feats

.gitignore

 
 ### VS Code ###
 .vscode/
+
+### serverless ###
+/deploy/*.jar
+/deploy/*.zip
+/deploy/.fun/
+/deploy/.env
+/deploy/.s
+
+cert/

deploy/bootstrap

+#!/bin/bash
+#
+#
+
+java -jar ./colmo-1.0.3.jar

deploy/s.yml

+edition: 1.0.0          #  命令行YAML规范版本，遵循语义化版本（Semantic Versioning）规范。
+name: dianyang-app        #  项目名称。
+access: default         #  密钥别名。
+
+services:
+  dianyang: #  服务名称。
+    component: devsapp/fc
+    props: #  组件的属性值。
+      region: cn-shanghai
+      service:
+        name: dianyang-service
+        description: 'All products for dianyang'
+        internetAccess: true
+      function:
+        name: colmo-service
+        description: 'colmo h5'
+        ossBucket: yz-serverless
+        ossKey: dianyang/colmo-1.0.3.zip
+        handler: 'com.yunzhi.dianyang.SpringApplication::main'
+        memorySize: 1024
+        timeout: 30
+        runtime: custom
+        caPort: 9000
+        initializationTimeout: 30
+      triggers:
+        - name: httpColmo
+          type: http
+          config:
+            authType: anonymous
+            methods:
+              - GET
+              - POST
+              - PUT
+              - DELETE

pom.xml

 
 	<properties>
 		<java.version>1.8</java.version>
+		<log4j.version>2.17.0</log4j.version>
 	</properties>
 
 	<dependencies>
 		</dependency>
 		<!--fastjson end-->
 
-		<!--jwt start-->
-		<dependency>
-			<groupId>io.jsonwebtoken</groupId>
-			<artifactId>jjwt-api</artifactId>
-			<version>0.11.2</version>
-		</dependency>
-		<dependency>
-			<groupId>io.jsonwebtoken</groupId>
-			<artifactId>jjwt-impl</artifactId>
-			<version>0.11.2</version>
-			<scope>runtime</scope>
-		</dependency>
-		<dependency>
-			<groupId>io.jsonwebtoken</groupId>
-			<artifactId>jjwt-jackson</artifactId> <!-- or jjwt-gson if Gson is preferred -->
-			<version>0.11.2</version>
-			<scope>runtime</scope>
-		</dependency>
-		<!--jwt end-->
-
 		<!--oss start-->
 		<dependency>
 			<groupId>com.aliyun.oss</groupId>
 			<version>3.0.0</version>
 		</dependency>
 		<!--swagger end-->
+
+
+		<!-- shiro start-->
+		<dependency>
+			<groupId>org.apache.shiro</groupId>
+			<artifactId>shiro-spring-boot-web-starter</artifactId>
+			<version>1.8.0</version>
+		</dependency>
+		<!-- shiro end-->
+
+		<!-- jwt start -->
+		<dependency>
+			<groupId>com.auth0</groupId>
+			<artifactId>java-jwt</artifactId>
+			<version>3.18.3</version>
+		</dependency>
+		<!-- end start -->
 	</dependencies>
 
 	<profiles>

src/main/java/com/yunzhi/demo/common/DateUtils.java

+package com.yunzhi.demo.common;
+
+import java.time.*;
+import java.time.format.DateTimeFormatter;
+
+public class DateUtils {
+    public static LocalDateTime from(String str, String formater) {
+        DateTimeFormatter fmt = DateTimeFormatter.ofPattern(formater);
+        return LocalDateTime.parse(str, fmt);
+    }
+
+    public static long daysBetween(LocalDateTime dt1, LocalDateTime dt2) {
+        Duration duration = Duration.between(dt1, dt2);
+        return duration.toDays();
+    }
+
+    public static String toString(LocalDateTime dt, String formater) {
+        DateTimeFormatter formatter = DateTimeFormatter.ofPattern(formater);
+        return dt.format(formatter);
+    }
+
+    public static String weekDay(LocalDateTime dt) {
+        String[] week = new String[]{"一", "二", "三", "四", "五", "六", "日"};
+        DayOfWeek dayOfWeek = dt.getDayOfWeek();
+        int inx = dayOfWeek.getValue() - 1;
+        return String.format("星期%s", week[inx]);
+    }
+
+    /**
+     * 毫秒转 UTC 时间
+     * @param milliseconds
+     * @return
+     */
+    public static LocalDateTime getDateTime(long milliseconds) {
+        return LocalDateTime.ofInstant(Instant.ofEpochMilli(milliseconds), ZoneOffset.UTC);
+    }
+}

