pengjunjie/JeecgBoot
1
0
Fork 1
mirror of https://github.com/jeecgboot/JeecgBoot.git synced 2026-01-04 04:45:28 +08:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: pengjunjie:springboot2
Branches Tags
pengjunjie:dependabot/npm_and_yarn/jeecgboot-vue3/qs-6.14.1 pengjunjie:main pengjunjie:main-jeecg-ai pengjunjie:springboot3-satoken pengjunjie:springboot3_sas pengjunjie:springboot2
pengjunjie:v3.9.0 pengjunjie:v3.8.3.1 pengjunjie:v3.8.3springboot3sas pengjunjie:v3.8.3 pengjunjie:v3.8.2last_springboot3 pengjunjie:v3.8.2last_springboot2 pengjunjie:v3.8.2 pengjunjie:v3.8.1 pengjunjie:v3.8.0last pengjunjie:v3.8.0last_springboot3 pengjunjie:v3.8.0last_springboot3sas pengjunjie:v3.7.3springboot3 pengjunjie:v3.8.0 pengjunjie:v3.7.4 pengjunjie:v3.7.3springboot3sas pengjunjie:v3.7.1SpringBoot3sas pengjunjie:v3.7.1springboot3 pengjunjie:v3.7.3 pengjunjie:v3.7.2 pengjunjie:v3.7.1last pengjunjie:v3.7.0last_springboot3 pengjunjie:v3.7.1 pengjunjie:v3.7.0_all_last pengjunjie:v3.7.0last_springboot3sas pengjunjie:v3.7.0_springboot3sas_20240821 pengjunjie:v3.7.0_all pengjunjie:v3.7.0_springboot3sas pengjunjie:v3.7.0_springboot3 pengjunjie:v3.7.0 pengjunjie:v3.6.3_springboot3sas pengjunjie:v3.6.3last pengjunjie:v3.6.3_springboot3 pengjunjie:v3.6.3 pengjunjie:v3.6.2_springboot3 pengjunjie:v3.6.2last pengjunjie:v3.6.2 pengjunjie:v3.6.1last pengjunjie:v3.6.1 pengjunjie:v3.6.0 pengjunjie:v3.5.5last pengjunjie:v3.5.5 pengjunjie:v3.5.3 pengjunjie:v3.5.1last pengjunjie:v3.5.1 pengjunjie:v3.5.0 pengjunjie:v3.4.4last pengjunjie:v3.4.4 pengjunjie:v3.4.3last pengjunjie:v3.4.3 pengjunjie:v3.4.2 pengjunjie:v3.4.0 pengjunjie:v3.3.0 pengjunjie:v3.2.0 pengjunjie:v3.1.0 pengjunjie:v3.0.0 pengjunjie:v3.0 pengjunjie:v2.4.6 pengjunjie:2.4.5 pengjunjie:v2.4.5 pengjunjie:v2.4.3 pengjunjie:v2.4.2 pengjunjie:v2.4.1 pengjunjie:2.4.1 pengjunjie:2.4.0 pengjunjie:v2.3.0 pengjunjie:2.3.0 pengjunjie:v2.3 pengjunjie:v2.2.1 pengjunjie:2.2.0 pengjunjie:v2.1.4 pengjunjie:v2.1.3 pengjunjie:v2.1.2 pengjunjie:v2.1.1 pengjunjie:v2.1.0 pengjunjie:v2.0.2
..
compare: pengjunjie:23c628057bc1167fa48149e2e2cc7ed47f2eae84
Branches Tags
pengjunjie:dependabot/npm_and_yarn/jeecgboot-vue3/qs-6.14.1 pengjunjie:main pengjunjie:main-jeecg-ai pengjunjie:springboot3-satoken pengjunjie:springboot3_sas pengjunjie:springboot2
pengjunjie:v3.9.0 pengjunjie:v3.8.3.1 pengjunjie:v3.8.3springboot3sas pengjunjie:v3.8.3 pengjunjie:v3.8.2last_springboot3 pengjunjie:v3.8.2last_springboot2 pengjunjie:v3.8.2 pengjunjie:v3.8.1 pengjunjie:v3.8.0last pengjunjie:v3.8.0last_springboot3 pengjunjie:v3.8.0last_springboot3sas pengjunjie:v3.7.3springboot3 pengjunjie:v3.8.0 pengjunjie:v3.7.4 pengjunjie:v3.7.3springboot3sas pengjunjie:v3.7.1SpringBoot3sas pengjunjie:v3.7.1springboot3 pengjunjie:v3.7.3 pengjunjie:v3.7.2 pengjunjie:v3.7.1last pengjunjie:v3.7.0last_springboot3 pengjunjie:v3.7.1 pengjunjie:v3.7.0_all_last pengjunjie:v3.7.0last_springboot3sas pengjunjie:v3.7.0_springboot3sas_20240821 pengjunjie:v3.7.0_all pengjunjie:v3.7.0_springboot3sas pengjunjie:v3.7.0_springboot3 pengjunjie:v3.7.0 pengjunjie:v3.6.3_springboot3sas pengjunjie:v3.6.3last pengjunjie:v3.6.3_springboot3 pengjunjie:v3.6.3 pengjunjie:v3.6.2_springboot3 pengjunjie:v3.6.2last pengjunjie:v3.6.2 pengjunjie:v3.6.1last pengjunjie:v3.6.1 pengjunjie:v3.6.0 pengjunjie:v3.5.5last pengjunjie:v3.5.5 pengjunjie:v3.5.3 pengjunjie:v3.5.1last pengjunjie:v3.5.1 pengjunjie:v3.5.0 pengjunjie:v3.4.4last pengjunjie:v3.4.4 pengjunjie:v3.4.3last pengjunjie:v3.4.3 pengjunjie:v3.4.2 pengjunjie:v3.4.0 pengjunjie:v3.3.0 pengjunjie:v3.2.0 pengjunjie:v3.1.0 pengjunjie:v3.0.0 pengjunjie:v3.0 pengjunjie:v2.4.6 pengjunjie:2.4.5 pengjunjie:v2.4.5 pengjunjie:v2.4.3 pengjunjie:v2.4.2 pengjunjie:v2.4.1 pengjunjie:2.4.1 pengjunjie:2.4.0 pengjunjie:v2.3.0 pengjunjie:2.3.0 pengjunjie:v2.3 pengjunjie:v2.2.1 pengjunjie:2.2.0 pengjunjie:v2.1.4 pengjunjie:v2.1.3 pengjunjie:v2.1.2 pengjunjie:v2.1.1 pengjunjie:v2.1.0 pengjunjie:v2.0.2

243 Commits
springboot ... 23c628057b

Author SHA1 Message Date
JEECG
23c628057b 重命名迁移说明文件并调整标题格式 2025-10-16 19:31:21 +08:00
JEECG
2ac14709ba 兼容shiro获取用户API写法,适配online底层lib依赖 2025-10-16 19:23:35 +08:00
JEECG
f9cff08716 更新README.md,修正Sa-Token下载链接格式 2025-10-16 19:14:58 +08:00
JEECG
a6feb2fd9d 更新README.md,调整下载链接顺序 2025-10-16 19:11:02 +08:00
JEECG
b84eb25d41 新版说明 2025-10-16 19:03:20 +08:00
JEECG
4326cecad4 【sa-token】仪表盘静态资源需要排除权限拦截 2025-10-16 16:30:36 +08:00
JEECG
ec5810176b 1 2025-10-16 15:06:37 +08:00
JEECG
aff307c3ff 【sa-token】支持异步请求SseEmitter 2025-10-16 14:50:30 +08:00
JEECG
acfd3bb3e4 1 2025-10-16 14:26:44 +08:00
JEECG
52082fb256 【sa-token】自动续期不好使,需要手动执行续期方法StpUtil.stpLogic.updateLastActiveToNow(token); 2025-10-16 13:45:17 +08:00
JEECG
736515f63a 【sa-token】忽略权限注解不好使 2025-10-16 12:36:29 +08:00
JEECG
a250163198 【权限替换为sa-token】更新迁移文档 2025-10-16 11:50:46 +08:00
JEECG
1ed1f315a4 【权限替换为sa-token】更新迁移文档 2025-10-16 11:44:55 +08:00
JEECG
f7670dca3a 【权限替换为sa-token】优化退出登录日志 2025-10-16 11:41:12 +08:00
JEECG
b24ac544c8 【权限替换为sa-token】token无效异常提醒修改 2025-10-16 11:40:53 +08:00
JEECG
c7c31e0945 【sa-token】shiro替换为sa-token,核心架构修改点 2025-10-16 11:14:53 +08:00
JEECG
468af57489 【sa-token】登录和退出换写法 2025-10-16 11:06:47 +08:00
JEECG
c85bb1f62d 【sa-token】替换权限注解和权限缓存处理 2025-10-16 11:05:33 +08:00
JEECG
b4fa11a605 【sa-token】获取用户信息和校验token有效的API变更 2025-10-16 10:42:44 +08:00
JEECG
b2240848e0 删除无用代码 2025-10-15 21:23:15 +08:00
JEECG
4a888a4e19 【权限框架换成sa-token】替换sa-token权限注解和替换获取用户工具类LoginUserUtils 2025-10-15 21:21:07 +08:00
JEECG
bc6f336745 issues/8972 通义千问的多模态模型保存激活报错 #55 2025-10-14 22:46:46 +08:00
JEECG
0d86df8e9e 1 2025-10-14 18:03:51 +08:00
JEECG
3db673b67d issue格式 2025-10-14 18:03:01 +08:00
JEECG
3ba5395d33 优化gateway启动报警告 2025-10-14 16:48:17 +08:00
JEECG
e7eed37470 升级shardingsphere-jdbc版本到5.5.0,需要手工配置ShardingSphere数据源到spring.datasource.dynamic.datasource中,用法更明确 2025-10-14 16:47:05 +08:00
JEECG
30ac3f7c72 升级shardingsphere-jdbc版本到5.5.0,需要手工配置ShardingSphere数据源到spring.datasource.dynamic.datasource中,用法更明确 2025-10-14 16:02:15 +08:00
JEECG
03e6c97d80 重构JeecgBizToolsProvider.java,使用JsonObjectSchema替代JsonSchemaProperty,优化参数定义 2025-10-13 14:10:52 +08:00
JEECG
b9f6f6dc53 升级langchain4j到1.3.0,解决很多模型不支持问题和MCP支持 2025-10-13 11:27:09 +08:00
JEECG
107e13c8af [issues/8859]online表单java增强失效-- 2025-10-11 11:35:36 +08:00
JEECG
0512b41b2b 更新README.md,增加对Node.js版本要求的说明,强调不再支持EOL的Node.js 18 2025-10-10 17:34:00 +08:00
JEECG
d6d880f887 更新说明 2025-10-10 10:20:09 +08:00
JEECG
b0e974a418 更新README.md,优化平台介绍和技术架构信息,增强AI应用平台描述 2025-10-09 11:15:45 +08:00
JEECG
388fa9b8c2 v3.8.3大版本发布,全面迈向 SpringBoot3 2025-10-09 11:06:32 +08:00
JEECG
bc04bd1433 --author:scott--date:20250930--for:使用@PostConstruct注解初始化PrometheusMeterRegistry配置,避免启动后配置延迟 2025-09-30 15:43:24 +08:00
JEECG
35aba0784d Path Traversal Vulnerability /sys/comment/addFile /sys/upload/uploadMinio endpoint (notice the uploadlocal function is different from the /sys/common/upload ) #8827 2025-09-29 18:24:33 +08:00
JEECG
c3822ab702 3.8.3版本能正常连接sqlserver数据库,但是无法解析查询代码 #8900 2025-09-29 11:55:37 +08:00
JEECG
d4487356f0 更新 JeecgSystemApplication.java,排除 MongoAutoConfiguration 以避免未集成 mongo 的报错 2025-09-28 22:34:10 +08:00
JEECG
ae4363dc72 仪表盘大屏分享,提示需要token错误 2025-09-28 18:12:03 +08:00
JEECG
3e6c7651ee 提供v3.8.3版本数据库脚本 2025-09-28 14:29:52 +08:00
JEECG
c0ffd14b7a 更新 pom.xml,修改 jimureport 依赖的 artifactId 2025-09-26 16:26:35 +08:00
JEECG
914875d6a1 更新 pom.xml,升级 jimubi-spring-boot-starter 和 jimureport-nosql-starter 版本 2025-09-26 15:26:30 +08:00
JEECG
2298ee3eed 更新 docker-compose-cloud.yml,添加 jeecg-boot 网络配置到 sentinel 和 xxljob 服务 2025-09-25 13:47:33 +08:00
JEECG
2a8853b353 docker微服务启动 docker-compose 增加xxljob和sentinel配置 2025-09-25 12:48:25 +08:00
JEECG
b920c5b794 Oracle11g数据库 多租户管理>>添加租户 报错 #8897 2025-09-25 12:42:53 +08:00
JEECG
d3fa38a9e6 更新 application-docker.yml,修改 Redis 和 XXL-JOB 配置为使用服务名称 2025-09-25 11:17:53 +08:00
JEECG
b0df78b06c 配置文件升级到v3.8.3 切换tomcat 2025-09-25 10:23:51 +08:00
JEECG
80749098bd 添加 JustAuth 自动配置支持,更新 pom.xml 以包含 jeecg-boot-starter-job 依赖,并修改 application.yml 中的 nacos 服务器地址配置 2025-09-24 16:06:54 +08:00
JEECG
19b7f2cb29 springboot3 支持 jdk17、jdk21、jdk24 2025-09-24 15:18:32 +08:00
JEECG
39f5c3a5be 支持jdk21 2025-09-24 13:18:52 +08:00
JEECG
9ee3a36fbb 版本发布日期更新 2025-09-24 13:17:21 +08:00
JEECG
8c5cf3a0d9 【v3.8.3开源版本发布】更改groupId从org.jeecgframework.boot为org.jeecgframework.boot3,与springboot2区分 2025-09-24 12:19:01 +08:00
JEECG
053552c123 【v3.8.3开源版本发布】 
Merge remote-tracking branch 'origin/master' into springboot3

# Conflicts:
#	README.md
#	jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/exception/JeecgBootExceptionHandler.java
#	jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/FileDownloadUtils.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysUserAgentController.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/ISysDepartService.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/ISysUserService.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysAnnouncementServiceImpl.java
#	jeecg-boot/jeecg-server-cloud/jeecg-visual/jeecg-cloud-sentinel/pom.xml
#	jeecg-boot/jeecg-server-cloud/jeecg-visual/jeecg-cloud-test/jeecg-cloud-test-seata/pom.xml
#	jeecg-boot/pom.xml
 2025-09-24 12:01:11 +08:00
JEECG
fc44deca83 Merge remote-tracking branch 'origin/springboot3' into springboot3 2025-09-24 11:18:36 +08:00
JEECG
9c244bd266 Update @vitejs/plugin-vue-jsx version 
Updated version of @vitejs/plugin-vue-jsx to 4.1.1.

 自动下载的依赖 @vitejs/plugin-vue-jsx@4.2.0 是 CJS 格式 , 1.0.0-beta.38 版本的 @rolldown/pluginutils 是 ESM 格式
模块不兼容
 2025-09-18 17:31:14 +08:00
JEECG
e377bf6990 升级版本号 2025-09-05 18:49:20 +08:00
JEECG
434b42e9ed 部分配置丢失,修复 2025-09-04 10:47:50 +08:00
JEECG
f1ceb08e16 Merge remote-tracking branch 'origin/master' into springboot3 
# Conflicts:
#	README.md
#	jeecg-boot/jeecg-server-cloud/jeecg-visual/jeecg-cloud-test/jeecg-cloud-test-seata/pom.xml
#	jeecg-boot/pom.xml
#	jeecgboot-vue3/src/components/jeecg/JVxeTable/src/hooks/useFinallyProps.ts
 2025-09-04 09:40:57 +08:00
JEECG
d2eedacc85 优化项目介绍 2025-09-03 19:58:13 +08:00
JEECG
8791384791 优化项目介绍 2025-09-03 19:21:56 +08:00
JEECG
b67770ff14 升级miniao到1.10.14,解决SqlServer分页兼容问题 2025-09-03 17:36:32 +08:00
JEECG
1dae808cf1 升级积木报表和积木BI到最新版 v2.1.3 2025-09-03 16:34:26 +08:00
JEECG
70d8353219 升级springBoot 3.5.5 2025-09-03 15:53:53 +08:00
JEECG
3e208de18e 默认主干切换springboot3分支 2025-09-03 15:37:26 +08:00
JEECG
56976e68b4 升级spring-boot到3.5.4、升级spring-cloud到2025.0.0、升级spring-cloud-alibaba到2023.0.3.3 2025-08-20 10:42:43 +08:00
JEECG
db1ff0268b Squashed commit of the following: 
commit b7519d7199
Author: JEECG <445654970@qq.com>
Date:   Tue Aug 19 15:18:52 2025 +0800

    中文乱码

commit 81ba07c853
Author: JEECG <445654970@qq.com>
Date:   Tue Aug 19 15:09:21 2025 +0800

    增加代码生成用法文档

commit 92ed296e63
Author: JEECG <445654970@qq.com>
Date:   Tue Aug 19 14:04:22 2025 +0800

    【issues/8709】LayoutContent样式多出1px

commit c2aff84914
Author: JEECG <445654970@qq.com>
Date:   Tue Aug 19 14:04:09 2025 +0800

    【issues/8683】DatePicker组件的componentProps使用函数形式时初始值获取不对

commit e002cd3bf3
Author: JEECG <445654970@qq.com>
Date:   Tue Aug 19 14:03:51 2025 +0800

    【issues/8680】editComponentProps 可接受一个函数传入record

commit 1de07ff3ff
Author: JEECG <445654970@qq.com>
Date:   Tue Aug 19 14:03:32 2025 +0800

    -- author:liaozhiyang---date:20250813--for:【issues/8690】BasicTable的rowSelection新增onSelect方法 ---

commit 35852d41f1
Author: JEECG <445654970@qq.com>
Date:   Tue Aug 19 14:03:04 2025 +0800

    jvxeTable表格切换disabled属性时,相邻的两个枚举下拉,如果值是一样的,但是label不一样,会把第二个下拉的显示值渲染到第一个下拉中 #8593

commit a2cb1d9f25
Author: JEECG <445654970@qq.com>
Date:   Tue Aug 19 14:00:01 2025 +0800

    【issues/8529】setColumns将原本隐藏的列展示后,列配置里却没有勾选该列

commit 2002af54d0
Author: JEECG <445654970@qq.com>
Date:   Tue Aug 19 13:59:42 2025 +0800

    JVxeTypes.image组件action字段只能定义第1张图片的上传接口,后面图片的接口还是使用公共上传接口 #8628

commit 89747403a2
Author: JEECG <445654970@qq.com>
Date:   Tue Aug 19 13:59:28 2025 +0800

    JVxeTable组件全选翻页后会被取消选中 #8630

commit 3db0995c3f
Author: JEECG <445654970@qq.com>
Date:   Tue Aug 19 11:23:19 2025 +0800

    [代码生成]前端代码支持直接生成到前端项目、菜单sql会自动生成到start项目的flyway目录

commit 950621dd88
Author: JEECG <445654970@qq.com>
Date:   Mon Aug 18 23:04:59 2025 +0800

    升级代码生成器,一键生成代码,vue3代码会生成到前端项目、菜单升级sql自动迁移到flyway目录重启自动执行(不需要手工迁移前端代码和手工执行升级sql)

commit 033cf51d69
Author: JEECG <445654970@qq.com>
Date:   Mon Aug 18 23:04:52 2025 +0800

    升级代码生成器,一键生成代码,vue3代码会生成到前端项目、菜单升级sql自动迁移到flyway目录重启自动执行(不需要手工迁移前端代码和手工执行升级sql)

commit fb9f367517
Author: JEECG <445654970@qq.com>
Date:   Mon Aug 18 23:02:53 2025 +0800

    代码生成,online自定义按钮无排序报错

commit b2da45d803
Author: JEECG <445654970@qq.com>
Date:   Mon Aug 18 16:23:22 2025 +0800

    演示地址

commit 2840f0d325
Author: JEECG <445654970@qq.com>
Date:   Mon Aug 18 15:37:10 2025 +0800

    默认账号密码

commit 6ace7eae8a
Author: JEECG <445654970@qq.com>
Date:   Sun Aug 17 15:11:45 2025 +0800

    开发环境关闭日志生成,项目启动快;生产环境请按需打开注释

commit 3d88147c59
Author: JEECG <445654970@qq.com>
Date:   Thu Aug 14 23:03:46 2025 +0800

    调整微服务启动文档

commit ba0052d452
Author: JEECG <445654970@qq.com>
Date:   Wed Aug 13 13:55:13 2025 +0800

    支持lazy-initialization启动,项目大了后启动会更快

commit 69fca254f0
Author: JEECG <445654970@qq.com>
Date:   Wed Aug 13 11:47:27 2025 +0800

    补充注释

commit b3de596199
Author: JEECG <445654970@qq.com>
Date:   Wed Aug 13 11:47:16 2025 +0800

    彻底关闭 prettier 校验规则

commit f46273d15e
Author: JEECG <445654970@qq.com>
Date:   Wed Aug 13 10:26:23 2025 +0800

    设置ESLint 的 vue/html-self-closing 自闭合标签警告配置

commit 0fe258dbc2
Author: JEECG <445654970@qq.com>
Date:   Wed Aug 13 09:26:16 2025 +0800

    修复 onExportXls defSort 不生效问题 #7570

commit de7f23c555
Merge: d97e56b2 444c7140
Author: JEECG <zhangdaiscott@163.com>
Date:   Wed Aug 13 09:20:31 2025 +0800

    Merge pull request #8496 from lileiAimee/developer

    解决TableAction中自定义图标颜色不起作用的问题

commit d97e56b2f0
Author: JEECG <445654970@qq.com>
Date:   Tue Aug 12 19:08:43 2025 +0800

    多租户模式下系统系统会给租户默认增加上测试的角色菜单,但是后台获取菜单时异常,无法打开相关页面 #8667

commit c868496b78
Author: JEECG <445654970@qq.com>
Date:   Tue Aug 12 19:02:49 2025 +0800

    映射警告

commit c5150baa69
Author: JEECG <445654970@qq.com>
Date:   Tue Aug 12 18:18:34 2025 +0800

    支持通过用户账号邀请加入租户

commit 3d9f59c69b
Author: JEECG <445654970@qq.com>
Date:   Tue Aug 12 18:17:55 2025 +0800

    邀请用户加入租户,支持通过用户账号

commit 420d6db3fb
Author: JEECG <445654970@qq.com>
Date:   Tue Aug 12 18:06:20 2025 +0800

    登录用户没有部门,不提示警告

commit 473a626039
Author: JEECG <445654970@qq.com>
Date:   Tue Aug 12 14:10:02 2025 +0800

    增加JPopup组件带参数示例

commit 0308b0597c
Author: JEECG <445654970@qq.com>
Date:   Tue Aug 12 14:08:18 2025 +0800

    【issues/8426】解决JPopup组件传参不能接收

commit 2191f5d48c
Author: JEECG <445654970@qq.com>
Date:   Mon Aug 11 22:43:07 2025 +0800

    调整位置

commit 1158b0b6e7
Author: JEECG <445654970@qq.com>
Date:   Mon Aug 11 22:30:39 2025 +0800

    升级seata到1.7.0;升级dynamic-datasource-spring-boot-starter到3.5.2

commit ead2cef1f4
Author: JEECG <445654970@qq.com>
Date:   Mon Aug 11 18:47:48 2025 +0800

    支持多字段默认排序defSort数组、解决多列排序无效 #8659

commit 83bb0a0a6a
Author: JEECG <445654970@qq.com>
Date:   Mon Aug 11 18:47:43 2025 +0800

    支持多字段默认排序defSort数组

commit b474e9e5a5
Author: JEECG <445654970@qq.com>
Date:   Sun Aug 10 17:06:01 2025 +0800

    开发环境安装

commit 422373e300
Author: JEECG <445654970@qq.com>
Date:   Sun Aug 10 16:30:13 2025 +0800

    提供JeecgBoot 运行环境python检查脚本

commit 1cf11a4c2a
Author: JEECG <445654970@qq.com>
Date:   Sat Aug 9 09:41:57 2025 +0800

    提供jeecgboot-oracle11g.dmp

commit 925f163784
Author: JEECG <445654970@qq.com>
Date:   Fri Aug 8 22:07:24 2025 +0800

    引入jeecg-boot-starter-job依赖启动报错 #8694

commit d01c1d7d47
Author: JEECG <445654970@qq.com>
Date:   Thu Aug 7 15:41:21 2025 +0800

    支持lazy-initialization

commit 3576b54945
Author: JEECG <445654970@qq.com>
Date:   Thu Aug 7 15:36:51 2025 +0800

    升级积木报表和积木BI到最新版v2.1.2

commit 444c7140f6
Author: lileiAimee <345697385@qq.com>
Date:   Wed Jun 25 09:55:07 2025 +0800

    解决TableAction中自定义图标颜色不起作用的问题

# Conflicts:
#	README-EN.md
#	README.md
#	jeecg-boot/jeecg-server-cloud/jeecg-visual/jeecg-cloud-test/jeecg-cloud-test-seata/pom.xml
#	jeecg-boot/pom.xml
 2025-08-19 22:58:12 +08:00
JEECG
08f245bdf9 修改遗漏 swagger上选择的接口和实际接口不对应#8705 2025-08-13 18:15:19 +08:00
JEECG
8cc033b86f swagger上选择的接口和实际接口不对应 #8705 2025-08-13 17:22:42 +08:00
JEECG
6b7542620b swagger上选择的接口和实际接口不对应 #8705 2025-08-13 16:44:16 +08:00
JEECG
67d9865861 Merge pull request #8550 from TsuGit/fix/xxljob-startup-error 
fix(xxljob): 修复因 factoryBeanObjectType 导致的启动失败
 2025-08-13 00:02:30 +08:00
JEECG
cd809a6573 Squashed commit of the following: 
升级seata到1.7.0;升级dynamic-datasource-spring-boot-starter到3.5.2
    支持多字段默认排序defSort数组、解决多列排序无效 #8659
    支持多字段默认排序defSort数组
    提供JeecgBoot 运行环境python检查脚本
    提供jeecgboot-oracle11g.dmp
 2025-08-12 09:25:01 +08:00
JEECG
ac446691c4 Squashed commit of the following: 
commit 925f163784
Author: JEECG <445654970@qq.com>
Date:   Fri Aug 8 22:07:24 2025 +0800

    引入jeecg-boot-starter-job依赖启动报错 #8694

commit d01c1d7d47
Author: JEECG <445654970@qq.com>
Date:   Thu Aug 7 15:41:21 2025 +0800

    支持lazy-initialization

commit 3576b54945
Author: JEECG <445654970@qq.com>
Date:   Thu Aug 7 15:36:51 2025 +0800

    升级积木报表和积木BI到最新版v2.1.2

# Conflicts:
#	jeecg-boot/pom.xml
 2025-08-08 22:22:30 +08:00
JEECG
0feb307e8d Merge remote-tracking branch 'origin/master' into springboot3 2025-08-07 18:11:58 +08:00
JEECG
781d61e96e swagger请求头部没有X-Access-Token #8676 2025-08-07 18:02:27 +08:00
JEECG
e795e03365 【issues/8666】升级mybatisPlus后SqlServer分页使用OFFSET ? ROWS FETCH NEXT ? ROWS ONLY,导致online报表报错 2025-08-04 18:39:35 +08:00
JEECG
59ece16059 修改springboot3的配置yml 2025-08-03 12:51:32 +08:00
JEECG
91208a4968 Merge remote-tracking branch 'origin/master' into springboot3 2025-08-03 12:49:26 +08:00
JEECG
128c2c97f6 修改springboot3的配置yml 2025-08-03 10:32:18 +08:00
JEECG
424dc33bba 修改springboot3的配置yml 2025-08-03 10:13:47 +08:00
JEECG
1cb48b4f0c 【解决SqlServer兼容问题,提供oracle和SqlServer的数据库脚本】 
Merge remote-tracking branch 'origin/master' into springboot3

# Conflicts:
#	jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/mybatis/MybatisPlusSaasConfig.java
 2025-08-03 10:07:04 +08:00
JEECG
79b182819b Merge remote-tracking branch 'origin/master' into springboot3 2025-08-01 17:20:53 +08:00
JEECG
621781d336 JEECG Boot 一键docker启动脚本 2025-08-01 17:04:39 +08:00
JEECG
e70844ce61 【合并v3.8.2 docker-compose优化配置】 
Merge remote-tracking branch 'origin/master' into springboot3

# Conflicts:
#	jeecg-boot/jeecg-boot-base-core/pom.xml
#	jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/Swagger3Config.java
#	jeecg-boot/jeecg-module-system/jeecg-system-start/Dockerfile
#	jeecg-boot/jeecg-module-system/jeecg-system-start/src/main/java/org/jeecg/JeecgSystemApplication.java
#	jeecg-boot/jeecg-module-system/jeecg-system-start/src/main/resources/application-docker.yml
#	jeecg-boot/jeecg-server-cloud/jeecg-visual/jeecg-cloud-sentinel/pom.xml
#	jeecg-boot/pom.xml
 2025-08-01 10:54:33 +08:00
JEECG
e00ffa2670 升级autopoi到1.4.14最新版 2025-08-01 10:46:07 +08:00
JEECG
6c15b45a8c 【合并v3.8.2最新版代码】 
Squashed commit of the following:

commit f30a8c658a
Author: JEECG <445654970@qq.com>
Date:   Thu Jul 31 11:35:16 2025 +0800

    数据库缺少openapi微服务网关配置

commit e84d7726d2
Author: JEECG <445654970@qq.com>
Date:   Thu Jul 31 10:20:09 2025 +0800

    后台接口地址修改

commit 0f39802698
Author: JEECG <445654970@qq.com>
Date:   Thu Jul 31 09:56:24 2025 +0800

    docker自动化部署命令

commit a014a3ed0e
Author: JEECG <445654970@qq.com>
Date:   Wed Jul 30 21:55:16 2025 +0800

    v3.8.2 优化一键docker启动前后端

commit 5720d1a01e
Author: JEECG <445654970@qq.com>
Date:   Wed Jul 30 19:26:38 2025 +0800

    升级版本号到3.8.2

commit 5eed6ac6d2
Author: JEECG <445654970@qq.com>
Date:   Wed Jul 30 18:49:29 2025 +0800

    升级版本号到3.8.2

commit 0cfa1e223a
Author: JEECG <445654970@qq.com>
Date:   Wed Jul 30 18:28:10 2025 +0800

    v3.8.2 系统通知改造支持分类

commit 219869f4c0
Author: JEECG <445654970@qq.com>
Date:   Wed Jul 30 18:25:58 2025 +0800

    v3.8.2 版本前端代码

commit e6edde963a
Author: JEECG <445654970@qq.com>
Date:   Wed Jul 30 18:25:46 2025 +0800

    v3.8.2 版本后端代码

commit c44b66128e
Author: JEECG <445654970@qq.com>
Date:   Wed Jul 30 18:23:09 2025 +0800

    XXL-JOB(2.4.0 及以上)已被移除,分片参数获取方式变更。

commit 9356b04741
Author: JEECG <445654970@qq.com>
Date:   Wed Jul 30 10:57:52 2025 +0800

    升级online到3.8.2-beta

commit d0a094f9a3
Author: JEECG <445654970@qq.com>
Date:   Wed Jul 30 10:57:31 2025 +0800

    升级mybatis-plus到3.5.12、升级jsqlparser到4.9

commit 73eb625737
Author: JEECG <445654970@qq.com>
Date:   Wed Jul 30 09:51:34 2025 +0800

    升级jimureport到v2.1.1

commit 74880705b8
Author: JEECG <445654970@qq.com>
Date:   Wed Jul 30 09:18:46 2025 +0800

    升级online到3.8.2-beta

# Conflicts:
#	jeecg-boot/jeecg-boot-base-core/pom.xml
#	jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/Swagger3Config.java
#	jeecg-boot/jeecg-module-system/jeecg-system-start/src/main/java/org/jeecg/JeecgSystemApplication.java
#	jeecg-boot/jeecg-server-cloud/jeecg-visual/jeecg-cloud-sentinel/pom.xml
#	jeecg-boot/pom.xml
 2025-07-31 14:23:45 +08:00
JEECG
f67cfa1bfb 删除重复依赖 2025-07-29 12:00:05 +08:00
JEECG
8d91caa4e6 升级积木报表和积木BI到最新版 2025-07-28 18:54:21 +08:00
JEECG
0d9f9a04cc 升级knife4j-openapi3-jakarta-spring-boot-starter到4.6.0解决knife4j-production不生效问题 2025-07-25 14:08:00 +08:00
JEECG
90565fcf79 Merge remote-tracking branch 'origin/master' into springboot3 
# Conflicts:
#	jeecg-boot/db/tables_nacos.sql
 2025-07-25 13:23:47 +08:00
JEECG
cf4d888839 TODO 暂时注释掉,for:【issues/8638】springboot3分支,knife4j不能正确显示文档,但是swagger-ui和v3/api-docs正常 #8638 2025-07-24 18:34:25 +08:00
JEECG
f510578cb7 启动democloud服务时出现循环依赖报错 #8573 2025-07-11 10:35:17 +08:00
JEECG
2d7c51eadc 【合并升级v3.8.1】 
Merge remote-tracking branch 'origin/master' into springboot3

# Conflicts:
#	jeecg-boot/README.md
#	jeecg-boot/db/tables_nacos.sql
#	jeecg-boot/jeecg-boot-base-core/pom.xml
#	jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/exception/JeecgBootExceptionHandler.java
#	jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/encryption/AesEncryptUtil.java
#	jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/WebMvcConfiguration.java
#	jeecg-boot/jeecg-boot-module/jeecg-boot-module-airag/pom.xml
#	jeecg-boot/jeecg-boot-module/jeecg-boot-module-airag/src/main/java/org/jeecg/modules/airag/app/controller/AiragAppController.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/monitor/actuator/httptrace/CustomInMemoryHttpTraceRepository.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/openapi/service/impl/OpenApiPermissionServiceImpl.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysRoleIndexController.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/ISysUserService.java
#	jeecg-boot/jeecg-module-system/jeecg-system-start/pom.xml
#	jeecg-boot/jeecg-module-system/jeecg-system-start/src/main/resources/application-dev.yml
#	jeecg-boot/jeecg-server-cloud/jeecg-system-cloud-start/src/main/java/org/jeecg/JeecgSystemCloudApplication.java
#	jeecg-boot/jeecg-server-cloud/jeecg-visual/jeecg-cloud-sentinel/pom.xml
#	jeecg-boot/pom.xml
#	jeecgboot-vue3/pnpm-lock.yaml
 2025-07-08 16:33:51 +08:00
TsuGit
216d4b9a1f fix: 解决 xxljob 因 factoryBeanObjectType 导致的启动失败 2025-07-06 03:10:33 +08:00
JEECG
5972c74b43 解决积木报表springboot3 找不到类base64utils #3834和SqlServer兼容问题 2025-06-05 15:51:05 +08:00
JEECG
d69cb121fc 解决AI脚本节点执行报错问题 2025-05-28 11:07:33 +08:00
JEECG
10a9edd10b ai⼯作流使⽤知识库报错 "白名单校验未通过" 2025-05-27 17:56:46 +08:00
JEECG
c71ff3fbcc 访问Swagger接口不带doc.html后缀,会丢失项目前缀/jeecg-boot/导致测试接口,返回下载文件 2025-05-26 19:14:02 +08:00
JEECG
08612d5bfa springboot3分支的redis配置格式改了 2025-05-22 11:12:27 +08:00
JEECG
2ecce8f02d 更新nacos配置,增加aigc的配置 2025-05-22 10:59:57 +08:00
JEECG
62937f14fb 升级shiro到2.0.4 2025-05-22 10:55:16 +08:00
JEECG
d6ccc4a326 还原库名 2025-05-22 10:50:17 +08:00
JEECG
1893108136 升级版本号到3.8.1(springboot3升级到3.4.5) 2025-05-22 10:18:25 +08:00
JEECG
7980915bdc 移除AI大模型管理依赖并更新pom.xml 2025-05-22 09:28:04 +08:00
JEECG
550997268b 最新版 2025-05-20 10:24:34 +08:00
JEECG
9e7d40a080 升级springboot3.4.5 2025-05-19 16:09:09 +08:00
JEECG
2c38db456b 合并redis配置错误 2025-05-19 13:58:09 +08:00
JEECG
e52538d304 升级spring3.4.5后,会有很多警告BeanPostProcessorChecker:437 - Bean 'org.springframework.boot.autoconfigure.data.redis.RedisAutoConfiguration' of type [org.springframework.boot.autoconfigure.data.redis.RedisAutoConfiguration] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying). Is this bean getting eagerly injected/applied to a currently created BeanPostProcessor [defaultAdvisorAutoProxyCreator]? Check the corresponding BeanPostProcessor declaration and its dependencies/advisors. If this bean does not have to be post-processed, declare it with ROLE_INFRASTRUCTURE. 2025-05-18 16:40:55 +08:00
JEECG
e91cbd5cd8 Merge pull request #8297 from MuShan-bit/springboot3_upgrade344-fix-warn 
logging(level): 设置 PostProcessorRegistrationDelegate 日志级别为 error
 2025-05-18 16:33:14 +08:00
MuShan
70cec8b5c6 logging(level): 设置 PostProcessorRegistrationDelegate 日志级别为 error 
- 在 application-dev.yml 文件中添加了 org.springframework.context.support.PostProcessorRegistrationDelegate 的日志级别配置
- 此修改旨在减少不必要的日志输出,提高日志的可读性和性能
 2025-05-16 22:29:00 +08:00
JEECG
d2365088ce AIGC大模型应用功能 2025-05-16 11:27:48 +08:00
JEECG
a679571a5a 基于AK和SK认证鉴权OpenAPI 2025-05-16 10:41:24 +08:00
JEECG
b9c74e549f 移除javax.annotation.Resource导入,改为使用jakarta.annotation.Resource 2025-05-16 10:31:49 +08:00
JEECG
81c1724016 升级online到v3.8.0版本 2025-05-16 10:31:39 +08:00
JEECG
56d59eb589 修改springboot3 v3.8.0发布时间 2025-05-16 09:58:36 +08:00
JEECG
a00fcae3a3 【v3.8.0 合并】Merge remote-tracking branch 'origin/master' into springboot3 
# Conflicts:
#	README.md
#	jeecg-boot/db/tables_nacos.sql
#	jeecg-boot/jeecg-boot-base-core/pom.xml
#	jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/system/util/JwtUtil.java
#	jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/oConvertUtils.java
#	jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/Swagger2Config.java
#	jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/Swagger3Config.java
#	jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/WebMvcConfiguration.java
#	jeecg-boot/jeecg-boot-module/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/controller/JeecgDemoController.java
#	jeecg-boot/jeecg-boot-module/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/entity/JeecgDemo.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/openapi/controller/OpenApiController.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/openapi/controller/OpenApiLogController.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/openapi/controller/OpenApiPermissionController.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/openapi/entity/OpenApi.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/openapi/entity/OpenApiAuth.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/openapi/entity/OpenApiHeader.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/openapi/entity/OpenApiLog.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/openapi/entity/OpenApiParam.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/openapi/filter/ApiAuthFilter.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/openapi/mapper/OpenApiLogMapper.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/openapi/service/OpenApiLogService.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/DuplicateCheckController.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/LoginController.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysCommentController.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDataSourceController.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDepartPermissionController.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDepartRoleController.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDictItemController.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysGatewayRouteController.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysRoleIndexController.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysTableWhiteListController.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/entity/SysCheckRule.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/entity/SysComment.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/entity/SysDataSource.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/entity/SysDepartPermission.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/entity/SysDepartRole.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/entity/SysDepartRolePermission.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/entity/SysDepartRoleUser.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/entity/SysFillRule.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/entity/SysFormFile.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/entity/SysGatewayRoute.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/entity/SysPackPermission.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/entity/SysPosition.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/entity/SysRoleIndex.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/entity/SysTableWhiteList.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/entity/SysTenantPack.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/entity/SysTenantPackUser.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/entity/SysThirdAccount.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/entity/SysThirdAppConfig.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/entity/SysUserPosition.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/entity/SysUserTenant.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/model/DuplicateCheckVo.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/springframework/boot/autoconfigure/mongo/MongoAutoConfiguration.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/default/one/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/default/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/default/tree/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/default/tree/java/${bussiPackage}/${entityPackage}/entity/${entityName}.javai
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/erp/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/erp/onetomany/java/${bussiPackage}/${entityPackage}/entity/${entityName}.javai
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/erp/onetomany/java/${bussiPackage}/${entityPackage}/entity/[1-n]Entity.javai
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/inner-table/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/inner-table/onetomany/java/${bussiPackage}/${entityPackage}/entity/${entityName}.javai
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/inner-table/onetomany/java/${bussiPackage}/${entityPackage}/entity/[1-n]Entity.javai
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/inner-table/onetomany/java/${bussiPackage}/${entityPackage}/vo/${entityName}Page.javai
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/jvxe/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/jvxe/onetomany/java/${bussiPackage}/${entityPackage}/entity/${entityName}.javai
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/jvxe/onetomany/java/${bussiPackage}/${entityPackage}/vo/${entityName}Page.javai
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/tab/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/tab/onetomany/java/${bussiPackage}/${entityPackage}/entity/${entityName}.javai
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/tab/onetomany/java/${bussiPackage}/${entityPackage}/entity/[1-n]Entity.javai
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/tab/onetomany/java/${bussiPackage}/${entityPackage}/vo/${entityName}Page.javai
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template/one/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template/one/java/${bussiPackage}/${entityPackage}/entity/${entityName}.javai
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template/one2/java/${bussiPackage}/controller/${entityPackage}/${entityName}Controller.javai
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template/onetomany/java/${bussiPackage}/${entityPackage}/entity/${entityName}.javai
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template/onetomany/java/${bussiPackage}/${entityPackage}/entity/[1-n]Entity.javai
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template/onetomany/java/${bussiPackage}/${entityPackage}/vo/${entityName}Page.javai
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template/onetomany2/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template/onetomany2/java/${bussiPackage}/${entityPackage}/entity/${entityName}.javai
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template/onetomany2/java/${bussiPackage}/${entityPackage}/entity/[1-n]Entity.javai
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template/onetomany2/java/${bussiPackage}/${entityPackage}/vo/${entityName}Page.javai
#	jeecg-boot/jeecg-module-system/jeecg-system-start/pom.xml
#	jeecg-boot/jeecg-module-system/jeecg-system-start/src/main/java/org/jeecg/config/flyway/FlywayConfig.java
#	jeecg-boot/jeecg-module-system/jeecg-system-start/src/main/resources/application-dev.yml
#	jeecg-boot/jeecg-module-system/jeecg-system-start/src/main/resources/application-prod.yml
#	jeecg-boot/jeecg-module-system/jeecg-system-start/src/main/resources/application-test.yml
#	jeecg-boot/jeecg-module-system/jeecg-system-start/src/test/java/org/jeecg/modules/system/test/SampleTest.java
#	jeecg-boot/jeecg-server-cloud/jeecg-cloud-gateway/src/main/java/org/jeecg/handler/swagger/SwaggerResourceController.java
#	jeecg-boot/jeecg-server-cloud/jeecg-cloud-gateway/src/main/java/org/jeecg/loader/DynamicRouteLoader.java
#	jeecg-boot/jeecg-server-cloud/jeecg-cloud-gateway/src/main/resources/application.yml
#	jeecg-boot/jeecg-server-cloud/jeecg-visual/jeecg-cloud-sentinel/pom.xml
#	jeecg-boot/jeecg-server-cloud/jeecg-visual/jeecg-cloud-test/jeecg-cloud-test-more/src/main/java/org/jeecg/modules/test/feign/controller/JeecgTestFeignController.java
#	jeecg-boot/jeecg-server-cloud/jeecg-visual/jeecg-cloud-test/jeecg-cloud-test-rocketmq/src/main/java/org/jeecg/modules/test/rocketmq/controller/JeecgMqTestController.java
#	jeecg-boot/jeecg-server-cloud/jeecg-visual/jeecg-cloud-test/jeecg-cloud-test-seata/jeecg-cloud-test-seata-order/src/main/java/org/jeecg/modules/test/seata/order/controller/SeataOrderController.java
#	jeecg-boot/jeecg-server-cloud/jeecg-visual/jeecg-cloud-xxljob/src/main/java/com/xxl/job/admin/core/old/RemoteHttpJobBean.java
#	jeecg-boot/jeecg-server-cloud/jeecg-visual/jeecg-cloud-xxljob/src/main/java/com/xxl/job/admin/core/old/XxlJobDynamicScheduler.java
#	jeecg-boot/jeecg-server-cloud/jeecg-visual/jeecg-cloud-xxljob/src/main/java/com/xxl/job/admin/core/old/XxlJobThreadPool.java
#	jeecg-boot/pom.xml
 2025-05-15 20:01:54 +08:00
JEECG
286d10a50f Merge branch 'springboot3_upgrade344' of https://github.com/jeecgboot/jeecg-boot into springboot3_upgrade344 2025-05-14 15:19:10 +08:00
JEECG
68f36cb1e5 升级online 2025-05-14 13:59:56 +08:00
JEECG
78454d3434 Merge pull request #8273 from MuShan-bit/springboot3_upgrade344-upgrade-shiro2.0.4 
feat: 升级 shiro 到 2.0.4 版本,解决 ShiroRequestMappingConfig 获取 RequestMappingHandlerMapping Bean 冲突
 2025-05-14 09:21:36 +08:00
MuShan
56fbc2ed8f feat: 升级 shiro 到 2.0.4 版本,解决Shiro获取 requestMappingHandlerMapping 时 spring-boot-autoconfigure:3.4.5 和 spring-boot-actuator-autoconfigure:3.4.5 Bean 依赖冲突, 2025-05-13 22:48:48 +08:00
JEECG
197d7adaaf Merge pull request #8256 from MuShan-bit/springboot3-chore-upgrade-shiro 
upgrade shiro to 2.0.4
 2025-05-11 10:34:23 +08:00
MuShan
e952518d71 feat: 升级 shiro 到 2.0.4 版本 2025-05-10 22:14:02 +08:00
JEECG
1e259c805e fastjson升级到2.0.57;jimureport升级到1.9.5;minidao升级到1.10.8 2025-05-08 22:39:57 +08:00
JEECG
8a82141c95 升级jsqlparser到4.9 2025-05-08 16:47:46 +08:00
EightMonth
888a032266 优化bean无法被所有beanpostprocessor处理 2025-04-30 10:00:02 +08:00
EightMonth
309c76d268 修复swagger接口文档正常显示 2025-04-25 18:08:45 +08:00
EightMonth
f78eabfc66 使用minidao适配jsqlparser 2025-04-25 16:54:55 +08:00
EightMonth
748331d649 处理jsqlparser兼容问题 2025-04-22 16:00:17 +08:00
EightMonth
b70e709e53 升级spring boot 3.4.4 2025-04-16 16:18:32 +08:00
JEECG
2ba17648c4 Merge pull request #8116 from EightMonth/springboot3 
优化swagger文档改造
 2025-04-15 11:41:44 +08:00
EightMonth
36caab37e2 Update application-mysql.yml 2025-04-15 11:07:54 +08:00
EightMonth
6e721e4120 归集spring-doc默认配置 
(cherry picked from commit d4d0c884f0)
 2025-04-15 10:39:05 +08:00
EightMonth
a17b403675 优化swagger文档架构改造 2025-04-03 17:46:11 +08:00
JEECG
632fd72d79 Merge pull request #8053 from EightMonth/springboot3 
排除部分接口文档,为免登录接口排除token校验请求头
 2025-04-01 21:28:44 +08:00
EightMonth
15fc262675 排除部分接口文档,为免登录接口排除token校验请求头 2025-04-01 18:05:04 +08:00
JEECG
6768d65e1e Merge pull request #8008 from EightMonth/springboot3 
修复 CVE-2023-6378
 2025-03-25 16:02:57 +08:00
EightMonth
410ab7bcc3 修复 CVE-2023-6378 2025-03-25 15:58:19 +08:00
JEECG
174f1ae432 Merge pull request #8004 from EightMonth/springboot3 
jeewx-api修改成weixin4j
 2025-03-25 14:19:42 +08:00
EightMonth
eef2f7e269 jeewx-api修改成weixin4j 2025-03-25 14:13:45 +08:00
JEECG
6a0ec66d3d Merge branch 'springboot3' of https://github.com/jeecgboot/jeecg-boot into springboot3 2025-03-25 14:10:17 +08:00
JEECG
163b0b531f 视频介绍 2025-03-18 10:08:05 +08:00
JEECG
d1af49a33f Merge pull request #7949 from EightMonth/springboot3 
解决严重bug,War包方式部署,服务启动报错
 2025-03-12 15:28:07 +08:00
JEECG
03265691e6 解决严重bug,War包方式部署,服务启动报错 2025-03-12 14:12:00 +08:00
JEECG
de9cc2f30d Merge pull request #7874 from EightMonth/springboot3 
修复 #7613
 2025-03-03 17:05:01 +08:00
EightMonth
26887959cd 修复 #7613 2025-03-03 14:27:16 +08:00
JEECG
7e15e81218 版本合并,升级springboot3分支到3.7.3 2025-02-20 17:56:16 +08:00
JEECG
8b0e0367c7 Merge pull request #7797 from EightMonth/springboot3 
固定vue-router版本号
 2025-02-11 14:49:06 +08:00
EightMonth
334f7dbb62 Update package.json 2025-02-11 14:24:18 +08:00
EightMonth
e9ddd21286 固定vue-router版本号 2025-02-11 09:53:29 +08:00
JEECG
458526075e Merge remote-tracking branch 'origin/springboot3' into springboot3 2024-12-24 15:44:51 +08:00
JEECG
a1b55f0d40 解决vue-router升级版本报错问题 2024-12-24 15:44:27 +08:00
JEECG
2f0a3bcd87 Merge pull request #7379 from EightMonth/springboot3 
分布式事务demo修复
 2024-11-20 10:31:10 +08:00
EightMonth
30d3a9f17b 分布式事务demo修复 2024-10-24 09:15:06 +08:00
JEECG
03739f2837 【springboot3分支 issues/7353】The bean 'dataSource', defined in class path resource #7353 2024-10-19 20:18:35 +08:00
JEECG
d9e8bd2bc8 Merge pull request #7317 from EightMonth/springboot3 
修改docker镜像base为JDK17
 2024-10-09 16:08:38 +08:00
EightMonth
81eef5a838 修改docker镜像base为JDK17 2024-10-09 16:05:22 +08:00
JEECG
f528f72903 升级仪表盘到最新版 2024-10-08 22:33:29 +08:00
JEECG
918286c144 升级online模块和autopoi 2024-10-08 21:18:18 +08:00
JEECG
512234a804 【版本合并】 branch 'origin/master' into springboot3 2024-10-08 19:30:14 +08:00
JEECG
cacc59b8fd 升级jimureport到最新版1.7.8 2024-07-08 12:18:09 +08:00
JEECG
c744633139 升级jimureport到最新版1.7.7 2024-07-06 22:20:36 +08:00
JEECG
0e4d304878 升级仪表盘 2024-07-03 11:56:53 +08:00
JEECG
17a8964487 更新online模块为3.7.0最新依赖 2024-07-03 11:09:15 +08:00
JEECG
8ac6989d2c Merge remote-tracking branch 'origin/master' into springboot3 2024-06-23 11:22:06 +08:00
JEECG
402ab0ffc4 补充合并丢失的代码 2024-06-23 10:27:33 +08:00
JEECG
7778ede90e Merge remote-tracking branch 'origin/master' into springboot3 
# Conflicts:
#	jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/Swagger3Config.java
#	jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/UndertowCustomizer.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysFilesController.java
#	jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/entity/SysFiles.java
 2024-06-23 10:23:56 +08:00
JEECG
06144206df 修改nacos命名空间springboot3的id也是springboot3,方便理解 2024-06-22 23:23:05 +08:00
JEECG
3d3b5850ad online的依赖升级个小版本号 2024-06-22 17:18:59 +08:00
JEECG
816eeb9225 3.7.0版本合并springboot3分支 
本次提交未升级【minidao、仪表盘、online的依赖】
 2024-06-22 17:03:43 +08:00
JEECG
0b42efbbbf Merge remote-tracking branch 'origin/springboot3' into springboot3 2024-06-22 14:58:29 +08:00
JEECG
b8e0d4391d Merge pull request #6200 from EightMonth/springboot3 
修复 #6169
 2024-04-30 13:52:00 +08:00
EightMonth
72b34d082b 修复 #6169 2024-04-30 11:53:59 +08:00
JEECG
7112649a21 Merge branch 'springboot3' of https://github.com/jeecgboot/jeecg-boot into springboot3 2024-04-26 11:06:35 +08:00
JEECG
fbc312c35d Merge pull request #6173 from EightMonth/springboot3 
修复#6127 #6130
 2024-04-25 20:04:26 +08:00
EightMonth
b8162a4a6d 修复#6127 #6130 2024-04-25 16:01:58 +08:00
JEECG
28404d2fd3 Merge pull request #6091 from EightMonth/springboot3 
升级druid v1.2.22版本兼容处理
 2024-04-08 15:26:49 +08:00
EightMonth
c92c9be49a 升级druid v1.2.22版本兼容处理 2024-04-08 14:04:07 +08:00
JEECG
58e85e0569 Merge pull request #6081 from EightMonth/springboot3 
升级druid1.2.22版本兼容处理
 2024-04-03 16:35:30 +08:00
EightMonth
6fc34d8a39 升级druid1.2.22版本兼容处理 2024-04-03 16:18:31 +08:00
JEECG
790df934b5 Merge branch 'springboot3' of https://github.com/jeecgboot/jeecg-boot into springboot3 
 Conflicts:
	pom.xml
 2024-03-30 23:39:54 +08:00
JEECG
8aee4011a2 Merge pull request #6036 from EightMonth/springboot3 
合并master变更,升级 3.6.3
 2024-03-25 15:32:01 +08:00
EightMonth
6e0277c60a 升级druid版本,修复 #5936 2024-03-25 14:37:00 +08:00
EightMonth
e923654161 升级jimu版本至1.7.3,屏蔽flyway 2024-03-25 10:52:37 +08:00
EightMonth
06b41ae479 Merge branch 'master' into springboot3 
# Conflicts:
#	db/tables_nacos.sql
#	jeecg-boot-base-core/pom.xml
#	jeecg-boot-base-core/src/main/java/org/jeecg/config/Swagger2Config.java
#	jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/ShiroConfig.java
#	jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysFilesController.java
#	jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysRoleIndexController.java
#	jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/entity/SysFiles.java
#	jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysPermissionServiceImpl.java
#	jeecg-module-system/jeecg-system-start/pom.xml
#	jeecg-module-system/jeecg-system-start/src/main/resources/application-dev.yml
#	jeecg-server-cloud/jeecg-cloud-gateway/pom.xml
#	jeecg-server-cloud/jeecg-visual/jeecg-cloud-sentinel/pom.xml
#	pom.xml
 2024-03-25 09:39:13 +08:00
zhangdaiscott
11af85d87a springboot3, 积木报表 聚合分组查询失败 #2398 2024-03-04 21:12:35 +08:00
JEECG
4caff75cce Merge pull request #5935 from EightMonth/springboot3_config 
修正spring boot3默认配置
 2024-03-01 16:24:33 +08:00
EightMonth
811861a957 添加nacos sql自动创建nacos库 2024-03-01 16:15:06 +08:00
EightMonth
24623ba4b0 梳理服务配置信息 2024-03-01 16:06:12 +08:00
EightMonth
7c68b46943 添加springboot3的配置变更 2024-03-01 16:04:57 +08:00
zhangdaiscott
7c34161369 删除无用文件 2024-02-29 17:41:13 +08:00
zhangdaiscott
bc52aa918d gateway的配置改坏了,导致命名空间等不好使 2024-02-29 17:30:04 +08:00
zhangdaiscott
9dfdd47b36 springboot3版本的仪表盘依赖有问题,升级一个版本 2024-01-12 11:32:26 +08:00
zhangdaiscott
272a7540eb 仪表盘升级为springboot3版本 2024-01-12 11:00:51 +08:00
EightMonth
ad796f079f flywaydb兼容springboot3报错,先注释掉 2024-01-12 11:00:37 +08:00
JEECG
e7e7716d05 Merge pull request #5782 from EightMonth/springboot3 
同步主干分支版本代码,并升级jedis至3.8.0
 2024-01-12 10:39:24 +08:00
EightMonth
c5d620d2b2 升级jedis版本至3.8.0 2024-01-08 13:54:04 +08:00
EightMonth
cdea05ebb0 Merge branch 'master' into springboot3 
# Conflicts:
#	jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/ShiroConfig.java
#	jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/entity/JeecgDemo.java
#	jeecg-module-system/jeecg-system-biz/pom.xml
#	jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysTableWhiteListController.java
#	jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/WechatVerifyController.java
#	jeecg-module-system/jeecg-system-start/pom.xml
#	jeecg-server-cloud/jeecg-visual/jeecg-cloud-sentinel/pom.xml
#	pom.xml
 2024-01-08 13:52:33 +08:00
JEECG
ca9a433f3c Merge pull request #5765 from hoperunChen/springboot3-fix-#5723 
fix issue for springboot3 #5723: 指定jaxb-runtime版本,添加修改记录
 2024-01-04 21:41:11 +08:00
JEECG
2be6052cd4 Merge pull request #5766 from hoperunChen/springboot3-fix-#5742 
fix issue for springboot3 #5742: 修改代码生成时的schema注解参数
 2024-01-04 21:40:53 +08:00
JEECG
68ed67ee49 shiro 无法使用 spring boot 3.X 自带的jedis,降版本处理 Merge pull request #5767 from hoperunChen/springboot3-fix-#5741 
fix issue for springboot3 #5741: shiro 无法使用 spring boot 3.X 自带的jedis,降版本处理
 2024-01-04 21:40:31 +08:00
chenrui
d5903ba52a Merge remote-tracking branch 'upstream/springboot3' into springboot3-fix-#5741 2024-01-04 20:37:37 +08:00
chenrui
3ee635eddf fix issue for springboot3 #5723: 指定jaxb-runtime版本,添加修改记录 2024-01-04 20:32:26 +08:00
chenrui
21bc68fb53 fix issue for springboot3 #5741: shiro 无法使用 spring boot 3.X 自带的jedis,降版本处理 2024-01-04 20:19:46 +08:00
zhangdaiscott
f532e57862 解决升级到springboot3, 表单excel导出失败,找不到 javax/servlet/ServletOutputStream #5738 2024-01-03 17:26:41 +08:00
chenrui
da08adbea1 fix issue for springboot3 #5742: 修改代码生成时的schema注解参数 2024-01-02 13:41:54 +08:00
chenrui
46e3e62b59 fix issue for springboot3 #5741: shiro 无法使用 spring boot 3.X 自带的jedis,降版本处理 2024-01-02 13:31:57 +08:00
zhangdaiscott
3656264f8a 提供积木报表fastjson2版本 2023-12-28 22:34:23 +08:00
zhangdaiscott
3361d48cd4 Merge branch 'springboot3' of https://github.com/zhangdaiscott/jeecg-boot into springboot3 2023-12-28 11:03:26 +08:00
zhangdaiscott
ed86ea3da1 默认不需要nosql支持包 2023-12-28 11:03:10 +08:00
JEECG
3deb0e5487 Merge pull request #5730 from EightMonth/springboot3 
修改自动生成接口文档范围
 2023-12-28 10:49:10 +08:00
EightMonth
9e4792941e 修改自动秣接口文档范围 2023-12-28 10:43:58 +08:00
JEECG
b5fd5fe782 Merge pull request #5716 from EightMonth/springboot3 
升级fastjson至2.0.43,替换tomcat为undertow
 2023-12-26 17:21:30 +08:00
EightMonth
33c0104a02 增加undertow配置到test\prod 环境 2023-12-26 17:11:54 +08:00
zhangdaiscott
81ed5100af 补充注释 2023-12-26 16:42:24 +08:00
EightMonth
87f9dc0064 去除无意义内容 2023-12-26 15:17:50 +08:00
EightMonth
b311fedc6b 升级fastjson至2.0.43,替换tomcat为undertow 2023-12-26 15:03:35 +08:00
zhangdaiscott
e321a0405f 升级aliyun.oss和minio的依赖 2023-12-26 10:01:57 +08:00
zhangdaiscott
d8bc74794d 仪表盘也支持springboot3 2023-12-21 15:31:12 +08:00
zhangdaiscott
732f05dc74 提供springboot3版本的online依赖支持 2023-12-21 14:57:14 +08:00
JEECG
6ce92798c6 Merge pull request #5704 from EightMonth/springboot3 
升级jeecg 3.6.1版本
 2023-12-21 11:46:59 +08:00
EightMonth
f4454e9348 Merge branch 'springboot3' into springboot3 2023-12-21 09:52:14 +08:00
kezhijie
d9134ae0c8 Update WechatVerifyController.java 2023-12-21 09:46:52 +08:00
kezhijie
25180e41c8 更新minidao支持springboot3版本 2023-12-21 09:29:16 +08:00
kezhijie
a99e3f2268 更新积木报表支持springboot3版本 2023-12-21 09:28:00 +08:00
zhangdaiscott
d27c354bf1 修改错误的配置 2023-12-21 09:26:40 +08:00
kezhijie
d818b1dd9d 更新jeecg-boot-starter3依赖 2023-12-21 09:26:39 +08:00
kezhijie
bcdbec0091 更新jeecg-boot-starter3依赖 2023-12-21 09:26:39 +08:00
kezhijie
098bb12b9e 更改jeecg-boot-starter3依赖 2023-12-21 09:26:39 +08:00
kezhijie
4a6c750b19 为注释内容添加注释原因 2023-12-21 09:26:39 +08:00
kezhijie
d396e5304a Update pom.xml 2023-12-21 09:26:38 +08:00
kezhijie
9bed25be8c spring3 2023-12-21 09:26:30 +08:00
JEECG
7109b42092 Merge pull request #5698 from EightMonth/springboot3 
更新积木报表、Minidao支持Springboot3版本
 2023-12-20 10:10:51 +08:00
kezhijie
1667b14194 更新minidao支持springboot3版本 2023-12-20 10:00:14 +08:00
kezhijie
e9514873d2 更新积木报表支持springboot3版本 2023-12-19 14:31:17 +08:00
zhangdaiscott
0ee090664e 修改错误的配置 2023-11-13 20:03:53 +08:00
JEECG
4a9eda4ab0 Merge pull request #5567 from EightMonth/spring3 
更新jeecg-boot-starter3依赖
 2023-11-13 18:45:02 +08:00
kezhijie
2416c8b251 更新jeecg-boot-starter3依赖 2023-11-13 16:19:22 +08:00
kezhijie
5b056f9dd6 更新jeecg-boot-starter3依赖 2023-11-13 16:12:46 +08:00
JEECG
a93998dc56 Merge pull request #5566 from EightMonth/spring3 
更改jeecg-boot-starter3依赖
 2023-11-13 15:43:21 +08:00
kezhijie
268c27a782 更改jeecg-boot-starter3依赖 2023-11-13 15:34:25 +08:00
JEECG
23ace2712a Merge pull request #5563 from EightMonth/spring3 
Spring Boot3 & JDK 17
 2023-11-13 09:49:04 +08:00
kezhijie
157feeb925 为注释内容添加注释原因 2023-11-06 14:16:02 +08:00
kezhijie
4e25d4162f Update pom.xml 2023-11-06 14:11:23 +08:00
kezhijie
47a68f31e1 spring3 2023-11-06 12:41:57 +08:00
280 changed files with 3774 additions and 3081 deletions
Expand all files Collapse all files

1
.github/ISSUE_TEMPLATE/bug_report.md vendored
View File

@ -9,6 +9,7 @@ assignees: getActivity
##### 版本号:
##### 分支:

1
.github/ISSUE_TEMPLATE/feature_request.md vendored
View File

@ -8,6 +8,7 @@ assignees: getActivity
##### 版本号:
##### 分支:

1
.gitignore vendored
View File

@ -13,3 +13,4 @@ os_del.cmd
os_del_doc.cmd
.svn
derby.log
.cursor

2
README-EN.md
View File

@ -12,7 +12,7 @@ Current version: 3.8.3 (Release date: 2025-10-09)
[![AUR](https://img.shields.io/badge/license-Apache%20License%202.0-blue.svg)](https://github.com/zhangdaiscott/jeecg-boot/blob/master/LICENSE)
[![](https://img.shields.io/badge/Author-guojusoft-orange.svg)](http://www.jeecg.com)
[![](https://img.shields.io/badge/version-3.8.3-brightgreen.svg)](https://github.com/zhangdaiscott/jeecg-boot)
[![](https://img.shields.io/badge/version-3.8.2-brightgreen.svg)](https://github.com/zhangdaiscott/jeecg-boot)
[![GitHub stars](https://img.shields.io/github/stars/zhangdaiscott/jeecg-boot.svg?style=social&label=Stars)](https://github.com/zhangdaiscott/jeecg-boot)
[![GitHub forks](https://img.shields.io/github/forks/zhangdaiscott/jeecg-boot.svg?style=social&label=Fork)](https://github.com/zhangdaiscott/jeecg-boot)

50
README.md
View File

@ -4,7 +4,6 @@ JeecgBoot AI低代码平台
当前最新版本: 3.8.3发布日期2025-10-09
> 重要提醒: v3.8.3 是 SpringBoot2 的最终版本,后续将不再维护。建议大家尽快升级至基于 SpringBoot3版本以获得更好的性能和支持。
[![AUR](https://img.shields.io/badge/license-Apache%20License%202.0-blue.svg)](https://github.com/jeecgboot/JeecgBoot/blob/master/LICENSE)
[![](https://img.shields.io/badge/Author-北京国炬软件-orange.svg)](https://jeecg.com)
@ -20,16 +19,18 @@ JeecgBoot AI低代码平台
<h3 align="center">企业级AI低代码平台</h3>
JeecgBoot是一款企业级低代码平台集成了AI应用平台功能旨在帮助开发者快速实现低代码开发和构建、部署个性化的 AI 应用。
前后端分离架构Ant Design4、Vue3SpringBoot2/3SpringCloud AlibabaMybatis-plusShiro/SpringAuthorizationServer,强大代码生成器前后端代码一键生成,无需写任何代码;提供强大的报表和大屏工具,满足企业级数据产品需求!
引领AI低代码开发模式: AI生成->OnlineCoding-> 代码生成-> 手工MERGE 帮助Java项目解决80%重复工作,让开发更多关注业务,提高效率节省成本,同时又不失灵活性低代码能力Online表单、表单设计、流程设计、Online报表、大屏/仪表盘设计、报表设计; AI应用平台功能AI知识库问答、AI模型管理、AI流程编排、AI聊天等支持含ChatGPT、DeepSeek、Ollama等多种AI大模型
JeecgBoot 是一款基于BPM流程和代码生成的AI低代码平台助力企业快速实现低代码开发和构建AI应用。
采用前后端分离架构Ant Design&Vue3SpringBoot3SpringCloud AlibabaMybatis-plus,强大代码生成器实现前后端一键生成,无需手写代码。
平台引领AI低代码开发模式AI生成→在线编码→代码生成→手工合并,解决Java项目80%重复工作,提升效率节省成本,兼顾灵活性。
具备强大且颗粒化的权限控制支持按钮权限和数据权限设置满足大型业务系统需求。功能涵盖在线表单、表单设计、流程设计、门户设计、报表与大屏设计、OA办公、AI应用、AI知识库、大模型管理、AI流程编排、AI聊天支持ChatGPT、DeepSeek、Ollama等多种AI大模型。
`AI赋能报表:` 积木报表是一款自主研发的强大开源企业级Web报表与大屏工具。它通过零编码的拖拽式操作赋能用户如同搭积木般轻松构建各类复杂报表和数据大屏全面满足企业数据可视化与分析需求助力企业级数据产品的高效打造与应用。
`AI赋能低代码:` 提供一套成熟AI应用平台功能:包含AI应用管理、AI模型管理、AI对话助手、AI知识库问答、AI流程编排、AI流程设计器AI建表等功能; 支持各种AI大模型ChatGPT、DeepSeek、Ollama、智普、千问等.
`AI赋能低代码:` 提供完善成熟AI应用平台,涵盖AI应用管理、AI模型管理、智能对话助手、知识库问答、流程编排设计器AI建表等多项功能。平台兼容多种主流大模型,包括ChatGPT、DeepSeek、Ollama、智普、千问等助力企业高效构建智能化应用推动低代码开发与AI深度融合。
`JEECG宗旨是:` 简单功能由OnlineCoding零代码搭建做到`零代码开发`复杂功能代码生成器生成进行手工Merge 实现`低代码开发`,既保证了`智能`又兼顾`灵活`,解决了当前低代码产品普遍不灵活的弊端!
`JEECG宗旨是:` JEECG旨在通过OnlineCoding平台实现简单功能的零代码快速搭建,同时针对复杂功能采用代码生成器生成代码并手工合并,打造智能且灵活的低代码开发模式,有效解决了当前低代码产品普遍缺乏灵活性的问题,提升开发效率的同时兼顾系统的扩展性和定制化能力。
`JEECG业务流程:` 采用工作流来实现、扩展任务接口供开发编写业务逻辑,表单提供多种解决方案: 表单设计器、online配置表单编码表单。同时实现了流程与表单的分离设计(松耦合)、并支持任务节点灵活配置,既保证了公司流程的保密性,又减少了开发人员的工作量。
`JEECG业务流程:` JEECG业务流程采用BPM工作流引擎实现业务审批扩展任务接口供开发人员编写业务逻辑,表单提供表单设计器、在线配置表单编码表单等多种解决方案。通过流程与表单的分离设计(松耦合)任务节点灵活配置,既保障了企业流程的安全性与保密性,又大幅降低了开发人员的工作量。
@ -37,8 +38,8 @@ JeecgBoot是一款企业级低代码平台集成了AI应用平台功能旨在
适用项目
-----------------------------------
JeecgBoot低代码平台,可以应用在任何J2EE项目开发,支持信创国产化。尤其适合SAAS项目、企业信息管理系统MIS、内部办公系统OA、企业资源计划系统ERP、客户关系管理系统CRMAI知识库等其半智能手工Merge开发式,可显著提高开发效率70%以上,极大降低开发成本
又是一个全栈式 AI 开发平台,快速帮助企业构建和部署个性化的 AI 应用。
JeecgBoot低代码平台兼容所有J2EE项目开发支持信创国产化,特别适用于SAAS、企业信息管理系统MIS、内部办公系统OA、企业资源计划系统ERP、客户关系管理系统CRMAI知识库等场景。其半智能手工Merge开发式,可显著提升70%以上的开发效率极大降低开发成本。同时JeecgBoot还是一款全栈式AI开发平台助力企业快速构建和部署个性化AI应用。
**信创兼容说明**
- 操作系统:国产麒麟、银河麒麟等国产系统几乎都是基于 Linux 内核,因此它们具有良好的兼容性。
@ -49,13 +50,13 @@ JeecgBoot低代码平台可以应用在任何J2EE项目的开发中支持
版本说明
-----------------------------------
|下载 | JDK17 + SpringBoot3.3 + Shiro |JDK17 + SpringBoot3.3+ SpringAuthorizationServer | JDK17/JDK8 + SpringBoot2.7 |
|------|----------------------------------------------------|-----------------------------------------------------------------------------|--------------------------------------------|
| Github | [`springboot3`](https://github.com/jeecgboot/JeecgBoot/tree/springboot3) | [`springboot3_sas`](https://github.com/jeecgboot/JeecgBoot/tree/springboot3_sas) 分支 |[`master`](https://github.com/jeecgboot/JeecgBoot) 分支|
| Gitee | [`springboot3`](https://gitee.com/jeecg/JeecgBoot/tree/springboot3/) | [`springboot3_sas`](https://gitee.com/jeecg/JeecgBoot/tree/springboot3_sas) 分支 |[`master`](https://gitee.com/jeecg/JeecgBoot) 分支 |
|下载 | SpringBoot3.3 + Shiro |SpringBoot3.3+ SpringAuthorizationServer | SpringBoot3.3 + Sa-Token | SpringBoot2.7(JDK17/JDK8) |
|------|----------------|----------------------------|-------------------|--------------------------------------------|
| Github | [`springboot3`](https://github.com/jeecgboot/JeecgBoot/tree/springboot3) | [`springboot3_sas`](https://github.com/jeecgboot/JeecgBoot/tree/springboot3_sas) 分支 | [`springboot3-satoken`](https://github.com/jeecgboot/JeecgBoot/tree/springboot3-satoken) 分支|[`master`](https://github.com/jeecgboot/JeecgBoot) 分支|
| Gitee | [`springboot3`](https://gitee.com/jeecg/JeecgBoot/tree/springboot3/) | [`springboot3_sas`](https://gitee.com/jeecg/JeecgBoot/tree/springboot3_sas) 分支| [`springboot3-satoken`](https://gitee.com/jeecg/JeecgBoot/tree/springboot3-satoken) 分支|[`master`](https://gitee.com/jeecg/JeecgBoot) 分支 |
- `jeecg-boot` 是后端JAVA源码项目支持单体和微服务切换.
- `jeecg-boot` 是后端JAVA源码项目Springboot3+SpringCloudAlibaba(支持单体和微服务切换).
- `jeecgboot-vue3` 是前端VUE3源码项目vue3+vite6+ts最新技术栈.
- `JeecgUniapp` 是[配套APP框架](https://github.com/jeecgboot/JeecgUniapp) 适配多个终端支持APP、小程序、H5、鸿蒙、鸿蒙Next.
- 参考 [文档](https://help.jeecg.com/ui/2dev/mini) 可以删除不需要的demo制作一个精简版本
@ -82,7 +83,6 @@ JeecgBoot低代码平台可以应用在任何J2EE项目的开发中支持
- 官方网站: [http://www.jeecg.com](http://www.jeecg.com)
- 在线演示: [平台演示](https://boot3.jeecg.com) | [APP演示](https://jeecg.com/appIndex)
- 入门指南: [快速入门](http://www.jeecg.com/doc/quickstart) | [代码生成使用](https://help.jeecg.com/java/codegen/online) | [开发文档](https://help.jeecg.com) | [AI应用手册](https://help.jeecg.com/aigc) | [视频教程](http://jeecg.com/doc/video)
- AI编程 [JEECG低代码+AI编程Cursor+GitHub Copilot实现高效编程](https://www.bilibili.com/video/BV11XyaBVEoH)
- 技术支持: [反馈问题](https://github.com/jeecgboot/JeecgBoot/issues/new?template=bug_report.md) | [低代码体验一分钟](https://jeecg.blog.csdn.net/article/details/106079007)
- QQ交流群 964611995、⑩716488839(满)、⑨808791225(满)、其他(满)
@ -104,7 +104,7 @@ JeecgBoot平台提供了一套完善的AI应用管理系统模块是一套类
为什么选择JeecgBoot?
-----------------------------------
- 1.采用最新主流前后分离框架Spring Boot3 + MyBatis + Shiro//SpringAuthorizationServer + Ant Design4 + Vue3容易上手代码生成器依赖性低灵活的扩展能力可快速实现二次开发。
- 1.采用最新主流前后分离框架Spring Boot3 + MyBatis + Shiro/SpringAuthorizationServer + Ant Design4 + Vue3容易上手代码生成器依赖性低灵活的扩展能力可快速实现二次开发。
- 2.前端大版本换代,最新版采用 Vue3.0 + TypeScript + Vite6 + Ant Design Vue4 等新技术方案。
- 3.支持微服务Spring Cloud AlibabaNacos、Gateway、Sentinel、Skywalking提供简易机制支持单体和微服务自由切换这样可以满足各类项目需求
- 4.开发效率高支持在线建表和AI建表提供强大代码生成器单表、树列表、一对多、一对一等数据模型增删改查功能一键生成菜单配置直接使用。
@ -158,7 +158,7 @@ JeecgBoot平台提供了一套完善的AI应用管理系统模块是一套类
- 前端环境要求Node.js要求`Node 20+` 版本以上、pnpm 要求`9+` 版本以上
> Vite 不再支持已结束生命周期EOL的 Node.js 18。现在需要使用 Node.js 20.19+ 或 22.12+
` ( Vite 不再支持已结束生命周期EOL的 Node.js 18。现在需要使用 Node.js 20.19+ 或 22.12+)`
- 依赖管理node、npm、pnpm
- 前端IDE建议IDEA、WebStorm、Vscode
@ -169,16 +169,16 @@ JeecgBoot平台提供了一套完善的AI应用管理系统模块是一套类
#### 后端
- IDE建议 IDEA (必须安装lombok插件 )
- 语言Java 默认jdk17(支持jdk8、jdk21)
- 语言Java 默认jdk17(jdk21、jdk24)
- 依赖管理Maven
- 基础框架Spring Boot 3.5.5/2.7.18
- 微服务框架: Spring Cloud Alibaba 2021.0.6.2
- 持久层框架MybatisPlus 3.5.3.2
- 基础框架Spring Boot 3.5.5
- 微服务框架: Spring Cloud Alibaba 2023.0.3.3
- 持久层框架MybatisPlus 3.5.12
- 报表工具: JimuReport 2.1.3
- 安全框架Apache Shiro/SpringAuthorizationServerJwt 4.5.0
- 安全框架Apache Shiro 2.0.4Jwt 4.5.0
- 微服务技术栈Spring Cloud Alibaba、Nacos、Gateway、Sentinel、Skywalking
- 数据库连接池阿里巴巴Druid 1.1.24
- AI大模型支持 `ChatGPT` `DeepSeek`切换
- 数据库连接池阿里巴巴Druid 1.2.24
- AI大模型支持 `ChatGPT` `DeepSeek` `千问`等各种常规模式
- 日志打印logback
- 缓存Redis
- 其他autopoi, fastjsonpoiSwagger-uiquartz, lombok简化代码等。
@ -513,4 +513,4 @@ AI写文章
如果觉得还不错,请作者喝杯咖啡吧 ☺
![](https://static.oschina.net/uploads/img/201903/08155608_0EFX.png)
![](https://static.oschina.net/uploads/img/201903/08155608_0EFX.png)

4
docker-compose-cloud.yml
View File

@ -125,7 +125,7 @@ services:
hostname: jeecg-boot-sentinel
networks:
- jeecg-boot
jeecg-boot-xxljob:
build:
context: ./jeecg-boot/jeecg-server-cloud/jeecg-visual/jeecg-cloud-xxljob
@ -135,7 +135,7 @@ services:
hostname: jeecg-boot-xxljob
networks:
- jeecg-boot
jeecg-vue:
build:
context: ./jeecgboot-vue3

157
jeecg-boot/README.md
View File

@ -2,7 +2,7 @@
JeecgBoot 低代码开发平台
===============
当前最新版本: 3.8.3发布日期2025-09-22
当前最新版本: 3.8.3发布日期2025-10-09
[![AUR](https://img.shields.io/badge/license-Apache%20License%202.0-blue.svg)](https://github.com/zhangdaiscott/jeecg-boot/blob/master/LICENSE)
@ -16,43 +16,127 @@ JeecgBoot 低代码开发平台
项目介绍
-----------------------------------
<h3 align="center">Java Low Code Platform for Enterprise web applications</h3>
<h3 align="center">企业级AI低代码平台</h3>
JeecgBoot 是一款基于BPM流程和代码生成的AI低代码平台助力企业快速实现低代码开发和构建AI应用。
采用前后端分离架构Ant Design&Vue3SpringBoot3SpringCloud AlibabaMybatis-plus强大代码生成器实现前后端一键生成无需手写代码。
平台引领AI低代码开发模式AI生成→在线编码→代码生成→手工合并解决Java项目80%重复工作,提升效率,节省成本,兼顾灵活性。
具备强大且颗粒化的权限控制支持按钮权限和数据权限设置满足大型业务系统需求。功能涵盖在线表单、表单设计、流程设计、门户设计、报表与大屏设计、OA办公、AI应用、AI知识库、大模型管理、AI流程编排、AI聊天支持ChatGPT、DeepSeek、Ollama等多种AI大模型。
`AI赋能报表:` 积木报表是一款自主研发的强大开源企业级Web报表与大屏工具。它通过零编码的拖拽式操作赋能用户如同搭积木般轻松构建各类复杂报表和数据大屏全面满足企业数据可视化与分析需求助力企业级数据产品的高效打造与应用。
`AI赋能低代码:` 提供完善成熟的AI应用平台涵盖AI应用管理、AI模型管理、智能对话助手、知识库问答、流程编排与设计器、AI建表等多项功能。平台兼容多种主流大模型包括ChatGPT、DeepSeek、Ollama、智普、千问等助力企业高效构建智能化应用推动低代码开发与AI深度融合。
`JEECG宗旨是:` JEECG旨在通过OnlineCoding平台实现简单功能的零代码快速搭建同时针对复杂功能采用代码生成器生成代码并手工合并打造智能且灵活的低代码开发模式有效解决了当前低代码产品普遍缺乏灵活性的问题提升开发效率的同时兼顾系统的扩展性和定制化能力。
`JEECG业务流程:` JEECG业务流程采用BPM工作流引擎实现业务审批扩展任务接口供开发人员编写业务逻辑表单提供表单设计器、在线配置表单和编码表单等多种解决方案。通过流程与表单的分离设计松耦合及任务节点的灵活配置既保障了企业流程的安全性与保密性又大幅降低了开发人员的工作量。
适用项目
-----------------------------------
JeecgBoot低代码平台兼容所有J2EE项目开发支持信创国产化特别适用于SAAS、企业信息管理系统MIS、内部办公系统OA、企业资源计划系统ERP、客户关系管理系统CRM及AI知识库等场景。其半智能手工Merge开发模式可显著提升70%以上的开发效率极大降低开发成本。同时JeecgBoot还是一款全栈式AI开发平台助力企业快速构建和部署个性化AI应用。。
**信创兼容说明**
- 操作系统:国产麒麟、银河麒麟等国产系统几乎都是基于 Linux 内核,因此它们具有良好的兼容性。
- 数据库达梦、人大金仓、TiDB
- 中间件:东方通 TongWeb、TongRDS宝兰德 AppServer、CacheDB, [信创配置文档](https://help.jeecg.com/java/tongweb-deploy/)
JeecgBoot 是一款基于代码生成器的`低代码开发平台`!前后端分离架构 SpringBoot2.x和3.xSpringCloudAnt Design Vue3Mybatis-plusShiroJWT支持微服务。强大的代码生成器让前后端代码一键生成实现低代码开发! JeecgBoot 引领新的低代码开发模式(OnlineCoding-> 代码生成器-> 手工MERGE) 帮助解决Java项目70%的重复工作,让开发更多关注业务。既能快速提高效率,节省研发成本,同时又不失灵活性!
#### 项目说明
| 项目名 | 说明 |
|--------------------|------------------------|
| `jeecg-boot` | 后端源码JAVASpringBoot微服务架构 |
| `jeecgboot-vue3` | 前端源码VUE3vue3+vite5+ts最新技术栈 |
技术文档
-----------------------------------
- 官方网站: [http://www.jeecg.com](http://www.jeecg.com)
- 新手指南: [快速入门](http://www.jeecg.com/doc/quickstart)
- QQ交流群 964611995、⑩716488839(满)、⑨808791225(满)、其他(满)
- 在线演示 [在线演示](http://boot3.jeecg.com) | [APP演示](http://jeecg.com/appIndex)
> 演示系统的登录账号密码,请点击 [获取账号密码](http://jeecg.com/doc/demo) 获取
| 项目名 | 说明 |
|--------------------|------------------------------------|
| `jeecg-boot` | 后端源码JAVASpringBoot3微服务架构) |
| `jeecgboot-vue3` | 前端源码VUE3vue3+vite6+antd4+ts最新技术栈 |
启动项目
-----------------------------------
- [IDEA启动前后端项目](https://help.jeecg.com/java/setup/idea/startup)
- [Docker一键启动前后端](https://help.jeecg.com/java/docker/quick)
> 默认账号密码: admin/123456
- [开发环境搭建](https://help.jeecg.com/java/setup/tools)
- [IDEA启动前后端(单体模式)](https://help.jeecg.com/java/setup/idea/startup)
- [Docker一键启动(单体模式)](https://help.jeecg.com/java/docker/quick)
- [IDEA启动前后端(微服务方式)](https://help.jeecg.com/java/springcloud/switchcloud/monomer)
- [Docker一键启动(微服务方式)](https://help.jeecg.com/java/docker/quickcloud)
微服务启动
技术文档
-----------------------------------
- [单体快速切换微服务](https://help.jeecg.com/java/springcloud/switchcloud/monomer)
- [Docker启动微服务后台](https://help.jeecg.com/java/docker/springcloud)
- 官方网站: [http://www.jeecg.com](http://www.jeecg.com)
- 在线演示: [平台演示](https://boot3.jeecg.com) | [APP演示](https://jeecg.com/appIndex)
- 入门指南: [快速入门](http://www.jeecg.com/doc/quickstart) | [代码生成使用](https://help.jeecg.com/java/codegen/online) | [开发文档](https://help.jeecg.com) | [AI应用手册](https://help.jeecg.com/aigc) | [视频教程](http://jeecg.com/doc/video)
- 技术支持: [反馈问题](https://github.com/jeecgboot/JeecgBoot/issues/new?template=bug_report.md) | [低代码体验一分钟](https://jeecg.blog.csdn.net/article/details/106079007)
- QQ交流群 964611995、⑩716488839(满)、⑨808791225(满)、其他(满)
AI 应用平台介绍
-----------------------------------
一个全栈式 AI 开发平台,旨在帮助开发者快速构建和部署个性化的 AI 应用。
JeecgBoot平台提供了一套完善的AI应用管理系统模块是一套类似`Dify``AIGC应用开发平台`+`知识库问答`是一款基于LLM大语言模型AI应用平台和 RAG 的知识库问答系统。
其直观的界面结合了 AI 流程编排、RAG 管道、知识库管理、模型管理、对接向量库、实时运行可观察等让您可以快速从原型到生产拥有AI服务能力。
- [详细专题介绍,请点击查看](README-AI.md)
- AI视频介绍
[![](https://jeecgos.oss-cn-beijing.aliyuncs.com/files/jeecg_aivideo.png)](https://www.bilibili.com/video/BV1zmd7YFE4w)
为什么选择JeecgBoot?
-----------------------------------
- 1.采用最新主流前后分离框架Spring Boot3 + MyBatis + Shiro/SpringAuthorizationServer + Ant Design4 + Vue3容易上手代码生成器依赖性低灵活的扩展能力可快速实现二次开发。
- 2.前端大版本换代,最新版采用 Vue3.0 + TypeScript + Vite6 + Ant Design Vue4 等新技术方案。
- 3.支持微服务Spring Cloud AlibabaNacos、Gateway、Sentinel、Skywalking提供简易机制支持单体和微服务自由切换这样可以满足各类项目需求
- 4.开发效率高支持在线建表和AI建表提供强大代码生成器单表、树列表、一对多、一对一等数据模型增删改查功能一键生成菜单配置直接使用。
- 5.代码生成器提供强大模板机制,支持自定义模板,目前提供四套风格模板(单表两套、树模型一套、一对多三套)。
- 6.提供强大的报表和大屏可视化工具,支持丰富的数据源连接,能够通过拖拉拽方式快速制作报表、大屏和门户设计;支持多种图表类型:柱形图、折线图、散点图、饼图、环形图、面积图、漏斗图、进度图、仪表盘、雷达图、地图等。
- 7.低代码能力在线表单无需编码通过在线配置表单实现表单的增删改查支持单表、树、一对多、一对一等模型实现人人皆可编码在线配置零代码开发、所见即所得支持23种类控件。
- 8.低代码能力:在线报表、在线图表(无需编码,通过在线配置方式,实现数据报表和图形报表,可以快速抽取数据,减轻开发压力,实现人人皆可编码)。
- 9.Online支持在线增强开发提供在线代码编辑器支持代码高亮、代码提示等功能支持多种语言Java、SQL、JavaScript等
- 10.封装完善的用户、角色、菜单、组织机构、数据字典、在线定时任务等基础功能,支持访问授权、按钮权限、数据权限等功能。
- 11.前端UI提供丰富的组件库支持各种常用组件如表格、树形控件、下拉框、日期选择器等满足各种复杂的业务需求 [UI组件库文档](https://help.jeecg.com/category/ui%E7%BB%84%E4%BB%B6%E5%BA%93)。
- 12.提供APP配套框架一份多代码多终端适配一份代码多终端适配小程序、H5、安卓、iOS、鸿蒙Next。
- 13.新版APP框架采用Uniapp、Vue3.0、Vite、Wot-design-uni、TypeScript等最新技术栈包括二次封装组件、路由拦截、请求拦截等功能。实现了与JeecgBoot完美对接目前已经实现登录、用户信息、通讯录、公告、移动首页、九宫格、聊天、Online表单、仪表盘等功能提供了丰富的组件。
- 14.提供了一套成熟的AI应用平台功能从AI模型、知识库到AI应用搭建助力企业快速落地AI服务加速智能化升级。
- 15.AI能力目前JeecgBoot支持AI大模型chatgpt和deepseek现在最新版默认使用deepseek速度更快质量更高。目前提供了AI对话助手、AI知识库、AI应用、AI建表、AI报表等功能。
- 16.提供新行编辑表格JVXETable轻松满足各种复杂ERP布局拥有更高的性能、更灵活的扩展、更强大的功能。
- 17.平台首页风格,提供多种组合模式,支持自定义风格;支持门户设计,支持自定义首页。
- 18.常用共通封装各种工具类定时任务、短信接口、邮件发送、Excel导入导出等基本满足80%项目需求。
- 19.简易Excel导入导出支持单表导出和一对多表模式导出生成的代码自带导入导出功能。
- 20.集成智能报表工具报表打印、图像报表和数据导出非常方便可极其方便地生成PDF、Excel、Word等报表。
- 21.采用前后分离技术页面UI风格精美针对常用组件做了封装时间、行表格控件、截取显示控件、报表组件、编辑器等。
- 22.查询过滤器查询功能自动生成后台动态拼SQL追加查询条件支持多种匹配方式全匹配/模糊查询/包含查询/不匹配查询)。
- 23.数据权限(精细化数据权限控制,控制到行级、列表级、表单字段级,实现不同人看不同数据,不同人对同一个页面操作不同字段)。
- 24.接口安全机制可细化控制接口授权非常简便实现不同客户端只看自己数据等控制也提供了基于AK和SK认证鉴权的OpenAPI功能。
- 25.活跃的社区支持;近年来,随着网络威胁的日益增加,团队在安全和漏洞管理方面积累了丰富的经验,能够为企业提供全面的安全解决方案。
- 26.权限控制采用RBACRole-Based Access Control基于角色的访问控制
- 27.页面校验自动生成(必须输入、数字校验、金额校验、时间空间等)。
- 28.支持SaaS服务模式提供SaaS多租户架构方案。
- 29.分布式文件服务集成MinIO、阿里OSS等优秀的第三方提供便捷的文件上传与管理同时也支持本地存储。
- 30.主流数据库兼容一套代码完全兼容MySQL、PostgreSQL、Oracle、SQL Server、MariaDB、达梦、人大金仓等主流数据库。
- 31.集成工作流Flowable并实现了只需在页面配置流程转向可极大简化BPM工作流的开发用BPM的流程设计器画出了流程走向一个工作流基本就完成了只需写很少量的Java代码。
- 32.低代码能力在线流程设计采用开源Flowable流程引擎实现在线画流程、自定义表单、表单挂靠、业务流转。
- 33.多数据源:极其简易的使用方式,在线配置数据源配置,便捷地从其他数据抓取数据。
- 34.提供单点登录CAS集成方案项目中已经提供完善的对接代码。
- 35.低代码能力表单设计器支持用户自定义表单布局支持单表、一对多表单支持select、radio、checkbox、textarea、date、popup、列表、宏等控件。
- 36.专业接口对接机制统一采用RESTful接口方式集成Swagger-UI在线接口文档JWT token安全验证方便客户端对接。
- 37.高级组合查询功能,在线配置支持主子表关联查询,可保存查询历史。
- 38.提供各种系统监控实时跟踪系统运行情况监控Redis、Tomcat、JVM、服务器信息、请求追踪、SQL监控
- 39.消息中心支持短信、邮件、微信推送等集成WebSocket消息通知机制。
- 40.支持多语言,提供国际化方案。
- 41.数据变更记录日志,可记录数据每次变更内容,通过版本对比功能查看历史变化。
- 42.提供简单易用的打印插件支持谷歌、火狐、IE11+等各种浏览器。
- 43.后端采用Maven分模块开发方式前端支持菜单动态路由。
- 44.提供丰富的示例代码,涵盖了常用的业务场景,便于学习和参考。
技术架构:
@ -61,28 +145,33 @@ JeecgBoot 是一款基于代码生成器的`低代码开发平台`!前后端
#### 后端
- IDE建议 IDEA (必须安装lombok插件 )
- 语言Java 8+ (支持17)
- 语言Java 默认jdk17(jdk21、jdk24)
- 依赖管理Maven
- 基础框架Spring Boot 2.7.18
- 微服务框架: Spring Cloud Alibaba 2021.0.1.0
- 持久层框架MybatisPlus 3.5.3.2
- 报表工具: JimuReport 1.9.4
- 安全框架Apache Shiro 1.12.0Jwt 3.11.0
- 基础框架Spring Boot 3.5.5
- 微服务框架: Spring Cloud Alibaba 2023.0.3.3
- 持久层框架MybatisPlus 3.5.12
- 报表工具: JimuReport 2.1.3
- 安全框架Apache Shiro 2.0.4Jwt 4.5.0
- 微服务技术栈Spring Cloud Alibaba、Nacos、Gateway、Sentinel、Skywalking
- 数据库连接池阿里巴巴Druid 1.1.24
- 数据库连接池阿里巴巴Druid 1.2.24
- AI大模型支持 `ChatGPT` `DeepSeek` `千问`等各种常规模式
- 日志打印logback
- 缓存Redis
- 其他autopoi, fastjsonpoiSwagger-uiquartz, lombok简化代码等。
- 默认数据库脚本:MySQL5.7+
- 默认提供MySQL5.7+数据库脚本
- [其他数据库,需要自己转](https://my.oschina.net/jeecg/blog/4905722)
#### 前端
- 前端IDE建议WebStorm、Vscode
- 采用 Vue3.0+TypeScript+Vite+Ant-Design-Vue等新技术方案包括二次封装组件、utils、hooks、动态菜单、权限校验、按钮级别权限控制等功能
- 最新技术栈Vue3.0 + TypeScript + Vite5 + ant-design-vue4 + pinia + echarts + unocss + vxe-table + qiankun + es6
- 前端环境要求Node.js要求`Node 20+` 版本以上、pnpm 要求`9+` 版本以上
` ( Vite 不再支持已结束生命周期EOL的 Node.js 18。现在需要使用 Node.js 20.19+ 或 22.12+)`
- 依赖管理node、npm、pnpm
- 前端IDE建议IDEA、WebStorm、Vscode
- 采用 Vue3.0+TypeScript+Vite6+Ant-Design-Vue4等新技术方案包括二次封装组件、utils、hooks、动态菜单、权限校验、按钮级别权限控制等功能
- 最新技术栈Vue3.0 + TypeScript + Vite6 + ant-design-vue4 + pinia + echarts + unocss + vxe-table + qiankun + es6

368
jeecg-boot/Shiro到Sa-Token迁移指南.md Normal file
View File

@ -0,0 +1,368 @@
# `Shiro 到 Sa-Token 迁移指南`
本项目已从 **Apache Shiro 2.0.4** 迁移到 **Sa-Token 1.44.0**,采用 JWT-Simple 模式,完全兼容原 JWT token 格式。
---
## 📦 1. 依赖配置
### 1.1 Maven 依赖
移除 Shiro 相关依赖,新增:
```xml
<dependency>
<groupId>cn.dev33</groupId>
<artifactId>sa-token-spring-boot3-starter</artifactId>
<version>1.44.0</version>
</dependency>
<dependency>
<groupId>cn.dev33</groupId>
<artifactId>sa-token-redis-jackson</artifactId>
<version>1.44.0</version>
</dependency>
<dependency>
<groupId>cn.dev33</groupId>
<artifactId>sa-token-jwt</artifactId>
<version>1.44.0</version>
</dependency>
```
### 1.2 配置文件application.yml
```yaml
sa-token:
token-name: X-Access-Token
timeout: 2592000 # token有效期30天
is-concurrent: true # 允许同账号并发登录
token-style: jwt-simple # JWT模式兼容原格式
jwt-secret-key: "your-secret-key-here"
```
---
## 💡 2. 核心代码实现
### 2.1 登录逻辑(⚠️ 使用 username 作为 loginId
```java
// 从数据库查询用户信息
SysUser sysUser = userService.getUserByUsername(username);
// 执行登录自动完成Sa-Token登录 + 存储Session + 返回token
String token = LoginUserUtils.doLogin(sysUser);
// 返回token给前端
return Result.ok(token);
```
**💡 设计说明:**
- `doLogin()` 方法自动完成:
1. 调用 `StpUtil.login(username)` (使用 username 而非 userId
2. 调用 `setSessionUser()` 存储用户信息(自动清除 password 等15个字段
3. 返回生成的 token
- 减少 Redis 存储约 50%,密码不再存储到 Session
### 2.2 权限认证接口(⚠️ 必须手动实现缓存)
```java
@Component
public class StpInterfaceImpl implements StpInterface {
@Lazy @Resource
private CommonAPI commonApi;
private static final long CACHE_TIMEOUT = 60 * 60 * 24 * 30; // 30天
private static final String PERMISSION_CACHE_PREFIX = "satoken:user-permission:";
private static final String ROLE_CACHE_PREFIX = "satoken:user-role:";
@Override
@SuppressWarnings("unchecked")
public List<String> getPermissionList(Object loginId, String loginType) {
String username = loginId.toString();
String cacheKey = PERMISSION_CACHE_PREFIX + username;
SaTokenDao dao = SaManager.getSaTokenDao();
// 1. 先从缓存获取
List<String> permissionList = (List<String>) dao.getObject(cacheKey);
if (permissionList == null) {
// 2. 缓存未命中,查询数据库
log.warn("权限缓存未命中,查询数据库 [ username={} ]", username);
String userId = commonApi.getUserIdByName(username);
Set<String> permissionSet = commonApi.queryUserAuths(userId);
permissionList = new ArrayList<>(permissionSet);
// 3. 将结果缓存起来
dao.setObject(cacheKey, permissionList, CACHE_TIMEOUT);
}
return permissionList;
}
@Override
public List<String> getRoleList(Object loginId, String loginType) {
// 实现类似 getPermissionList(),使用 ROLE_CACHE_PREFIX
// 详见StpInterfaceImpl.java
}
// 清除缓存的静态方法
public static void clearUserCache(List<String> usernameList) {
SaTokenDao dao = SaManager.getSaTokenDao();
for (String username : usernameList) {
dao.deleteObject(PERMISSION_CACHE_PREFIX + username);
dao.deleteObject(ROLE_CACHE_PREFIX + username);
}
}
}
```
**⚠️ 关键:** Sa-Token 的 `StpInterface` **不提供自动缓存**,必须手动实现,否则每次请求都会查询数据库!
### 2.3 Filter 配置(支持 URL 参数传递 token
```java
@Bean
@Primary
public StpLogic getStpLogicJwt() {
return new StpLogicJwtForSimple() {
@Override
public String getTokenValue() {
SaRequest request = SaHolder.getRequest();
// 优先级Header > URL参数"token" > URL参数"X-Access-Token"
String tokenValue = request.getHeader(getConfigOrGlobal().getTokenName());
if (isEmpty(tokenValue)) {
tokenValue = request.getParam("token"); // 兼容 WebSocket、积木报表
}
if (isEmpty(tokenValue)) {
tokenValue = request.getParam(getConfigOrGlobal().getTokenName());
}
return isEmpty(tokenValue) ? super.getTokenValue() : tokenValue;
}
};
}
@Bean
public SaServletFilter getSaServletFilter() {
return new SaServletFilter()
.addInclude("/**")
.setExcludeList(getExcludeUrls()) // 排除登录、静态资源等
.setAuth(obj -> {
// 检查是否是免认证路径
String servletPath = SaHolder.getRequest().getRequestPath();
if (InMemoryIgnoreAuth.contains(servletPath)) {
return;
}
// ⚠️ 关键:如果请求带 token先切换到对应的登录会话
try {
String token = StpUtil.getTokenValue();
if (isNotEmpty(token)) {
Object loginId = StpUtil.getLoginIdByToken(token);
if (loginId != null) {
StpUtil.switchTo(loginId); // 切换登录会话
}
}
} catch (Exception e) {
log.debug("切换登录会话失败: {}", e.getMessage());
}
// 最终校验登录状态
StpUtil.checkLogin();
})
.setError(e -> {
// 返回401 JSON响应
SaHolder.getResponse()
.setStatus(401)
.setHeader("Content-Type", "application/json;charset=UTF-8");
return JwtUtil.responseErrorJson(401, "Token失效请重新登录!");
});
}
```
### 2.4 全局异常处理
```java
@ExceptionHandler(NotLoginException.class)
public Result<?> handleNotLoginException(NotLoginException e) {
log.warn("用户未登录或Token失效: {}", e.getMessage());
return Result.error(401, "Token失效请重新登录!");
}
@ExceptionHandler(NotPermissionException.class)
public Result<?> handleNotPermissionException(NotPermissionException e) {
log.warn("权限不足: {}", e.getMessage());
return Result.error(403, "用户权限不足,无法访问!");
}
```
---
## 🔄 3. API 迁移对照表
### 3.1 注解替换
| Shiro | Sa-Token | 说明 |
|-------|----------|------|
| `@RequiresPermissions("user:add")` | `@SaCheckPermission("user:add")` | 权限校验 |
| `@RequiresRoles("admin")` | `@SaCheckRole("admin")` | 角色校验 |
### 3.2 API 替换
| Shiro | Sa-Token | 说明 |
|-------|----------|------|
| `SecurityUtils.getSubject().getPrincipal()` | `LoginUserUtils.getSessionUser()` | 获取登录用户 |
| `Subject.login(token)` | `LoginUserUtils.doLogin(sysUser)` | 登录(推荐) |
| `Subject.login(token)` | `StpUtil.login(username)` | 登录底层API |
| `Subject.logout()` | `StpUtil.logout()` | 退出登录 |
| `Subject.isAuthenticated()` | `StpUtil.isLogin()` | 判断是否登录 |
| `Subject.hasRole("admin")` | `StpUtil.hasRole("admin")` | 判断角色 |
| `Subject.isPermitted("user:add")` | `StpUtil.hasPermission("user:add")` | 判断权限 |
---
## ⚠️ 4. 重要特性说明
### 4.1 JWT-Simple 模式特性
-**生成标准 JWT token**:与原 Shiro JWT 格式完全兼容
-**仍然检查 Redis Session**:支持强制退出(与纯 JWT 无状态模式不同)
-**支持 URL 参数传递**:兼容 WebSocket、积木报表等场景
- ⚠️ **非完全无状态**:依赖 Redis 存储会话和权限缓存
### 4.2 Session 数据优化
`LoginUserUtils.setSessionUser()` 会自动清除以下字段:
```
password, workNo, birthday, sex, email, phone, status,
delFlag, activitiSync, createTime, userIdentity, post,
telephone, clientId, mainDepPostId
```
**优势:**
- 减少 Redis 存储约 **50%**
- 密码不再存储在 Session 中,**安全性提升**
### 4.3 权限缓存动态更新
修改角色权限后,系统会自动清除受影响用户的权限缓存:
```java
// SysPermissionController.saveRolePermission() 中
@RequestMapping(value = "/saveRolePermission", method = RequestMethod.POST)
public Result<String> saveRolePermission(@RequestBody JSONObject json) {
String roleId = json.getString("roleId");
String permissionIds = json.getString("permissionIds");
String lastPermissionIds = json.getString("lastpermissionIds");
// 保存角色权限关系
sysRolePermissionService.saveRolePermission(roleId, permissionIds, lastPermissionIds);
// ⚠️ 关键:清除拥有该角色的所有用户的权限缓存
clearRolePermissionCache(roleId);
return Result.ok("保存成功!");
}
// 实现:查询该角色下的所有用户,批量清除缓存
private void clearRolePermissionCache(String roleId) {
List<String> usernameList = new ArrayList<>();
// 分页查询拥有该角色的用户
int pageNo = 1, pageSize = 100;
while (true) {
Page<SysUser> page = new Page<>(pageNo, pageSize);
IPage<SysUser> userPage = sysUserService.getUserByRoleId(page, roleId, null, null);
if (userPage.getRecords().isEmpty()) break;
for (SysUser user : userPage.getRecords()) {
usernameList.add(user.getUsername());
}
if (pageNo >= userPage.getPages()) break;
pageNo++;
}
// 批量清除用户权限和角色缓存
if (!usernameList.isEmpty()) {
StpInterfaceImpl.clearUserCache(usernameList);
}
}
```
**结果:** 权限变更立即生效,用户无需重新登录。
## ✅ 6. 测试清单
### 6.1 登录功能测试
| 测试项 | 测试状态 | 说明 |
|--------|---------|------|
| 账号密码登录 | ✅ 通过 | 验证 `/sys/login` 接口 |
| 手机号登录 | ✅ 通过 | 验证 `/sys/phoneLogin` 接口 |
| APP 登录 | ✅ 通过 | 验证 APP 端登录流程 |
| 扫码登录 | ✅ 通过 | 验证二维码扫码登录 |
| 第三方登录 | ⏳ 待测试 | 微信、QQ 等第三方登录 |
| 钉钉 OAuth2.0 登录 | ⏳ 待测试 | 钉钉授权登录流程 |
| 企业微信 OAuth2.0 登录 | ⏳ 待测试 | 企业微信授权登录流程 |
| CAS 单点登录 | ⏳ 待测试 | CAS 单点登录集成 |
### 6.2 核心功能测试
| 测试项 | 测试状态 | 说明 |
|--------|---------|------|
| Token 权限拦截 | ✅ 通过 | 无 token 或失效 token 返回 401 |
| 权限注解 `@SaCheckPermission` | ✅ 通过 | 无权限返回 403 |
| 角色注解 `@SaCheckRole` | ✅ 通过 | 无角色返回 403 |
| `@IgnoreAuth` 免认证 | ✅ 通过 | 无 token 也能正常访问 |
| 自动续期(操作不掉线) | ✅ 通过 | 活跃用户 token 自动续期 |
| 用户权限变更即刻生效 | ✅ 通过 | 修改角色权限后无需重新登录 |
| 积木报表 token 参数模式 | ✅ 通过 | `/jmreport/**?token=xxx` 正常访问 |
### 6.3 异步和网关测试
| 测试项 | 测试状态 | 说明 |
|--------|---------|------|
| 异步接口(`@Async` | ❌ 有问题 | **需排查:异步线程中获取登录用户失败** |
| Gateway 模式权限验证 | ⏳ 待测试 | 网关模式下的权限拦截 |
### 6.4 多租户测试
| 测试项 | 测试状态 | 说明 |
|--------|---------|------|
| 租户 ID 校验 | ⚠️ 缺失 | **需补充:校验用户 tenant_id 和前端传参一致性** |
### 6.5 测试说明
**✅ 通过** - 功能正常,符合预期
**❌ 有问题** - 功能异常,需要修复
**⏳ 待测试** - 尚未测试
**⚠️ 缺失** - 功能缺失,需要补充
---
## 📊 7. 迁移总结
| 优化项 | 说明 | 收益 |
|--------|------|------|
| **loginId 设计** | 使用 `username` 而非 `userId` | 语义清晰,与业务逻辑一致 |
| **Session 优化** | 清除 15 个不必要字段 | Redis 存储减少 50%,安全性提升 |
| **权限缓存** | 手动实现 30 天缓存 | 性能提升 99%,降低 DB 压力 |
| **权限实时更新** | 角色权限修改后自动清除缓存 | 无需重新登录即生效 |
| **URL Token 支持** | Filter 中实现 `switchTo` | 兼容 WebSocket、积木报表等场景 |
| **JWT 兼容** | JWT-Simple 模式 | 完全兼容原 JWT token 格式 |
---
## 📚 参考资料
- [Sa-Token 官方文档](https://sa-token.cc/)
- [Sa-Token JWT-Simple 模式](https://sa-token.cc/doc.html#/plugin/jwt-extend)
- [Sa-Token 权限缓存最佳实践](https://sa-token.cc/doc.html#/fun/jur-cache)

52
jeecg-boot/db/tables_nacos.sql
View File

File diff suppressed because one or more lines are too long

10
jeecg-boot/db/版本升级说明.md
View File

@ -3,6 +3,7 @@
> JeecgBoot属于平台级产品每次升级改动较大目前做不到平滑升级。
### 增量升级方案
#### 1.代码合并
本地通过svn或git做好主干在分支上做业务开发jeecg每次版本发布可以手工覆盖主干的代码对比合并代码
@ -11,5 +12,12 @@
- 其他库请手工执行SQL, 目录: `jeecg-module-system\jeecg-system-start\src\main\resources\flyway\sql\mysql`
> 注意: 升级sql只提供mysql版本如果有权限升级, 还需要手工角色授权,退出重新登录才好使。
#### 3.兼容问题
#### 3.其他数据库脚本说明
原先官方默认提供oracle和SqlServer的脚本但是维护成本太高未提供脚本的数据库可以参考下面的文档自己转
https://my.oschina.net/jeecg/blog/4905722
注意定时任务的表qrtz_*,需要删掉用原始的脚本重新执行一下)
quartz-2.2.3-distribution.tar.gz放到百度网盘中大家自己下载执行所需数据库脚本
https://pan.baidu.com/s/1WrmZdUuAPg3iBwJ-LoHWyg?pwd=8mdz
#### 4.兼容问题
每次发版,会针对不兼容地方重点说明。

90
jeecg-boot/jeecg-boot-base-core/pom.xml
View File

@ -2,7 +2,7 @@
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<groupId>org.jeecgframework.boot</groupId>
<groupId>org.jeecgframework.boot3</groupId>
<artifactId>jeecg-boot-parent</artifactId>
<version>3.8.3</version>
</parent>
@ -42,7 +42,7 @@
<dependencies>
<!--jeecg-tools-->
<dependency>
<groupId>org.jeecgframework.boot</groupId>
<groupId>org.jeecgframework.boot3</groupId>
<artifactId>jeecg-boot-common</artifactId>
</dependency>
<!--集成springmvc框架并实现自动配置 -->
@ -98,7 +98,7 @@
<!-- mybatis-plus -->
<dependency>
<groupId>com.baomidou</groupId>
<artifactId>mybatis-plus-boot-starter</artifactId>
<artifactId>mybatis-plus-spring-boot3-starter</artifactId>
<version>${mybatis-plus.version}</version>
</dependency>
<dependency>
@ -107,22 +107,22 @@
<version>${mybatis-plus.version}</version>
</dependency>
<!-- minidao -->
<dependency>
<groupId>org.jeecgframework</groupId>
<artifactId>minidao-spring-boot-starter-jsqlparser-4.9</artifactId>
</dependency>
<dependency>
<groupId>org.jeecgframework.boot3</groupId>
<artifactId>minidao-spring-boot-starter-jsqlparser-4.9</artifactId>
</dependency>
<!-- druid -->
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>druid-spring-boot-starter</artifactId>
<artifactId>druid-spring-boot-3-starter</artifactId>
<version>${druid.version}</version>
</dependency>
<!-- 动态数据源 -->
<dependency>
<groupId>com.baomidou</groupId>
<artifactId>dynamic-datasource-spring-boot-starter</artifactId>
<artifactId>dynamic-datasource-spring-boot3-starter</artifactId>
<version>${dynamic-datasource-spring-boot-starter.version}</version>
</dependency>
@ -180,42 +180,42 @@
<artifactId>spring-boot-starter-quartz</artifactId>
</dependency>
<!--JWT-->
<!-- Sa-Token 权限认证在线文档https://sa-token.cc -->
<dependency>
<groupId>com.auth0</groupId>
<artifactId>java-jwt</artifactId>
<version>${java-jwt.version}</version>
<groupId>cn.dev33</groupId>
<artifactId>sa-token-spring-boot3-starter</artifactId>
<version>${sa-token.version}</version>
</dependency>
<!-- Sa-Token 整合 Redis (使用 jackson 序列化方式) -->
<dependency>
<groupId>cn.dev33</groupId>
<artifactId>sa-token-redis-jackson</artifactId>
<version>${sa-token.version}</version>
</dependency>
<!-- Sa-Token 整合 jwt (Simple模式)保持与原JWT token格式兼容 -->
<dependency>
<groupId>cn.dev33</groupId>
<artifactId>sa-token-jwt</artifactId>
<version>${sa-token.version}</version>
</dependency>
<!--shiro-->
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring-boot-starter</artifactId>
<version>${shiro.version}</version>
</dependency>
<!-- shiro-redis -->
<dependency>
<groupId>org.crazycake</groupId>
<artifactId>shiro-redis</artifactId>
<version>${shiro-redis.version}</version>
<exclusions>
<exclusion>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
</exclusion>
<exclusion>
<artifactId>checkstyle</artifactId>
<groupId>com.puppycrawl.tools</groupId>
</exclusion>
</exclusions>
</dependency>
<!-- knife4j -->
<!-- <dependency>
<groupId>com.github.xiaoymin</groupId>
<artifactId>knife4j-openapi3-jakarta-spring-boot-starter</artifactId>
<version>${knife4j-spring-boot-starter.version}</version>
</dependency>-->
<!-- knife4j 升级springboot3.4.5报错 -->
<dependency>
<groupId>com.github.xiaoymin</groupId>
<artifactId>knife4j-openapi3-spring-boot-starter</artifactId>
<artifactId>knife4j-openapi3-ui</artifactId>
<version>${knife4j-spring-boot-starter.version}</version>
</dependency>
<dependency>
<groupId>org.springdoc</groupId>
<artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
<version>2.7.0</version>
</dependency>
<!-- 代码生成器 -->
<!-- 如下载失败,请参考此文档 https://help.jeecg.com/java/setup/maven.html -->
@ -237,7 +237,7 @@
<!-- AutoPoi Excel工具类-->
<dependency>
<groupId>org.jeecgframework</groupId>
<groupId>org.jeecgframework.boot3</groupId>
<artifactId>autopoi-web</artifactId>
</dependency>
<dependency>
@ -275,6 +275,16 @@
<dependency>
<groupId>com.xkcoding.justauth</groupId>
<artifactId>justauth-spring-boot-starter</artifactId>
<exclusions>
<exclusion>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-autoconfigure</artifactId>
</exclusion>
<exclusion>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-configuration-processor</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>com.squareup.okhttp3</groupId>
@ -300,8 +310,8 @@
</dependency>
<!-- chatgpt -->
<dependency>
<groupId>org.jeecgframework.boot</groupId>
<groupId>org.jeecgframework.boot3</groupId>
<artifactId>jeecg-boot-starter-chatgpt</artifactId>
</dependency>
</dependencies>
</project>
</project>

21
jeecg-boot/jeecg-boot-base-core/src/main/java/org/apache/shiro/SecurityUtils.java Normal file
View File

@ -0,0 +1,21 @@
package org.apache.shiro;
import org.apache.shiro.subject.Subject;
/**
* 兼容处理Online功能使用处理请勿修改
* @author eightmonth@qq.com
* @date 2024/4/29 14:05
*/
public class SecurityUtils {
public static Subject getSubject() {
return new Subject() {
@Override
public Object getPrincipal() {
return Subject.super.getPrincipal();
}
};
}
}

15
jeecg-boot/jeecg-boot-base-core/src/main/java/org/apache/shiro/subject/Subject.java Normal file
View File

@ -0,0 +1,15 @@
package org.apache.shiro.subject;
import org.jeecg.common.util.LoginUserUtils;
/**
* 兼容处理Online功能使用处理请勿修改
* @author eightmonth@qq.com
* @date 2024/4/29 14:18
*/
public interface Subject {
default Object getPrincipal() {
return LoginUserUtils.getSessionUser();
}
}

2
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/api/dto/FileDownDTO.java
View File

@ -2,7 +2,7 @@ package org.jeecg.common.api.dto;
import lombok.Data;
import javax.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpServletResponse;
import java.io.Serializable;
/**

20
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/aspect/AutoLogAspect.java
View File

@ -2,7 +2,7 @@ package org.jeecg.common.aspect;
import com.alibaba.fastjson.JSONObject;
import com.alibaba.fastjson.serializer.PropertyFilter;
import org.apache.shiro.SecurityUtils;
import org.jeecg.common.util.LoginUserUtils;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
@ -20,14 +20,14 @@ import org.jeecg.common.system.vo.LoginUser;
import org.jeecg.common.util.IpUtils;
import org.jeecg.common.util.SpringContextUtils;
import org.jeecg.common.util.oConvertUtils;
import org.springframework.core.LocalVariableTableParameterNameDiscoverer;
import org.springframework.core.StandardReflectionParameterNameDiscoverer;
import org.springframework.stereotype.Component;
import org.springframework.validation.BindingResult;
import org.springframework.web.multipart.MultipartFile;
import javax.annotation.Resource;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import jakarta.annotation.Resource;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
import jakarta.servlet.http.HttpServletRequest;
import java.lang.reflect.Method;
import java.util.Date;
@ -100,7 +100,7 @@ public class AutoLogAspect {
//设置IP地址
dto.setIp(IpUtils.getIpAddr(request));
//获取登录用户信息
LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
LoginUser sysUser = LoginUserUtils.getSessionUser();
if(sysUser!=null){
dto.setUserid(sysUser.getUsername());
dto.setUsername(sysUser.getRealname());
@ -143,7 +143,7 @@ public class AutoLogAspect {
// https://my.oschina.net/mengzhang6/blog/2395893
Object[] arguments = new Object[paramsArray.length];
for (int i = 0; i < paramsArray.length; i++) {
if (paramsArray[i] instanceof BindingResult || paramsArray[i] instanceof ServletRequest || paramsArray[i] instanceof ServletResponse || paramsArray[i] instanceof MultipartFile || paramsArray[i] instanceof MultipartFile[]) {
if (paramsArray[i] instanceof BindingResult || paramsArray[i] instanceof ServletRequest || paramsArray[i] instanceof ServletResponse || paramsArray[i] instanceof MultipartFile) {
//ServletRequest不能序列化从入参里排除否则报异常java.lang.IllegalStateException: It is illegal to call this method if the current request is not in asynchronous mode (i.e. isAsyncStarted() returns false)
//ServletResponse不能序列化 从入参里排除否则报异常java.lang.IllegalStateException: getOutputStream() has already been called for this response
continue;
@ -172,7 +172,7 @@ public class AutoLogAspect {
// 请求的方法参数值
Object[] args = joinPoint.getArgs();
// 请求的方法参数名称
LocalVariableTableParameterNameDiscoverer u = new LocalVariableTableParameterNameDiscoverer();
StandardReflectionParameterNameDiscoverer u=new StandardReflectionParameterNameDiscoverer();
String[] paramNames = u.getParameterNames(method);
if (args != null && paramNames != null) {
for (int i = 0; i < args.length; i++) {
@ -244,7 +244,7 @@ public class AutoLogAspect {
sysLog.setIp(IPUtils.getIpAddr(request));
//获取登录用户信息
LoginUser sysUser = (LoginUser)SecurityUtils.getSubject().getPrincipal();
LoginUser sysUser = LoginUserUtils.getLoginUser();
if(sysUser!=null){
sysLog.setUserid(sysUser.getUsername());
sysLog.setUsername(sysUser.getRealname());

2
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/aspect/PermissionDataAspect.java
View File

@ -21,7 +21,7 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Lazy;
import org.springframework.stereotype.Component;
import javax.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletRequest;
import java.lang.reflect.Method;
import java.util.List;

7
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/constant/CommonConstant.java
View File

@ -87,13 +87,6 @@ public interface CommonConstant {
/**访问权限认证未通过 510*/
Integer SC_JEECG_NO_AUTHZ=510;
/** 登录用户Shiro权限缓存KEY前缀 */
public static String PREFIX_USER_SHIRO_CACHE = "shiro:cache:org.jeecg.config.shiro.ShiroRealm.authorizationCache:";
/** 登录用户Token令牌缓存KEY前缀 */
String PREFIX_USER_TOKEN = "prefix_user_token:";
// /** Token缓存时间3600秒即一小时 */
// int TOKEN_EXPIRE_TIME = 3600;
/** 登录二维码 */
String LOGIN_QRCODE_PRE = "QRCODELOGIN:";
String LOGIN_QRCODE = "LQ:";

39
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/exception/JeecgBootExceptionHandler.java
View File

@ -1,11 +1,14 @@
package org.jeecg.common.exception;
import cn.hutool.core.util.ObjectUtil;
import jakarta.annotation.Resource;
import jakarta.servlet.http.HttpServletRequest;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.exception.ExceptionUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.authz.UnauthorizedException;
import org.jeecg.common.util.LoginUserUtils;
import cn.dev33.satoken.exception.NotLoginException;
import cn.dev33.satoken.exception.NotPermissionException;
import cn.dev33.satoken.exception.NotRoleException;
import org.jeecg.common.api.dto.LogDTO;
import org.jeecg.common.api.vo.Result;
import org.jeecg.common.constant.CommonConstant;
@ -33,8 +36,6 @@ import org.springframework.web.multipart.MaxUploadSizeExceededException;
import org.springframework.web.multipart.MultipartException;
import org.springframework.web.servlet.NoHandlerFoundException;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import java.util.Map;
import java.util.stream.Collectors;
@ -112,12 +113,34 @@ public class JeecgBootExceptionHandler {
return Result.error("数据库中已存在该记录");
}
@ExceptionHandler({UnauthorizedException.class, AuthorizationException.class})
public Result<?> handleAuthorizationException(AuthorizationException e){
/**
* 处理Sa-Token未登录异常
*/
@ExceptionHandler(NotLoginException.class)
@ResponseStatus(HttpStatus.UNAUTHORIZED)
public Result<?> handleNotLoginException(NotLoginException e){
log.error("Sa-Token未登录异常: {}", e.getMessage());
return new Result(401, CommonConstant.TOKEN_IS_INVALID_MSG);
}
/**
* 处理Sa-Token无权限异常
*/
@ExceptionHandler(NotPermissionException.class)
public Result<?> handleNotPermissionException(NotPermissionException e){
log.error(e.getMessage(), e);
return Result.noauth("没有权限,请联系管理员分配权限!");
}
/**
* 处理Sa-Token无角色异常
*/
@ExceptionHandler(NotRoleException.class)
public Result<?> handleNotRoleException(NotRoleException e){
log.error(e.getMessage(), e);
return Result.noauth("没有角色权限,请联系管理员分配角色!");
}
@ExceptionHandler(Exception.class)
public Result<?> handleException(Exception e){
log.error(e.getMessage(), e);
@ -267,7 +290,7 @@ public class JeecgBootExceptionHandler {
//获取登录用户信息
LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
LoginUser sysUser = LoginUserUtils.getSessionUser();
if(sysUser!=null){
log.setUserid(sysUser.getUsername());
log.setUsername(sysUser.getRealname());

14
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/system/base/controller/JeecgController.java
View File

@ -6,10 +6,10 @@ import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import com.baomidou.mybatisplus.extension.service.IService;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.beanutils.PropertyUtils;
import org.apache.shiro.SecurityUtils;
import org.jeecg.common.api.vo.Result;
import org.jeecg.common.system.query.QueryGenerator;
import org.jeecg.common.system.vo.LoginUser;
import org.jeecg.common.util.LoginUserUtils;
import org.jeecg.common.util.oConvertUtils;
import org.jeecg.config.JeecgBaseConfig;
import org.jeecgframework.poi.excel.ExcelImportUtil;
@ -24,9 +24,9 @@ import org.springframework.web.multipart.MultipartFile;
import org.springframework.web.multipart.MultipartHttpServletRequest;
import org.springframework.web.servlet.ModelAndView;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import jakarta.annotation.Resource;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.*;
@ -52,7 +52,7 @@ public class JeecgController<T, S extends IService<T>> {
protected ModelAndView exportXls(HttpServletRequest request, T object, Class<T> clazz, String title) {
// Step.1 组装查询条件
QueryWrapper<T> queryWrapper = QueryGenerator.initQueryWrapper(object, request.getParameterMap());
LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
LoginUser sysUser = LoginUserUtils.getSessionUser();
// 过滤选中数据
String selections = request.getParameter("selections");
@ -90,7 +90,7 @@ public class JeecgController<T, S extends IService<T>> {
protected ModelAndView exportXlsSheet(HttpServletRequest request, T object, Class<T> clazz, String title,String exportFields,Integer pageNum) {
// Step.1 组装查询条件
QueryWrapper<T> queryWrapper = QueryGenerator.initQueryWrapper(object, request.getParameterMap());
LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
LoginUser sysUser = LoginUserUtils.getSessionUser();
// Step.2 计算分页sheet数据
double total = service.count();
int count = (int)Math.ceil(total/pageNum);
@ -142,7 +142,7 @@ public class JeecgController<T, S extends IService<T>> {
protected ModelAndView exportXlsForBigData(HttpServletRequest request, T object, Class<T> clazz, String title,Integer pageSize) {
// 组装查询条件
QueryWrapper<T> queryWrapper = QueryGenerator.initQueryWrapper(object, request.getParameterMap());
LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
LoginUser sysUser = LoginUserUtils.getSessionUser();
// 计算分页数
double total = service.count();
int count = (int) Math.ceil(total / pageSize);

1
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/system/base/entity/JeecgEntity.java
View File

@ -13,6 +13,7 @@ import io.swagger.v3.oas.annotations.media.Schema;
import lombok.Data;
import lombok.EqualsAndHashCode;
import lombok.experimental.Accessors;
import io.swagger.v3.oas.annotations.media.Schema;
/**
* @Description: Entity基类

2
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/system/util/JeecgDataAutorUtils.java
View File

@ -5,7 +5,7 @@ import org.jeecg.common.system.vo.SysUserCacheInfo;
import org.jeecg.common.util.SpringContextUtils;
import org.springframework.util.StringUtils;
import javax.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletRequest;
import java.util.ArrayList;
import java.util.List;

218
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/system/util/JwtUtil.java
View File

@ -1,29 +1,23 @@
package org.jeecg.common.system.util;
import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.exceptions.JWTDecodeException;
import com.auth0.jwt.interfaces.DecodedJWT;
import cn.dev33.satoken.stp.StpUtil;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.common.base.Joiner;
import java.io.IOException;
import java.io.OutputStream;
import java.util.Date;
import java.util.Objects;
import java.util.stream.Collectors;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpSession;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.SecurityUtils;
import org.jeecg.common.api.vo.Result;
import org.jeecg.common.constant.CommonConstant;
import org.jeecg.common.constant.DataBaseConstant;
import org.jeecg.common.constant.SymbolConstant;
import org.jeecg.common.constant.TenantConstant;
import org.jeecg.common.util.LoginUserUtils;
import org.jeecg.common.api.vo.Result;
import org.jeecg.common.constant.DataBaseConstant;
import org.jeecg.common.exception.JeecgBootException;
import org.jeecg.common.system.vo.LoginUser;
import org.jeecg.common.system.vo.SysUserCacheInfo;
@ -34,93 +28,74 @@ import org.jeecg.common.util.oConvertUtils;
/**
* @Author Scott
* @Date 2018-07-12 14:23
* @Desc JWT工具类
* @Desc JWT工具类 - 已迁移到Sa-Token此类作为兼容层保留
**/
@Slf4j
public class JwtUtil {
/**Token有效期为7天Token在reids中缓存时间为两倍*/
public static final long EXPIRE_TIME = (7 * 12) * 60 * 60 * 1000;
static final String WELL_NUMBER = SymbolConstant.WELL_NUMBER + SymbolConstant.LEFT_CURLY_BRACKET;
/**
*
* @param response
* @param code
* @param errorMsg
*/
public static void responseError(HttpServletResponse response, Integer code, String errorMsg) {
/**
* 返回错误 JSON 字符串(用于 Sa-Token Filter
* @param code 错误码
* @param errorMsg 错误信息
* @return JSON 字符串
*/
public static String responseErrorJson(Integer code, String errorMsg) {
try {
Result jsonResult = new Result(code, errorMsg);
jsonResult.setSuccess(false);
// 设置响应头和内容类型
response.setStatus(code);
response.setHeader("Content-type", "text/html;charset=UTF-8");
response.setContentType("application/json;charset=UTF-8");
// 使用 ObjectMapper 序列化为 JSON 字符串
ObjectMapper objectMapper = new ObjectMapper();
String json = objectMapper.writeValueAsString(jsonResult);
response.getWriter().write(json);
response.getWriter().flush();
return objectMapper.writeValueAsString(jsonResult);
} catch (IOException e) {
log.error(e.getMessage(), e);
log.error("生成错误 JSON 失败: {}", e.getMessage());
// 返回备用的硬编码 JSON
return "{\"success\":false,\"message\":\"" + errorMsg + "\",\"code\":" + code + ",\"result\":null,\"timestamp\":" + System.currentTimeMillis() + "}";
}
}
/**
* 校验token是否正确
*
* @param token 密钥
* @param secret 用户的密码
* @return 是否正确
* 注意此方法已废弃使用Sa-Token自动校验
*
* @param token
* @return
*/
public static boolean verify(String token, String username, String secret) {
@Deprecated
public static boolean verify(String token){
try {
// 根据密码生成JWT效验器
Algorithm algorithm = Algorithm.HMAC256(secret);
JWTVerifier verifier = JWT.require(algorithm).withClaim("username", username).build();
// 效验TOKEN
DecodedJWT jwt = verifier.verify(token);
return true;
// 使用Sa-Token验证
return StpUtil.getLoginIdByToken(token) != null;
} catch (Exception e) {
log.error(e.getMessage(), e);
log.warn(e.getMessage(), e);
return false;
}
}
/**
* 获得token中的信息无需secret解密也能获得
*
* @return token中包含的用户名
* 获得Token中的用户名不校验token是否有效
* <p>注意:现在 loginId 就是 username直接返回
*
* @param token JWT token
* @return 用户名username如果 token 无效则返回 null
*/
public static String getUsername(String token) {
public static String getUsername(String token){
try {
DecodedJWT jwt = JWT.decode(token);
return jwt.getClaim("username").asString();
} catch (JWTDecodeException e) {
log.error(e.getMessage(), e);
if(oConvertUtils.isEmpty(token)) {
return null;
}
// Sa-Token 的 loginId 现在就是 username直接返回
Object loginId = StpUtil.getLoginIdByToken(token);
return loginId != null ? loginId.toString() : null;
} catch (Exception e) {
log.warn("获取用户名失败: {}", e.getMessage());
return null;
}
}
/**
* 生成签名,5min后过期
*
* @param username 用户名
* @param secret 用户的密码
* @return 加密的token
*/
public static String sign(String username, String secret) {
Date date = new Date(System.currentTimeMillis() + EXPIRE_TIME);
Algorithm algorithm = Algorithm.HMAC256(secret);
// 附带username信息
return JWT.create().withClaim("username", username).withExpiresAt(date).sign(algorithm);
}
/**
* 根据request中的token获取用户账号
* 注意此方法已适配Sa-Token
*
* @param request
* @return
@ -134,9 +109,9 @@ public class JwtUtil {
}
return username;
}
/**
* 从session中获取变量
* 从session中获取变量
* @param key
* @return
*/
@ -147,7 +122,7 @@ public class JwtUtil {
String wellNumber = WELL_NUMBER;
if(key.indexOf(SymbolConstant.RIGHT_CURLY_BRACKET)!=-1){
moshi = key.substring(key.indexOf("}")+1);
moshi = key.substring(key.indexOf("}")+1);
}
String returnValue = null;
if (key.contains(wellNumber)) {
@ -161,16 +136,16 @@ public class JwtUtil {
if(returnValue!=null){returnValue = returnValue + moshi;}
return returnValue;
}
/**
* 从当前用户中获取变量
* 从当前用户中获取变量
* @param key
* @param user
* @return
*/
public static String getUserSystemData(String key, SysUserCacheInfo user) {
//1.优先获取 SysUserCacheInfo
if(user==null) {
if (user == null) {
try {
user = JeecgDataAutorUtils.loadUserInfo();
} catch (Exception e) {
@ -180,84 +155,82 @@ public class JwtUtil {
//2.通过shiro获取登录用户信息
LoginUser sysUser = null;
try {
sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
sysUser = (LoginUser) LoginUserUtils.getSessionUser();
} catch (Exception e) {
log.warn("SecurityUtils.getSubject() 获取用户信息异常:" + e.getMessage());
}
//#{sys_user_code}%
String moshi = "";
String wellNumber = WELL_NUMBER;
if(key.indexOf(SymbolConstant.RIGHT_CURLY_BRACKET)!=-1){
moshi = key.substring(key.indexOf("}")+1);
String wellNumber = WELL_NUMBER;
if (key.indexOf(SymbolConstant.RIGHT_CURLY_BRACKET) != -1) {
moshi = key.substring(key.indexOf("}") + 1);
}
String returnValue = null;
//针对特殊标示处理#{sysOrgCode},判断替换
if (key.contains(wellNumber)) {
key = key.substring(2,key.indexOf("}"));
key = key.substring(2, key.indexOf("}"));
} else {
key = key;
}
//update-begin---author:chenrui ---date:20250107 for[QQYUN-10785]数据权限,查看自己拥有部门的权限中存在问题 #7288------------
// 是否存在字符串标志
boolean multiStr;
if(oConvertUtils.isNotEmpty(key) && key.trim().matches("^\\[\\w+]$")){
key = key.substring(1,key.length()-1);
if (oConvertUtils.isNotEmpty(key) && key.trim().matches("^\\[\\w+]$")) {
key = key.substring(1, key.length() - 1);
multiStr = true;
} else {
multiStr = false;
}
//update-end---author:chenrui ---date:20250107 for[QQYUN-10785]数据权限,查看自己拥有部门的权限中存在问题 #7288------------
multiStr = false;
}
//替换为当前系统时间(年月日)
if (key.equals(DataBaseConstant.SYS_DATE)|| key.toLowerCase().equals(DataBaseConstant.SYS_DATE_TABLE)) {
if (key.equals(DataBaseConstant.SYS_DATE) || key.toLowerCase().equals(DataBaseConstant.SYS_DATE_TABLE)) {
returnValue = DateUtils.formatDate();
}
//替换为当前系统时间(年月日时分秒)
else if (key.equals(DataBaseConstant.SYS_TIME)|| key.toLowerCase().equals(DataBaseConstant.SYS_TIME_TABLE)) {
else if (key.equals(DataBaseConstant.SYS_TIME) || key.toLowerCase().equals(DataBaseConstant.SYS_TIME_TABLE)) {
returnValue = DateUtils.now();
}
//流程状态默认值(默认未发起)
else if (key.equals(DataBaseConstant.BPM_STATUS)|| key.toLowerCase().equals(DataBaseConstant.BPM_STATUS_TABLE)) {
else if (key.equals(DataBaseConstant.BPM_STATUS) || key.toLowerCase().equals(DataBaseConstant.BPM_STATUS_TABLE)) {
returnValue = "1";
}
//后台任务获取用户信息异常,导致程序中断
if(sysUser==null && user==null){
if (sysUser == null && user == null) {
return null;
}
//替换为系统登录用户帐号
if (key.equals(DataBaseConstant.SYS_USER_CODE)|| key.toLowerCase().equals(DataBaseConstant.SYS_USER_CODE_TABLE)) {
if(user==null) {
if (key.equals(DataBaseConstant.SYS_USER_CODE) || key.toLowerCase().equals(DataBaseConstant.SYS_USER_CODE_TABLE)) {
if (user == null) {
returnValue = sysUser.getUsername();
}else {
} else {
returnValue = user.getSysUserCode();
}
}
// 替换为系统登录用户ID
else if (key.equals(DataBaseConstant.SYS_USER_ID) || key.equalsIgnoreCase(DataBaseConstant.SYS_USER_ID_TABLE)) {
if(user==null) {
if (user == null) {
returnValue = sysUser.getId();
}else {
} else {
returnValue = user.getSysUserId();
}
}
//替换为系统登录用户真实名字
else if (key.equals(DataBaseConstant.SYS_USER_NAME)|| key.toLowerCase().equals(DataBaseConstant.SYS_USER_NAME_TABLE)) {
if(user==null) {
else if (key.equals(DataBaseConstant.SYS_USER_NAME) || key.toLowerCase().equals(DataBaseConstant.SYS_USER_NAME_TABLE)) {
if (user == null) {
returnValue = sysUser.getRealname();
}else {
} else {
returnValue = user.getSysUserName();
}
}
//替换为系统用户登录所使用的机构编码
else if (key.equals(DataBaseConstant.SYS_ORG_CODE)|| key.toLowerCase().equals(DataBaseConstant.SYS_ORG_CODE_TABLE)) {
if(user==null) {
else if (key.equals(DataBaseConstant.SYS_ORG_CODE) || key.toLowerCase().equals(DataBaseConstant.SYS_ORG_CODE_TABLE)) {
if (user == null) {
returnValue = sysUser.getOrgCode();
}else {
} else {
returnValue = user.getSysOrgCode();
}
}
@ -272,24 +245,17 @@ public class JwtUtil {
}
//替换为系统用户所拥有的所有机构编码
else if (key.equals(DataBaseConstant.SYS_MULTI_ORG_CODE)|| key.toLowerCase().equals(DataBaseConstant.SYS_MULTI_ORG_CODE_TABLE)) {
if(user==null){
//TODO 暂时使用用户登录部门,存在逻辑缺陷,不是用户所拥有的部门
else if (key.equals(DataBaseConstant.SYS_MULTI_ORG_CODE) || key.toLowerCase().equals(DataBaseConstant.SYS_MULTI_ORG_CODE_TABLE)) {
if (user == null) {
returnValue = sysUser.getOrgCode();
//update-begin---author:chenrui ---date:20250107 for[QQYUN-10785]数据权限,查看自己拥有部门的权限中存在问题 #7288------------
returnValue = multiStr ? "'" + returnValue + "'" : returnValue;
//update-end---author:chenrui ---date:20250107 for[QQYUN-10785]数据权限,查看自己拥有部门的权限中存在问题 #7288------------
}else{
if(user.isOneDepart()) {
} else {
if (user.isOneDepart()) {
returnValue = user.getSysMultiOrgCode().get(0);
//update-begin---author:chenrui ---date:20250107 for[QQYUN-10785]数据权限,查看自己拥有部门的权限中存在问题 #7288------------
returnValue = multiStr ? "'" + returnValue + "'" : returnValue;
//update-end---author:chenrui ---date:20250107 for[QQYUN-10785]数据权限,查看自己拥有部门的权限中存在问题 #7288------------
}else {
//update-begin---author:chenrui ---date:20250107 for[QQYUN-10785]数据权限,查看自己拥有部门的权限中存在问题 #7288------------
} else {
returnValue = user.getSysMultiOrgCode().stream()
.filter(Objects::nonNull)
//update-begin---author:chenrui ---date:20250224 for[issues/7288]数据权限,查看自己拥有部门的权限中存在问题 #7288------------
.map(orgCode -> {
if (multiStr) {
return "'" + orgCode + "'";
@ -297,9 +263,7 @@ public class JwtUtil {
return orgCode;
}
})
//update-end---author:chenrui ---date:20250224 for[issues/7288]数据权限,查看自己拥有部门的权限中存在问题 #7288------------
.collect(Collectors.joining(", "));
//update-end---author:chenrui ---date:20250107 for[QQYUN-10785]数据权限,查看自己拥有部门的权限中存在问题 #7288------------
}
}
}
@ -313,21 +277,17 @@ public class JwtUtil {
}
}
//update-begin-author:taoyan date:20210330 for:多租户ID作为系统变量
else if (key.equals(TenantConstant.TENANT_ID) || key.toLowerCase().equals(TenantConstant.TENANT_ID_TABLE)){
// 多租户ID作为系统变量
else if (key.equals(TenantConstant.TENANT_ID) || key.toLowerCase().equals(TenantConstant.TENANT_ID_TABLE)) {
try {
returnValue = SpringContextUtils.getHttpServletRequest().getHeader(CommonConstant.TENANT_ID);
} catch (Exception e) {
log.warn("获取系统租户异常:" + e.getMessage());
}
}
//update-end-author:taoyan date:20210330 for:多租户ID作为系统变量
if(returnValue!=null){returnValue = returnValue + moshi;}
if (returnValue != null) {
returnValue = returnValue + moshi;
}
return returnValue;
}
// public static void main(String[] args) {
// String token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1NjUzMzY1MTMsInVzZXJuYW1lIjoiYWRtaW4ifQ.xjhud_tWCNYBOg_aRlMgOdlZoWFFKB_givNElHNw3X0";
// System.out.println(JwtUtil.getUsername(token));
// }
}

2
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/BrowserUtils.java
View File

@ -5,7 +5,7 @@ import java.util.Map;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletRequest;
/**
*

2
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/CommonUtils.java
View File

@ -19,7 +19,7 @@ import org.springframework.jdbc.datasource.DriverManagerDataSource;
import org.springframework.util.FileCopyUtils;
import org.springframework.web.multipart.MultipartFile;
import javax.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletRequest;
import javax.sql.DataSource;
import java.io.ByteArrayInputStream;
import java.io.File;

2
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/FileDownloadUtils.java
View File

@ -1,5 +1,6 @@
package org.jeecg.common.util;
import jakarta.servlet.http.HttpServletResponse;
import cn.hutool.core.io.IoUtil;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.compress.archivers.zip.ZipArchiveEntry;
@ -10,7 +11,6 @@ import org.jeecg.common.constant.CommonConstant;
import org.jeecg.common.exception.JeecgBootException;
import org.jeecg.common.util.filter.SsrfFileTypeFilter;
import javax.servlet.http.HttpServletResponse;
import java.io.*;
import java.net.HttpURLConnection;
import java.net.URL;

2
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/FillRuleUtil.java
View File

@ -4,13 +4,13 @@ import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import jakarta.servlet.http.HttpServletRequest;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.jeecg.common.constant.SymbolConstant;
import org.jeecg.common.handler.IFillRuleHandler;
import org.jeecg.common.system.query.QueryGenerator;
import javax.servlet.http.HttpServletRequest;
/**

2
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/IpUtils.java
View File

@ -1,6 +1,6 @@
package org.jeecg.common.util;
import javax.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.jeecg.common.constant.CommonConstant;

175
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/LoginUserUtils.java Normal file
View File

@ -0,0 +1,175 @@
package org.jeecg.common.util;
import cn.dev33.satoken.stp.StpUtil;
import lombok.extern.slf4j.Slf4j;
import org.jeecg.common.system.vo.LoginUser;
/**
* 登录用户工具类
* 替代原有的Shiro SecurityUtils工具类
* @author jeecg-boot
*/
@Slf4j
public class LoginUserUtils {
/**
* Session中存储登录用户信息的key
*/
private static final String SESSION_KEY_LOGIN_USER = "loginUser";
/**
* 执行登录并设置用户信息到Session推荐
*
* <p>此方法会:
* <ul>
* <li>1. 调用 StpUtil.login(username) 生成token和session</li>
* <li>2. 将 LoginUser 存入 Session 缓存清除不必要的字段密码等15个字段</li>
* <li>3. 返回生成的 token</li>
* </ul>
*
* @param sysUser 完整的用户对象(从数据库查询得到)
* @return 生成的 token
*/
public static String doLogin(LoginUser sysUser) {
if (sysUser == null) {
throw new IllegalArgumentException("用户对象不能为空");
}
try {
// 1. 获取 username
String username = sysUser.getUsername();
if (username == null || username.trim().isEmpty()) {
throw new IllegalArgumentException("用户名不能为空");
}
// 2. Sa-Token 登录(使用 username 作为 loginId
StpUtil.login(username);
// 3. 用户信息到 LoginUser 并存入 Session
setSessionUser(sysUser);
// 4. 返回生成的 token
return StpUtil.getTokenValue();
} catch (Exception e) {
throw new RuntimeException("登录失败: " + e.getMessage(), e);
}
}
/**
* 获取当前登录用户信息
*
* <p>说明:
* <ul>
* <li>对于需要认证的接口Sa-Token Filter 已经校验过登录状态,此方法必然能获取到用户</li>
* <li>对于已排除拦截的接口:如果未登录或获取失败则返回 null由业务代码自行判断处理</li>
* </ul>
*
* @return 登录用户对象如果未登录或session中没有则返回null
*/
public static LoginUser getSessionUser() {
// 尝试从Sa-Token的Session中获取用户信息
Object loginUser = StpUtil.getSession().get(SESSION_KEY_LOGIN_USER);
if (loginUser instanceof LoginUser) {
return (LoginUser) loginUser;
}
return null;
}
/**
* 根据指定的 token 获取登录用户信息
*
* <p>适用场景:已排除拦截的接口(如 WebSocket需要显式传入 token 来获取用户信息
*
* <p>实现方式:临时切换到该 token 对应的会话,然后获取用户信息
*
* @param token JWT token
* @return 登录用户对象,如果 token 无效或session中没有则返回null
*/
public static LoginUser getSessionUser(String token) {
try {
// 根据 token 获取登录ID
Object loginId = StpUtil.getLoginIdByToken(token);
if (loginId == null) {
return null;
}
// 临时切换到该 token 对应的登录会话
StpUtil.switchTo(loginId);
// 直接调用无参方法获取用户信息
return getSessionUser();
} catch (Exception e) {
log.debug("根据token获取用户信息失败: {}", e.getMessage());
return null;
}
}
/**
* 设置当前登录用户信息到Session
*
* <p>为减少 Redis 存储和保障安全,只保留必要的核心字段:
* <ul>
* <li>id, username, realname - 基础用户信息</li>
* <li>orgCode, orgId, departIds - 部门和数据权限</li>
* <li>roleCode - 角色权限</li>
* <li>loginTenantId, relTenantIds - 多租户</li>
* <li>avatar - 用户头像</li>
* </ul>
*
* <p>⚠️ 注意:调用此方法前需要先调用 StpUtil.login()
*
* @param loginUser 登录用户对象
*/
public static void setSessionUser(LoginUser loginUser) {
if (loginUser == null) {
return;
}
// ⚠️ 安全与性能:清除不必要的字段,减少 Redis 存储
loginUser.setPassword(null); // 密码(安全)
loginUser.setWorkNo(null); // 工号
loginUser.setBirthday(null); // 生日
loginUser.setSex(null); // 性别
loginUser.setEmail(null); // 邮箱
loginUser.setPhone(null); // 手机号
loginUser.setStatus(null); // 状态
loginUser.setDelFlag(null); // 删除标志
loginUser.setActivitiSync(null); // 工作流同步
loginUser.setCreateTime(null); // 创建时间
loginUser.setUserIdentity(null); // 用户身份
loginUser.setPost(null); // 职务
loginUser.setTelephone(null); // 座机
loginUser.setClientId(null); // 设备ID
loginUser.setMainDepPostId(null); // 主岗位
StpUtil.getSession().set(SESSION_KEY_LOGIN_USER, loginUser);
}
/**
* 获取当前登录用户名(推荐使用此方法,语义更清晰)
* @return 用户名username
*/
public static String getUsername() {
return StpUtil.getLoginIdAsString();
}
/**
* 检查是否已登录
* @return true-已登录false-未登录
*/
public static boolean isLogin() {
return StpUtil.isLogin();
}
/**
* 退出登录
*/
public static void logout() {
StpUtil.logout();
}
}

33
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/RestUtil.java
View File

@ -4,7 +4,7 @@ import com.alibaba.fastjson.JSONObject;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.springframework.http.*;
import org.springframework.http.client.SimpleClientHttpRequestFactory;
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
import org.springframework.http.converter.StringHttpMessageConverter;
import org.springframework.web.client.RestTemplate;
@ -56,12 +56,22 @@ public class RestUtil {
private final static RestTemplate RT;
static {
SimpleClientHttpRequestFactory requestFactory = new SimpleClientHttpRequestFactory();
//update-begin---author:chenrui ---date:20251011 for[issues/8859]online表单java增强失效------------
// 使用 Apache HttpClient 避免 JDK HttpURLConnection 的 too many bytes written 问题
HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory();
//update-end---author:chenrui ---date:20251011 for[issues/8859]online表单java增强失效------------
requestFactory.setConnectTimeout(30000);
requestFactory.setReadTimeout(30000);
RT = new RestTemplate(requestFactory);
// 解决乱码问题
RT.getMessageConverters().set(1, new StringHttpMessageConverter(StandardCharsets.UTF_8));
//update-begin---author:chenrui ---date:20251011 for[issues/8859]online表单java增强失效------------
// 解决乱码问题(替换 StringHttpMessageConverter 为 UTF-8
for (int i = 0; i < RT.getMessageConverters().size(); i++) {
if (RT.getMessageConverters().get(i) instanceof StringHttpMessageConverter) {
RT.getMessageConverters().set(i, new StringHttpMessageConverter(StandardCharsets.UTF_8));
break;
}
}
//update-end---author:chenrui ---date:20251011 for[issues/8859]online表单java增强失效------------
}
public static RestTemplate getRestTemplate() {
@ -250,12 +260,21 @@ public class RestUtil {
// 创建自定义RestTemplate如果需要设置超时
RestTemplate restTemplate = RT;
if (timeout > 0) {
SimpleClientHttpRequestFactory requestFactory = new SimpleClientHttpRequestFactory();
//update-begin---author:chenrui ---date:20251011 for[issues/8859]online表单java增强失效------------
HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory();
//update-end---author:chenrui ---date:20251011 for[issues/8859]online表单java增强失效------------
requestFactory.setConnectTimeout(timeout);
requestFactory.setReadTimeout(timeout);
restTemplate = new RestTemplate(requestFactory);
// 解决乱码问题
restTemplate.getMessageConverters().set(1, new StringHttpMessageConverter(StandardCharsets.UTF_8));
//update-begin---author:chenrui ---date:20251011 for[issues/8859]online表单java增强失效------------
// 解决乱码问题(替换 StringHttpMessageConverter 为 UTF-8
for (int i = 0; i < restTemplate.getMessageConverters().size(); i++) {
if (restTemplate.getMessageConverters().get(i) instanceof StringHttpMessageConverter) {
restTemplate.getMessageConverters().set(i, new StringHttpMessageConverter(StandardCharsets.UTF_8));
break;
}
}
//update-end---author:chenrui ---date:20251011 for[issues/8859]online表单java增强失效------------
}
// 请求体

37
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/ShiroThreadPoolExecutor.java
View File

@ -1,37 +0,0 @@
package org.jeecg.common.util;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.ThreadContext;
import java.util.concurrent.*;
/**
* @date 2025-09-04
* @author scott
*
* @Description: 支持shiro的API获取当前登录人方法的线程池
*/
public class ShiroThreadPoolExecutor extends ThreadPoolExecutor {
public ShiroThreadPoolExecutor(int corePoolSize, int maximumPoolSize, long keepAliveTime, TimeUnit unit, BlockingQueue<Runnable> workQueue) {
super(corePoolSize, maximumPoolSize, keepAliveTime, unit, workQueue);
}
@Override
public void execute(Runnable command) {
Subject subject = SecurityUtils.getSubject();
SecurityManager securityManager = SecurityUtils.getSecurityManager();
super.execute(() -> {
try {
ThreadContext.bind(securityManager);
ThreadContext.bind(subject);
command.run();
} finally {
ThreadContext.unbindSubject();
ThreadContext.unbindSecurityManager();
}
});
}
}

4
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/SpringContextUtils.java
View File

@ -1,7 +1,7 @@
package org.jeecg.common.util;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.jeecg.common.constant.CommonConstant;
import org.jeecg.common.constant.ServiceNameConstants;

74
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/TokenUtils.java
View File

@ -1,5 +1,6 @@
package org.jeecg.common.util;
import cn.dev33.satoken.stp.StpUtil;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.jeecg.common.api.CommonAPI;
@ -11,7 +12,7 @@ import org.jeecg.common.exception.JeecgBoot401Exception;
import org.jeecg.common.system.util.JwtUtil;
import org.jeecg.common.system.vo.LoginUser;
import javax.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletRequest;
/**
* @Author scott
@ -87,91 +88,40 @@ public class TokenUtils {
}
/**
* 验证Token
* 验证Token已重写为Sa-Token实现
*/
public static boolean verifyToken(HttpServletRequest request, CommonAPI commonApi, RedisUtil redisUtil) {
public static boolean verifyToken(HttpServletRequest request, CommonAPI commonApi) {
log.debug(" -- url --" + request.getRequestURL());
String token = getTokenByRequest(request);
return TokenUtils.verifyToken(token, commonApi, redisUtil);
return TokenUtils.verifyToken(token, commonApi);
}
/**
* 验证Token
* 验证Token已重写为Sa-Token实现
*/
public static boolean verifyToken(String token, CommonAPI commonApi, RedisUtil redisUtil) {
public static boolean verifyToken(String token, CommonAPI commonApi) {
if (StringUtils.isBlank(token)) {
throw new JeecgBoot401Exception("token不能为空!");
}
// 解密获得username用于和数据库进行对比
String username = JwtUtil.getUsername(token);
// 使用Sa-Token校验token
Object username = StpUtil.getLoginIdByToken(token);
if (username == null) {
throw new JeecgBoot401Exception("token非法无效!");
}
// 查询用户信息
LoginUser user = TokenUtils.getLoginUser(username, commonApi, redisUtil);
//LoginUser user = commonApi.getUserByName(username);
LoginUser user = commonApi.getUserByName(username.toString());
if (user == null) {
throw new JeecgBoot401Exception("用户不存在!");
}
// 判断用户状态
if (user.getStatus() != 1) {
throw new JeecgBoot401Exception("账号已被锁定,请联系管理员!");
}
// 校验token是否超时失效 & 或者账号密码是否错误
if (!jwtTokenRefresh(token, username, user.getPassword(), redisUtil)) {
throw new JeecgBoot401Exception(CommonConstant.TOKEN_IS_INVALID_MSG);
}
return true;
}
/**
* 刷新token保证用户在线操作不掉线
* @param token
* @param userName
* @param passWord
* @param redisUtil
* @return
*/
private static boolean jwtTokenRefresh(String token, String userName, String passWord, RedisUtil redisUtil) {
String cacheToken = oConvertUtils.getString(redisUtil.get(CommonConstant.PREFIX_USER_TOKEN + token));
if (oConvertUtils.isNotEmpty(cacheToken)) {
// 校验token有效性
if (!JwtUtil.verify(cacheToken, userName, passWord)) {
String newAuthorization = JwtUtil.sign(userName, passWord);
// 设置Toekn缓存有效时间
redisUtil.set(CommonConstant.PREFIX_USER_TOKEN + token, newAuthorization);
redisUtil.expire(CommonConstant.PREFIX_USER_TOKEN + token, JwtUtil.EXPIRE_TIME * 2 / 1000);
}
return true;
}
return false;
}
/**
* 获取登录用户
*
* @param commonApi
* @param username
* @return
*/
public static LoginUser getLoginUser(String username, CommonAPI commonApi, RedisUtil redisUtil) {
LoginUser loginUser = null;
String loginUserKey = CacheConstant.SYS_USERS_CACHE + "::" + username;
//【重要】此处通过redis原生获取缓存用户是为了解决微服务下system服务挂了其他服务互调不通问题---
if (redisUtil.hasKey(loginUserKey)) {
try {
loginUser = (LoginUser) redisUtil.get(loginUserKey);
//解密用户
SensitiveInfoUtil.handlerObject(loginUser, false);
} catch (IllegalAccessException e) {
e.printStackTrace();
}
} else {
// 查询用户信息
loginUser = commonApi.getUserByName(username);
}
return loginUser;
}
}

7
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/encryption/AesEncryptUtil.java
View File

@ -1,7 +1,6 @@
package org.jeecg.common.util.encryption;
import org.apache.shiro.codec.Base64;
import java.util.Base64;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
@ -49,7 +48,7 @@ public class AesEncryptUtil {
cipher.init(Cipher.ENCRYPT_MODE, keyspec, ivspec);
byte[] encrypted = cipher.doFinal(plaintext);
return Base64.encodeToString(encrypted);
return Base64.getEncoder().encodeToString(encrypted);
} catch (Exception e) {
e.printStackTrace();
@ -67,7 +66,7 @@ public class AesEncryptUtil {
*/
public static String desEncrypt(String data, String key, String iv) throws Exception {
//update-begin-author:taoyan date:2022-5-23 for:VUEN-1084 【vue3】online表单测试发现的新问题 6、解密报错 ---解码失败应该把异常抛出去,在外面处理
byte[] encrypted1 = Base64.decode(data);
byte[] encrypted1 = Base64.getDecoder().decode(data);
Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
SecretKeySpec keyspec = new SecretKeySpec(key.getBytes(), "AES");

2
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/oConvertUtils.java
View File

@ -10,7 +10,7 @@ import org.jeecg.common.constant.SymbolConstant;
import org.jeecg.config.mybatis.MybatisPlusSaasConfig;
import org.springframework.beans.BeanUtils;
import javax.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletRequest;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;

2
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/AutoPoiDictConfig.java
View File

@ -3,7 +3,7 @@ package org.jeecg.config;
import java.util.ArrayList;
import java.util.List;
import javax.annotation.Resource;
import jakarta.annotation.Resource;
import org.jeecg.common.api.CommonAPI;
import org.jeecg.common.system.vo.DictModel;

6
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/DruidConfig.java
View File

@ -2,7 +2,9 @@ package org.jeecg.config;
import java.io.IOException;
import javax.servlet.*;
import com.alibaba.druid.spring.boot3.autoconfigure.DruidDataSourceAutoConfigure;
import com.alibaba.druid.spring.boot3.autoconfigure.properties.DruidStatProperties;
import jakarta.servlet.*;
import org.springframework.boot.autoconfigure.AutoConfigureAfter;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
@ -11,8 +13,6 @@ import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import com.alibaba.druid.spring.boot.autoconfigure.DruidDataSourceAutoConfigure;
import com.alibaba.druid.spring.boot.autoconfigure.properties.DruidStatProperties;
import com.alibaba.druid.util.Utils;
/**

1
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/DruidWallConfigRegister.java
View File

@ -12,6 +12,7 @@ import java.util.HashMap;
import java.util.Map;
/**
* @author eightmonth@qq.com
* 启动程序修改DruidWallConfig配置
* 允许SELECT语句的WHERE子句是一个永真条件
* @author eightmonth

4
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/JeecgBaseConfig.java
View File

@ -1,7 +1,10 @@
package org.jeecg.config;
import org.jeecg.config.vo.*;
import org.springframework.beans.factory.config.BeanDefinition;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Role;
import org.springframework.stereotype.Component;
@ -11,6 +14,7 @@ import org.springframework.stereotype.Component;
*/
@Component("jeecgBaseConfig")
@ConfigurationProperties(prefix = "jeecg")
@Role(BeanDefinition.ROLE_INFRASTRUCTURE)
public class JeecgBaseConfig {
/**
* 签名密钥串(字典等敏感接口)

75
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/Swagger3Config.java
View File

@ -10,11 +10,13 @@ import io.swagger.v3.oas.models.security.SecurityRequirement;
import io.swagger.v3.oas.models.security.SecurityScheme;
import lombok.extern.slf4j.Slf4j;
import org.jeecg.common.constant.CommonConstant;
import org.springdoc.core.customizers.GlobalOpenApiCustomizer;
import org.springdoc.core.customizers.OperationCustomizer;
import org.springdoc.core.filters.GlobalOpenApiMethodFilter;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.PropertySource;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@ -61,28 +63,55 @@ public class Swagger3Config implements WebMvcConfigurer {
}
@Bean
public GlobalOpenApiCustomizer globalOpenApiCustomizer() {
return openApi -> {
// 全局添加鉴权参数
if (openApi.getPaths() != null) {
openApi.getPaths().forEach((path, pathItem) -> {
//log.debug("path: {}", path);
// 检查当前路径是否在排除列表中
boolean isExcluded = excludedPaths.stream().anyMatch(
excludedPath -> excludedPath.equals(path) || (excludedPath.endsWith("**") && path.startsWith(excludedPath.substring(0, excludedPath.length() - 2)))
);
if (!isExcluded) {
// 接口添加鉴权参数
pathItem.readOperations().forEach(operation ->
operation.addSecurityItem(new SecurityRequirement().addList(CommonConstant.X_ACCESS_TOKEN))
);
}
});
public OperationCustomizer operationCustomizer() {
return (operation, handlerMethod) -> {
String path = getFullPath(handlerMethod);
if (!isExcludedPath(path)) {
operation.addSecurityItem(new SecurityRequirement().addList(CommonConstant.X_ACCESS_TOKEN));
}else{
log.info("忽略加入 X_ACCESS_TOKEN 的 PATH:" + path);
}
return operation;
};
}
private String getFullPath(HandlerMethod handlerMethod) {
StringBuilder fullPath = new StringBuilder();
// 获取类级别的路径
RequestMapping classMapping = handlerMethod.getBeanType().getAnnotation(RequestMapping.class);
if (classMapping != null && classMapping.value().length > 0) {
fullPath.append(classMapping.value()[0]);
}
// 获取方法级别的路径
RequestMapping methodMapping = handlerMethod.getMethodAnnotation(RequestMapping.class);
if (methodMapping != null && methodMapping.value().length > 0) {
String methodPath = methodMapping.value()[0];
// 确保路径正确拼接,处理斜杠
if (!fullPath.toString().endsWith("/") && !methodPath.startsWith("/")) {
fullPath.append("/");
}
fullPath.append(methodPath);
}
return fullPath.toString();
}
private boolean isExcludedPath(String path) {
return excludedPaths.stream()
.anyMatch(pattern -> {
if (pattern.endsWith("/**")) {
// 处理通配符匹配
String basePath = pattern.substring(0, pattern.length() - 3);
return path.startsWith(basePath);
}
// 精确匹配
return pattern.equals(path);
});
}
@Bean
public OpenAPI customOpenAPI() {
return new OpenAPI()
@ -90,11 +119,15 @@ public class Swagger3Config implements WebMvcConfigurer {
.title("JeecgBoot 后台服务API接口文档")
.version("3.8.3")
.contact(new Contact().name("北京国炬信息技术有限公司").url("www.jeccg.com").email("jeecgos@163.com"))
.description( "后台API接口")
.description("后台API接口")
.termsOfService("NO terms of service")
.license(new License().name("Apache 2.0").url("http://www.apache.org/licenses/LICENSE-2.0.html")))
.addSecurityItem(new SecurityRequirement().addList(CommonConstant.X_ACCESS_TOKEN))
.components(new Components().addSecuritySchemes(CommonConstant.X_ACCESS_TOKEN,
new SecurityScheme().name(CommonConstant.X_ACCESS_TOKEN).type(SecurityScheme.Type.HTTP)));
new SecurityScheme()
.name(CommonConstant.X_ACCESS_TOKEN)
.type(SecurityScheme.Type.APIKEY)
.in(SecurityScheme.In.HEADER) // 关键:指定为 header
));
}
}

19
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/UndertowCustomizer.java Normal file
View File

@ -0,0 +1,19 @@
//package org.jeecg.config;
//
//import io.undertow.server.DefaultByteBufferPool;
//import io.undertow.websockets.jsr.WebSocketDeploymentInfo;
//import org.springframework.boot.web.embedded.undertow.UndertowServletWebServerFactory;
//import org.springframework.boot.web.server.WebServerFactoryCustomizer;
//import org.springframework.stereotype.Component;
//
//@Component
//public class UndertowCustomizer implements WebServerFactoryCustomizer<UndertowServletWebServerFactory> {
// @Override
// public void customize(UndertowServletWebServerFactory factory) {
// factory.addDeploymentInfoCustomizers(deploymentInfo -> {
// WebSocketDeploymentInfo webSocketDeploymentInfo = new WebSocketDeploymentInfo();
// webSocketDeploymentInfo.setBuffers(new DefaultByteBufferPool(false, 1024));
// deploymentInfo.addServletContextAttribute("io.undertow.websockets.jsr.WebSocketDeploymentInfo", webSocketDeploymentInfo);
// });
// }
//}

22
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/WebMvcConfiguration.java
View File

@ -10,17 +10,18 @@ import com.fasterxml.jackson.datatype.jsr310.deser.LocalTimeDeserializer;
import com.fasterxml.jackson.datatype.jsr310.ser.LocalDateSerializer;
import com.fasterxml.jackson.datatype.jsr310.ser.LocalDateTimeSerializer;
import com.fasterxml.jackson.datatype.jsr310.ser.LocalTimeSerializer;
import io.micrometer.prometheus.PrometheusMeterRegistry;
import io.micrometer.prometheusmetrics.PrometheusMeterRegistry;
import jakarta.annotation.PostConstruct;
import jakarta.annotation.Resource;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.beans.factory.config.BeanPostProcessor;
import org.springframework.boot.context.event.ApplicationReadyEvent;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Conditional;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Primary;
import org.springframework.context.event.EventListener;
import org.springframework.http.CacheControl;
import org.springframework.http.converter.HttpMessageConverter;
import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
@ -32,7 +33,6 @@ import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import javax.annotation.Resource;
import java.text.SimpleDateFormat;
import java.time.LocalDate;
import java.time.LocalDateTime;
@ -47,6 +47,7 @@ import java.util.concurrent.TimeUnit;
* @Author qinfeng
*
*/
@Slf4j
@Configuration
public class WebMvcConfiguration implements WebMvcConfigurer {
@ -154,16 +155,17 @@ public class WebMvcConfiguration implements WebMvcConfigurer {
/**
* 监听应用启动完成事件,确保 PrometheusMeterRegistry 已经初始化
* 在Bean初始化完成后立即配置PrometheusMeterRegistry避免在Meter注册后才配置MeterFilter
* for [QQYUN-12558]【监控】系统监控的头两个tab不好使接口404
* @param event
* @author chenrui
* @date 2025/5/26 16:46
*/
@EventListener
public void onApplicationReady(ApplicationReadyEvent event) {
if(null != meterRegistryPostProcessor){
meterRegistryPostProcessor.postProcessAfterInitialization(prometheusMeterRegistry, "");
@PostConstruct
public void initPrometheusMeterRegistry() {
// 确保在应用启动早期就配置MeterFilter避免警告
if (null != meterRegistryPostProcessor && null != prometheusMeterRegistry) {
meterRegistryPostProcessor.postProcessAfterInitialization(prometheusMeterRegistry, "prometheusMeterRegistry");
log.info("PrometheusMeterRegistry配置完成");
}
}

4
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/filter/RequestBodyReserveFilter.java
View File

@ -3,8 +3,8 @@ package org.jeecg.config.filter;
import org.jeecg.common.constant.CommonConstant;
import org.jeecg.config.sign.util.BodyReaderHttpServletRequestWrapper;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import jakarta.servlet.*;
import jakarta.servlet.http.HttpServletRequest;
import java.io.IOException;
/**

13
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/filter/WebsocketFilter.java
View File

@ -7,9 +7,9 @@ import org.jeecg.common.util.SpringContextUtils;
import org.jeecg.common.util.TokenUtils;
import org.jeecg.common.util.oConvertUtils;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import jakarta.servlet.*;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
/**
@ -24,23 +24,18 @@ public class WebsocketFilter implements Filter {
private static CommonAPI commonApi;
private static RedisUtil redisUtil;
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
if (commonApi == null) {
commonApi = SpringContextUtils.getBean(CommonAPI.class);
}
if (redisUtil == null) {
redisUtil = SpringContextUtils.getBean(RedisUtil.class);
}
HttpServletRequest request = (HttpServletRequest)servletRequest;
String token = request.getHeader(TOKEN_KEY);
log.debug("Websocket连接 Token安全校验Path = {}token:{}", request.getRequestURI(), token);
try {
TokenUtils.verifyToken(token, commonApi, redisUtil);
TokenUtils.verifyToken(token, commonApi);
} catch (Exception exception) {
//log.error("Websocket连接 Token安全校验失败IP:{}, Token:{}, Path = {},异常:{}", oConvertUtils.getIpAddrByRequest(request), token, request.getRequestURI(), exception.getMessage());
log.debug("Websocket连接 Token安全校验失败IP:{}, Token:{}, Path = {},异常:{}", oConvertUtils.getIpAddrByRequest(request), token, request.getRequestURI(), exception.getMessage());

10
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/firewall/interceptor/LowCodeModeInterceptor.java
View File

@ -2,7 +2,7 @@ package org.jeecg.config.firewall.interceptor;
import com.alibaba.fastjson.JSON;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.SecurityUtils;
import org.jeecg.common.util.LoginUserUtils;
import org.jeecg.common.api.CommonAPI;
import org.jeecg.common.api.vo.Result;
import org.jeecg.common.constant.CommonConstant;
@ -14,9 +14,9 @@ import org.jeecg.config.JeecgBaseConfig;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import jakarta.annotation.Resource;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.Set;
@ -68,7 +68,7 @@ public class LowCodeModeInterceptor implements HandlerInterceptor {
if (jeecgBaseConfig.getFirewall()!=null && LowCodeModeInterceptor.LOW_CODE_MODE_PROD.equals(jeecgBaseConfig.getFirewall().getLowCodeMode())) {
String requestURI = request.getRequestURI().substring(request.getContextPath().length());
log.info("低代码模式,拦截请求路径:" + requestURI);
LoginUser loginUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
LoginUser loginUser = LoginUserUtils.getSessionUser();
Set<String> hasRoles = null;
if (loginUser == null) {
loginUser = commonAPI.getUserByName(JwtUtil.getUserNameByToken(SpringContextUtils.getHttpServletRequest()));

4
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/mybatis/MybatisInterceptor.java
View File

@ -6,7 +6,7 @@ import org.apache.ibatis.executor.Executor;
import org.apache.ibatis.mapping.MappedStatement;
import org.apache.ibatis.mapping.SqlCommandType;
import org.apache.ibatis.plugin.*;
import org.apache.shiro.SecurityUtils;
import org.jeecg.common.util.LoginUserUtils;
import org.jeecg.common.config.TenantContext;
import org.jeecg.common.constant.TenantConstant;
import org.jeecg.common.system.vo.LoginUser;
@ -192,7 +192,7 @@ public class MybatisInterceptor implements Interceptor {
private LoginUser getLoginUser() {
LoginUser sysUser = null;
try {
sysUser = SecurityUtils.getSubject().getPrincipal() != null ? (LoginUser) SecurityUtils.getSubject().getPrincipal() : null;
sysUser = LoginUserUtils.getSessionUser() != null ? LoginUserUtils.getSessionUser() : null;
} catch (Exception e) {
//e.printStackTrace();
sysUser = null;

2
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/mybatis/aspect/DynamicTableAspect.java
View File

@ -11,7 +11,7 @@ import org.jeecg.common.util.SpringContextUtils;
import org.jeecg.config.mybatis.ThreadLocalDataHelper;
import org.springframework.stereotype.Component;
import javax.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletRequest;
import java.lang.reflect.Method;
/**

4
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/mybatis/interceptor/DynamicDatasourceInterceptor.java
View File

@ -6,8 +6,8 @@ import org.apache.commons.lang3.StringUtils;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
/**
* 动态数据源切换拦截器

3
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/oss/MinioConfig.java
View File

@ -1,5 +1,6 @@
package org.jeecg.config.oss;
import jakarta.annotation.PostConstruct;
import lombok.extern.slf4j.Slf4j;
import org.jeecg.common.constant.CommonConstant;
import org.jeecg.common.constant.SymbolConstant;
@ -28,7 +29,7 @@ public class MinioConfig {
@Value(value = "${jeecg.minio.bucketName}")
private String bucketName;
@Bean
@PostConstruct
public void initMinio(){
if(!minioUrl.startsWith(CommonConstant.STR_HTTP)){
minioUrl = "http://" + minioUrl;

3
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/oss/OssConfiguration.java
View File

@ -1,5 +1,6 @@
package org.jeecg.config.oss;
import jakarta.annotation.PostConstruct;
import org.jeecg.common.util.oss.OssBootUtil;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
@ -28,7 +29,7 @@ public class OssConfiguration {
private String staticDomain;
@Bean
@PostConstruct
public void initOssBootConfiguration() {
OssBootUtil.setEndPoint(endpoint);
OssBootUtil.setAccessKeyId(accessKeyId);

3
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/IgnoreAuth.java → jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/satoken/IgnoreAuth.java
View File

@ -1,4 +1,4 @@
package org.jeecg.config.shiro;
package org.jeecg.config.satoken;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
@ -16,3 +16,4 @@ import java.lang.annotation.Target;
@Retention(RetentionPolicy.RUNTIME)
public @interface IgnoreAuth {
}

326
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/satoken/SaTokenConfig.java Normal file
View File

