update 整合 satoken 权限、鉴权一体化框架

pom.xml

@@ -25,7 +25,7 @@
         <poi.version>4.1.2</poi.version>
         <easyexcel.version>2.2.11</easyexcel.version>
         <velocity.version>1.7</velocity.version>
-        <jwt.version>0.9.1</jwt.version>
+        <satoken.version>1.26.0</satoken.version>
         <mybatis-plus.version>3.4.3.3</mybatis-plus.version>
         <p6spy.version>3.9.1</p6spy.version>
         <hutool.version>5.7.13</hutool.version>
@@ -121,11 +121,23 @@
                 <version>${velocity.version}</version>
             </dependency>
 
-            <!-- Token生成与解析-->
+            <!-- Sa-Token 权限认证, 在线文档：http://sa-token.dev33.cn/ -->
             <dependency>
-                <groupId>io.jsonwebtoken</groupId>
-                <artifactId>jjwt</artifactId>
-                <version>${jwt.version}</version>
+                <groupId>cn.dev33</groupId>
+                <artifactId>sa-token-spring-boot-starter</artifactId>
+                <version>${satoken.version}</version>
+            </dependency>
+            <!-- Sa-Token 整合 Redis （使用jackson序列化方式） -->
+            <dependency>
+                <groupId>cn.dev33</groupId>
+                <artifactId>sa-token-dao-redis-jackson</artifactId>
+                <version>${satoken.version}</version>
+            </dependency>
+            <!-- Sa-Token整合SpringAOP实现注解鉴权 -->
+            <dependency>
+                <groupId>cn.dev33</groupId>
+                <artifactId>sa-token-spring-aop</artifactId>
+                <version>${satoken.version}</version>
             </dependency>
 
             <!-- dynamic-datasource 多数据源-->

ruoyi-admin/src/main/java/com/ruoyi/web/controller/monitor/CacheController.java

@@ -1,11 +1,11 @@
 package com.ruoyi.web.controller.monitor;
 
-import com.ruoyi.common.utils.StringUtils;
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import com.ruoyi.common.core.domain.AjaxResult;
+import com.ruoyi.common.utils.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.data.redis.core.RedisCallback;
 import org.springframework.data.redis.core.RedisTemplate;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
@@ -24,7 +24,7 @@ public class CacheController
     @Autowired
     private RedisTemplate<String, String> redisTemplate;
 
-    @PreAuthorize("@ss.hasPermi('monitor:cache:list')")
+    @SaCheckPermission("monitor:cache:list")
     @GetMapping()
     public AjaxResult getInfo() throws Exception
     {

ruoyi-admin/src/main/java/com/ruoyi/web/controller/monitor/SysLogininforController.java

@@ -1,5 +1,6 @@
 package com.ruoyi.web.controller.monitor;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.core.controller.BaseController;
 import com.ruoyi.common.core.domain.AjaxResult;
@@ -9,7 +10,6 @@ import com.ruoyi.common.utils.poi.ExcelUtil;
 import com.ruoyi.system.domain.SysLogininfor;
 import com.ruoyi.system.service.ISysLogininforService;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.*;
 
 import javax.servlet.http.HttpServletResponse;
@@ -27,7 +27,7 @@ public class SysLogininforController extends BaseController
     @Autowired
     private ISysLogininforService logininforService;
 
-    @PreAuthorize("@ss.hasPermi('monitor:logininfor:list')")
+    @SaCheckPermission("monitor:logininfor:list")
     @GetMapping("/list")
     public TableDataInfo list(SysLogininfor logininfor)
     {
@@ -35,7 +35,7 @@ public class SysLogininforController extends BaseController
     }
 
     @Log(title = "登录日志", businessType = BusinessType.EXPORT)
-    @PreAuthorize("@ss.hasPermi('monitor:logininfor:export')")
+    @SaCheckPermission("monitor:logininfor:export")
     @GetMapping("/export")
     public void export(SysLogininfor logininfor, HttpServletResponse response)
     {
@@ -43,7 +43,7 @@ public class SysLogininforController extends BaseController
 		ExcelUtil.exportExcel(list, "登录日志", SysLogininfor.class, response);
     }
 
-    @PreAuthorize("@ss.hasPermi('monitor:logininfor:remove')")
+    @SaCheckPermission("monitor:logininfor:remove")
     @Log(title = "登录日志", businessType = BusinessType.DELETE)
     @DeleteMapping("/{infoIds}")
     public AjaxResult remove(@PathVariable Long[] infoIds)
@@ -51,7 +51,7 @@ public class SysLogininforController extends BaseController
         return toAjax(logininforService.deleteLogininforByIds(infoIds));
     }
 
-    @PreAuthorize("@ss.hasPermi('monitor:logininfor:remove')")
+    @SaCheckPermission("monitor:logininfor:remove")
     @Log(title = "登录日志", businessType = BusinessType.CLEAN)
     @DeleteMapping("/clean")
     public AjaxResult clean()

ruoyi-admin/src/main/java/com/ruoyi/web/controller/monitor/SysOperlogController.java

@@ -1,5 +1,6 @@
 package com.ruoyi.web.controller.monitor;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.core.controller.BaseController;
 import com.ruoyi.common.core.domain.AjaxResult;
@@ -9,7 +10,6 @@ import com.ruoyi.common.utils.poi.ExcelUtil;
 import com.ruoyi.system.domain.SysOperLog;
 import com.ruoyi.system.service.ISysOperLogService;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.*;
 
 import javax.servlet.http.HttpServletResponse;
@@ -27,7 +27,7 @@ public class SysOperlogController extends BaseController
     @Autowired
     private ISysOperLogService operLogService;
 
-    @PreAuthorize("@ss.hasPermi('monitor:operlog:list')")
+    @SaCheckPermission("monitor:operlog:list")
     @GetMapping("/list")
     public TableDataInfo list(SysOperLog operLog)
     {
@@ -35,7 +35,7 @@ public class SysOperlogController extends BaseController
     }
 
     @Log(title = "操作日志", businessType = BusinessType.EXPORT)
-    @PreAuthorize("@ss.hasPermi('monitor:operlog:export')")
+    @SaCheckPermission("monitor:operlog:export")
     @GetMapping("/export")
     public void export(SysOperLog operLog, HttpServletResponse response)
     {
@@ -44,7 +44,7 @@ public class SysOperlogController extends BaseController
     }
 
     @Log(title = "操作日志", businessType = BusinessType.DELETE)
-    @PreAuthorize("@ss.hasPermi('monitor:operlog:remove')")
+    @SaCheckPermission("monitor:operlog:remove")
     @DeleteMapping("/{operIds}")
     public AjaxResult remove(@PathVariable Long[] operIds)
     {
@@ -52,7 +52,7 @@ public class SysOperlogController extends BaseController
     }
 
     @Log(title = "操作日志", businessType = BusinessType.CLEAN)
-    @PreAuthorize("@ss.hasPermi('monitor:operlog:remove')")
+    @SaCheckPermission("monitor:operlog:remove")
     @DeleteMapping("/clean")
     public AjaxResult clean()
     {

ruoyi-admin/src/main/java/com/ruoyi/web/controller/monitor/SysUserOnlineController.java

@@ -1,25 +1,27 @@
 package com.ruoyi.web.controller.monitor;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
+import cn.dev33.satoken.exception.NotLoginException;
+import cn.dev33.satoken.stp.StpUtil;
+import cn.hutool.core.bean.BeanUtil;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.constant.Constants;
 import com.ruoyi.common.core.controller.BaseController;
 import com.ruoyi.common.core.domain.AjaxResult;
-import com.ruoyi.common.core.domain.model.LoginUser;
+import com.ruoyi.common.core.domain.dto.UserOnlineDTO;
 import com.ruoyi.common.core.page.TableDataInfo;
 import com.ruoyi.common.enums.BusinessType;
 import com.ruoyi.common.utils.PageUtils;
 import com.ruoyi.common.utils.RedisUtils;
 import com.ruoyi.common.utils.StringUtils;
 import com.ruoyi.system.domain.SysUserOnline;
-import com.ruoyi.system.service.ISysUserOnlineService;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.*;
 
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.List;
+import java.util.stream.Collectors;
 
 /**
  * 在线用户监控
@@ -28,60 +30,47 @@ import java.util.List;
  */
 @RestController
 @RequestMapping("/monitor/online")
-public class SysUserOnlineController extends BaseController
-{
-    @Autowired
-    private ISysUserOnlineService userOnlineService;
+public class SysUserOnlineController extends BaseController {
 
-    @PreAuthorize("@ss.hasPermi('monitor:online:list')")
+    @SaCheckPermission("monitor:online:list")
     @GetMapping("/list")
-    public TableDataInfo list(String ipaddr, String userName)
-    {
-        Collection<String> keys = RedisUtils.keys(Constants.LOGIN_TOKEN_KEY + "*");
-        List<SysUserOnline> userOnlineList = new ArrayList<SysUserOnline>();
-        for (String key : keys)
-        {
-            LoginUser user = RedisUtils.getCacheObject(key);
-            if (StringUtils.isNotEmpty(ipaddr) && StringUtils.isNotEmpty(userName))
-            {
-                if (StringUtils.equals(ipaddr, user.getIpaddr()) && StringUtils.equals(userName, user.getUsername()))
-                {
-                    userOnlineList.add(userOnlineService.selectOnlineByInfo(ipaddr, userName, user));
-                }
-            }
-            else if (StringUtils.isNotEmpty(ipaddr))
-            {
-                if (StringUtils.equals(ipaddr, user.getIpaddr()))
-                {
-                    userOnlineList.add(userOnlineService.selectOnlineByIpaddr(ipaddr, user));
-                }
-            }
-            else if (StringUtils.isNotEmpty(userName) && StringUtils.isNotNull(user.getUser()))
-            {
-                if (StringUtils.equals(userName, user.getUsername()))
-                {
-                    userOnlineList.add(userOnlineService.selectOnlineByUserName(userName, user));
-                }
-            }
-            else
-            {
-                userOnlineList.add(userOnlineService.loginUserToUserOnline(user));
-            }
+    public TableDataInfo list(String ipaddr, String userName) {
+        Collection<String> keys = RedisUtils.keys(Constants.ONLINE_TOKEN_KEY + "*");
+        List<UserOnlineDTO> userOnlineDTOList = new ArrayList<>();
+        for (String key : keys) {
+            userOnlineDTOList.add(RedisUtils.getCacheObject(key));
         }
-        Collections.reverse(userOnlineList);
-        userOnlineList.removeAll(Collections.singleton(null));
+        if (StringUtils.isNotEmpty(ipaddr) && StringUtils.isNotEmpty(userName)) {
+            userOnlineDTOList = userOnlineDTOList.stream().filter(userOnline ->
+                    StringUtils.equals(ipaddr, userOnline.getIpaddr()) &&
+                            StringUtils.equals(userName, userOnline.getUserName())
+            ).collect(Collectors.toList());
+        } else if (StringUtils.isNotEmpty(ipaddr)) {
+            userOnlineDTOList = userOnlineDTOList.stream().filter(userOnline ->
+                    StringUtils.equals(ipaddr, userOnline.getIpaddr()))
+                    .collect(Collectors.toList());
+        } else if (StringUtils.isNotEmpty(userName)) {
+            userOnlineDTOList = userOnlineDTOList.stream().filter(userOnline ->
+                    StringUtils.equals(userName, userOnline.getUserName())
+            ).collect(Collectors.toList());
+        }
+        Collections.reverse(userOnlineDTOList);
+        userOnlineDTOList.removeAll(Collections.singleton(null));
+        List<SysUserOnline> userOnlineList = BeanUtil.copyToList(userOnlineDTOList, SysUserOnline.class);
         return PageUtils.buildDataInfo(userOnlineList);
     }
 
     /**
      * 强退用户
      */
-    @PreAuthorize("@ss.hasPermi('monitor:online:forceLogout')")
+    @SaCheckPermission("monitor:online:forceLogout")
     @Log(title = "在线用户", businessType = BusinessType.FORCE)
     @DeleteMapping("/{tokenId}")
-    public AjaxResult forceLogout(@PathVariable String tokenId)
-    {
-        RedisUtils.deleteObject(Constants.LOGIN_TOKEN_KEY + tokenId);
+    public AjaxResult forceLogout(@PathVariable String tokenId) {
+        try {
+            StpUtil.logoutByTokenValue(tokenId);
+        } catch (NotLoginException e) {
+        }
         return AjaxResult.success();
     }
 }

ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysConfigController.java

@@ -1,5 +1,6 @@
 package com.ruoyi.web.controller.system;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.annotation.RepeatSubmit;
 import com.ruoyi.common.constant.UserConstants;
@@ -11,7 +12,6 @@ import com.ruoyi.common.utils.poi.ExcelUtil;
 import com.ruoyi.system.domain.SysConfig;
 import com.ruoyi.system.service.ISysConfigService;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
@@ -33,7 +33,7 @@ public class SysConfigController extends BaseController
     /**
      * 获取参数配置列表
      */
-    @PreAuthorize("@ss.hasPermi('system:config:list')")
+    @SaCheckPermission("system:config:list")
     @GetMapping("/list")
     public TableDataInfo list(SysConfig config)
     {
@@ -41,7 +41,7 @@ public class SysConfigController extends BaseController
     }
 
     @Log(title = "参数管理", businessType = BusinessType.EXPORT)
-    @PreAuthorize("@ss.hasPermi('system:config:export')")
+    @SaCheckPermission("system:config:export")
     @GetMapping("/export")
     public void export(SysConfig config, HttpServletResponse response)
     {
@@ -52,7 +52,7 @@ public class SysConfigController extends BaseController
     /**
      * 根据参数编号获取详细信息
      */
-    @PreAuthorize("@ss.hasPermi('system:config:query')")
+    @SaCheckPermission("system:config:query")
     @GetMapping(value = "/{configId}")
     public AjaxResult getInfo(@PathVariable Long configId)
     {
@@ -71,7 +71,7 @@ public class SysConfigController extends BaseController
     /**
      * 新增参数配置
      */
-    @PreAuthorize("@ss.hasPermi('system:config:add')")
+    @SaCheckPermission("system:config:add")
     @Log(title = "参数管理", businessType = BusinessType.INSERT)
     @PostMapping
     @RepeatSubmit
@@ -81,14 +81,13 @@ public class SysConfigController extends BaseController
         {
             return AjaxResult.error("新增参数'" + config.getConfigName() + "'失败，参数键名已存在");
         }
-        config.setCreateBy(getUsername());
         return toAjax(configService.insertConfig(config));
     }
 
     /**
      * 修改参数配置
      */
-    @PreAuthorize("@ss.hasPermi('system:config:edit')")
+    @SaCheckPermission("system:config:edit")
     @Log(title = "参数管理", businessType = BusinessType.UPDATE)
     @PutMapping
     public AjaxResult edit(@Validated @RequestBody SysConfig config)
@@ -97,14 +96,13 @@ public class SysConfigController extends BaseController
         {
             return AjaxResult.error("修改参数'" + config.getConfigName() + "'失败，参数键名已存在");
         }
-        config.setUpdateBy(getUsername());
         return toAjax(configService.updateConfig(config));
     }
 
     /**
      * 删除参数配置
      */
-    @PreAuthorize("@ss.hasPermi('system:config:remove')")
+    @SaCheckPermission("system:config:remove")
     @Log(title = "参数管理", businessType = BusinessType.DELETE)
     @DeleteMapping("/{configIds}")
     public AjaxResult remove(@PathVariable Long[] configIds)
@@ -116,7 +114,7 @@ public class SysConfigController extends BaseController
     /**
      * 刷新参数缓存
      */
-    @PreAuthorize("@ss.hasPermi('system:config:remove')")
+    @SaCheckPermission("system:config:remove")
     @Log(title = "参数管理", businessType = BusinessType.CLEAN)
     @DeleteMapping("/refreshCache")
     public AjaxResult refreshCache()

ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysDeptController.java

@@ -1,5 +1,6 @@
 package com.ruoyi.web.controller.system;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import cn.hutool.core.util.ArrayUtil;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.constant.UserConstants;
@@ -10,7 +11,6 @@ import com.ruoyi.common.enums.BusinessType;
 import com.ruoyi.common.utils.StringUtils;
 import com.ruoyi.system.service.ISysDeptService;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
@@ -34,7 +34,7 @@ public class SysDeptController extends BaseController
     /**
      * 获取部门列表
      */
-    @PreAuthorize("@ss.hasPermi('system:dept:list')")
+    @SaCheckPermission("system:dept:list")
     @GetMapping("/list")
     public AjaxResult list(SysDept dept)
     {
@@ -45,7 +45,7 @@ public class SysDeptController extends BaseController
     /**
      * 查询部门列表（排除节点）
      */
-    @PreAuthorize("@ss.hasPermi('system:dept:list')")
+    @SaCheckPermission("system:dept:list")
     @GetMapping("/list/exclude/{deptId}")
     public AjaxResult excludeChild(@PathVariable(value = "deptId", required = false) Long deptId)
     {
@@ -66,7 +66,7 @@ public class SysDeptController extends BaseController
     /**
      * 根据部门编号获取详细信息
      */
-    @PreAuthorize("@ss.hasPermi('system:dept:query')")
+    @SaCheckPermission("system:dept:query")
     @GetMapping(value = "/{deptId}")
     public AjaxResult getInfo(@PathVariable Long deptId)
     {
@@ -100,7 +100,7 @@ public class SysDeptController extends BaseController
     /**
      * 新增部门
      */
-    @PreAuthorize("@ss.hasPermi('system:dept:add')")
+    @SaCheckPermission("system:dept:add")
     @Log(title = "部门管理", businessType = BusinessType.INSERT)
     @PostMapping
     public AjaxResult add(@Validated @RequestBody SysDept dept)
@@ -109,14 +109,13 @@ public class SysDeptController extends BaseController
         {
             return AjaxResult.error("新增部门'" + dept.getDeptName() + "'失败，部门名称已存在");
         }
-        dept.setCreateBy(getUsername());
         return toAjax(deptService.insertDept(dept));
     }
 
     /**
      * 修改部门
      */
-    @PreAuthorize("@ss.hasPermi('system:dept:edit')")
+    @SaCheckPermission("system:dept:edit")
     @Log(title = "部门管理", businessType = BusinessType.UPDATE)
     @PutMapping
     public AjaxResult edit(@Validated @RequestBody SysDept dept)
@@ -134,14 +133,13 @@ public class SysDeptController extends BaseController
         {
             return AjaxResult.error("该部门包含未停用的子部门！");
         }
-        dept.setUpdateBy(getUsername());
         return toAjax(deptService.updateDept(dept));
     }
 
