本次更新引入的spring-security用于对前台会员进行登录控制，后台管理仍使用shiro框架，前后台独立登录，不会出现挤掉另一端的BUG

spring-security已与JWT进行了完美的整合（不得不说spring家族的框架比shiro要好处理的太多了）
数据库更新，对前台会员表进行了更新，引入了spring-security最新的密码验证机制BCryptPasswordEncoder，使用随机密钥方式，移除了原有的密码盐方式
修复上次提交时pom文件打包的错误
修复部署文件

Author: geekcattle

README.md

@@ -1,4 +1,30 @@
-##更新记录
+***
+
+# Geek-Framework 微服务快速开发脚手架
+
+### 平台简介
+
+Geek-Framework是基于多个优秀的开源项目，高度整合封装而成的高效，高性能，强安全性的**开源**Java微服务快速开发框架。
+
+Geek-Framework是在SpringBoot基础上搭建的一个Java基础开发框架，以Spring MVC为模型视图控制器，MyBatis为数据访问层，
+Apache Shiro和Spring-Security为权限授权层，Ehcahe、redis或**j2cache**进行缓存。
+
+Geek-Framework主要定位于微应用的开发，已内置后台系统的基础功能，用户管理、角色管理、权限管理、会员管理、日志管理等；前台已经实现用户登录，注册等基础功能。
+同时前后台会员实现分表管理，可扩展多角色系统、多权限系统。
+采用分层设计、双重验证、提交数据安全编码、密码加密、访问验证、数据权限验证。
+使用Maven做项目管理，提高项目的易开发性、扩展性。
+
+
+###更新日期2018-06-20
+本次更新主要解决了前后台不能在同一浏览器登录的问题
+* 本次更新引入的spring-security用于对前台会员进行登录控制，后台管理仍使用shiro框架，前后台独立登录，不会出现挤掉另一端的BUG
+* spring-security已与JWT进行了完美的整合（不得不说spring家族的框架比shiro要好处理的太多了）
+* 数据库更新，对前台会员表进行了更新，引入了spring-security最新的密码验证机制BCryptPasswordEncoder，使用随机密钥方式，移除了原有的密码盐方式
+* 文件目录结构进行了优化调整
+* 数据库备份文件至data/geekcattle.sql
+* 修复上次提交时pom文件打包的错误
+* 修复部署文件
+
 
 ###更新日期2018-06-14
 更新说明：SpringBootAdmin已正式更名为Geek-Framework
@@ -28,23 +54,6 @@ PS:现有代码中有J2Cache的源代码，原因是因为发现了一个J2Cache
 
 * 优化已知BUG
 
-
-***
-
-# Geek-Framework 微服务快速开发脚手架
-
-## 平台简介
-
-Geek-Framework是基于多个优秀的开源项目，高度整合封装而成的高效，高性能，强安全性的**开源**Java微服务快速开发框架。
-
-Geek-Framework是在SpringBoot基础上搭建的一个Java基础开发框架，以Spring MVC为模型视图控制器，MyBatis为数据访问层，
-Apache Shiro为权限授权层，Ehcahe、redis或**j2cache**进行缓存。
-
-Geek-Framework主要定位于微应用的开发，已内置后台系统的基础功能，用户管理、角色管理、权限管理、会员管理、日志管理等；前台已经实现用户登录，注册等基础功能。
-同时前后台会员实现分表管理，可扩展多角色系统、多权限系统。
-采用分层设计、双重验证、提交数据安全编码、密码加密、访问验证、数据权限验证。
-使用Maven做项目管理，提高项目的易开发性、扩展性。
-
 ## 内置功能
 
 1.	管理员管理：管理员是系统操作者，该功能主要完成系统管理员相关配置和角色授权。
@@ -59,7 +68,7 @@ Geek-Framework主要定位于微应用的开发，已内置后台系统的基础
 
 * 核心框架：SpringBoot 2.0.2.RELEASE
 * 集成运行框架：Tomcat 8.5.31
-* 安全框架：Apache Shiro 1.4
+* 安全框架：Apache Shiro 1.4 Spring-Security 5.0.5
 * 视图框架：Spring MVC 5.0.6
 * 服务端验证：Hibernate Validator 6.0.9
 * 布局框架：Thymeleaf 3.0.9
@@ -97,15 +106,16 @@ Geek-Framework主要定位于微应用的开发，已内置后台系统的基础
 5. 密码加密：登录用户密码进行SHA1散列加密，此加密方法是不可逆的。保证密文泄露后的安全问题。
 6. 强制访问：系统对所有管理端链接都进行用户身份权限验证，防止用户直接填写url进行访问。
 
-## 演示地址
+## 账号信息
 
-* <http://www.geekcattle.com/>  &nbsp; 用户名：admin  密码：admin 
+* 后台账号密码：admin ---- admin 
+* 前台账号密码：guest ---- hao123
 
 PS：测试数据库会不定期恢复。
 
 ## 快速体验
 
-1. 具备运行环境：JDK1.7+、Maven3.0+、MySql5+。
+1. 具备运行环境：JDK1.8+、Maven3.0+、MySql5+。
 2. 修改src\main\resources\application.properties、application-dev.properties、application-pro.properties文件中的数据库设置参数(application-dev.properties为开发环境的相应参数，application-pro.properties为部署环境的相应参数)。
 3. 根据修改参数创建对应MySql数据库用户和参数。
 4. 运行mvn package脚本，即可创建项目jar文件，同时也可以通过java -jar *.jar 即可本地预览

check.sh

@@ -1,5 +1,5 @@
 #!/bin/sh
-APP_NAME=spring-boot-admin
+APP_NAME=geek-framework
 
 tpid=`ps -ef|grep $APP_NAME|grep -v grep|grep -v kill|awk '{print $2}'`
 if [ ${tpid} ]; then

data/geekcattle.sql

@@ -21,15 +21,15 @@
 
 ##3、获取token
 
-    登录地址 /api/oauth/token，此处登录验证与用户realm有关，可根据业务需要进行更改
-    登录成功之后通过jwtUtil.createJWT生成token信息（用户身份信息，过期时间等可自行增加），将token返回给客户端，客户端存储该token
+    登录地址 /member/login
+    登录成功之后在AjaxAuthSuccessHandler通过jwtUtil生成token信息（用户身份信息，过期时间等可自行增加），将token返回给客户端，客户端存储该token
 
 ##4、客户端增加token
 
     客户端请求时在header里面添加authorization选项，值为Bearer+空格+token（可用postman进行测试）
 
 ##5、验证token
 
-    token验证是通过filter完成的，filter验证成功之后将解析出的用户信息通过shiro的token功能进行登录，更方便的调用用户信息
+    token验证是通过JwtAuthenticationFilter完成的，验证成功之后将解析出的用户信息提交给spring-security进行处理登录，以方便在后续的操作中使用
 
         

jwt使用.md

@@ -2,8 +2,8 @@
          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
     <modelVersion>4.0.0</modelVersion>
     <groupId>com.geekcattle</groupId>
-    <artifactId>geek-framwork</artifactId>
-    <packaging>pom</packaging>
+    <artifactId>geek-framework</artifactId>
+    <packaging>jar</packaging>
     <version>2.0-SNAPSHOT</version>
     <name>Geek-Framework</name>
     <url>http://www.geekcattle.com</url>
@@ -36,6 +36,8 @@
         <mysql.version>5.1.29</mysql.version>
         <jackson.version>2.8.5</jackson.version>
         <servlet.version>3.0.1</servlet.version>
+
+        <springfox-version>2.7.0</springfox-version>
     </properties>
 
     <dependencies>
@@ -66,8 +68,6 @@
             <artifactId>spring-boot-starter-thymeleaf</artifactId>
         </dependency>
 
-
-
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-test</artifactId>
@@ -78,11 +78,28 @@
             <artifactId>spring-boot-starter-data-redis</artifactId>
         </dependency>
 
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-security</artifactId>
+        </dependency>
+
         <dependency>
             <groupId>org.springframework</groupId>
             <artifactId>spring-context-support</artifactId>
         </dependency>
 
+        <!--SpringFox dependencies -->
+        <dependency>
+            <groupId>io.springfox</groupId>
+            <artifactId>springfox-swagger2</artifactId>
+            <version>${springfox-version}</version>
+        </dependency>
+        <dependency>
+            <groupId>io.springfox</groupId>
+            <artifactId>springfox-swagger-ui</artifactId>
+            <version>${springfox-version}</version>
+        </dependency>
+
         <!-- shiro spring. -->
         <dependency>
             <groupId>org.apache.shiro</groupId>
@@ -224,7 +241,7 @@
                     <dependency>
                         <groupId>org.springframework</groupId>
                         <artifactId>springloaded</artifactId>
-                        <version>1.2.5.RELEASE</version>
+                        <version>1.2.8.RELEASE</version>
                     </dependency>
                 </dependencies>
                 <configuration>

pom.xml

@@ -1,5 +1,5 @@
 #!/bin/sh
-APP_NAME=spring-boot-admin
+APP_NAME=geek-framework
 
 tpid=`ps -ef|grep $APP_NAME|grep -v grep|grep -v kill|awk '{print $2}'`
 if [ ${tpid} ]; then

shutdown.sh

@@ -6,12 +6,13 @@
 
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.boot.web.servlet.support.SpringBootServletInitializer;
 import org.springframework.transaction.annotation.EnableTransactionManagement;
 import org.springframework.web.servlet.config.annotation.EnableWebMvc;
 
-@EnableTransactionManagement // 启注解事务管理
 @SpringBootApplication//SpringBoot启动核心
+@EnableConfigurationProperties
 public class Application {
     //启动文件
     public static void main(String[] args){

src/main/java/com/geekcattle/Application.java

@@ -1,5 +1,6 @@
 package com.geekcattle.controller.api;
 
+import com.geekcattle.core.utils.SecurityUtil;
 import com.geekcattle.mapper.member.MemberMapper;
 import com.geekcattle.model.member.Member;
 import com.geekcattle.util.ReturnUtil;
@@ -9,6 +10,7 @@
 import org.apache.shiro.subject.Subject;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.security.core.userdetails.User;
 import org.springframework.ui.ModelMap;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
@@ -23,17 +25,11 @@ public class ApiMemberController {
 
     protected  Logger logger = LoggerFactory.getLogger(this.getClass());
 
-    @Resource
-    private MemberMapper memberMapper;
-
-
     @RequestMapping(value = "/index", method = RequestMethod.GET)
     public ModelMap index(){
-        Subject subject = SecurityUtils.getSubject();
-        if(subject.isAuthenticated()){
-            PrincipalCollection principals = subject.getPrincipals();
-            Member member = (Member) principals.getPrimaryPrincipal();
-            return ReturnUtil.Success("获取用户信息成功", member);
+        if(SecurityUtil.isLogin()){
+            User user = SecurityUtil.getFontUserInfo();
+            return ReturnUtil.Success("获取用户信息成功", user);
         }else{
             return ReturnUtil.Error("用户不存在");
         }

src/main/java/com/geekcattle/controller/api/ApiMemberController.java

@@ -4,13 +4,13 @@
 
 package com.geekcattle.controller.console;
 
-import com.geekcattle.core.shiro.AdminShiroUtil;
+import com.geekcattle.core.utils.ShiroUtil;
 import com.geekcattle.model.console.Admin;
 import com.geekcattle.model.console.Menu;
 import com.geekcattle.model.console.Role;
 import com.geekcattle.service.console.*;
 import com.geekcattle.util.ReturnUtil;
-import com.geekcattle.util.console.MenuTreeUtil;
+import com.geekcattle.model.console.MenuTree;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -43,7 +43,7 @@ public class MainController {
 
     @RequestMapping(value = "/index", method = {RequestMethod.GET})
     public String index(Model model) {
-        Admin admin = AdminShiroUtil.getUserInfo();
+        Admin admin = ShiroUtil.getUserInfo();
         List<Menu> treeGridList = this.getMenu(admin);
         model.addAttribute("admin", admin);
         model.addAttribute("menuLists", treeGridList);
@@ -54,7 +54,7 @@ public String index(Model model) {
     @ResponseBody
     public ModelMap wapper() {
         try {
-            Admin admin = AdminShiroUtil.getUserInfo();
+            Admin admin = ShiroUtil.getUserInfo();
             List<Menu> treeGridList = this.getMenu(admin);
             ModelMap mp = new ModelMap();
             mp.put("admin", admin);
@@ -73,7 +73,7 @@ private List<Menu> getMenu(Admin admin) {
         }else{
             menuLists = menuService.selectMenuByAdminId(admin.getUid());
         }
-        MenuTreeUtil menuTreeUtil = new MenuTreeUtil(menuLists,null);
+        MenuTree menuTreeUtil = new MenuTree(menuLists,null);
         return menuTreeUtil.buildTreeGrid();
     }
 

src/main/java/com/geekcattle/controller/api/ApiPublicController.java

@@ -4,21 +4,15 @@
 
 package com.geekcattle.controller.console;
 
-import com.geekcattle.model.console.Admin;
-import com.geekcattle.model.console.AdminRole;
 import com.geekcattle.model.console.Menu;
-import com.geekcattle.model.console.Role;
 import com.geekcattle.service.console.*;
 import com.geekcattle.util.DateUtil;
-import com.geekcattle.util.PasswordUtil;
 import com.geekcattle.util.ReturnUtil;
 import com.geekcattle.util.UuidUtil;
-import com.geekcattle.util.console.MenuTreeUtil;
-import com.github.pagehelper.PageInfo;
+import com.geekcattle.model.console.MenuTree;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.shiro.authz.annotation.RequiresAuthentication;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
-import org.apache.shiro.crypto.SecureRandomNumberGenerator;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -69,7 +63,7 @@ public String index(Model model) {
     public ModelMap list() {
         ModelMap map = new ModelMap();
         List<Menu> List = menuService.getMenuAll();
-        MenuTreeUtil menuTreeUtil = new MenuTreeUtil(List, null);
+        MenuTree menuTreeUtil = new MenuTree(List, null);
         List<Menu> treeGridList = menuTreeUtil.buildTreeGrid();
         map.put("treeList", treeGridList);
         map.put("total", List.size());

src/main/java/com/geekcattle/controller/console/MainController.java

@@ -6,6 +6,7 @@
 
 import com.geekcattle.core.LoginEnum;
 import com.geekcattle.core.shiro.CustomerAuthenticationToken;
+import com.geekcattle.core.utils.ShiroUtil;
 import com.geekcattle.model.valid.ValidAdmin;
 import com.geekcattle.service.console.LogService;
 import com.geekcattle.util.IpUtil;
@@ -36,13 +37,8 @@ public class PublicController {
 
     @RequestMapping(value="/login", method=RequestMethod.GET)
     public String loginForm(){
-        try {
-            Boolean isAuth = SecurityUtils.getSubject().isAuthenticated();
-            if(isAuth){
-                return "redirect:/console/index";
-            }
-        }catch (Exception e){
-            e.printStackTrace();
+        if(ShiroUtil.isLogin()){
+            return "redirect:/console/index";
         }
         return "console/login";
     }
@@ -105,10 +101,4 @@ public String logout(RedirectAttributes redirectAttributes ){
         return "redirect:/console/login";
     }
 
-    @RequestMapping("/403")
-    public String unauthorizedRole(){
-        logger.info("------没有权限-------");
-        return "403";
-    }
-
 }

src/main/java/com/geekcattle/controller/console/MenuController.java

@@ -12,7 +12,7 @@
 import com.geekcattle.util.DateUtil;
 import com.geekcattle.util.ReturnUtil;
 import com.geekcattle.util.UuidUtil;
-import com.geekcattle.util.console.MenuTreeUtil;
+import com.geekcattle.model.console.MenuTree;
 import com.github.pagehelper.PageInfo;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
@@ -145,7 +145,7 @@ public ModelMap comboTree(String id) {
         RoleMenu roleMenu = new RoleMenu();
         roleMenu.setRoleId(id);
         List<RoleMenu> roleMenuLists = roleMenuService.getRoleList(roleMenu);
-        MenuTreeUtil menuTreeUtil = new MenuTreeUtil(menuLists, roleMenuLists);
+        MenuTree menuTreeUtil = new MenuTree(menuLists, roleMenuLists);
         List<Map<String, Object>> mapList = menuTreeUtil.buildTree();
         return ReturnUtil.Success(null, mapList, null);
     }

src/main/java/com/geekcattle/controller/console/PublicController.java

@@ -4,22 +4,17 @@
 
 package com.geekcattle.controller.member;
 
-import com.geekcattle.model.member.Member;
-import org.apache.shiro.SecurityUtils;
-import org.apache.shiro.cache.Cache;
-import org.apache.shiro.subject.PrincipalCollection;
-import org.apache.shiro.subject.Subject;
+import com.geekcattle.core.utils.SecurityUtil;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.security.core.context.SecurityContext;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.User;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 
-import java.util.Collection;
-import java.util.concurrent.ConcurrentHashMap;
-import java.util.concurrent.ConcurrentMap;
-
 
 /**
  * author geekcattle
@@ -31,38 +26,19 @@ public class HomeController {
 
     protected Logger logger = LoggerFactory.getLogger(this.getClass());
 
-    private ConcurrentMap<String, Cache> caches;
-
-    public HomeController() {
-        this.caches = new ConcurrentHashMap<String, Cache>();
+    @RequestMapping
+    public String empty(){
+        return "redirect:/member/index";
     }
 
     @RequestMapping("/index")
     public String index(Model model){
-        Subject subject = SecurityUtils.getSubject();
-        PrincipalCollection principals = subject.getPrincipals();
-        Member member = (Member) principals.getPrimaryPrincipal();
-        String account = member.getAccount();
-        model.addAttribute("account", account);
-
-
-        Collection<Cache> values = caches.values();
-        StringBuilder sb = new StringBuilder(getClass().getSimpleName())
-                .append(" with ")
-                .append(caches.size())
-                .append(" cache(s)): [");
-        int i = 0;
-        for (Cache cache : values) {
-            if (i > 0) {
-                sb.append(", ");
-            }
-            sb.append(cache.toString());
-            i++;
+        String account = "";
+        if(SecurityUtil.isLogin()){
+            User user = SecurityUtil.getFontUserInfo();
+            account = user.getUsername();
         }
-        sb.append("]");
-
-        System.out.println(sb.toString());
-
+        model.addAttribute("account", account);
         return "member/home";
     }
 
@@ -72,13 +48,9 @@ public String index(Model model){
      */
     @RequestMapping(value = "/login", method = RequestMethod.GET)
     public String login(){
-        try {
-            Boolean isAuth = SecurityUtils.getSubject().isAuthenticated();
-            if(isAuth){
-                return "redirect:/member/index";
-            }
-        }catch (Exception e){
-            e.printStackTrace();
+        SecurityContext securityContext = SecurityContextHolder.getContext();
+        if(SecurityUtil.isLogin()){
+            return "redirect:/member/index";
         }
         return "member/login";
     }
@@ -89,13 +61,9 @@ public String login(){
      */
     @RequestMapping(value = "/reg", method = RequestMethod.GET)
     public String reg(){
-        try {
-            Boolean isAuth = SecurityUtils.getSubject().isAuthenticated();
-            if(isAuth){
-                return "redirect:/member/index";
-            }
-        }catch (Exception e){
-            e.printStackTrace();
+        SecurityContext securityContext = SecurityUtil.getContext();
+        if(SecurityUtil.isLogin()){
+            return "redirect:/member/index";
         }
         return "member/reg";
     }

src/main/java/com/geekcattle/controller/console/RoleController.java

@@ -22,6 +22,7 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.ui.ModelMap;
 import org.springframework.validation.BindingResult;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -45,57 +46,6 @@ public class MemberController {
     @Autowired
     private MemberService memberService;
 
