Merge pull request #61 from geekidea/dev

🇨🇳 1.3.0.RELEASE shiro+jwt

Author: springboot-plus

CHANGELOG.md

@@ -1,6 +1,6 @@
 # 更新日志 CHANGELOG
 
-## [V1.3.0-RELEASE] 
+## [V1.3.0-RELEASE] 2019.10.05
 
 ###  ⭐️  New Features
 

CODE_OF_CONDUCT.md

@@ -74,3 +74,4 @@ available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.ht
 
 For answers to common questions about this code of conduct, see
 https://www.contributor-covenant.org/faq
+

CONTRIBUTING.md

@@ -1 +1,2 @@
 # Welcome pull request
+

README-zh.md

@@ -38,7 +38,7 @@
 2. 集成mybatis plus快速dao操作
 3. 快速生成后台代码: entity/param/vo/controller/service/mapper/xml
 4. 集成swagger2，可自动生成api文档
-5. 集成jwt、spring security权限控制
+5. 集成jwt、shiro/spring security权限控制
 6. 集成redis、spring cache、ehcache缓存
 7. 集成rabbit/rocket/kafka mq消息队列
 8. 集成druid连接池，JDBC性能和慢查询检测
@@ -71,9 +71,11 @@ commons-codec | 1.13 | 加密解密等工具包 |
 commons-collections4 | 4.4 | 集合工具包 |
 reflections | 0.9.11 | 反射工具包 |
 hibernate-validator | 6.0.17.Final | 后台参数校验注解 |
-jwt | 0.9.1 | json web token |
+Shiro | 1.4.0 | 权限控制 |
+JWT | 3.8.3 | JSON WEB TOKEN |
 hutool-all | 4.6.4 | 常用工具集 |
 lombok | 1.18.8 | 注解生成Java Bean等工具 |
+mapstruct | 1.3.0.Final | 对象属性复制工具 |
 
 ## CHANGELOG
 #### [CHANGELOG.md](https://github.com/geekidea/spring-boot-plus/blob/master/CHANGELOG.md)

README.md

@@ -40,7 +40,7 @@
 - Integrated mybatis-plus fast dao operation
 - Quickly generate background code:entity/param/vo/controller/service/mapper/xml
 - Integrated swagger2, automatic generation of api documents
-- Integrated JWT, spring security permission control
+- Integrated JWT,Shiro/Spring security permission control
 - Integrated Redis、spring cache、ehcache,etc
 - Integrated Rabbit/Rocket/Kafka MQ
 - Integration alibaba druid connection pool, JDBC performance and slow query detection
@@ -73,9 +73,11 @@ commons-codec | 1.13 | Apache Toolkit such as encryption and decryption |
 commons-collections4 | 4.4 | Apache collections toolkit |
 reflections | 0.9.11 | Reflection Toolkit  |
 hibernate-validator | 6.0.17.Final | Validator toolkit |
-jwt | 0.9.1 | JSON WEB TOKEN |
+Shiro | 1.4.0 | Permission control |
+JWT | 3.8.3 | JSON WEB TOKEN |
 hutool-all | 4.6.4 | Common toolset |
 lombok | 1.18.8 | Automatically plugs |
+mapstruct | 1.3.0.Final | Object property replication tool |
 
 ## CHANGELOG
 #### [CHANGELOG.md](https://github.com/geekidea/spring-boot-plus/blob/master/CHANGELOG.md)

pom.xml

@@ -63,11 +63,13 @@
         <jansi.version>1.18</jansi.version>
         <lombok.version>1.18.8</lombok.version>
         <commons-pool2.version>2.7.0</commons-pool2.version>
-        <jwt.version>0.9.1</jwt.version>
         <spring-boot-admin.version>2.1.6</spring-boot-admin.version>
         <hutool.version>4.6.4</hutool.version>
         <junit.version>4.12</junit.version>
+        <ini.version>0.5.4</ini.version>
         <mapstruct.version>1.3.0.Final</mapstruct.version>
+        <shiro.version>1.4.0</shiro.version>
+        <jwt.version>3.8.3</jwt.version>
 
         <maven-compiler-plugin.version>3.8.1</maven-compiler-plugin.version>
         <maven-resources-plugin.version>3.1.0</maven-resources-plugin.version>
@@ -265,12 +267,14 @@
         </dependency>
         <!-- spring boot admin end -->
 
+        <!-- ini格式处理 -->
         <dependency>
             <groupId>org.ini4j</groupId>
             <artifactId>ini4j</artifactId>
-            <version>0.5.4</version>
+            <version>${ini.version}</version>
         </dependency>
 
+        <!-- 对象属性复制 -->
         <dependency>
             <groupId>org.mapstruct</groupId>
             <artifactId>mapstruct</artifactId>
@@ -283,29 +287,22 @@
             <scope>provided</scope>
         </dependency>
 