     /**
      * 删除部门
      */
-    @PreAuthorize("@ss.hasPermi('system:dept:remove')")
+    @SaCheckPermission("system:dept:remove")
     @Log(title = "部门管理", businessType = BusinessType.DELETE)
     @DeleteMapping("/{deptId}")
     public AjaxResult remove(@PathVariable Long deptId)

ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysDictDataController.java

@@ -1,5 +1,6 @@
 package com.ruoyi.web.controller.system;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.core.controller.BaseController;
 import com.ruoyi.common.core.domain.AjaxResult;
@@ -11,7 +12,6 @@ import com.ruoyi.common.utils.poi.ExcelUtil;
 import com.ruoyi.system.service.ISysDictDataService;
 import com.ruoyi.system.service.ISysDictTypeService;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
@@ -34,7 +34,7 @@ public class SysDictDataController extends BaseController
     @Autowired
     private ISysDictTypeService dictTypeService;
 
-    @PreAuthorize("@ss.hasPermi('system:dict:list')")
+    @SaCheckPermission("system:dict:list")
     @GetMapping("/list")
     public TableDataInfo list(SysDictData dictData)
     {
@@ -42,7 +42,7 @@ public class SysDictDataController extends BaseController
     }
 
     @Log(title = "字典数据", businessType = BusinessType.EXPORT)
-    @PreAuthorize("@ss.hasPermi('system:dict:export')")
+    @SaCheckPermission("system:dict:export")
     @GetMapping("/export")
     public void export(SysDictData dictData, HttpServletResponse response)
     {
@@ -53,7 +53,7 @@ public class SysDictDataController extends BaseController
     /**
      * 查询字典数据详细
      */
-    @PreAuthorize("@ss.hasPermi('system:dict:query')")
+    @SaCheckPermission("system:dict:query")
     @GetMapping(value = "/{dictCode}")
     public AjaxResult getInfo(@PathVariable Long dictCode)
     {
@@ -77,31 +77,29 @@ public class SysDictDataController extends BaseController
     /**
      * 新增字典类型
      */
-    @PreAuthorize("@ss.hasPermi('system:dict:add')")
+    @SaCheckPermission("system:dict:add")
     @Log(title = "字典数据", businessType = BusinessType.INSERT)
     @PostMapping
     public AjaxResult add(@Validated @RequestBody SysDictData dict)
     {
-        dict.setCreateBy(getUsername());
         return toAjax(dictDataService.insertDictData(dict));
     }
 
     /**
      * 修改保存字典类型
      */
-    @PreAuthorize("@ss.hasPermi('system:dict:edit')")
+    @SaCheckPermission("system:dict:edit")
     @Log(title = "字典数据", businessType = BusinessType.UPDATE)
     @PutMapping
     public AjaxResult edit(@Validated @RequestBody SysDictData dict)
     {
-        dict.setUpdateBy(getUsername());
         return toAjax(dictDataService.updateDictData(dict));
     }
 
     /**
      * 删除字典类型
      */
-    @PreAuthorize("@ss.hasPermi('system:dict:remove')")
+    @SaCheckPermission("system:dict:remove")
     @Log(title = "字典类型", businessType = BusinessType.DELETE)
     @DeleteMapping("/{dictCodes}")
     public AjaxResult remove(@PathVariable Long[] dictCodes)

ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysDictTypeController.java

@@ -1,5 +1,6 @@
 package com.ruoyi.web.controller.system;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.constant.UserConstants;
 import com.ruoyi.common.core.controller.BaseController;
@@ -10,7 +11,6 @@ import com.ruoyi.common.enums.BusinessType;
 import com.ruoyi.common.utils.poi.ExcelUtil;
 import com.ruoyi.system.service.ISysDictTypeService;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
@@ -29,7 +29,7 @@ public class SysDictTypeController extends BaseController
     @Autowired
     private ISysDictTypeService dictTypeService;
 
-    @PreAuthorize("@ss.hasPermi('system:dict:list')")
+    @SaCheckPermission("system:dict:list")
     @GetMapping("/list")
     public TableDataInfo list(SysDictType dictType)
     {
@@ -37,7 +37,7 @@ public class SysDictTypeController extends BaseController
     }
 
     @Log(title = "字典类型", businessType = BusinessType.EXPORT)
-    @PreAuthorize("@ss.hasPermi('system:dict:export')")
+    @SaCheckPermission("system:dict:export")
     @GetMapping("/export")
     public void export(SysDictType dictType, HttpServletResponse response)
     {
@@ -48,7 +48,7 @@ public class SysDictTypeController extends BaseController
     /**
      * 查询字典类型详细
      */
-    @PreAuthorize("@ss.hasPermi('system:dict:query')")
+    @SaCheckPermission("system:dict:query")
     @GetMapping(value = "/{dictId}")
     public AjaxResult getInfo(@PathVariable Long dictId)
     {
@@ -58,7 +58,7 @@ public class SysDictTypeController extends BaseController
     /**
      * 新增字典类型
      */
-    @PreAuthorize("@ss.hasPermi('system:dict:add')")
+    @SaCheckPermission("system:dict:add")
     @Log(title = "字典类型", businessType = BusinessType.INSERT)
     @PostMapping
     public AjaxResult add(@Validated @RequestBody SysDictType dict)
@@ -67,14 +67,13 @@ public class SysDictTypeController extends BaseController
         {
             return AjaxResult.error("新增字典'" + dict.getDictName() + "'失败，字典类型已存在");
         }
-        dict.setCreateBy(getUsername());
         return toAjax(dictTypeService.insertDictType(dict));
     }
 
     /**
      * 修改字典类型
      */
-    @PreAuthorize("@ss.hasPermi('system:dict:edit')")
+    @SaCheckPermission("system:dict:edit")
     @Log(title = "字典类型", businessType = BusinessType.UPDATE)
     @PutMapping
     public AjaxResult edit(@Validated @RequestBody SysDictType dict)
@@ -83,14 +82,13 @@ public class SysDictTypeController extends BaseController
         {
             return AjaxResult.error("修改字典'" + dict.getDictName() + "'失败，字典类型已存在");
         }
-        dict.setUpdateBy(getUsername());
         return toAjax(dictTypeService.updateDictType(dict));
     }
 
     /**
      * 删除字典类型
      */
-    @PreAuthorize("@ss.hasPermi('system:dict:remove')")
+    @SaCheckPermission("system:dict:remove")
     @Log(title = "字典类型", businessType = BusinessType.DELETE)
     @DeleteMapping("/{dictIds}")
     public AjaxResult remove(@PathVariable Long[] dictIds)
@@ -102,7 +100,7 @@ public class SysDictTypeController extends BaseController
     /**
      * 刷新字典缓存
      */
-    @PreAuthorize("@ss.hasPermi('system:dict:remove')")
+    @SaCheckPermission("system:dict:remove")
     @Log(title = "字典类型", businessType = BusinessType.CLEAN)
     @DeleteMapping("/refreshCache")
     public AjaxResult refreshCache()

ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java

@@ -1,14 +1,17 @@
 package com.ruoyi.web.controller.system;
 
+import cn.dev33.satoken.exception.NotLoginException;
+import cn.dev33.satoken.stp.StpUtil;
 import com.ruoyi.common.constant.Constants;
 import com.ruoyi.common.core.domain.AjaxResult;
 import com.ruoyi.common.core.domain.entity.SysMenu;
 import com.ruoyi.common.core.domain.entity.SysUser;
 import com.ruoyi.common.core.domain.model.LoginBody;
 import com.ruoyi.common.utils.SecurityUtils;
+import com.ruoyi.system.service.ISysMenuService;
+import com.ruoyi.system.service.ISysUserService;
 import com.ruoyi.system.service.SysLoginService;
 import com.ruoyi.system.service.SysPermissionService;
-import com.ruoyi.system.service.ISysMenuService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
@@ -37,6 +40,9 @@ public class SysLoginController
     @Autowired
     private SysPermissionService permissionService;
 
+    @Autowired
+    private ISysUserService iSysUserService;
+
     /**
      * 登录方法
      *
@@ -54,6 +60,15 @@ public class SysLoginController
         return AjaxResult.success(ajax);
     }
 
+    @PostMapping("/logout")
+    public AjaxResult logout(){
+        try {
+            StpUtil.logout();
+        } catch (NotLoginException e) {
+        }
+        return AjaxResult.success("退出成功");
+    }
+
     /**
      * 获取用户信息
      *
@@ -62,7 +77,7 @@ public class SysLoginController
     @GetMapping("getInfo")
     public AjaxResult getInfo()
     {
-        SysUser user = SecurityUtils.getLoginUser().getUser();
+        SysUser user = SecurityUtils.getUser();
         // 角色集合
         Set<String> roles = permissionService.getRolePermission(user);
         // 权限集合
@@ -82,8 +97,7 @@ public class SysLoginController
     @GetMapping("getRouters")
     public AjaxResult getRouters()
     {
-        Long userId = SecurityUtils.getUserId();
-        List<SysMenu> menus = menuService.selectMenuTreeByUserId(userId);
+        List<SysMenu> menus = menuService.selectMenuTreeByUserId(SecurityUtils.getUserId());
         return AjaxResult.success(menuService.buildMenus(menus));
     }
 }

ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysMenuController.java

@@ -1,5 +1,6 @@
 package com.ruoyi.web.controller.system;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.constant.UserConstants;
 import com.ruoyi.common.core.controller.BaseController;
@@ -9,7 +10,6 @@ import com.ruoyi.common.enums.BusinessType;
 import com.ruoyi.common.utils.StringUtils;
 import com.ruoyi.system.service.ISysMenuService;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
@@ -32,7 +32,7 @@ public class SysMenuController extends BaseController
     /**
      * 获取菜单列表
      */
-    @PreAuthorize("@ss.hasPermi('system:menu:list')")
+    @SaCheckPermission("system:menu:list")
     @GetMapping("/list")
     public AjaxResult list(SysMenu menu)
     {
@@ -43,7 +43,7 @@ public class SysMenuController extends BaseController
     /**
      * 根据菜单编号获取详细信息
      */
-    @PreAuthorize("@ss.hasPermi('system:menu:query')")
+    @SaCheckPermission("system:menu:query")
     @GetMapping(value = "/{menuId}")
     public AjaxResult getInfo(@PathVariable Long menuId)
     {
@@ -76,7 +76,7 @@ public class SysMenuController extends BaseController
     /**
      * 新增菜单
      */
-    @PreAuthorize("@ss.hasPermi('system:menu:add')")
+    @SaCheckPermission("system:menu:add")
     @Log(title = "菜单管理", businessType = BusinessType.INSERT)
     @PostMapping
     public AjaxResult add(@Validated @RequestBody SysMenu menu)
@@ -89,14 +89,13 @@ public class SysMenuController extends BaseController
         {
             return AjaxResult.error("新增菜单'" + menu.getMenuName() + "'失败，地址必须以http(s)://开头");
         }
-        menu.setCreateBy(getUsername());
         return toAjax(menuService.insertMenu(menu));
     }
 
     /**
      * 修改菜单
      */
-    @PreAuthorize("@ss.hasPermi('system:menu:edit')")
+    @SaCheckPermission("system:menu:edit")
     @Log(title = "菜单管理", businessType = BusinessType.UPDATE)
     @PutMapping
     public AjaxResult edit(@Validated @RequestBody SysMenu menu)
@@ -113,14 +112,13 @@ public class SysMenuController extends BaseController
         {
             return AjaxResult.error("修改菜单'" + menu.getMenuName() + "'失败，上级菜单不能选择自己");
         }
-        menu.setUpdateBy(getUsername());
         return toAjax(menuService.updateMenu(menu));
     }
 
     /**
      * 删除菜单
      */
-    @PreAuthorize("@ss.hasPermi('system:menu:remove')")
+    @SaCheckPermission("system:menu:remove")
     @Log(title = "菜单管理", businessType = BusinessType.DELETE)
     @DeleteMapping("/{menuId}")
     public AjaxResult remove(@PathVariable("menuId") Long menuId)

ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysNoticeController.java

@@ -1,17 +1,6 @@
 package com.ruoyi.web.controller.system;
 
-import java.util.List;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
-import org.springframework.validation.annotation.Validated;
-import org.springframework.web.bind.annotation.DeleteMapping;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PathVariable;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.PutMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.core.controller.BaseController;
 import com.ruoyi.common.core.domain.AjaxResult;
@@ -19,6 +8,9 @@ import com.ruoyi.common.core.page.TableDataInfo;
 import com.ruoyi.common.enums.BusinessType;
 import com.ruoyi.system.domain.SysNotice;
 import com.ruoyi.system.service.ISysNoticeService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.validation.annotation.Validated;
+import org.springframework.web.bind.annotation.*;
 
 /**
  * 公告 信息操作处理
@@ -35,7 +27,7 @@ public class SysNoticeController extends BaseController
     /**
      * 获取通知公告列表
      */
-    @PreAuthorize("@ss.hasPermi('system:notice:list')")
+    @SaCheckPermission("system:notice:list")
     @GetMapping("/list")
     public TableDataInfo list(SysNotice notice)
     {
@@ -45,7 +37,7 @@ public class SysNoticeController extends BaseController
     /**
      * 根据通知公告编号获取详细信息
      */
-    @PreAuthorize("@ss.hasPermi('system:notice:query')")
+    @SaCheckPermission("system:notice:query")
     @GetMapping(value = "/{noticeId}")
     public AjaxResult getInfo(@PathVariable Long noticeId)
     {
@@ -55,31 +47,29 @@ public class SysNoticeController extends BaseController
     /**
      * 新增通知公告
      */
-    @PreAuthorize("@ss.hasPermi('system:notice:add')")
+    @SaCheckPermission("system:notice:add")
     @Log(title = "通知公告", businessType = BusinessType.INSERT)
     @PostMapping
     public AjaxResult add(@Validated @RequestBody SysNotice notice)
     {
-        notice.setCreateBy(getUsername());
         return toAjax(noticeService.insertNotice(notice));
     }
 
     /**
      * 修改通知公告
      */
-    @PreAuthorize("@ss.hasPermi('system:notice:edit')")
+    @SaCheckPermission("system:notice:edit")
     @Log(title = "通知公告", businessType = BusinessType.UPDATE)
     @PutMapping
     public AjaxResult edit(@Validated @RequestBody SysNotice notice)
     {
-        notice.setUpdateBy(getUsername());
         return toAjax(noticeService.updateNotice(notice));
     }
 
     /**
      * 删除通知公告
      */
-    @PreAuthorize("@ss.hasPermi('system:notice:remove')")
+    @SaCheckPermission("system:notice:remove")
     @Log(title = "通知公告", businessType = BusinessType.DELETE)
     @DeleteMapping("/{noticeIds}")
     public AjaxResult remove(@PathVariable Long[] noticeIds)

ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysOssConfigController.java

@@ -1,5 +1,6 @@
 package com.ruoyi.web.controller.system;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.annotation.RepeatSubmit;
 import com.ruoyi.common.core.controller.BaseController;
@@ -16,7 +17,6 @@ import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.RequiredArgsConstructor;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
@@ -44,7 +44,7 @@ public class SysOssConfigController extends BaseController {
 	 * 查询对象存储配置列表
 	 */
 	@ApiOperation("查询对象存储配置列表")
-	@PreAuthorize("@ss.hasPermi('system:oss:list')")
+	@SaCheckPermission("system:oss:list")
 	@GetMapping("/list")
 	public TableDataInfo<SysOssConfigVo> list(@Validated(QueryGroup.class) SysOssConfigBo bo) {
 		return iSysOssConfigService.queryPageList(bo);
@@ -54,7 +54,7 @@ public class SysOssConfigController extends BaseController {
 	 * 获取对象存储配置详细信息
 	 */
 	@ApiOperation("获取对象存储配置详细信息")
-	@PreAuthorize("@ss.hasPermi('system:oss:query')")
+	@SaCheckPermission("system:oss:query")
 	@GetMapping("/{ossConfigId}")
 	public AjaxResult<SysOssConfigVo> getInfo(@NotNull(message = "主键不能为空")
 											  @PathVariable("ossConfigId") Integer ossConfigId) {
@@ -65,7 +65,7 @@ public class SysOssConfigController extends BaseController {
 	 * 新增对象存储配置
 	 */
 	@ApiOperation("新增对象存储配置")
-	@PreAuthorize("@ss.hasPermi('system:oss:add')")
+	@SaCheckPermission("system:oss:add")
 	@Log(title = "对象存储配置", businessType = BusinessType.INSERT)
 	@RepeatSubmit()
 	@PostMapping()
@@ -77,7 +77,7 @@ public class SysOssConfigController extends BaseController {
 	 * 修改对象存储配置
 	 */
 	@ApiOperation("修改对象存储配置")
-	@PreAuthorize("@ss.hasPermi('system:oss:edit')")
+	@SaCheckPermission("system:oss:edit")
 	@Log(title = "对象存储配置", businessType = BusinessType.UPDATE)
 	@RepeatSubmit()
 	@PutMapping()
@@ -89,7 +89,7 @@ public class SysOssConfigController extends BaseController {
 	 * 删除对象存储配置
 	 */
 	@ApiOperation("删除对象存储配置")
-	@PreAuthorize("@ss.hasPermi('system:oss:remove')")
+	@SaCheckPermission("system:oss:remove")
 	@Log(title = "对象存储配置", businessType = BusinessType.DELETE)
 	@DeleteMapping("/{ossConfigIds}")
 	public AjaxResult<Void> remove(@NotEmpty(message = "主键不能为空")
@@ -100,7 +100,7 @@ public class SysOssConfigController extends BaseController {
 	/**
 	 * 状态修改
 	 */
-	@PreAuthorize("@ss.hasPermi('system:oss:edit')")
+	@SaCheckPermission("system:oss:edit")
 	@Log(title = "对象存储状态修改", businessType = BusinessType.UPDATE)
 	@PutMapping("/changeStatus")
 	public AjaxResult changeStatus(@RequestBody SysOssConfigBo bo) {

ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysOssController.java

@@ -1,6 +1,7 @@
 package com.ruoyi.web.controller.system;
 