-    /**
-     * 处理注册操作
-     *
-     * @param validMember
-     * @param bindingResult
-     * @param redirectAttributes
-     * @return string
-     */
-    @RequestMapping(value = "/login", method = RequestMethod.POST)
-    public ModelMap doLogin(@Valid ValidMember validMember, BindingResult bindingResult, RedirectAttributes redirectAttributes) {
-        if (bindingResult.hasErrors()) {
-            return ReturnUtil.Error("用户名或密码为空", null, null);
-        }
-        String username = validMember.getAccount();
-        CustomerAuthenticationToken token = new CustomerAuthenticationToken(validMember.getAccount(), validMember.getPassword(), false);
-        token.setLoginType(LoginEnum.CUSTOMER.toString());
-        //获取当前的Subject
-        Subject currentUser = SecurityUtils.getSubject();
-        try {
-            logger.info("对用户[" + username + "]进行登录验证..验证开始");
-            currentUser.login(token);
-            logger.info("对用户[" + username + "]进行登录验证..验证通过");
-        } catch (UnknownAccountException uae) {
-            logger.info("对用户[" + username + "]进行登录验证..验证未通过,未知账户");
-            redirectAttributes.addFlashAttribute("message", "未知账户");
-        } catch (IncorrectCredentialsException ice) {
-            logger.info("对用户[" + username + "]进行登录验证..验证未通过,错误的凭证");
-            redirectAttributes.addFlashAttribute("message", "密码不正确");
-        } catch (LockedAccountException lae) {
-            logger.info("对用户[" + username + "]进行登录验证..验证未通过,账户已锁定");
-            redirectAttributes.addFlashAttribute("message", "账户已锁定");
-        } catch (ExcessiveAttemptsException eae) {
-            logger.info("对用户[" + username + "]进行登录验证..验证未通过,错误次数过多");
-            redirectAttributes.addFlashAttribute("message", "用户名或密码错误次数过多");
-        } catch (AuthenticationException ae) {
-            logger.info("对用户[" + username + "]进行登录验证..验证未通过,堆栈轨迹如下");
-            ae.printStackTrace();
-            redirectAttributes.addFlashAttribute("message", "用户名或密码不正确");
-        }
-        //验证是否登录成功
-        if (currentUser.isAuthenticated()) {
-            Session session = currentUser.getSession();
-            session.setAttribute("loginType", LoginEnum.CUSTOMER.toString());
-            logger.info("前台用户[" + username + "]登录认证通过");
-            return ReturnUtil.Success("登录成功");
-        } else {
-            token.clear();
-            return ReturnUtil.Error("登录失败", null, null);
-        }
-    }
-
     /**
      * 处理登录操作
      *
@@ -120,9 +70,8 @@ public ModelMap doReg(@Valid Member member, BindingResult bindingResult) {
             }
             String Id = UuidUtil.getUUID();
             member.setUid(Id);
-            String salt = new SecureRandomNumberGenerator().nextBytes().toHex();
-            member.setSalt(salt);
-            String password = PasswordUtil.createCustomPwd(member.getPassword(), member.getSalt());
+            BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
+            String password = passwordEncoder.encode(member.getPassword());
             member.setPassword(password);
             member.setState(1);
             member.setCreatedAt(DateUtil.getCurrentTime());

src/main/java/com/geekcattle/controller/member/HomeController.java

@@ -0,0 +1,33 @@
+package com.geekcattle.core.security;
+
+import com.geekcattle.util.JsonUtil;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+
+public class AjaxAuthFailHandler extends SimpleUrlAuthenticationFailureHandler {
+
+    @Override
+    public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException {
+        if(isAjaxRequest(request)){
+            response.setStatus(HttpServletResponse.SC_OK);
+            response.setContentType("text/json;charset=utf-8");
+            Map<String,Object> mp = new HashMap<String, Object>();
+            response.getWriter().print(JsonUtil.toJsonError("登录失败",exception.getMessage()));
+            response.getWriter().flush();
+        }else{
+            super.onAuthenticationFailure(request, response, exception);
+        }
+    }
+
+    public static boolean isAjaxRequest(HttpServletRequest request) {
+        String ajaxFlag = request.getHeader("X-Requested-With");
+        return ajaxFlag != null && "XMLHttpRequest".equals(ajaxFlag);
+    }
+}

src/main/java/com/geekcattle/controller/member/MemberController.java

@@ -0,0 +1,48 @@
+package com.geekcattle.core.security;
+
+import com.geekcattle.core.security.jwt.JwtUtil;
+import com.geekcattle.util.JsonUtil;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+
+public class AjaxAuthSuccessHandler extends SimpleUrlAuthenticationSuccessHandler {
+
+    @Autowired
+    private JwtUtil jwtUtil;
+
+    public AjaxAuthSuccessHandler(JwtUtil jwtUtil){
+        this.jwtUtil = jwtUtil;
+    }
+
+    @Override
+    public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
+        if(isAjaxRequest(request)) {
+            response.setStatus(HttpServletResponse.SC_OK);
+            response.setContentType("application/json;charset=utf-8");
+            CustomUser user = (CustomUser) authentication.getPrincipal();
+            String accessToken = jwtUtil.generateAccessToken(user);
+            String refreshToken = jwtUtil.generateRefreshToken(user);
+            Map<String,Object> mp = new HashMap<String, Object>();
+            mp.put("access_token", accessToken);
+            mp.put("refresh_token", refreshToken);
+            response.getWriter().print(JsonUtil.toJsonSuccess("登录成功",mp));
+            response.getWriter().flush();
+        }else{
+            super.onAuthenticationSuccess(request, response, authentication);
+        }
+    }
+
+    public static boolean isAjaxRequest(HttpServletRequest request) {
+        String ajaxFlag = request.getHeader("X-Requested-With");
+        return ajaxFlag != null && "XMLHttpRequest".equals(ajaxFlag);
+    }
+}

src/main/java/com/geekcattle/core/filter/JwtFilter.java

@@ -0,0 +1,30 @@
+package com.geekcattle.core.security;
+
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.userdetails.User;
+
+import java.util.Collection;
+
+public class CustomUser extends User {
+
+    private String uid;
+
+
+
+    public CustomUser(String uid, String username, String password, Collection<? extends GrantedAuthority> authorities) {
+        this(uid,username, password, true, true, true, true, authorities);
+    }
+
+    public CustomUser(String uid, String username, String password, boolean enabled, boolean accountNonExpired, boolean credentialsNonExpired, boolean accountNonLocked, Collection<? extends GrantedAuthority> authorities) {
+        super(username, password, enabled, accountNonExpired, credentialsNonExpired, accountNonLocked, authorities);
+        this.uid = uid;
+    }
+
+    public String getUid() {
+        return uid;
+    }
+
+    public void setUid(String uid) {
+        this.uid = uid;
+    }
+}

src/main/java/com/geekcattle/core/jwt/JwtShiroRealm.java

@@ -0,0 +1,27 @@
+package com.geekcattle.core.security;
+
+import com.geekcattle.model.member.Member;
+import com.geekcattle.service.member.MemberService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.stereotype.Component;
+
+@Component
+public class CustomUserDetailsService implements UserDetailsService {
+
+    @Autowired
+    private MemberService memberService;
+
+    @Override
+    public UserDetails loadUserByUsername(String userName) throws UsernameNotFoundException {
+
+        Member member = memberService.findByUsername(userName);
+        if(member == null){
+            throw new UsernameNotFoundException("userName" + userName+"not found");
+        }
+
+        return new CustomUser(member.getUid(),  member.getAccount(),    member.getPassword(),   member.getAuthorities());
+    }
+}

