/gygxzc/envir/web/config/EnvirWebMvcConfiguration.kt

@@ -1,21 +1,15 @@
 package cn.gygxzc.envir.web.config
 
 import com.fasterxml.jackson.databind.ser.std.ToStringSerializer
-import io.swagger.annotations.ApiOperation
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration
 import org.springframework.context.annotation.Primary
 import org.springframework.http.converter.HttpMessageConverter
 import org.springframework.http.converter.json.Jackson2ObjectMapperBuilder
 import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter
+import org.springframework.web.servlet.config.annotation.EnableWebMvc
 import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurationSupport
-import springfox.documentation.builders.ApiInfoBuilder
-import springfox.documentation.builders.RequestHandlerSelectors
-import springfox.documentation.service.ApiInfo
-import springfox.documentation.service.Contact
-import springfox.documentation.spi.DocumentationType
-import springfox.documentation.spring.web.plugins.Docket
 import java.text.SimpleDateFormat
 
 /**
@@ -23,21 +17,19 @@ import java.text.SimpleDateFormat
  *
  */
 @Configuration
-class EnvirWebMvcConfiguration:WebMvcConfigurationSupport() {
+class EnvirWebMvcConfiguration : WebMvcConfigurationSupport() {
 
     companion object {
         const val CONVERTER_NAME = "hookMappingJackson2HttpMessageConverter"
     }
 
     override fun addResourceHandlers(registry: ResourceHandlerRegistry) {
-        registry.let {
-            it.addResourceHandler("swagger-ui.html")
-                    .addResourceLocations("classpath:/META-INF/resources/")
-            it.addResourceHandler("/webjars*")
-                    .addResourceLocations("classpath:/META-INF/resources/webjars/")
-        }
-    }
+        registry.addResourceHandler("swagger-ui.html")
+                .addResourceLocations("classpath:/META-INF/resources/")
 
+        registry.addResourceHandler("/webjars*")
+                .addResourceLocations("classpath:/META-INF/resources/webjars/")
+    }
 
 
     override fun configureMessageConverters(converters: MutableList<HttpMessageConverter<*>>) {
@@ -47,7 +39,6 @@ class EnvirWebMvcConfiguration:WebMvcConfigurationSupport() {
     @Bean(CONVERTER_NAME)
     fun getConverter(): MappingJackson2HttpMessageConverter {
         return MappingJackson2HttpMessageConverter().apply {
-
             this.objectMapper = builder().build()
         }
     }

zen-web/src/main/resources/application-job.yml

@@ -1,30 +0,0 @@
-spring:
-  profiles: dev
-xxl:
-  job:
-    enable: false
-    admin:
-      address: http://127.0.0.1:8090
-    executor:
-      appname: xxl-job-sys
-      ip: 0.0.0.0
-      port: 10001
-      logpath: /data/applogs/xxl-job/jobhandler
-      logretentiondays: -1
-    accessToken:
-
----
-spring:
-  profiles: prod
-xxl:
-  job:
-    enable: false
-    admin:
-      address: http://127.0.0.1:8090
-    executor:
-      appname: xxl-job-sys
-      ip: 0.0.0.0
-      port: 10001
-      logpath: /data/applogs/xxl-job/jobhandler
-      logretentiondays: -1
-    accessToken:

zen-web/src/main/resources/application-orm.yml

@@ -1,4 +1,5 @@
 ###################  mybatis-plus配置  ###################
+
 mybatis-plus:
   mapper-locations: classpath*:mapping/**/*.xml
   type-aliases-package: com.gxzc.zen.api.sys.mapper
@@ -16,6 +17,7 @@ mybatis-plus:
     cache-enabled: true #配置的缓存的全局开关
     lazyLoadingEnabled: true #延时加载的开关
     multipleResultSetsEnabled: true #延时加载一个属性时会加载该对象全部属性，否则按需加载属性
+    log-impl: org.apache.ibatis.logging.stdout.StdOutImpl
 
 spring:
   datasource:

zen-web/src/main/resources/application-shiro.yml

@@ -0,0 +1,33 @@
+spring:
+  profiles: dev
+  session:
+    store-type: redis
+
+shiro:
+  redis:
+    enable: true
+    database: 1 # redis数据库索引
+    hostName: 192.168.1.206
+    port: 6379
+    password:
+  session:
+    prefix: envir
+    expired: 48h
+    jwtKey: 7586df7fc3b34e26a66c039d5ec8445d
+
+---
+spring:
+  profiles: prod
+  session:
+    store-type: redis
+shiro:
+  redis:
+    database: 1 # redis数据库索引
+    hostName: 192.168.1.10
+    port: 6379
+    password:
+    timeout: 5000 # 连接超时时间（毫秒）
+  session:
+    prefix: envir
+    expired: 12h
+    jwtKey: 7586df7fc3b34e26a66c039d5ec8445d

zen-web/src/main/resources/application-umps.yml

@@ -1,42 +0,0 @@
-spring:
-  profiles: dev
-  session:
-    store-type: redis
-shiro:
-  redis:
-    database: 1 # redis数据库索引
-    host: 192.168.1.206
-    port: 6379
-    password:
-    timeout: 5000 # 连接超时时间（毫秒）
-    sessionPrefix: zen_s #
-    sessionTime: 604800 # 秒 7天
-    cachePrefix: zen_c
-    cacheTime: 604800 # s
-    pool:
-      min-idle: 1 # 连接池中的最小空闲连接
-      max-idle: 20 # 连接池中的最大空闲连接
-      max-active: 20 # 连接池最大连接数（使用负值表示没有限制）
-      max-wait: -1 # 连接池最大阻塞等待时间（使用负值表示没有限制）
-
----
-spring:
-  profiles: prod
-  session:
-    store-type: redis
-shiro:
-  redis:
-    database: 1 # redis数据库索引
-    host: 192.168.1.10
-    port: 6379
-    password:
-    timeout: 5000 # 连接超时时间（毫秒）
-    sessionPrefix: zen_s #
-    sessionTime: 604800 # 秒 7天
-    cachePrefix: zen_c
-    cacheTime: 604800 # s
-    pool:
-      min-idle: 1 # 连接池中的最小空闲连接
-      max-idle: 20 # 连接池中的最大空闲连接
-      max-active: 20 # 连接池最大连接数（使用负值表示没有限制）
-      max-wait: -1 # 连接池最大阻塞等待时间（使用负值表示没有限制）

zen-web/src/main/resources/application.yml

@@ -5,7 +5,7 @@ server:
 spring:
   profiles:
     active: dev
-    include: orm,cache,msg,job.umps
+    include: orm,cache,msg,shiro
   application:
     name: registry   # 服务名称，改成自己的，名称固定不变，不要随便更改
   http: