Merge pull request #5935 from EightMonth/springboot3_config

修正spring boot3默认配置
添加nacos sql自动创建nacos库
2026-01-23 19:46:56 +08:00 · 2024-03-01 16:24:33 +08:00 · 2024-03-01 16:15:06 +08:00 · 2024-03-01 16:06:12 +08:00 · 2024-03-01 16:04:57 +08:00 · 2024-02-29 17:41:13 +08:00
219 changed files with 7770 additions and 7540 deletions
--- a/.gitignore
+++ b/.gitignore
@ -10,5 +10,5 @@ rebel.xml
 ## front
 **/*.lock
 os_del.cmd
-
-*.log
+os_del_doc.cmd
+.svn
--- a/README-EN.md
+++ b/README-EN.md
@ -7,13 +7,13 @@
 JEECG BOOT Low Code Development Platform
 ===============

-当前最新版本： 3.6.1（发布日期：2023-12-11） 
+当前最新版本： 3.6.2（发布日期：2024-01-08） 


 [![AUR](https://img.shields.io/badge/license-Apache%20License%202.0-blue.svg)](https://github.com/zhangdaiscott/jeecg-boot/blob/master/LICENSE)
 [![](https://img.shields.io/badge/Author-guojusoft-orange.svg)](http://www.jeecg.com)
 [![](https://img.shields.io/badge/Blog-blog-blue.svg)](https://jeecg.blog.csdn.net)
-[![](https://img.shields.io/badge/version-3.6.1-brightgreen.svg)](https://github.com/zhangdaiscott/jeecg-boot)
+[![](https://img.shields.io/badge/version-3.6.2-brightgreen.svg)](https://github.com/zhangdaiscott/jeecg-boot)
 [![GitHub stars](https://img.shields.io/github/stars/zhangdaiscott/jeecg-boot.svg?style=social&label=Stars)](https://github.com/zhangdaiscott/jeecg-boot)
 [![GitHub forks](https://img.shields.io/github/forks/zhangdaiscott/jeecg-boot.svg?style=social&label=Fork)](https://github.com/zhangdaiscott/jeecg-boot)

--- a/README.md
+++ b/README.md
@ -7,13 +7,13 @@
 JEECG BOOT 低代码开发平台
 ===============

-当前最新版本： 3.6.1（发布日期：2023-12-11） 
+当前最新版本： 3.6.2（发布日期：2024-01-08） 


 [![AUR](https://img.shields.io/badge/license-Apache%20License%202.0-blue.svg)](https://github.com/zhangdaiscott/jeecg-boot/blob/master/LICENSE)
 [![](https://img.shields.io/badge/Author-北京国炬软件-orange.svg)](http://jeecg.com/aboutusIndex)
 [![](https://img.shields.io/badge/Blog-官方博客-blue.svg)](https://jeecg.blog.csdn.net)
-[![](https://img.shields.io/badge/version-3.6.1-brightgreen.svg)](https://github.com/zhangdaiscott/jeecg-boot)
+[![](https://img.shields.io/badge/version-3.6.2-brightgreen.svg)](https://github.com/zhangdaiscott/jeecg-boot)
 [![GitHub stars](https://img.shields.io/github/stars/zhangdaiscott/jeecg-boot.svg?style=social&label=Stars)](https://github.com/zhangdaiscott/jeecg-boot)
 [![GitHub forks](https://img.shields.io/github/forks/zhangdaiscott/jeecg-boot.svg?style=social&label=Fork)](https://github.com/zhangdaiscott/jeecg-boot)

@ -49,6 +49,7 @@ Jeecg-Boot低代码开发平台，可以应用在任何J2EE项目的开发中，
 | Github | [jeecgboot-vue3](https://github.com/jeecgboot/jeecgboot-vue3)   | [jeecg-boot](https://github.com/jeecgboot/jeecg-boot) |
 | 码云 | [jeecgboot-vue3](https://gitee.com/jeecg/jeecgboot-vue3)   | [jeecg-boot](https://gitee.com/jeecg/jeecg-boot) |

+> 官方已推出 `SpringBoot3+JDK17版本` [分支源码下载](https://github.com/jeecgboot/jeecg-boot/tree/springboot3)  |  [升级SpringBoot3博客](https://blog.csdn.net/zhangdaiscott/article/details/134805602)

 #### 项目说明

@ -57,7 +58,6 @@ Jeecg-Boot低代码开发平台，可以应用在任何J2EE项目的开发中，
 | `jeecgboot-vue3` | 前端源码 (Vue3版本) |
 | `jeecg-boot`    | 后端JAVA源码（支持微服务）        |
 | `jeecg-uniapp` | [APP开发框架，一份代码多终端适配，同时支持APP、小程序、H5](https://github.com/jeecgboot/jeecg-uniapp) |
-| `SpringBoot3+JDK17 后端分支`    | [分支源码](https://github.com/jeecgboot/jeecg-boot/tree/springboot3)  [升级博客](https://blog.csdn.net/zhangdaiscott/article/details/134805602)        |
 | `更多开源项目` | [更多底层源码下载](http://jeecg.com/download) |


@ -83,7 +83,7 @@ Docker快速启动项目
 -----------------------------------

 - 项目官网：  [http://www.jeecg.com](http://www.jeecg.com)
- 开发文档：  [http://help.jeecg.com](http://help.jeecg.com)
+- 开发文档：  [https://help.jeecg.com](https://help.jeecg.com)
 - 新手指南： [快速入门](http://www.jeecg.com/doc/quickstart)  |   [常见问题 ](http://www.jeecg.com/doc/qa) |  [视频教程](https://space.bilibili.com/454617261/channel/series)  |  [1分钟低代码体验](https://my.oschina.net/jeecg/blog/3083313) 

 - 在线演示 ：  [Vue3演示](http://boot3.jeecg.com)   | [APP演示](http://jeecg.com/appIndex) |  [敲敲云零代码](https://qiaoqiaoyun.com)
--- a/db/jeecgboot-mysql-5.7.sql
+++ b/db/jeecgboot-mysql-5.7.sql
--- a/db/其他数据库/jeecgboot-oracle11g.dmp
+++ b/db/其他数据库/jeecgboot-oracle11g.dmp
--- a/db/其他数据库/jeecgboot-oracle11g.sql
+++ b/db/其他数据库/jeecgboot-oracle11g.sql
--- a/db/其他数据库/jeecgboot-sqlserver2019.sql
+++ b/db/其他数据库/jeecgboot-sqlserver2019.sql
--- a/db/增量SQL/3.6.0升级到3.6.1升级脚本.sql
+++ b/db/增量SQL/3.6.0升级到3.6.1升级脚本.sql
@ -1,11 +0,0 @@
-- 新增风格一对多内嵌和Tab风格
-INSERT INTO sys_permission (id, parent_id, name, url, component, is_route, component_name, redirect, menu_type, perms, perms_type, sort_no, always_show, icon, is_leaf, keep_alive, hidden, hide_tab, description, create_by, create_time, update_by, update_time, del_flag, rule_flag, status, internal_or_external)
- VALUES ('1691031996d5931315212', '1455100420297859074', 'AUTO在线一对多内嵌', '/online/cgformInnerTableList/:id', 'super/online/cgform/auto/innerTable/OnlCgformInnerTableList', 1, '', NULL, 1, NULL, '0', 1.00, 0, NULL, 1, 0, 1, 0, NULL, 'admin', '2023-08-14 18:20:20', 'admin', '2023-08-14 18:46:18', 0, 0, NULL, 0);
-INSERT INTO sys_permission (id, parent_id, name, url, component, is_route, component_name, redirect, menu_type, perms, perms_type, sort_no, always_show, icon, is_leaf, keep_alive, hidden, hide_tab, description, create_by, create_time, update_by, update_time, del_flag, rule_flag, status, internal_or_external)
- VALUES ('1691031996d5931315213', '1455100420297859074', 'AUTO在线Tab风格', '/online/cgformTabList/:id', 'super/online/cgform/auto/tab/OnlCgformTabList', 1, '', NULL, 1, NULL, '0', 1.00, 0, NULL, 1, 0, 1, 0, NULL, 'admin', '2023-08-14 18:20:20', 'admin', '2023-08-14 18:46:18', 0, 0, NULL, 0);
-
-- 【安全】online敏感接口，加权限注解（sql解析接口、同步数据库接口、导入表接口）
-INSERT INTO sys_permission (id, parent_id, name, url, component, is_route, component_name, redirect, menu_type, perms, perms_type, sort_no, always_show, icon, is_leaf, keep_alive, hidden, hide_tab, description, create_by, create_time, update_by, update_time, del_flag, rule_flag, status, internal_or_external) VALUES ('1699374704168534017', '1460888189937176577', 'SQL解析', NULL, NULL, 0, NULL, NULL, 2, 'online:report:parseSql', '1', NULL, 0, NULL, 1, 0, 0, 0, NULL, 'admin', '2023-09-06 18:51:17', NULL, NULL, 0, 0, '1', 0);
-INSERT INTO sys_permission (id, parent_id, name, url, component, is_route, component_name, redirect, menu_type, perms, perms_type, sort_no, always_show, icon, is_leaf, keep_alive, hidden, hide_tab, description, create_by, create_time, update_by, update_time, del_flag, rule_flag, status, internal_or_external) VALUES ('1699374509749960705', '1455101470794850305', '查询数据库表名', NULL, NULL, 0, NULL, NULL, 2, 'online:form:queryTables', '1', NULL, 0, NULL, 1, 0, 0, 0, NULL, 'admin', '2023-09-06 18:50:31', NULL, NULL, 0, 0, '1', 0);
-INSERT INTO sys_permission (id, parent_id, name, url, component, is_route, component_name, redirect, menu_type, perms, perms_type, sort_no, always_show, icon, is_leaf, keep_alive, hidden, hide_tab, description, create_by, create_time, update_by, update_time, del_flag, rule_flag, status, internal_or_external) VALUES ('1699374269152100354', '1455101470794850305', '同步数据库', NULL, NULL, 0, NULL, NULL, 2, 'online:form:syncDb', '1', NULL, 0, NULL, 1, 0, 0, 0, NULL, 'admin', '2023-09-06 18:49:33', NULL, NULL, 0, 0, '1', 0);
-update sys_permission set is_leaf=0 where id in ('1460888189937176577','1455101470794850305');
--- a/db/增量SQL/sas升级脚本.sql
+++ b/db/增量SQL/sas升级脚本.sql
@ -1,45 +0,0 @@
-CREATE TABLE `oauth2_registered_client` (
-  `id` varchar(100) NOT NULL,
-  `client_id` varchar(100) NOT NULL,
-  `client_id_issued_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
-  `client_secret` varchar(200) DEFAULT NULL,
-  `client_secret_expires_at` timestamp NULL DEFAULT NULL,
-  `client_name` varchar(200) NOT NULL,
-  `client_authentication_methods` varchar(1000) NOT NULL,
-  `authorization_grant_types` varchar(1000) NOT NULL,
-  `redirect_uris` varchar(1000) DEFAULT NULL,
-  `post_logout_redirect_uris` varchar(1000) DEFAULT NULL,
-  `scopes` varchar(1000) NOT NULL,
-  `client_settings` varchar(2000) NOT NULL,
-  `token_settings` varchar(2000) NOT NULL,
-  PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci;
-
-INSERT INTO `oauth2_registered_client`
-(`id`,
-`client_id`,
-`client_id_issued_at`,
-`client_secret`,
-`client_secret_expires_at`,
-`client_name`,
-`client_authentication_methods`,
-`authorization_grant_types`,
-`redirect_uris`,
-`post_logout_redirect_uris`,
-`scopes`,
-`client_settings`,
-`token_settings`)
-VALUES
-('3eacac0e-0de9-4727-9a64-6bdd4be2ee1f',
-'jeecg-client',
-now(),
-'secret',
-null,
-'3eacac0e-0de9-4727-9a64-6bdd4be2ee1f',
-'client_secret_basic',
-'refresh_token,authorization_code,password,app,phone,social',
-'http://127.0.0.1:8080/jeecg-',
-'http://127.0.0.1:8080/',
-'*',
-'{"@class":"java.util.Collections$UnmodifiableMap","settings.client.require-proof-key":false,"settings.client.require-authorization-consent":true}',
-'{"@class":"java.util.Collections$UnmodifiableMap","settings.token.reuse-refresh-tokens":true,"settings.token.id-token-signature-algorithm":["org.springframework.security.oauth2.jose.jws.SignatureAlgorithm","RS256"],"settings.token.access-token-time-to-live":["java.time.Duration",300000.000000000],"settings.token.access-token-format":{"@class":"org.springframework.security.oauth2.server.authorization.settings.OAuth2TokenFormat","value":"self-contained"},"settings.token.refresh-token-time-to-live":["java.time.Duration",3600.000000000],"settings.token.authorization-code-time-to-live":["java.time.Duration",300000.000000000],"settings.token.device-code-time-to-live":["java.time.Duration",300000.000000000]}');
--- a/db/增量SQL/版本升级说明.txt
+++ b/db/增量SQL/版本升级说明.txt
@ -1,11 +0,0 @@
-版本升级方法？
-
-  JeecgBoot属于平台级产品，每次升级改动内容较多，目前做不到平滑升级。
-
-  升级方案建议：
-  1.代码升级  => 本地版本通过svn或者git做好主干，在分支上做业务开发，jeecg每次版本发布，可以手工覆盖主干的代码，对比合并代码；
-  2.数据库升级 => 针对数据库我们每次发布会提供增量升级SQL，可以通过执行增量SQL实现数据库的升级。
-  3.兼容问题 => 每次版本发布会针对不兼容地方标注说明，需要手工修改不兼容的代码。
-
-  注意： 升级sql目前只提供mysql版本，执行完脚步后，新菜单需要手工进行角色授权，刷新首页才会出现。
-  【20230820 放开了系统管理等模块权限注解，如果没权限请通过角色授权授权对应的按钮权限】
--- a/db/版本升级说明.md
+++ b/db/版本升级说明.md
@ -0,0 +1,15 @@
+# 版本升级方法
+
+> JeecgBoot属于平台级产品，每次升级改动较大，目前做不到平滑升级。
+
+### 增量升级方案
+#### 1.代码合并
+ 本地通过svn或git做好主干，在分支上做业务开发，jeecg每次版本发布，可以手工覆盖主干的代码，对比合并代码；
+
+#### 2.数据库升级
+- 从3.6.2+版本增加flyway自动升级数据库机制，支持 mysql5.7、mysql8; 
+- 其他库请手工执行SQL, 目录： `jeecg-module-system\jeecg-system-start\src\main\resources\flyway\sql\mysql`
+> 注意： 升级sql只提供mysql版本；如果有权限升级, 还需要手工角色授权，退出重新登录才好使。
+
+#### 3.兼容问题
+ 每次发版，会针对不兼容地方重点说明。
--- a/jeecg-boot-base-core/pom.xml
+++ b/jeecg-boot-base-core/pom.xml
@ -4,7 +4,7 @@
 	<parent>
 		<groupId>org.jeecgframework.boot</groupId>
 		<artifactId>jeecg-boot-parent</artifactId>
-		<version>3.6.1</version>
+		<version>3.6.2</version>
 	</parent>
 	<modelVersion>4.0.0</modelVersion>
 	<artifactId>jeecg-boot-base-core</artifactId>
@ -173,19 +173,81 @@
 			<version>${java-jwt.version}</version>
 		</dependency>