src/main/java/com/geekcattle/core/security/AjaxAuthFailHandler.java

@@ -0,0 +1,91 @@
+package com.geekcattle.core.security;
+
+import com.geekcattle.core.security.jwt.JwtAuthenticationFilter;
+import com.geekcattle.core.security.jwt.JwtUtil;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.builders.WebSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+import org.springframework.security.web.firewall.HttpFirewall;
+import org.springframework.security.web.firewall.StrictHttpFirewall;
+
+import javax.annotation.Resource;
+
+@Configuration
+@EnableWebSecurity
+@EnableGlobalMethodSecurity(prePostEnabled = true)//开启security注解
+public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
+
+    @Resource
+    private CustomUserDetailsService userDetailsService;
+
+    @Autowired
+    private JwtUtil jwtUtil;
+
+    @Override
+    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+        auth.userDetailsService(userDetailsService).passwordEncoder(new BCryptPasswordEncoder());
+    }
+
+    /**
+     * 配置WebSecurity配置
+     * @param web
+     * @throws Exception
+     */
+    @Override
+    public void configure(WebSecurity web) throws Exception {
+        super.configure(web);
+        web.httpFirewall(allowUrlEncodedSlashHttpFirewall());
+    }
+
+    /**
+     * 开启防火墙对URL分号的处理
+     * @return
+     */
+    @Bean
+    public HttpFirewall allowUrlEncodedSlashHttpFirewall() {
+        StrictHttpFirewall firewall = new StrictHttpFirewall();
+        firewall.setAllowSemicolon(true);
+        return firewall;
+    }
+
+    /**
+     * 配置访问策略
+     * @param http
+     * @throws Exception
+     */
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http.authorizeRequests()
+                //注册端口开启
+                .antMatchers("/member/reg","/api/**").permitAll()
+                //会员中心的相关操作必需登录才可访问
+                .antMatchers("/member/**","/api/member/**").authenticated()
+                //浏览器报错  x-frame-options deny 的错误
+                .and().headers().frameOptions().disable()
+                //登录页面设置
+                .and().formLogin().loginPage("/member/login").defaultSuccessUrl("/member/index").failureUrl("/member/login?error").usernameParameter("account").passwordParameter("password")
+                .successHandler(new AjaxAuthSuccessHandler(jwtUtil)).failureHandler(new AjaxAuthFailHandler()).permitAll()
+                //退出操作设置
+                .and().logout().logoutUrl("/member/logout").logoutSuccessUrl("/").permitAll();
+        http.addFilterBefore(jwtAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);
+        //关闭csrf 防止循环定向
+        http.csrf().disable();
+    }
+
+
+    @Bean
+    public JwtAuthenticationFilter jwtAuthenticationFilter(){
+        return new JwtAuthenticationFilter();
+    }
+
+
+
+}

src/main/java/com/geekcattle/core/security/AjaxAuthSuccessHandler.java

@@ -1,4 +1,4 @@
-package com.geekcattle.core.jwt;
+package com.geekcattle.core.security.jwt;
 
 public class AccessToken {
 

src/main/java/com/geekcattle/core/security/CustomUser.java

@@ -0,0 +1,58 @@
+package com.geekcattle.core.security.jwt;
+
+import com.geekcattle.core.security.CustomUser;
+import com.geekcattle.core.security.CustomUserDetailsService;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import javax.servlet.*;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+public class JwtAuthenticationFilter extends OncePerRequestFilter {
+
+    private Logger logger = LoggerFactory.getLogger(this.getClass());
+
+    @Autowired
+    private CustomUserDetailsService userDetailsService;
+
+    @Autowired
+    private JwtConfig jwtConfig;
+
+    @Autowired
+    private JwtUtil jwtUtil;
+
+    @Override
+    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
+        String authHeader = request.getHeader(jwtConfig.getJwtHeader());
+        if (authHeader != null && authHeader.startsWith(jwtConfig.getTokenHead())) {
+            final String authToken = authHeader.substring(jwtConfig.getTokenHead().length());
+            String username = jwtUtil.getUsernameFromToken(authToken);
+
+            logger.info("checking authentication " + username);
+
+            if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) {
+
+                CustomUser userDetails = (CustomUser)this.userDetailsService.loadUserByUsername(username);
+
+                if (jwtUtil.validateToken(authToken, userDetails)) {
+                    UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(
+                            userDetails, null, userDetails.getAuthorities());
+                    authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(
+                            request));
+                    logger.info("authenticated user " + username + ", setting security context");
+                    SecurityContextHolder.getContext().setAuthentication(authentication);
+                }
+            }
+        }
+
+        filterChain.doFilter(request, response);
+    }
+}

src/main/java/com/geekcattle/core/security/CustomUserDetailsService.java

@@ -1,4 +1,4 @@
-package com.geekcattle.core.jwt;
+package com.geekcattle.core.security.jwt;
 
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Component;

src/main/java/com/geekcattle/core/security/WebSecurityConfig.java

@@ -1,22 +1,20 @@
-package com.geekcattle.core.jwt;
+package com.geekcattle.core.security.jwt;
 
+import com.geekcattle.core.security.CustomUser;
 import com.geekcattle.model.member.Member;
 import com.geekcattle.util.JsonUtil;
 import com.geekcattle.util.UuidUtil;
 import io.jsonwebtoken.Claims;
-import io.jsonwebtoken.JwtBuilder;
 import io.jsonwebtoken.Jwts;
 import io.jsonwebtoken.SignatureAlgorithm;
 import io.jsonwebtoken.impl.compression.CompressionCodecs;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.core.userdetails.User;
 import org.springframework.stereotype.Component;
 
 
-import javax.crypto.spec.SecretKeySpec;
-import javax.xml.bind.DatatypeConverter;
-import java.security.Key;
 import java.util.Date;
 import java.util.HashMap;
 import java.util.Map;
@@ -38,36 +36,6 @@ public class JwtUtil {
     @Autowired
     private JwtConfig jwtConfig;
 
-    public Claims parseJWT(String jsonWebToken, String base64Security){
-        try{
-            Claims claims = Jwts.parser()
-                    .setSigningKey(DatatypeConverter.parseBase64Binary(base64Security))
-                    .parseClaimsJws(jsonWebToken).getBody();
-            return claims;
-        }
-        catch(Exception ex)
-        {
-            ex.printStackTrace();
-        }
-        return null;
-    }
-
-    public String createJWT(Member member, String base64Security)
-    {
-        //生成签名密钥
-        byte[] apiKeySecretBytes = DatatypeConverter.parseBase64Binary(base64Security);
-        Key signingKey = new SecretKeySpec(apiKeySecretBytes, SIGNATURE_ALGORITHM.getJcaName());
-        //添加构成JWT的参数
-        JwtBuilder builder = Jwts.builder()
-                .setId(member.getUid())
-                .setSubject(member.getAccount())
-                .signWith(SIGNATURE_ALGORITHM, signingKey)
-                .setExpiration(new Date(System.currentTimeMillis() + jwtConfig.getExpiration()))
-                .setNotBefore(new Date(System.currentTimeMillis()));
-        //生成JWT
-        return builder.compact();
-    }
-
     public String getUserIdFromToken(String token) {
         String userId;
         try {
@@ -138,15 +106,15 @@ private Boolean isCreatedBeforeLastPasswordReset(Date created, Date lastPassword
         return (lastPasswordReset != null && created.before(lastPasswordReset));
     }
 
-    public String generateAccessToken(Member member) {
-        Map<String, Object> claims = generateClaims(member);
-        return generateAccessToken(member.getAccount(), claims);
+    public String generateAccessToken(CustomUser user) {
+        Map<String, Object> claims = generateClaims(user);
+        return generateAccessToken(user.getUsername(), claims);
     }
 
-    private Map<String, Object> generateClaims(Member member) {
+    private Map<String, Object> generateClaims(CustomUser user) {
         Map<String, Object> claims = new HashMap<>();
-        claims.put(CLAIM_KEY_USER_ID, member.getUid());
-        claims.put(CLAIM_KEY_ACCOUNT_ENABLED, member.getState());
+        claims.put(CLAIM_KEY_USER_ID, user.getUid());
+        claims.put(CLAIM_KEY_ACCOUNT_ENABLED, user.isEnabled());
         claims.put(CLAIM_KEY_ACCOUNT_NON_LOCKED, false);
         claims.put(CLAIM_KEY_ACCOUNT_NON_EXPIRED, false);
         return claims;
@@ -156,12 +124,12 @@ private String generateAccessToken(String subject, Map<String, Object> claims) {
         return generateToken(subject, claims, jwtConfig.getExpiration());
     }
 