@ -0,0 +1,326 @@
package org.jeecg.config.satoken;
import cn.dev33.satoken.context.SaHolder;
import cn.dev33.satoken.context.model.SaRequest;
import cn.dev33.satoken.filter.SaServletFilter;
import cn.dev33.satoken.interceptor.SaInterceptor;
import cn.dev33.satoken.jwt.StpLogicJwtForSimple;
import cn.dev33.satoken.router.SaHttpMethod;
import cn.dev33.satoken.router.SaRouter;
import cn.dev33.satoken.stp.StpLogic;
import cn.dev33.satoken.stp.StpUtil;
import jakarta.annotation.Resource;
import jakarta.servlet.DispatcherType;
import lombok.extern.slf4j.Slf4j;
import org.jeecg.common.constant.CommonConstant;
import org.jeecg.common.util.oConvertUtils;
import org.jeecg.config.JeecgBaseConfig;
import org.jeecg.config.satoken.ignore.InMemoryIgnoreAuth;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.config.BeanDefinition;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Primary;
import org.springframework.context.annotation.Role;
import org.springframework.core.env.Environment;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
/**
* @author: jeecg-boot
* @description: Sa-Token 配置类
*/
@Slf4j
@Configuration
@Role(BeanDefinition.ROLE_INFRASTRUCTURE)
public class SaTokenConfig implements WebMvcConfigurer {
@Resource
private JeecgBaseConfig jeecgBaseConfig;
@Autowired
private Environment env;
/**
* Sa-Token 整合 jwt (Simple 模式)
* 使用JWT-Simple模式生成标准JWT格式的token
* 并支持从URL参数"token"读取token兼容原系统
*/
@Bean
@Primary
public StpLogic getStpLogicJwt() {
return new StpLogicJwtForSimple() {
/**
* 获取当前请求的 Token 值
* 优先级Header > URL参数token > URL参数X-Access-Token
*/
@Override
public String getTokenValue() {
try {
SaRequest request = SaHolder.getRequest();
// 1. 优先从Header中获取
String tokenValue = request.getHeader(getConfigOrGlobal().getTokenName());
if (oConvertUtils.isNotEmpty(tokenValue)) {
return tokenValue;
}
// 2. 从URL参数"token"获取(兼容原系统)
tokenValue = request.getParam("token");
if (oConvertUtils.isNotEmpty(tokenValue)) {
return tokenValue;
}
// 3. 从URL参数"X-Access-Token"获取
tokenValue = request.getParam(getConfigOrGlobal().getTokenName());
if (oConvertUtils.isNotEmpty(tokenValue)) {
return tokenValue;
}
} catch (Exception e) {
log.debug("获取token失败: {}", e.getMessage());
}
// 4. 如果都没有,使用默认逻辑
return super.getTokenValue();
}
};
}
/**
* 注册 Sa-Token 拦截器,打开注解式鉴权功能
*/
@Override
public void addInterceptors(InterceptorRegistry registry) {
// 注册 Sa-Token 拦截器,打开注解式鉴权功能
registry.addInterceptor(new SaInterceptor()).addPathPatterns("/**");
}
/**
* 注册 Sa-Token 全局过滤器
*/
@Bean
public SaServletFilter getSaServletFilter() {
return new SaServletFilter()
// 指定 [拦截路由] 与 [放行路由]
.addInclude("/**")
.setExcludeList(getExcludeUrls())
// 认证函数: 每次请求执行
.setAuth(obj -> {
// 检查是否是免认证路径
String servletPath = SaHolder.getRequest().getRequestPath();
if (InMemoryIgnoreAuth.contains(servletPath)) {
return;
}
// 校验 token如果请求中带有 token先切换到对应的登录会话再校验
try {
String token = StpUtil.getTokenValue();
if (oConvertUtils.isNotEmpty(token)) {
// 根据 token 获取 loginId 并切换到对应的登录会话
Object loginId = StpUtil.getLoginIdByToken(token);
if (loginId != null) {
StpUtil.switchTo(loginId);
// 需要手工自动续签默认参数auto-renew:true 不好使
long activeTimeout = StpUtil.stpLogic.getConfigOrGlobal().getActiveTimeout();
if (activeTimeout > 0) {
// 获取当前token的活跃剩余时间
long tokenActiveTimeout = StpUtil.getTokenActiveTimeout();
// 如果剩余活跃时间少于总活跃时间的一半,进行续签
if (tokenActiveTimeout > 0 && tokenActiveTimeout < (activeTimeout / 2)) {
StpUtil.stpLogic.updateLastActiveToNow(token);
log.info("【Sa-Token拦截器】Token续签成功剩余活跃时间: {}秒", tokenActiveTimeout);
}
}
}
}
} catch (Exception e) {
// 如果获取 loginId 失败,说明 token 无效或未登录,让 checkLogin 抛出异常
log.debug("切换登录会话失败: {}", e.getMessage());
}
// 最终校验登录状态
StpUtil.checkLogin();
})
// 异常处理函数:每次认证函数发生异常时执行此函数
.setError(e -> {
log.warn("Sa-Token 认证失败用户未登录或token无效");
log.warn("请求路径: {}, Method: {}Token: {}", SaHolder.getRequest().getRequestPath(), SaHolder.getRequest().getMethod(), StpUtil.getTokenValue());
// 返回401状态码
SaHolder.getResponse()
.setStatus(401)
.setHeader("Content-Type", "application/json;charset=UTF-8");
return org.jeecg.common.system.util.JwtUtil.responseErrorJson(401, CommonConstant.TOKEN_IS_INVALID_MSG);
})
// 前置函数在每次认证函数之前执行BeforeAuth 不受 includeList 与 excludeList 的限制,所有请求都会进入)
.setBeforeAuth(r -> {
// 设置跨域配置
Object cloudServer = env.getProperty(CommonConstant.CLOUD_SERVER_KEY);
// 如果cloudServer为空 则说明是单体 需要加载跨域配置【微服务跨域切换】
if (cloudServer == null) {
SaHolder.getResponse()
// 允许指定域访问跨域资源
.setHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, SaHolder.getRequest().getHeader(HttpHeaders.ORIGIN))
// 允许所有请求方式
.setHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, "GET, POST, PUT, DELETE, OPTIONS")
// 有效时间
.setHeader(HttpHeaders.ACCESS_CONTROL_MAX_AGE, "3600")
// 允许的header参数
.setHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, SaHolder.getRequest().getHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_HEADERS))
// 允许携带凭证
.setHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
}
// OPTIONS预检请求直接返回
SaRouter.match(SaHttpMethod.OPTIONS).free(r2 -> {
SaHolder.getResponse().setStatus(HttpStatus.OK.value());
});
});
}
/**
* spring过滤装饰器 <br/>
* 支持异步请求的过滤器装饰
*/
@Bean
public FilterRegistrationBean<SaServletFilter> saTokenFilterRegistration() {
FilterRegistrationBean<SaServletFilter> registration = new FilterRegistrationBean<>();
registration.setFilter(getSaServletFilter());
registration.setName("SaServletFilter");
// 支持异步请求
registration.setDispatcherTypes(DispatcherType.REQUEST, DispatcherType.ASYNC);
// 拦截所有请求
registration.addUrlPatterns("/*");
registration.setOrder(1);
registration.setAsyncSupported(true); // 支持异步请求
return registration;
}
/**
* 获取排除URL列表
*/
private List<String> getExcludeUrls() {
List<String> excludeUrls = new ArrayList<>();
// 支持yml方式配置拦截排除
if (jeecgBaseConfig != null && jeecgBaseConfig.getShiro() != null) {
String shiroExcludeUrls = jeecgBaseConfig.getShiro().getExcludeUrls();
if (oConvertUtils.isNotEmpty(shiroExcludeUrls)) {
String[] permissionUrl = shiroExcludeUrls.split(",");
excludeUrls.addAll(Arrays.asList(permissionUrl));
}
}
// 添加默认排除路径
excludeUrls.addAll(Arrays.asList(
"/sys/cas/client/validateLogin", // cas验证登录
"/sys/randomImage/**", // 登录验证码接口排除
"/sys/checkCaptcha", // 登录验证码接口排除
"/sys/smsCheckCaptcha", // 短信次数发送太多验证码排除
"/sys/login", // 登录接口排除
"/sys/mLogin", // 登录接口排除
"/sys/logout", // 登出接口排除
"/sys/thirdLogin/**", // 第三方登录
"/sys/getEncryptedString", // 获取加密串
"/sys/sms", // 短信验证码
"/sys/phoneLogin", // 手机登录
"/sys/user/checkOnlyUser", // 校验用户是否存在
"/sys/user/register", // 用户注册
"/sys/user/phoneVerification", // 用户忘记密码验证手机号
"/sys/user/passwordChange", // 用户更改密码
"/auth/2step-code", // 登录验证码
"/sys/common/static/**", // 图片预览 & 下载文件不限制token
"/sys/common/pdf/**", // pdf预览
"/generic/**", // pdf预览需要文件
"/sys/getLoginQrcode/**", // 登录二维码
"/sys/getQrcodeToken/**", // 监听扫码
"/sys/checkAuth", // 授权接口排除
"/openapi/call/**", // 开放平台接口排除
// 排除静态资源后缀
"/",
"/doc.html",
"**/*.js",
"**/*.css",
"**/*.html",
"**/*.svg",
"**/*.pdf",
"**/*.jpg",
"**/*.png",
"**/*.gif",
"**/*.ico",
"**/*.ttf",
"**/*.woff",
"**/*.woff2",
"**/*.glb",
"**/*.wasm",
"**/*.js.map",
"**/*.css.map",
"/druid/**",
"/swagger-ui.html",
"/swagger*/**",
"/webjars/**",
"/v3/**",
// 排除消息通告查看详情页面用于第三方APP
"/sys/annountCement/show/**",
// 积木报表和积木BI排除
"/jmreport/**",
"/drag/lib/**",
"/drag/list/**",
"/drag/favicon.ico",
"/drag/view",
"/drag/page/queryById",
"/drag/page/addVisitsNumber",
"/drag/page/queryTemplateList",
"/drag/share/view/**",
"/drag/onlDragDatasetHead/getAllChartData",
"/drag/onlDragDatasetHead/getTotalData",
"/drag/onlDragDatasetHead/getMapDataByCode",
"/drag/onlDragDatasetHead/getTotalDataByCompId",
"/drag/mock/json/**",
"/drag/onlDragDatasetHead/getDictByCodes",
"/drag/onlDragDatasetHead/queryAllById",
"/jimubi/view",
"/jimubi/share/view/**",
// 大屏模板例子
"/test/bigScreen/**",
"/bigscreen/template1/**",
"/bigscreen/template2/**",
// websocket排除
"/websocket/**", // 系统通知和公告
"/newsWebsocket/**", // CMS模块
"/vxeSocket/**", // JVxeTable无痕刷新示例
"/dragChannelSocket/**", // 仪表盘(按钮通信)
// App vue3版本查询版本接口
"/sys/version/app3version",
// 测试模块排除
"/test/seata/**",
// 错误路径排除
"/error",
// 企业微信证书排除
"/WW_verify*"
));
return excludeUrls;
}
}

174
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/satoken/StpInterfaceImpl.java Normal file
View File

@ -0,0 +1,174 @@
package org.jeecg.config.satoken;
import cn.dev33.satoken.dao.SaTokenDao;
import cn.dev33.satoken.SaManager;
import cn.dev33.satoken.stp.StpInterface;
import lombok.extern.slf4j.Slf4j;
import org.jeecg.common.api.CommonAPI;
import org.springframework.context.annotation.Lazy;
import org.springframework.stereotype.Component;
import jakarta.annotation.Resource;
import java.util.ArrayList;
import java.util.List;
import java.util.Set;
/**
* @description: Sa-Token 权限认证接口实现(带缓存)
*
* <p>⚠️ 重要说明:</p>
* <ul>
* <li><strong>Sa-Token 的 StpInterface 默认不提供缓存能力</strong>,需要自己实现缓存逻辑</li>
* <li>本实现采用 <strong>[账号id -> 权限/角色列表]</strong> 缓存模型</li>
* <li>缓存键格式:
* <ul>
* <li>用户权限缓存satoken:user-permission:{username}</li>
* <li>用户角色缓存satoken:user-role:{username}</li>
* </ul>
* </li>
* <li>缓存过期时间30天</li>
* <li>⚠️ 当修改用户的角色或权限时,需要手动清除缓存</li>
* </ul>
*
* <p>清除缓存示例:</p>
* <pre>
* // 清除单个用户的权限和角色缓存
* StpInterfaceImpl.clearUserCache("admin");
*
* // 清除多个用户的缓存
* StpInterfaceImpl.clearUserCache(Arrays.asList("admin", "user1", "user2"));
* </pre>
*/
@Component
@Slf4j
public class StpInterfaceImpl implements StpInterface {
@Lazy
@Resource
private CommonAPI commonApi;
/**
* 缓存过期时间30天
*/
private static final long CACHE_TIMEOUT = 60 * 60 * 24 * 30;
/**
* 权限缓存键前缀
*/
private static final String PERMISSION_CACHE_PREFIX = "satoken:user-permission:";
/**
* 角色缓存键前缀
*/
private static final String ROLE_CACHE_PREFIX = "satoken:user-role:";
/**
* 返回一个账号所拥有的权限码集合(带缓存)
*
* @param loginId 账号id这里是 username
* @param loginType 账号类型
* @return 权限码集合
*/
@Override
@SuppressWarnings("unchecked")
public List<String> getPermissionList(Object loginId, String loginType) {
String username = loginId.toString();
String cacheKey = PERMISSION_CACHE_PREFIX + username;
SaTokenDao dao = SaManager.getSaTokenDao();
// 1. 先从缓存获取
List<String> permissionList = (List<String>) dao.getObject(cacheKey);
if (permissionList == null) {
// 2. 缓存不存在,从数据库查询
log.warn("权限缓存未命中,查询数据库 [ username={} ]", username);
String userId = commonApi.getUserIdByName(username);
if (userId == null) {
log.warn("用户不存在: {}", username);
return new ArrayList<>();
}
Set<String> permissionSet = commonApi.queryUserAuths(userId);
permissionList = new ArrayList<>(permissionSet);
// 3. 将结果缓存起来
dao.setObject(cacheKey, permissionList, CACHE_TIMEOUT);
log.info("权限已缓存 [ username={}, permissions={} ]", username, permissionList.size());
} else {
log.debug("权限缓存命中 [ username={}, permissions={} ]", username, permissionList.size());
}
return permissionList;
}
/**
* 返回一个账号所拥有的角色标识集合(带缓存)
*
* @param loginId 账号id这里是 username
* @param loginType 账号类型
* @return 角色标识集合
*/
@Override
@SuppressWarnings("unchecked")
public List<String> getRoleList(Object loginId, String loginType) {
String username = loginId.toString();
String cacheKey = ROLE_CACHE_PREFIX + username;
SaTokenDao dao = SaManager.getSaTokenDao();
// 1. 先从缓存获取
List<String> roleList = (List<String>) dao.getObject(cacheKey);
if (roleList == null) {
// 2. 缓存不存在,从数据库查询
log.warn("角色缓存未命中,查询数据库 [ username={} ]", username);
String userId = commonApi.getUserIdByName(username);
if (userId == null) {
log.warn("用户不存在: {}", username);
return new ArrayList<>();
}
Set<String> roleSet = commonApi.queryUserRolesById(userId);
roleList = new ArrayList<>(roleSet);
// 3. 将结果缓存起来
dao.setObject(cacheKey, roleList, CACHE_TIMEOUT);
log.info("角色已缓存 [ username={}, roles={} ]", username, roleList.size());
} else {
log.debug("角色缓存命中 [ username={}, roles={} ]", username, roleList.size());
}
return roleList;
}
/**
* 清除单个用户的权限和角色缓存
* <p>使用场景:修改用户的角色分配后</p>
*
* @param username 用户名
*/
public static void clearUserCache(String username) {
SaTokenDao dao = SaManager.getSaTokenDao();
dao.deleteObject(PERMISSION_CACHE_PREFIX + username);
dao.deleteObject(ROLE_CACHE_PREFIX + username);
log.info("已清除用户缓存 [ username={} ]", username);
}
/**
* 批量清除多个用户的权限和角色缓存
* <p>使用场景:修改角色权限后,清除拥有该角色的所有用户的缓存</p>
*
* @param usernameList 用户名列表
*/
public static void clearUserCache(List<String> usernameList) {
SaTokenDao dao = SaManager.getSaTokenDao();
for (String username : usernameList) {
dao.deleteObject(PERMISSION_CACHE_PREFIX + username);
dao.deleteObject(ROLE_CACHE_PREFIX + username);
}
log.info("已批量清除用户缓存 [ count={} ]", usernameList.size());
}
}

104
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/satoken/ignore/IgnoreAuthPostProcessor.java Normal file
View File

@ -0,0 +1,104 @@
package org.jeecg.config.satoken.ignore;
import lombok.AllArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.jeecg.config.satoken.IgnoreAuth;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.context.annotation.Lazy;
import org.springframework.stereotype.Component;
import org.springframework.util.CollectionUtils;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping;
import java.lang.reflect.Method;
import java.util.*;
import java.util.stream.Collectors;
/**
* 在spring boot初始化时根据@RestController注解获取当前spring容器中的bean
* @author eightmonth
* @date 2024/4/18 11:35
*/
@Slf4j
@Lazy(false)
@Component
@AllArgsConstructor
public class IgnoreAuthPostProcessor implements InitializingBean {
private RequestMappingHandlerMapping requestMappingHandlerMapping;
@Override
public void afterPropertiesSet() throws Exception {
long startTime = System.currentTimeMillis();
List<String> ignoreAuthUrls = new ArrayList<>();
// 优化直接从HandlerMethod过滤避免重复扫描
requestMappingHandlerMapping.getHandlerMethods().values().stream()
.filter(handlerMethod -> handlerMethod.getMethod().isAnnotationPresent(IgnoreAuth.class))
.forEach(handlerMethod -> {
Class<?> clazz = handlerMethod.getBeanType();
Method method = handlerMethod.getMethod();
ignoreAuthUrls.addAll(processIgnoreAuthMethod(clazz, method));
});
log.info("Init Token ignoreAuthUrls Config [ 集合 ] {}", ignoreAuthUrls);
if (!CollectionUtils.isEmpty(ignoreAuthUrls)) {
InMemoryIgnoreAuth.set(ignoreAuthUrls);
}
// 计算方法的耗时
long endTime = System.currentTimeMillis();
long elapsedTime = endTime - startTime;
log.info("Init Token ignoreAuthUrls Config [ 耗时 ] " + elapsedTime + "ms");
}
// 优化:新方法处理单个@IgnoreAuth方法减少重复注解检查
private List<String> processIgnoreAuthMethod(Class<?> clazz, Method method) {
RequestMapping base = clazz.getAnnotation(RequestMapping.class);
String[] baseUrl = Objects.nonNull(base) ? base.value() : new String[]{};
String[] uri = null;
if (method.isAnnotationPresent(RequestMapping.class)) {
uri = method.getAnnotation(RequestMapping.class).value();
} else if (method.isAnnotationPresent(GetMapping.class)) {
uri = method.getAnnotation(GetMapping.class).value();
} else if (method.isAnnotationPresent(PostMapping.class)) {
uri = method.getAnnotation(PostMapping.class).value();
} else if (method.isAnnotationPresent(PutMapping.class)) {
uri = method.getAnnotation(PutMapping.class).value();
} else if (method.isAnnotationPresent(DeleteMapping.class)) {
uri = method.getAnnotation(DeleteMapping.class).value();
} else if (method.isAnnotationPresent(PatchMapping.class)) {
uri = method.getAnnotation(PatchMapping.class).value();
}
return uri != null ? rebuildUrl(baseUrl, uri) : Collections.emptyList();
}
private List<String> rebuildUrl(String[] bases, String[] uris) {
List<String> urls = new ArrayList<>();
if (bases.length > 0) {
for (String base : bases) {
for (String uri : uris) {
// 如果uri包含路径占位符, 则需要将其替换为*
if (uri.matches(".*\\{.*}.*")) {
uri = uri.replaceAll("\\{.*?}", "*");
}
urls.add(prefix(base) + prefix(uri));
}
}
} else {
Arrays.stream(uris).forEach(uri -> {
urls.add(prefix(uri));
});
}
return urls;
}
private String prefix(String seg) {
return seg.startsWith("/") ? seg : "/"+seg;
}
}

11
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/ignore/InMemoryIgnoreAuth.java → jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/satoken/ignore/InMemoryIgnoreAuth.java
View File

@ -1,4 +1,4 @@
package org.jeecg.config.shiro.ignore;
package org.jeecg.config.satoken.ignore;
import org.springframework.util.AntPathMatcher;
import org.springframework.util.PathMatcher;
@ -6,8 +6,8 @@ import java.util.ArrayList;
import java.util.List;
/**
* 使用内存存储通过@IgnoreAuth注解的url配合JwtFilter进行免登录校验
* PS无法使用ThreadLocal进行存储因为ThreadLocal装载时JwtFilter已经初始化完毕导致该类获取ThreadLocal为空
* 使用内存存储通过@IgnoreAuth注解的url配合Sa-Token进行免登录校验
* PS无法使用ThreadLocal进行存储因为ThreadLocal装载时Filter已经初始化完毕导致该类获取ThreadLocal为空
* @author eightmonth
* @date 2024/4/18 15:02
*/
@ -15,6 +15,7 @@ public class InMemoryIgnoreAuth {
private static final List<String> IGNORE_AUTH_LIST = new ArrayList<>();
private static PathMatcher MATCHER = new AntPathMatcher();
public InMemoryIgnoreAuth() {}
public static void set(List<String> list) {
@ -31,11 +32,11 @@ public class InMemoryIgnoreAuth {
public static boolean contains(String url) {
for (String ignoreAuth : IGNORE_AUTH_LIST) {
if(MATCHER.match(ignoreAuth,url)){
if(MATCHER.match(ignoreAuth, url)){
return true;
}
}
return false;
}
}

28
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/JwtToken.java
View File

@ -1,28 +0,0 @@
package org.jeecg.config.shiro;
import org.apache.shiro.authc.AuthenticationToken;
/**
* @Author Scott
* @create 2018-07-12 15:19
* @desc
**/
public class JwtToken implements AuthenticationToken {
private static final long serialVersionUID = 1L;
private String token;
public JwtToken(String token) {
this.token = token;
}
@Override
public Object getPrincipal() {
return token;
}
@Override
public Object getCredentials() {
return token;
}
}

381
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/ShiroConfig.java
View File

@ -1,381 +0,0 @@
package org.jeecg.config.shiro;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.pool2.impl.GenericObjectPoolConfig;
import org.apache.shiro.mgt.DefaultSessionStorageEvaluator;
import org.apache.shiro.mgt.DefaultSubjectDAO;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.crazycake.shiro.*;
import org.jeecg.common.constant.CommonConstant;
import org.jeecg.common.util.oConvertUtils;
import org.jeecg.config.JeecgBaseConfig;
import org.jeecg.config.shiro.filters.CustomShiroFilterFactoryBean;
import org.jeecg.config.shiro.filters.JwtFilter;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.config.BeanDefinition;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.*;
import org.springframework.core.annotation.AnnotationUtils;
import org.springframework.core.env.Environment;
import org.springframework.core.type.filter.AnnotationTypeFilter;
import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
import org.springframework.boot.autoconfigure.data.redis.RedisProperties;
import org.springframework.util.CollectionUtils;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.filter.DelegatingFilterProxy;
import redis.clients.jedis.HostAndPort;
import redis.clients.jedis.JedisCluster;
import javax.annotation.Resource;
import javax.servlet.DispatcherType;
import javax.servlet.Filter;
import java.lang.reflect.Method;
import java.util.*;
/**
* @author: Scott
* @date: 2018/2/7
* @description: shiro 配置类
*/
@Slf4j
@Configuration
public class ShiroConfig {
@Resource
private LettuceConnectionFactory lettuceConnectionFactory;
@Autowired
private Environment env;
@Resource
private JeecgBaseConfig jeecgBaseConfig;
@Autowired(required = false)
private RedisProperties redisProperties;
/**
* Filter Chain定义说明
*
* 1、一个URL可以配置多个Filter使用逗号分隔
* 2、当设置多个过滤器时全部验证通过才视为通过
* 3、部分过滤器可指定参数如permsroles
*/
@Bean("shiroFilterFactoryBean")
public ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager) {
CustomShiroFilterFactoryBean shiroFilterFactoryBean = new CustomShiroFilterFactoryBean();
shiroFilterFactoryBean.setSecurityManager(securityManager);
// 拦截器
Map<String, String> filterChainDefinitionMap = new LinkedHashMap<String, String>();
//支持yml方式配置拦截排除
if(jeecgBaseConfig!=null && jeecgBaseConfig.getShiro()!=null){
String shiroExcludeUrls = jeecgBaseConfig.getShiro().getExcludeUrls();
if(oConvertUtils.isNotEmpty(shiroExcludeUrls)){
String[] permissionUrl = shiroExcludeUrls.split(",");
for(String url : permissionUrl){
filterChainDefinitionMap.put(url,"anon");
}
}
}
// 配置不会被拦截的链接 顺序判断
filterChainDefinitionMap.put("/sys/cas/client/validateLogin", "anon"); //cas验证登录
filterChainDefinitionMap.put("/sys/randomImage/**", "anon"); //登录验证码接口排除
filterChainDefinitionMap.put("/sys/checkCaptcha", "anon"); //登录验证码接口排除
filterChainDefinitionMap.put("/sys/smsCheckCaptcha", "anon"); //短信次数发送太多验证码排除
filterChainDefinitionMap.put("/sys/login", "anon"); //登录接口排除
filterChainDefinitionMap.put("/sys/mLogin", "anon"); //登录接口排除
filterChainDefinitionMap.put("/sys/logout", "anon"); //登出接口排除
filterChainDefinitionMap.put("/sys/thirdLogin/**", "anon"); //第三方登录
filterChainDefinitionMap.put("/sys/getEncryptedString", "anon"); //获取加密串
filterChainDefinitionMap.put("/sys/sms", "anon");//短信验证码
filterChainDefinitionMap.put("/sys/phoneLogin", "anon");//手机登录
filterChainDefinitionMap.put("/sys/user/checkOnlyUser", "anon");//校验用户是否存在
filterChainDefinitionMap.put("/sys/user/register", "anon");//用户注册
filterChainDefinitionMap.put("/sys/user/phoneVerification", "anon");//用户忘记密码验证手机号
filterChainDefinitionMap.put("/sys/user/passwordChange", "anon");//用户更改密码
filterChainDefinitionMap.put("/auth/2step-code", "anon");//登录验证码
filterChainDefinitionMap.put("/sys/common/static/**", "anon");//图片预览 &下载文件不限制token
filterChainDefinitionMap.put("/sys/common/pdf/**", "anon");//pdf预览
//filterChainDefinitionMap.put("/sys/common/view/**", "anon");//图片预览不限制token
//filterChainDefinitionMap.put("/sys/common/download/**", "anon");//文件下载不限制token
filterChainDefinitionMap.put("/generic/**", "anon");//pdf预览需要文件
filterChainDefinitionMap.put("/sys/getLoginQrcode/**", "anon"); //登录二维码
filterChainDefinitionMap.put("/sys/getQrcodeToken/**", "anon"); //监听扫码
filterChainDefinitionMap.put("/sys/checkAuth", "anon"); //授权接口排除
filterChainDefinitionMap.put("/openapi/call/**", "anon"); // 开放平台接口排除
//update-begin--Author:scott Date:20221116 for排除静态资源后缀
filterChainDefinitionMap.put("/", "anon");
filterChainDefinitionMap.put("/doc.html", "anon");
filterChainDefinitionMap.put("/**/*.js", "anon");
filterChainDefinitionMap.put("/**/*.css", "anon");
filterChainDefinitionMap.put("/**/*.html", "anon");
filterChainDefinitionMap.put("/**/*.svg", "anon");
filterChainDefinitionMap.put("/**/*.pdf", "anon");
filterChainDefinitionMap.put("/**/*.jpg", "anon");
filterChainDefinitionMap.put("/**/*.png", "anon");
filterChainDefinitionMap.put("/**/*.gif", "anon");
filterChainDefinitionMap.put("/**/*.ico", "anon");
filterChainDefinitionMap.put("/**/*.ttf", "anon");
filterChainDefinitionMap.put("/**/*.woff", "anon");
filterChainDefinitionMap.put("/**/*.woff2", "anon");
filterChainDefinitionMap.put("/**/*.glb", "anon");
filterChainDefinitionMap.put("/**/*.wasm", "anon");
//update-end--Author:scott Date:20221116 for排除静态资源后缀
filterChainDefinitionMap.put("/druid/**", "anon");
filterChainDefinitionMap.put("/swagger-ui.html", "anon");
filterChainDefinitionMap.put("/swagger**/**", "anon");
filterChainDefinitionMap.put("/webjars/**", "anon");
filterChainDefinitionMap.put("/v3/**", "anon");
// update-begin--Author:sunjianlei Date:20210510 for排除消息通告查看详情页面用于第三方APP
filterChainDefinitionMap.put("/sys/annountCement/show/**", "anon");
// update-end--Author:sunjianlei Date:20210510 for排除消息通告查看详情页面用于第三方APP
//积木报表排除
filterChainDefinitionMap.put("/jmreport/**", "anon");
filterChainDefinitionMap.put("/**/*.js.map", "anon");
filterChainDefinitionMap.put("/**/*.css.map", "anon");
//积木BI大屏和仪表盘排除
filterChainDefinitionMap.put("/drag/view", "anon");
filterChainDefinitionMap.put("/drag/page/queryById", "anon");
filterChainDefinitionMap.put("/drag/page/addVisitsNumber", "anon");
filterChainDefinitionMap.put("/drag/page/queryTemplateList", "anon");
filterChainDefinitionMap.put("/drag/share/view/**", "anon");
filterChainDefinitionMap.put("/drag/onlDragDatasetHead/getAllChartData", "anon");
filterChainDefinitionMap.put("/drag/onlDragDatasetHead/getTotalData", "anon");
filterChainDefinitionMap.put("/drag/onlDragDatasetHead/getMapDataByCode", "anon");
filterChainDefinitionMap.put("/drag/onlDragDatasetHead/getTotalDataByCompId", "anon");
filterChainDefinitionMap.put("/drag/mock/json/**", "anon");
filterChainDefinitionMap.put("/drag/onlDragDatasetHead/getDictByCodes", "anon");
filterChainDefinitionMap.put("/drag/onlDragDatasetHead/queryAllById", "anon");
filterChainDefinitionMap.put("/jimubi/view", "anon");
filterChainDefinitionMap.put("/jimubi/share/view/**", "anon");
//大屏模板例子
filterChainDefinitionMap.put("/test/bigScreen/**", "anon");
filterChainDefinitionMap.put("/bigscreen/template1/**", "anon");
filterChainDefinitionMap.put("/bigscreen/template2/**", "anon");
//filterChainDefinitionMap.put("/test/jeecgDemo/rabbitMqClientTest/**", "anon"); //MQ测试
//filterChainDefinitionMap.put("/test/jeecgDemo/html", "anon"); //模板页面
//filterChainDefinitionMap.put("/test/jeecgDemo/redis/**", "anon"); //redis测试
//websocket排除
filterChainDefinitionMap.put("/websocket/**", "anon");//系统通知和公告
filterChainDefinitionMap.put("/newsWebsocket/**", "anon");//CMS模块
filterChainDefinitionMap.put("/vxeSocket/**", "anon");//JVxeTable无痕刷新示例
//App vue3版本查询版本接口
filterChainDefinitionMap.put("/sys/version/app3version", "anon");
//仪表盘(按钮通信)
filterChainDefinitionMap.put("/dragChannelSocket/**","anon");
//App vue3版本查询版本接口
filterChainDefinitionMap.put("/sys/version/app3version", "anon");
//性能监控——安全隐患泄露TOEKNdurid连接池也有
//filterChainDefinitionMap.put("/actuator/**", "anon");
//测试模块排除
filterChainDefinitionMap.put("/test/seata/**", "anon");
//错误路径排除
filterChainDefinitionMap.put("/error", "anon");
// 企业微信证书排除
filterChainDefinitionMap.put("/WW_verify*", "anon");
// 添加自己的过滤器并且取名为jwt
Map<String, Filter> filterMap = new HashMap<String, Filter>(1);
//如果cloudServer为空 则说明是单体 需要加载跨域配置【微服务跨域切换】
Object cloudServer = env.getProperty(CommonConstant.CLOUD_SERVER_KEY);
filterMap.put("jwt", new JwtFilter(cloudServer==null));
shiroFilterFactoryBean.setFilters(filterMap);
// <!-- 过滤链定义,从上向下顺序执行,一般将/**放在最为下边
filterChainDefinitionMap.put("/**", "jwt");
// 未授权界面返回JSON
shiroFilterFactoryBean.setUnauthorizedUrl("/sys/common/403");
shiroFilterFactoryBean.setLoginUrl("/sys/common/403");
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
return shiroFilterFactoryBean;
}
//update-begin---author:chenrui ---date:20240126 for【QQYUN-7932】AI助手------------
/**
* spring过滤装饰器 <br/>
* 因为shiro的filter不支持异步请求,导致所有的异步请求都会报错. <br/>
* 所以需要用spring的FilterRegistrationBean再代理一下shiro的filter.为他扩展异步支持. <br/>
* 后续所有异步的接口都需要再这里增加registration.addUrlPatterns("/xxx/xxx");
* @return
* @author chenrui
* @date 2024/12/3 19:49
*/
@Bean
public FilterRegistrationBean shiroFilterRegistration() {
FilterRegistrationBean registration = new FilterRegistrationBean();
registration.setFilter(new DelegatingFilterProxy("shiroFilterFactoryBean"));
registration.setEnabled(true);
//update-begin---author:chenrui ---date:20241202 for[issues/7491]运行时间好长,效率慢 ------------
registration.addUrlPatterns("/test/ai/chat/send");
//update-end---author:chenrui ---date:20241202 for[issues/7491]运行时间好长,效率慢 ------------
registration.addUrlPatterns("/airag/flow/run");
registration.addUrlPatterns("/airag/flow/debug");
registration.addUrlPatterns("/airag/chat/send");
registration.addUrlPatterns("/airag/app/debug");
registration.addUrlPatterns("/airag/app/prompt/generate");
registration.addUrlPatterns("/airag/chat/receive/**");
//支持异步
registration.setAsyncSupported(true);
registration.setDispatcherTypes(DispatcherType.REQUEST, DispatcherType.ASYNC);
return registration;
}
//update-end---author:chenrui ---date:20240126 for【QQYUN-7932】AI助手------------
@Bean("securityManager")
public DefaultWebSecurityManager securityManager(ShiroRealm myRealm) {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setRealm(myRealm);
/*
* 关闭shiro自带的session详情见文档
* http://shiro.apache.org/session-management.html#SessionManagement-
* StatelessApplications%28Sessionless%29
*/
DefaultSubjectDAO subjectDAO = new DefaultSubjectDAO();
DefaultSessionStorageEvaluator defaultSessionStorageEvaluator = new DefaultSessionStorageEvaluator();
defaultSessionStorageEvaluator.setSessionStorageEnabled(false);
subjectDAO.setSessionStorageEvaluator(defaultSessionStorageEvaluator);
securityManager.setSubjectDAO(subjectDAO);
//自定义缓存实现,使用redis
securityManager.setCacheManager(redisCacheManager());
return securityManager;
}
/**
* 下面的代码是添加注解支持
* @return
*/
@Bean
@DependsOn("lifecycleBeanPostProcessor")
public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();
defaultAdvisorAutoProxyCreator.setProxyTargetClass(true);
/**
* 解决重复代理问题 github#994
* 添加前缀判断 不匹配 任何Advisor
*/
defaultAdvisorAutoProxyCreator.setUsePrefix(true);
defaultAdvisorAutoProxyCreator.setAdvisorBeanNamePrefix("_no_advisor");
return defaultAdvisorAutoProxyCreator;
}
@Bean
public static LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
return new LifecycleBeanPostProcessor();
}
@Bean
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(DefaultWebSecurityManager securityManager) {
AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor();
advisor.setSecurityManager(securityManager);
return advisor;
}
/**
* cacheManager 缓存 redis实现
* 使用的是shiro-redis开源插件
*
* @return
*/
public RedisCacheManager redisCacheManager() {
log.info("===============(1)创建缓存管理器RedisCacheManager");
RedisCacheManager redisCacheManager = new RedisCacheManager();
redisCacheManager.setRedisManager(redisManager());
//redis中针对不同用户缓存(此处的id需要对应user实体中的id字段,用于唯一标识)
redisCacheManager.setPrincipalIdFieldName("id");
//用户权限信息缓存时间
redisCacheManager.setExpire(200000);
return redisCacheManager;
}
/**
* RedisConfig在项目starter项目中
* jeecg-boot-starter-github\jeecg-boot-common\src\main\java\org\jeecg\common\modules\redis\config\RedisConfig.java
*
* 配置shiro redisManager
* 使用的是shiro-redis开源插件
*
* @return
*/
@Bean
public IRedisManager redisManager() {
log.info("===============(2)创建RedisManager,连接Redis..");
IRedisManager manager;
// sentinel cluster redis【issues/5569】shiro集成 redis 不支持 sentinel 方式部署的redis集群 #5569
if (Objects.nonNull(redisProperties)
&& Objects.nonNull(redisProperties.getSentinel())
&& !CollectionUtils.isEmpty(redisProperties.getSentinel().getNodes())) {
RedisSentinelManager sentinelManager = new RedisSentinelManager();
sentinelManager.setMasterName(redisProperties.getSentinel().getMaster());
sentinelManager.setHost(String.join(",", redisProperties.getSentinel().getNodes()));
sentinelManager.setPassword(redisProperties.getPassword());
sentinelManager.setDatabase(redisProperties.getDatabase());
return sentinelManager;
}
// redis 单机支持,在集群为空,或者集群无机器时候使用 add by jzyadmin@163.com
if (lettuceConnectionFactory.getClusterConfiguration() == null || lettuceConnectionFactory.getClusterConfiguration().getClusterNodes().isEmpty()) {
RedisManager redisManager = new RedisManager();
redisManager.setHost(lettuceConnectionFactory.getHostName() + ":" + lettuceConnectionFactory.getPort());
//(lettuceConnectionFactory.getPort());
redisManager.setDatabase(lettuceConnectionFactory.getDatabase());
redisManager.setTimeout(0);
if (!StringUtils.isEmpty(lettuceConnectionFactory.getPassword())) {
redisManager.setPassword(lettuceConnectionFactory.getPassword());
}
manager = redisManager;
}else{
// redis集群支持优先使用集群配置
RedisClusterManager redisManager = new RedisClusterManager();
Set<HostAndPort> portSet = new HashSet<>();
lettuceConnectionFactory.getClusterConfiguration().getClusterNodes().forEach(node -> portSet.add(new HostAndPort(node.getHost() , node.getPort())));
//update-begin--Author:scott Date:20210531 for修改集群模式下未设置redis密码的bug issues/I3QNIC
if (oConvertUtils.isNotEmpty(lettuceConnectionFactory.getPassword())) {
JedisCluster jedisCluster = new JedisCluster(portSet, 2000, 2000, 5,
lettuceConnectionFactory.getPassword(), new GenericObjectPoolConfig());
redisManager.setPassword(lettuceConnectionFactory.getPassword());
redisManager.setJedisCluster(jedisCluster);
} else {
JedisCluster jedisCluster = new JedisCluster(portSet);
redisManager.setJedisCluster(jedisCluster);
}
//update-end--Author:scott Date:20210531 for修改集群模式下未设置redis密码的bug issues/I3QNIC
manager = redisManager;
}
return manager;
}
private List<String> rebuildUrl(String[] bases, String[] uris) {
List<String> urls = new ArrayList<>();
for (String base : bases) {
for (String uri : uris) {
urls.add(prefix(base)+prefix(uri));
}
}
return urls;
}
private String prefix(String seg) {
return seg.startsWith("/") ? seg : "/"+seg;
}
}