+		<!--shiro-->
+		<dependency>
+			<groupId>org.apache.shiro</groupId>
+			<artifactId>shiro-spring-boot-starter</artifactId>
+			<version>${shiro.version}</version>
+			<exclusions>
+				<exclusion>
+					<groupId>org.apache.shiro</groupId>
+					<artifactId>shiro-spring</artifactId>
+				</exclusion>
+			</exclusions>
+		</dependency>
+		<!-- shiro-redis -->
+		<dependency>
+			<groupId>org.crazycake</groupId>
+			<artifactId>shiro-redis</artifactId>
+			<version>${shiro-redis.version}</version>
+			<exclusions>
+				<exclusion>
+					<groupId>org.apache.shiro</groupId>
+					<artifactId>shiro-core</artifactId>
+				</exclusion>
+				<exclusion>
+					<artifactId>checkstyle</artifactId>
+					<groupId>com.puppycrawl.tools</groupId>
+				</exclusion>
+				<!-- TODO shiro 无法使用 spring boot 3.X 自带的jedis，降版本处理 -->
+				<exclusion>
+					<artifactId>jedis</artifactId>
+					<groupId>redis.clients</groupId>
+				</exclusion>
+			</exclusions>
+		</dependency>
+		<!-- TODO shiro 无法使用 spring boot 3.X 自带的jedis，降版本处理 -->
+		<dependency>
+			<groupId>redis.clients</groupId>
+			<artifactId>jedis</artifactId>
+			<version>${jedis.version}</version>
+		</dependency>

 		<dependency>
-			<groupId>org.springframework.boot</groupId>
-			<artifactId>spring-boot-starter-oauth2-authorization-server</artifactId>
+			<groupId>org.apache.shiro</groupId>
+			<artifactId>shiro-spring</artifactId>
+			<classifier>jakarta</classifier>
+			<version>${shiro.version}</version>
+			<!-- 排除仍使用了javax.servlet的依赖 -->
+			<exclusions>
+				<exclusion>
+					<groupId>org.apache.shiro</groupId>
+					<artifactId>shiro-core</artifactId>
+				</exclusion>
+				<exclusion>
+					<groupId>org.apache.shiro</groupId>
+					<artifactId>shiro-web</artifactId>
+				</exclusion>
+			</exclusions>
+		</dependency>
+		<!-- 引入适配jakarta的依赖包 -->
+		<dependency>
+			<groupId>org.apache.shiro</groupId>
+			<artifactId>shiro-core</artifactId>
+			<classifier>jakarta</classifier>
+			<version>${shiro.version}</version>
 		</dependency>
 		<dependency>
-			<groupId>org.springframework.boot</groupId>
-			<artifactId>spring-boot-starter-oauth2-resource-server</artifactId>
-		</dependency>
-		<!-- 添加spring security cas支持 -->
-		<dependency>
-			<groupId>org.springframework.security</groupId>
-			<artifactId>spring-security-cas</artifactId>
+			<groupId>org.apache.shiro</groupId>
+			<artifactId>shiro-web</artifactId>
+			<classifier>jakarta</classifier>
+			<version>${shiro.version}</version>
+			<exclusions>
+				<exclusion>
+					<groupId>org.apache.shiro</groupId>
+					<artifactId>shiro-core</artifactId>
+				</exclusion>
+			</exclusions>
 		</dependency>

 		<!-- knife4j -->
--- a/jeecg-boot-base-core/src/main/java/org/apache/shiro/SecurityUtils.java
+++ b/jeecg-boot-base-core/src/main/java/org/apache/shiro/SecurityUtils.java
@ -1,21 +0,0 @@
-package org.apache.shiro;
-
-import org.apache.shiro.subject.Subject;
-
-/**
- * 兼容处理Online功能使用处理，请勿修改
- * @author eightmonth@qq.com
- * @date 2024/4/29 14:05
- */
-public class SecurityUtils {
-
-
-    public static Subject getSubject() {
-        return new Subject() {
-            @Override
-            public Object getPrincipal() {
-                return Subject.super.getPrincipal();
-            }
-        };
-    }
-}
--- a/jeecg-boot-base-core/src/main/java/org/apache/shiro/subject/Subject.java
+++ b/jeecg-boot-base-core/src/main/java/org/apache/shiro/subject/Subject.java
@ -1,14 +0,0 @@
-package org.apache.shiro.subject;
-
-import org.jeecg.config.security.utils.SecureUtil;
-
-/**
- * 兼容处理Online功能使用处理，请勿修改
- * @author eightmonth@qq.com
- * @date 2024/4/29 14:18
- */
-public interface Subject {
-    default Object getPrincipal() {
-        return SecureUtil.currentUser();
-    }
-}
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/common/api/CommonAPI.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/common/api/CommonAPI.java
@ -1,6 +1,5 @@
 package org.jeecg.common.api;

-import com.alibaba.fastjson.JSONObject;
 import org.jeecg.common.system.vo.*;

 import java.util.List;
@ -51,13 +50,6 @@ public interface CommonAPI {
     */
    public LoginUser getUserByName(String username);

-    /**
-     * 5根据用户手机号查询用户信息
-     * @param username
-     * @return
-     */
-    public LoginUser getUserByPhone(String phone);
-

    /**
     * 6字典表的 翻译
@ -125,41 +117,17 @@ public interface CommonAPI {
     */
    Map<String, List<DictModel>> translateManyDict(String dictCodes, String keys);

+    //update-begin---author:chenrui ---date:20231221  for：[issues/#5643]解决分布式下表字典跨库无法查询问题------------
    /**
     * 15 字典表的 翻译，可批量
     * @param table
     * @param text
     * @param code
     * @param keys 多个用逗号分割
+     * @param dataSource 数据源
     * @return
     */
-    List<DictModel> translateDictFromTableByKeys(String table, String text, String code, String keys);
-
-    /**
-     * 登录加载系统字典
-     * @return
-     */
-    Map<String,List<DictModel>> queryAllDictItems();
-
-    /**
-     * 查询SysDepart集合
-     * @param userId
-     * @return
-     */
-    List<SysDepartModel> queryUserDeparts(String userId);
-
-    /**
-     * 根据用户名设置部门ID
-     * @param username
-     * @param orgCode
-     */
-    void updateUserDepart(String username,String orgCode,Integer loginTenantId);
-
-    /**
-     * 设置登录租户
-     * @param username
-     * @return
-     */
-    JSONObject setLoginTenant(String username);
+    List<DictModel> translateDictFromTableByKeys(String table, String text, String code, String keys, String dataSource);
+    //update-end---author:chenrui ---date:20231221  for：[issues/#5643]解决分布式下表字典跨库无法查询问题------------

 }
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/common/aspect/AutoLogAspect.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/common/aspect/AutoLogAspect.java
@ -1,8 +1,8 @@
 package org.jeecg.common.aspect;

-import com.alibaba.fastjson.JSON;
 import com.alibaba.fastjson.JSONObject;
 import com.alibaba.fastjson.serializer.PropertyFilter;
+import org.apache.shiro.SecurityUtils;
 import org.aspectj.lang.JoinPoint;
 import org.aspectj.lang.ProceedingJoinPoint;
 import org.aspectj.lang.annotation.Around;
@ -15,14 +15,12 @@ import org.jeecg.common.aspect.annotation.AutoLog;
 import org.jeecg.common.constant.CommonConstant;
 import org.jeecg.common.constant.enums.ModuleType;
 import org.jeecg.common.constant.enums.OperateTypeEnum;
-import org.jeecg.config.security.utils.SecureUtil;
 import org.jeecg.modules.base.service.BaseCommonService;
 import org.jeecg.common.system.vo.LoginUser;
 import org.jeecg.common.util.IpUtils;
 import org.jeecg.common.util.SpringContextUtils;
 import org.jeecg.common.util.oConvertUtils;
 import org.springframework.core.LocalVariableTableParameterNameDiscoverer;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Component;
 import org.springframework.validation.BindingResult;
 import org.springframework.web.multipart.MultipartFile;
@ -102,7 +100,7 @@ public class AutoLogAspect {
        //设置IP地址
        dto.setIp(IpUtils.getIpAddr(request));
        //获取登录用户信息
-        LoginUser sysUser = SecureUtil.currentUser();
+        LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
        if(sysUser!=null){
            dto.setUserid(sysUser.getUsername());
            dto.setUsername(sysUser.getRealname());
@ -160,9 +158,6 @@ public class AutoLogAspect {
                    if(value!=null && value.toString().length()>length){
                        return false;
                    }
-                    if(value instanceof MultipartFile){
-                        return false;
-                    }
                    return true;
                }
            };
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/common/aspect/DictAspect.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/common/aspect/DictAspect.java
@ -140,11 +140,15 @@ public class DictAspect {
                            String code = field.getAnnotation(Dict.class).dicCode();
                            String text = field.getAnnotation(Dict.class).dicText();
                            String table = field.getAnnotation(Dict.class).dictTable();
-
+                            //update-begin---author:chenrui ---date:20231221  for：[issues/#5643]解决分布式下表字典跨库无法查询问题------------
+                            String dataSource = field.getAnnotation(Dict.class).ds();
+                            //update-end---author:chenrui ---date:20231221  for：[issues/#5643]解决分布式下表字典跨库无法查询问题------------
                            List<String> dataList;
                            String dictCode = code;
                            if (!StringUtils.isEmpty(table)) {
-                                dictCode = String.format("%s,%s,%s", table, text, code);
+                                //update-begin---author:chenrui ---date:20231221  for：[issues/#5643]解决分布式下表字典跨库无法查询问题------------
+                                dictCode = String.format("%s,%s,%s,%s", table, text, code, dataSource);
+                                //update-end---author:chenrui ---date:20231221  for：[issues/#5643]解决分布式下表字典跨库无法查询问题------------
                            }
                            dataList = dataListMap.computeIfAbsent(dictCode, k -> new ArrayList<>());
                            this.listAddAllDeduplicate(dataList, Arrays.asList(value.split(",")));
@ -169,10 +173,15 @@ public class DictAspect {
                        String code = field.getAnnotation(Dict.class).dicCode();
                        String text = field.getAnnotation(Dict.class).dicText();
                        String table = field.getAnnotation(Dict.class).dictTable();
-
+                        //update-begin---author:chenrui ---date:20231221  for：[issues/#5643]解决分布式下表字典跨库无法查询问题------------
+                        // 自定义的字典表数据源
+                        String dataSource = field.getAnnotation(Dict.class).ds();
+                        //update-end---author:chenrui ---date:20231221  for：[issues/#5643]解决分布式下表字典跨库无法查询问题------------
                        String fieldDictCode = code;
                        if (!StringUtils.isEmpty(table)) {
-                            fieldDictCode = String.format("%s,%s,%s", table, text, code);
+                            //update-begin---author:chenrui ---date:20231221  for：[issues/#5643]解决分布式下表字典跨库无法查询问题------------
+                            fieldDictCode = String.format("%s,%s,%s,%s", table, text, code, dataSource);
+                            //update-end---author:chenrui ---date:20231221  for：[issues/#5643]解决分布式下表字典跨库无法查询问题------------
                        }

                        String value = record.getString(field.getName());
@ -274,9 +283,18 @@ public class DictAspect {
                String[] arr = dictCode.split(",");
                String table = arr[0], text = arr[1], code = arr[2];
                String values = String.join(",", needTranslDataTable);
+                //update-begin---author:chenrui ---date:20231221  for：[issues/#5643]解决分布式下表字典跨库无法查询问题------------
+                // 自定义的数据源
+                String dataSource = null;
+                if (arr.length > 3) {
+                    dataSource = arr[3];
+                }
+                //update-end---author:chenrui ---date:20231221  for：[issues/#5643]解决分布式下表字典跨库无法查询问题------------
                log.debug("translateDictFromTableByKeys.dictCode:" + dictCode);
                log.debug("translateDictFromTableByKeys.values:" + values);
-                List<DictModel> texts = commonApi.translateDictFromTableByKeys(table, text, code, values);
+                //update-begin---author:chenrui ---date:20231221  for：[issues/#5643]解决分布式下表字典跨库无法查询问题------------
+                List<DictModel> texts = commonApi.translateDictFromTableByKeys(table, text, code, values, dataSource);
+                //update-end---author:chenrui ---date:20231221  for：[issues/#5643]解决分布式下表字典跨库无法查询问题------------
                log.debug("translateDictFromTableByKeys.result:" + texts);
                List<DictModel> list = translText.computeIfAbsent(dictCode, k -> new ArrayList<>());
                list.addAll(texts);
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/common/aspect/annotation/Dict.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/common/aspect/annotation/Dict.java
@ -39,4 +39,16 @@ public @interface Dict {
     * @return 返回类型： String
     */
    String dictTable() default "";
+
+
+    //update-begin---author:chenrui ---date:20231221  for：[issues/#5643]解决分布式下表字典跨库无法查询问题------------
+    /**
+     * 方法描述: 数据字典表所在数据源名称
+     * 作    者： chenrui
+     * 日    期： 2023年12月20日-下午4:58
+     *
+     * @return 返回类型： String
+     */
+    String ds() default "";
+    //update-end---author:chenrui ---date:20231221  for：[issues/#5643]解决分布式下表字典跨库无法查询问题------------
 }
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/common/constant/CommonConstant.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/common/constant/CommonConstant.java
@ -69,6 +69,8 @@ public interface CommonConstant {
 	
 	/** {@code 500 Server Error} (HTTP/1.0 - RFC 1945) */
    Integer SC_INTERNAL_SERVER_ERROR_500 = 500;
+    /** {@code 404 Not Found} (HTTP/1.0 - RFC 1945) */
+    Integer SC_INTERNAL_NOT_FOUND_404 = 404;
    /** {@code 200 OK} (HTTP/1.0 - RFC 1945) */
    Integer SC_OK_200 = 200;
    
