Home Explore Help
Register Sign In
HJY
/
lineage
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

fix APP login,fix login SMS send

Alex 4 years ago
parent
41e1e676c4
commit
eb807b6dfd
8 changed files with 372 additions and 49 deletions
Unified View Show Diff Stats
  1. 126 0
      ruoyi-app/src/main/java/com/ruoyi/app/base/AppLoginUser.java
  2. 195 0
      ruoyi-app/src/main/java/com/ruoyi/app/base/AppTokenService.java
  3. 0 20
      ruoyi-app/src/main/java/com/ruoyi/app/base/TokenService.java
  4. 23 9
      ruoyi-app/src/main/java/com/ruoyi/app/controller/AppLoginController.java
  5. 16 19
      ruoyi-app/src/main/java/com/ruoyi/app/util/AliSMSUtil.java
  6. 1 1
      ruoyi-app/src/main/resources/application.yml
  7. 8 0
      ruoyi-common/src/main/java/com/ruoyi/common/constant/Constants.java
  8. 3 0
      ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java

+ 126 - 0
ruoyi-app/src/main/java/com/ruoyi/app/base/AppLoginUser.java
View File 

@@ -0,0 +1,126 @@
 
+package com.ruoyi.app.base;
 
+
 
+import com.ruoyi.app.domain.TbAppUser;
 
+
 
+/**
 
+ * App登录用户
 
+ */
 
+public class AppLoginUser {
 
+    private static final long serialVersionUID = 1L;
 
+
 
+    /**
 
+     * 用户唯一标识
 
+     */
 
+    private String token;
 
+
 
+    /**
 
+     * 登陆时间
 
+     */
 
+    private Long loginTime;
 
+
 
+    /**
 
+     * 过期时间
 
+     */
 
+    private Long expireTime;
 
+
 
+    /**
 
+     * 登录IP地址
 
+     */
 
+    private String ipaddr;
 
+
 
+    /**
 
+     * 登录地点
 
+     */
 
+    private String loginLocation;
 
+
 
+    /**
 
+     * 浏览器类型
 
+     */
 
+    private String browser;
 
+
 
+    /**
 
+     * 操作系统
 
+     */
 
+    private String os;
 
+
 
+    /**
 
+     * 用户信息
 
+     */
 
+    private TbAppUser user;
 
+
 
+    public String getToken() {
 
+        return token;
 
+    }
 
+    public void setToken(String token) {
 
+        this.token = token;
 
+    }
 
+
 
+    public AppLoginUser() {}
 
+    public AppLoginUser(TbAppUser user) {
 
+        this.user = user;
 
+    }
 
+
 
+    public Long getLoginTime()
 
+    {
 
+        return loginTime;
 
+    }
 
+    public void setLoginTime(Long loginTime)
 
+    {
 
+        this.loginTime = loginTime;
 
+    }
 
+
 
+    public String getIpaddr()
 
+    {
 
+        return ipaddr;
 
+    }
 
+    public void setIpaddr(String ipaddr)
 
+    {
 
+        this.ipaddr = ipaddr;
 
+    }
 
+
 
+    public String getLoginLocation()
 
+    {
 
+        return loginLocation;
 
+    }
 
+    public void setLoginLocation(String loginLocation)
 
+    {
 
+        this.loginLocation = loginLocation;
 
+    }
 
+
 
+    public String getBrowser()
 
+    {
 
+        return browser;
 
+    }
 
+    public void setBrowser(String browser)
 
+    {
 
+        this.browser = browser;
 
+    }
 
+
 
+    public String getOs()
 
+    {
 
+        return os;
 
+    }
 
+    public void setOs(String os)
 
+    {
 
+        this.os = os;
 
+    }
 
+
 
+    public Long getExpireTime()
 
+    {
 
+        return expireTime;
 
+    }
 
+    public void setExpireTime(Long expireTime)
 
+    {
 
+        this.expireTime = expireTime;
 
+    }
 
+
 
+    public TbAppUser getUser()
 
+    {
 
+        return user;
 