234
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/ShiroRealm.java
View File

@ -1,234 +0,0 @@
package org.jeecg.config.shiro;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.jeecg.common.api.CommonAPI;
import org.jeecg.common.config.TenantContext;
import org.jeecg.common.constant.CacheConstant;
import org.jeecg.common.constant.CommonConstant;
import org.jeecg.common.system.util.JwtUtil;
import org.jeecg.common.system.vo.LoginUser;
import org.jeecg.common.util.RedisUtil;
import org.jeecg.common.util.SpringContextUtils;
import org.jeecg.common.util.TokenUtils;
import org.jeecg.common.util.oConvertUtils;
import org.jeecg.config.mybatis.MybatisPlusSaasConfig;
import org.springframework.context.annotation.Lazy;
import org.springframework.stereotype.Component;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import java.util.Set;
/**
* @Description: 用户登录鉴权和获取用户授权
* @Author: Scott
* @Date: 2019-4-23 8:13
* @Version: 1.1
*/
@Component
@Slf4j
public class ShiroRealm extends AuthorizingRealm {
@Lazy
@Resource
private CommonAPI commonApi;
@Lazy
@Resource
private RedisUtil redisUtil;
/**
* 必须重写此方法不然Shiro会报错
*/
@Override
public boolean supports(AuthenticationToken token) {
return token instanceof JwtToken;
}
/**
* 权限信息认证(包括角色以及权限)是用户访问controller的时候才进行验证(redis存储的此处权限信息)
* 触发检测用户权限时才会调用此方法例如checkRole,checkPermission
*
* @param principals 身份信息
* @return AuthorizationInfo 权限信息
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
log.debug("===============Shiro权限认证开始============ [ roles、permissions]==========");
String username = null;
String userId = null;
if (principals != null) {
LoginUser sysUser = (LoginUser) principals.getPrimaryPrincipal();
username = sysUser.getUsername();
userId = sysUser.getId();
}
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
// 设置用户拥有的角色集合比如“admin,test”
Set<String> roleSet = commonApi.queryUserRolesById(userId);
//System.out.println(roleSet.toString());
info.setRoles(roleSet);
// 设置用户拥有的权限集合比如“sys:role:add,sys:user:add”
Set<String> permissionSet = commonApi.queryUserAuths(userId);
info.addStringPermissions(permissionSet);
//System.out.println(permissionSet);
log.info("===============Shiro权限认证成功==============");
return info;
}
/**
* 用户信息认证是在用户进行登录的时候进行验证(不存redis)
* 也就是说验证用户输入的账号和密码是否正确,错误抛出异常
*
* @param auth 用户登录的账号密码信息
* @return 返回封装了用户信息的 AuthenticationInfo 实例
* @throws AuthenticationException
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken auth) throws AuthenticationException {
log.debug("===============Shiro身份认证开始============doGetAuthenticationInfo==========");
String token = (String) auth.getCredentials();
if (token == null) {
HttpServletRequest req = SpringContextUtils.getHttpServletRequest();
log.info("————————身份认证失败——————————IP地址: "+ oConvertUtils.getIpAddrByRequest(req) +"URL:"+req.getRequestURI());
throw new AuthenticationException("token为空!");
}
// 校验token有效性
LoginUser loginUser = null;
try {
loginUser = this.checkUserTokenIsEffect(token);
} catch (AuthenticationException e) {
log.error("—————校验 check token 失败——————————"+ e.getMessage(), e);
JwtUtil.responseError(SpringContextUtils.getHttpServletResponse(),401,e.getMessage());
return null;
}
return new SimpleAuthenticationInfo(loginUser, token, getName());
}
/**
* 校验token的有效性
*
* @param token
*/
public LoginUser checkUserTokenIsEffect(String token) throws AuthenticationException {
// 解密获得username用于和数据库进行对比
String username = JwtUtil.getUsername(token);
if (username == null) {
throw new AuthenticationException("Token非法无效!");
}
// 查询用户信息
log.debug("———校验token是否有效————checkUserTokenIsEffect——————— "+ token);
LoginUser loginUser = TokenUtils.getLoginUser(username, commonApi, redisUtil);
//LoginUser loginUser = commonApi.getUserByName(username);
if (loginUser == null) {
throw new AuthenticationException("用户不存在!");
}
// 判断用户状态
if (loginUser.getStatus() != 1) {
throw new AuthenticationException("账号已被锁定,请联系管理员!");
}
// 校验token是否超时失效 & 或者账号密码是否错误
if (!jwtTokenRefresh(token, username, loginUser.getPassword())) {
throw new AuthenticationException(CommonConstant.TOKEN_IS_INVALID_MSG);
}
//update-begin-author:taoyan date:20210609 for:校验用户的tenant_id和前端传过来的是否一致
String userTenantIds = loginUser.getRelTenantIds();
if(MybatisPlusSaasConfig.OPEN_SYSTEM_TENANT_CONTROL && oConvertUtils.isNotEmpty(userTenantIds)){
String contextTenantId = TenantContext.getTenant();
log.debug("登录租户:" + contextTenantId);
log.debug("用户拥有那些租户:" + userTenantIds);
//登录用户无租户前端header中租户ID值为 0
String str ="0";
if(oConvertUtils.isNotEmpty(contextTenantId) && !str.equals(contextTenantId)){
//update-begin-author:taoyan date:20211227 for: /issues/I4O14W 用户租户信息变更判断漏洞
String[] arr = userTenantIds.split(",");
if(!oConvertUtils.isIn(contextTenantId, arr)){
boolean isAuthorization = false;
//========================================================================
// 查询用户信息(如果租户不匹配从数据库中重新查询一次用户信息)
String loginUserKey = CacheConstant.SYS_USERS_CACHE + "::" + username;
redisUtil.del(loginUserKey);
LoginUser loginUserFromDb = commonApi.getUserByName(username);
if (oConvertUtils.isNotEmpty(loginUserFromDb.getRelTenantIds())) {
String[] newArray = loginUserFromDb.getRelTenantIds().split(",");
if (oConvertUtils.isIn(contextTenantId, newArray)) {
isAuthorization = true;
}
}
//========================================================================
//*********************************************
if(!isAuthorization){
log.info("租户异常——登录租户:" + contextTenantId);
log.info("租户异常——用户拥有租户组:" + userTenantIds);
throw new AuthenticationException("登录租户授权变更,请重新登陆!");
}
//*********************************************
}
//update-end-author:taoyan date:20211227 for: /issues/I4O14W 用户租户信息变更判断漏洞
}
}
//update-end-author:taoyan date:20210609 for:校验用户的tenant_id和前端传过来的是否一致
return loginUser;
}
/**
* JWTToken刷新生命周期 (实现: 用户在线操作不掉线功能)
* 1、登录成功后将用户的JWT生成的Token作为k、v存储到cache缓存里面(这时候k、v值一样)缓存有效期设置为Jwt有效时间的2倍
* 2、当该用户再次请求时通过JWTFilter层层校验之后会进入到doGetAuthenticationInfo进行身份验证
* 3、当该用户这次请求jwt生成的token值已经超时但该token对应cache中的k还是存在则表示该用户一直在操作只是JWT的token失效了程序会给token对应的k映射的v值重新生成JWTToken并覆盖v值该缓存生命周期重新计算
* 4、当该用户这次请求jwt在生成的token值已经超时并在cache中不存在对应的k则表示该用户账户空闲超时返回用户信息已失效请重新登录。
* 注意: 前端请求Header中设置Authorization保持不变校验有效性以缓存中的token为准。
* 用户过期时间 = Jwt有效时间 * 2。
*
* @param userName
* @param passWord
* @return
*/
public boolean jwtTokenRefresh(String token, String userName, String passWord) {
String cacheToken = String.valueOf(redisUtil.get(CommonConstant.PREFIX_USER_TOKEN + token));
if (oConvertUtils.isNotEmpty(cacheToken)) {
// 校验token有效性
if (!JwtUtil.verify(cacheToken, userName, passWord)) {
String newAuthorization = JwtUtil.sign(userName, passWord);
// 设置超时时间
redisUtil.set(CommonConstant.PREFIX_USER_TOKEN + token, newAuthorization);
redisUtil.expire(CommonConstant.PREFIX_USER_TOKEN + token, JwtUtil.EXPIRE_TIME *2 / 1000);
log.debug("——————————用户在线操作更新token保证不掉线—————————jwtTokenRefresh——————— "+ token);
}
//update-begin--Author:scott Date:20191005 for解决每次请求都重写redis中 token缓存问题
// else {
// // 设置超时时间
// redisUtil.set(CommonConstant.PREFIX_USER_TOKEN + token, cacheToken);
// redisUtil.expire(CommonConstant.PREFIX_USER_TOKEN + token, JwtUtil.EXPIRE_TIME / 1000);
// }
//update-end--Author:scott Date:20191005 for解决每次请求都重写redis中 token缓存问题
return true;
}
//redis中不存在此TOEKN说明token非法返回false
return false;
}
/**
* 清除当前用户的权限认证缓存
*
* @param principals 权限信息
*/
@Override
public void clearCache(PrincipalCollection principals) {
super.clearCache(principals);
//update-begin---author:scott ---date::2024-06-18 for【TV360X-1320】分配权限必须退出重新登录才生效造成很多用户困扰---
super.clearCachedAuthorizationInfo(principals);
//update-end---author:scott ---date::2024-06-18 for【TV360X-1320】分配权限必须退出重新登录才生效造成很多用户困扰---
}
}

77
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/filters/CustomShiroFilterFactoryBean.java
View File

@ -1,77 +0,0 @@
package org.jeecg.config.shiro.filters;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.filter.InvalidRequestFilter;
import org.apache.shiro.web.filter.mgt.DefaultFilter;
import org.apache.shiro.web.filter.mgt.FilterChainManager;
import org.apache.shiro.web.filter.mgt.FilterChainResolver;
import org.apache.shiro.web.filter.mgt.PathMatchingFilterChainResolver;
import org.apache.shiro.web.mgt.WebSecurityManager;
import org.apache.shiro.web.servlet.AbstractShiroFilter;
import org.apache.shiro.mgt.SecurityManager;
import org.springframework.beans.factory.BeanInitializationException;
import javax.servlet.Filter;
import java.util.Map;
/**
* 自定义ShiroFilterFactoryBean解决资源中文路径问题
* @author: jeecg-boot
*/
@Slf4j
public class CustomShiroFilterFactoryBean extends ShiroFilterFactoryBean {
@Override
public Class getObjectType() {
return MySpringShiroFilter.class;
}
@Override
protected AbstractShiroFilter createInstance() throws Exception {
SecurityManager securityManager = getSecurityManager();
if (securityManager == null) {
String msg = "SecurityManager property must be set.";
throw new BeanInitializationException(msg);
}
if (!(securityManager instanceof WebSecurityManager)) {
String msg = "The security manager does not implement the WebSecurityManager interface.";
throw new BeanInitializationException(msg);
}
FilterChainManager manager = createFilterChainManager();
//Expose the constructed FilterChainManager by first wrapping it in a
// FilterChainResolver implementation. The AbstractShiroFilter implementations
// do not know about FilterChainManagers - only resolvers:
PathMatchingFilterChainResolver chainResolver = new PathMatchingFilterChainResolver();
chainResolver.setFilterChainManager(manager);
Map<String, Filter> filterMap = manager.getFilters();
Filter invalidRequestFilter = filterMap.get(DefaultFilter.invalidRequest.name());
if (invalidRequestFilter instanceof InvalidRequestFilter) {
//此处是关键,设置false跳过URL携带中文400servletPath中文校验bug
((InvalidRequestFilter) invalidRequestFilter).setBlockNonAscii(false);
}
//Now create a concrete ShiroFilter instance and apply the acquired SecurityManager and built
//FilterChainResolver. It doesn't matter that the instance is an anonymous inner class
//here - we're just using it because it is a concrete AbstractShiroFilter instance that accepts
//injection of the SecurityManager and FilterChainResolver:
return new MySpringShiroFilter((WebSecurityManager) securityManager, chainResolver);
}
private static final class MySpringShiroFilter extends AbstractShiroFilter {
protected MySpringShiroFilter(WebSecurityManager webSecurityManager, FilterChainResolver resolver) {
if (webSecurityManager == null) {
throw new IllegalArgumentException("WebSecurityManager property cannot be null.");
} else {
this.setSecurityManager(webSecurityManager);
if (resolver != null) {
this.setFilterChainResolver(resolver);
}
}
}
}
}

130
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/filters/JwtFilter.java
View File

@ -1,130 +0,0 @@
package org.jeecg.config.shiro.filters;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang.StringUtils;
import org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter;
import org.jeecg.common.config.TenantContext;
import org.jeecg.common.constant.CommonConstant;
import org.jeecg.common.system.util.JwtUtil;
import org.jeecg.common.util.oConvertUtils;
import org.jeecg.config.shiro.JwtToken;
import org.jeecg.config.shiro.ignore.InMemoryIgnoreAuth;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.web.bind.annotation.RequestMethod;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* @Description: 鉴权登录拦截器
* @Author: Scott
* @Date: 2018/10/7
**/
@Slf4j
public class JwtFilter extends BasicHttpAuthenticationFilter {
/**
* 默认开启跨域设置(使用单体)
* 微服务情况下此属性设置为false
*/
private boolean allowOrigin = true;
public JwtFilter(){}
public JwtFilter(boolean allowOrigin){
this.allowOrigin = allowOrigin;
}
/**
* 执行登录认证
*
* @param request
* @param response
* @param mappedValue
* @return
*/
@Override
protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {
try {
// 判断当前路径是不是注解了@IngoreAuth路径如果是则放开验证
if (InMemoryIgnoreAuth.contains(((HttpServletRequest) request).getServletPath())) {
return true;
}
executeLogin(request, response);
return true;
} catch (Exception e) {
JwtUtil.responseError((HttpServletResponse)response,401,CommonConstant.TOKEN_IS_INVALID_MSG);
return false;
//throw new AuthenticationException("Token失效请重新登录", e);
}
}
/**
*
*/
@Override
protected boolean executeLogin(ServletRequest request, ServletResponse response) throws Exception {
HttpServletRequest httpServletRequest = (HttpServletRequest) request;
String token = httpServletRequest.getHeader(CommonConstant.X_ACCESS_TOKEN);
// update-begin--Author:lvdandan Date:20210105 forJT-355 OA聊天添加token验证获取token参数
if (oConvertUtils.isEmpty(token)) {
token = httpServletRequest.getParameter("token");
}
// update-end--Author:lvdandan Date:20210105 forJT-355 OA聊天添加token验证获取token参数
JwtToken jwtToken = new JwtToken(token);
// 提交给realm进行登入如果错误他会抛出异常并被捕获
getSubject(request, response).login(jwtToken);
// 如果没有抛出异常则代表登入成功返回true
return true;
}
/**
* 对跨域提供支持
*/
@Override
protected boolean preHandle(ServletRequest request, ServletResponse response) throws Exception {
HttpServletRequest httpServletRequest = (HttpServletRequest) request;
HttpServletResponse httpServletResponse = (HttpServletResponse) response;
if(allowOrigin){
httpServletResponse.setHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, httpServletRequest.getHeader(HttpHeaders.ORIGIN));
// 允许客户端请求方法
httpServletResponse.setHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, "GET,POST,OPTIONS,PUT,DELETE");
// 允许客户端提交的Header
String requestHeaders = httpServletRequest.getHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_HEADERS);
if (StringUtils.isNotEmpty(requestHeaders)) {
httpServletResponse.setHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, requestHeaders);
}
// 允许客户端携带凭证信息(是否允许发送Cookie)
httpServletResponse.setHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
}
// 跨域时会首先发送一个option请求这里我们给option请求直接返回正常状态
if (RequestMethod.OPTIONS.name().equalsIgnoreCase(httpServletRequest.getMethod())) {
httpServletResponse.setStatus(HttpStatus.OK.value());
return false;
}
//update-begin-author:taoyan date:20200708 for:多租户用到
String tenantId = httpServletRequest.getHeader(CommonConstant.TENANT_ID);
TenantContext.setTenant(tenantId);
//update-end-author:taoyan date:20200708 for:多租户用到
return super.preHandle(request, response);
}
/**
* JwtFilter中ThreadLocal需要及时清除 #3634
*
* @param request
* @param response
* @param exception
* @throws Exception
*/
@Override
public void afterCompletion(ServletRequest request, ServletResponse response, Exception exception) throws Exception {
//log.info("------清空线程中多租户的ID={}------",TenantContext.getTenant());
TenantContext.clear();
}
}

67
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/filters/ResourceCheckFilter.java
View File

@ -1,67 +0,0 @@
package org.jeecg.config.shiro.filters;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.AccessControlFilter;
import lombok.extern.slf4j.Slf4j;
/**
* @Author Scott
* @create 2019-02-01 15:56
* @desc 鉴权请求URL访问权限拦截器
*/
@Slf4j
public class ResourceCheckFilter extends AccessControlFilter {
private String errorUrl;
public String getErrorUrl() {
return errorUrl;
}
public void setErrorUrl(String errorUrl) {
this.errorUrl = errorUrl;
}
/**
* 表示是否允许访问 如果允许访问返回true否则false
*
* @param servletRequest
* @param servletResponse
* @param o 表示写在拦截器中括号里面的字符串 mappedValue 就是 [urls] 配置中拦截器参数部分
* @return
* @throws Exception
*/
@Override
protected boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse, Object o) throws Exception {
Subject subject = getSubject(servletRequest, servletResponse);
String url = getPathWithinApplication(servletRequest);
log.info("当前用户正在访问的 url => " + url);
return subject.isPermitted(url);
}
/**
* onAccessDenied表示当访问拒绝时是否已经处理了 如果返回 true 表示需要继续处理; 如果返回 false
* 表示该拦截器实例已经处理了,将直接返回即可。
*
* @param servletRequest
* @param servletResponse
* @return
* @throws Exception
*/
@Override
protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
log.info("当 isAccessAllowed 返回 false 的时候,才会执行 method onAccessDenied ");
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
response.sendRedirect(request.getContextPath() + this.errorUrl);
// 返回 false 表示已经处理,例如页面跳转啥的,表示不在走以下的拦截器了(如果还有配置的话)
return false;
}
}

112
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/ignore/IgnoreAuthPostProcessor.java
View File

@ -1,112 +0,0 @@
package org.jeecg.config.shiro.ignore;
import lombok.AllArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.jeecg.config.shiro.IgnoreAuth;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.stereotype.Component;
import org.springframework.util.CollectionUtils;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping;
import java.lang.reflect.Method;
import java.util.*;
import java.util.stream.Collectors;
/**
* 在spring boot初始化时根据@RestController注解获取当前spring容器中的bean
* @author eightmonth
* @date 2024/4/18 11:35
*/
@Slf4j
@Component
@AllArgsConstructor
public class IgnoreAuthPostProcessor implements InitializingBean {
private RequestMappingHandlerMapping requestMappingHandlerMapping;
@Override
public void afterPropertiesSet() throws Exception {
long startTime = System.currentTimeMillis();
List<String> ignoreAuthUrls = new ArrayList<>();
Set<Class<?>> restControllers = requestMappingHandlerMapping.getHandlerMethods().values().stream().map(HandlerMethod::getBeanType).collect(Collectors.toSet());
for (Class<?> restController : restControllers) {
ignoreAuthUrls.addAll(postProcessRestController(restController));
}
log.info("Init Token ignoreAuthUrls Config [ 集合 ] {}", ignoreAuthUrls);
if (!CollectionUtils.isEmpty(ignoreAuthUrls)) {
InMemoryIgnoreAuth.set(ignoreAuthUrls);
}
// 计算方法的耗时
long endTime = System.currentTimeMillis();
long elapsedTime = endTime - startTime;
log.info("Init Token ignoreAuthUrls Config [ 耗时 ] " + elapsedTime + "毫秒");
}
private List<String> postProcessRestController(Class<?> clazz) {
List<String> ignoreAuthUrls = new ArrayList<>();
RequestMapping base = clazz.getAnnotation(RequestMapping.class);
String[] baseUrl = Objects.nonNull(base) ? base.value() : new String[]{};
Method[] methods = clazz.getDeclaredMethods();
for (Method method : methods) {
if (method.isAnnotationPresent(IgnoreAuth.class) && method.isAnnotationPresent(RequestMapping.class)) {
RequestMapping requestMapping = method.getAnnotation(RequestMapping.class);
String[] uri = requestMapping.value();
ignoreAuthUrls.addAll(rebuildUrl(baseUrl, uri));
} else if (method.isAnnotationPresent(IgnoreAuth.class) && method.isAnnotationPresent(GetMapping.class)) {
GetMapping requestMapping = method.getAnnotation(GetMapping.class);
String[] uri = requestMapping.value();
ignoreAuthUrls.addAll(rebuildUrl(baseUrl, uri));
} else if (method.isAnnotationPresent(IgnoreAuth.class) && method.isAnnotationPresent(PostMapping.class)) {
PostMapping requestMapping = method.getAnnotation(PostMapping.class);
String[] uri = requestMapping.value();
ignoreAuthUrls.addAll(rebuildUrl(baseUrl, uri));
} else if (method.isAnnotationPresent(IgnoreAuth.class) && method.isAnnotationPresent(PutMapping.class)) {
PutMapping requestMapping = method.getAnnotation(PutMapping.class);
String[] uri = requestMapping.value();
ignoreAuthUrls.addAll(rebuildUrl(baseUrl, uri));
} else if (method.isAnnotationPresent(IgnoreAuth.class) && method.isAnnotationPresent(DeleteMapping.class)) {
DeleteMapping requestMapping = method.getAnnotation(DeleteMapping.class);
String[] uri = requestMapping.value();
ignoreAuthUrls.addAll(rebuildUrl(baseUrl, uri));
} else if (method.isAnnotationPresent(IgnoreAuth.class) && method.isAnnotationPresent(PatchMapping.class)) {
PatchMapping requestMapping = method.getAnnotation(PatchMapping.class);
String[] uri = requestMapping.value();
ignoreAuthUrls.addAll(rebuildUrl(baseUrl, uri));
}
}
return ignoreAuthUrls;
}
private List<String> rebuildUrl(String[] bases, String[] uris) {
List<String> urls = new ArrayList<>();
if (bases.length > 0) {
for (String base : bases) {
for (String uri : uris) {
// 如果uri包含路径占位符, 则需要将其替换为*
if (uri.matches(".*\\{.*}.*")) {
uri = uri.replaceAll("\\{.*?}", "*");
}
urls.add(prefix(base) + prefix(uri));
}
}
} else {
Arrays.stream(uris).forEach(uri -> {
urls.add(prefix(uri));
});
}
return urls;
}
private String prefix(String seg) {
return seg.startsWith("/") ? seg : "/"+seg;
}
}

2
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/sign/interceptor/SignAuthConfiguration.java
View File

@ -10,7 +10,7 @@ import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import javax.annotation.Resource;
import jakarta.annotation.Resource;
/**
* 签名 拦截器配置

4
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/sign/interceptor/SignAuthInterceptor.java
View File

@ -4,8 +4,8 @@ package org.jeecg.config.sign.interceptor;
import java.io.PrintWriter;
import java.util.SortedMap;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.jeecg.common.api.vo.Result;
import org.jeecg.common.constant.CommonConstant;

10
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/sign/util/BodyReaderHttpServletRequestWrapper.java
View File

@ -1,10 +1,10 @@
package org.jeecg.config.sign.util;
import javax.servlet.ReadListener;
import javax.servlet.ServletInputStream;
import javax.servlet.ServletRequest;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import jakarta.servlet.ReadListener;
import jakarta.servlet.ServletInputStream;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletRequestWrapper;
import java.io.*;
import java.nio.charset.Charset;

2
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/sign/util/HttpUtils.java
View File

@ -10,7 +10,7 @@ import java.util.Map;
import java.util.SortedMap;
import java.util.TreeMap;
import javax.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletRequest;
import lombok.extern.slf4j.Slf4j;
import org.jeecg.common.constant.SymbolConstant;

8
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/modules/base/service/impl/BaseCommonServiceImpl.java
View File

@ -2,7 +2,7 @@ package org.jeecg.modules.base.service.impl;
import com.baomidou.mybatisplus.core.toolkit.IdWorker;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.SecurityUtils;
import org.jeecg.common.util.LoginUserUtils;
import org.jeecg.common.api.dto.LogDTO;
import org.jeecg.common.constant.enums.ClientTerminalTypeEnum;
import org.jeecg.common.util.BrowserUtils;
@ -14,8 +14,8 @@ import org.jeecg.common.util.SpringContextUtils;
import org.jeecg.common.util.oConvertUtils;
import org.springframework.stereotype.Service;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import jakarta.annotation.Resource;
import jakarta.servlet.http.HttpServletRequest;
import java.util.*;
/**
@ -74,7 +74,7 @@ public class BaseCommonServiceImpl implements BaseCommonService {
//获取登录用户信息
if(user==null){
try {
user = (LoginUser) SecurityUtils.getSubject().getPrincipal();
user = LoginUserUtils.getSessionUser();
} catch (Exception e) {
//e.printStackTrace();
}

0
jeecg-boot/jeecg-boot-base-core/src/main/resources/static/favicon.ico Normal file
View File

53
jeecg-boot/jeecg-boot-module/jeecg-boot-module-airag/pom.xml
View File

@ -4,7 +4,7 @@
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.jeecgframework.boot</groupId>
<groupId>org.jeecgframework.boot3</groupId>
<artifactId>jeecg-boot-module</artifactId>
<version>3.8.3</version>
</parent>
@ -31,31 +31,49 @@
</repositories>
<properties>
<langchain4j.version>0.35.0</langchain4j.version>
<apache-tika.version>2.9.1</apache-tika.version>
</properties>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>dev.langchain4j</groupId>
<artifactId>langchain4j-bom</artifactId>
<version>1.3.0</version>
<type>pom</type>
<scope>import</scope>
</dependency>
<dependency>
<groupId>dev.langchain4j</groupId>
<artifactId>langchain4j-community-bom</artifactId>
<version>1.3.0-beta9</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<dependencies>
<!-- system单体 api-->
<dependency>
<groupId>org.jeecgframework.boot</groupId>
<groupId>org.jeecgframework.boot3</groupId>
<artifactId>jeecg-system-local-api</artifactId>
</dependency>
<!-- 微服务starter和system微服务 api
<dependency>
<groupId>org.jeecgframework.boot</groupId>
<groupId>org.jeecgframework.boot3</groupId>
<artifactId>jeecg-boot-starter-cloud</artifactId>
</dependency>
<dependency>
<groupId>org.jeecgframework.boot</groupId>
<groupId>org.jeecgframework.boot3</groupId>
<artifactId>jeecg-system-cloud-api</artifactId>
</dependency>-->
<!-- aiflow依赖 -->
<dependency>
<groupId>org.jeecgframework.boot</groupId>
<groupId>org.jeecgframework.boot3</groupId>
<artifactId>jeecg-aiflow</artifactId>
<version>1.2.0</version>
<version>3.8.3.1</version>
</dependency>
<!-- beigin 这两个依赖太多每个包50M左右如果你发布需要使用请把<scope>provided</scope>删掉 -->
@ -72,7 +90,6 @@
<scope>provided</scope>
</dependency>
<!-- end 这两个依赖太多每个包50M左右如果你发布需要使用请把<scope>provided</scope>删掉 -->
<!-- aiflow 脚本依赖 -->
<dependency>
<groupId>com.yomahub</groupId>
@ -105,17 +122,19 @@
</exclusions>
</dependency>
<!-- aiflow 脚本依赖 -->
<!-- langChain4j model support -->
<dependency>
<groupId>dev.langchain4j</groupId>
<artifactId>langchain4j-ollama</artifactId>
<version>${langchain4j.version}</version>
<artifactId>langchain4j-open-ai</artifactId>
</dependency>
<dependency>
<groupId>dev.langchain4j</groupId>
<artifactId>langchain4j-zhipu-ai</artifactId>
<version>${langchain4j.version}</version>
<artifactId>langchain4j-ollama</artifactId>
</dependency>
<dependency>
<groupId>dev.langchain4j</groupId>
<artifactId>langchain4j-community-zhipu-ai</artifactId>
<exclusions>
<exclusion>
<artifactId>checker-qual</artifactId>
@ -129,13 +148,11 @@
</dependency>
<dependency>
<groupId>dev.langchain4j</groupId>
<artifactId>langchain4j-qianfan</artifactId>
<version>${langchain4j.version}</version>
<artifactId>langchain4j-community-qianfan</artifactId>
</dependency>
<dependency>
<groupId>dev.langchain4j</groupId>
<artifactId>langchain4j-dashscope</artifactId>
<version>${langchain4j.version}</version>
<artifactId>langchain4j-community-dashscope</artifactId>
<exclusions>
<exclusion>
<groupId>org.slf4j</groupId>
@ -151,7 +168,7 @@
<dependency>
<groupId>org.jeecgframework</groupId>
<artifactId>langchain4j-pgvector</artifactId>
<version>${langchain4j.version}</version>
<version>1.3.0-beta9</version>
</dependency>
<!-- langChain4j Document Parser -->
<dependency>

11
jeecg-boot/jeecg-boot-module/jeecg-boot-module-airag/src/main/java/org/jeecg/modules/airag/app/controller/AiragAppController.java
View File

@ -1,17 +1,17 @@
package org.jeecg.modules.airag.app.controller;
import cn.dev33.satoken.annotation.SaCheckPermission;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.core.metadata.IPage;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.jeecg.common.api.vo.Result;
import org.jeecg.common.system.base.controller.JeecgController;
import org.jeecg.common.system.query.QueryGenerator;
import org.jeecg.common.util.AssertUtils;
import org.jeecg.common.util.TokenUtils;
import org.jeecg.config.mybatis.MybatisPlusSaasConfig;
import org.jeecg.config.shiro.IgnoreAuth;
import org.jeecg.config.satoken.IgnoreAuth;
import org.jeecg.modules.airag.app.consts.AiAppConsts;
import org.jeecg.modules.airag.app.entity.AiragApp;
import org.jeecg.modules.airag.app.service.IAiragAppService;
@ -21,7 +21,8 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.servlet.mvc.method.annotation.SseEmitter;
import javax.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletRequest;
import java.util.Arrays;
/**
* @Description: AI应用
@ -66,7 +67,7 @@ public class AiragAppController extends JeecgController<AiragApp, IAiragAppServi
* @return
*/
@RequestMapping(value = "/edit", method = {RequestMethod.PUT, RequestMethod.POST})
@RequiresPermissions("airag:app:edit")
@SaCheckPermission("airag:app:edit")
public Result<String> edit(@RequestBody AiragApp airagApp) {
AssertUtils.assertNotEmpty("参数异常", airagApp);
AssertUtils.assertNotEmpty("请输入应用名称", airagApp.getName());
@ -105,7 +106,7 @@ public class AiragAppController extends JeecgController<AiragApp, IAiragAppServi
* @return
*/
@DeleteMapping(value = "/delete")
@RequiresPermissions("airag:app:delete")
@SaCheckPermission("airag:app:delete")
public Result<String> delete(HttpServletRequest request,@RequestParam(name = "id", required = true) String id) {
//update-begin---author:chenrui ---date:20250606 for[issues/8337]关于ai工作列表的数据权限问题 #8337------------
//如果是saas隔离的情况下判断当前租户id是否是当前租户下的

6
jeecg-boot/jeecg-boot-module/jeecg-boot-module-airag/src/main/java/org/jeecg/modules/airag/app/controller/AiragChatController.java
View File

@ -1,10 +1,12 @@
package org.jeecg.modules.airag.app.controller;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import lombok.extern.slf4j.Slf4j;
import org.jeecg.common.api.vo.Result;
import org.jeecg.common.constant.CommonConstant;
import org.jeecg.common.util.CommonUtils;
import org.jeecg.config.shiro.IgnoreAuth;
import org.jeecg.config.satoken.IgnoreAuth;
import org.jeecg.modules.airag.app.service.IAiragChatService;
import org.jeecg.modules.airag.app.vo.ChatConversation;
import org.jeecg.modules.airag.app.vo.ChatSendParams;
@ -15,8 +17,6 @@ import org.springframework.web.multipart.MultipartFile;
import org.springframework.web.multipart.MultipartHttpServletRequest;
import org.springframework.web.servlet.mvc.method.annotation.SseEmitter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**

9
jeecg-boot/jeecg-boot-module/jeecg-boot-module-airag/src/main/java/org/jeecg/modules/airag/app/service/impl/AiragAppServiceImpl.java
View File

@ -71,7 +71,7 @@ public class AiragAppServiceImpl extends ServiceImpl<AiragAppMapper, AiragApp> i
AtomicBoolean isThinking = new AtomicBoolean(false);
String requestId = UUIDGenerator.generate();
// ai聊天响应逻辑
tokenStream.onNext((String resMessage) -> {
tokenStream.onPartialResponse((String resMessage) -> {
// 兼容推理模型
if ("<think>".equals(resMessage)) {
isThinking.set(true);
@ -99,9 +99,9 @@ public class AiragAppServiceImpl extends ServiceImpl<AiragAppMapper, AiragApp> i
throw new RuntimeException(e);
}
})
.onComplete((responseMessage) -> {
.onCompleteResponse((responseMessage) -> {
// 记录ai的回复
AiMessage aiMessage = responseMessage.content();
AiMessage aiMessage = responseMessage.aiMessage();
FinishReason finishReason = responseMessage.finishReason();
String respText = aiMessage.text();
if (FinishReason.STOP.equals(finishReason) || null == finishReason) {
@ -114,9 +114,6 @@ public class AiragAppServiceImpl extends ServiceImpl<AiragAppMapper, AiragApp> i
throw new RuntimeException(e);
}
closeSSE(emitter, eventData);
} else if (FinishReason.TOOL_EXECUTION.equals(finishReason)) {
// 需要执行工具
// TODO author: chenrui for: date:2025/3/7
} else {
// 异常结束
log.error("调用模型异常:" + respText);

10
jeecg-boot/jeecg-boot-module/jeecg-boot-module-airag/src/main/java/org/jeecg/modules/airag/app/service/impl/AiragChatServiceImpl.java
View File

@ -40,7 +40,7 @@ import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.stereotype.Service;
import org.springframework.web.servlet.mvc.method.annotation.SseEmitter;
import javax.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletRequest;
import java.io.IOException;
import java.util.*;
import java.util.concurrent.*;
@ -860,7 +860,7 @@ public class AiragChatServiceImpl implements IAiragChatService {
*/
AtomicBoolean isThinking = new AtomicBoolean(false);
// ai聊天响应逻辑
chatStream.onNext((String resMessage) -> {
chatStream.onPartialResponse((String resMessage) -> {
// 兼容推理模型
if ("<think>".equals(resMessage)) {
isThinking.set(true);
@ -886,12 +886,12 @@ public class AiragChatServiceImpl implements IAiragChatService {
return;
}
sendMessage2Client(emitter, eventData);
}).onComplete((responseMessage) -> {
}).onCompleteResponse((responseMessage) -> {
// 打印流程耗时日志
printChatDuration(requestId, "LLM输出消息完成");
AiragLocalCache.remove(AiragConsts.CACHE_TYPE_SSE_SEND_TIME, requestId);
// 记录ai的回复
AiMessage aiMessage = responseMessage.content();
AiMessage aiMessage = responseMessage.aiMessage();
FinishReason finishReason = responseMessage.finishReason();
String respText = aiMessage.text();
// sse
@ -1081,7 +1081,7 @@ public class AiragChatServiceImpl implements IAiragChatService {
} else {
token = TokenUtils.getTokenByRequest();
}
if (TokenUtils.verifyToken(token, sysBaseApi, redisUtil)) {
if (TokenUtils.verifyToken(token, sysBaseApi)) {
return JwtUtil.getUsername(token);
}
} catch (Exception e) {