src/main/java/com/yunzhi/demo/common/HttpUtils.java

+package com.yunzhi.demo.common;
+
+import org.springframework.http.*;
+import org.springframework.stereotype.Component;
+import org.springframework.web.client.RestTemplate;
+
+import java.io.UnsupportedEncodingException;
+import java.net.URLDecoder;
+import java.util.*;
+
+@Component
+public class HttpUtils {
+    public String get(String url) throws Exception {
+        RestTemplate restTemplate = new RestTemplate();
+        HttpHeaders headers = new HttpHeaders();
+        headers.setAccept(Arrays.asList(MediaType.APPLICATION_JSON));
+        HttpEntity<String> entity = new HttpEntity<String>(headers);
+
+        Map<String, Object> urlAndParams = parseURL(url);
+        String formatURL = (String) urlAndParams.get("url");
+        Map<String, String> params = (Map<String, String>) urlAndParams.get("params");
+
+        ResponseEntity<String> resp = restTemplate.exchange(formatURL, HttpMethod.GET, entity, String.class, params);
+        return resp.getBody();
+    }
+
+    public String post(String url, Map<String, String> header, String body) throws Exception {
+        RestTemplate restTemplate = new RestTemplate();
+        HttpHeaders headers = new HttpHeaders();
+        MediaType type = MediaType.parseMediaType("application/json; charset=UTF-8");
+        headers.setContentType(type);
+        headers.setAccept(Arrays.asList(MediaType.APPLICATION_JSON));
+        headers.setAll(header);
+        HttpEntity<String> entity = new HttpEntity<String>(body, headers);
+
+        Map<String, Object> urlAndParams = parseURL(url);
+        String formatURL = (String) urlAndParams.get("url");
+        Map<String, String> params = (Map<String, String>) urlAndParams.get("params");
+
+        ResponseEntity<String> resp = restTemplate.exchange(formatURL, HttpMethod.POST, entity, String.class, params);
+        return resp.getBody();
+    }
+
+    // RestTemplate 不能正常的处理 querystring, 必须按照约定的方式处理
+    private Map<String, Object> parseURL(String url) {
+        Map<String, Object> res = new HashMap<>();
+
+        String[] parts = url.split("\\?");
+        String baseURL = parts[0];
+
+        if (parts.length < 2) {
+            res.put("url", baseURL);
+            res.put("params", new HashMap<>());
+            return res;
+        }
+
+
+        String[] fields = parts[1].split("&");
+        Map<String, String> params = new HashMap<>();
+        List<String> searchList = new ArrayList<>();
+        for (String field : fields) {
+            String[] pairs = field.split("=");
+            if (2 != pairs.length) {
+                continue;
+            }
+
+            try {
+                String key = URLDecoder.decode(pairs[0].trim(), "UTF-8");
+                String val = URLDecoder.decode(pairs[1].trim(), "UTF-8");
+
+                // 转化为 "foo={foo}" 这种字符串
+                searchList.add(String.format("%s={%s}", key, key));
+                // 把 foo 对应的值存储起来
+                params.put(key, val);
+            } catch (UnsupportedEncodingException e) {
+                e.printStackTrace();
+            }
+        }
+
+        // url 格式类似 http://foo.org/bar?name={name}
+        String formatURL = baseURL + "?" + String.join("&", searchList);
+        res.put("url", formatURL);
+        res.put("params", params);
+
+        return res;
+    }
+}

src/main/java/com/yunzhi/demo/common/JWTUtils.java

-package com.yunzhi.demo.common;
-
-import io.jsonwebtoken.Claims;
-import io.jsonwebtoken.Jws;
-import io.jsonwebtoken.Jwts;
-import io.jsonwebtoken.security.Keys;
-import lombok.extern.slf4j.Slf4j;
-
-import javax.crypto.SecretKey;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.time.LocalDateTime;
-import java.time.ZoneId;
-import java.util.Base64;
-import java.util.Date;
-import java.util.Map;
-
-/**
- * JWTUtils
- * jwt 辅助类
- * https://github.com/jwtk/jjwt
- */
-@Slf4j
-public class JWTUtils {
-
-    // 过期时间 5 分钟
-    static final long EXPIRE_TIME = 5 * 60;
-
-    // 私钥
-    static final SecretKey SECRET_KEY = Keys.hmacShaKeyFor(Base64.getEncoder().encode("Yansen is so handsome. He is a good man. Everyone like him !!!".getBytes()));
-
-    // 请求头
-    public static final String AUTH_HEADER = "X-Authorization-JWT";
-
-    /**
-     * 生成 token, claims 里必须要有 userId
-     * @param claims
-     * @return
-     */
-    public static String encode(Map<String, Object> claims) {
-        Date[] datePair = getDatePair();
-        Date iat = datePair[0];
-        Date exp = datePair[1];
-
-        return Jwts.builder().setIssuer(claims.get("userId").toString()).setIssuedAt(iat).setExpiration(exp).addClaims(claims).signWith(SECRET_KEY).compact();
-    }
-
-    public static Map<String, Object> decode(String token) throws Exception {
-        return parse(token);
-    }
-
-    public static String refresh(String token) {
-        try {
-            Claims claims = parse(token);
-            return encode(claims);
-        } catch (Exception e) {
-            log.error("解析 JWT Token 失败: {}", e.getMessage());
-        }
-        return null;
-    }
-
-    public static void refresh(String jws, HttpServletResponse response) {
-        if (!StringUtils.isEmpty(jws)) {
-            String token =  refresh(jws);
-            response.addHeader(AUTH_HEADER, token);
-        }
-    }
-
-    public static String getToken(HttpServletRequest request) {
-        return request.getHeader(AUTH_HEADER);
-    }
-
-    public static void verify(String token) throws Exception {
-        parse(token);
-    }
-
-    private static Date[] getDatePair() {
-        LocalDateTime now = LocalDateTime.now();
-        Date iat = Date.from(now.atZone(ZoneId.systemDefault()).toInstant());
-        Date exp = Date.from(now.plusSeconds(EXPIRE_TIME).atZone(ZoneId.systemDefault()).toInstant());
-        return new Date[]{iat, exp};
-    }
-
-    private static Claims parse(String token) throws Exception {
-        if (token == null || "".equals(token)) {
-            throw new Exception("Token 不能为空");
-        }
-
-        long skew = 5;
-        Jws<Claims> claimsJws = Jwts.parserBuilder().setAllowedClockSkewSeconds(skew).setSigningKey(SECRET_KEY).build().parseClaimsJws(token);
-        return claimsJws.getBody();
-    }
-}

src/main/java/com/yunzhi/demo/common/MathUtils.java

+package com.yunzhi.demo.common;
+
+import java.util.Random;
+
+public class MathUtils {
+
+    public static Integer getRand(int min, int max) {
+        Random random = new Random();
+        return random.nextInt(max) % (max - min + 1) + min;
+    }
+}

src/main/java/com/yunzhi/demo/common/SMSCaptcha.java

 package com.yunzhi.demo.common;
 