-    public String generateRefreshToken(Member member) {
-        Map<String, Object> claims = generateClaims(member);
+    public String generateRefreshToken(CustomUser user) {
+        Map<String, Object> claims = generateClaims(user);
         // 只授于更新 token 的权限
         String roles[] = new String[]{this.ROLE_REFRESH_TOKEN};
         claims.put(CLAIM_KEY_AUTHORITIES, JsonUtil.toJson(roles));
-        return generateRefreshToken(member.getAccount(), claims);
+        return generateRefreshToken(user.getUsername(), claims);
     }
 
     private String generateRefreshToken(String subject, Map<String, Object> claims) {
@@ -197,13 +165,11 @@ private String generateToken(String subject, Map<String, Object> claims, long ex
                 .compact();
     }
 
-    public Boolean validateToken(String token, Member member) {
+    public Boolean validateToken(String token, CustomUser user) {
         final String userId = getUserIdFromToken(token);
         final String userName = getUsernameFromToken(token);
-        // final Date created = getCreatedDateFromToken(token);
-        // final Date expiration = getExpirationDateFromToken(token);
-        return (userId.equals(member.getUid())
-                && userName.equals(member.getAccount())
+        return (userId.equals(user.getUid())
+                && userName.equals(user.getUsername())
                 && !isTokenExpired(token)
         );
     }

src/main/java/com/geekcattle/core/jwt/AccessToken.java src/main/java/com/geekcattle/core/security/jwt/AccessToken.java

@@ -1,4 +1,4 @@
-package com.geekcattle.core.filter;
+package com.geekcattle.core.shiro;
 
 import com.geekcattle.core.redis.RedisCacheManager;
 import com.geekcattle.core.shiro.AdminShiroRealm;

src/main/java/com/geekcattle/core/security/jwt/JwtAuthenticationFilter.java

@@ -6,11 +6,8 @@
 
 import com.geekcattle.core.j2cache.cache.support.ShiroJ2CacheCacheManager;
 import com.geekcattle.core.j2cache.cache.support.ShiroJ2CacheSession;
-import com.geekcattle.core.jwt.JwtShiroRealm;
 import com.geekcattle.core.redis.RedisCacheManager;
 import com.geekcattle.core.redis.RedisSessionDAO;
-import com.geekcattle.core.filter.JwtFilter;
-import com.geekcattle.core.filter.CustomerLogoutFilter;
 import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
 import org.apache.shiro.authc.pam.AtLeastOneSuccessfulStrategy;
 import org.apache.shiro.authc.pam.AuthenticationStrategy;
@@ -51,33 +48,6 @@ public class ShiroConfiguration {
 
     private Logger logger = LoggerFactory.getLogger(this.getClass());
 
-    /**
-     * token身份认证realm;
-     * @return
-     */
-    @Bean(name="jwtShiroRealm")
-    public JwtShiroRealm jwtShiroRealm(){
-        logger.debug("ShiroConfiguration.jwtShiroRealm()");
-        JwtShiroRealm jwtShiroRealm = new JwtShiroRealm();
-        jwtShiroRealm.setCredentialsMatcher(customHashedCredentialsMatcher());
-        return new JwtShiroRealm();
-    }
-
-    /**
-     * 前台身份认证realm;
-     * @return
-     */
-    @Bean(name="customShiroRealm")
-    public CustomShiroRealm customShiroRealm(){
-        logger.debug("ShiroConfiguration.customShiroRealm()");
-        CustomShiroRealm customShiroRealm = new CustomShiroRealm();
-        //customShiroRealm.setCacheManager(redisCacheManager());//单redis缓存
-        customShiroRealm.setCacheManager(shiroJ2CacheCacheManager());//j2cache二级缓存
-        //redisCacheManager和shiroJ2CacheCacheManager以上两种模式可任选其一，现在默认使用J2Cache
-        customShiroRealm.setCredentialsMatcher(customHashedCredentialsMatcher());
-        return customShiroRealm;
-    }
-
     /**
      * 后台身份认证realm;
      * @return
@@ -180,12 +150,9 @@ public DefaultWebSecurityManager getDefaultWebSecurityManage(){
 
         Map<String, Object> shiroAuthenticatorRealms = new HashMap<>();
         shiroAuthenticatorRealms.put("adminShiroRealm", adminShiroRealm());
-        shiroAuthenticatorRealms.put("customShiroRealm", customShiroRealm());
-        shiroAuthenticatorRealms.put("jwtShiroRealm", jwtShiroRealm());
 
         Collection<Realm> shiroAuthorizerRealms = new ArrayList<Realm>();
         shiroAuthorizerRealms.add(adminShiroRealm());
-        shiroAuthorizerRealms.add(customShiroRealm());
 
         CustomModularRealmAuthenticator customModularRealmAuthenticator = new CustomModularRealmAuthenticator();
         customModularRealmAuthenticator.setDefinedRealms(shiroAuthenticatorRealms);
@@ -248,9 +215,7 @@ public ShiroFilterFactoryBean shiroFilter(DefaultWebSecurityManager securityMana
         //增加自定义过滤
         Map<String, Filter> filters = new HashMap<>();
         filters.put("admin", new AdminFormAuthenticationFilter());
-        filters.put("custom", new CustomFormAuthenticationFilter());
         filters.put("logout", new CustomerLogoutFilter());
-        filters.put("jwt", new JwtFilter());
         shiroFilterFactoryBean.setFilters(filters);
         //拦截器.
         Map<String,String> filterChainDefinitionMap = new LinkedHashMap<String,String>();
@@ -273,20 +238,10 @@ public ShiroFilterFactoryBean shiroFilter(DefaultWebSecurityManager securityMana
 
         //<!-- 过滤链定义，从上向下顺序执行，一般将 /**放在最为下边 -->:这是一个坑呢，一不小心代码就不好使了;
         //<!-- authc:所有url都必须认证通过才可以访问; anon:所有url都都可以匿名访问-->
-        filterChainDefinitionMap.put("/**/login", "anon");
-        filterChainDefinitionMap.put("/**/logout", "logout");
-        filterChainDefinitionMap.put("/**/reg", "anon");
+        filterChainDefinitionMap.put("/console/login", "anon");
+        filterChainDefinitionMap.put("/console/logout", "logout");
         //配置记住我或认证通过可以访问的地址
         filterChainDefinitionMap.put("/console/**", "admin");
-        filterChainDefinitionMap.put("/member/**", "custom");
-
-        filterChainDefinitionMap.put("/api/member/**", "jwt");
-        // 如果不设置默认会自动寻找Web工程根目录下的"/login.jsp"页面
-        //shiroFilterFactoryBean.setLoginUrl("/member/login");
-        // 登录成功后要跳转的链接
-        //shiroFilterFactoryBean.setSuccessUrl("/member/index");
-        //未授权界面;
-        //shiroFilterFactoryBean.setUnauthorizedUrl("/console/403");
         shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
         return shiroFilterFactoryBean;
     }

src/main/java/com/geekcattle/core/jwt/JwtConfig.java src/main/java/com/geekcattle/core/security/jwt/JwtConfig.java