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import cn.hutool.core.convert.Convert;
 import cn.hutool.core.util.ObjectUtil;
 import cn.hutool.http.HttpException;
@@ -30,7 +31,6 @@ import io.swagger.annotations.ApiOperation;
 import lombok.RequiredArgsConstructor;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.MediaType;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.multipart.MultipartFile;
@@ -63,7 +63,7 @@ public class SysOssController extends BaseController {
 	 * 查询OSS对象存储列表
 	 */
 	@ApiOperation("查询OSS对象存储列表")
-	@PreAuthorize("@ss.hasPermi('system:oss:list')")
+	@SaCheckPermission("system:oss:list")
 	@GetMapping("/list")
 	public TableDataInfo<SysOssVo> list(@Validated(QueryGroup.class) SysOssBo bo) {
 		return iSysOssService.queryPageList(bo);
@@ -76,7 +76,7 @@ public class SysOssController extends BaseController {
 	@ApiImplicitParams({
 		@ApiImplicitParam(name = "file", value = "文件", dataType = "java.io.File", required = true),
 	})
-	@PreAuthorize("@ss.hasPermi('system:oss:upload')")
+	@SaCheckPermission("system:oss:upload")
 	@Log(title = "OSS对象存储", businessType = BusinessType.INSERT)
 	@RepeatSubmit
 	@PostMapping("/upload")
@@ -92,7 +92,7 @@ public class SysOssController extends BaseController {
 	}
 
 	@ApiOperation("下载OSS对象存储")
-	@PreAuthorize("@ss.hasPermi('system:oss:download')")
+	@SaCheckPermission("system:oss:download")
 	@GetMapping("/download/{ossId}")
 	public void download(@PathVariable Long ossId, HttpServletResponse response) throws IOException {
 		SysOss sysOss = iSysOssService.getById(ossId);
@@ -121,7 +121,7 @@ public class SysOssController extends BaseController {
 	 * 删除OSS对象存储
 	 */
 	@ApiOperation("删除OSS对象存储")
-	@PreAuthorize("@ss.hasPermi('system:oss:remove')")
+	@SaCheckPermission("system:oss:remove")
 	@Log(title = "OSS对象存储" , businessType = BusinessType.DELETE)
 	@DeleteMapping("/{ossIds}")
 	public AjaxResult<Void> remove(@NotEmpty(message = "主键不能为空")
@@ -133,7 +133,7 @@ public class SysOssController extends BaseController {
 	 * 变更图片列表预览状态
 	 */
 	@ApiOperation("变更图片列表预览状态")
-	@PreAuthorize("@ss.hasPermi('system:oss:edit')")
+	@SaCheckPermission("system:oss:edit")
 	@Log(title = "OSS对象存储" , businessType = BusinessType.UPDATE)
 	@PutMapping("/changePreviewListResource")
 	public AjaxResult<Void> changePreviewListResource(@RequestBody String body) {

ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysPostController.java

@@ -1,5 +1,6 @@
 package com.ruoyi.web.controller.system;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.constant.UserConstants;
 import com.ruoyi.common.core.controller.BaseController;
@@ -10,7 +11,6 @@ import com.ruoyi.common.utils.poi.ExcelUtil;
 import com.ruoyi.system.domain.SysPost;
 import com.ruoyi.system.service.ISysPostService;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
@@ -32,7 +32,7 @@ public class SysPostController extends BaseController
     /**
      * 获取岗位列表
      */
-    @PreAuthorize("@ss.hasPermi('system:post:list')")
+    @SaCheckPermission("system:post:list")
     @GetMapping("/list")
     public TableDataInfo list(SysPost post)
     {
@@ -40,7 +40,7 @@ public class SysPostController extends BaseController
     }
 
     @Log(title = "岗位管理", businessType = BusinessType.EXPORT)
-    @PreAuthorize("@ss.hasPermi('system:post:export')")
+    @SaCheckPermission("system:post:export")
     @GetMapping("/export")
     public void export(SysPost post, HttpServletResponse response)
     {
@@ -51,7 +51,7 @@ public class SysPostController extends BaseController
     /**
      * 根据岗位编号获取详细信息
      */
-    @PreAuthorize("@ss.hasPermi('system:post:query')")
+    @SaCheckPermission("system:post:query")
     @GetMapping(value = "/{postId}")
     public AjaxResult getInfo(@PathVariable Long postId)
     {
@@ -61,7 +61,7 @@ public class SysPostController extends BaseController
     /**
      * 新增岗位
      */
-    @PreAuthorize("@ss.hasPermi('system:post:add')")
+    @SaCheckPermission("system:post:add")
     @Log(title = "岗位管理", businessType = BusinessType.INSERT)
     @PostMapping
     public AjaxResult add(@Validated @RequestBody SysPost post)
@@ -74,14 +74,13 @@ public class SysPostController extends BaseController
         {
             return AjaxResult.error("新增岗位'" + post.getPostName() + "'失败，岗位编码已存在");
         }
-        post.setCreateBy(getUsername());
         return toAjax(postService.insertPost(post));
     }
 
     /**
      * 修改岗位
      */
-    @PreAuthorize("@ss.hasPermi('system:post:edit')")
+    @SaCheckPermission("system:post:edit")
     @Log(title = "岗位管理", businessType = BusinessType.UPDATE)
     @PutMapping
     public AjaxResult edit(@Validated @RequestBody SysPost post)
@@ -94,14 +93,13 @@ public class SysPostController extends BaseController
         {
             return AjaxResult.error("修改岗位'" + post.getPostName() + "'失败，岗位编码已存在");
         }
-        post.setUpdateBy(getUsername());
         return toAjax(postService.updatePost(post));
     }
 
     /**
      * 删除岗位
      */
-    @PreAuthorize("@ss.hasPermi('system:post:remove')")
+    @SaCheckPermission("system:post:remove")
     @Log(title = "岗位管理", businessType = BusinessType.DELETE)
     @DeleteMapping("/{postIds}")
     public AjaxResult remove(@PathVariable Long[] postIds)

ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysProfileController.java

@@ -5,9 +5,7 @@ import com.ruoyi.common.constant.UserConstants;
 import com.ruoyi.common.core.controller.BaseController;
 import com.ruoyi.common.core.domain.AjaxResult;
 import com.ruoyi.common.core.domain.entity.SysUser;
-import com.ruoyi.common.core.domain.model.LoginUser;
 import com.ruoyi.common.enums.BusinessType;
-import com.ruoyi.common.core.service.TokenService;
 import com.ruoyi.common.utils.SecurityUtils;
 import com.ruoyi.common.utils.StringUtils;
 import com.ruoyi.system.domain.SysOss;
@@ -33,9 +31,6 @@ public class SysProfileController extends BaseController
     @Autowired
     private ISysUserService userService;
 
-    @Autowired
-    private TokenService tokenService;
-
     @Autowired
 	private ISysOssService iSysOssService;
 
@@ -45,12 +40,11 @@ public class SysProfileController extends BaseController
     @GetMapping
     public AjaxResult profile()
     {
-        LoginUser loginUser = getLoginUser();
-        SysUser user = loginUser.getUser();
+        SysUser user = userService.getById(getUserId());
 		Map<String,Object> ajax = new HashMap<>();
 		ajax.put("user", user);
-        ajax.put("roleGroup", userService.selectUserRoleGroup(loginUser.getUsername()));
-        ajax.put("postGroup", userService.selectUserPostGroup(loginUser.getUsername()));
+        ajax.put("roleGroup", userService.selectUserRoleGroup(user.getUserName()));
+        ajax.put("postGroup", userService.selectUserPostGroup(user.getUserName()));
         return AjaxResult.success(ajax);
     }
 
@@ -71,18 +65,10 @@ public class SysProfileController extends BaseController
         {
             return AjaxResult.error("修改用户'" + user.getUserName() + "'失败，邮箱账号已存在");
         }
-        LoginUser loginUser = getLoginUser();
-        SysUser sysUser = loginUser.getUser();
-        user.setUserId(sysUser.getUserId());
+        user.setUserId(getUserId());
         user.setPassword(null);
         if (userService.updateUserProfile(user) > 0)
         {
-            // 更新缓存用户信息
-            sysUser.setNickName(user.getNickName());
-            sysUser.setPhonenumber(user.getPhonenumber());
-            sysUser.setEmail(user.getEmail());
-            sysUser.setSex(user.getSex());
-            tokenService.setLoginUser(loginUser);
             return AjaxResult.success();
         }
         return AjaxResult.error("修改个人信息异常，请联系管理员");
@@ -95,9 +81,9 @@ public class SysProfileController extends BaseController
     @PutMapping("/updatePwd")
     public AjaxResult updatePwd(String oldPassword, String newPassword)
     {
-        LoginUser loginUser = getLoginUser();
-        String userName = loginUser.getUsername();
-        String password = loginUser.getPassword();
+        SysUser user = SecurityUtils.getUser();
+        String userName = user.getUserName();
+        String password = user.getPassword();
         if (!SecurityUtils.matchesPassword(oldPassword, password))
         {
             return AjaxResult.error("修改密码失败，旧密码错误");
@@ -108,9 +94,6 @@ public class SysProfileController extends BaseController
         }
         if (userService.resetUserPwd(userName, SecurityUtils.encryptPassword(newPassword)) > 0)
         {
-            // 更新缓存用户密码
-            loginUser.getUser().setPassword(SecurityUtils.encryptPassword(newPassword));
-            tokenService.setLoginUser(loginUser);
             return AjaxResult.success();
         }
         return AjaxResult.error("修改密码异常，请联系管理员");
@@ -125,16 +108,13 @@ public class SysProfileController extends BaseController
     {
         if (!file.isEmpty())
         {
-            LoginUser loginUser = getLoginUser();
+            SysUser user = SecurityUtils.getUser();
 			SysOss oss = iSysOssService.upload(file);
 			String avatar = oss.getUrl();
-            if (userService.updateUserAvatar(loginUser.getUsername(), avatar))
+            if (userService.updateUserAvatar(user.getUserName(), avatar))
             {
 				Map<String,Object> ajax = new HashMap<>();
                 ajax.put("imgUrl", avatar);
-                // 更新缓存用户头像
-                loginUser.getUser().setAvatar(avatar);
-                tokenService.setLoginUser(loginUser);
                 return AjaxResult.success(ajax);
             }
         }

ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRoleController.java

@@ -1,23 +1,19 @@
 package com.ruoyi.web.controller.system;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.constant.UserConstants;
 import com.ruoyi.common.core.controller.BaseController;
 import com.ruoyi.common.core.domain.AjaxResult;
 import com.ruoyi.common.core.domain.entity.SysRole;
 import com.ruoyi.common.core.domain.entity.SysUser;
-import com.ruoyi.common.core.domain.model.LoginUser;
 import com.ruoyi.common.core.page.TableDataInfo;
 import com.ruoyi.common.enums.BusinessType;
-import com.ruoyi.common.core.service.TokenService;
-import com.ruoyi.common.utils.StringUtils;
 import com.ruoyi.common.utils.poi.ExcelUtil;
 import com.ruoyi.system.domain.SysUserRole;
 import com.ruoyi.system.service.ISysRoleService;
 import com.ruoyi.system.service.ISysUserService;
-import com.ruoyi.system.service.SysPermissionService;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
@@ -36,16 +32,10 @@ public class SysRoleController extends BaseController
     @Autowired
     private ISysRoleService roleService;
 
-    @Autowired
-    private TokenService tokenService;
-
-    @Autowired
-    private SysPermissionService permissionService;
-
     @Autowired
     private ISysUserService userService;
 
-    @PreAuthorize("@ss.hasPermi('system:role:list')")
+    @SaCheckPermission("system:role:list")
     @GetMapping("/list")
     public TableDataInfo list(SysRole role)
     {
@@ -53,7 +43,7 @@ public class SysRoleController extends BaseController
     }
 
     @Log(title = "角色管理", businessType = BusinessType.EXPORT)
-    @PreAuthorize("@ss.hasPermi('system:role:export')")
+    @SaCheckPermission("system:role:export")
     @GetMapping("/export")
     public void export(SysRole role, HttpServletResponse response)
     {
@@ -64,7 +54,7 @@ public class SysRoleController extends BaseController
     /**
      * 根据角色编号获取详细信息
      */
-    @PreAuthorize("@ss.hasPermi('system:role:query')")
+    @SaCheckPermission("system:role:query")
     @GetMapping(value = "/{roleId}")
     public AjaxResult getInfo(@PathVariable Long roleId)
     {
@@ -75,7 +65,7 @@ public class SysRoleController extends BaseController
     /**
      * 新增角色
      */
-    @PreAuthorize("@ss.hasPermi('system:role:add')")
+    @SaCheckPermission("system:role:add")
     @Log(title = "角色管理", businessType = BusinessType.INSERT)
     @PostMapping
     public AjaxResult add(@Validated @RequestBody SysRole role)
@@ -88,7 +78,6 @@ public class SysRoleController extends BaseController
         {
             return AjaxResult.error("新增角色'" + role.getRoleName() + "'失败，角色权限已存在");
         }
-        role.setCreateBy(getUsername());
         return toAjax(roleService.insertRole(role));
 
     }
@@ -96,7 +85,7 @@ public class SysRoleController extends BaseController
     /**
      * 修改保存角色
      */
-    @PreAuthorize("@ss.hasPermi('system:role:edit')")
+    @SaCheckPermission("system:role:edit")
     @Log(title = "角色管理", businessType = BusinessType.UPDATE)
     @PutMapping
     public AjaxResult edit(@Validated @RequestBody SysRole role)
@@ -110,18 +99,9 @@ public class SysRoleController extends BaseController
         {
             return AjaxResult.error("修改角色'" + role.getRoleName() + "'失败，角色权限已存在");
         }
-        role.setUpdateBy(getUsername());
 
         if (roleService.updateRole(role) > 0)
         {
-            // 更新缓存用户权限
-            LoginUser loginUser = getLoginUser();
-            if (StringUtils.isNotNull(loginUser.getUser()) && !loginUser.getUser().isAdmin())
-            {
-                loginUser.setPermissions(permissionService.getMenuPermission(loginUser.getUser()));
-                loginUser.setUser(userService.selectUserByUserName(loginUser.getUser().getUserName()));
-                tokenService.setLoginUser(loginUser);
-            }
             return AjaxResult.success();
         }
         return AjaxResult.error("修改角色'" + role.getRoleName() + "'失败，请联系管理员");
@@ -130,7 +110,7 @@ public class SysRoleController extends BaseController
     /**
      * 修改保存数据权限
      */
-    @PreAuthorize("@ss.hasPermi('system:role:edit')")
+    @SaCheckPermission("system:role:edit")
     @Log(title = "角色管理", businessType = BusinessType.UPDATE)
     @PutMapping("/dataScope")
     public AjaxResult dataScope(@RequestBody SysRole role)
@@ -142,20 +122,19 @@ public class SysRoleController extends BaseController
     /**
      * 状态修改
      */
-    @PreAuthorize("@ss.hasPermi('system:role:edit')")
+    @SaCheckPermission("system:role:edit")
     @Log(title = "角色管理", businessType = BusinessType.UPDATE)
     @PutMapping("/changeStatus")
     public AjaxResult changeStatus(@RequestBody SysRole role)
     {
         roleService.checkRoleAllowed(role);
-        role.setUpdateBy(getUsername());
         return toAjax(roleService.updateRoleStatus(role));
     }
 
     /**
      * 删除角色
      */
-    @PreAuthorize("@ss.hasPermi('system:role:remove')")
+    @SaCheckPermission("system:role:remove")
     @Log(title = "角色管理", businessType = BusinessType.DELETE)
     @DeleteMapping("/{roleIds}")
     public AjaxResult remove(@PathVariable Long[] roleIds)
@@ -166,7 +145,7 @@ public class SysRoleController extends BaseController
     /**
      * 获取角色选择框列表
      */
-    @PreAuthorize("@ss.hasPermi('system:role:query')")
+    @SaCheckPermission("system:role:query")
     @GetMapping("/optionselect")
     public AjaxResult optionselect()
     {
@@ -176,7 +155,7 @@ public class SysRoleController extends BaseController
     /**
      * 查询已分配用户角色列表
      */
-    @PreAuthorize("@ss.hasPermi('system:role:list')")
+    @SaCheckPermission("system:role:list")
     @GetMapping("/authUser/allocatedList")
     public TableDataInfo allocatedList(SysUser user)
     {
@@ -186,7 +165,7 @@ public class SysRoleController extends BaseController
     /**
      * 查询未分配用户角色列表
      */
-    @PreAuthorize("@ss.hasPermi('system:role:list')")
+    @SaCheckPermission("system:role:list")
     @GetMapping("/authUser/unallocatedList")
     public TableDataInfo unallocatedList(SysUser user)
     {
@@ -196,7 +175,7 @@ public class SysRoleController extends BaseController
     /**
      * 取消授权用户
      */
-    @PreAuthorize("@ss.hasPermi('system:role:edit')")
+    @SaCheckPermission("system:role:edit")
     @Log(title = "角色管理", businessType = BusinessType.GRANT)
     @PutMapping("/authUser/cancel")
     public AjaxResult cancelAuthUser(@RequestBody SysUserRole userRole)
@@ -207,7 +186,7 @@ public class SysRoleController extends BaseController
     /**
      * 批量取消授权用户
      */
-    @PreAuthorize("@ss.hasPermi('system:role:edit')")
+    @SaCheckPermission("system:role:edit")
     @Log(title = "角色管理", businessType = BusinessType.GRANT)
     @PutMapping("/authUser/cancelAll")
     public AjaxResult cancelAuthUserAll(Long roleId, Long[] userIds)
@@ -218,7 +197,7 @@ public class SysRoleController extends BaseController
     /**
      * 批量选择用户授权
      */
-    @PreAuthorize("@ss.hasPermi('system:role:edit')")
+    @SaCheckPermission("system:role:edit")
     @Log(title = "角色管理", businessType = BusinessType.GRANT)
     @PutMapping("/authUser/selectAll")
     public AjaxResult selectAuthUserAll(Long roleId, Long[] userIds)

ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java

@@ -1,5 +1,6 @@
 package com.ruoyi.web.controller.system;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import cn.hutool.core.bean.BeanUtil;
 import cn.hutool.core.util.ArrayUtil;
 import cn.hutool.core.util.ObjectUtil;
@@ -21,7 +22,6 @@ import com.ruoyi.system.service.ISysPostService;
 import com.ruoyi.system.service.ISysRoleService;
 import com.ruoyi.system.service.ISysUserService;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.multipart.MultipartFile;
@@ -54,7 +54,7 @@ public class SysUserController extends BaseController
     /**
      * 获取用户列表
      */
-    @PreAuthorize("@ss.hasPermi('system:user:list')")
+    @SaCheckPermission("system:user:list")
     @GetMapping("/list")
     public TableDataInfo list(SysUser user)
     {
@@ -62,7 +62,7 @@ public class SysUserController extends BaseController
     }
 
     @Log(title = "用户管理", businessType = BusinessType.EXPORT)
-    @PreAuthorize("@ss.hasPermi('system:user:export')")
+    @SaCheckPermission("system:user:export")
     @GetMapping("/export")
     public void export(SysUser user, HttpServletResponse response)
     {
@@ -80,13 +80,13 @@ public class SysUserController extends BaseController
     }
 
     @Log(title = "用户管理", businessType = BusinessType.IMPORT)
-    @PreAuthorize("@ss.hasPermi('system:user:import')")
+    @SaCheckPermission("system:user:import")
     @PostMapping("/importData")
     public AjaxResult importData(MultipartFile file, boolean updateSupport) throws Exception
     {
 		List<SysUserImportVo> userListVo = ExcelUtil.importExcel(file.getInputStream(), SysUserImportVo.class);
 		List<SysUser> userList = BeanUtil.copyToList(userListVo, SysUser.class);
-        String operName = getUsername();
+        String operName = userService.getById(getUserId()).getUserName();
         String message = userService.importUser(userList, updateSupport, operName);
         return AjaxResult.success(message);
     }
@@ -100,7 +100,7 @@ public class SysUserController extends BaseController
     /**
      * 根据用户编号获取详细信息
      */
-    @PreAuthorize("@ss.hasPermi('system:user:query')")
+    @SaCheckPermission("system:user:query")
     @GetMapping(value = { "/", "/{userId}" })
     public AjaxResult getInfo(@PathVariable(value = "userId", required = false) Long userId)
     {
@@ -121,7 +121,7 @@ public class SysUserController extends BaseController
     /**
      * 新增用户
      */
-    @PreAuthorize("@ss.hasPermi('system:user:add')")
+    @SaCheckPermission("system:user:add")
     @Log(title = "用户管理", businessType = BusinessType.INSERT)
     @PostMapping
     public AjaxResult add(@Validated @RequestBody SysUser user)
@@ -140,7 +140,6 @@ public class SysUserController extends BaseController
         {
             return AjaxResult.error("新增用户'" + user.getUserName() + "'失败，邮箱账号已存在");
         }
-        user.setCreateBy(getUsername());
         user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
         return toAjax(userService.insertUser(user));
     }
@@ -148,7 +147,7 @@ public class SysUserController extends BaseController
     /**
      * 修改用户
      */
-    @PreAuthorize("@ss.hasPermi('system:user:edit')")
+    @SaCheckPermission("system:user:edit")
     @Log(title = "用户管理", businessType = BusinessType.UPDATE)
     @PutMapping
     public AjaxResult edit(@Validated @RequestBody SysUser user)
@@ -164,14 +163,13 @@ public class SysUserController extends BaseController
         {
             return AjaxResult.error("修改用户'" + user.getUserName() + "'失败，邮箱账号已存在");
         }
-        user.setUpdateBy(getUsername());
         return toAjax(userService.updateUser(user));
     }
 
     /**
      * 删除用户
      */
-    @PreAuthorize("@ss.hasPermi('system:user:remove')")
+    @SaCheckPermission("system:user:remove")
     @Log(title = "用户管理", businessType = BusinessType.DELETE)
     @DeleteMapping("/{userIds}")
     public AjaxResult remove(@PathVariable Long[] userIds)
@@ -186,34 +184,32 @@ public class SysUserController extends BaseController
     /**
      * 重置密码
      */
-    @PreAuthorize("@ss.hasPermi('system:user:resetPwd')")
+    @SaCheckPermission("system:user:resetPwd")
     @Log(title = "用户管理", businessType = BusinessType.UPDATE)
     @PutMapping("/resetPwd")
     public AjaxResult resetPwd(@RequestBody SysUser user)
     {
         userService.checkUserAllowed(user);
         user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
-        user.setUpdateBy(getUsername());
         return toAjax(userService.resetPwd(user));
     }
 
     /**
      * 状态修改
      */
-    @PreAuthorize("@ss.hasPermi('system:user:edit')")
+    @SaCheckPermission("system:user:edit")
     @Log(title = "用户管理", businessType = BusinessType.UPDATE)
     @PutMapping("/changeStatus")
     public AjaxResult changeStatus(@RequestBody SysUser user)
     {
         userService.checkUserAllowed(user);
-        user.setUpdateBy(getUsername());
         return toAjax(userService.updateUserStatus(user));
     }
 
     /**
      * 根据用户编号获取授权角色
      */
-    @PreAuthorize("@ss.hasPermi('system:user:query')")
+    @SaCheckPermission("system:user:query")
     @GetMapping("/authRole/{userId}")
     public AjaxResult authRole(@PathVariable("userId") Long userId)
     {
@@ -228,7 +224,7 @@ public class SysUserController extends BaseController
     /**
      * 用户授权角色
      */
-    @PreAuthorize("@ss.hasPermi('system:user:edit')")
+    @SaCheckPermission("system:user:edit")
     @Log(title = "用户管理", businessType = BusinessType.GRANT)
     @PutMapping("/authRole")
     public AjaxResult insertAuthRole(Long userId, Long[] roleIds)

ruoyi-admin/src/main/resources/application.yml

@@ -97,14 +97,24 @@ spring:
       # 允许对象忽略json中不存在的属性
       fail_on_unknown_properties: false
 
-# token配置
-token:
-  # 令牌自定义标识
-  header: Authorization
-  # 令牌密钥
-  secret: abcdefghijklmnopqrstuvwxyz
-  # 令牌有效期（默认30分钟）
-  expireTime: 30
+# Sa-Token配置
+sa-token:
+  # token名称 (同时也是cookie名称)
+  token-name: Authorization
+  # token有效期，单位s 默认30天, -1代表永不过期
+  timeout: 2592000
+  # token临时有效期 (指定时间内无操作就视为token过期) 单位: 秒
+  activity-timeout: 1800
+  # 是否允许同一账号并发登录 (为true时允许一起登录, 为false时新登录挤掉旧登录)
+  is-concurrent: true
+  # 在多人登录同一账号时，是否共用一个token (为true时所有登录共用一个token, 为false时每次登录新建一个token)
+  is-share: false
+  # token前缀
+  token-prefix: "Bearer"
+  # token风格
+  token-style: random-128
+  # 是否输出操作日志
+  is-log: true
 
 # 重复提交
 repeat-submit:

ruoyi-common/pom.xml

@@ -29,10 +29,20 @@
             <artifactId>spring-web</artifactId>
         </dependency>
 
-        <!-- spring security 安全认证 -->
+        <!-- Sa-Token 权限认证, 在线文档：http://sa-token.dev33.cn/ -->
         <dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-security</artifactId>
+            <groupId>cn.dev33</groupId>
+            <artifactId>sa-token-spring-boot-starter</artifactId>
+        </dependency>
+        <!-- Sa-Token 整合 Redis （使用jackson序列化方式） -->
+        <dependency>
+            <groupId>cn.dev33</groupId>
+            <artifactId>sa-token-dao-redis-jackson</artifactId>
+        </dependency>
+        <!-- Sa-Token整合SpringAOP实现注解鉴权 -->
+        <dependency>
+            <groupId>cn.dev33</groupId>
+            <artifactId>sa-token-spring-aop</artifactId>
         </dependency>
 
         <!-- 自定义验证注解 -->
@@ -70,11 +80,11 @@
             <artifactId>snakeyaml</artifactId>
         </dependency>
 
-        <!--Token生成与解析-->
-        <dependency>
-            <groupId>io.jsonwebtoken</groupId>
-            <artifactId>jjwt</artifactId>
-        </dependency>
+<!--        &lt;!&ndash;Token生成与解析&ndash;&gt;-->
+<!--        <dependency>-->
+<!--            <groupId>io.jsonwebtoken</groupId>-->
+<!--            <artifactId>jjwt</artifactId>-->
+<!--        </dependency>-->
 
         <!-- redis 缓存操作 -->
         <dependency>

ruoyi-common/src/main/java/com/ruoyi/common/constant/Constants.java

@@ -1,7 +1,5 @@
 package com.ruoyi.common.constant;
 
-import io.jsonwebtoken.Claims;
-
 /**
  * 通用常量信息
  *
@@ -69,6 +67,11 @@ public class Constants
      */
     public static final String LOGIN_TOKEN_KEY = "login_tokens:";
 
+    /**
+     * 在线用户 redis key
+     */
+    public static final String ONLINE_TOKEN_KEY = "online_tokens:";
+
     /**
      * 防重提交 redis key
      */
@@ -89,41 +92,11 @@ public class Constants
      */
     public static final String TOKEN = "token";
 
-    /**
-     * 令牌前缀
-     */
-    public static final String TOKEN_PREFIX = "Bearer ";
-
     /**
      * 令牌前缀
      */
     public static final String LOGIN_USER_KEY = "login_user_key";
 
-    /**
-     * 用户ID
-     */
-    public static final String JWT_USERID = "userid";
-
-    /**
-     * 用户名称
-     */
-    public static final String JWT_USERNAME = Claims.SUBJECT;
-
-    /**
-     * 用户头像
-     */
-    public static final String JWT_AVATAR = "avatar";
-
-    /**
-     * 创建时间
-     */
-    public static final String JWT_CREATED = "created";
-
-    /**
-     * 用户权限
-     */
-    public static final String JWT_AUTHORITIES = "authorities";
-
     /**
      * 参数管理 cache key
      */

ruoyi-common/src/main/java/com/ruoyi/common/core/controller/BaseController.java

@@ -1,7 +1,7 @@
 package com.ruoyi.common.core.controller;
 
 import com.ruoyi.common.core.domain.AjaxResult;
-import com.ruoyi.common.core.domain.model.LoginUser;
+import com.ruoyi.common.core.domain.entity.SysUser;
 import com.ruoyi.common.utils.SecurityUtils;
 import com.ruoyi.common.utils.StringUtils;
 import org.slf4j.Logger;
@@ -81,17 +81,16 @@ public class BaseController
     /**
      * 获取用户缓存信息
      */
-    public LoginUser getLoginUser()
+    public SysUser getUser()
     {
-        return SecurityUtils.getLoginUser();
+        return SecurityUtils.getUser();
     }
 
     /**
      * 获取登录用户id
      */
-    public Long getUserId()
-    {
-        return getLoginUser().getUserId();
+    public Long getUserId() {
+        return SecurityUtils.getUserId();
     }
 
     /**
@@ -99,7 +98,7 @@ public class BaseController
      */
     public Long getDeptId()
     {
-        return getLoginUser().getDeptId();
+        return SecurityUtils.getDeptId();
     }
 
     /**
@@ -107,6 +106,6 @@ public class BaseController
      */
     public String getUsername()
     {
-        return getLoginUser().getUsername();
+        return SecurityUtils.getUsername();
     }
 }

ruoyi-common/src/main/java/com/ruoyi/common/core/domain/dto/UserOnlineDTO.java

@@ -0,0 +1,62 @@
+package com.ruoyi.common.core.domain.dto;
+
+import lombok.Data;
+import lombok.NoArgsConstructor;
+import lombok.experimental.Accessors;
+
+import java.io.Serializable;
+
+/**
+ * 当前在线会话
+ *
+ * @author ruoyi
+ */
+
+@Data
+@NoArgsConstructor
+@Accessors(chain = true)
+public class UserOnlineDTO implements Serializable {
+
+    private static final long serialVersionUID = 1L;
+
+    /**
+     * 会话编号
+     */
+    private String tokenId;
+
+    /**
+     * 部门名称
+     */
+    private String deptName;
+
+    /**
+     * 用户名称
+     */
+    private String userName;
+
+    /**
+     * 登录IP地址
+     */
+    private String ipaddr;
+
+    /**
+     * 登录地址
+     */
+    private String loginLocation;
+
+    /**
+     * 浏览器类型
+     */
+    private String browser;
+
+    /**
+     * 操作系统
+     */
+    private String os;
+
+    /**
+     * 登录时间
+     */
+    private Long loginTime;
+
+}

ruoyi-common/src/main/java/com/ruoyi/common/core/domain/model/LoginUser.java

@@ -1,159 +0,0 @@
-package com.ruoyi.common.core.domain.model;
-
-import com.fasterxml.jackson.annotation.JsonIgnore;
-import com.ruoyi.common.core.domain.entity.SysUser;
-import lombok.*;
-import lombok.experimental.Accessors;
-import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.userdetails.UserDetails;
-
-import java.util.Collection;
-import java.util.Set;
-
-/**
- * 登录用户身份权限
- *
- * @author ruoyi
- */
-
-@Data
-@NoArgsConstructor
-@Accessors(chain = true)
-public class LoginUser implements UserDetails
-{
-    private static final long serialVersionUID = 1L;
-
-    /**
-     * 用户ID
-     */
-    private Long userId;
-
-    /**
-     * 部门ID
-     */
-    private Long deptId;
-
-    /**
-     * 用户唯一标识
-     */
-    private String token;
-
-    /**
-     * 登录时间
-     */
-    private Long loginTime;
-
-    /**
-     * 过期时间
-     */
-    private Long expireTime;
-
-    /**
-     * 登录IP地址
-     */
-    private String ipaddr;
-
-    /**
-     * 登录地点
-     */
-    private String loginLocation;
-
-    /**
-     * 浏览器类型
-     */
-    private String browser;
-
-    /**
-     * 操作系统
-     */
-    private String os;
-
-    /**
-     * 权限列表
-     */
-    private Set<String> permissions;
-
-    /**
-     * 用户信息
-     */
-    private SysUser user;
-
-    public LoginUser(SysUser user, Set<String> permissions)
-    {
-        this.user = user;
-        this.permissions = permissions;
-    }
-
-    public LoginUser(Long userId, Long deptId, SysUser user, Set<String> permissions)
-    {
-        this.userId = userId;
-        this.deptId = deptId;
-        this.user = user;
-        this.permissions = permissions;
-    }
-
-    @JsonIgnore
-    @Override
-    public String getPassword()
-    {
-        return user.getPassword();
-    }
-
-    @Override
-    public String getUsername()
-    {
-        return user.getUserName();
-    }
-
-    /**
-     * 账户是否未过期,过期无法验证
-     */
-    @JsonIgnore
-    @Override
-    public boolean isAccountNonExpired()
-    {
-        return true;
-    }
-
-    /**
-     * 指定用户是否解锁,锁定的用户无法进行身份验证
-     *
-     * @return
-     */
-    @JsonIgnore
-    @Override
-    public boolean isAccountNonLocked()
-    {
-        return true;
-    }
-
-    /**
-     * 指示是否已过期的用户的凭据(密码),过期的凭据防止认证
-     *
-     * @return
-     */
-    @JsonIgnore
-    @Override
-    public boolean isCredentialsNonExpired()
-    {
-        return true;
-    }
-
-    /**
-     * 是否可用 ,禁用的用户不能身份验证
-     *
-     * @return
-     */
-    @JsonIgnore
-    @Override
-    public boolean isEnabled()
-    {
-        return true;
-    }
-
-    @Override
-    public Collection<? extends GrantedAuthority> getAuthorities()
-    {
-        return null;
-    }
-}

ruoyi-common/src/main/java/com/ruoyi/common/core/service/IUserService.java

@@ -0,0 +1,28 @@
+package com.ruoyi.common.core.service;
+
+import com.ruoyi.common.core.domain.entity.SysUser;
+
+/**
+ * 用户 业务层
+ *
+ * @author ruoyi
+ */
+public interface IUserService {
+
+    /**
+     * 通过用户名查询用户
+     *
+     * @param userName 用户名
+     * @return 用户对象信息
+     */
+    public SysUser selectUserByUserName(String userName);
+
+    /**
+     * 通过用户ID查询用户
+     *
+     * @param userId 用户ID
+     * @return 用户对象信息
+     */
+    public SysUser selectUserById(Long userId);
+
+}

ruoyi-common/src/main/java/com/ruoyi/common/core/service/TokenService.java

@@ -1,69 +0,0 @@
-package com.ruoyi.common.core.service;
-
-import com.ruoyi.common.core.domain.model.LoginUser;
-
-import javax.servlet.http.HttpServletRequest;
-
-/**
- * token验证处理
- *
- * @author Lion Li
- */
-public interface TokenService {
-
-    /**
-     * 获取用户身份信息
-     *
-     * @return 用户信息
-     */
-     LoginUser getLoginUser(HttpServletRequest request);
-
-    /**
-     * 设置用户身份信息
-     */
-    void setLoginUser(LoginUser loginUser);
-
-    /**
-     * 删除用户身份信息
-     */
-    void delLoginUser(String token);
-
-    /**
-     * 创建令牌
-     *
-     * @param loginUser 用户信息
-     * @return 令牌
-     */
-    String createToken(LoginUser loginUser);
-
-    /**
-     * 验证令牌有效期，相差不足20分钟，自动刷新缓存
-     *
-     * @param loginUser
-     * @return 令牌
-     */
-    void verifyToken(LoginUser loginUser);
-
-    /**
-     * 刷新令牌有效期
-     *
-     * @param loginUser 登录信息
-     */
-    void refreshToken(LoginUser loginUser);
-
-    /**
-     * 设置用户代理信息
-     *
-     * @param loginUser 登录信息
-     */
-    void setUserAgent(LoginUser loginUser);
-
-    /**
-     * 从令牌中获取用户名
-     *
-     * @param token 令牌
-     * @return 用户名
-     */
-    String getUsernameFromToken(String token);
-
-}

ruoyi-common/src/main/java/com/ruoyi/common/properties/TokenProperties.java

@@ -1,31 +0,0 @@
-package com.ruoyi.common.properties;
-
-import lombok.Data;
-import org.springframework.boot.context.properties.ConfigurationProperties;
-import org.springframework.stereotype.Component;
-
-/**
- * token 配置属性
- *
- * @author Lion Li
- */
-@Data
-@Component
-@ConfigurationProperties(prefix = "token")
-public class TokenProperties {
-
-    /**
-     * 令牌自定义标识
-     */
-    private String header;
-
-    /**
-     * 令牌秘钥
-     */
-    private String secret;
-
-    /**
-     * 令牌有效期（默认30分钟）
-     */
-    private int expireTime;
-}

ruoyi-common/src/main/java/com/ruoyi/common/utils/SecurityUtils.java

@@ -1,11 +1,12 @@
 package com.ruoyi.common.utils;
 