@ -78,7 +80,7 @@ public interface CommonConstant {
    /** 登录用户Shiro权限缓存KEY前缀 */
    public static String PREFIX_USER_SHIRO_CACHE  = "shiro:cache:org.jeecg.config.shiro.ShiroRealm.authorizationCache:";
    /** 登录用户Token令牌缓存KEY前缀 */
-    String PREFIX_USER_TOKEN  = "token::jeecg-client::";
+    String PREFIX_USER_TOKEN  = "prefix_user_token:";
 //    /** Token缓存时间：3600秒即一小时 */
 //    int  TOKEN_EXPIRE_TIME  = 3600;

--- a/jeecg-boot-base-core/src/main/java/org/jeecg/common/constant/DataBaseConstant.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/common/constant/DataBaseConstant.java
@ -17,6 +17,9 @@ public interface DataBaseConstant {

    /**postgreSQL达梦数据库*/
 	public static final String DB_TYPE_POSTGRESQL = "POSTGRESQL";
+	
+    /**人大金仓数据库*/
+	public static final String DB_TYPE_KINGBASEES = "KINGBASEES";

    /**sqlserver数据库*/
 	public static final String DB_TYPE_SQLSERVER = "SQLSERVER";
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/common/exception/JeecgBootException.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/common/exception/JeecgBootException.java
@ -1,5 +1,7 @@
 package org.jeecg.common.exception;

+import org.jeecg.common.constant.CommonConstant;
+
 /**
 * @Description: jeecg-boot自定义异常
 * @author: jeecg-boot
@ -7,10 +9,24 @@ package org.jeecg.common.exception;
 public class JeecgBootException extends RuntimeException {
 	private static final long serialVersionUID = 1L;

+	/**
+	 * 返回给前端的错误code
+	 */
+	private int errCode = CommonConstant.SC_INTERNAL_SERVER_ERROR_500;
+
 	public JeecgBootException(String message){
 		super(message);
 	}
-	
+
+	public JeecgBootException(String message, int errCode){
+		super(message);
+		this.errCode = errCode;
+	}
+
+	public int getErrCode() {
+		return errCode;
+	}
+
 	public JeecgBootException(Throwable cause)
 	{
 		super(cause);
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/common/exception/JeecgBootExceptionHandler.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/common/exception/JeecgBootExceptionHandler.java
@ -2,17 +2,16 @@ package org.jeecg.common.exception;

 import cn.hutool.core.util.ObjectUtil;
 import lombok.extern.slf4j.Slf4j;
+import org.apache.shiro.authz.AuthorizationException;
+import org.apache.shiro.authz.UnauthorizedException;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.enums.SentinelErrorInfoEnum;
 import org.springframework.dao.DataIntegrityViolationException;
 import org.springframework.dao.DuplicateKeyException;
 import org.springframework.data.redis.connection.PoolException;
 import org.springframework.http.HttpStatus;
-import org.springframework.security.access.AccessDeniedException;
-import org.springframework.security.core.AuthenticationException;
 import org.springframework.web.HttpRequestMethodNotSupportedException;
 import org.springframework.web.bind.annotation.ExceptionHandler;
-import org.springframework.web.bind.annotation.ResponseBody;
 import org.springframework.web.bind.annotation.ResponseStatus;
 import org.springframework.web.bind.annotation.RestControllerAdvice;
 import org.springframework.web.multipart.MaxUploadSizeExceededException;
@ -28,31 +27,13 @@ import org.springframework.web.servlet.NoHandlerFoundException;
@Slf4j
 public class JeecgBootExceptionHandler {

-	/**
-	 * 验证码错误异常
-	 */
-
-	@ExceptionHandler(JeecgCaptchaException.class)
-	@ResponseStatus(HttpStatus.OK)
-	public Result<?> handleJeecgCaptchaException(JeecgCaptchaException e) {
-		log.error(e.getMessage(), e);
-		return Result.error(e.getCode(), e.getMessage());
-	}
-
-	@ExceptionHandler(AuthenticationException.class)
-	@ResponseStatus(HttpStatus.OK)
-	public Result<?> handleJeecgCaptchaException(AuthenticationException e) {
-		log.error(e.getMessage(), e);
-		return Result.error(401, e.getMessage());
-	}
-
 	/**
 	 * 处理自定义异常
 	 */
 	@ExceptionHandler(JeecgBootException.class)
 	public Result<?> handleJeecgBootException(JeecgBootException e){
 		log.error(e.getMessage(), e);
-		return Result.error(e.getMessage());
+		return Result.error(e.getErrCode(), e.getMessage());
 	}

 	/**
@ -86,8 +67,9 @@ public class JeecgBootExceptionHandler {
 		return Result.error("数据库中已存在该记录");
 	}

-	@ExceptionHandler(AccessDeniedException.class)
-	public Result<?> handleAuthorizationException(AccessDeniedException e){
+	@ExceptionHandler({UnauthorizedException.class, AuthorizationException.class})
+	public Result<?> handleAuthorizationException(AuthorizationException e){
+		log.error(e.getMessage(), e);
 		return Result.noauth("没有权限，请联系管理员授权");
 	}

--- a/jeecg-boot-base-core/src/main/java/org/jeecg/common/exception/JeecgCaptchaException.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/common/exception/JeecgCaptchaException.java
@ -1,28 +0,0 @@
-package org.jeecg.common.exception;
-
-import lombok.Data;
-
-/**
- * @author kezhijie@wuhandsj.com
- * @date 2024/1/2 11:38
- */
-@Data
-public class JeecgCaptchaException extends RuntimeException{
-
-    private Integer code;
-
-    private static final long serialVersionUID = -9093410345065209053L;
-
-    public JeecgCaptchaException(Integer code, String message) {
-        super(message);
-        this.code = code;
-    }
-
-    public JeecgCaptchaException(String message, Throwable cause) {
-        super(message, cause);
-    }
-
-    public JeecgCaptchaException(Throwable cause) {
-        super(cause);
-    }
-}
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/common/system/base/controller/JeecgController.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/common/system/base/controller/JeecgController.java
@ -1,18 +1,17 @@
 package org.jeecg.common.system.base.controller;

-import com.alibaba.fastjson.JSON;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import com.baomidou.mybatisplus.extension.service.IService;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.beanutils.PropertyUtils;
+import org.apache.shiro.SecurityUtils;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.system.query.QueryGenerator;
 import org.jeecg.common.system.vo.LoginUser;
 import org.jeecg.common.util.oConvertUtils;
 import org.jeecg.config.JeecgBaseConfig;
-import org.jeecg.config.security.utils.SecureUtil;
 import org.jeecgframework.poi.excel.ExcelImportUtil;
 import org.jeecgframework.poi.excel.def.NormalExcelConstants;
 import org.jeecgframework.poi.excel.entity.ExportParams;
@ -20,7 +19,6 @@ import org.jeecgframework.poi.excel.entity.ImportParams;
 import org.jeecgframework.poi.excel.entity.enmus.ExcelType;
 import org.jeecgframework.poi.excel.view.JeecgEntityExcelView;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.web.multipart.MultipartFile;
 import org.springframework.web.multipart.MultipartHttpServletRequest;
 import org.springframework.web.servlet.ModelAndView;
@ -53,7 +51,7 @@ public class JeecgController<T, S extends IService<T>> {
    protected ModelAndView exportXls(HttpServletRequest request, T object, Class<T> clazz, String title) {
        // Step.1 组装查询条件
        QueryWrapper<T> queryWrapper = QueryGenerator.initQueryWrapper(object, request.getParameterMap());
-        LoginUser sysUser = SecureUtil.currentUser();
+        LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();

        // 过滤选中数据
        String selections = request.getParameter("selections");
@ -91,7 +89,7 @@ public class JeecgController<T, S extends IService<T>> {
    protected ModelAndView exportXlsSheet(HttpServletRequest request, T object, Class<T> clazz, String title,String exportFields,Integer pageNum) {
        // Step.1 组装查询条件
        QueryWrapper<T> queryWrapper = QueryGenerator.initQueryWrapper(object, request.getParameterMap());
-        LoginUser sysUser = SecureUtil.currentUser();
+        LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
        // Step.2 计算分页sheet数据
        double total = service.count();
        int count = (int)Math.ceil(total/pageNum);
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/common/system/util/JwtUtil.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/common/system/util/JwtUtil.java
@ -1,7 +1,5 @@
 package org.jeecg.common.system.util;

-import com.alibaba.fastjson.JSON;
-import com.alibaba.fastjson2.JSONObject;
 import com.auth0.jwt.JWT;
 import com.auth0.jwt.JWTVerifier;
 import com.auth0.jwt.algorithms.Algorithm;
@ -12,17 +10,14 @@ import com.google.common.base.Joiner;

 import java.io.IOException;
 import java.io.OutputStream;
-import java.util.*;
-import java.util.stream.Collectors;
-import java.util.stream.Stream;
-
+import java.util.Date;
 import jakarta.servlet.ServletResponse;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import jakarta.servlet.http.HttpSession;

 import lombok.extern.slf4j.Slf4j;
-import org.jeecg.common.api.CommonAPI;
+import org.apache.shiro.SecurityUtils;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.constant.CommonConstant;
 import org.jeecg.common.constant.DataBaseConstant;
@ -34,22 +29,6 @@ import org.jeecg.common.system.vo.SysUserCacheInfo;
 import org.jeecg.common.util.DateUtils;
 import org.jeecg.common.util.SpringContextUtils;
 import org.jeecg.common.util.oConvertUtils;
-import org.jeecg.config.security.self.SelfAuthenticationProvider;
-import org.jeecg.config.security.self.SelfAuthenticationToken;
-import org.jeecg.config.security.utils.SecureUtil;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.security.oauth2.core.*;
-import org.springframework.security.oauth2.jwt.JwtDecoder;
-import org.springframework.security.oauth2.server.authorization.OAuth2TokenType;
-import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AccessTokenAuthenticationToken;
-import org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationToken;
-import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
-import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
-import org.springframework.security.oauth2.server.authorization.context.AuthorizationServerContextHolder;
-import org.springframework.security.oauth2.server.authorization.token.DefaultOAuth2TokenContext;
-import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenContext;
-import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenGenerator;

 /**
 * @Author Scott
@ -63,8 +42,6 @@ public class JwtUtil {
 	public static final long EXPIRE_TIME = (7 * 12) * 60 * 60 * 1000;
 	static final String WELL_NUMBER = SymbolConstant.WELL_NUMBER + SymbolConstant.LEFT_CURLY_BRACKET;

-	public static final String DEFAULT_CLIENT = "jeecg-client";
-
    /**
     *
     * @param response
@ -100,9 +77,10 @@ public class JwtUtil {
 	public static boolean verify(String token, String username, String secret) {
 		try {
 			// 根据密码生成JWT效验器
-			JwtDecoder jwtDecoder = SpringContextUtils.getBean(JwtDecoder.class);
+			Algorithm algorithm = Algorithm.HMAC256(secret);
+			JWTVerifier verifier = JWT.require(algorithm).withClaim("username", username).build();
 			// 效验TOKEN
-			jwtDecoder.decode(token);
+			DecodedJWT jwt = verifier.verify(token);
 			return true;
 		} catch (Exception exception) {
 			return false;
@ -117,33 +95,24 @@ public class JwtUtil {
 	public static String getUsername(String token) {
 		try {
 			DecodedJWT jwt = JWT.decode(token);
-			LoginUser loginUser = JSONObject.parseObject(jwt.getClaim("sub").asString(), LoginUser.class);
-			return loginUser.getUsername();
+			return jwt.getClaim("username").asString();
 		} catch (JWTDecodeException e) {
 			return null;
 		}
 	}

 	/**
-	 * 生成token
+	 * 生成签名,5min后过期
 	 *
 	 * @param username 用户名
 	 * @param secret   用户的密码
 	 * @return 加密的token
 	 */
 	public static String sign(String username, String secret) {
-		Map<String, Object> additionalParameter = new HashMap<>();
-		additionalParameter.put("username", username);
-
-		RegisteredClientRepository registeredClientRepository = SpringContextUtils.getBean(RegisteredClientRepository.class);
-		SelfAuthenticationProvider selfAuthenticationProvider = SpringContextUtils.getBean(SelfAuthenticationProvider.class);
-
-		OAuth2ClientAuthenticationToken client = new OAuth2ClientAuthenticationToken(Objects.requireNonNull(registeredClientRepository.findByClientId("jeecg-client")), ClientAuthenticationMethod.CLIENT_SECRET_BASIC, null);
-		client.setAuthenticated(true);
-		SelfAuthenticationToken selfAuthenticationToken = new SelfAuthenticationToken(client, additionalParameter);
-		selfAuthenticationToken.setAuthenticated(true);
-		OAuth2AccessTokenAuthenticationToken accessToken = (OAuth2AccessTokenAuthenticationToken) selfAuthenticationProvider.authenticate(selfAuthenticationToken);
-		return accessToken.getAccessToken().getTokenValue();
+		Date date = new Date(System.currentTimeMillis() + EXPIRE_TIME);
+		Algorithm algorithm = Algorithm.HMAC256(secret);
+		// 附带username信息
+		return JWT.create().withClaim("username", username).withExpiresAt(date).sign(algorithm);

 	}

@ -208,7 +177,7 @@ public class JwtUtil {
 		//2.通过shiro获取登录用户信息
 		LoginUser sysUser = null;
 		try {
-			sysUser = SecureUtil.currentUser();
+			sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
 		} catch (Exception e) {
 			log.warn("SecurityUtils.getSubject() 获取用户信息异常：" + e.getMessage());
 		}
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/common/system/vo/LoginUser.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/common/system/vo/LoginUser.java
@ -1,18 +1,13 @@
 package org.jeecg.common.system.vo;

-import com.alibaba.fastjson2.JSON;
 import com.fasterxml.jackson.annotation.JsonFormat;
 import lombok.Data;
 import lombok.EqualsAndHashCode;
 import lombok.experimental.Accessors;
 import org.jeecg.common.desensitization.annotation.SensitiveField;
 import org.springframework.format.annotation.DateTimeFormat;
-import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.userdetails.UserDetails;

-import java.io.Serializable;
 import java.util.Date;
-import java.util.Set;

 /**
 * <p>
@ -25,10 +20,8 @@ import java.util.Set;
@Data
@EqualsAndHashCode(callSuper = false)
@Accessors(chain = true)
-public class LoginUser implements Serializable {
+public class LoginUser {

-
-	private static final long serialVersionUID = -7143159031677245866L;
 	/**
 	 * 登录人id
 	 */
@ -134,29 +127,4 @@ public class LoginUser implements Serializable {
 	/**设备id uniapp推送用*/
 	private String clientId;