@@ -0,0 +1,36 @@
+package com.geekcattle.core.utils;
+
+import com.geekcattle.model.member.Member;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.security.core.context.SecurityContext;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.User;
+
+public class SecurityUtil {
+
+    private Logger logger = LoggerFactory.getLogger(this.getClass());
+
+
+    public static SecurityContext getContext(){
+        return SecurityContextHolder.getContext();
+    }
+
+    /**
+     * 判断是否登录
+     * @return
+     */
+    public static Boolean isLogin(){
+        return getContext().getAuthentication() != null && getContext().getAuthentication().isAuthenticated() && !getContext().getAuthentication().getName().equals("anonymousUser");
+    }
+
+    /**
+     * 获取前台用户信息
+     * @return
+     */
+    public static User getFontUserInfo(){
+        User user =  (User) getContext().getAuthentication().getPrincipal();
+        return user;
+    }
+
+}

src/main/java/com/geekcattle/core/jwt/JwtUtil.java src/main/java/com/geekcattle/core/security/jwt/JwtUtil.java

@@ -2,7 +2,7 @@
  * Copyright (c) 2017 <l_iupeiyu@qq.com> All rights reserved.
  */
 
-package com.geekcattle.core.shiro;
+package com.geekcattle.core.utils;
 
 import com.geekcattle.model.console.Admin;
 import org.apache.shiro.SecurityUtils;
@@ -17,7 +17,7 @@
  * author geekcattle
  * date 2016/12/6 0006 上午 10:45
  */
-public class AdminShiroUtil {
+public class ShiroUtil {
 
     private Logger logger = LoggerFactory.getLogger(this.getClass());
 
@@ -28,6 +28,14 @@ public static Subject getSubject(){
         return SecurityUtils.getSubject();
     }
 
+    public static Boolean isLogin(){
+        return getSubject().isAuthenticated();
+    }
+
+    /**
+     * 获取session信息
+     * @return
+     */
     public static Session getSession(){
         try{
             Session session = getSubject().getSession();
@@ -43,6 +51,10 @@ public static Session getSession(){
         return null;
     }
 
+    /**
+     * 获取用户信息
+     * @return
+     */
     public static Admin getUserInfo(){
         try {
             if(getSession() != null){
@@ -56,26 +68,4 @@ public static Admin getUserInfo(){
         }
         return null;
     }
-
-    // ============== Shiro Cache ==============
-
-    public static Object getCache(String key) {
-        return getCache(key, null);
-    }
-
-    public static Object getCache(String key, Object defaultValue) {
-//		Object obj = getCacheMap().get(key);
-        Object obj = getSession().getAttribute(key);
-        return obj==null?defaultValue:obj;
-    }
-
-    public static void putCache(String key, Object value) {
-//		getCacheMap().put(key, value);
-        getSession().setAttribute(key, value);
-    }
-
-    public static void removeCache(String key) {
-//		getCacheMap().remove(key);
-        getSession().removeAttribute(key);
-    }
 }

src/main/java/com/geekcattle/core/shiro/CustomShiroRealm.java

@@ -2,11 +2,8 @@
  * Copyright (c) 2017 <l_iupeiyu@qq.com> All rights reserved.
  */
 
-package com.geekcattle.util.console;
+package com.geekcattle.model.console;
 
-import com.geekcattle.model.console.Menu;
-import com.geekcattle.model.console.Role;
-import com.geekcattle.model.console.RoleMenu;
 import org.apache.commons.lang3.StringUtils;
 
 import java.util.*;
@@ -15,7 +12,7 @@
  * author geekcattle
  * date 2016/10/21 0021 下午 15:58
  */
-public class MenuTreeUtil {
+public class MenuTree {
 
     private List<Menu> nodes;
 
@@ -27,7 +24,7 @@ public class MenuTreeUtil {
      *
      * @param nodes   将树的所有节点都初始化进来。
      */
-    public MenuTreeUtil(List<Menu> nodes, List<RoleMenu> checknodes){
+    public MenuTree(List<Menu> nodes, List<RoleMenu> checknodes){
         this.nodes = nodes;
         this.checknodes = checknodes;
     }

src/main/java/com/geekcattle/core/filter/CustomerLogoutFilter.java src/main/java/com/geekcattle/core/shiro/CustomerLogoutFilter.java

@@ -6,18 +6,23 @@
 
 import com.fasterxml.jackson.annotation.JsonIgnore;
 import com.geekcattle.model.BaseEntity;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetails;
 
 import javax.persistence.Column;
 import javax.persistence.GeneratedValue;
 import javax.persistence.Id;
 import javax.persistence.Transient;
-import java.io.Serializable;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.List;
 
 /**
  * author geekcattle
  * date 2016/10/21 0021 下午 15:11
  */
-public class Member extends BaseEntity implements Serializable {
+public class Member extends BaseEntity implements UserDetails {
     @Id
     @Column(name = "uid")
     @GeneratedValue(generator = "UUID")
@@ -27,8 +32,6 @@ public class Member extends BaseEntity implements Serializable {
 
     private String password;
 
-    private String salt;
-
     private Integer state;
 
     private String createdAt;
@@ -67,14 +70,6 @@ public void setPassword(String password) {
         this.password = password;
     }
 
-    public String getSalt() {
-        return salt;
-    }
-
-    public void setSalt(String salt) {
-        this.salt = salt;
-    }
-
     public Integer getState() {
         return state;
     }
@@ -114,4 +109,36 @@ public String getOrder() {
     public void setOrder(String order) {
         this.order = order;
     }
+
+    @Override
+    public Collection<? extends GrantedAuthority> getAuthorities() {
+        List<GrantedAuthority> auths = new ArrayList<>();
+        return auths;
+    }
+
+    @Override
+    public String getUsername() {
+        return this.account;
+    }
+
+    @Override
+    public boolean isAccountNonExpired() {
+        return false;
+    }
+
+    @Override
+    public boolean isAccountNonLocked() {
+        return false;
+    }
+
+    @Override
+    public boolean isCredentialsNonExpired() {
+        return false;
+    }
+
+    @Override
+    public boolean isEnabled() {
+        return false;
+    }
+
 }

src/main/java/com/geekcattle/core/shiro/ShiroConfiguration.java

@@ -5,6 +5,7 @@
 package com.geekcattle.util;
 
 import com.alibaba.fastjson.JSON;
+import org.apache.commons.lang3.StringUtils;
 
 import java.util.HashMap;
 import java.util.Map;
@@ -21,15 +22,39 @@ public static Object parse(String json) {
         return JSON.parse(json);
     }
 
+    public static String toJsonSuccess(){
+        return toJsonSuccess("成功");
+    }
+
+    public static String toJsonSuccess(String msg){
+        return toJsonSuccess(msg,   new Object());
+    }
+
+    public static String toJsonSuccess(Object obj){
+        return toJsonSuccess("成功",   obj);
+    }
+
     public static String toJsonSuccess(String msg, Object obj){
         Map<String,Object> mp = new HashMap<String, Object>();
         mp.put("status", 1);
         mp.put("state", "success");
-        mp.put("msg", msg);
+        mp.put("msg", msg.getBytes());
         mp.put("result", obj);
         return toJson(mp);
     }
 