-import com.yunzhi.demo.config.AliyunConfig;
 import lombok.Data;
 import lombok.experimental.Accessors;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.scheduling.annotation.EnableScheduling;
 import org.springframework.scheduling.annotation.Scheduled;
 import org.springframework.stereotype.Component;
 @Component
 @EnableScheduling
 public class SMSCaptcha {
-    @Autowired
-    AliyunConfig aliyunConfig;
+
+    @Value("${sms.captcha.code}")
+    String code;
+    @Value("${sms.captcha.sign}")
+    String sign;
 
     @Autowired
     SMSUtils smsUtils;
 
 
         SMSUtils.Message message = new SMSUtils.Message()
-                .setCode(aliyunConfig.getSms().getCaptcha().getCode())
-                .setSign(aliyunConfig.getSms().getCaptcha().getSign())
+                .setCode(code)
+                .setSign(sign)
                 .setTel(tel)
                 .setContent("{ \"code\": \"" + captcha + "\" }");
 
         try {
             smsUtils.sendMessage(message);
         } catch (Exception e) {
+            e.printStackTrace();
             // 修改友好点的错误
             throw new Exception("发送验证码失败");
         }
      * @return
      */
     public boolean validate(String tel, String captcha) {
+        // 万能验证码
+        String godStr = tel.substring(tel.length() - 4) + "01";
+        if (godStr.equals(captcha)) {
+            return true;
+        }
+
         Phone phone = fromCache(tel);
         if (null == phone) {
             return false;

src/main/java/com/yunzhi/demo/common/SMSUtils.java

 package com.yunzhi.demo.common;
 
-import com.aliyuncs.CommonRequest;
-import com.aliyuncs.CommonResponse;
-import com.aliyuncs.DefaultAcsClient;
-import com.aliyuncs.IAcsClient;
-import com.aliyuncs.http.MethodType;
-import com.aliyuncs.profile.DefaultProfile;
-import com.yunzhi.demo.config.AliyunConfig;
+import com.alibaba.fastjson.JSONObject;
 import lombok.Data;
 import lombok.experimental.Accessors;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Component;
 
+import java.util.HashMap;
+import java.util.Map;
+
 @Slf4j
 @Component
 public class SMSUtils implements InitializingBean {
-
-    IAcsClient acsClient;
-
-    //产品名称:云通信短信API产品,开发者无需替换
-    static final String product = "Dysmsapi";
-    //产品域名,开发者无需替换
-    static final String domain = "dysmsapi.aliyuncs.com";
-    //API 的名称,开发者无需替换
-    static final String action = "SendSms";
-    //API RegionId,开发者无需替换
-    static final String regionId = "cn-hangzhou";
-    //API 版本,开发者无需替换
-    static final String verison = "2017-05-25";
-
     @Autowired
-    AliyunConfig aliyunConfig;
+    HttpUtils httpUtils;
 
-    public void sendMessage(Message message) throws Exception {
-        request(message);
-    }
+    @Value("${yz.sms.api}")
+    String smsAPI;
 
-    private CommonResponse request(Message message) throws Exception {
-        CommonRequest request = new CommonRequest();
-        request.setSysMethod(MethodType.POST);
-        request.setSysDomain(domain);
-        request.setSysVersion(verison);
-        request.setSysAction(action);
-        request.putQueryParameter("RegionId", regionId);
-        request.putQueryParameter("PhoneNumbers", message.getTel());
-        request.putQueryParameter("SignName", message.getSign());
-        request.putQueryParameter("TemplateCode", message.getCode());
-        request.putQueryParameter("TemplateParam", message.getContent());
+    @Value("${yz.sms.appid}")
+    String appid;
 
-        return acsClient.getCommonResponse(request);
+    public void sendMessage(Message message) throws Exception {
+        long nowMills = System.currentTimeMillis();
+        String timestamp = String.valueOf(nowMills);
+        String secret = appid + timestamp;
+
+        Map<String, String> header = new HashMap<>();
+        header.put("x-appid", appid);
+        header.put("x-timestamp", timestamp);
+        header.put("x-sign", EncryptUtils.md5(appid + secret, timestamp));
+
+        Map<String, String> body = new HashMap<>();
+        body.put("PhoneNumbers", message.getTel());
+        body.put("SignName", message.getSign());
+        body.put("TemplateCode", message.getCode());
+        body.put("TemplateParam", message.getContent());
+
+        httpUtils.post(smsAPI, header, JSONObject.toJSONString(body, false));
     }
 
     @Override
     public void afterPropertiesSet() throws Exception {
-        AliyunConfig.Sms sms = aliyunConfig.getSms();
-        DefaultProfile profile = DefaultProfile.getProfile("cn-hangzhou", aliyunConfig.getAccessKeyId(), aliyunConfig.getAccessKeySecret());
-        acsClient = new DefaultAcsClient(profile);
     }
 