-	@SensitiveField
-	private String salt;
-
-	@Override
-	public String toString() {
-		// 重新构建对象过滤一些敏感字段
-		LoginUser loginUser = new LoginUser();
-		loginUser.setId(id);
-		loginUser.setUsername(username);
-		loginUser.setRealname(realname);
-		loginUser.setOrgCode(orgCode);
-		loginUser.setSex(sex);
-		loginUser.setEmail(email);
-		loginUser.setPhone(phone);
-		loginUser.setDelFlag(delFlag);
-		loginUser.setStatus(status);
-		loginUser.setActivitiSync(activitiSync);
-		loginUser.setUserIdentity(userIdentity);
-		loginUser.setDepartIds(departIds);
-		loginUser.setPost(post);
-		loginUser.setTelephone(telephone);
-		loginUser.setRelTenantIds(relTenantIds);
-		loginUser.setClientId(clientId);
-		return JSON.toJSONString(loginUser);
-	}
 }
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/CommonUtils.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/CommonUtils.java
@ -302,7 +302,7 @@ public class CommonUtils {
                    DB_TYPE = DataBaseConstant.DB_TYPE_ORACLE;
                }else if(dbType.indexOf(DataBaseConstant.DB_TYPE_SQLSERVER)>=0||dbType.indexOf(sqlserver)>=0) {
                    DB_TYPE = DataBaseConstant.DB_TYPE_SQLSERVER;
-                }else if(dbType.indexOf(DataBaseConstant.DB_TYPE_POSTGRESQL)>=0) {
+                }else if(dbType.indexOf(DataBaseConstant.DB_TYPE_POSTGRESQL)>=0 || dbType.indexOf(DataBaseConstant.DB_TYPE_KINGBASEES)>=0) {
                    DB_TYPE = DataBaseConstant.DB_TYPE_POSTGRESQL;
                }else if(dbType.indexOf(DataBaseConstant.DB_TYPE_MARIADB)>=0) {
                    DB_TYPE = DataBaseConstant.DB_TYPE_MARIADB;
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/SqlInjectionUtil.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/SqlInjectionUtil.java
@ -29,6 +29,17 @@ public class SqlInjectionUtil {
 	 * 字典专用—sql注入关键词
 	 */
 	private static String specialDictSqlXssStr = "exec |peformance_schema|information_schema|extractvalue|updatexml|geohash|gtid_subset|gtid_subtract|insert |select |delete |update |drop |count |chr |mid |master |truncate |char |declare |;|+|--";
+	/**
+	 * 完整匹配的key，不需要考虑前空格
+	 */
+	private static List<String> FULL_MATCHING_KEYWRODS = new ArrayList<>();
+	static {
+		FULL_MATCHING_KEYWRODS.add(";");
+		FULL_MATCHING_KEYWRODS.add("+");
+		FULL_MATCHING_KEYWRODS.add("--");
+	}
+	
+	
 	/**
 	 * sql注入风险的 正则关键字
 	 *
@ -50,6 +61,8 @@ public class SqlInjectionUtil {
 	 * sql注释的正则
 	 */
 	private final static Pattern SQL_ANNOTATION = Pattern.compile("/\\*[\\s\\S]*\\*/");
+	private final static  String SQL_ANNOTATION2 = "--";
+	
 	/**
 	 * sql注入提示语
 	 */
@ -128,7 +141,13 @@ public class SqlInjectionUtil {
 		if (sql.startsWith(keyword.trim())) {
 			return true;
 		} else if (sql.contains(keyword)) {
-			if (sql.contains(" " + keyword)) {
+			// 需要匹配的，sql注入关键词
+			String matchingText = " " + keyword;
+			if(FULL_MATCHING_KEYWRODS.contains(keyword)){
+				matchingText = keyword;
+			}
+			
+			if (sql.contains(matchingText)) {
 				return true;
 			} else {
 				String regularStr = "\\s+\\S+" + keyword;
@ -244,6 +263,13 @@ public class SqlInjectionUtil {
 	 * @return
 	 */
 	public static void checkSqlAnnotation(String str){
+		if(str.contains(SQL_ANNOTATION2)){
+			String error = "请注意，SQL中不允许含注释，有安全风险！";
+			log.error(error);
+			throw new RuntimeException(error);
+		}
+
+		
 		Matcher matcher = SQL_ANNOTATION.matcher(str);
 		if(matcher.find()){
 			String error = "请注意，值可能存在SQL注入风险---> \\*.*\\";
@ -260,7 +286,7 @@ public class SqlInjectionUtil {
 	 *
 	 * @param table
 	 */
-	private static Pattern tableNamePattern = Pattern.compile("^[a-zA-Z][a-zA-Z0-9_]{0,63}$");
+	private static Pattern tableNamePattern = Pattern.compile("^[a-zA-Z][a-zA-Z0-9_\\$]{0,63}$");
 	public static String getSqlInjectTableName(String table) {
 		if(oConvertUtils.isEmpty(table)){
 			return table;
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/TokenUtils.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/TokenUtils.java
@ -12,12 +12,6 @@ import org.jeecg.common.system.util.JwtUtil;
 import org.jeecg.common.system.vo.LoginUser;

 import jakarta.servlet.http.HttpServletRequest;
-import org.jeecg.config.security.JeecgRedisOAuth2AuthorizationService;
-import org.springframework.data.redis.serializer.SerializationException;
-import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
-import org.springframework.security.oauth2.server.authorization.OAuth2TokenType;
-
-import java.util.Objects;

 /**
 * @Author scott
@ -118,7 +112,7 @@ public class TokenUtils {
            throw new JeecgBoot401Exception("账号已被锁定,请联系管理员!");
        }
        // 校验token是否超时失效 & 或者账号密码是否错误
-        if (!jwtTokenRefresh(token, username, user.getPassword())) {
+        if (!jwtTokenRefresh(token, username, user.getPassword(), redisUtil)) {
            throw new JeecgBoot401Exception(CommonConstant.TOKEN_IS_INVALID_MSG);
        }
        return true;
@ -147,15 +141,6 @@ public class TokenUtils {
        return false;
    }

-    private static boolean jwtTokenRefresh(String token, String userName, String passWord) {
-        JeecgRedisOAuth2AuthorizationService authRedis = SpringContextUtils.getBean(JeecgRedisOAuth2AuthorizationService.class);
-        OAuth2Authorization authorization = authRedis.findByToken(token, OAuth2TokenType.ACCESS_TOKEN);
-        if (Objects.nonNull(authorization) && JwtUtil.verify(token, userName, passWord)) {
-            return true;
-        }
-        return false;
-    }
-
    /**
     * 获取登录用户
     *
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/encryption/AesEncryptUtil.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/encryption/AesEncryptUtil.java
@ -1,9 +1,10 @@
 package org.jeecg.common.util.encryption;

+import org.apache.shiro.codec.Base64;
+
 import javax.crypto.Cipher;
 import javax.crypto.spec.IvParameterSpec;
 import javax.crypto.spec.SecretKeySpec;
-import java.util.Base64;

 /**
 * @Description: AES 加密
@ -48,7 +49,7 @@ public class AesEncryptUtil {
            cipher.init(Cipher.ENCRYPT_MODE, keyspec, ivspec);
            byte[] encrypted = cipher.doFinal(plaintext);

-            return Base64.getEncoder().encodeToString(encrypted);
+            return Base64.encodeToString(encrypted);

        } catch (Exception e) {
            e.printStackTrace();
@ -66,7 +67,7 @@ public class AesEncryptUtil {
     */
    public static String desEncrypt(String data, String key, String iv) throws Exception {
        //update-begin-author:taoyan date:2022-5-23 for:VUEN-1084 【vue3】online表单测试发现的新问题 6、解密报错 ---解码失败应该把异常抛出去，在外面处理
-        byte[] encrypted1 = Base64.getDecoder().decode(data);
+        byte[] encrypted1 = Base64.decode(data);

        Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
        SecretKeySpec keyspec = new SecretKeySpec(key.getBytes(), "AES");
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/filter/SsrfFileTypeFilter.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/filter/SsrfFileTypeFilter.java
@ -61,6 +61,10 @@ public class SsrfFileTypeFilter {
        FILE_TYPE_WHITE_LIST.add("7z");
        FILE_TYPE_WHITE_LIST.add("tar");

+        //app文件后缀
+        FILE_TYPE_WHITE_LIST.add("apk");
+        FILE_TYPE_WHITE_LIST.add("wgt");
+
        //设置禁止文件的头部标记
        FILE_TYPE_MAP.put("3c25402070616765206c", "jsp");
        FILE_TYPE_MAP.put("3c3f7068700a0a2f2a2a0a202a205048", "php");
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/DruidWallConfigRegister.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/DruidWallConfigRegister.java
@ -1,47 +0,0 @@
-package org.jeecg.config;
-
-import org.springframework.boot.SpringApplication;
-import org.springframework.boot.SpringApplicationRunListener;
-import org.springframework.context.ConfigurableApplicationContext;
-import org.springframework.core.env.ConfigurableEnvironment;
-import org.springframework.core.env.MapPropertySource;
-import org.springframework.core.env.MutablePropertySources;
-import org.springframework.core.env.PropertySource;
-
-import java.util.HashMap;
-import java.util.Map;
-
-/**
- * @author eightmonth@qq.com
- * @date 2024/4/8 11:37
- */
-public class DruidWallConfigRegister implements SpringApplicationRunListener {
-
-    public SpringApplication application;
-
-    private String[] args;
-
-
-    /**
-     * 必备，否则启动报错
-     * @param application
-     * @param args
-     */
-    public DruidWallConfigRegister(SpringApplication application, String[] args) {
-        this.application = application;
-        this.args = args;
-    }
-
-    @Override
-    public void contextLoaded(ConfigurableApplicationContext context) {
-        ConfigurableEnvironment env = context.getEnvironment();
-        Map<String, Object> props = new HashMap<>();
-        props.put("spring.datasource.dynamic.druid.wall.selectWhereAlwayTrueCheck", false);
-
-        MutablePropertySources propertySources = env.getPropertySources();
-
-        PropertySource<Map<String, Object>> propertySource = new MapPropertySource("jeecg-datasource-config", props);
-
-        propertySources.addLast(propertySource);
-    }
-}
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/JeecgBaseConfig.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/JeecgBaseConfig.java
@ -32,6 +32,10 @@ public class JeecgBaseConfig {
     */
    private Firewall firewall;
    
+    /**
+     * shiro拦截排除
+     */
+    private Shiro shiro;
    /**
     * 上传文件配置
     */
@ -84,6 +88,14 @@ public class JeecgBaseConfig {
        this.signatureSecret = signatureSecret;
    }

+    public Shiro getShiro() {
+        return shiro;
+    }
+
+    public void setShiro(Shiro shiro) {
+        this.shiro = shiro;
+    }
+
    public Path getPath() {
        return path;
    }
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/WebSocketConfig.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/WebSocketConfig.java
@ -31,7 +31,7 @@ public class WebSocketConfig {
        FilterRegistrationBean bean = new FilterRegistrationBean();
        bean.setFilter(websocketFilter());
        //TODO 临时注释掉，测试下线上socket总断的问题
-        bean.addUrlPatterns("/websocket/*","/eoaSocket/*","/eoaNewChatSocket/*", "/newsWebsocket/*", "/vxeSocket/*");
+        bean.addUrlPatterns("/taskCountSocket/*", "/websocket/*","/eoaSocket/*","/eoaNewChatSocket/*", "/newsWebsocket/*", "/vxeSocket/*");
        return bean;
    }

--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/firewall/interceptor/LowCodeModeInterceptor.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/firewall/interceptor/LowCodeModeInterceptor.java
@ -2,16 +2,19 @@ package org.jeecg.config.firewall.interceptor;

 import com.alibaba.fastjson.JSON;
 import lombok.extern.slf4j.Slf4j;
+import org.apache.shiro.SecurityUtils;
 import org.jeecg.common.api.CommonAPI;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.constant.CommonConstant;
+import org.jeecg.common.exception.JeecgBootException;
 import org.jeecg.common.system.util.JwtUtil;
 import org.jeecg.common.system.vo.LoginUser;
 import org.jeecg.common.util.CommonUtils;
 import org.jeecg.common.util.SpringContextUtils;
 import org.jeecg.config.JeecgBaseConfig;
-import org.jeecg.config.security.utils.SecureUtil;
+import org.jeecg.config.firewall.interceptor.enums.LowCodeUrlsEnum;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.util.AntPathMatcher;
 import org.springframework.web.servlet.HandlerInterceptor;

 import jakarta.annotation.Resource;
@ -63,7 +66,7 @@ public class LowCodeModeInterceptor implements HandlerInterceptor {
        if (jeecgBaseConfig.getFirewall()!=null && LowCodeModeInterceptor.LOW_CODE_MODE_PROD.equals(jeecgBaseConfig.getFirewall().getLowCodeMode())) {
            String requestURI = request.getRequestURI().substring(request.getContextPath().length());
            log.info("低代码模式，拦截请求路径：" + requestURI);
-            LoginUser loginUser = SecureUtil.currentUser();
+            LoginUser loginUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
            Set<String> hasRoles = null;
            if (loginUser == null) {
                loginUser = commonAPI.getUserByName(JwtUtil.getUserNameByToken(SpringContextUtils.getHttpServletRequest()));
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/mybatis/MybatisInterceptor.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/mybatis/MybatisInterceptor.java
@ -6,11 +6,11 @@ import org.apache.ibatis.executor.Executor;
 import org.apache.ibatis.mapping.MappedStatement;
 import org.apache.ibatis.mapping.SqlCommandType;
 import org.apache.ibatis.plugin.*;
+import org.apache.shiro.SecurityUtils;
 import org.jeecg.common.config.TenantContext;
 import org.jeecg.common.constant.TenantConstant;
 import org.jeecg.common.system.vo.LoginUser;
 import org.jeecg.common.util.oConvertUtils;
-import org.jeecg.config.security.utils.SecureUtil;
 import org.springframework.stereotype.Component;