+    }
 
+    public void setUser(TbAppUser user)
 
+    {
 
+        this.user = user;
 
+    }
 
+
 
+}

+ 195 - 0
ruoyi-app/src/main/java/com/ruoyi/app/base/AppTokenService.java
View File 

@@ -0,0 +1,195 @@
 
+package com.ruoyi.app.base;
 
+
 
+import com.auth0.jwt.JWT;
 
+import com.auth0.jwt.algorithms.Algorithm;
 
+import com.ruoyi.app.domain.TbAppUser;
 
+import com.ruoyi.common.constant.Constants;
 
+import com.ruoyi.common.core.domain.model.LoginUser;
 
+import com.ruoyi.common.core.redis.RedisCache;
 
+import com.ruoyi.common.utils.ServletUtils;
 
+import com.ruoyi.common.utils.StringUtils;
 
+import com.ruoyi.common.utils.ip.AddressUtils;
 
+import com.ruoyi.common.utils.ip.IpUtils;
 
+import com.ruoyi.common.utils.uuid.IdUtils;
 
+import eu.bitwalker.useragentutils.UserAgent;
 
+import io.jsonwebtoken.Claims;
 
+import io.jsonwebtoken.Jwts;
 
+import io.jsonwebtoken.SignatureAlgorithm;
 
+import org.springframework.beans.factory.annotation.Autowired;
 
+import org.springframework.beans.factory.annotation.Value;
 
+import org.springframework.stereotype.Service;
 
+
 
+import javax.servlet.http.HttpServletRequest;
 
+import java.util.HashMap;
 
+import java.util.Map;
 
+import java.util.concurrent.TimeUnit;
 
+
 
+
 
+/**
 
+ * @author Alex
 
+ */
 
+@Service("TokenService")
 
+public class AppTokenService {
 
+
 
+    /**令牌自定义标识*/
 
+    @Value("${token.header}")
 
+    private String header;
 
+    /**令牌秘钥*/
 
+    @Value("${token.secret}")
 
+    private String secret;
 
+    /**令牌有效期(默认7天)*/
 
+    @Value("${token.expireTime}")
 
+    private int expireTime;
 
+
 
+    protected static final long MILLIS_SECOND = 1000;
 
+    protected static final long MILLIS_MINUTE = 60 * MILLIS_SECOND;
 
+    private static final Long MILLIS_MINUTE_TEN = 20 * 60 * 1000L;
 
+
 
+    @Autowired
 
+    private RedisCache redisCache;
 
+
 
+    /**
 
+     * 获取用户身份信息
 
+     *
 
+     * @return 用户信息
 
+     */
 
+    public LoginUser getLoginUser(HttpServletRequest request) {
 
+        // 获取请求携带的令牌
 
+        String token = getToken(request);
 
+        if (StringUtils.isNotEmpty(token)) {
 
+            Claims claims = parseToken(token);
 
+            // 解析对应的用户信息
 
+            String uuid = (String) claims.get(Constants.APP_LOGIN_USER_KEY);
 
+            String userKey = getTokenKey(uuid);
 
+            LoginUser user = redisCache.getCacheObject(userKey);
 
+            return user;
 
+        }
 
+        return null;
 
+    }
 
+    /**
 
+     * 设置用户身份信息
 
+     */
 
+    public void setLoginUser(AppLoginUser loginUser) {
 
+        if (StringUtils.isNotNull(loginUser) && StringUtils.isNotEmpty(loginUser.getToken())) {
 
+            refreshToken(loginUser);
 
+        }
 
+    }
 
+    /**
 
+     * 删除用户身份信息
 
+     */
 
+    public void delLoginUser(String token) {
 
+        if (StringUtils.isNotEmpty(token)) {
 
+            String userKey = getTokenKey(token);
 
+            redisCache.deleteObject(userKey);
 
+        }
 
+    }
 
+    /**
 
+     * 创建令牌
 
+     *
 
+     * @param loginUser 用户信息
 
+     * @return 令牌
 
+     */
 
+    public String createToken(AppLoginUser loginUser) {
 
+        String token = IdUtils.fastUUID();
 