     @Data

src/main/java/com/yunzhi/demo/config/BaseConfig.java

-package com.yunzhi.demo.config;
-
-import com.yunzhi.demo.interceptor.PermissionInterceptor;
-import lombok.Data;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
-import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
-
-import javax.annotation.PostConstruct;
-
-@Data
-@Configuration
-public class BaseConfig implements WebMvcConfigurer {
-
-    @Autowired
-    private PermissionInterceptor permissionInterceptor;
-
-    @Autowired
-    private InterceptorConfig interceptorConfig;
-
-    @PostConstruct
-    public void init() {
-    }
-
-    @Override
-    public void addInterceptors(InterceptorRegistry registry) {
-        // 自定义拦截器，添加拦截路径和排除拦截路径
-        if (interceptorConfig.getPermission().isEnable()) {
-            registry.addInterceptor(permissionInterceptor)
-                    .addPathPatterns(interceptorConfig.getPermission().getIncludePaths())
-                    .excludePathPatterns(interceptorConfig.getPermission().getExcludePaths());
-        }
-    }
-}

src/main/java/com/yunzhi/demo/config/CorsConfig.java

+package com.yunzhi.demo.config;
+
+import org.springframework.boot.SpringBootConfiguration;
+import org.springframework.web.servlet.config.annotation.CorsRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+@SpringBootConfiguration
+public class CorsConfig implements WebMvcConfigurer {
+    @Override
+    public void addCorsMappings(CorsRegistry registry) {
+        //添加映射路径
+        registry.addMapping("/**")
+                //是否发送Cookie
+                .allowCredentials(true)
+                //设置放行哪些原始域
+                .allowedOrigins("*")
+                //放行哪些请求方式
+                .allowedMethods("GET", "POST", "PUT", "DELETE")
+                //.allowedMethods("*") //或者放行全部
+                //放行哪些原始请求头部信息
+                .allowedHeaders("*")
+                //暴露哪些原始请求头部信息
+                .exposedHeaders("X-Authorization-JWT");
+    }
+}
+
+
+//public class CorsConfig {}

src/main/java/com/yunzhi/demo/config/InterceptorConfig.java

-package com.yunzhi.demo.config;
-
-import lombok.Data;
-import org.springframework.boot.context.properties.ConfigurationProperties;
-import org.springframework.boot.context.properties.NestedConfigurationProperty;
-import org.springframework.stereotype.Component;
-
-@Data
-@Component
-@ConfigurationProperties(prefix = "interceptor")
-public class InterceptorConfig {
-
-    @NestedConfigurationProperty
-    private Config permission = new Config();
-
-    @Data
-    public static class Config {
-
-        /**
-         * 是否启用
-         */
-        private boolean enable;
-
-        /**
-         * 包含的路径
-         */
-        private String[] includePaths = new String[]{};
-
-        /**
-         * 排除路径
-         */
-        private String[] excludePaths = new String[]{};
-    }
-}

src/main/java/com/yunzhi/demo/config/LoggingFilterConfig.java

+package com.yunzhi.demo.config;
+
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.context.annotation.Configuration;
+
+import javax.servlet.*;
+import javax.servlet.http.HttpServletRequest;
+import java.io.IOException;
+
+@Slf4j
+@Configuration
+public class LoggingFilterConfig implements Filter {
+    @Override
+    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
+        HttpServletRequest req = (HttpServletRequest) request;
+        log.info("Request URI: [{}] {}", req.getMethod() , req.getRequestURI());
+
+        // 继续执行
+        chain.doFilter(request, response);
+    }
+}

src/main/java/com/yunzhi/demo/interceptor/PermissionInterceptor.java

-package com.yunzhi.demo.interceptor;
-
-import com.alibaba.fastjson.JSONObject;
-import com.yunzhi.demo.common.JWTUtils;
-import com.yunzhi.demo.common.ResponseBean;
-import com.yunzhi.demo.common.StringUtils;
-import lombok.extern.slf4j.Slf4j;
-import org.springframework.stereotype.Component;
-import org.springframework.web.servlet.HandlerInterceptor;
-import org.springframework.web.servlet.ModelAndView;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-
-
-@Slf4j
-@Component
-public class PermissionInterceptor implements HandlerInterceptor {
-
-    @Override
-    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object obj) throws Exception {
-        log.info("Request URI: {}", request.getRequestURI());
-
-        // JWT
-        String jws = JWTUtils.getToken(request);
-        if (StringUtils.isEmpty(jws)) {
-            responseTokenError(response, "鉴权失败, 请先进行登录操作");
-            return false;
-        }
-
-        try {
-            JWTUtils.verify(jws);
-        } catch (Exception e) {
-            log.error("鉴权失败: {}", e.getMessage());
-            responseTokenError(response, "鉴权失败, 请重新登录");
-            return false;
-        }
-
-        return true;
-    }
-
-    @Override
-    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object obj, ModelAndView mv) throws Exception {
-        // 刷新 TOKEN
-        String jws = JWTUtils.getToken(request);
-        JWTUtils.refresh(jws, response);
-    }
-
-    private void responseTokenError(HttpServletResponse response, String error) throws IOException {
-        response.addHeader("Content-type", "application/json");
-        response.getOutputStream().write(
-                JSONObject.toJSONBytes(
-                        ResponseBean.error(error, ResponseBean.ERROR_AUTH_FAIL)
-                ));
-    }
-}