 import java.lang.reflect.Field;
@ -173,7 +173,7 @@ public class MybatisInterceptor implements Interceptor {
 	private LoginUser getLoginUser() {
 		LoginUser sysUser = null;
 		try {
-			sysUser = SecureUtil.currentUser() != null ? SecureUtil.currentUser() : null;
+			sysUser = SecurityUtils.getSubject().getPrincipal() != null ? (LoginUser) SecurityUtils.getSubject().getPrincipal() : null;
 		} catch (Exception e) {
 			//e.printStackTrace();
 			sysUser = null;
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/ClientService.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/ClientService.java
@ -1,90 +0,0 @@
-package org.jeecg.config.security;
-
-import lombok.AllArgsConstructor;
-import org.springframework.security.oauth2.core.AuthorizationGrantType;
-import org.springframework.security.oauth2.jose.jws.SignatureAlgorithm;
-import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
-import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
-import org.springframework.security.oauth2.server.authorization.settings.OAuth2TokenFormat;
-import org.springframework.security.oauth2.server.authorization.settings.TokenSettings;
-import org.springframework.stereotype.Component;
-
-import java.time.Duration;
-import java.util.Set;
-
-/**
- * spring authorization server 注册客户端便捷工具类
- * @author eightmonth@qq.com
- * @date 2024/3/7 11:22
- */
-@Component
-@AllArgsConstructor
-public class ClientService {
-
-    private RegisteredClientRepository registeredClientRepository;
-
-    /**
-     * 修改客户端token有效期
-     * 认证码、设备码有效期与accessToken有效期保持一致
-     */
-    public void updateTokenValidation(String clientId, Long accessTokenValidation, Long refreshTokenValidation){
-        RegisteredClient registeredClient = findByClientId(clientId);
-        RegisteredClient.Builder builder = RegisteredClient.from(registeredClient);
-        TokenSettings tokenSettings = TokenSettings.builder()
-                .idTokenSignatureAlgorithm(SignatureAlgorithm.RS256)
-                .accessTokenTimeToLive(Duration.ofSeconds(accessTokenValidation))
-                .accessTokenFormat(OAuth2TokenFormat.SELF_CONTAINED)
-                .reuseRefreshTokens(true)
-                .refreshTokenTimeToLive(Duration.ofSeconds(refreshTokenValidation))
-                .authorizationCodeTimeToLive(Duration.ofSeconds(accessTokenValidation))
-                .deviceCodeTimeToLive(Duration.ofSeconds(accessTokenValidation))
-                .build();
-        builder.tokenSettings(tokenSettings);
-        registeredClientRepository.save(builder.build());
-    }
-
-    /**
-     * 修改客户端授权类型
-     * @param clientId
-     * @param grantTypes
-     */
-    public void updateGrantType(String clientId, Set<AuthorizationGrantType> grantTypes) {
-        RegisteredClient registeredClient = findByClientId(clientId);
-        RegisteredClient.Builder builder = RegisteredClient.from(registeredClient);
-        for (AuthorizationGrantType grantType : grantTypes) {
-            builder.authorizationGrantType(grantType);
-        }
-        registeredClientRepository.save(builder.build());
-    }
-
-    /**
-     * 修改客户端重定向uri
-     * @param clientId
-     * @param redirectUris
-     */
-    public void updateRedirectUris(String clientId, String redirectUris) {
-        RegisteredClient registeredClient = findByClientId(clientId);
-        RegisteredClient.Builder builder = RegisteredClient.from(registeredClient);
-        builder.redirectUri(redirectUris);
-        registeredClientRepository.save(builder.build());
-    }
-
-    /**
-     * 修改客户端授权范围
-     * @param clientId
-     * @param scopes
-     */
-    public void updateScopes(String clientId, Set<String> scopes) {
-        RegisteredClient registeredClient = findByClientId(clientId);
-        RegisteredClient.Builder builder = RegisteredClient.from(registeredClient);
-        for (String scope : scopes) {
-            builder.scope(scope);
-        }
-        registeredClientRepository.save(builder.build());
-    }
-
-    public RegisteredClient findByClientId(String clientId) {
-        return registeredClientRepository.findByClientId(clientId);
-    }
-
-}
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/JeecgPermissionService.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/JeecgPermissionService.java
@ -1,100 +0,0 @@
-package org.jeecg.config.security;
-
-import cn.hutool.core.util.ArrayUtil;
-import lombok.AllArgsConstructor;
-import lombok.extern.slf4j.Slf4j;
-import org.jeecg.common.api.CommonAPI;
-import org.jeecg.common.system.vo.LoginUser;
-import org.jeecg.common.util.RedisUtil;
-import org.jeecg.config.security.utils.SecureUtil;
-import org.springframework.stereotype.Service;
-import org.springframework.util.PatternMatchUtils;
-import org.springframework.util.StringUtils;
-
-import java.util.Arrays;
-import java.util.Objects;
-import java.util.Set;
-
-/**
- * spring authorization server自定义权限处理，根据@PreAuthorize注解，判断当前用户是否具备权限
- * @author EightMonth
- * @date 2024/1/10 17:00
- */
-@Service("jps")
-@AllArgsConstructor
-@Slf4j
-public class JeecgPermissionService {
-    private final String SPLIT = "::";
-    private final String PERM_PREFIX = "jps" + SPLIT;
-
-    private final CommonAPI commonAPI;
-    private final RedisUtil redisUtil;
-
-    /**
-     * 判断接口是否有任意xxx，xxx权限
-     * @param permissions 权限
-     * @return {boolean}
-     */
-    public boolean requiresPermissions(String... permissions) {
-        if (ArrayUtil.isEmpty(permissions)) {
-            return false;
-        }
-        LoginUser loginUser = SecureUtil.currentUser();
-
-        Object cache = redisUtil.get(buildKey("permission", loginUser.getUsername()));
-        Set<String> permissionList;
-        if (Objects.nonNull(cache)) {
-            permissionList = (Set<String>) cache;
-        } else {
-            permissionList = commonAPI.queryUserAuths(loginUser.getUsername());
-            redisUtil.set(buildKey("permission", loginUser.getUsername()), permissionList);
-        }
-
-        boolean pass = permissionList.stream().filter(StringUtils::hasText)
-                .anyMatch(x -> PatternMatchUtils.simpleMatch(permissions, x));
-        if (!pass) {
-            log.error("权限不足，缺少权限："+ Arrays.toString(permissions));
-        }
-        return pass;
-    }
-
-    /**
-     * 判断接口是否有任意xxx，xxx角色
-     * @param roles 角色
-     * @return {boolean}
-     */
-    public boolean requiresRoles(String... roles) {
-        if (ArrayUtil.isEmpty(roles)) {
-            return false;
-        }
-        LoginUser loginUser = SecureUtil.currentUser();
-
-        Object cache = redisUtil.get(buildKey("role", loginUser.getUsername()));
-        Set<String> roleList;
-        if (Objects.nonNull(cache)) {
-            roleList = (Set<String>) cache;
-        } else {
-            roleList = commonAPI.queryUserRoles(loginUser.getUsername());
-            redisUtil.set(buildKey("role", loginUser.getUsername()), roleList);
-        }
-
-        boolean pass = roleList.stream().filter(StringUtils::hasText)
-                .anyMatch(x -> PatternMatchUtils.simpleMatch(roles, x));
-        if (!pass) {
-            log.error("权限不足，缺少角色：" + Arrays.toString(roles));
-        }
-        return pass;
-    }
-
-    /**
-     * 由于缓存key是以人的维度，角色列表、权限列表在值中，jeecg是以权限列表绑定在角色上，形成的权限集合
-     * 权限发生变更时，需要清理全部人的权限缓存
-     */
-    public void clearCache() {
-        redisUtil.removeAll(PERM_PREFIX);
-    }
-
-    private String buildKey(String type, String username) {
-        return PERM_PREFIX + type + SPLIT + username;
-    }
-}
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/JeecgRedisOAuth2AuthorizationConsentService.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/JeecgRedisOAuth2AuthorizationConsentService.java
@ -1,54 +0,0 @@
-package org.jeecg.config.security;
-
-import lombok.RequiredArgsConstructor;
-import org.springframework.data.redis.core.RedisTemplate;
-import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationConsent;
-import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationConsentService;
-import org.springframework.stereotype.Component;
-import org.springframework.util.Assert;
-
-import java.util.concurrent.TimeUnit;
-
-/**
- * spring authorization server 自定义redis保存授权范围信息
- */
-@Component
-@RequiredArgsConstructor
-public class JeecgRedisOAuth2AuthorizationConsentService implements OAuth2AuthorizationConsentService {
-
-	private final RedisTemplate<String, Object> redisTemplate;
-
-	private final static Long TIMEOUT = 10L;
-
-	@Override
-	public void save(OAuth2AuthorizationConsent authorizationConsent) {
-		Assert.notNull(authorizationConsent, "authorizationConsent cannot be null");
-
-		redisTemplate.opsForValue().set(buildKey(authorizationConsent), authorizationConsent, TIMEOUT,
-				TimeUnit.MINUTES);
-
-	}
-
-	@Override
-	public void remove(OAuth2AuthorizationConsent authorizationConsent) {
-		Assert.notNull(authorizationConsent, "authorizationConsent cannot be null");
-		redisTemplate.delete(buildKey(authorizationConsent));
-	}
-
-	@Override
-	public OAuth2AuthorizationConsent findById(String registeredClientId, String principalName) {
-		Assert.hasText(registeredClientId, "registeredClientId cannot be empty");
-		Assert.hasText(principalName, "principalName cannot be empty");
-		return (OAuth2AuthorizationConsent) redisTemplate.opsForValue()
-				.get(buildKey(registeredClientId, principalName));
-	}
-
-	private static String buildKey(String registeredClientId, String principalName) {
-		return "token:consent:" + registeredClientId + ":" + principalName;
-	}
-
-	private static String buildKey(OAuth2AuthorizationConsent authorizationConsent) {
-		return buildKey(authorizationConsent.getRegisteredClientId(), authorizationConsent.getPrincipalName());
-	}
-
-}
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/JeecgRedisOAuth2AuthorizationService.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/JeecgRedisOAuth2AuthorizationService.java
@ -1,181 +0,0 @@
-package org.jeecg.config.security;
-
-import cn.hutool.core.collection.CollUtil;
-import lombok.RequiredArgsConstructor;
-import org.springframework.data.redis.core.RedisTemplate;
-import org.springframework.data.redis.serializer.RedisSerializer;
-import org.springframework.lang.Nullable;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.oauth2.core.OAuth2AccessToken;
-import org.springframework.security.oauth2.core.OAuth2RefreshToken;
-import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
-import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
-import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationCode;
-import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
-import org.springframework.security.oauth2.server.authorization.OAuth2TokenType;
-import org.springframework.stereotype.Component;
-import org.springframework.util.Assert;
-
-import java.time.temporal.ChronoUnit;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Objects;
-import java.util.Set;
-import java.util.concurrent.TimeUnit;
-
-/**
- * spring authorization server自定义redis保存认证信息
- * @author EightMonth
- */
-@Component
-@RequiredArgsConstructor
-public class JeecgRedisOAuth2AuthorizationService implements OAuth2AuthorizationService {
-
-	private final static Long TIMEOUT = 10L;
-
-	private static final String AUTHORIZATION = "token";
-
-	private final RedisTemplate<String, Object> redisTemplate;
-
-	@Override
-	public void save(OAuth2Authorization authorization) {
-		Assert.notNull(authorization, "authorization cannot be null");
-
-		if (isState(authorization)) {
-			String token = authorization.getAttribute("state");
-			redisTemplate.setValueSerializer(RedisSerializer.java());
-			redisTemplate.opsForValue().set(buildKey(OAuth2ParameterNames.STATE, token), authorization, TIMEOUT,
-					TimeUnit.MINUTES);
-		}
-
-		if (isCode(authorization)) {
-			OAuth2Authorization.Token<OAuth2AuthorizationCode> authorizationCode = authorization
-					.getToken(OAuth2AuthorizationCode.class);
-			OAuth2AuthorizationCode authorizationCodeToken = authorizationCode.getToken();
-			long between = ChronoUnit.MINUTES.between(authorizationCodeToken.getIssuedAt(),
-					authorizationCodeToken.getExpiresAt());
-			redisTemplate.setValueSerializer(RedisSerializer.java());
-			redisTemplate.opsForValue().set(buildKey(OAuth2ParameterNames.CODE, authorizationCodeToken.getTokenValue()),
-					authorization, between, TimeUnit.MINUTES);
-		}
-
-		if (isRefreshToken(authorization)) {
-			OAuth2RefreshToken refreshToken = authorization.getRefreshToken().getToken();
-			long between = ChronoUnit.SECONDS.between(refreshToken.getIssuedAt(), refreshToken.getExpiresAt());
-			redisTemplate.setValueSerializer(RedisSerializer.java());
-			redisTemplate.opsForValue().set(buildKey(OAuth2ParameterNames.REFRESH_TOKEN, refreshToken.getTokenValue()),
-					authorization, between, TimeUnit.SECONDS);
-		}
-
-		if (isAccessToken(authorization)) {
-			OAuth2AccessToken accessToken = authorization.getAccessToken().getToken();
-			long between = ChronoUnit.SECONDS.between(accessToken.getIssuedAt(), accessToken.getExpiresAt());
-			redisTemplate.setValueSerializer(RedisSerializer.java());
-			redisTemplate.opsForValue().set(buildKey(OAuth2ParameterNames.ACCESS_TOKEN, accessToken.getTokenValue()),
-					authorization, between, TimeUnit.SECONDS);
-
-			// 扩展记录 access-token 、username 的关系 1::token::username::admin::xxx
-			String tokenUsername = String.format("%s::%s::%s", AUTHORIZATION, authorization.getPrincipalName(), accessToken.getTokenValue());
-			redisTemplate.opsForValue().set(tokenUsername, accessToken.getTokenValue(), between, TimeUnit.SECONDS);
-		}
-	}
-
-	@Override
-	public void remove(OAuth2Authorization authorization) {
-		Assert.notNull(authorization, "authorization cannot be null");
-
-		List<String> keys = new ArrayList<>();
-		if (isState(authorization)) {
-			String token = authorization.getAttribute("state");
-			keys.add(buildKey(OAuth2ParameterNames.STATE, token));
-		}
-
-		if (isCode(authorization)) {
-			OAuth2Authorization.Token<OAuth2AuthorizationCode> authorizationCode = authorization
-					.getToken(OAuth2AuthorizationCode.class);
-			OAuth2AuthorizationCode authorizationCodeToken = authorizationCode.getToken();
-			keys.add(buildKey(OAuth2ParameterNames.CODE, authorizationCodeToken.getTokenValue()));
-		}
-
-		if (isRefreshToken(authorization)) {
-			OAuth2RefreshToken refreshToken = authorization.getRefreshToken().getToken();
-			keys.add(buildKey(OAuth2ParameterNames.REFRESH_TOKEN, refreshToken.getTokenValue()));
-		}
-
-		if (isAccessToken(authorization)) {
-			OAuth2AccessToken accessToken = authorization.getAccessToken().getToken();
-			keys.add(buildKey(OAuth2ParameterNames.ACCESS_TOKEN, accessToken.getTokenValue()));
-
-			// 扩展记录 access-token 、username 的关系 1::token::username::admin::xxx
-			String key = String.format("%s::%s::%s", AUTHORIZATION, authorization.getPrincipalName(), accessToken.getTokenValue());
-			keys.add(key);
-		}
-
-		redisTemplate.delete(keys);
-	}
-
-	@Override
-	@Nullable
-	public OAuth2Authorization findById(String id) {
-		throw new UnsupportedOperationException();
-	}
-
-	@Override
-	@Nullable
-	public OAuth2Authorization findByToken(String token, @Nullable OAuth2TokenType tokenType) {
-		Assert.hasText(token, "token cannot be empty");
-		Assert.notNull(tokenType, "tokenType cannot be empty");