+        loginUser.setToken(token);
 
+        setUserAgent(loginUser);
 
+        refreshToken(loginUser);
 
+
 
+        Map<String, Object> claims = new HashMap<>(1);
 
+        claims.put(Constants.APP_LOGIN_USER_KEY, token);
 
+        return createToken(claims);
 
+    }
 
+    /**
 
+     * 验证令牌有效期,相差不足20分钟,自动刷新缓存
 
+     *
 
+     * @param loginUser
 
+     * @return 令牌
 
+     */
 
+    public void verifyToken(AppLoginUser loginUser) {
 
+        long expireTime = loginUser.getExpireTime();
 
+        long currentTime = System.currentTimeMillis();
 
+        if (expireTime - currentTime <= MILLIS_MINUTE_TEN) {
 
+            refreshToken(loginUser);
 
+        }
 
+    }
 
+    /**
 
+     * 刷新令牌有效期
 
+     *
 
+     * @param loginUser 登录信息
 
+     */
 
+    public void refreshToken(AppLoginUser loginUser) {
 
+        loginUser.setLoginTime(System.currentTimeMillis());
 
+        loginUser.setExpireTime(loginUser.getLoginTime() + expireTime * MILLIS_MINUTE);
 
+        // 根据uuid将loginUser缓存
 
+        String userKey = getTokenKey(loginUser.getToken());
 
+        redisCache.setCacheObject(userKey, loginUser, expireTime, TimeUnit.MINUTES);
 
+    }
 
+    /**
 
+     * 设置用户代理信息
 
+     *
 
+     * @param loginUser 登录信息
 
+     */
 
+    public void setUserAgent(AppLoginUser loginUser) {
 
+        UserAgent userAgent = UserAgent.parseUserAgentString(ServletUtils.getRequest().getHeader("User-Agent"));
 
+        String ip = IpUtils.getIpAddr(ServletUtils.getRequest());
 
+        loginUser.setIpaddr(ip);
 
+        loginUser.setLoginLocation(AddressUtils.getRealAddressByIP(ip));
 
+        loginUser.setBrowser(userAgent.getBrowser().getName());
 
+        loginUser.setOs(userAgent.getOperatingSystem().getName());
 
+    }
 
+    /**
 
+     * 从数据声明生成令牌
 
+     *
 
+     * @param claims 数据声明
 
+     * @return 令牌
 
+     */
 
+    private String createToken(Map<String, Object> claims) {
 
+        String token = Jwts.builder()
 
+                .setClaims(claims)
 
+                .signWith(SignatureAlgorithm.HS512, secret).compact();
 
+        return token;
 
+    }
 
+
 
+    /**
 
+     * 从令牌中获取数据声明
 
+     *
 
+     * @param token 令牌
 
+     * @return 数据声明
 
+     */
 
+    private Claims parseToken(String token) {
 
+        return Jwts.parser()
 
+                .setSigningKey(secret)
 
+                .parseClaimsJws(token)
 
+                .getBody();
 
+    }
 
+
 
+    /**
 
+     * 从令牌中获取用户名
 
+     *
 
+     * @param token 令牌
 
+     * @return 用户名
 
+     */
 
+    public String getUsernameFromToken(String token) {
 
+        Claims claims = parseToken(token);
 
+        return claims.getSubject();
 
+    }
 
+
 
+    /**
 
+     * 获取请求token
 
+     *
 
+     * @param request
 
+     * @return token
 
+     */
 
+    private String getToken(HttpServletRequest request) {
 
+        String token = request.getHeader(header);
 
+        if (StringUtils.isNotEmpty(token) && token.startsWith(Constants.TOKEN_PREFIX))
 
+        {
 
+            token = token.replace(Constants.TOKEN_PREFIX, "");
 
+        }
 
+        return token;
 
+    }
 
+
 
+    private String getTokenKey(String uuid) {
 
+        return Constants.APP_LOGIN_TOKEN_KEY + uuid;
 