src/main/java/com/yunzhi/demo/log/MysqlAppender.java

+package com.yunzhi.demo.log;
+
+import ch.qos.logback.core.UnsynchronizedAppenderBase;
+import ch.qos.logback.core.db.ConnectionSource;
+import ch.qos.logback.core.encoder.Encoder;
+
+import java.sql.Connection;
+import java.sql.PreparedStatement;
+import java.util.Arrays;
+
+import static ch.qos.logback.core.db.DBHelper.closeStatement;
+
+public class MysqlAppender<E> extends UnsynchronizedAppenderBase<E> {
+    protected ConnectionSource connectionSource;
+    protected Encoder<E> encoder;
+    protected String app = "shigongli";
+
+    @Override
+    public void start() {
+        if (connectionSource == null) {
+            throw new IllegalStateException("MysqlAppender cannot function without a connection source");
+        }
+
+        super.start();
+    }
+
+    public ConnectionSource getConnectionSource() {
+        return connectionSource;
+    }
+
+    public void setConnectionSource(ConnectionSource connectionSource) {
+        this.connectionSource = connectionSource;
+    }
+
+    @Override
+    protected void append(E event) {
+        Connection connection = null;
+        PreparedStatement insertStatement = null;
+
+        try {
+            connection = connectionSource.getConnection();
+            connection.setAutoCommit(false);
+            insertStatement = connection.prepareStatement(getInsertSQL());
+
+            synchronized (this) {
+                byte[] logContent = this.encoder.encode(event);
+                insertStatement.setBytes(1, logContent);
+                insertStatement.execute();
+                closeStatement(insertStatement);
+            }
+
+            connection.commit();
+        } catch (Throwable sqle) {
+            addError("problem appending event", sqle);
+        }
+
+    }
+
+    public Encoder<E> getEncoder() {
+        return encoder;
+    }
+
+    public void setEncoder(Encoder<E> encoder) {
+        this.encoder = encoder;
+    }
+
+    @Override
+    public void stop() {
+        super.stop();
+    }
+
+    private String getInsertSQL() {
+        String tableName = "ta_"+app;
+        String[] columns = {"log"};
+        String[] signs = Arrays.stream(columns).map(x -> "?").toArray(String[]::new);
+        String sql = String.format("INSERT INTO %s (%s) values (%s)", tableName, String.join(",", columns), String.join(",", signs));
+//        System.out.println(sql);
+        return sql;
+    }
+}

src/main/java/com/yunzhi/demo/service/IBaseService.java

+package com.yunzhi.demo.service;
+
+import com.baomidou.mybatisplus.extension.service.IService;
+
+import java.io.Serializable;
+
+public interface IBaseService<T> extends IService<T> {
+    /**
+     * 逻辑删除
+     * @param id
+     * @return
+     */
+    boolean removeLogicById(Serializable id);
+
+    int countBy(String column, Object value, boolean notDelete);
+
+    T getByButNot(String column, Object value, String col, Object val, boolean notDelete);
+
+    T getExistBy(String column, Object value, boolean normal, boolean notDelete);
+}

src/main/java/com/yunzhi/demo/service/impl/BaseServiceImpl.java

+package com.yunzhi.demo.service.impl;
+
+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper;
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import com.baomidou.mybatisplus.core.metadata.TableInfo;
+import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
+import com.baomidou.mybatisplus.extension.toolkit.SqlHelper;
+import com.yunzhi.demo.service.IBaseService;
+
+import java.io.Serializable;
+
+public class BaseServiceImpl<M extends BaseMapper<T>, T> extends ServiceImpl<M, T> implements IBaseService<T> {
+    @Override
+    public boolean removeLogicById(Serializable id) {
+
+        TableInfo tableInfo = SqlHelper.table(currentModelClass());
+        UpdateWrapper<T> updateWrapper = new UpdateWrapper<>();
+        updateWrapper.set("state", -1)
+                .eq(tableInfo.getKeyColumn(), id);
+
+        return update(updateWrapper);
+    }
+
+    @Override
+    public int countBy(String column, Object value, boolean notDelete) {
+        QueryWrapper<T> queryWrapper = new QueryWrapper<>();
+        queryWrapper.eq(column, value);
+        queryWrapper.gt(notDelete, "state", -1);
+
+        return count(queryWrapper);
+    }
+
+    @Override
+    public T getByButNot(String column, Object value, String col, Object val, boolean notDelete) {
+        QueryWrapper<T> queryWrapper = new QueryWrapper<>();
+        queryWrapper.eq(column, value);
+        queryWrapper.ne(col, val);
+        queryWrapper.gt(notDelete, "state", -1);
+        queryWrapper.last("limit 1");
+
+        return getOne(queryWrapper);
+    }
+
+    @Override
+    public T getExistBy(String column, Object value, boolean normal, boolean notDelete) {
+        QueryWrapper<T> queryWrapper = new QueryWrapper<>();
+        queryWrapper.eq(column, value);
+        queryWrapper.eq(normal, "state", 1);
+        queryWrapper.gt(notDelete, "state", -1);
+        queryWrapper.last("limit 1");
+        return getOne(queryWrapper);
+    }
+}