+    public static String toJsonError(){
+        return  toJsonError("失败");
+    }
+
+    public static String toJsonError(String msg){
+        return toJsonError(msg, new Object());
+    }
+
+    public static String toJsonError(Object obj){
+        return toJsonError("失败", obj);
+    }
+
     public static String toJsonError(String msg, Object obj){
         Map<String,Object> mp = new HashMap<String, Object>();
         mp.put("status", 0);

src/main/java/com/geekcattle/core/utils/SecurityUtil.java

@@ -0,0 +1,45 @@
+package com.geekcattle.util;
+
+import java.security.MessageDigest;
+
+/**
+ * MD5加密工具
+ *
+ */
+public class MD5Util {
+
+    /**
+     * 密码加密
+     * @param password
+     * @return
+     */
+    public static String encode(String password) {
+        return processEncode(password);
+    }
+
+    public static String processEncode(String password) {
+        MessageDigest md5 = null;
+        try {
+            md5 = MessageDigest.getInstance("MD5");
+        } catch (Exception e) {
+            throw new RuntimeException(e);
+        }
+        char[] charArray = password.toCharArray();
+        byte[] byteArray = new byte[charArray.length];
+
+        for (int i = 0; i < charArray.length; i++)
+            byteArray[i] = (byte) charArray[i];
+        byte[] md5Bytes = md5.digest(byteArray);
+        StringBuffer hexValue = new StringBuffer();
+        for (int i = 0; i < md5Bytes.length; i++) {
+            int val = ((int) md5Bytes[i]) & 0xff;
+            if (val < 16) {
+                hexValue.append("0");
+            }
+
+            hexValue.append(Integer.toHexString(val));
+        }
+        return hexValue.toString();
+    }
+
+}

src/main/java/com/geekcattle/core/shiro/AdminShiroUtil.java src/main/java/com/geekcattle/core/utils/ShiroUtil.java

@@ -1,7 +1,8 @@
 # 项目contextPath，一般在正式发布版本中，我们不配置
 server.servlet.context-path = /
 # session最大超时时间(分钟)，默认为30
-server.session-timeout = 60
+server.servlet.session.timeout = 60M
+server.servlet.session.tracking-modes = cookie
 #日志配置
 logging.level.com.geekcattle.mapper = DEBUG
 logging.file=logs/spring-boot-logging.log
@@ -17,9 +18,6 @@ j2cache.config-location=/j2cache.properties
 j2cache.open-spring-cache=true
 spring.cache.type = none
 
-
-
-
 # 使用druid数据源
 spring.datasource.type = com.alibaba.druid.pool.DruidDataSource
 spring.datasource.driver-class-name = com.mysql.jdbc.Driver

src/main/java/com/geekcattle/util/console/MenuTreeUtil.java src/main/java/com/geekcattle/model/console/MenuTree.java

@@ -6,23 +6,36 @@
 <body>
     <div class="container-fluid">
         <div class="row">
-            <div class="col-md-4 col-md-offset-4">
+            <div class="col-md-4 col-md-offset-1">
                 <form class="ajaxforms" method="post" action="/member/login">
                     <div class="form-group">
-                        <label for="account">账号</label>
-                        <input type="text" class="form-control"  name="account" id="account" placeholder="账号">
+                        <label>账号</label>
+                        <input type="text" class="form-control"  name="account" placeholder="账号">
                     </div>
                     <div class="form-group">
-                        <label for="password">密码</label>
-                        <input type="password" name="password" class="form-control" id="password" placeholder="密码">
+                        <label>密码</label>
+                        <input type="password" class="form-control" name="password" placeholder="密码">
                     </div>
-                    <input type="submit" class="form-control btn-primary" value="登录" />
+                    <input type="submit" class="form-control btn-primary" value="AJAX登录" />
+                </form>
+            </div>
+            <div class="col-md-4 col-md-offset-1">
+                <form method="post" action="/member/login">
+                    <div class="form-group">
+                        <label>账号</label>
+                        <input type="text" class="form-control"  name="account" placeholder="账号">
+                    </div>
+                    <div class="form-group">
+                        <label>密码</label>
+                        <input type="password" class="form-control" name="password" placeholder="密码">
+                    </div>
+                    <input type="submit" class="form-control btn-primary" value="默认登录" />
                 </form>
             </div>
         </div>
     </div>
 
-    <div th:include="member/footer"></div>
+    <div th:replace="member/footer"></div>
 
     <script type="text/javascript">
         $(function () {
@@ -51,7 +64,7 @@
                     },
                     'password' : {
                         required : '请输入密码'
-                    },
+                    }
                 },
                 submitHandler : function(forms) {
                     if (formloading) return;
@@ -68,6 +81,9 @@
                             } else {
                                 layer.msg(data.msg);
                             }
+                        },
+                        error : function () {
+
                         }
                     });
                 }

src/main/java/com/geekcattle/model/member/Member.java

@@ -1,4 +1,7 @@
 import com.geekcattle.Application;
+import com.geekcattle.mapper.member.MemberMapper;
+import com.geekcattle.model.member.Member;
+import com.geekcattle.service.member.MemberService;
 import junit.framework.TestCase;
 import net.oschina.j2cache.CacheChannel;
 import net.oschina.j2cache.J2Cache;
@@ -9,9 +12,12 @@
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
 import redis.clients.jedis.JedisPool;
 
+import java.util.List;
+
 /**
  * author geekcattle
  * date 2016/10/21 0021 下午 16:54
@@ -28,6 +34,9 @@ public class TestApp extends TestCase {
     @Autowired
     RedisTemplate<String, String> redisTemplate;
 
+    @Autowired
+    MemberMapper memberMapper;
+
     @Test
     public void testRedis(){
         redisTemplate.boundValueOps("geekcattle").set("df1111111111111");
@@ -45,16 +54,25 @@ public static void main(String[] args) {
     @Test
     public void testJ2Cache(){
         CacheChannel cache = J2Cache.getChannel();
-
         //缓存操作
         System.out.println(cache.get("default", "1"));
         cache.set("default", "1", "Hello J2Cache");
         System.out.println(cache.get("default", "1"));
         cache.evict("default", "1");
-
-
         cache.close();
     }
 
+    @Test
+    public void modifyPassword(){
+        List<Member> lists = memberMapper.selectAll();
+        for (Member member : lists) {
+            BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
+            String newPassword = passwordEncoder.encode("hao123");
+            System.out.printf(newPassword);
+            member.setPassword(newPassword);
+            memberMapper.updateByPrimaryKey(member);
+        }
+    }
+
 
 }

src/main/java/com/geekcattle/util/JsonUtil.java

@@ -1,5 +1,5 @@
 #!/bin/sh
 rm -f tpid
-nohup java -jar target/spring-boot-admin.jar --spring.profiles.active=pro > /var/log/spring-boot-web/startup`date +%Y-%m-%d`.log 2>&1 &
+nohup java -jar target/geek-framework.jar --spring.profiles.active=pro > /var/log/spring-boot-web/startup`date +%Y-%m-%d`.log 2>&1 &
 echo $! > tpid
 echo Start Success!