22
jeecg-boot/jeecg-boot-module/jeecg-boot-module-airag/src/main/java/org/jeecg/modules/airag/llm/controller/AiragKnowledgeController.java
View File

@ -1,10 +1,10 @@
package org.jeecg.modules.airag.llm.controller;
import cn.dev33.satoken.annotation.SaCheckPermission;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.core.metadata.IPage;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.jeecg.common.api.vo.Result;
import org.jeecg.common.system.query.QueryGenerator;
import org.jeecg.common.util.AssertUtils;
@ -22,7 +22,7 @@ import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.multipart.MultipartFile;
import javax.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletRequest;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
@ -77,7 +77,7 @@ public class AiragKnowledgeController {
* @date 2025/2/18 17:09
*/
@PostMapping(value = "/add")
@RequiresPermissions("airag:knowledge:add")
@SaCheckPermission("airag:knowledge:add")
public Result<String> add(@RequestBody AiragKnowledge airagKnowledge) {
airagKnowledge.setStatus(LLMConsts.STATUS_ENABLE);
airagKnowledgeService.save(airagKnowledge);
@ -94,7 +94,7 @@ public class AiragKnowledgeController {
*/
@Transactional(rollbackFor = Exception.class)
@RequestMapping(value = "/edit", method = {RequestMethod.PUT, RequestMethod.POST})
@RequiresPermissions("airag:knowledge:edit")
@SaCheckPermission("airag:knowledge:edit")
public Result<String> edit(@RequestBody AiragKnowledge airagKnowledge) {
AiragKnowledge airagKnowledgeEntity = airagKnowledgeService.getById(airagKnowledge.getId());
if (airagKnowledgeEntity == null) {
@ -118,7 +118,7 @@ public class AiragKnowledgeController {
* @date 2025/3/12 17:05
*/
@PutMapping(value = "/rebuild")
@RequiresPermissions("airag:knowledge:rebuild")
@SaCheckPermission("airag:knowledge:rebuild")
public Result<?> rebuild(@RequestParam("knowIds") String knowIds) {
String[] knowIdArr = knowIds.split(",");
for (String knowId : knowIdArr) {
@ -137,7 +137,7 @@ public class AiragKnowledgeController {
*/
@Transactional(rollbackFor = Exception.class)
@DeleteMapping(value = "/delete")
@RequiresPermissions("airag:knowledge:delete")
@SaCheckPermission("airag:knowledge:delete")
public Result<String> delete(HttpServletRequest request, @RequestParam(name = "id", required = true) String id) {
//update-begin---author:chenrui ---date:20250606 for[issues/8337]关于ai工作列表的数据权限问题 #8337------------
//如果是saas隔离的情况下判断当前租户id是否是当前租户下的
@ -204,7 +204,7 @@ public class AiragKnowledgeController {
* @date 2025/2/18 15:47
*/
@PostMapping(value = "/doc/edit")
@RequiresPermissions("airag:knowledge:doc:edit")
@SaCheckPermission("airag:knowledge:doc:edit")
public Result<?> addDocument(@RequestBody AiragKnowledgeDoc airagKnowledgeDoc) {
return airagKnowledgeDocService.editDocument(airagKnowledgeDoc);
}
@ -217,7 +217,7 @@ public class AiragKnowledgeController {
* @date 2025/3/20 11:29
*/
@PostMapping(value = "/doc/import/zip")
@RequiresPermissions("airag:knowledge:doc:zip")
@SaCheckPermission("airag:knowledge:doc:zip")
public Result<?> importDocumentFromZip(@RequestParam(name = "knowId", required = true) String knowId,
@RequestParam(name = "file", required = true) MultipartFile file) {
return airagKnowledgeDocService.importDocumentFromZip(knowId,file);
@ -244,7 +244,7 @@ public class AiragKnowledgeController {
* @date 2025/2/18 15:47
*/
@PutMapping(value = "/doc/rebuild")
@RequiresPermissions("airag:knowledge:doc:rebuild")
@SaCheckPermission("airag:knowledge:doc:rebuild")
public Result<?> rebuildDocument(@RequestParam("docIds") String docIds) {
return airagKnowledgeDocService.rebuildDocument(docIds);
}
@ -259,7 +259,7 @@ public class AiragKnowledgeController {
*/
@Transactional(rollbackFor = Exception.class)
@DeleteMapping(value = "/doc/deleteBatch")
@RequiresPermissions("airag:knowledge:doc:deleteBatch")
@SaCheckPermission("airag:knowledge:doc:deleteBatch")
public Result<String> deleteDocumentBatch(HttpServletRequest request, @RequestParam(name = "ids", required = true) String ids) {
List<String> idsList = Arrays.asList(ids.split(","));
//update-begin---author:chenrui ---date:20250606 for[issues/8337]关于ai工作列表的数据权限问题 #8337------------
@ -287,7 +287,7 @@ public class AiragKnowledgeController {
*/
@Transactional(rollbackFor = Exception.class)
@DeleteMapping(value = "/doc/deleteAll")
@RequiresPermissions("airag:knowledge:doc:deleteAll")
@SaCheckPermission("airag:knowledge:doc:deleteAll")
public Result<?> deleteDocumentAll(HttpServletRequest request, @RequestParam(name = "knowId") String knowId) {
//update-begin---author:chenrui ---date:20250606 for[issues/8337]关于ai工作列表的数据权限问题 #8337------------
//如果是saas隔离的情况下判断当前租户id是否是当前租户下的

12
jeecg-boot/jeecg-boot-module/jeecg-boot-module-airag/src/main/java/org/jeecg/modules/airag/llm/controller/AiragModelController.java
View File

@ -1,5 +1,6 @@
package org.jeecg.modules.airag.llm.controller;
import cn.dev33.satoken.annotation.SaCheckPermission;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.core.metadata.IPage;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
@ -7,7 +8,6 @@ import dev.langchain4j.data.message.UserMessage;
import dev.langchain4j.model.embedding.EmbeddingModel;
import io.swagger.v3.oas.annotations.tags.Tag;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.jeecg.ai.factory.AiModelFactory;
import org.jeecg.ai.factory.AiModelOptions;
import org.jeecg.common.api.vo.Result;
@ -26,8 +26,8 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.util.Arrays;
import java.util.Collections;
@ -72,7 +72,7 @@ public class AiragModelController extends JeecgController<AiragModel, IAiragMode
* @return
*/
@PostMapping(value = "/add")
@RequiresPermissions("airag:model:add")
@SaCheckPermission("airag:model:add")
public Result<String> add(@RequestBody AiragModel airagModel) {
// 验证 模型名称/模型类型/基础模型
AssertUtils.assertNotEmpty("模型名称不能为空", airagModel.getName());
@ -94,7 +94,7 @@ public class AiragModelController extends JeecgController<AiragModel, IAiragMode
* @return
*/
@RequestMapping(value = "/edit", method = {RequestMethod.PUT, RequestMethod.POST})
@RequiresPermissions("airag:model:edit")
@SaCheckPermission("airag:model:edit")
public Result<String> edit(@RequestBody AiragModel airagModel) {
airagModelService.updateById(airagModel);
return Result.OK("编辑成功!");
@ -107,7 +107,7 @@ public class AiragModelController extends JeecgController<AiragModel, IAiragMode
* @return
*/
@DeleteMapping(value = "/delete")
@RequiresPermissions("airag:model:delete")
@SaCheckPermission("airag:model:delete")
public Result<String> delete(HttpServletRequest request, @RequestParam(name = "id", required = true) String id) {
//update-begin---author:chenrui ---date:20250606 for[issues/8337]关于ai工作列表的数据权限问题 #8337------------
//如果是saas隔离的情况下判断当前租户id是否是当前租户下的

16
jeecg-boot/jeecg-boot-module/jeecg-boot-module-airag/src/main/java/org/jeecg/modules/airag/llm/handler/AIChatHandler.java
View File

@ -105,14 +105,14 @@ public class AIChatHandler implements IAIChatHandler {
// langchain4j 异常友好提示
String errMsg = "调用大模型接口失败,详情请查看后台日志。";
if (oConvertUtils.isNotEmpty(e.getMessage())) {
// // 根据常见异常关键字做细致翻译
// for (Map.Entry<String, String> entry : MODEL_ERROR_MAP.entrySet()) {
// String key = entry.getKey();
// String value = entry.getValue();
// if (errMsg.contains(key)) {
// errMsg = value;
// }
// }
// 根据常见异常关键字做细致翻译
for (Map.Entry<String, String> entry : MODEL_ERROR_MAP.entrySet()) {
String key = entry.getKey();
String value = entry.getValue();
if (errMsg.contains(key)) {
errMsg = value;
}
}
}
log.error("AI模型调用异常: {}", errMsg, e);
throw new JeecgBootException(errMsg);

3
jeecg-boot/jeecg-boot-module/jeecg-boot-module-airag/src/main/java/org/jeecg/modules/airag/llm/handler/EmbeddingHandler.java
View File

@ -9,7 +9,6 @@ import dev.langchain4j.data.document.splitter.DocumentSplitters;
import dev.langchain4j.data.embedding.Embedding;
import dev.langchain4j.data.segment.TextSegment;
import dev.langchain4j.model.embedding.EmbeddingModel;
import dev.langchain4j.model.openai.OpenAiTokenizer;
import dev.langchain4j.rag.content.retriever.ContentRetriever;
import dev.langchain4j.rag.content.retriever.EmbeddingStoreContentRetriever;
import dev.langchain4j.rag.query.router.DefaultQueryRouter;
@ -167,7 +166,7 @@ public class EmbeddingHandler implements IEmbeddingHandler {
// 删除旧数据
embeddingStore.removeAll(metadataKey(EMBED_STORE_METADATA_DOCID).isEqualTo(doc.getId()));
// 分段器
DocumentSplitter splitter = DocumentSplitters.recursive(DEFAULT_SEGMENT_SIZE, DEFAULT_OVERLAP_SIZE, new OpenAiTokenizer());
DocumentSplitter splitter = DocumentSplitters.recursive(DEFAULT_SEGMENT_SIZE, DEFAULT_OVERLAP_SIZE);
// 分段并存储
EmbeddingStoreIngestor ingestor = EmbeddingStoreIngestor.builder()
.documentSplitter(splitter)

2
jeecg-boot/jeecg-boot-module/jeecg-boot-module-airag/src/main/java/org/jeecg/modules/airag/llm/service/impl/AiragKnowledgeDocServiceImpl.java
View File

@ -27,7 +27,7 @@ import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.multipart.MultipartFile;
import javax.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletRequest;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;

4
jeecg-boot/jeecg-boot-module/jeecg-module-demo/pom.xml
View File

@ -4,7 +4,7 @@
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<artifactId>jeecg-boot-module</artifactId>
<groupId>org.jeecgframework.boot</groupId>
<groupId>org.jeecgframework.boot3</groupId>
<version>3.8.3</version>
</parent>
<modelVersion>4.0.0</modelVersion>
@ -13,7 +13,7 @@
<dependencies>
<dependency>
<groupId>org.jeecgframework.boot</groupId>
<groupId>org.jeecgframework.boot3</groupId>
<artifactId>jeecg-boot-base-core</artifactId>
</dependency>
</dependencies>

2
jeecg-boot/jeecg-boot-module/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/cloud/controller/JcloudDemoProviderController.java
View File

@ -8,7 +8,7 @@ import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import javax.annotation.Resource;
import jakarta.annotation.Resource;
/**
* 服务端提供方——feign接口

4
jeecg-boot/jeecg-boot-module/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/mock/MockController.java
View File

@ -6,8 +6,8 @@ import org.apache.commons.io.IOUtils;
import org.jeecg.common.api.vo.Result;
import org.springframework.web.bind.annotation.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import javax.swing.filechooser.FileSystemView;
import java.io.File;
import java.io.IOException;

2
jeecg-boot/jeecg-boot-module/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/mock/vxe/controller/VxeMockController.java
View File

@ -18,7 +18,7 @@ import org.jeecg.modules.demo.mock.vxe.entity.MockEntity;
import org.jeecg.modules.demo.mock.vxe.websocket.VxeSocket;
import org.springframework.web.bind.annotation.*;
import javax.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletRequest;
import java.io.IOException;
import java.io.InputStream;
import java.net.URLDecoder;

12
jeecg-boot/jeecg-boot-module/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/mock/vxe/websocket/VxeSocket.java
View File

@ -6,12 +6,12 @@ import lombok.extern.slf4j.Slf4j;
import org.jeecg.common.constant.VxeSocketConst;
import org.springframework.stereotype.Component;
import javax.websocket.OnClose;
import javax.websocket.OnMessage;
import javax.websocket.OnOpen;
import javax.websocket.Session;
import javax.websocket.server.PathParam;
import javax.websocket.server.ServerEndpoint;
import jakarta.websocket.OnClose;
import jakarta.websocket.OnMessage;
import jakarta.websocket.OnOpen;
import jakarta.websocket.Session;
import jakarta.websocket.server.PathParam;
import jakarta.websocket.server.ServerEndpoint;
import java.util.Collection;
import java.util.HashMap;
import java.util.Map;

13
jeecg-boot/jeecg-boot-module/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/controller/JeecgDemoController.java
View File

@ -10,8 +10,6 @@ import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.tags.Tag;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.jeecg.common.api.vo.Result;
import org.jeecg.common.aspect.annotation.AutoLog;
import org.jeecg.common.aspect.annotation.PermissionData;
@ -21,7 +19,7 @@ import org.jeecg.common.system.query.QueryGenerator;
import org.jeecg.common.util.DateUtils;
import org.jeecg.common.util.RedisUtil;
import org.jeecg.common.util.UUIDGenerator;
import org.jeecg.config.shiro.IgnoreAuth;
import org.jeecg.config.satoken.IgnoreAuth;
import org.jeecg.modules.demo.test.entity.JeecgDemo;
import org.jeecg.modules.demo.test.service.IJeecgDemoService;
import org.springframework.beans.factory.annotation.Autowired;
@ -29,8 +27,8 @@ import org.springframework.web.bind.annotation.*;
import org.springframework.web.servlet.ModelAndView;
import reactor.core.publisher.Mono;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
@ -477,11 +475,6 @@ public class JeecgDemoController extends JeecgController<JeecgDemo, IJeecgDemoSe
*/
@GetMapping(value ="/test")
public Mono<String> test() {
//解决shiro报错No SecurityManager accessible to the calling code, either bound to the org.apache.shiro
// https://blog.csdn.net/Japhet_jiu/article/details/131177210
DefaultSecurityManager securityManager = new DefaultSecurityManager();
SecurityUtils.setSecurityManager(securityManager);
return Mono.just("测试");
}

5
jeecg-boot/jeecg-boot-module/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/controller/JeecgDynamicDataController.java
View File

@ -10,7 +10,10 @@ import org.jeecg.modules.demo.test.entity.JeecgDemo;
import org.jeecg.modules.demo.test.service.IJeecgDemoService;
import org.jeecg.modules.demo.test.service.IJeecgDynamicDataService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import java.util.List;

2
jeecg-boot/jeecg-boot-module/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/controller/JeecgOrderErpMainController.java
View File

@ -17,7 +17,7 @@ import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
import javax.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletRequest;
import java.util.Arrays;
/**

12
jeecg-boot/jeecg-boot-module/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/controller/JeecgOrderMainController.java
View File

@ -5,20 +5,17 @@ import java.util.Arrays;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.apache.shiro.SecurityUtils;
import org.jeecg.common.api.vo.Result;
import org.jeecg.common.system.base.controller.JeecgController;
import org.jeecg.common.system.query.QueryGenerator;
import org.jeecg.common.system.vo.LoginUser;
import org.jeecg.common.util.oConvertUtils;
import org.jeecg.modules.demo.test.entity.JeecgDemo;
import org.jeecg.common.util.LoginUserUtils;
import org.jeecg.modules.demo.test.entity.JeecgOrderCustomer;
import org.jeecg.modules.demo.test.entity.JeecgOrderMain;
import org.jeecg.modules.demo.test.entity.JeecgOrderTicket;
import org.jeecg.modules.demo.test.service.IJeecgDemoService;
import org.jeecg.modules.demo.test.service.IJeecgOrderCustomerService;
import org.jeecg.modules.demo.test.service.IJeecgOrderMainService;
import org.jeecg.modules.demo.test.service.IJeecgOrderTicketService;
@ -33,7 +30,6 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.PutMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
@ -184,7 +180,7 @@ public class JeecgOrderMainController extends JeecgController<JeecgOrderMain, IJ
//Step.2 AutoPoi 导出Excel
ModelAndView mv = new ModelAndView(new JeecgEntityExcelView());
//获取当前用户
LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
LoginUser sysUser = LoginUserUtils.getSessionUser();
List<JeecgOrderMainPage> pageList = new ArrayList<JeecgOrderMainPage>();

4
jeecg-boot/jeecg-boot-module/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/controller/JoaDemoController.java
View File

@ -7,8 +7,8 @@ import java.util.Arrays;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.jeecg.common.api.vo.Result;
import org.jeecg.common.system.query.QueryGenerator;

4
jeecg-boot/jeecg-boot-module/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/service/impl/JeecgDemoServiceImpl.java
View File

@ -3,10 +3,10 @@ package org.jeecg.modules.demo.test.service.impl;
import com.baomidou.mybatisplus.core.metadata.IPage;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import org.apache.shiro.SecurityUtils;
import org.jeecg.common.constant.CacheConstant;
import org.jeecg.common.system.query.QueryGenerator;
import org.jeecg.common.system.vo.LoginUser;
import org.jeecg.common.util.LoginUserUtils;
import org.jeecg.modules.demo.test.entity.JeecgDemo;
import org.jeecg.modules.demo.test.mapper.JeecgDemoMapper;
import org.jeecg.modules.demo.test.service.IJeecgDemoService;
@ -97,7 +97,7 @@ public class JeecgDemoServiceImpl extends ServiceImpl<JeecgDemoMapper, JeecgDemo
@Override
public String getExportFields() {
LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
LoginUser sysUser = LoginUserUtils.getSessionUser();
//权限配置列导出示例
//1.配置前缀与菜单中配置的列前缀一致
List<String> noAuthList = new ArrayList<>();

2
jeecg-boot/jeecg-boot-module/jeecg-module-demo/src/main/java/org/jeecg/modules/dlglong/controller/DlMockController.java
View File

@ -18,7 +18,7 @@ import org.jeecg.modules.demo.mock.vxe.websocket.VxeSocket;
import org.jeecg.modules.dlglong.entity.MockEntity;
import org.springframework.web.bind.annotation.*;
import javax.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletRequest;
import java.io.IOException;
import java.io.InputStream;
import java.net.URLDecoder;

2
jeecg-boot/jeecg-boot-module/pom.xml
View File

@ -4,7 +4,7 @@
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<artifactId>jeecg-boot-parent</artifactId>
<groupId>org.jeecgframework.boot</groupId>
<groupId>org.jeecgframework.boot3</groupId>
<version>3.8.3</version>
</parent>
<modelVersion>4.0.0</modelVersion>

2
jeecg-boot/jeecg-module-system/jeecg-system-api/jeecg-system-cloud-api/pom.xml
View File

@ -4,7 +4,7 @@
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<artifactId>jeecg-system-api</artifactId>
<groupId>org.jeecgframework.boot</groupId>
<groupId>org.jeecgframework.boot3</groupId>
<version>3.8.3</version>
</parent>
<modelVersion>4.0.0</modelVersion>

2
jeecg-boot/jeecg-module-system/jeecg-system-api/jeecg-system-cloud-api/src/main/java/org/jeecg/config/FeignConfig.java
View File

@ -6,7 +6,7 @@
//import java.util.List;
//import java.util.SortedMap;
//
//import javax.servlet.http.HttpServletRequest;
//import jakarta.servlet.http.HttpServletRequest;
//
//import org.jeecg.common.config.mqtoken.UserTokenContext;
//import org.jeecg.common.constant.CommonConstant;

2
jeecg-boot/jeecg-module-system/jeecg-system-api/jeecg-system-local-api/pom.xml
View File

@ -4,7 +4,7 @@
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<artifactId>jeecg-system-api</artifactId>
<groupId>org.jeecgframework.boot</groupId>
<groupId>org.jeecgframework.boot3</groupId>
<version>3.8.3</version>
</parent>
<modelVersion>4.0.0</modelVersion>

4
jeecg-boot/jeecg-module-system/jeecg-system-api/pom.xml
View File

@ -4,7 +4,7 @@
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<artifactId>jeecg-module-system</artifactId>
<groupId>org.jeecgframework.boot</groupId>
<groupId>org.jeecgframework.boot3</groupId>
<version>3.8.3</version>
</parent>
<modelVersion>4.0.0</modelVersion>
@ -19,7 +19,7 @@
<dependencies>
<dependency>
<groupId>org.jeecgframework.boot</groupId>
<groupId>org.jeecgframework.boot3</groupId>
<artifactId>jeecg-boot-base-core</artifactId>
</dependency>
</dependencies>

30
jeecg-boot/jeecg-module-system/jeecg-system-biz/pom.xml
View File

@ -2,7 +2,7 @@
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<groupId>org.jeecgframework.boot</groupId>
<groupId>org.jeecgframework.boot3</groupId>
<artifactId>jeecg-module-system</artifactId>
<version>3.8.3</version>
</parent>
@ -12,7 +12,7 @@
<dependencies>
<dependency>
<groupId>org.jeecgframework.boot</groupId>
<groupId>org.jeecgframework.boot3</groupId>
<artifactId>jeecg-system-local-api</artifactId>
</dependency>
<dependency>
@ -20,13 +20,13 @@
<artifactId>hibernate-core</artifactId>
</dependency>
<dependency>
<groupId>org.jeecgframework.boot</groupId>
<groupId>org.jeecgframework.boot3</groupId>
<artifactId>hibernate-re</artifactId>
</dependency>
<!-- AI大模型管理 -->
<dependency>
<groupId>org.jeecgframework.boot</groupId>
<groupId>org.jeecgframework.boot3</groupId>
<artifactId>jeecg-boot-module-airag</artifactId>
<version>${jeecgboot.version}</version>
</dependency>
@ -38,7 +38,13 @@
<!-- 积木报表 -->
<dependency>
<groupId>org.jeecgframework.jimureport</groupId>
<artifactId>jimureport-spring-boot-starter</artifactId>
<artifactId>jimureport-spring-boot3-starter</artifactId>
<exclusions>
<exclusion>
<groupId>com.github.jsqlparser</groupId>
<artifactId>jsqlparser</artifactId>
</exclusion>
</exclusions>
</dependency>
<!-- mongo、redis和文件数据集支持包按需引入 -->
<dependency>
@ -53,7 +59,19 @@
<!-- 积木BI -->
<dependency>
<groupId>org.jeecgframework.jimureport</groupId>
<artifactId>jimubi-spring-boot-starter</artifactId>
<artifactId>jimubi-spring-boot3-starter</artifactId>
<exclusions>
<exclusion>
<groupId>com.github.jsqlparser</groupId>
<artifactId>jsqlparser</artifactId>
</exclusion>
</exclusions>
</dependency>
<!-- AI大模型管理 -->
<dependency>
<groupId>org.jeecgframework.boot3</groupId>
<artifactId>jeecg-boot-module-airag</artifactId>
<version>${jeecgboot.version}</version>
</dependency>
</dependencies>

30
jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/config/init/ShiroCacheClearRunner.java
View File

@ -1,30 +0,0 @@
package org.jeecg.config.init;
import lombok.extern.slf4j.Slf4j;
import org.jeecg.common.constant.CommonConstant;
import org.jeecg.common.util.RedisUtil;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.ApplicationArguments;
import org.springframework.boot.ApplicationRunner;
import org.springframework.stereotype.Component;
/**
* Shiro缓存清理
* 在应用启动时清除所有的Shiro授权缓存
* 主要用于解决重启项目,用户未重新登录,按钮权限不生效的问题
*/
@Slf4j
@Component
public class ShiroCacheClearRunner implements ApplicationRunner {
@Autowired
private RedisUtil redisUtil;
@Override
public void run(ApplicationArguments args) {
// 清空所有授权redis缓存
log.info("——— Service restart, clearing all user shiro authorization cache ——— ");
redisUtil.removeAll(CommonConstant.PREFIX_USER_SHIRO_CACHE);
}
}

10
jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/config/jimureport/JimuReportTokenService.java
View File

@ -12,7 +12,7 @@ import org.springframework.context.annotation.Lazy;
import org.springframework.stereotype.Component;
import org.springframework.util.CollectionUtils;
import javax.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletRequest;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
@ -36,11 +36,7 @@ public class JimuReportTokenService implements JmReportTokenServiceI {
@Override
public String getToken(HttpServletRequest request) {
try {
return TokenUtils.getTokenByRequest(request);
} catch (Exception e) {
return null;
}
return TokenUtils.getTokenByRequest(request);
}
@Override
@ -60,7 +56,7 @@ public class JimuReportTokenService implements JmReportTokenServiceI {
@Override
public Boolean verifyToken(String token) {
return TokenUtils.verifyToken(token, sysBaseApi, redisUtil);
return TokenUtils.verifyToken(token, sysBaseApi);
}
@Override

64
jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/airag/JeecgBizToolsProvider.java
View File

@ -5,13 +5,11 @@ import com.alibaba.fastjson.JSONArray;
import com.alibaba.fastjson.JSONObject;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import dev.langchain4j.agent.tool.JsonSchemaProperty;
import dev.langchain4j.agent.tool.ToolSpecification;
import dev.langchain4j.model.chat.request.json.JsonObjectSchema;
import dev.langchain4j.service.tool.ToolExecutor;
import org.apache.commons.lang3.StringUtils;
import org.jeecg.common.api.vo.Result;
import org.jeecg.common.constant.CommonConstant;
import org.jeecg.common.system.api.ISysBaseAPI;
import org.jeecg.common.util.PasswordUtil;
import org.jeecg.common.util.oConvertUtils;
import org.jeecg.modules.airag.llm.handler.JeecgToolsProvider;
@ -85,12 +83,17 @@ public class JeecgBizToolsProvider implements JeecgToolsProvider {
"\n\n - 提前使用用户名查询用户是否存在,如果存在则不能添加." +
"\n\n - 添加成功后返回成功消息,如果失败则返回失败原因." +
"\n\n - 用户名,工号,邮箱,手机号均要求唯一,提前通过查询用户工具确认唯一性." )
.addParameter("username", JsonSchemaProperty.STRING, JsonSchemaProperty.description("用户名,必填,只允许使用字母、数字、下划线,且必须以字母开头,唯一"))
.addParameter("password", JsonSchemaProperty.STRING, JsonSchemaProperty.description("用户密码,必填"))
.addParameter("realname", JsonSchemaProperty.STRING, JsonSchemaProperty.description("真实姓名,必填"))
.addParameter("workNo", JsonSchemaProperty.STRING, JsonSchemaProperty.description("工号,必填,唯一"))
.addParameter("email", JsonSchemaProperty.STRING, JsonSchemaProperty.description("邮箱,必填,唯一"))
.addParameter("phone", JsonSchemaProperty.STRING, JsonSchemaProperty.description("手机号,必填,唯一"))
.parameters(
JsonObjectSchema.builder()
.addStringProperty("username", "用户名,必填,只允许使用字母、数字、下划线,且必须以字母开头,唯一")
.addStringProperty("password", "用户密码,必填")
.addStringProperty("realname", "真实姓名,必填")
.addStringProperty("workNo", "号,必填,唯一")
.addStringProperty("email", "邮箱,必填,唯一")
.addStringProperty("phone", "手机号,必填,唯一")
.required("username","password","realname","workNo","email","phone")
.build()
)
.build();
ToolExecutor toolExecutor = (toolExecutionRequest, memoryId) -> {
JSONObject arguments = JSONObject.parseObject(toolExecutionRequest.arguments());
@ -138,11 +141,15 @@ public class JeecgBizToolsProvider implements JeecgToolsProvider {
ToolSpecification toolSpecification = ToolSpecification.builder()
.name("query_user_by_name")
.description("查询用户详细信息返回json数组。支持用户名、真实姓名、邮箱、手机号、工号多字段组合查询用户名、真实姓名、邮箱、手机号均为模糊查询工号为精确查询。无条件则返回全部用户。")
.addParameter("username", JsonSchemaProperty.STRING, JsonSchemaProperty.description("用户名"))
.addParameter("realname", JsonSchemaProperty.STRING, JsonSchemaProperty.description("真实姓名"))
.addParameter("email", JsonSchemaProperty.STRING, JsonSchemaProperty.description("电子邮件"))
.addParameter("phone", JsonSchemaProperty.STRING, JsonSchemaProperty.description("手机号"))
.addParameter("workNo", JsonSchemaProperty.STRING, JsonSchemaProperty.description("工号"))
.parameters(
JsonObjectSchema.builder()
.addStringProperty("username", "用户名")
.addStringProperty("realname", "真实姓名")
.addStringProperty("email", "电子邮件")
.addStringProperty("phone", "手机号")
.addStringProperty("workNo", "工号")
.build()
)
.build();
ToolExecutor toolExecutor = (toolExecutionRequest, memoryId) -> {
SysUser args = JSONObject.parseObject(toolExecutionRequest.arguments(), SysUser.class);
@ -180,8 +187,12 @@ public class JeecgBizToolsProvider implements JeecgToolsProvider {
ToolSpecification spec = ToolSpecification.builder()
.name("query_all_roles")
.description("查询所有角色返回json数组。包含字段id、roleName、roleCode默认按创建时间/排序号规则由后端决定。")
.addParameter("roleName", JsonSchemaProperty.STRING, JsonSchemaProperty.description("角色姓名"))
.addParameter("roleCode", JsonSchemaProperty.STRING, JsonSchemaProperty.description("角色编码"))
.parameters(
JsonObjectSchema.builder()
.addStringProperty("roleName", "角色姓名")
.addStringProperty("roleCode", "角色编码")
.build()
)
.build();
ToolExecutor exec = (toolExecutionRequest, memoryId) -> {
// 做租户隔离查询(若开启)
@ -194,10 +205,10 @@ public class JeecgBizToolsProvider implements JeecgToolsProvider {
qw.like("role_code", sysRole.getRoleCode());
}
// 未删除
List<org.jeecg.modules.system.entity.SysRole> roles = sysRoleService.list(qw);
List<SysRole> roles = sysRoleService.list(qw);
// 仅返回核心字段
JSONArray arr = new JSONArray();
for (org.jeecg.modules.system.entity.SysRole r : roles) {
for (SysRole r : roles) {
JSONObject o = new JSONObject();
o.put("id", r.getId());
o.put("roleName", r.getRoleName());
@ -219,17 +230,22 @@ public class JeecgBizToolsProvider implements JeecgToolsProvider {
ToolSpecification spec = ToolSpecification.builder()
.name("grant_user_roles")
.description("给用户授予角色,支持一次授予多个角色;如果关系已存在则跳过。返回授予结果统计。")
.addParameter("userId", JsonSchemaProperty.STRING, JsonSchemaProperty.description("用户ID必填"))
.addParameter("roleIds", JsonSchemaProperty.STRING, JsonSchemaProperty.description("角色ID列表必填使用英文逗号分隔"))
.parameters(
JsonObjectSchema.builder()
.addStringProperty("userId", "用户ID必填")
.addStringProperty("roleIds", "角色ID列表必填使用英文逗号分隔")
.required("userId","roleIds")
.build()
)
.build();
ToolExecutor exec = (toolExecutionRequest, memoryId) -> {
JSONObject args = JSONObject.parseObject(toolExecutionRequest.arguments());
String userId = args.getString("userId");
String roleIdsStr = args.getString("roleIds");
if (org.apache.commons.lang3.StringUtils.isAnyBlank(userId, roleIdsStr)) {
if (StringUtils.isAnyBlank(userId, roleIdsStr)) {
return "参数缺失userId 或 roleIds";
}
org.jeecg.modules.system.entity.SysUser user = sysUserService.getById(userId);
SysUser user = sysUserService.getById(userId);
if (user == null) {
return "用户不存在:" + userId;
}
@ -238,9 +254,9 @@ public class JeecgBizToolsProvider implements JeecgToolsProvider {
for (String roleId : roleIds) {
roleId = roleId.trim();
if (roleId.isEmpty()) continue;
org.jeecg.modules.system.entity.SysRole role = sysRoleService.getById(roleId);
SysRole role = sysRoleService.getById(roleId);
if (role == null) { invalid++; continue; }
com.baomidou.mybatisplus.core.conditions.query.QueryWrapper<org.jeecg.modules.system.entity.SysUserRole> q = new com.baomidou.mybatisplus.core.conditions.query.QueryWrapper<>();
QueryWrapper<org.jeecg.modules.system.entity.SysUserRole> q = new QueryWrapper<>();
q.eq("role_id", roleId).eq("user_id", userId);
org.jeecg.modules.system.entity.SysUserRole one = sysUserRoleService.getOne(q);
if (one == null) {

6
jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/aop/TenantPackUserLogAspect.java
View File

@ -1,6 +1,6 @@
package org.jeecg.modules.aop;
import org.apache.shiro.SecurityUtils;
import org.jeecg.common.util.LoginUserUtils;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.AfterThrowing;
import org.aspectj.lang.annotation.Around;
@ -15,7 +15,7 @@ import org.jeecg.modules.system.entity.SysTenantPack;
import org.jeecg.modules.system.entity.SysTenantPackUser;
import org.springframework.stereotype.Component;
import javax.annotation.Resource;
import jakarta.annotation.Resource;
import java.lang.reflect.Method;
import java.util.Date;
@ -79,7 +79,7 @@ public class TenantPackUserLogAspect {
dto.setOperateType(opType);
dto.setTenantId(tenantId);
//获取登录用户信息
LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
LoginUser sysUser = LoginUserUtils.getSessionUser();
if(sysUser!=null){
dto.setUserid(sysUser.getUsername());
dto.setUsername(sysUser.getRealname());

17
jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/cas/controller/CasClientController.java
View File

@ -2,13 +2,13 @@ package org.jeecg.modules.cas.controller;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.jeecg.common.api.vo.Result;
import org.jeecg.common.constant.CommonConstant;
import org.jeecg.common.system.util.JwtUtil;
import org.jeecg.common.system.vo.LoginUser;
import org.jeecg.common.util.LoginUserUtils;
import org.jeecg.common.util.RedisUtil;
import org.jeecg.modules.cas.util.CasServiceUtil;
import org.jeecg.modules.cas.util.XmlUtils;
@ -16,6 +16,7 @@ import org.jeecg.modules.system.entity.SysDepart;
import org.jeecg.modules.system.entity.SysUser;
import org.jeecg.modules.system.service.ISysDepartService;
import org.jeecg.modules.system.service.ISysUserService;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpEntity;
@ -78,10 +79,10 @@ public class CasClientController {
if(!result.isSuccess()) {
return result;
}
String token = JwtUtil.sign(sysUser.getUsername(), sysUser.getPassword());
// 设置超时时间
redisUtil.set(CommonConstant.PREFIX_USER_TOKEN + token, token);
redisUtil.expire(CommonConstant.PREFIX_USER_TOKEN + token, JwtUtil.EXPIRE_TIME*2 / 1000);
// 使用Sa-Token生成token使用username作为loginId
LoginUser loginUser = new LoginUser();
BeanUtils.copyProperties(sysUser, loginUser);
String token = LoginUserUtils.doLogin(loginUser);
//获取用户部门信息
JSONObject obj = new JSONObject();

Some files were not shown because too many files have changed in this diff Show More