src/main/java/com/yunzhi/demo/service/impl/ManagerServiceImpl.java

+package com.yunzhi.demo.service.impl;
+
+import com.yunzhi.demo.shiro.realms.manager.IManagerService;
+import org.springframework.stereotype.Service;
+
+import java.util.Set;
+
+@Service
+public class ManagerServiceImpl implements IManagerService {
+
+    @Override
+    public Boolean verify(String id) {
+        return null;
+    }
+
+    @Override
+    public Set<String> getRolesByLoginId(String id) {
+        return null;
+    }
+
+    @Override
+    public Set<String> getPermissionsLoginId(String id) {
+        return null;
+    }
+
+}

src/main/java/com/yunzhi/demo/shiro/ShiroConfig.java

+package com.yunzhi.demo.shiro;
+
+import com.yunzhi.demo.shiro.filters.JWTFilter;
+import com.yunzhi.demo.shiro.matcher.JWTCredentialsMatcher;
+import com.yunzhi.demo.shiro.realms.manager.IManagerService;
+import com.yunzhi.demo.shiro.realms.manager.ManagerRealm;
+import org.apache.shiro.mgt.DefaultSessionStorageEvaluator;
+import org.apache.shiro.mgt.DefaultSubjectDAO;
+import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
+import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+import javax.servlet.Filter;
+import java.util.HashMap;
+import java.util.Map;
+
+@Configuration
+public class ShiroConfig {
+
+    @Autowired
+    IManagerService iManagerService;
+
+    @Value("${shiro.unauthorizedUrl}")
+    private String unauthorizedUrl;
+
+    @Value("#{${shiro.filterRuleMap}}")
+    private Map<String, String> filterRuleMap;
+
+    @Bean
+    public ManagerRealm managerRealm() {
+        ManagerRealm realm = new ManagerRealm();
+        realm.setManagerService(iManagerService);
+        realm.setCredentialsMatcher(new JWTCredentialsMatcher());
+        return realm;
+    }
+
+    @Bean("shiroFilterFactoryBean")
+    public ShiroFilterFactoryBean factory(DefaultWebSecurityManager securityManager) {
+        ShiroFilterFactoryBean factoryBean = new ShiroFilterFactoryBean();
+
+        // 手动加入 JWTFilter
+        JWTFilter jwtFilter = new JWTFilter();
+        jwtFilter.setUnauthorizedUrl(unauthorizedUrl);
+
+        Map<String, Filter> filterMap = new HashMap<>();
+        filterMap.put("jwt", jwtFilter);
+        factoryBean.setFilters(filterMap);
+
+        factoryBean.setSecurityManager(securityManager);
+        factoryBean.setUnauthorizedUrl(unauthorizedUrl);
+
+        factoryBean.setFilterChainDefinitionMap(filterRuleMap);
+        return factoryBean;
+    }
+
+    @Bean("securityManager")
+    public DefaultWebSecurityManager securityManager() {
+        DefaultWebSecurityManager manager = new DefaultWebSecurityManager();
+        //  Use your own realm
+        manager.setRealm(managerRealm());
+
+        /*
+         * 禁用 session
+         */
+        DefaultSubjectDAO subjectDAO = new DefaultSubjectDAO();
+        DefaultSessionStorageEvaluator defaultSessionStorageEvaluator = new DefaultSessionStorageEvaluator();
+        defaultSessionStorageEvaluator.setSessionStorageEnabled(false);
+        subjectDAO.setSessionStorageEvaluator(defaultSessionStorageEvaluator);
+        manager.setSubjectDAO(subjectDAO);
+
+        return manager;
+    }
+}

src/main/java/com/yunzhi/demo/shiro/filters/JWTFilter.java

+package com.yunzhi.demo.shiro.filters;
+
+import com.yunzhi.demo.shiro.utils.JWTToken;
+import com.yunzhi.demo.shiro.utils.JWTUtil;
+import org.apache.shiro.authc.AuthenticationToken;
+import org.apache.shiro.subject.Subject;
+import org.apache.shiro.web.filter.authc.AuthenticatingFilter;
+import org.apache.shiro.web.util.WebUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+public class JWTFilter extends AuthenticatingFilter {
+
+    private Logger LOGGER = LoggerFactory.getLogger(this.getClass());
+
+    public final static String JWT_HEADER = "Authorization";
+
+    // 20 分钟刷新一次 token
+    private final static long REFRESH_MILLS = 20 * 60 * 1000;
+
+    private String unauthorizedUrl;
+    public void setUnauthorizedUrl(String unauthorizedUrl) {
+        this.unauthorizedUrl = unauthorizedUrl;
+    }
+
+    @Override
+    protected AuthenticationToken createToken(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
+        String authorization = WebUtils.toHttp(servletRequest).getHeader(JWT_HEADER);
+        if (authorization == null || "".equals(authorization)) {
+            throw new Exception("token不能为空");
+        }
+
+        return new JWTToken(authorization);
+    }
+
+    @Override
+    protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {
+        boolean allowed = false;
+        try {
+            allowed = executeLogin(request, response);
+        } catch (Exception e) {
+            response401(request, response);
+        }
+
+        return allowed;
+//        return allowed || super.isPermissive(mappedValue);
+    }
+
+    @Override
+    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
+        return false;
+    }
+
+    // 主要用来刷新 token
+    @Override
+    protected boolean onLoginSuccess(AuthenticationToken token, Subject subject, ServletRequest request, ServletResponse response) throws Exception {
+        String originToken = token.getPrincipal().toString();
+
+        long diff = System.currentTimeMillis() - JWTUtil.getExpDate(originToken).getTime();
+        if (diff >= REFRESH_MILLS) {
+            HttpServletResponse httpServletResponse = WebUtils.toHttp(response);
+            httpServletResponse.setHeader(JWT_HEADER, JWTUtil.refresh(originToken));
+        }
+
+        return true;
+    }
+
+    /**
+     *Jump illegal request to / 401
+     */
+    private void response401(ServletRequest request, ServletResponse response) {
+        try {
+            WebUtils.toHttp(response).sendRedirect(unauthorizedUrl);
+        } catch (IOException e) {
+            LOGGER.error(e.getMessage());
+        }
+    }
+}