+    }
 
+}

+ 0 - 20
ruoyi-app/src/main/java/com/ruoyi/app/base/TokenService.java
View File 

@@ -1,20 +0,0 @@
 
-package com.ruoyi.app.base;
 
-
 
-import com.auth0.jwt.JWT;
 
-import com.auth0.jwt.algorithms.Algorithm;
 
-import com.ruoyi.app.domain.TbAppUser;
 
-import org.springframework.stereotype.Service;
 
-
 
-
 
-/**
 
- * @author Alex
 
- */
 
-@Service("TokenService")
 
-public class TokenService {
 
-    public String getToken(TbAppUser user) {
 
-        String token="";
 
-        token= JWT.create().withAudience(user.getId().toString())// 将 user id 保存到 token 里面
 
-                .sign(Algorithm.HMAC256(user.getMobile()));// 以 手机号 作为 token 的密钥
 
-        return token;
 
-    }
 
-}

+ 23 - 9
ruoyi-app/src/main/java/com/ruoyi/app/controller/AppLoginController.java
View File 

@@ -4,12 +4,14 @@ package com.ruoyi.app.controller;
 
 import com.alibaba.fastjson.JSONObject;
 
 import com.alibaba.fastjson.JSONObject;
 
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 
 import com.ruoyi.app.annotation.UserLoginToken;
 
 import com.ruoyi.app.annotation.UserLoginToken;
 
-import com.ruoyi.app.base.TokenService;
 
+import com.ruoyi.app.base.AppLoginUser;
 
+import com.ruoyi.app.base.AppTokenService;
 
 import com.ruoyi.app.domain.TbAppUser;
 
 import com.ruoyi.app.domain.TbAppUser;
 
 import com.ruoyi.app.service.ITbAppUserService;
 
 import com.ruoyi.app.service.ITbAppUserService;
 
 import com.ruoyi.app.util.AliSMSUtil;
 
 import com.ruoyi.app.util.AliSMSUtil;
 
 import com.ruoyi.common.core.domain.AjaxResult;
 
 import com.ruoyi.common.core.domain.AjaxResult;
 
 import com.ruoyi.common.utils.StringUtils;
 
 import com.ruoyi.common.utils.StringUtils;
 
+import io.swagger.annotations.Api;
 
 import io.swagger.annotations.ApiOperation;
 
 import io.swagger.annotations.ApiOperation;
 
 import lombok.RequiredArgsConstructor;
 
 import lombok.RequiredArgsConstructor;
 
 import org.springframework.beans.factory.annotation.Autowired;
 
 import org.springframework.beans.factory.annotation.Autowired;
 
@@ -23,13 +25,14 @@ import java.util.Map;
 
  * @author Alex
 
  * @author Alex
 
  * @date 2020-09-24
 
  * @date 2020-09-24
 
  */
 
  */
 
+@Api(value = "APP登录",tags = "APP登录")
 
 @RequiredArgsConstructor(onConstructor_ = @Autowired)
 
 @RequiredArgsConstructor(onConstructor_ = @Autowired)
 
 @RestController
 
 @RestController
 
 @RequestMapping("/app" )
 
 @RequestMapping("/app" )
 
 public class AppLoginController {
 
 public class AppLoginController {
 
 
 
     @Autowired
 
     @Autowired
 
-    TokenService tokenService;
 
+    AppTokenService tokenService;
 
     @Autowired
 
     @Autowired
 
     private ITbAppUserService userService;
 
     private ITbAppUserService userService;
 
 
 
@@ -45,7 +48,6 @@ public class AppLoginController {
 
         if (StringUtils.isBlank(captcha)){
 
         if (StringUtils.isBlank(captcha)){
 
             return AjaxResult.error("验证码不能为空");
 
             return AjaxResult.error("验证码不能为空");
 