-		redisTemplate.setValueSerializer(RedisSerializer.java());
-		return (OAuth2Authorization) redisTemplate.opsForValue().get(buildKey(tokenType.getValue(), token));
-	}
-
-	private String buildKey(String type, String id) {
-		return String.format("%s::%s::%s", AUTHORIZATION, type, id);
-	}
-
-	private static boolean isState(OAuth2Authorization authorization) {
-		return Objects.nonNull(authorization.getAttribute("state"));
-	}
-
-	private static boolean isCode(OAuth2Authorization authorization) {
-		OAuth2Authorization.Token<OAuth2AuthorizationCode> authorizationCode = authorization
-				.getToken(OAuth2AuthorizationCode.class);
-		return Objects.nonNull(authorizationCode);
-	}
-
-	private static boolean isRefreshToken(OAuth2Authorization authorization) {
-		return Objects.nonNull(authorization.getRefreshToken());
-	}
-
-	private static boolean isAccessToken(OAuth2Authorization authorization) {
-		return Objects.nonNull(authorization.getAccessToken());
-	}
-
-	/**
-	 * 扩展方法根据 username 查询是否存在存储的
-	 * @param authentication
-	 * @return
-	 */
-	public void removeByUsername(Authentication authentication) {
-		// 根据 username查询对应access-token
-		String authenticationName = authentication.getName();
-
-		// 扩展记录 access-token 、username 的关系 1::token::username::admin::xxx
-		String tokenUsernameKey = String.format("%s::%s::*", AUTHORIZATION, authenticationName);
-		Set<String> keys = redisTemplate.keys(tokenUsernameKey);
-		if (CollUtil.isEmpty(keys)) {
-			return;
-		}
-
-		List<Object> tokenList = redisTemplate.opsForValue().multiGet(keys);
-
-		for (Object token : tokenList) {
-			// 根据token 查询存储的 OAuth2Authorization
-			OAuth2Authorization authorization = this.findByToken((String) token, OAuth2TokenType.ACCESS_TOKEN);
-			// 根据 OAuth2Authorization 删除相关令牌
-			this.remove(authorization);
-		}
-
-	}
-
-}
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/LoginType.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/LoginType.java
@ -1,38 +0,0 @@
-package org.jeecg.config.security;
-
-/**
- * 登录模式
- * @author EightMonth
- * @date 2024/1/10 17:43
- */
-public class LoginType {
-
-    /**
-     * 密码模式
-     */
-    public static final String PASSWORD = "password";
-
-
-    /**
-     * 手机号+验证码模式
-     */
-    public static final String PHONE = "phone";
-
-
-    /**
-     * app登录
-     */
-    public static final String APP = "app";
-
-    /**
-     * 扫码登录
-     */
-    public static final String SCAN = "scan";
-
-    /**
-     * 所有联合登录，比如github\钉钉\企业微信\微信
-     */
-    public static final String SOCIAL = "social";
-
-    public static final String SELF = "self";
-}
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/RedisTokenValidationFilter.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/RedisTokenValidationFilter.java
@ -1,49 +0,0 @@
-package org.jeecg.config.security;
-
-import jakarta.servlet.FilterChain;
-import jakarta.servlet.ServletException;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-import lombok.AllArgsConstructor;
-import org.jeecg.common.system.util.JwtUtil;
-import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
-import org.springframework.security.oauth2.jwt.JwtDecoder;
-import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
-import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
-import org.springframework.security.oauth2.server.authorization.OAuth2TokenType;
-import org.springframework.security.oauth2.server.resource.BearerTokenErrors;
-import org.springframework.security.oauth2.server.resource.web.DefaultBearerTokenResolver;
-import org.springframework.stereotype.Component;
-import org.springframework.web.filter.OncePerRequestFilter;
-
-import java.io.IOException;
-import java.util.Objects;
-
-/**
- * 当用户被强退时，使客户端token失效
- * @author eightmonth@qq.com
- * @date 2024/3/7 17:30
- */
-@Component
-@AllArgsConstructor
-public class RedisTokenValidationFilter extends OncePerRequestFilter {
-    private OAuth2AuthorizationService authorizationService;
-    private JwtDecoder jwtDecoder;
-
-    @Override
-    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
-        // 从请求中获取token
-        DefaultBearerTokenResolver defaultBearerTokenResolver = new DefaultBearerTokenResolver();
-        String token = defaultBearerTokenResolver.resolve(request);
-
-
-        if (Objects.nonNull(token)) {
-            // 检查认证信息是否已被清除，如果已被清除，则令该token失效
-            OAuth2Authorization oAuth2Authorization = authorizationService.findByToken(token, OAuth2TokenType.ACCESS_TOKEN);
-            if (Objects.isNull(oAuth2Authorization)) {
-                throw new OAuth2AuthenticationException(BearerTokenErrors.invalidToken("认证信息已失效，请重新登录"));
-            }
-        }
-        filterChain.doFilter(request, response);
-    }
-}
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/SecurityConfig.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/SecurityConfig.java
@ -1,262 +0,0 @@
-package org.jeecg.config.security;
-
-import com.nimbusds.jose.jwk.JWKSet;
-import com.nimbusds.jose.jwk.RSAKey;
-import com.nimbusds.jose.jwk.source.ImmutableJWKSet;
-import com.nimbusds.jose.jwk.source.JWKSource;
-import com.nimbusds.jose.proc.SecurityContext;
-import lombok.AllArgsConstructor;
-import org.jeecg.config.security.app.AppGrantAuthenticationConvert;
-import org.jeecg.config.security.app.AppGrantAuthenticationProvider;
-import org.jeecg.config.security.password.PasswordGrantAuthenticationConvert;
-import org.jeecg.config.security.password.PasswordGrantAuthenticationProvider;
-import org.jeecg.config.security.phone.PhoneGrantAuthenticationConvert;
-import org.jeecg.config.security.phone.PhoneGrantAuthenticationProvider;
-import org.jeecg.config.security.social.SocialGrantAuthenticationConvert;
-import org.jeecg.config.security.social.SocialGrantAuthenticationProvider;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.core.annotation.Order;
-import org.springframework.http.MediaType;
-import org.springframework.jdbc.core.JdbcTemplate;
-import org.springframework.security.config.Customizer;
-import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
-import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer;
-import org.springframework.security.crypto.password.NoOpPasswordEncoder;
-import org.springframework.security.crypto.password.PasswordEncoder;
-import org.springframework.security.oauth2.jwt.JwtDecoder;
-import org.springframework.security.oauth2.jwt.NimbusJwtEncoder;
-import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
-import org.springframework.security.oauth2.server.authorization.client.JdbcRegisteredClientRepository;
-import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
-import org.springframework.security.oauth2.server.authorization.config.annotation.web.configuration.OAuth2AuthorizationServerConfiguration;
-import org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.OAuth2AuthorizationServerConfigurer;
-import org.springframework.security.oauth2.server.authorization.settings.AuthorizationServerSettings;
-import org.springframework.security.oauth2.server.authorization.token.*;
-import org.springframework.security.web.SecurityFilterChain;
-import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
-import org.springframework.security.web.header.writers.frameoptions.RegExpAllowFromStrategy;
-import org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter;
-import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
-import org.springframework.security.web.util.matcher.MediaTypeRequestMatcher;
-import org.springframework.web.cors.CorsConfiguration;
-
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.SecureRandom;
-import java.security.interfaces.RSAPrivateKey;
-import java.security.interfaces.RSAPublicKey;
-import java.util.Arrays;
-import java.util.List;
-
-/**
- * spring authorization server核心配置
- * @author eightmonth@qq.com
- * @date 2024/1/2 9:29
- */
-@Configuration
-@EnableWebSecurity
-@EnableMethodSecurity
-@AllArgsConstructor
-public class SecurityConfig {
-
-    private JdbcTemplate jdbcTemplate;
-    private OAuth2AuthorizationService authorizationService;
-
-    @Bean
-    @Order(1)
-    public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http)
-            throws Exception {
-        OAuth2AuthorizationServerConfiguration.applyDefaultSecurity(http);
-        // 注册自定义登录类型
-        http.getConfigurer(OAuth2AuthorizationServerConfigurer.class)
-                .tokenEndpoint(tokenEndpoint -> tokenEndpoint.accessTokenRequestConverter(new PasswordGrantAuthenticationConvert())
-                        .authenticationProvider(new PasswordGrantAuthenticationProvider(authorizationService, tokenGenerator())))
-                .tokenEndpoint(tokenEndpoint -> tokenEndpoint.accessTokenRequestConverter(new PhoneGrantAuthenticationConvert())
-                        .authenticationProvider(new PhoneGrantAuthenticationProvider(authorizationService, tokenGenerator())))
-                .tokenEndpoint(tokenEndpoint -> tokenEndpoint.accessTokenRequestConverter(new AppGrantAuthenticationConvert())
-                        .authenticationProvider(new AppGrantAuthenticationProvider(authorizationService, tokenGenerator())))
-                .tokenEndpoint(tokenEndpoint -> tokenEndpoint.accessTokenRequestConverter(new SocialGrantAuthenticationConvert())
-                        .authenticationProvider(new SocialGrantAuthenticationProvider(authorizationService, tokenGenerator())))
-                //开启OpenID Connect 1.0（其中oidc为OpenID Connect的缩写）。 访问 /.well-known/openid-configuration即可获取认证信息
-                .oidc(Customizer.withDefaults());
-        http
-                //将需要认证的请求，重定向到login页面行登录认证。
-                .exceptionHandling((exceptions) -> exceptions
-                        .defaultAuthenticationEntryPointFor(
-                                new LoginUrlAuthenticationEntryPoint("/sys/login"),
-                                new MediaTypeRequestMatcher(MediaType.TEXT_HTML)
-                        )
-                )
-                // 使用jwt处理接收到的access token
-                .oauth2ResourceServer(oauth2ResourceServer ->
-                        oauth2ResourceServer.jwt(Customizer.withDefaults()));
-
-        return http.build();
-    }
-
-    @Bean
-    @Order(2)
-    public SecurityFilterChain defaultSecurityFilterChain(HttpSecurity http)
-            throws Exception {
-        http
-                //设置所有请求都需要认证，未认证的请求都被重定向到login页面进行登录
-                .authorizeHttpRequests((authorize) -> authorize
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/sys/cas/client/validateLogin")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/sys/randomImage/**")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/sys/checkCaptcha")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/sys/login")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/sys/mLogin")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/sys/logout")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/sys/thirdLogin/**")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/sys/getEncryptedString")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/sys/sms")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/sys/phoneLogin")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/sys/user/checkOnlyUser")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/sys/user/register")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/sys/user/phoneVerification")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/sys/user/passwordChange")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/auth/2step-code")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/sys/common/static/**")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/sys/common/pdf/**")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/generic/**")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/sys/getLoginQrcode/**")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/sys/getQrcodeToken/**")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/sys/checkAuth")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/doc.html")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/**/*.js")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/**/*.css")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/**/*.html")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/**/*.svg")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/**/*.pdf")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/**/*.jpg")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/**/*.png")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/**/*.gif")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/**/*.ico")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/**/*.ttf")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/**/*.woff")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/**/*.woff2")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/druid/**")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/swagger-ui.html")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/swagger**/**")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/webjars/**")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/v3/**")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/WW_verify*")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/sys/annountCement/show/**")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/jmreport/**")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/**/*.js.map")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/**/*.css.map")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/drag/view")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/drag/page/queryById")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/drag/onlDragDatasetHead/getAllChartData")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/drag/onlDragDatasetHead/getTotalData")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/drag/mock/json/**")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/test/bigScreen/**")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/bigscreen/template1/**")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/bigscreen/template1/**")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/websocket/**")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/newsWebsocket/**")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/vxeSocket/**")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/test/seata/**")).permitAll()
-                        .requestMatchers(AntPathRequestMatcher.antMatcher("/error")).permitAll()
-                        .anyRequest().authenticated()
-                )
-                .headers(headers -> headers.frameOptions(HeadersConfigurer.FrameOptionsConfig::disable))
-                .cors(cors -> cors
-                        .configurationSource(req -> {
-                            CorsConfiguration config = new CorsConfiguration();
-                            config.applyPermitDefaultValues();
-                            config.setAllowedMethods(Arrays.asList("HEAD", "GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS"));
-                            return config;
-                        }))
-                .csrf(AbstractHttpConfigurer::disable)
-                .oauth2ResourceServer(oauth2 -> oauth2.jwt(Customizer.withDefaults()));
-        return http.build();
-    }
-
-    /**
-     * 数据库保存注册客户端信息