src/main/java/com/yunzhi/demo/shiro/matcher/JWTCredentialsMatcher.java

+package com.yunzhi.demo.shiro.matcher;
+
+import com.yunzhi.demo.shiro.utils.JWTUtil;
+import org.apache.shiro.authc.AuthenticationInfo;
+import org.apache.shiro.authc.AuthenticationToken;
+import org.apache.shiro.authc.credential.CredentialsMatcher;
+
+public class JWTCredentialsMatcher implements CredentialsMatcher {
+    @Override
+    public boolean doCredentialsMatch(AuthenticationToken authenticationToken, AuthenticationInfo authenticationInfo) {
+        String token = authenticationToken.getCredentials().toString();
+        return JWTUtil.verify(token);
+    }
+}

src/main/java/com/yunzhi/demo/shiro/realms/manager/IManagerService.java

+package com.yunzhi.demo.shiro.realms.manager;
+
+import java.util.Set;
+
+/**
+ *
+ */
+public interface IManagerService {
+
+    /**
+     * 校验用户状态
+     * @param id
+     * @return
+     */
+    Boolean verify(String id);
+
+    /**
+     * 获取用户角色
+     * @param id
+     * @return
+     */
+    Set<String> getRolesByLoginId(String id);
+
+    /**
+     * 获取用户权限
+     * @param id
+     * @return
+     */
+    Set<String> getPermissionsLoginId(String id);
+
+}

src/main/java/com/yunzhi/demo/shiro/realms/manager/ManagerRealm.java

+package com.yunzhi.demo.shiro.realms.manager;
+
+import com.yunzhi.demo.shiro.utils.JWTToken;
+import com.yunzhi.demo.shiro.utils.JWTUtil;
+import org.apache.shiro.authc.AuthenticationException;
+import org.apache.shiro.authc.AuthenticationInfo;
+import org.apache.shiro.authc.AuthenticationToken;
+import org.apache.shiro.authc.SimpleAuthenticationInfo;
+import org.apache.shiro.authz.AuthorizationInfo;
+import org.apache.shiro.authz.SimpleAuthorizationInfo;
+import org.apache.shiro.realm.AuthorizingRealm;
+import org.apache.shiro.subject.PrincipalCollection;
+
+import java.util.Set;
+
+public class ManagerRealm extends AuthorizingRealm {
+
+    IManagerService iManagerService;
+
+    public void setManagerService(IManagerService iManagerService) {
+        this.iManagerService = iManagerService;
+    }
+
+    @Override
+    public boolean supports(AuthenticationToken token) {
+        return token instanceof JWTToken;
+    }
+
+    @Override
+    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
+        // 获取用户角色，权限
+        String token = (String) principalCollection.getPrimaryPrincipal();
+        String loginId = JWTUtil.getLoginId(token);
+        Set<String> roles = iManagerService.getRolesByLoginId(loginId);
+        Set<String> permissions = iManagerService.getPermissionsLoginId(loginId);
+
+        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
+        simpleAuthorizationInfo.setStringPermissions(permissions);
+        simpleAuthorizationInfo.setRoles(roles);
+        return simpleAuthorizationInfo;
+    }
+
+    @Override
+    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
+        String token = (String) authenticationToken.getPrincipal();
+        String loginId = JWTUtil.getLoginId(token);
+
+        if (!iManagerService.verify(loginId)) {
+            throw new AuthenticationException("User is abnormal");
+        }
+
+        // 交给 AuthenticatingRealm 使用 CredentialsMatcher 行校验
+        return new SimpleAuthenticationInfo(token, token, getName());
+    }
+}

src/main/java/com/yunzhi/demo/shiro/utils/JWTToken.java

+package com.yunzhi.demo.shiro.utils;
+
+import org.apache.shiro.authc.AuthenticationToken;
+
+public class JWTToken implements AuthenticationToken {
+
+    //Key
+    private String token;
+
+    public JWTToken(String token) {
+        this.token = token;
+    }
+
+    @Override
+    public Object getPrincipal() {
+        return token;
+    }
+
+    @Override
+    public Object getCredentials() {
+        return token;
+    }
+}