         }
 
         }
 
-        //TODO 短信验证
 
         //手机短信验证
 
         //手机短信验证
 
         boolean ckCaptcha = AliSMSUtil.getInstance().validateSmsCode(mobile, captcha);
 
         boolean ckCaptcha = AliSMSUtil.getInstance().validateSmsCode(mobile, captcha);
 
         if (!ckCaptcha) {
 
         if (!ckCaptcha) {
 
@@ -56,10 +58,12 @@ public class AppLoginController {
 
         TbAppUser userForBase = userService.getOne(new QueryWrapper<TbAppUser>()
 
         TbAppUser userForBase = userService.getOne(new QueryWrapper<TbAppUser>()
 
             .eq("mobile",mobile)
 
             .eq("mobile",mobile)
 
         );
 
         );
 
-        if(userForBase==null){
 
+        if(userForBase == null){
 
             return AjaxResult.error("用户不存在");
 
             return AjaxResult.error("用户不存在");
 
         }
 
         }
 
-        String token = tokenService.getToken(userForBase);
 
+        AppLoginUser loginUser =  new AppLoginUser();
 
+        loginUser.setUser(userForBase);
 
+        String token = tokenService.createToken(loginUser);
 
         jsonObject.put("token", token);
 
         jsonObject.put("token", token);
 
         jsonObject.put("user", userForBase);
 
         jsonObject.put("user", userForBase);
 
         return AjaxResult.success(jsonObject);
 
         return AjaxResult.success(jsonObject);
 
@@ -75,8 +79,21 @@ public class AppLoginController {
 
     @ApiOperation(value = "发送短信验证码", notes = "发送短信验证码")
 
     @ApiOperation(value = "发送短信验证码", notes = "发送短信验证码")
 
     @GetMapping("/captchaSend")
 
     @GetMapping("/captchaSend")
 
     public AjaxResult sendCaptcha(Integer type, String mobile){
 
     public AjaxResult sendCaptcha(Integer type, String mobile){
 
+        TbAppUser user = userService.getOne(new QueryWrapper<TbAppUser>()
 
+                .eq("mobile",mobile)
 
+        );
 
+
 
+        //注册
 
+        if (type == 1){
 
+
 
+        }
 
+
 
+        if(user == null || user.getId() == null){
 
+
 
+            return AjaxResult.error("用户不存在");
 
+        }
 
         Map<String,String> map = AliSMSUtil.getInstance().sendSmsCode(type, mobile);
 
         Map<String,String> map = AliSMSUtil.getInstance().sendSmsCode(type, mobile);
 
-        if(map.get("code").equals("1")) {
 
+        if(map.get("code").equals("200")) {
 
             return AjaxResult.success("发送成功");
 
             return AjaxResult.success("发送成功");
 
         }
 
         }
 
         return AjaxResult.error(map.get("msg"));
 
         return AjaxResult.error(map.get("msg"));
 
@@ -107,9 +124,6 @@ public class AppLoginController {
 
 
 
 
 
 
 
-
 
-
 
-
 
     @UserLoginToken
 
     @UserLoginToken
 
     @GetMapping("/getMessage")
 
     @GetMapping("/getMessage")
 
     public String getMessage(){
 
     public String getMessage(){

+ 16 - 19
ruoyi-app/src/main/java/com/ruoyi/app/util/AliSMSUtil.java
View File 

@@ -34,13 +34,13 @@ public class AliSMSUtil {
 
     //产品域名,开发者无需替换
 
     //产品域名,开发者无需替换
 
     static final String domain = "dysmsapi.aliyuncs.com";
 
     static final String domain = "dysmsapi.aliyuncs.com";
 
 
 
-    // TODO 此处需要替换成开发者自己的AK(在阿里云访问控制台寻找)
 
-    static final String accessKeyId = "LTAIuSBxXqyBNSCG";
 
-    static final String accessKeySecret = "K0QrsoGHQQFNya71vG9tmbjfOBnnFf";
 
+    // 此处需要替换成开发者自己的AK(在阿里云访问控制台寻找 个人头像-AccessKey管理)
 
+    static final String accessKeyId = "LTAI4GGRzVfuY4WwdKeBZ33u";
 