+import cn.dev33.satoken.stp.StpUtil;
 import cn.hutool.http.HttpStatus;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
-import com.ruoyi.common.core.domain.model.LoginUser;
+import com.ruoyi.common.core.domain.entity.SysUser;
+import com.ruoyi.common.core.service.IUserService;
 import com.ruoyi.common.exception.ServiceException;
+import com.ruoyi.common.utils.spring.SpringUtils;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 
 /**
  * 安全服务工具类
@@ -19,14 +20,7 @@ public class SecurityUtils
      **/
     public static Long getUserId()
     {
-        try
-        {
-            return getLoginUser().getUserId();
-        }
-        catch (Exception e)
-        {
-            throw new ServiceException("获取用户ID异常", HttpStatus.HTTP_UNAUTHORIZED);
-        }
+        return StpUtil.getLoginIdAsLong();
     }
 
     /**
@@ -36,7 +30,7 @@ public class SecurityUtils
     {
         try
         {
-            return getLoginUser().getDeptId();
+            return getUser().getDeptId();
         }
         catch (Exception e)
         {
@@ -51,7 +45,7 @@ public class SecurityUtils
     {
         try
         {
-            return getLoginUser().getUsername();
+            return getUser().getUserName();
         }
         catch (Exception e)
         {
@@ -62,11 +56,11 @@ public class SecurityUtils
     /**
      * 获取用户
      **/
-    public static LoginUser getLoginUser()
+    public static SysUser getUser()
     {
         try
         {
-            return (LoginUser) getAuthentication().getPrincipal();
+            return SpringUtils.getBean(IUserService.class).selectUserById(getUserId());
         }
         catch (Exception e)
         {
@@ -74,14 +68,6 @@ public class SecurityUtils
         }
     }
 
-    /**
-     * 获取Authentication
-     */
-    public static Authentication getAuthentication()
-    {
-        return SecurityContextHolder.getContext().getAuthentication();
-    }
-
     /**
      * 生成BCryptPasswordEncoder密码
      *

ruoyi-demo/src/main/java/com/ruoyi/demo/controller/TestDemoController.java

@@ -1,5 +1,6 @@
 package com.ruoyi.demo.controller;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.annotation.RepeatSubmit;
 import com.ruoyi.common.core.controller.BaseController;
@@ -17,7 +18,6 @@ import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.RequiredArgsConstructor;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
@@ -47,7 +47,7 @@ public class TestDemoController extends BaseController {
      * 查询测试单表列表
      */
     @ApiOperation("查询测试单表列表")
-    @PreAuthorize("@ss.hasPermi('demo:demo:list')")
+    @SaCheckPermission("demo:demo:list")
     @GetMapping("/list")
     public TableDataInfo<TestDemoVo> list(@Validated(QueryGroup.class) TestDemoBo bo) {
         return iTestDemoService.queryPageList(bo);
@@ -57,7 +57,7 @@ public class TestDemoController extends BaseController {
 	 * 自定义分页查询
 	 */
 	@ApiOperation("自定义分页查询")
-	@PreAuthorize("@ss.hasPermi('demo:demo:list')")
+	@SaCheckPermission("demo:demo:list")
 	@GetMapping("/page")
 	public TableDataInfo<TestDemoVo> page(@Validated TestDemoBo bo) {
 		return iTestDemoService.customPageList(bo);
@@ -67,7 +67,7 @@ public class TestDemoController extends BaseController {
      * 导出测试单表列表
      */
     @ApiOperation("导出测试单表列表")
-    @PreAuthorize("@ss.hasPermi('demo:demo:export')")
+    @SaCheckPermission("demo:demo:export")
     @Log(title = "测试单表", businessType = BusinessType.EXPORT)
     @GetMapping("/export")
     public void export(@Validated TestDemoBo bo, HttpServletResponse response) {
@@ -83,7 +83,7 @@ public class TestDemoController extends BaseController {
      * 获取测试单表详细信息
      */
     @ApiOperation("获取测试单表详细信息")
-    @PreAuthorize("@ss.hasPermi('demo:demo:query')")
+    @SaCheckPermission("demo:demo:query")
     @GetMapping("/{id}")
     public AjaxResult<TestDemoVo> getInfo(@NotNull(message = "主键不能为空")
                                                   @PathVariable("id") Long id) {
@@ -94,7 +94,7 @@ public class TestDemoController extends BaseController {
      * 新增测试单表
      */
     @ApiOperation("新增测试单表")
-    @PreAuthorize("@ss.hasPermi('demo:demo:add')")
+    @SaCheckPermission("demo:demo:add")
     @Log(title = "测试单表", businessType = BusinessType.INSERT)
     @RepeatSubmit(interval = 2, timeUnit = TimeUnit.SECONDS, message = "不允许重复提交")
     @PostMapping()
@@ -106,7 +106,7 @@ public class TestDemoController extends BaseController {
      * 修改测试单表
      */
     @ApiOperation("修改测试单表")
-    @PreAuthorize("@ss.hasPermi('demo:demo:edit')")
+    @SaCheckPermission("demo:demo:edit")
     @Log(title = "测试单表", businessType = BusinessType.UPDATE)
     @RepeatSubmit
     @PutMapping()
@@ -118,7 +118,7 @@ public class TestDemoController extends BaseController {
      * 删除测试单表
      */
     @ApiOperation("删除测试单表")
-    @PreAuthorize("@ss.hasPermi('demo:demo:remove')")
+    @SaCheckPermission("demo:demo:remove")
     @Log(title = "测试单表" , businessType = BusinessType.DELETE)
     @DeleteMapping("/{ids}")
     public AjaxResult<Void> remove(@NotEmpty(message = "主键不能为空")

ruoyi-demo/src/main/java/com/ruoyi/demo/controller/TestTreeController.java

@@ -1,5 +1,6 @@
 package com.ruoyi.demo.controller;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.annotation.RepeatSubmit;
 import com.ruoyi.common.core.controller.BaseController;
@@ -16,7 +17,6 @@ import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.RequiredArgsConstructor;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
@@ -45,7 +45,7 @@ public class TestTreeController extends BaseController {
      * 查询测试树表列表
      */
     @ApiOperation("查询测试树表列表")
-    @PreAuthorize("@ss.hasPermi('demo:tree:list')")
+    @SaCheckPermission("demo:tree:list")
     @GetMapping("/list")
     public AjaxResult<List<TestTreeVo>> list(@Validated(QueryGroup.class) TestTreeBo bo) {
         List<TestTreeVo> list = iTestTreeService.queryList(bo);
@@ -56,7 +56,7 @@ public class TestTreeController extends BaseController {
      * 导出测试树表列表
      */
     @ApiOperation("导出测试树表列表")
-    @PreAuthorize("@ss.hasPermi('demo:tree:export')")
+    @SaCheckPermission("demo:tree:export")
     @Log(title = "测试树表", businessType = BusinessType.EXPORT)
     @GetMapping("/export")
     public void export(@Validated TestTreeBo bo, HttpServletResponse response) {
@@ -68,7 +68,7 @@ public class TestTreeController extends BaseController {
      * 获取测试树表详细信息
      */
     @ApiOperation("获取测试树表详细信息")
-    @PreAuthorize("@ss.hasPermi('demo:tree:query')")
+    @SaCheckPermission("demo:tree:query")
     @GetMapping("/{id}")
     public AjaxResult<TestTreeVo> getInfo(@NotNull(message = "主键不能为空")
                                                   @PathVariable("id") Long id) {
@@ -79,7 +79,7 @@ public class TestTreeController extends BaseController {
      * 新增测试树表
      */
     @ApiOperation("新增测试树表")
-    @PreAuthorize("@ss.hasPermi('demo:tree:add')")
+    @SaCheckPermission("demo:tree:add")
     @Log(title = "测试树表", businessType = BusinessType.INSERT)
     @RepeatSubmit
     @PostMapping()
@@ -91,7 +91,7 @@ public class TestTreeController extends BaseController {
      * 修改测试树表
      */
     @ApiOperation("修改测试树表")
-    @PreAuthorize("@ss.hasPermi('demo:tree:edit')")
+    @SaCheckPermission("demo:tree:edit")
     @Log(title = "测试树表", businessType = BusinessType.UPDATE)
     @RepeatSubmit
     @PutMapping()
@@ -103,7 +103,7 @@ public class TestTreeController extends BaseController {
      * 删除测试树表
      */
     @ApiOperation("删除测试树表")
-    @PreAuthorize("@ss.hasPermi('demo:tree:remove')")
+    @SaCheckPermission("demo:tree:remove")
     @Log(title = "测试树表" , businessType = BusinessType.DELETE)
     @DeleteMapping("/{ids}")
     public AjaxResult<Void> remove(@NotEmpty(message = "主键不能为空")

ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java

@@ -4,7 +4,6 @@ import com.ruoyi.common.annotation.DataScope;
 import com.ruoyi.common.core.domain.BaseEntity;
 import com.ruoyi.common.core.domain.entity.SysRole;
 import com.ruoyi.common.core.domain.entity.SysUser;
-import com.ruoyi.common.core.domain.model.LoginUser;
 import com.ruoyi.common.utils.SecurityUtils;
 import com.ruoyi.common.utils.StringUtils;
 import com.ruoyi.common.utils.reflect.ReflectUtils;
@@ -62,14 +61,11 @@ public class DataScopeAspect {
 
 	protected void handleDataScope(final JoinPoint joinPoint, DataScope controllerDataScope) {
 		// 获取当前的用户
-		LoginUser loginUser = SecurityUtils.getLoginUser();
-		if (StringUtils.isNotNull(loginUser)) {
-			SysUser currentUser = loginUser.getUser();
-			// 如果是超级管理员，则不过滤数据
-			if (StringUtils.isNotNull(currentUser) && !currentUser.isAdmin()) {
-				dataScopeFilter(joinPoint, currentUser, controllerDataScope.deptAlias(),
-					controllerDataScope.userAlias(), controllerDataScope.isUser());
-			}
+		SysUser currentUser = SecurityUtils.getUser();
+		// 如果是超级管理员，则不过滤数据
+		if (StringUtils.isNotNull(currentUser) && !currentUser.isAdmin()) {
+			dataScopeFilter(joinPoint, currentUser, controllerDataScope.deptAlias(),
+				controllerDataScope.userAlias(), controllerDataScope.isUser());
 		}
 	}
 

ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/LogAspect.java

@@ -2,7 +2,7 @@ package com.ruoyi.framework.aspectj;
 
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.core.domain.dto.OperLogDTO;
-import com.ruoyi.common.core.domain.model.LoginUser;
+import com.ruoyi.common.core.domain.entity.SysUser;
 import com.ruoyi.common.core.service.OperLogService;
 import com.ruoyi.common.enums.BusinessStatus;
 import com.ruoyi.common.enums.HttpMethod;
@@ -61,7 +61,7 @@ public class LogAspect {
         try {
 
             // 获取当前的用户
-            LoginUser loginUser = SecurityUtils.getLoginUser();
+            SysUser sysUser = SecurityUtils.getUser();
 
             // *========数据库日志=========*//
             OperLogDTO operLog = new OperLogDTO();
@@ -70,8 +70,8 @@ public class LogAspect {
             String ip = ServletUtils.getClientIP();
             operLog.setOperIp(ip);
             operLog.setOperUrl(ServletUtils.getRequest().getRequestURI());
-            if (loginUser != null) {
-                operLog.setOperName(loginUser.getUsername());
+            if (sysUser != null) {
+                operLog.setOperName(sysUser.getUserName());
             }
 
             if (e != null) {

ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/RepeatSubmitAspect.java

@@ -1,5 +1,6 @@
 package com.ruoyi.framework.aspectj;
 
+import cn.dev33.satoken.SaManager;
 import cn.hutool.core.util.StrUtil;
 import cn.hutool.crypto.SecureUtil;
 import com.baomidou.lock.LockInfo;
@@ -7,7 +8,6 @@ import com.baomidou.lock.LockTemplate;
 import com.ruoyi.common.annotation.RepeatSubmit;
 import com.ruoyi.common.constant.Constants;
 import com.ruoyi.common.exception.ServiceException;
-import com.ruoyi.common.properties.TokenProperties;
 import com.ruoyi.common.utils.ServletUtils;
 import com.ruoyi.common.utils.StringUtils;
 import com.ruoyi.framework.config.properties.RepeatSubmitProperties;
@@ -32,7 +32,6 @@ import javax.servlet.http.HttpServletRequest;
 @Component
 public class RepeatSubmitAspect {
 
-    private final TokenProperties tokenProperties;
     private final RepeatSubmitProperties repeatSubmitProperties;
     private final LockTemplate lockTemplate;
 
@@ -53,7 +52,7 @@ public class RepeatSubmitAspect {
         String url = request.getRequestURI();
 
         // 唯一值（没有消息头则使用请求地址）
-        String submitKey = request.getHeader(tokenProperties.getHeader());
+        String submitKey = request.getHeader(SaManager.getConfig().getTokenName());
         if (StringUtils.isEmpty(submitKey)) {
             submitKey = url;
         }

ruoyi-framework/src/main/java/com/ruoyi/framework/config/AsyncConfig.java

@@ -1,51 +0,0 @@
-package com.ruoyi.framework.config;
-
-import com.ruoyi.common.exception.ServiceException;
-import org.springframework.aop.interceptor.AsyncUncaughtExceptionHandler;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Qualifier;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.scheduling.annotation.AsyncConfigurerSupport;
-import org.springframework.scheduling.annotation.EnableAsync;
-import org.springframework.security.concurrent.DelegatingSecurityContextExecutorService;
-
-import java.util.Arrays;
-import java.util.concurrent.Executor;
-import java.util.concurrent.ScheduledExecutorService;
-
-/**
- * 异步配置
- *
- * @author Lion Li
- */
-@EnableAsync
-@Configuration
-public class AsyncConfig extends AsyncConfigurerSupport {
-
-	@Autowired
-	@Qualifier("scheduledExecutorService")
-	private ScheduledExecutorService scheduledExecutorService;
-
-    /**
-     * 异步执行需要使用权限框架自带的包装线程池  保证权限信息的传递
-     */
-    @Override
-    public Executor getAsyncExecutor() {
-        return new DelegatingSecurityContextExecutorService(scheduledExecutorService);
-    }
-
-    /**
-     * 异步执行异常处理
-     */
-    @Override
-    public AsyncUncaughtExceptionHandler getAsyncUncaughtExceptionHandler() {
-        return (throwable, method, objects) -> {
-            throwable.printStackTrace();
-            throw new ServiceException(
-                    "Exception message - " + throwable.getMessage()
-                    + ", Method name - " + method.getName()
-                    + ", Parameter value - " + Arrays.toString(objects));
-        };
-    }
-
-}

ruoyi-framework/src/main/java/com/ruoyi/framework/config/ResourcesConfig.java

@@ -1,13 +1,24 @@
 package com.ruoyi.framework.config;
 
+import cn.dev33.satoken.interceptor.SaAnnotationInterceptor;
+import cn.dev33.satoken.interceptor.SaRouteInterceptor;
+import cn.dev33.satoken.router.SaRouter;
+import cn.dev33.satoken.stp.StpUtil;
+import com.ruoyi.common.utils.SecurityUtils;
+import com.ruoyi.common.utils.StringUtils;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.web.cors.CorsConfiguration;
 import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
 import org.springframework.web.filter.CorsFilter;
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
 import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+
 /**
  * 通用配置
  *
@@ -16,6 +27,49 @@ import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 @Configuration
 public class ResourcesConfig implements WebMvcConfigurer {
 
+    // 注册sa-token的拦截器
+    @Override
+    public void addInterceptors(InterceptorRegistry registry) {
+        List<String> urlPath = Arrays.asList(
+                "/login",
+                "/logout",
+                "/captchaImage",
+                "/*.html",
+                "/**/*.html",
+                "/**/*.css",
+                "/**/*.js",
+                "/profile/**",
+                "/common/download**",
+                "/common/download/resource**",
+                "/swagger-ui.html",
+                "/swagger-resources/**",
+                "/webjars/**",
+                "/*/api-docs",
+                "/druid/**",
+                "/actuator",
+                "/actuator/**"
+        );
+        // 注册路由拦截器，自定义验证规则
+        registry.addInterceptor(new SaRouteInterceptor((request, response, handler) -> {
+            // 登录验证 -- 排除多个路径
+            SaRouter.match(
+                    //获取所有的
+                    Collections.singletonList("/**"),
+                    //排除下不需要拦截的
+                    urlPath,
+                    () -> {
+                        Long userId = SecurityUtils.getUserId();
+                        if(StringUtils.isNotNull(userId) ) {
+                            long tokenTimeout = StpUtil.getTokenTimeout();
+                            long tokenActivityTimeout = StpUtil.getTokenActivityTimeout();
+                            System.out.println("剩余有效时间: " + tokenTimeout);
+                            System.out.println("临时有效时间: " + tokenActivityTimeout);
+                        }
+                    });
+        })).addPathPatterns("/**");
+        registry.addInterceptor(new SaAnnotationInterceptor()).addPathPatterns("/**");
+    }
+
     @Override
     public void addResourceHandlers(ResourceHandlerRegistry registry) {
     }

ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java

@@ -1,146 +0,0 @@
-package com.ruoyi.framework.config;
-
-import com.ruoyi.framework.security.filter.JwtAuthenticationTokenFilter;
-import com.ruoyi.framework.security.handle.AuthenticationEntryPointImpl;
-import com.ruoyi.framework.security.handle.LogoutSuccessHandlerImpl;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.annotation.Bean;
-import org.springframework.http.HttpMethod;
-import org.springframework.security.authentication.AuthenticationManager;
-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
-import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.config.http.SessionCreationPolicy;
-import org.springframework.security.core.userdetails.UserDetailsService;
-import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
-import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
-import org.springframework.security.web.authentication.logout.LogoutFilter;
-import org.springframework.web.filter.CorsFilter;
-
-/**
- * spring security配置
- *
- * @author ruoyi
- */
-@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
-public class SecurityConfig extends WebSecurityConfigurerAdapter
-{
-    /**
-     * 自定义用户认证逻辑
-     */
-    @Autowired
-    private UserDetailsService userDetailsService;
-
-    /**
-     * 认证失败处理类
-     */
-    @Autowired
-    private AuthenticationEntryPointImpl unauthorizedHandler;
-
-    /**
-     * 退出处理类
-     */
-    @Autowired
-    private LogoutSuccessHandlerImpl logoutSuccessHandler;
-
-    /**
-     * token认证过滤器
-     */
-    @Autowired
-    private JwtAuthenticationTokenFilter authenticationTokenFilter;
-
-    /**
-     * 跨域过滤器
-     */
-    @Autowired
-    private CorsFilter corsFilter;
-
-    /**
-     * 解决 无法直接注入 AuthenticationManager
-     *
-     * @return
-     * @throws Exception
-     */
-    @Bean
-    @Override
-    public AuthenticationManager authenticationManagerBean() throws Exception
-    {
-        return super.authenticationManagerBean();
-    }
-
-    /**
-     * anyRequest          |   匹配所有请求路径
-     * access              |   SpringEl表达式结果为true时可以访问
-     * anonymous           |   匿名可以访问
-     * denyAll             |   用户不能访问
-     * fullyAuthenticated  |   用户完全认证可以访问（非remember-me下自动登录）
-     * hasAnyAuthority     |   如果有参数，参数表示权限，则其中任何一个权限可以访问
-     * hasAnyRole          |   如果有参数，参数表示角色，则其中任何一个角色可以访问
-     * hasAuthority        |   如果有参数，参数表示权限，则其权限可以访问
-     * hasIpAddress        |   如果有参数，参数表示IP地址，如果用户IP和参数匹配，则可以访问
-     * hasRole             |   如果有参数，参数表示角色，则其角色可以访问
-     * permitAll           |   用户可以任意访问
-     * rememberMe          |   允许通过remember-me登录的用户访问
-     * authenticated       |   用户登录后可访问
-     */
-    @Override
-    protected void configure(HttpSecurity httpSecurity) throws Exception
-    {
-        httpSecurity
-                // CSRF禁用，因为不使用session
-                .csrf().disable()
-                // 认证失败处理类
-                .exceptionHandling().authenticationEntryPoint(unauthorizedHandler).and()
-                // 基于token，所以不需要session
-                .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
-                // 过滤请求
-                .authorizeRequests()
-                // 对于登录login 注册register 验证码captchaImage 允许匿名访问
-                .antMatchers("/login", "/register", "/captchaImage").anonymous()
-                .antMatchers(
-                        HttpMethod.GET,
-                        "/",
-                        "/*.html",
-                        "/**/*.html",
-                        "/**/*.css",
-                        "/**/*.js"
-                ).permitAll()
-                .antMatchers("/doc.html").anonymous()
-                .antMatchers("/swagger-resources/**").anonymous()
-                .antMatchers("/webjars/**").anonymous()
-                .antMatchers("/*/api-docs").anonymous()
-                .antMatchers("/druid/**").anonymous()
-                // Spring Boot Actuator 的安全配置
-                .antMatchers("/actuator").anonymous()
-                .antMatchers("/actuator/**").anonymous()
-                // 除上面外的所有请求全部需要鉴权认证
-                .anyRequest().authenticated()
-                .and()
-                .headers().frameOptions().disable();
-        httpSecurity.logout().logoutUrl("/logout").logoutSuccessHandler(logoutSuccessHandler);
-        // 添加JWT filter
-        httpSecurity.addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);
-        // 添加CORS filter
-        httpSecurity.addFilterBefore(corsFilter, JwtAuthenticationTokenFilter.class);
-        httpSecurity.addFilterBefore(corsFilter, LogoutFilter.class);
-    }
-
-    /**
-     * 强散列哈希加密实现
-     */
-    @Bean
-    public BCryptPasswordEncoder bCryptPasswordEncoder()
-    {
-        return new BCryptPasswordEncoder();
-    }
-
-    /**
-     * 身份认证接口
-     */
-    @Override
-    protected void configure(AuthenticationManagerBuilder auth) throws Exception
-    {
-        auth.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder());
-    }
-}

ruoyi-framework/src/main/java/com/ruoyi/framework/mybatisplus/CreateAndUpdateMetaObjectHandler.java

@@ -2,7 +2,7 @@ package com.ruoyi.framework.mybatisplus;
 
 import cn.hutool.http.HttpStatus;
 import com.baomidou.mybatisplus.core.handlers.MetaObjectHandler;
-import com.ruoyi.common.core.domain.model.LoginUser;
+import com.ruoyi.common.core.domain.entity.SysUser;
 import com.ruoyi.common.exception.ServiceException;
 import com.ruoyi.common.utils.SecurityUtils;
 import lombok.extern.slf4j.Slf4j;
@@ -53,14 +53,14 @@ public class CreateAndUpdateMetaObjectHandler implements MetaObjectHandler {
 	 * 获取登录用户名
 	 */
 	private String getLoginUsername() {
-		LoginUser loginUser;
+		SysUser loginUser;
 		try {
-			loginUser = SecurityUtils.getLoginUser();
+			loginUser = SecurityUtils.getUser();
 		} catch (Exception e) {
 			log.warn("自动注入警告 => 用户未登录");
 			return null;
 		}
-		return loginUser.getUsername();
+		return loginUser.getUserName();
 	}
 
 }

ruoyi-framework/src/main/java/com/ruoyi/framework/satoken/MySaTokenListener.java

@@ -0,0 +1,106 @@
+package com.ruoyi.framework.satoken;
+
+import cn.dev33.satoken.listener.SaTokenListener;
+import cn.dev33.satoken.stp.SaLoginModel;
+import cn.dev33.satoken.stp.StpUtil;
+import cn.hutool.http.useragent.UserAgent;
+import cn.hutool.http.useragent.UserAgentUtil;
+import com.ruoyi.common.constant.Constants;
+import com.ruoyi.common.core.domain.dto.UserOnlineDTO;
+import com.ruoyi.common.core.domain.entity.SysUser;
+import com.ruoyi.common.utils.RedisUtils;
+import com.ruoyi.common.utils.SecurityUtils;
+import com.ruoyi.common.utils.ServletUtils;
+import com.ruoyi.common.utils.StringUtils;
+import com.ruoyi.common.utils.ip.AddressUtils;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.stereotype.Component;
+
+/**
+ * 自定义侦听器的实现
+ */
+@Component
+@Slf4j
+public class MySaTokenListener implements SaTokenListener {
+
+    /**
+     * 每次登录时触发
+     */
+    @Override
+    public void doLogin(String loginType, Object loginId, SaLoginModel loginModel) {
+        UserAgent userAgent = UserAgentUtil.parse(ServletUtils.getRequest().getHeader("User-Agent"));
+        String ip = ServletUtils.getClientIP();
+        SysUser user = SecurityUtils.getUser();
+        String tokenValue = StpUtil.getTokenValue();
+        UserOnlineDTO userOnlineDTO = new UserOnlineDTO()
+                .setIpaddr(ip)
+                .setLoginLocation(AddressUtils.getRealAddressByIP(ip))
+                .setBrowser(userAgent.getBrowser().getName())
+                .setOs(userAgent.getOs().getName())
+                .setLoginTime(System.currentTimeMillis())
+                .setTokenId(tokenValue)
+                .setUserName(user.getUserName());
+        if (StringUtils.isNotNull(user.getDept())) {
+            userOnlineDTO.setDeptName(user.getDept().getDeptName());
+        }
+        RedisUtils.setCacheObject(Constants.ONLINE_TOKEN_KEY + tokenValue, userOnlineDTO);
+        log.info("user doLogin, useId:{}, token:{}", loginId, tokenValue);
+    }
+
+    /**
+     * 每次注销时触发
+     */
+    @Override
+    public void doLogout(String loginType, Object loginId, String tokenValue) {
+        RedisUtils.deleteObject(Constants.ONLINE_TOKEN_KEY + tokenValue);
+        log.info("user doLogout, useId:{}, token:{}", loginId, tokenValue);
+    }
+
+    /**
+     * 每次被踢下线时触发
+     */
+    @Override
+    public void doLogoutByLoginId(String loginType, Object loginId, String tokenValue, String device) {
+        RedisUtils.deleteObject(Constants.ONLINE_TOKEN_KEY + tokenValue);
+        log.info("user doLogoutByLoginId, useId:{}, token:{}", loginId, tokenValue);
+    }
+
+    /**
+     * 每次被顶下线时触发
+     */
+    @Override
+    public void doReplaced(String loginType, Object loginId, String tokenValue, String device) {
+        RedisUtils.deleteObject(Constants.ONLINE_TOKEN_KEY + tokenValue);
+        log.info("user doReplaced, useId:{}, token:{}", loginId, tokenValue);
+    }
+
+    /**
+     * 每次被封禁时触发
+     */
+    @Override
+    public void doDisable(String loginType, Object loginId, long disableTime) {
+    }
+
+    /**
+     * 每次被解封时触发
+     */
+    @Override
+    public void doUntieDisable(String loginType, Object loginId) {
+    }
+
+    /**
+     * 每次创建Session时触发
+     */
+    @Override
+    public void doCreateSession(String id) {
+    }
+
+    /**
+     * 每次注销Session时触发
+     */
+    @Override
+    public void doLogoutSession(String id) {
+    }
+
+
+}

ruoyi-framework/src/main/java/com/ruoyi/framework/security/filter/JwtAuthenticationTokenFilter.java

@@ -1,45 +0,0 @@
-package com.ruoyi.framework.security.filter;
-
-import com.ruoyi.common.core.domain.model.LoginUser;
-import com.ruoyi.common.core.service.TokenService;
-import com.ruoyi.common.utils.SecurityUtils;
-import com.ruoyi.common.utils.StringUtils;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
-import org.springframework.stereotype.Component;
-import org.springframework.web.filter.OncePerRequestFilter;
-
-import javax.servlet.FilterChain;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-
-/**
- * token过滤器 验证token有效性
- *
- * @author ruoyi
- */
-@Component
-public class JwtAuthenticationTokenFilter extends OncePerRequestFilter
-{
-    @Autowired
-    private TokenService tokenService;
-
-    @Override
-    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
-            throws ServletException, IOException
-    {
-        LoginUser loginUser = tokenService.getLoginUser(request);
-        if (StringUtils.isNotNull(loginUser) && StringUtils.isNull(SecurityUtils.getAuthentication()))
-        {
-            tokenService.verifyToken(loginUser);
-            UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(loginUser, null, loginUser.getAuthorities());
-            authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
-            SecurityContextHolder.getContext().setAuthentication(authenticationToken);
-        }
-        chain.doFilter(request, response);
-    }
-}

ruoyi-framework/src/main/java/com/ruoyi/framework/security/handle/AuthenticationEntryPointImpl.java

@@ -1,35 +0,0 @@
-package com.ruoyi.framework.security.handle;
-
-import com.ruoyi.common.utils.StringUtils;
-import cn.hutool.http.HttpStatus;
-import com.ruoyi.common.core.domain.AjaxResult;
-import com.ruoyi.common.utils.JsonUtils;
-import com.ruoyi.common.utils.ServletUtils;
-import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.web.AuthenticationEntryPoint;
-import org.springframework.stereotype.Component;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-import java.io.Serializable;
-
-/**
- * 认证失败处理类 返回未授权
- *
- * @author ruoyi
- */
-@Component
-public class AuthenticationEntryPointImpl implements AuthenticationEntryPoint, Serializable
-{
-    private static final long serialVersionUID = -8970718410437077606L;
-
-    @Override
-    public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException e)
-            throws IOException
-    {
-        int code = HttpStatus.HTTP_UNAUTHORIZED;
-        String msg = StringUtils.format("请求访问：{}，认证失败，无法访问系统资源", request.getRequestURI());
-        ServletUtils.renderString(response, JsonUtils.toJsonString(AjaxResult.error(code, msg)));
-    }
-}

ruoyi-framework/src/main/java/com/ruoyi/framework/security/handle/LogoutSuccessHandlerImpl.java

@@ -1,53 +0,0 @@
-package com.ruoyi.framework.security.handle;
-
-import cn.hutool.http.HttpStatus;
-import com.ruoyi.common.constant.Constants;
-import com.ruoyi.common.core.domain.AjaxResult;
-import com.ruoyi.common.core.domain.model.LoginUser;
-import com.ruoyi.common.core.service.LogininforService;
-import com.ruoyi.common.core.service.TokenService;
-import com.ruoyi.common.utils.JsonUtils;
-import com.ruoyi.common.utils.ServletUtils;
-import com.ruoyi.common.utils.StringUtils;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-
-/**
- * 自定义退出处理类 返回成功
- *
- * @author ruoyi
- */
-@Configuration
-public class LogoutSuccessHandlerImpl implements LogoutSuccessHandler {
-
-	@Autowired
-	private TokenService tokenService;
-
-	@Autowired
-	private LogininforService asyncService;
-
-	/**
-	 * 退出处理
-	 */
-	@Override
-	public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication)
-		throws IOException, ServletException {
-		LoginUser loginUser = tokenService.getLoginUser(request);
-		if (StringUtils.isNotNull(loginUser)) {
-			String userName = loginUser.getUsername();
-			// 删除用户缓存记录
-			tokenService.delLoginUser(loginUser.getToken());
-			// 记录用户退出日志
-			asyncService.recordLogininfor(userName, Constants.LOGOUT, "退出成功", request);
-		}
-		ServletUtils.renderString(response, JsonUtils.toJsonString(AjaxResult.error(HttpStatus.HTTP_OK, "退出成功")));
-	}
-
-}

ruoyi-framework/src/main/java/com/ruoyi/framework/web/exception/GlobalExceptionHandler.java

@@ -1,5 +1,8 @@
 package com.ruoyi.framework.web.exception;
 
+import cn.dev33.satoken.exception.NotLoginException;
+import cn.dev33.satoken.exception.NotPermissionException;
+import cn.dev33.satoken.exception.NotRoleException;
 import cn.hutool.http.HttpStatus;
 import com.ruoyi.common.core.domain.AjaxResult;
 import com.ruoyi.common.exception.DemoModeException;
@@ -7,7 +10,6 @@ import com.ruoyi.common.exception.ServiceException;
 import com.ruoyi.common.utils.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import org.springframework.security.access.AccessDeniedException;
 import org.springframework.validation.BindException;
 import org.springframework.web.HttpRequestMethodNotSupportedException;
 import org.springframework.web.bind.MethodArgumentNotValidException;
@@ -30,14 +32,36 @@ public class GlobalExceptionHandler
     /**
      * 权限校验异常
      */
-    @ExceptionHandler(AccessDeniedException.class)
-    public AjaxResult handleAccessDeniedException(AccessDeniedException e, HttpServletRequest request)
+    @ExceptionHandler(NotPermissionException.class)
+    public AjaxResult handleAccessDeniedException(NotPermissionException e, HttpServletRequest request)
     {
         String requestURI = request.getRequestURI();
         log.error("请求地址'{}',权限校验失败'{}'", requestURI, e.getMessage());
         return AjaxResult.error(HttpStatus.HTTP_FORBIDDEN, "没有权限，请联系管理员授权");
     }
 
+    /**
+     * 角色校验异常
+     */
+    @ExceptionHandler(NotRoleException.class)
+    public AjaxResult handleAccessDeniedException(NotRoleException e, HttpServletRequest request)
+    {
+        String requestURI = request.getRequestURI();
+        log.error("请求地址'{}',角色校验失败'{}'", requestURI, e.getMessage());
+        return AjaxResult.error(HttpStatus.HTTP_FORBIDDEN, "没有角色，请联系管理员授权");
+    }
+
+    /**
+     * 认证失败
+     */
+    @ExceptionHandler(NotLoginException.class)
+    public AjaxResult handleAccessDeniedException(NotLoginException e, HttpServletRequest request)
+    {
+        String requestURI = request.getRequestURI();
+        log.error("请求访问：{}，认证失败，无法访问系统资源", requestURI, e.getMessage());
+        return AjaxResult.error(HttpStatus.HTTP_UNAUTHORIZED, StringUtils.format("请求访问：{}，认证失败，无法访问系统资源", requestURI));
+    }
+
     /**
      * 请求方式不支持
      */