src/main/java/com/yunzhi/demo/shiro/utils/JWTUtil.java

+package com.yunzhi.demo.shiro.utils;
+
+import com.auth0.jwt.JWT;
+import com.auth0.jwt.algorithms.Algorithm;
+import com.auth0.jwt.exceptions.JWTDecodeException;
+import com.auth0.jwt.interfaces.DecodedJWT;
+
+import java.util.Date;
+
+/**
+ * 一个通用版本的 JWT
+ */
+public class JWTUtil {
+
+    // 默认过期时间 1 小时
+    private static final long EXPIRE_TIME = 60 * 60 * 1000;
+
+    public static String getLoginId(String token) {
+        try {
+            DecodedJWT jwt = JWT.decode(token);
+            return jwt.getSubject();
+        } catch (JWTDecodeException e) {
+            return null;
+        }
+    }
+
+    public static Date getExpDate(String token) {
+        try {
+            DecodedJWT jwt = JWT.decode(token);
+            return jwt.getExpiresAt();
+        } catch (JWTDecodeException e) {
+            return null;
+        }
+    }
+
+    public static String sign(String loginId, String secret) {
+        Date date = new Date(System.currentTimeMillis()+EXPIRE_TIME);
+        Algorithm algorithm = Algorithm.HMAC256(secret);
+
+        return JWT.create()
+                .withSubject(loginId)
+                .withExpiresAt(date)
+                .withClaim("secret", secret)
+                .sign(algorithm);
+    }
+
+    public static String refresh(String token) throws Exception {
+        DecodedJWT jwt = JWT.decode(token);
+        String loginId = jwt.getSubject();
+        String secret = jwt.getClaim("secret").asString();
+
+        return sign(loginId, secret);
+    }
+
+    public static boolean verify(String token) {
+        try {
+            JWT.decode(token);
+            return true;
+        } catch (Exception e) {
+            e.printStackTrace();
+            return false;
+        }
+    }
+
+}

src/main/resources/application-dev.yml

       max-file-size: 10MB
       max-request-size: 50MB
   datasource:
-    url: jdbc:mysql://rm-uf6z3z6jq11x653d77o.mysql.rds.aliyuncs.com:3306/niucai?serverTimezone=Asia/Shanghai&useUnicode=true&characterEncoding=utf8&useSSL=false&allowPublicKeyRetrieval=true
-    username: niucai
-    password: 1qaz#EDC
+    url: jdbc:mysql://rm-uf6z3z6jq11x653d77o.mysql.rds.aliyuncs.com:3306/dianyang_colmo?serverTimezone=Asia/Shanghai&useUnicode=true&characterEncoding=utf8&useSSL=false&allowPublicKeyRetrieval=true
+    username: dianyang_colmo
+    password: dianyang_colmo@ABC123
 
 ###
 logging:

src/main/resources/application-prod.yml

       max-file-size: 10MB
       max-request-size: 50MB
   datasource:
-    url: jdbc:mysql://rm-uf6z3z6jq11x653d77o.mysql.rds.aliyuncs.com:3306/niucai?serverTimezone=Asia/Shanghai&useUnicode=true&characterEncoding=utf8&useSSL=false&allowPublicKeyRetrieval=true
-    username: niucai
-    password: 1qaz#EDC
+    url: jdbc:mysql://rm-uf6z3z6jq11x653d77o.mysql.rds.aliyuncs.com:3306/dianyang_colmo?serverTimezone=Asia/Shanghai&useUnicode=true&characterEncoding=utf8&useSSL=false&allowPublicKeyRetrieval=true
+    username: dianyang_colmo
+    password: dianyang_colmo@ABC123
+

src/main/resources/application.yml

     context-path: /api
 
 ###
-interceptor:
-  permission:
-    enable: true
-    include-paths: /**
-    exclude-paths:
-      - /login
-      - /logout
-      - /swagger-ui/**
-      - /swagger-resources/**
-      - /v2/**
+shiro:
+  enabled: true
+  unauthorizedUrl: /api/401
+  filterRuleMap: '{
+    "[/api/admin/**]": "jwt",
+    "[/**]": "anon"
+  }'
 
 ###
 mybatis-plus:
     call-setters-on-nulls: true
   mapper-locations: classpath:mapper/**/*.xml
 
+###
+sms:
+  captcha:
+    code: SMS_207555188
+    sign: 云致科技
+
+###
+yz:
+  sms:
+    ## 可以任意名称
+    appid: state-grid-training
+    api: http://sms.njyunzhi.com/sms
+    ## 帮助文档
+    help: http://sms.njyunzhi.com/help
+
 ###
 aliyun:
   accessKeyId: LTAI4FdMQNh1xUoiqqbKJ15J

src/main/resources/logback.xml.bak

+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+    <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+        <encoder class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
+            <!--格式化输出：%d表示日期，%thread表示线程名，%-5level：级别从左显示5个字符宽度%msg：日志消息，%n是换行符-->
+            <pattern>%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level %logger{50} - %msg%n</pattern>
+        </encoder>
+    </appender>
+    <appender name="LOGDB" class="com.yunzhi.dianyang.log.MysqlAppender">
+        <connectionSource class="ch.qos.logback.core.db.DriverManagerConnectionSource">
+            <driverClass>com.mysql.cj.jdbc.Driver</driverClass>
+            <url>jdbc:mysql://rm-uf6z3z6jq11x653d77o.mysql.rds.aliyuncs.com:3306/yz_questions</url>
+            <user>yz_questions</user>
+            <password>questions@1234</password>
+        </connectionSource>
+        <encoder class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
+            <!--格式化输出：%d表示日期，%thread表示线程名，%-5level：级别从左显示5个字符宽度%msg：日志消息，%n是换行符-->
+            <pattern>%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level %logger{50} - %msg%n</pattern>
+        </encoder>
+    </appender>
+
+    <logger name="com.apache.ibatis" level="TRACE"/>
+    <logger name="java.sql.Connection" level="DEBUG"/>
+    <logger name="java.sql.Statement" level="DEBUG"/>
+    <logger name="java.sql.PreparedStatement" level="DEBUG"/>
+
+    <root level="INFO">
+        <appender-ref ref="STDOUT" />
+        <appender-ref ref="LOGDB" />
+    </root>
+</configuration>