-     */
-    @Bean
-    public RegisteredClientRepository registeredClientRepository() {
-        return new JdbcRegisteredClientRepository(jdbcTemplate);
-    }
-
-    /**
-     *配置 JWK，为JWT(id_token)提供加密密钥，用于加密/解密或签名/验签
-     * JWK详细见：https://datatracker.ietf.org/doc/html/draft-ietf-jose-json-web-key-41
-     */
-    @Bean
-    public JWKSource<SecurityContext> jwkSource() {
-        KeyPair keyPair = generateRsaKey();
-        RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
-        RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
-        RSAKey rsaKey = new RSAKey.Builder(publicKey)
-                .privateKey(privateKey)
-                // 重要！生产环境需要修改！
-                .keyID("jeecg")
-                .build();
-        JWKSet jwkSet = new JWKSet(rsaKey);
-        return new ImmutableJWKSet<>(jwkSet);
-    }
-
-    @Bean
-    public PasswordEncoder passwordEncoder() {
-        return NoOpPasswordEncoder.getInstance();
-    }
-
-    /**
-     *生成RSA密钥对，给上面jwkSource() 方法的提供密钥对
-     */
-    private static KeyPair generateRsaKey() {
-        KeyPair keyPair;
-        try {
-            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
-
-            // 生产环境不应该设置secureRandom，seed如果被泄露，jwt容易被伪造
-            // 如果不设置secureRandom，会存在一个问题，当应用重启后，原有的token将会全部失效，因为重启的keyPair与之前已经不同
-            SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");
-            // 重要！生产环境需要修改！
-            secureRandom.setSeed("jeecg".getBytes());
-            keyPairGenerator.initialize(2048, secureRandom);
-            keyPair = keyPairGenerator.generateKeyPair();
-        }
-        catch (Exception ex) {
-            throw new IllegalStateException(ex);
-        }
-        return keyPair;
-    }
-
-    /**
-     * 配置jwt解析器
-     */
-    @Bean
-    public JwtDecoder jwtDecoder(JWKSource<SecurityContext> jwkSource) {
-        return OAuth2AuthorizationServerConfiguration.jwtDecoder(jwkSource);
-    }
-
-    /**
-     *配置认证服务器请求地址
-     */
-    @Bean
-    public AuthorizationServerSettings authorizationServerSettings() {
-        return AuthorizationServerSettings.builder().tokenEndpoint("/sys/login").build();
-    }
-
-    /**
-     *配置token生成器
-     */
-    @Bean
-    OAuth2TokenGenerator<?> tokenGenerator() {
-        JwtGenerator jwtGenerator = new JwtGenerator(new NimbusJwtEncoder(jwkSource()));
-        OAuth2AccessTokenGenerator accessTokenGenerator = new OAuth2AccessTokenGenerator();
-        OAuth2RefreshTokenGenerator refreshTokenGenerator = new OAuth2RefreshTokenGenerator();
-        return new DelegatingOAuth2TokenGenerator(
-                jwtGenerator, accessTokenGenerator, refreshTokenGenerator);
-    }
-
-}
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/app/AppGrantAuthenticationConvert.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/app/AppGrantAuthenticationConvert.java
@ -1,81 +0,0 @@
-package org.jeecg.config.security.app;
-
-import jakarta.servlet.http.HttpServletRequest;
-import org.jeecg.config.security.LoginType;
-import org.jeecg.config.security.password.PasswordGrantAuthenticationToken;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
-import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
-import org.springframework.security.web.authentication.AuthenticationConverter;
-import org.springframework.util.LinkedMultiValueMap;
-import org.springframework.util.MultiValueMap;
-import org.springframework.util.StringUtils;
-
-import java.util.HashMap;
-import java.util.Map;
-
-/**
- * APP模式认证转换器
- * @author EightMonth
- * @date 2024/1/1
- */
-public class AppGrantAuthenticationConvert implements AuthenticationConverter {
-    @Override
-    public Authentication convert(HttpServletRequest request) {
-
-        String grantType = request.getParameter(OAuth2ParameterNames.GRANT_TYPE);
-        if (!LoginType.APP.equals(grantType)) {
-            return null;
-        }
-
-        Authentication clientPrincipal = SecurityContextHolder.getContext().getAuthentication();
-
-        //从request中提取请求参数，然后存入MultiValueMap<String, String>
-        MultiValueMap<String, String> parameters = getParameters(request);
-
-        // username (REQUIRED)
-        String username = parameters.getFirst(OAuth2ParameterNames.USERNAME);
-        if (!StringUtils.hasText(username) ||
-                parameters.get(OAuth2ParameterNames.USERNAME).size() != 1) {
-            throw new OAuth2AuthenticationException("无效请求，用户名不能为空！");
-        }
-        String password = parameters.getFirst(OAuth2ParameterNames.PASSWORD);
-        if (!StringUtils.hasText(password) ||
-                parameters.get(OAuth2ParameterNames.PASSWORD).size() != 1) {
-            throw new OAuth2AuthenticationException("无效请求，密码不能为空！");
-        }
-
-        //收集要传入PasswordGrantAuthenticationToken构造方法的参数，
-        //该参数接下来在PasswordGrantAuthenticationProvider中使用
-        Map<String, Object> additionalParameters = new HashMap<>();
-        //遍历从request中提取的参数，排除掉grant_type、client_id、code等字段参数，其他参数收集到additionalParameters中
-        parameters.forEach((key, value) -> {
-            if (!key.equals(OAuth2ParameterNames.GRANT_TYPE) &&
-                    !key.equals(OAuth2ParameterNames.CLIENT_ID) &&
-                    !key.equals(OAuth2ParameterNames.CODE)) {
-                additionalParameters.put(key, value.get(0));
-            }
-        });
-
-        //返回自定义的PasswordGrantAuthenticationToken对象
-        return new PasswordGrantAuthenticationToken(clientPrincipal, additionalParameters);
-
-    }
-
-    /**
-     *从request中提取请求参数，然后存入MultiValueMap<String, String>
-     */
-    private static MultiValueMap<String, String> getParameters(HttpServletRequest request) {
-        Map<String, String[]> parameterMap = request.getParameterMap();
-        MultiValueMap<String, String> parameters = new LinkedMultiValueMap<>(parameterMap.size());
-        parameterMap.forEach((key, values) -> {
-            if (values.length > 0) {
-                for (String value : values) {
-                    parameters.add(key, value);
-                }
-            }
-        });
-        return parameters;
-    }
-}
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/app/AppGrantAuthenticationProvider.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/app/AppGrantAuthenticationProvider.java
@ -1,318 +0,0 @@
-package org.jeecg.config.security.app;
-
-import com.alibaba.fastjson.JSONObject;
-import lombok.extern.slf4j.Slf4j;
-import org.jeecg.common.api.CommonAPI;
-import org.jeecg.common.constant.CacheConstant;
-import org.jeecg.common.constant.CommonConstant;
-import org.jeecg.common.exception.JeecgBootException;
-import org.jeecg.common.exception.JeecgCaptchaException;
-import org.jeecg.common.system.vo.LoginUser;
-import org.jeecg.common.system.vo.SysDepartModel;
-import org.jeecg.common.util.Md5Util;
-import org.jeecg.common.util.PasswordUtil;
-import org.jeecg.common.util.RedisUtil;
-import org.jeecg.common.util.oConvertUtils;
-import org.jeecg.config.JeecgBaseConfig;
-import org.jeecg.config.security.password.PasswordGrantAuthenticationToken;
-import org.jeecg.modules.base.service.BaseCommonService;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.http.HttpStatus;
-import org.springframework.security.authentication.AuthenticationProvider;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.oauth2.core.*;
-import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
-import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
-import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
-import org.springframework.security.oauth2.server.authorization.OAuth2TokenType;
-import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AccessTokenAuthenticationToken;
-import org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationToken;
-import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
-import org.springframework.security.oauth2.server.authorization.context.AuthorizationServerContextHolder;
-import org.springframework.security.oauth2.server.authorization.token.DefaultOAuth2TokenContext;
-import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenContext;
-import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenGenerator;
-import org.springframework.util.Assert;
-import org.springframework.util.StringUtils;
-
-import java.security.Principal;
-import java.time.Instant;
-import java.util.*;
-import java.util.stream.Collectors;
-import java.util.stream.Stream;
-
-/**
- * APP模式认证处理器，负责处理该认证模式下的核心逻辑
- * @author EightMonth
- * @date 2024/1/1
- */
-@Slf4j
-public class AppGrantAuthenticationProvider implements AuthenticationProvider {
-
-    private static final String ERROR_URI = "https://datatracker.ietf.org/doc/html/rfc6749#section-5.2";
-
-    private final OAuth2AuthorizationService authorizationService;
-    private final OAuth2TokenGenerator<? extends OAuth2Token> tokenGenerator;
-    @Autowired
-    private CommonAPI commonAPI;
-    @Autowired
-    private RedisUtil redisUtil;
-    @Autowired
-    private JeecgBaseConfig jeecgBaseConfig;
-    @Autowired
-    private BaseCommonService baseCommonService;
-
-    public AppGrantAuthenticationProvider(OAuth2AuthorizationService authorizationService, OAuth2TokenGenerator<? extends OAuth2Token> tokenGenerator) {
-        Assert.notNull(authorizationService, "authorizationService cannot be null");
-        Assert.notNull(tokenGenerator, "tokenGenerator cannot be null");
-        this.authorizationService = authorizationService;
-        this.tokenGenerator = tokenGenerator;
-    }
-
-    @Override
-    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
-        AppGrantAuthenticationToken appGrantAuthenticationToken =  (AppGrantAuthenticationToken) authentication;
-        Map<String, Object> additionalParameter = appGrantAuthenticationToken.getAdditionalParameters();
-
-        // 授权类型
-        AuthorizationGrantType authorizationGrantType = appGrantAuthenticationToken.getGrantType();
-        // 用户名
-        String username = (String) additionalParameter.get(OAuth2ParameterNames.USERNAME);
-        // 密码
-        String password = (String) additionalParameter.get(OAuth2ParameterNames.PASSWORD);
-        //请求参数权限范围
-        String requestScopesStr = (String)additionalParameter.getOrDefault(OAuth2ParameterNames.SCOPE, "*");
-        //请求参数权限范围专场集合
-        Set<String> requestScopeSet = Stream.of(requestScopesStr.split(" ")).collect(Collectors.toSet());
-        // 验证码
-        String captcha = (String) additionalParameter.get("captcha");
-        String checkKey = (String) additionalParameter.get("checkKey");
-
-        OAuth2ClientAuthenticationToken clientPrincipal = getAuthenticatedClientElseThrowInvalidClient(appGrantAuthenticationToken);
-        RegisteredClient registeredClient = clientPrincipal.getRegisteredClient();
-
-        // 检查登录失败次数
-        if(isLoginFailOvertimes(username)){
-            Map<String, Object> map = new HashMap<>();
-            map.put("message", "该用户登录失败次数过多，请于10分钟后再次登录！");
-            return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map);
-        }
-
-        if(captcha==null){
-            Map<String, Object> map = new HashMap<>();
-            map.put("message", "验证码无效");
-            return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map);
-        }
-        String lowerCaseCaptcha = captcha.toLowerCase();
-        // 加入密钥作为混淆，避免简单的拼接，被外部利用，用户自定义该密钥即可
-        String origin = lowerCaseCaptcha+checkKey+jeecgBaseConfig.getSignatureSecret();
-        String realKey = Md5Util.md5Encode(origin, "utf-8");
-        Object checkCode = redisUtil.get(realKey);
-        //当进入登录页时，有一定几率出现验证码错误 #1714
-        if(checkCode==null || !checkCode.toString().equals(lowerCaseCaptcha)) {
-            Map<String, Object> map = new HashMap<>();
-            map.put("message", "验证码错误");
-            return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map);
-        }
-
-        if (!registeredClient.getAuthorizationGrantTypes().contains(authorizationGrantType)) {
-            Map<String, Object> map = new HashMap<>();
-            map.put("message", "非法登录");
-            return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map);
-        }
-
-        // 通过用户名获取用户信息
-        LoginUser loginUser = commonAPI.getUserByName(username);
-        //update-begin---author:eightmonth ---date:2024-04-30  for：【6168】master分支切sas分支登录发生错误-----------
-        if (Objects.isNull(loginUser) || !StringUtils.hasText(loginUser.getSalt())) {
-            redisUtil.del(CacheConstant.SYS_USERS_CACHE+"::"+username);
-            loginUser = commonAPI.getUserByName(username);
-        }
-        //update-end---author:eightmonth ---date::2024-04-30  for：【6168】master分支切sas分支登录发生错误--------------
-        // 检查用户可行性
-        checkUserIsEffective(loginUser);
-
-        // 不使用spring security passwordEncoder针对密码进行匹配，使用自有加密匹配，针对 spring security使用noop传输
-        password = PasswordUtil.encrypt(username, password, loginUser.getSalt());
-        if (!password.equals(loginUser.getPassword())) {
-            addLoginFailOvertimes(username);
-            Map<String, Object> map = new HashMap<>();
-            map.put("message", "用户名或密码不正确");
-            return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map);
-        }
-
-        //由于在上面已验证过用户名、密码，现在构建一个已认证的对象UsernamePasswordAuthenticationToken
-        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = UsernamePasswordAuthenticationToken.authenticated(loginUser,clientPrincipal,new ArrayList<>());
-
-        DefaultOAuth2TokenContext.Builder tokenContextBuilder = DefaultOAuth2TokenContext.builder()
-                .registeredClient(registeredClient)
-                .principal(usernamePasswordAuthenticationToken)
-                .authorizationServerContext(AuthorizationServerContextHolder.getContext())
-                .authorizationGrantType(authorizationGrantType)
-                .authorizedScopes(requestScopeSet)
-                .authorizationGrant(appGrantAuthenticationToken);
-
-        OAuth2Authorization.Builder authorizationBuilder = OAuth2Authorization.withRegisteredClient(registeredClient)
-                .principalName(clientPrincipal.getName())
-                .authorizedScopes(requestScopeSet)
-                .attribute(Principal.class.getName(), username)
-                .authorizationGrantType(authorizationGrantType);
-
-
-        // ----- Access token -----
-        OAuth2TokenContext tokenContext = tokenContextBuilder.tokenType(OAuth2TokenType.ACCESS_TOKEN).build();
-        OAuth2Token generatedAccessToken = this.tokenGenerator.generate(tokenContext);
-        if (generatedAccessToken == null) {
-            Map<String, Object> map = new HashMap<>();
-            map.put("message", "无法生成访问token，请联系管理系。");
-            return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map);
-        }
-        OAuth2AccessToken accessToken = new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,
-                generatedAccessToken.getTokenValue(), generatedAccessToken.getIssuedAt(),
-                generatedAccessToken.getExpiresAt(), tokenContext.getAuthorizedScopes());
-        if (generatedAccessToken instanceof ClaimAccessor) {
-            authorizationBuilder.token(accessToken, (metadata) -> {
-                    metadata.put(OAuth2Authorization.Token.CLAIMS_METADATA_NAME, ((ClaimAccessor) generatedAccessToken).getClaims());