ruoyi-generator/src/main/java/com/ruoyi/generator/controller/GenController.java

@@ -1,5 +1,6 @@
 package com.ruoyi.generator.controller;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import cn.hutool.core.convert.Convert;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.core.controller.BaseController;
@@ -12,7 +13,6 @@ import com.ruoyi.generator.service.IGenTableColumnService;
 import com.ruoyi.generator.service.IGenTableService;
 import org.apache.commons.io.IOUtils;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
@@ -40,7 +40,7 @@ public class GenController extends BaseController
     /**
      * 查询代码生成列表
      */
-    @PreAuthorize("@ss.hasPermi('tool:gen:list')")
+    @SaCheckPermission("tool:gen:list")
     @GetMapping("/list")
     public TableDataInfo genList(GenTable genTable)
     {
@@ -50,7 +50,7 @@ public class GenController extends BaseController
     /**
      * 修改代码生成业务
      */
-    @PreAuthorize("@ss.hasPermi('tool:gen:query')")
+    @SaCheckPermission("tool:gen:query")
     @GetMapping(value = "/{talbleId}")
     public AjaxResult getInfo(@PathVariable Long talbleId)
     {
@@ -67,7 +67,7 @@ public class GenController extends BaseController
     /**
      * 查询数据库列表
      */
-    @PreAuthorize("@ss.hasPermi('tool:gen:list')")
+    @SaCheckPermission("tool:gen:list")
     @GetMapping("/db/list")
     public TableDataInfo dataList(GenTable genTable)
     {
@@ -77,7 +77,7 @@ public class GenController extends BaseController
     /**
      * 查询数据表字段列表
      */
-    @PreAuthorize("@ss.hasPermi('tool:gen:list')")
+    @SaCheckPermission("tool:gen:list")
     @GetMapping(value = "/column/{talbleId}")
     public TableDataInfo columnList(Long tableId)
     {
@@ -91,7 +91,7 @@ public class GenController extends BaseController
     /**
      * 导入表结构（保存）
      */
-    @PreAuthorize("@ss.hasPermi('tool:gen:import')")
+    @SaCheckPermission("tool:gen:import")
     @Log(title = "代码生成", businessType = BusinessType.IMPORT)
     @PostMapping("/importTable")
     public AjaxResult importTableSave(String tables)
@@ -106,7 +106,7 @@ public class GenController extends BaseController
     /**
      * 修改保存代码生成业务
      */
-    @PreAuthorize("@ss.hasPermi('tool:gen:edit')")
+    @SaCheckPermission("tool:gen:edit")
     @Log(title = "代码生成", businessType = BusinessType.UPDATE)
     @PutMapping
     public AjaxResult editSave(@Validated @RequestBody GenTable genTable)
@@ -119,7 +119,7 @@ public class GenController extends BaseController
     /**
      * 删除代码生成
      */
-    @PreAuthorize("@ss.hasPermi('tool:gen:remove')")
+    @SaCheckPermission("tool:gen:remove")
     @Log(title = "代码生成", businessType = BusinessType.DELETE)
     @DeleteMapping("/{tableIds}")
     public AjaxResult remove(@PathVariable Long[] tableIds)
@@ -131,7 +131,7 @@ public class GenController extends BaseController
     /**
      * 预览代码
      */
-    @PreAuthorize("@ss.hasPermi('tool:gen:preview')")
+    @SaCheckPermission("tool:gen:preview")
     @GetMapping("/preview/{tableId}")
     public AjaxResult preview(@PathVariable("tableId") Long tableId) throws IOException
     {
@@ -142,7 +142,7 @@ public class GenController extends BaseController
     /**
      * 生成代码（下载方式）
      */
-    @PreAuthorize("@ss.hasPermi('tool:gen:code')")
+    @SaCheckPermission("tool:gen:code")
     @Log(title = "代码生成", businessType = BusinessType.GENCODE)
     @GetMapping("/download/{tableName}")
     public void download(HttpServletResponse response, @PathVariable("tableName") String tableName) throws IOException
@@ -154,7 +154,7 @@ public class GenController extends BaseController
     /**
      * 生成代码（自定义路径）
      */
-    @PreAuthorize("@ss.hasPermi('tool:gen:code')")
+    @SaCheckPermission("tool:gen:code")
     @Log(title = "代码生成", businessType = BusinessType.GENCODE)
     @GetMapping("/genCode/{tableName}")
     public AjaxResult genCode(@PathVariable("tableName") String tableName)
@@ -166,7 +166,7 @@ public class GenController extends BaseController
     /**
      * 同步数据库
      */
-    @PreAuthorize("@ss.hasPermi('tool:gen:edit')")
+    @SaCheckPermission("tool:gen:edit")
     @Log(title = "代码生成", businessType = BusinessType.UPDATE)
     @GetMapping("/synchDb/{tableName}")
     public AjaxResult synchDb(@PathVariable("tableName") String tableName)
@@ -178,7 +178,7 @@ public class GenController extends BaseController
     /**
      * 批量生成代码
      */
-    @PreAuthorize("@ss.hasPermi('tool:gen:code')")
+    @SaCheckPermission("tool:gen:code")
     @Log(title = "代码生成", businessType = BusinessType.GENCODE)
     @GetMapping("/batchGenCode")
     public void batchGenCode(HttpServletResponse response, String tables) throws IOException

ruoyi-generator/src/main/resources/vm/java/controller.java.vm

@@ -49,7 +49,7 @@ public class ${ClassName}Controller extends BaseController {
      * 查询${functionName}列表
      */
     @ApiOperation("查询${functionName}列表")
-    @PreAuthorize("@ss.hasPermi('${permissionPrefix}:list')")
+    @SaCheckPermission("${permissionPrefix}:list")
     @GetMapping("/list")
 #if($table.crud || $table.sub)
     public TableDataInfo<${ClassName}Vo> list(@Validated(QueryGroup.class) ${ClassName}Bo bo) {
@@ -66,7 +66,7 @@ public class ${ClassName}Controller extends BaseController {
      * 导出${functionName}列表
      */
     @ApiOperation("导出${functionName}列表")
-    @PreAuthorize("@ss.hasPermi('${permissionPrefix}:export')")
+    @SaCheckPermission("${permissionPrefix}:export")
     @Log(title = "${functionName}", businessType = BusinessType.EXPORT)
     @GetMapping("/export")
     public void export(@Validated ${ClassName}Bo bo, HttpServletResponse response) {
@@ -78,7 +78,7 @@ public class ${ClassName}Controller extends BaseController {
      * 获取${functionName}详细信息
      */
     @ApiOperation("获取${functionName}详细信息")
-    @PreAuthorize("@ss.hasPermi('${permissionPrefix}:query')")
+    @SaCheckPermission("${permissionPrefix}:query")
     @GetMapping("/{${pkColumn.javaField}}")
     public AjaxResult<${ClassName}Vo> getInfo(@NotNull(message = "主键不能为空")
                                                   @PathVariable("${pkColumn.javaField}") ${pkColumn.javaType} ${pkColumn.javaField}) {
@@ -89,7 +89,7 @@ public class ${ClassName}Controller extends BaseController {
      * 新增${functionName}
      */
     @ApiOperation("新增${functionName}")
-    @PreAuthorize("@ss.hasPermi('${permissionPrefix}:add')")
+    @SaCheckPermission("${permissionPrefix}:add")
     @Log(title = "${functionName}", businessType = BusinessType.INSERT)
     @RepeatSubmit()
     @PostMapping()
@@ -101,7 +101,7 @@ public class ${ClassName}Controller extends BaseController {
      * 修改${functionName}
      */
     @ApiOperation("修改${functionName}")
-    @PreAuthorize("@ss.hasPermi('${permissionPrefix}:edit')")
+    @SaCheckPermission("${permissionPrefix}:edit")
     @Log(title = "${functionName}", businessType = BusinessType.UPDATE)
     @RepeatSubmit()
     @PutMapping()
@@ -113,7 +113,7 @@ public class ${ClassName}Controller extends BaseController {
      * 删除${functionName}
      */
     @ApiOperation("删除${functionName}")
-    @PreAuthorize("@ss.hasPermi('${permissionPrefix}:remove')")
+    @SaCheckPermission("${permissionPrefix}:remove")
     @Log(title = "${functionName}" , businessType = BusinessType.DELETE)
     @DeleteMapping("/{${pkColumn.javaField}s}")
     public AjaxResult<Void> remove(@NotEmpty(message = "主键不能为空")

ruoyi-quartz/src/main/java/com/ruoyi/quartz/controller/SysJobController.java

@@ -1,5 +1,6 @@
 package com.ruoyi.quartz.controller;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.constant.Constants;
 import com.ruoyi.common.core.controller.BaseController;
@@ -14,7 +15,6 @@ import com.ruoyi.quartz.service.ISysJobService;
 import com.ruoyi.quartz.util.CronUtils;
 import org.quartz.SchedulerException;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.*;
 
 import javax.servlet.http.HttpServletResponse;
@@ -35,7 +35,7 @@ public class SysJobController extends BaseController
     /**
      * 查询定时任务列表
      */
-    @PreAuthorize("@ss.hasPermi('monitor:job:list')")
+    @SaCheckPermission("monitor:job:list")
     @GetMapping("/list")
     public TableDataInfo list(SysJob sysJob)
     {
@@ -45,7 +45,7 @@ public class SysJobController extends BaseController
     /**
      * 导出定时任务列表
      */
-    @PreAuthorize("@ss.hasPermi('monitor:job:export')")
+    @SaCheckPermission("monitor:job:export")
     @Log(title = "定时任务", businessType = BusinessType.EXPORT)
     @GetMapping("/export")
     public void export(SysJob sysJob, HttpServletResponse response)
@@ -57,7 +57,7 @@ public class SysJobController extends BaseController
     /**
      * 获取定时任务详细信息
      */
-    @PreAuthorize("@ss.hasPermi('monitor:job:query')")
+    @SaCheckPermission("monitor:job:query")
     @GetMapping(value = "/{jobId}")
     public AjaxResult getInfo(@PathVariable("jobId") Long jobId)
     {
@@ -67,7 +67,7 @@ public class SysJobController extends BaseController
     /**
      * 新增定时任务
      */
-    @PreAuthorize("@ss.hasPermi('monitor:job:add')")
+    @SaCheckPermission("monitor:job:add")
     @Log(title = "定时任务", businessType = BusinessType.INSERT)
     @PostMapping
     public AjaxResult add(@RequestBody SysJob job) throws SchedulerException, TaskException
@@ -88,14 +88,13 @@ public class SysJobController extends BaseController
         {
             return error("新增任务'" + job.getJobName() + "'失败，目标字符串不允许'http(s)//'调用");
         }
-        job.setCreateBy(getUsername());
         return toAjax(jobService.insertJob(job));
     }
 
     /**
      * 修改定时任务
      */
-    @PreAuthorize("@ss.hasPermi('monitor:job:edit')")
+    @SaCheckPermission("monitor:job:edit")
     @Log(title = "定时任务", businessType = BusinessType.UPDATE)
     @PutMapping
     public AjaxResult edit(@RequestBody SysJob job) throws SchedulerException, TaskException
@@ -116,14 +115,13 @@ public class SysJobController extends BaseController
         {
             return error("修改任务'" + job.getJobName() + "'失败，目标字符串不允许'http(s)//'调用");
         }
-        job.setUpdateBy(getUsername());
         return toAjax(jobService.updateJob(job));
     }
 
     /**
      * 定时任务状态修改
      */
-    @PreAuthorize("@ss.hasPermi('monitor:job:changeStatus')")
+    @SaCheckPermission("monitor:job:changeStatus")
     @Log(title = "定时任务", businessType = BusinessType.UPDATE)
     @PutMapping("/changeStatus")
     public AjaxResult changeStatus(@RequestBody SysJob job) throws SchedulerException
@@ -136,7 +134,7 @@ public class SysJobController extends BaseController
     /**
      * 定时任务立即执行一次
      */
-    @PreAuthorize("@ss.hasPermi('monitor:job:changeStatus')")
+    @SaCheckPermission("monitor:job:changeStatus")
     @Log(title = "定时任务", businessType = BusinessType.UPDATE)
     @PutMapping("/run")
     public AjaxResult run(@RequestBody SysJob job) throws SchedulerException
@@ -148,7 +146,7 @@ public class SysJobController extends BaseController
     /**
      * 删除定时任务
      */
-    @PreAuthorize("@ss.hasPermi('monitor:job:remove')")
+    @SaCheckPermission("monitor:job:remove")
     @Log(title = "定时任务", businessType = BusinessType.DELETE)
     @DeleteMapping("/{jobIds}")
     public AjaxResult remove(@PathVariable Long[] jobIds) throws SchedulerException, TaskException

ruoyi-quartz/src/main/java/com/ruoyi/quartz/controller/SysJobLogController.java

@@ -1,5 +1,6 @@
 package com.ruoyi.quartz.controller;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.core.controller.BaseController;
 import com.ruoyi.common.core.domain.AjaxResult;
@@ -9,7 +10,6 @@ import com.ruoyi.common.utils.poi.ExcelUtil;
 import com.ruoyi.quartz.domain.SysJobLog;
 import com.ruoyi.quartz.service.ISysJobLogService;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.*;
 
 import javax.servlet.http.HttpServletResponse;
@@ -30,7 +30,8 @@ public class SysJobLogController extends BaseController
     /**
      * 查询定时任务调度日志列表
      */
-    @PreAuthorize("@ss.hasPermi('monitor:job:list')")
+
+    @SaCheckPermission("monitor:job:list")
     @GetMapping("/list")
     public TableDataInfo list(SysJobLog sysJobLog)
     {
@@ -40,7 +41,7 @@ public class SysJobLogController extends BaseController
     /**
      * 导出定时任务调度日志列表
      */
-    @PreAuthorize("@ss.hasPermi('monitor:job:export')")
+    @SaCheckPermission("monitor:job:export")
     @Log(title = "任务调度日志", businessType = BusinessType.EXPORT)
     @GetMapping("/export")
     public void export(SysJobLog sysJobLog, HttpServletResponse response)
@@ -52,7 +53,7 @@ public class SysJobLogController extends BaseController
     /**
      * 根据调度编号获取详细信息
      */
-    @PreAuthorize("@ss.hasPermi('monitor:job:query')")
+    @SaCheckPermission("monitor:job:query")
     @GetMapping(value = "/{configId}")
     public AjaxResult getInfo(@PathVariable Long jobLogId)
     {
@@ -63,7 +64,7 @@ public class SysJobLogController extends BaseController
     /**
      * 删除定时任务调度日志
      */
-    @PreAuthorize("@ss.hasPermi('monitor:job:remove')")
+    @SaCheckPermission("monitor:job:remove")
     @Log(title = "定时任务调度日志", businessType = BusinessType.DELETE)
     @DeleteMapping("/{jobLogIds}")
     public AjaxResult remove(@PathVariable Long[] jobLogIds)
@@ -74,7 +75,7 @@ public class SysJobLogController extends BaseController
     /**
      * 清空定时任务调度日志
      */
-    @PreAuthorize("@ss.hasPermi('monitor:job:remove')")
+    @SaCheckPermission("monitor:job:remove")
     @Log(title = "调度日志", businessType = BusinessType.CLEAN)
     @DeleteMapping("/clean")
     public AjaxResult clean()

ruoyi-system/src/main/java/com/ruoyi/system/service/ISysUserOnlineService.java

@@ -1,47 +0,0 @@
-package com.ruoyi.system.service;
-
-import com.ruoyi.common.core.domain.model.LoginUser;
-import com.ruoyi.system.domain.SysUserOnline;
-
-/**
- * 在线用户 服务层
- *
- * @author ruoyi
- */
-public interface ISysUserOnlineService {
-    /**
-     * 通过登录地址查询信息
-     *
-     * @param ipaddr 登录地址
-     * @param user   用户信息
-     * @return 在线用户信息
-     */
-    public SysUserOnline selectOnlineByIpaddr(String ipaddr, LoginUser user);
-
-    /**
-     * 通过用户名称查询信息
-     *
-     * @param userName 用户名称
-     * @param user     用户信息
-     * @return 在线用户信息
-     */
-    public SysUserOnline selectOnlineByUserName(String userName, LoginUser user);
-
-    /**
-     * 通过登录地址/用户名称查询信息
-     *
-     * @param ipaddr   登录地址
-     * @param userName 用户名称
-     * @param user     用户信息
-     * @return 在线用户信息
-     */
-    public SysUserOnline selectOnlineByInfo(String ipaddr, String userName, LoginUser user);
-
-    /**
-     * 设置在线用户信息
-     *
-     * @param user 用户信息
-     * @return 在线用户
-     */
-    public SysUserOnline loginUserToUserOnline(LoginUser user);
-}

ruoyi-system/src/main/java/com/ruoyi/system/service/ISysUserService.java

@@ -3,6 +3,7 @@ package com.ruoyi.system.service;
 import com.baomidou.mybatisplus.extension.service.IService;
 import com.ruoyi.common.core.domain.entity.SysUser;
 import com.ruoyi.common.core.page.TableDataInfo;
+import com.ruoyi.common.core.service.IUserService;
 
 import java.util.List;
 
@@ -11,7 +12,7 @@ import java.util.List;
  *
  * @author ruoyi
  */
-public interface ISysUserService extends IService<SysUser> {
+public interface ISysUserService extends IService<SysUser>, IUserService {
 
 
     TableDataInfo<SysUser> selectPageUserList(SysUser user);

ruoyi-system/src/main/java/com/ruoyi/system/service/PermissionService.java

@@ -1,166 +0,0 @@
-package com.ruoyi.system.service;
-
-import com.ruoyi.common.core.domain.entity.SysRole;
-import com.ruoyi.common.core.domain.model.LoginUser;
-import com.ruoyi.common.utils.SecurityUtils;
-import com.ruoyi.common.utils.StringUtils;
-import org.springframework.stereotype.Service;
-import org.springframework.util.CollectionUtils;
-
-import java.util.Set;
-
-/**
- * RuoYi首创 自定义权限实现，ss取自SpringSecurity首字母
- *
- * @author ruoyi
- */
-@Service("ss")
-public class PermissionService
-{
-    /** 所有权限标识 */
-    private static final String ALL_PERMISSION = "*:*:*";
-
-    /** 管理员角色权限标识 */
-    private static final String SUPER_ADMIN = "admin";
-
-    private static final String ROLE_DELIMETER = ",";
-
-    private static final String PERMISSION_DELIMETER = ",";
-
-    /**
-     * 验证用户是否具备某权限
-     *
-     * @param permission 权限字符串
-     * @return 用户是否具备某权限
-     */
-    public boolean hasPermi(String permission)
-    {
-        if (StringUtils.isEmpty(permission))
-        {
-            return false;
-        }
-        LoginUser loginUser = SecurityUtils.getLoginUser();
-        if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getPermissions()))
-        {
-            return false;
-        }
-        return hasPermissions(loginUser.getPermissions(), permission);
-    }
-
-    /**
-     * 验证用户是否不具备某权限，与 hasPermi逻辑相反
-     *
-     * @param permission 权限字符串
-     * @return 用户是否不具备某权限
-     */
-    public boolean lacksPermi(String permission)
-    {
-        return hasPermi(permission) != true;
-    }
-
-    /**
-     * 验证用户是否具有以下任意一个权限
-     *
-     * @param permissions 以 PERMISSION_NAMES_DELIMETER 为分隔符的权限列表
-     * @return 用户是否具有以下任意一个权限
-     */
-    public boolean hasAnyPermi(String permissions)
-    {
-        if (StringUtils.isEmpty(permissions))
-        {
-            return false;
-        }
-        LoginUser loginUser = SecurityUtils.getLoginUser();
-        if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getPermissions()))
-        {
-            return false;
-        }
-        Set<String> authorities = loginUser.getPermissions();
-        for (String permission : permissions.split(PERMISSION_DELIMETER))
-        {
-            if (permission != null && hasPermissions(authorities, permission))
-            {
-                return true;
-            }
-        }
-        return false;
-    }
-
-    /**
-     * 判断用户是否拥有某个角色
-     *
-     * @param role 角色字符串
-     * @return 用户是否具备某角色
-     */
-    public boolean hasRole(String role)
-    {
-        if (StringUtils.isEmpty(role))
-        {
-            return false;
-        }
-        LoginUser loginUser = SecurityUtils.getLoginUser();
-        if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getUser().getRoles()))
-        {
-            return false;
-        }
-        for (SysRole sysRole : loginUser.getUser().getRoles())
-        {
-            String roleKey = sysRole.getRoleKey();
-            if (SUPER_ADMIN.equals(roleKey) || roleKey.equals(StringUtils.trim(role)))
-            {
-                return true;
-            }
-        }
-        return false;
-    }
-
-    /**
-     * 验证用户是否不具备某角色，与 isRole逻辑相反。
-     *
-     * @param role 角色名称
-     * @return 用户是否不具备某角色
-     */
-    public boolean lacksRole(String role)
-    {
-        return hasRole(role) != true;
-    }
-
-    /**
-     * 验证用户是否具有以下任意一个角色
-     *
-     * @param roles 以 ROLE_NAMES_DELIMETER 为分隔符的角色列表
-     * @return 用户是否具有以下任意一个角色
-     */
-    public boolean hasAnyRoles(String roles)
-    {
-        if (StringUtils.isEmpty(roles))
-        {
-            return false;
-        }
-        LoginUser loginUser = SecurityUtils.getLoginUser();
-        if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getUser().getRoles()))
-        {
-            return false;
-        }
-        for (String role : roles.split(ROLE_DELIMETER))
-        {
-            if (hasRole(role))
-            {
-                return true;
-            }
-        }
-        return false;
-    }
-
-    /**
-     * 判断是否包含权限
-     *
-     * @param permissions 权限列表
-     * @param permission 权限字符串
-     * @return 用户是否具备某权限
-     */
-    private boolean hasPermissions(Set<String> permissions, String permission)
-    {
-        return permissions.contains(ALL_PERMISSION) || permissions.contains(StringUtils.trim(permission));
-    }
-}

ruoyi-system/src/main/java/com/ruoyi/system/service/SysLoginService.java

@@ -1,26 +1,20 @@
 package com.ruoyi.system.service;
 