+    static final String accessKeySecret = "B6mwjlgi0OYIFVKhMPR0zzgbr6vkev";
 
 
 
     private static AliSMSUtil INSTANCE;
 
     private static AliSMSUtil INSTANCE;
 
 
 
-    private static String SIGN_NAME = "传承云";
 
+    private static String SIGN_NAME = "华夏生命传承云";
 
 
 
     //单例
 
     //单例
 
     public static AliSMSUtil getInstance(){
 
     public static AliSMSUtil getInstance(){
 
@@ -56,7 +56,7 @@ public class AliSMSUtil {
 
 
 
     /**
 
     /**
 
      * 发送验证码 type类型 1、用户注册;2、登录确认;3、身份验证;4、登录异常;5、修改密码;6、信息变更;phone:电话号码
 
      * 发送验证码 type类型 1、用户注册;2、登录确认;3、身份验证;4、登录异常;5、修改密码;6、信息变更;phone:电话号码
 
-     * @param type 1、用户注册;2、登录确认;3、身份验证;4、登录异常;5、修改密码;6、信息变更;0、通用验证;
 
+     * @param type 1、用户注册;2、登录确认;3、身份验证;4、登录异常;5、修改密码;6、信息变更;
 
      * @param phone 电话号码
 
      * @param phone 电话号码
 
      * @return
 
      * @return
 
      */
 
      */
 
@@ -65,34 +65,31 @@ public class AliSMSUtil {
 
 
 
         String templateCode = "";
 
         String templateCode = "";
 
         switch (type){
 
         switch (type){
 
-            case 0:
 
-                templateCode="SMS_140736533";
 
-                break;
 
             case 1://用户注册
 
             case 1://用户注册
 
-                templateCode="SMS_136825040";
 
+                templateCode="SMS_203800031";
 
                 break;
 
                 break;
 
             case 2://登录确认
 
             case 2://登录确认
 
-                templateCode="SMS_136825042";
 
+                templateCode="SMS_203800033";
 
                 break;
 
                 break;
 
             case 3://身份验证
 
             case 3://身份验证
 
-                templateCode="SMS_136825043";
 
+                templateCode="SMS_203800034";
 
                 break;
 
                 break;
 
             case 4://登录异常
 
             case 4://登录异常
 
-                templateCode="SMS_136825041";
 
+                templateCode="SMS_203800032";
 
                 break;
 
                 break;
 
             case 5://修改密码
 
             case 5://修改密码
 
-                templateCode="SMS_136825039";
 
+                templateCode="SMS_203800030";
 
                 break;
 
                 break;
 
             case 6://信息变更
 
             case 6://信息变更
 
-                templateCode="SMS_136825038";
 
+                templateCode="SMS_203800029";
 
                 break;
 
                 break;
 
             default:
 
             default:
 
                 templateCode="";
 
                 templateCode="";
 
                 break;
 
                 break;
 
         }
 
         }
 
         if (templateCode.equals("")){
 
         if (templateCode.equals("")){
 
-            map.put("code","-1");
 
-            map.put("msg","验证类型不存在");
 
+            map.put("code","500");
 
+            map.put("msg","验证类型不存在");
 
             return map;
 
             return map;
 
         }
 
         }
 
         String code = GetCode(phone);
 
         String code = GetCode(phone);
 
@@ -119,7 +116,7 @@ public class AliSMSUtil {
 
             return false;
 
             return false;
 
         }
 
         }
 
         //时间超时了
 
         //时间超时了
 
-        if((CodeMapTime.get(phone).longValue()+EXPIRATIONTIME) < new Date().getTime()){
 
+        if((CodeMapTime.get(phone).longValue()+EXPIRATIONTIME) < System.currentTimeMillis()){
 
             CodeMap.remove(phone);
 
             CodeMap.remove(phone);
 
             CodeMapTime.remove(phone);
 
             CodeMapTime.remove(phone);
 
             return false;
 
             return false;
 
@@ -209,7 +206,7 @@ public class AliSMSUtil {
 
     private  String GetCode(String phone){
 
     private  String GetCode(String phone){
 
         String key = GetNum();
 