-        <!-- Shiro JWT start -->
+        <!-- Shiro+JWT start -->
         <dependency>
             <groupId>org.apache.shiro</groupId>
             <artifactId>shiro-spring-boot-web-starter</artifactId>
-            <version>1.4.0</version>
+            <version>${shiro.version}</version>
         </dependency>
-
         <dependency>
             <groupId>com.auth0</groupId>
             <artifactId>java-jwt</artifactId>
-            <version>3.8.3</version>
+            <version>${jwt.version}</version>
         </dependency>
-
-<!--        <dependency>-->
-<!--            <groupId>io.jsonwebtoken</groupId>-->
-<!--            <artifactId>jjwt</artifactId>-->
-<!--            <version>${jwt.version}</version>-->
-<!--        </dependency>-->
-
-        <!-- Spring Security JWT start -->
+        <!-- Shiro+JWT end -->
 
     </dependencies>
 
+
     <build>
         <finalName>spring-boot-plus</finalName>
 

src/main/java/io/geekidea/springbootplus/common/aop/LogAop.java

@@ -20,6 +20,7 @@
 import com.alibaba.fastjson.JSONObject;
 import io.geekidea.springbootplus.common.api.ApiCode;
 import io.geekidea.springbootplus.common.api.ApiResult;
+import io.geekidea.springbootplus.shiro.util.JwtTokenUtil;
 import io.geekidea.springbootplus.util.AnsiUtil;
 import io.geekidea.springbootplus.util.DateUtil;
 import io.geekidea.springbootplus.util.IpUtil;
@@ -131,7 +132,7 @@ public Object doAround(ProceedingJoinPoint joinPoint) throws Throwable {
             map.put("time", DateUtil.getYYYYMMDDHHMMSS(new Date()));
 
             // 获取请求头token
-            map.put("x-auth-token",request.getHeader("x-auth-token"));
+            map.put("token",request.getHeader(JwtTokenUtil.getTokenName()));
 
             String requestInfo = null;
             try {

src/main/java/io/geekidea/springbootplus/common/constant/CommonConstant.java

@@ -41,14 +41,13 @@ public interface CommonConstant {
     /**
      * 登陆token
      */
-    String JWT_TOKEN_NAME = "token";
+    String JWT_DEFAULT_TOKEN_NAME = "token";
 
     /**
      * JWT用户名
      */
     String JWT_USERNAME = "username";
 
-
     /**
      * JWT刷新新token响应状态码
      */
@@ -60,6 +59,15 @@ public interface CommonConstant {
      */
     int JWT_INVALID_TOKEN_CODE = 461;
 
+    /**
+     * JWT Token默认密钥
+     */
+    String JWT_DEFAULT_SECRET = "666666";
+
+    /**
+     * JWT 默认过期时间，3600L，单位秒
+     */
+    Long JWT_DEFAULT_EXPIRE_SECOND = 3600L;
 
     /**
      * 初始密码

src/main/java/io/geekidea/springbootplus/common/web/filter/CrossDomainFilter.java

@@ -46,7 +46,7 @@ public void doFilter(ServletRequest servletRequest, ServletResponse servletRespo
         httpServletResponse.setHeader("Access-Control-Allow-Methods", "*");
         httpServletResponse.setHeader("Access-Control-Allow-Headers", "*");
         httpServletResponse.setHeader("Access-Control-Request-Headers","*");
-        httpServletResponse.setHeader("Access-Control-Allow-Headers", "content-type,x-auth-token");
+        httpServletResponse.setHeader("Access-Control-Allow-Headers", "content-type,token");
         httpServletResponse.setHeader("Access-Control-Expose-Headers", "*");
 
         HttpServletRequest request = (HttpServletRequest) servletRequest;

src/main/java/io/geekidea/springbootplus/config/Swagger2Config.java

@@ -16,6 +16,7 @@
 
 package io.geekidea.springbootplus.config;
 
+import io.geekidea.springbootplus.shiro.util.JwtTokenUtil;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -113,10 +114,17 @@ private ApiInfo apiInfo() {
     private List<Parameter> setHeaderToken() {
         List<Parameter> pars = new ArrayList<>();
 
-        // TODO  测试token值,上线关闭
+        // token请求头
         String testTokenValue = "";
         ParameterBuilder tokenPar = new ParameterBuilder();
-        Parameter tokenParameter = tokenPar.name("token").description("token").modelRef(new ModelRef("string")).parameterType("header").required(false).defaultValue(testTokenValue).build();
+        Parameter tokenParameter = tokenPar
+                .name(JwtTokenUtil.getTokenName())
+                .description("Token Request Header")
+                .modelRef(new ModelRef("string"))
+                .parameterType("header")
+                .required(false)
+                .defaultValue(testTokenValue)
+                .build();
         pars.add(tokenParameter);
         return pars;
     }