+import cn.dev33.satoken.stp.StpUtil;
 import com.ruoyi.common.constant.Constants;
 import com.ruoyi.common.core.domain.entity.SysUser;
-import com.ruoyi.common.core.domain.model.LoginUser;
 import com.ruoyi.common.core.service.LogininforService;
-import com.ruoyi.common.core.service.TokenService;
+import com.ruoyi.common.enums.UserStatus;
 import com.ruoyi.common.exception.ServiceException;
 import com.ruoyi.common.exception.user.CaptchaException;
 import com.ruoyi.common.exception.user.CaptchaExpireException;
 import com.ruoyi.common.exception.user.UserPasswordNotMatchException;
-import com.ruoyi.common.utils.DateUtils;
-import com.ruoyi.common.utils.MessageUtils;
-import com.ruoyi.common.utils.RedisUtils;
-import com.ruoyi.common.utils.ServletUtils;
+import com.ruoyi.common.utils.*;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.authentication.AuthenticationManager;
-import org.springframework.security.authentication.BadCredentialsException;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.core.Authentication;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.stereotype.Component;
 
-import javax.annotation.Resource;
 import javax.servlet.http.HttpServletRequest;
 
 /**
@@ -28,14 +22,10 @@ import javax.servlet.http.HttpServletRequest;
  *
  * @author ruoyi
  */
+@Slf4j
 @Component
 public class SysLoginService
 {
-    @Autowired
-    private TokenService tokenService;
-
-    @Resource
-    private AuthenticationManager authenticationManager;
 
 	@Autowired
     private ISysUserService userService;
@@ -64,32 +54,35 @@ public class SysLoginService
         {
             validateCaptcha(username, code, uuid, request);
         }
-        // 用户验证
-        Authentication authentication = null;
-        try
+        SysUser user = userService.selectUserByUserName(username);
+        if (StringUtils.isNull(user))
+        {
+            log.info("登录用户：{} 不存在.", username);
+            throw new ServiceException("登录用户：" + username + " 不存在");
+        }
+        else if (UserStatus.DELETED.getCode().equals(user.getDelFlag()))
         {
-            // 该方法会去调用UserDetailsServiceImpl.loadUserByUsername
-            authentication = authenticationManager
-                    .authenticate(new UsernamePasswordAuthenticationToken(username, password));
+            log.info("登录用户：{} 已被删除.", username);
+            throw new ServiceException("对不起，您的账号：" + username + " 已被删除");
         }
-        catch (Exception e)
+        else if (UserStatus.DISABLE.getCode().equals(user.getStatus()))
         {
-            if (e instanceof BadCredentialsException)
-            {
-				asyncService.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.password.not.match"), request);
-                throw new UserPasswordNotMatchException();
-            }
-            else
-            {
-				asyncService.recordLogininfor(username, Constants.LOGIN_FAIL, e.getMessage(), request);
-                throw new ServiceException(e.getMessage());
-            }
+            log.info("登录用户：{} 已被停用.", username);
+            throw new ServiceException("对不起，您的账号：" + username + " 已停用");
         }
+        BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
+        String encodePassword = passwordEncoder.encode(password);
+        if (SecurityUtils.matchesPassword(user.getPassword(), encodePassword))
+        {
+            asyncService.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.password.not.match"), request);
+            throw new UserPasswordNotMatchException();
+        }
+
 		asyncService.recordLogininfor(username, Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success"), request);
-        LoginUser loginUser = (LoginUser) authentication.getPrincipal();
-        recordLoginInfo(loginUser.getUser());
+        recordLoginInfo(user);
         // 生成token
-        return tokenService.createToken(loginUser);
+        StpUtil.login(user.getUserId(), "PC");
+        return StpUtil.getTokenValue();
     }
 
     /**

ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SaInterfaceImpl.java

@@ -0,0 +1,36 @@
+package com.ruoyi.system.service.impl;
+
+import cn.dev33.satoken.stp.StpInterface;
+import com.ruoyi.common.core.domain.entity.SysUser;
+import com.ruoyi.system.service.ISysUserService;
+import com.ruoyi.system.service.SysPermissionService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Set;
+
+@Component
+public class SaInterfaceImpl implements StpInterface {
+
+    @Autowired
+    private SysPermissionService sysPermissionService;
+    @Autowired
+    private ISysUserService iSysUserService;
+
+    @Override
+    public List<String> getPermissionList(Object loginId, String loginType) {
+        SysUser user = iSysUserService.getById(loginId.toString());
+        Set<String> menuPermission = sysPermissionService.getMenuPermission(user);
+        //采用的是用户里自带的权限，实现一次性访问reids,进行判断是否可以访问
+        return new ArrayList<>(menuPermission);
+    }
+
+    @Override
+    public List<String> getRoleList(Object loginId, String loginType) {
+        SysUser user = iSysUserService.getById(loginId.toString());
+        Set<String> rolePermission = sysPermissionService.getRolePermission(user);
+        return new ArrayList<>(rolePermission);
+    }
+}

ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserOnlineServiceImpl.java

@@ -1,86 +0,0 @@
-package com.ruoyi.system.service.impl;
-
-import com.ruoyi.common.core.domain.model.LoginUser;
-import com.ruoyi.common.utils.StringUtils;
-import com.ruoyi.system.domain.SysUserOnline;
-import com.ruoyi.system.service.ISysUserOnlineService;
-import org.springframework.stereotype.Service;
-
-/**
- * 在线用户 服务层处理
- *
- * @author ruoyi
- */
-@Service
-public class SysUserOnlineServiceImpl implements ISysUserOnlineService {
-    /**
-     * 通过登录地址查询信息
-     *
-     * @param ipaddr 登录地址
-     * @param user   用户信息
-     * @return 在线用户信息
-     */
-    @Override
-    public SysUserOnline selectOnlineByIpaddr(String ipaddr, LoginUser user) {
-        if (StringUtils.equals(ipaddr, user.getIpaddr())) {
-            return loginUserToUserOnline(user);
-        }
-        return null;
-    }
-
-    /**
-     * 通过用户名称查询信息
-     *
-     * @param userName 用户名称
-     * @param user     用户信息
-     * @return 在线用户信息
-     */
-    @Override
-    public SysUserOnline selectOnlineByUserName(String userName, LoginUser user) {
-        if (StringUtils.equals(userName, user.getUsername())) {
-            return loginUserToUserOnline(user);
-        }
-        return null;
-    }
-
-    /**
-     * 通过登录地址/用户名称查询信息
-     *
-     * @param ipaddr   登录地址
-     * @param userName 用户名称
-     * @param user     用户信息
-     * @return 在线用户信息
-     */
-    @Override
-    public SysUserOnline selectOnlineByInfo(String ipaddr, String userName, LoginUser user) {
-        if (StringUtils.equals(ipaddr, user.getIpaddr()) && StringUtils.equals(userName, user.getUsername())) {
-            return loginUserToUserOnline(user);
-        }
-        return null;
-    }
-
-    /**
-     * 设置在线用户信息
-     *
-     * @param user 用户信息
-     * @return 在线用户
-     */
-    @Override
-    public SysUserOnline loginUserToUserOnline(LoginUser user) {
-        if (StringUtils.isNull(user) || StringUtils.isNull(user.getUser())) {
-            return null;
-        }
-        SysUserOnline sysUserOnline = new SysUserOnline();
-        sysUserOnline.setTokenId(user.getToken());
-        sysUserOnline.setUserName(user.getUsername());
-        sysUserOnline.setIpaddr(user.getIpaddr());
-        sysUserOnline.setLoginLocation(user.getLoginLocation());
-        sysUserOnline.setBrowser(user.getBrowser());
-        sysUserOnline.setOs(user.getOs());
-        sysUserOnline.setLoginTime(user.getLoginTime());
-        if (StringUtils.isNotNull(user.getUser().getDept())) {
-            sysUserOnline.setDeptName(user.getUser().getDept().getDeptName());
-        }
-        return sysUserOnline;
-    }
-}

ruoyi-system/src/main/java/com/ruoyi/system/service/impl/TokenServiceImpl.java

@@ -1,204 +0,0 @@
-package com.ruoyi.system.service.impl;
-
-import cn.hutool.core.util.IdUtil;
-import cn.hutool.http.useragent.UserAgent;
-import cn.hutool.http.useragent.UserAgentUtil;
-import com.ruoyi.common.constant.Constants;
-import com.ruoyi.common.core.domain.model.LoginUser;
-import com.ruoyi.common.core.service.TokenService;
-import com.ruoyi.common.properties.TokenProperties;
-import com.ruoyi.common.utils.RedisUtils;
-import com.ruoyi.common.utils.ServletUtils;
-import com.ruoyi.common.utils.StringUtils;
-import com.ruoyi.common.utils.ip.AddressUtils;
-import io.jsonwebtoken.Claims;
-import io.jsonwebtoken.Jwts;
-import io.jsonwebtoken.SignatureAlgorithm;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Component;
-
-import javax.servlet.http.HttpServletRequest;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.concurrent.TimeUnit;
-
-/**
- * token验证处理
- *
- * @author Lion Li
- */
-@Component
-public class TokenServiceImpl implements TokenService {
-
-    protected static final long MILLIS_SECOND = 1000;
-
-    protected static final long MILLIS_MINUTE = 60 * MILLIS_SECOND;
-
-    private static final Long MILLIS_MINUTE_TEN = 20 * 60 * 1000L;
-
-    @Autowired
-    private TokenProperties tokenProperties;
-
-    /**
-     * 获取用户身份信息
-     *
-     * @return 用户信息
-     */
-    @Override
-    public LoginUser getLoginUser(HttpServletRequest request) {
-        // 获取请求携带的令牌
-        String token = getToken(request);
-        if (StringUtils.isNotEmpty(token)) {
-			try {
-				Claims claims = parseToken(token);
-				// 解析对应的权限以及用户信息
-				String uuid = (String) claims.get(Constants.LOGIN_USER_KEY);
-				String userKey = getTokenKey(uuid);
-				LoginUser user = RedisUtils.getCacheObject(userKey);
-				return user;
-			} catch (Exception e) {
-
-			}
-        }
-        return null;
-    }
-
-    /**
-     * 设置用户身份信息
-     */
-    @Override
-    public void setLoginUser(LoginUser loginUser) {
-        if (StringUtils.isNotNull(loginUser) && StringUtils.isNotEmpty(loginUser.getToken())) {
-            refreshToken(loginUser);
-        }
-    }
-
-    /**
-     * 删除用户身份信息
-     */
-    @Override
-    public void delLoginUser(String token) {
-        if (StringUtils.isNotEmpty(token)) {
-            String userKey = getTokenKey(token);
-            RedisUtils.deleteObject(userKey);
-        }
-    }
-
-    /**
-     * 创建令牌
-     *
-     * @param loginUser 用户信息
-     * @return 令牌
-     */
-    @Override
-    public String createToken(LoginUser loginUser) {
-        String token = IdUtil.fastUUID();
-        loginUser.setToken(token);
-        setUserAgent(loginUser);
-        refreshToken(loginUser);
-
-        Map<String, Object> claims = new HashMap<>();
-        claims.put(Constants.LOGIN_USER_KEY, token);
-        return createToken(claims);
-    }
-
-    /**
-     * 验证令牌有效期，相差不足20分钟，自动刷新缓存
-     *
-     * @param loginUser
-     * @return 令牌
-     */
-    @Override
-    public void verifyToken(LoginUser loginUser) {
-        long expireTime = loginUser.getExpireTime();
-        long currentTime = System.currentTimeMillis();
-        if (expireTime - currentTime <= MILLIS_MINUTE_TEN) {
-            refreshToken(loginUser);
-        }
-    }
-
-    /**
-     * 刷新令牌有效期
-     *
-     * @param loginUser 登录信息
-     */
-    @Override
-    public void refreshToken(LoginUser loginUser) {
-        loginUser.setLoginTime(System.currentTimeMillis());
-        loginUser.setExpireTime(loginUser.getLoginTime() + tokenProperties.getExpireTime() * MILLIS_MINUTE);
-        // 根据uuid将loginUser缓存
-        String userKey = getTokenKey(loginUser.getToken());
-        RedisUtils.setCacheObject(userKey, loginUser, tokenProperties.getExpireTime(), TimeUnit.MINUTES);
-    }
-
-    /**
-     * 设置用户代理信息
-     *
-     * @param loginUser 登录信息
-     */
-    @Override
-    public void setUserAgent(LoginUser loginUser) {
-        UserAgent userAgent = UserAgentUtil.parse(ServletUtils.getRequest().getHeader("User-Agent"));
-        String ip = ServletUtils.getClientIP();
-        loginUser.setIpaddr(ip);
-        loginUser.setLoginLocation(AddressUtils.getRealAddressByIP(ip));
-        loginUser.setBrowser(userAgent.getBrowser().getName());
-        loginUser.setOs(userAgent.getOs().getName());
-    }
-
-    /**
-     * 从数据声明生成令牌
-     *
-     * @param claims 数据声明
-     * @return 令牌
-     */
-    private String createToken(Map<String, Object> claims) {
-        String token = Jwts.builder()
-                .setClaims(claims)
-                .signWith(SignatureAlgorithm.HS512, tokenProperties.getSecret()).compact();
-        return token;
-    }
-
-    /**
-     * 从令牌中获取数据声明
-     *
-     * @param token 令牌
-     * @return 数据声明
-     */
-    private Claims parseToken(String token) {
-        return Jwts.parser()
-                .setSigningKey(tokenProperties.getSecret())
-                .parseClaimsJws(token)
-                .getBody();
-    }
-
-    /**
-     * 从令牌中获取用户名
-     *
-     * @param token 令牌
-     * @return 用户名
-     */
-    @Override
-    public String getUsernameFromToken(String token) {
-        Claims claims = parseToken(token);
-        return claims.getSubject();
-    }
-
-    /**
-     * 获取请求token
-     *
-     * @param request
-     * @return token
-     */
-    private String getToken(HttpServletRequest request) {
-        String token = request.getHeader(tokenProperties.getHeader());
-        if (StringUtils.isNotEmpty(token) && token.startsWith(Constants.TOKEN_PREFIX)) {
-            token = token.replace(Constants.TOKEN_PREFIX, "");
-        }
-        return token;
-    }
-
-    private String getTokenKey(String uuid) {
-        return Constants.LOGIN_TOKEN_KEY + uuid;
-    }
-}

ruoyi-system/src/main/java/com/ruoyi/system/service/impl/UserDetailsServiceImpl.java

@@ -1,60 +0,0 @@
-package com.ruoyi.system.service.impl;
-
-import com.ruoyi.common.core.domain.entity.SysUser;
-import com.ruoyi.common.core.domain.model.LoginUser;
-import com.ruoyi.common.enums.UserStatus;
-import com.ruoyi.common.exception.ServiceException;
-import com.ruoyi.common.utils.StringUtils;
-import com.ruoyi.system.service.ISysUserService;
-import com.ruoyi.system.service.SysPermissionService;
-import lombok.extern.slf4j.Slf4j;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.security.core.userdetails.UserDetailsService;
-import org.springframework.security.core.userdetails.UsernameNotFoundException;
-import org.springframework.stereotype.Service;
-
-/**
- * 用户验证处理
- *
- * @author ruoyi
- */
-@Slf4j
-@Service
-public class UserDetailsServiceImpl implements UserDetailsService
-{
-
-    @Autowired
-    private ISysUserService userService;
-
-    @Autowired
-    private SysPermissionService permissionService;
-
-    @Override
-    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException
-    {
-        SysUser user = userService.selectUserByUserName(username);
-        if (StringUtils.isNull(user))
-        {
-            log.info("登录用户：{} 不存在.", username);
-            throw new ServiceException("登录用户：" + username + " 不存在");
-        }
-        else if (UserStatus.DELETED.getCode().equals(user.getDelFlag()))
-        {
-            log.info("登录用户：{} 已被删除.", username);
-            throw new ServiceException("对不起，您的账号：" + username + " 已被删除");
-        }
-        else if (UserStatus.DISABLE.getCode().equals(user.getStatus()))
-        {
-            log.info("登录用户：{} 已被停用.", username);
-            throw new ServiceException("对不起，您的账号：" + username + " 已停用");
-        }
-
-        return createLoginUser(user);
-    }
-
-    public UserDetails createLoginUser(SysUser user)
-    {
-        return new LoginUser(user.getUserId(), user.getDeptId(), user, permissionService.getMenuPermission(user));
-    }
-}