         String key = GetNum();
 
         CodeMap.put(phone,key);
 
         CodeMap.put(phone,key);
 
-        CodeMapTime.put(phone,new Date().getTime());
 
+        CodeMapTime.put(phone,System.currentTimeMillis());
 
         return key;
 
         return key;
 
     }
 
     }
 
 
 
@@ -236,7 +233,7 @@ public class AliSMSUtil {
 
             public void run() {
 
             public void run() {
 
                 try {
 
                 try {
 
                     if (CodeMapTime.size() > 0) {
 
                     if (CodeMapTime.size() > 0) {
 
-                        long nd = new Date().getTime();//获取系统时间
 
+                        long nd = System.currentTimeMillis();//获取系统时间
 
                         Iterator<Map.Entry<String, Long>> entries = CodeMapTime.entrySet().iterator();
 
                         Iterator<Map.Entry<String, Long>> entries = CodeMapTime.entrySet().iterator();
 
                         while (entries.hasNext()) {
 
                         while (entries.hasNext()) {
 
                             Map.Entry<String, Object> entry = (Map.Entry) entries.next();
 
                             Map.Entry<String, Object> entry = (Map.Entry) entries.next();

+ 1 - 1
ruoyi-app/src/main/resources/application.yml
View File 

@@ -66,7 +66,7 @@ token:
 
     # 令牌自定义标识
 
     # 令牌自定义标识
 
     header: token
 
     header: token
 
     # 令牌密钥
 
     # 令牌密钥
 
-    secret: abcdefghijklmnopqrstuvwxyz
 
+    secret: abcdefghijklmnopqrstuvwxyz1234567890
 
     # 令牌有效期(默认10080分钟=7天)
 
     # 令牌有效期(默认10080分钟=7天)
 
     expireTime: 10080
 
     expireTime: 10080

+ 8 - 0
ruoyi-common/src/main/java/com/ruoyi/common/constant/Constants.java
View File 

@@ -61,6 +61,10 @@ public class Constants
 
      * 登录用户 redis key
 
      * 登录用户 redis key
 
      */
 
      */
 
     public static final String LOGIN_TOKEN_KEY = "login_tokens:";
 
     public static final String LOGIN_TOKEN_KEY = "login_tokens:";
 
+    /**
 
+     * App登录用户 redis key
 
+     */
 
+    public static final String APP_LOGIN_TOKEN_KEY = "app_login_tokens:";
 
 
 
     /**
 
     /**
 
      * 防重提交 redis key
 
      * 防重提交 redis key
 
@@ -86,6 +90,10 @@ public class Constants
 
      * 令牌前缀
 
      * 令牌前缀
 
      */
 
      */
 
     public static final String LOGIN_USER_KEY = "login_user_key";
 
     public static final String LOGIN_USER_KEY = "login_user_key";
 
+    /**
 
+     * 令牌前缀
 
+     */
 
+    public static final String APP_LOGIN_USER_KEY = "app_login_user_key";
 
 
 
     /**
 
     /**
 
      * 用户ID
 
      * 用户ID

+ 3 - 0
ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
View File 

@@ -114,6 +114,9 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter
 
                 .antMatchers("/*/api-docs").anonymous()
 
                 .antMatchers("/*/api-docs").anonymous()
 
                 .antMatchers("/druid/**").anonymous()
 
                 .antMatchers("/druid/**").anonymous()
 
                 .antMatchers("/template/**").anonymous()
 
                 .antMatchers("/template/**").anonymous()
 
+                .antMatchers("/app/login").anonymous()
 
+                .antMatchers("/app/captchaSend").anonymous()
 
+                .antMatchers("/app/captchaValidate").anonymous()
 
                 // 除上面外的所有请求全部需要鉴权认证
 
                 // 除上面外的所有请求全部需要鉴权认证
 
                 .anyRequest().authenticated()
 
                 .anyRequest().authenticated()
 
                 .and()
 
                 .and()