-            });
-        } else {
-            authorizationBuilder.accessToken(accessToken);
-        }
-
-        // ----- Refresh token -----
-        OAuth2RefreshToken refreshToken = null;
-        if (registeredClient.getAuthorizationGrantTypes().contains(AuthorizationGrantType.REFRESH_TOKEN) &&
-                // 不向公共客户端颁发刷新令牌
-                !clientPrincipal.getClientAuthenticationMethod().equals(ClientAuthenticationMethod.NONE)) {
-
-            tokenContext = tokenContextBuilder.tokenType(OAuth2TokenType.REFRESH_TOKEN).build();
-            OAuth2Token generatedRefreshToken = this.tokenGenerator.generate(tokenContext);
-            if (!(generatedRefreshToken instanceof OAuth2RefreshToken)) {
-                Map<String, Object> map = new HashMap<>();
-                map.put("message", "无法生成刷新token，请联系管理员。");
-                return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map);
-            }
-
-            refreshToken = (OAuth2RefreshToken) generatedRefreshToken;
-            authorizationBuilder.refreshToken(refreshToken);
-        }
-
-        OAuth2Authorization authorization = authorizationBuilder.build();
-
-        // 保存认证信息至redis
-        authorizationService.save(authorization);
-
-        // 登录成功，删除redis中的验证码
-        redisUtil.del(realKey);
-        redisUtil.del(CommonConstant.LOGIN_FAIL + username);
-        baseCommonService.addLog("用户名: " + username + ",登录成功！", CommonConstant.LOG_TYPE_1, null,loginUser);
-
-        JSONObject addition = new JSONObject(new LinkedHashMap<>());
-        addition.put("token", accessToken.getTokenValue());
-        // 设置租户
-        JSONObject jsonObject = commonAPI.setLoginTenant(username);
-        addition.putAll(jsonObject.getInnerMap());
-
-        // 设置登录用户信息
-        addition.put("userInfo", loginUser);
-        addition.put("sysAllDictItems", commonAPI.queryAllDictItems());
-
-        List<SysDepartModel> departs = commonAPI.queryUserDeparts(loginUser.getId());
-        addition.put("departs", departs);
-        if (departs == null || departs.size() == 0) {
-            addition.put("multi_depart", 0);
-        } else if (departs.size() == 1) {
-            commonAPI.updateUserDepart(username, departs.get(0).getOrgCode(),null);
-            addition.put("multi_depart", 1);
-        } else {
-            //查询当前是否有登录部门
-            if(oConvertUtils.isEmpty(loginUser.getOrgCode())){
-                commonAPI.updateUserDepart(username, departs.get(0).getOrgCode(),null);
-            }
-            addition.put("multi_depart", 2);
-        }
-
-        // 兼容原有shiro登录结果处理
-        Map<String, Object> map = new HashMap<>();
-        map.put("result", addition);
-        map.put("code", 200);
-        map.put("success", true);
-        map.put("timestamp", System.currentTimeMillis());
-
-        // 返回access_token、refresh_token以及其它信息给到前端
-        return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, accessToken, refreshToken, map);
-    }
-
-    @Override
-    public boolean supports(Class<?> authentication) {
-        return AppGrantAuthenticationToken.class.isAssignableFrom(authentication);
-    }
-
-    private static OAuth2ClientAuthenticationToken getAuthenticatedClientElseThrowInvalidClient(Authentication authentication) {
-        OAuth2ClientAuthenticationToken clientPrincipal = null;
-        if (OAuth2ClientAuthenticationToken.class.isAssignableFrom(authentication.getPrincipal().getClass())) {
-            clientPrincipal = (OAuth2ClientAuthenticationToken) authentication.getPrincipal();
-        }
-        if (clientPrincipal != null && clientPrincipal.isAuthenticated()) {
-            return clientPrincipal;
-        }
-        throw new OAuth2AuthenticationException(OAuth2ErrorCodes.INVALID_CLIENT);
-    }
-
-    /**
-     * 登录失败超出次数5 返回true
-     * @param username
-     * @return
-     */
-    private boolean isLoginFailOvertimes(String username){
-        String key = CommonConstant.LOGIN_FAIL + username;
-        Object failTime = redisUtil.get(key);
-        if(failTime!=null){
-            Integer val = Integer.parseInt(failTime.toString());
-            if(val>5){
-                return true;
-            }
-        }
-        return false;
-    }
-
-    /**
-     * 记录登录失败次数
-     * @param username
-     */
-    private void addLoginFailOvertimes(String username){
-        String key = CommonConstant.LOGIN_FAIL + username;
-        Object failTime = redisUtil.get(key);
-        Integer val = 0;
-        if(failTime!=null){
-            val = Integer.parseInt(failTime.toString());
-        }
-        // 10分钟
-        redisUtil.set(key, ++val, 10);
-    }
-
-    /**
-     * 校验用户是否有效
-     */
-    private void checkUserIsEffective(LoginUser loginUser) {
-        //情况1：根据用户信息查询，该用户不存在
-        if (Objects.isNull(loginUser)) {
-            baseCommonService.addLog("用户登录失败，用户不存在！", CommonConstant.LOG_TYPE_1, null);
-            throw new JeecgBootException("该用户不存在，请注册");
-        }
-        //情况2：根据用户信息查询，该用户已注销
-        //update-begin---author:王帅   Date:20200601  for：if条件永远为falsebug------------
-        if (CommonConstant.DEL_FLAG_1.equals(loginUser.getDelFlag())) {
-            //update-end---author:王帅   Date:20200601  for：if条件永远为falsebug------------
-            baseCommonService.addLog("用户登录失败，用户名:" + loginUser.getUsername() + "已注销！", CommonConstant.LOG_TYPE_1, null);
-            throw new JeecgBootException("该用户已注销");
-        }
-        //情况3：根据用户信息查询，该用户已冻结
-        if (CommonConstant.USER_FREEZE.equals(loginUser.getStatus())) {
-            baseCommonService.addLog("用户登录失败，用户名:" + loginUser.getUsername() + "已冻结！", CommonConstant.LOG_TYPE_1, null);
-            throw new JeecgBootException("该用户已冻结");
-        }
-    }
-
-}
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/app/AppGrantAuthenticationToken.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/app/AppGrantAuthenticationToken.java
@ -1,21 +0,0 @@
-package org.jeecg.config.security.app;
-
-import org.jeecg.config.security.LoginType;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.oauth2.core.AuthorizationGrantType;
-import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationGrantAuthenticationToken;
-
-import java.util.Map;
-
-/**
- * APP模式认证专用token类型，方法spring authorization server进行认证流转，配合convert使用
- * @author EightMonth
- * @date 2024/1/1
- */
-public class AppGrantAuthenticationToken extends OAuth2AuthorizationGrantAuthenticationToken {
-
-    public AppGrantAuthenticationToken(Authentication clientPrincipal, Map<String, Object> additionalParameters) {
-        super(new AuthorizationGrantType(LoginType.APP), clientPrincipal, additionalParameters);
-    }
-
-}
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/password/PasswordGrantAuthenticationConvert.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/password/PasswordGrantAuthenticationConvert.java
@ -1,82 +0,0 @@
-package org.jeecg.config.security.password;
-
-import jakarta.servlet.http.HttpServletRequest;
-import org.jeecg.common.constant.CommonConstant;
-import org.jeecg.config.security.LoginType;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.security.oauth2.core.AuthorizationGrantType;
-import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
-import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
-import org.springframework.security.web.authentication.AuthenticationConverter;
-import org.springframework.util.LinkedMultiValueMap;
-import org.springframework.util.MultiValueMap;
-import org.springframework.util.StringUtils;
-
-import java.util.HashMap;
-import java.util.Map;
-
-/**
- * 密码模式认证转换器
- * @author EightMonth
- * @date 2024/1/1
- */
-public class PasswordGrantAuthenticationConvert implements AuthenticationConverter {
-    @Override
-    public Authentication convert(HttpServletRequest request) {
-
-        String grantType = request.getParameter(OAuth2ParameterNames.GRANT_TYPE);
-        if (!LoginType.PASSWORD.equals(grantType)) {
-            return null;
-        }
-
-        Authentication clientPrincipal = SecurityContextHolder.getContext().getAuthentication();
-
-        //从request中提取请求参数，然后存入MultiValueMap<String, String>
-        MultiValueMap<String, String> parameters = getParameters(request);
-
-        // username (REQUIRED)
-        String username = parameters.getFirst(OAuth2ParameterNames.USERNAME);
-        if (!StringUtils.hasText(username) ||
-                parameters.get(OAuth2ParameterNames.USERNAME).size() != 1) {
-            throw new OAuth2AuthenticationException("无效请求，用户名不能为空！");
-        }
-        String password = parameters.getFirst(OAuth2ParameterNames.PASSWORD);
-        if (!StringUtils.hasText(password) ||
-                parameters.get(OAuth2ParameterNames.PASSWORD).size() != 1) {
-            throw new OAuth2AuthenticationException("无效请求，密码不能为空！");
-        }
-
-        //收集要传入PasswordGrantAuthenticationToken构造方法的参数，
-        //该参数接下来在PasswordGrantAuthenticationProvider中使用
-        Map<String, Object> additionalParameters = new HashMap<>();
-        //遍历从request中提取的参数，排除掉grant_type、client_id、code等字段参数，其他参数收集到additionalParameters中
-        parameters.forEach((key, value) -> {
-            if (!key.equals(OAuth2ParameterNames.GRANT_TYPE) &&
-                    !key.equals(OAuth2ParameterNames.CLIENT_ID) &&
-                    !key.equals(OAuth2ParameterNames.CODE)) {
-                additionalParameters.put(key, value.get(0));
-            }
-        });
-
-        //返回自定义的PasswordGrantAuthenticationToken对象
-        return new PasswordGrantAuthenticationToken(clientPrincipal, additionalParameters);
-
-    }
-
-    /**
-     *从request中提取请求参数，然后存入MultiValueMap<String, String>
-     */
-    private static MultiValueMap<String, String> getParameters(HttpServletRequest request) {
-        Map<String, String[]> parameterMap = request.getParameterMap();
-        MultiValueMap<String, String> parameters = new LinkedMultiValueMap<>(parameterMap.size());
-        parameterMap.forEach((key, values) -> {
-            if (values.length > 0) {
-                for (String value : values) {
-                    parameters.add(key, value);
-                }
-            }
-        });
-        return parameters;
-    }
-}
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/password/PasswordGrantAuthenticationProvider.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/password/PasswordGrantAuthenticationProvider.java
@ -1,317 +0,0 @@
-package org.jeecg.config.security.password;
-
-import com.alibaba.fastjson.JSONObject;
-import lombok.extern.slf4j.Slf4j;
-import org.jeecg.common.api.CommonAPI;
-import org.jeecg.common.constant.CacheConstant;
-import org.jeecg.common.constant.CommonConstant;
-import org.jeecg.common.exception.JeecgBootException;
-import org.jeecg.common.exception.JeecgCaptchaException;
-import org.jeecg.common.system.vo.LoginUser;
-import org.jeecg.common.system.vo.SysDepartModel;
-import org.jeecg.common.util.Md5Util;
-import org.jeecg.common.util.PasswordUtil;
-import org.jeecg.common.util.RedisUtil;
-import org.jeecg.common.util.oConvertUtils;
-import org.jeecg.config.JeecgBaseConfig;
-import org.jeecg.modules.base.service.BaseCommonService;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.http.HttpStatus;
-import org.springframework.security.authentication.AuthenticationProvider;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.core.authority.SimpleGrantedAuthority;
-import org.springframework.security.core.userdetails.UserDetailsService;
-import org.springframework.security.oauth2.core.*;
-import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
-import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
-import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
-import org.springframework.security.oauth2.server.authorization.OAuth2TokenType;
-import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AccessTokenAuthenticationToken;
-import org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationToken;
-import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
-import org.springframework.security.oauth2.server.authorization.context.AuthorizationServerContextHolder;
-import org.springframework.security.oauth2.server.authorization.token.DefaultOAuth2TokenContext;
-import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenContext;
-import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenGenerator;
-import org.springframework.util.Assert;
-import org.springframework.util.StringUtils;
-
-import java.security.Principal;
-import java.time.Instant;
-import java.util.*;
-import java.util.stream.Collectors;
-import java.util.stream.Stream;
-
-/**
- * 密码模式认证处理器，负责处理该认证模式下的核心逻辑
- * @author EightMonth
- * @date 2024/1/1
- */
-@Slf4j
-public class PasswordGrantAuthenticationProvider implements AuthenticationProvider {
-
-    private static final String ERROR_URI = "https://datatracker.ietf.org/doc/html/rfc6749#section-5.2";
-
-    private final OAuth2AuthorizationService authorizationService;
-    private final OAuth2TokenGenerator<? extends OAuth2Token> tokenGenerator;
-    @Autowired
-    private CommonAPI commonAPI;
-    @Autowired
-    private RedisUtil redisUtil;
-    @Autowired
-    private JeecgBaseConfig jeecgBaseConfig;
-    @Autowired
-    private BaseCommonService baseCommonService;
-
-    public PasswordGrantAuthenticationProvider(OAuth2AuthorizationService authorizationService, OAuth2TokenGenerator<? extends OAuth2Token> tokenGenerator) {
-        Assert.notNull(authorizationService, "authorizationService cannot be null");
-        Assert.notNull(tokenGenerator, "tokenGenerator cannot be null");
-        this.authorizationService = authorizationService;
-        this.tokenGenerator = tokenGenerator;
-    }
-
-    @Override
-    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
-        PasswordGrantAuthenticationToken passwordGrantAuthenticationToken =  (PasswordGrantAuthenticationToken) authentication;
-        Map<String, Object> additionalParameter = passwordGrantAuthenticationToken.getAdditionalParameters();
-
-        // 授权类型
-        AuthorizationGrantType authorizationGrantType = passwordGrantAuthenticationToken.getGrantType();
-        // 用户名
-        String username = (String) additionalParameter.get(OAuth2ParameterNames.USERNAME);
-        // 密码
-        String password = (String) additionalParameter.get(OAuth2ParameterNames.PASSWORD);
-        //请求参数权限范围
-        String requestScopesStr = (String)additionalParameter.getOrDefault(OAuth2ParameterNames.SCOPE, "*");
-        //请求参数权限范围专场集合
-        Set<String> requestScopeSet = Stream.of(requestScopesStr.split(" ")).collect(Collectors.toSet());
-        // 验证码
-        String captcha = (String) additionalParameter.get("captcha");
-        String checkKey = (String) additionalParameter.get("checkKey");
-
-        OAuth2ClientAuthenticationToken clientPrincipal = getAuthenticatedClientElseThrowInvalidClient(passwordGrantAuthenticationToken);
-        RegisteredClient registeredClient = clientPrincipal.getRegisteredClient();
-
-        // 检查登录失败次数
-        if(isLoginFailOvertimes(username)){
-            throw new JeecgBootException("该用户登录失败次数过多，请于10分钟后再次登录！");
-        }
-
-        if(captcha==null){
-            throw new JeecgBootException("验证码无效");
-        }
-        String lowerCaseCaptcha = captcha.toLowerCase();
-        // 加入密钥作为混淆，避免简单的拼接，被外部利用，用户自定义该密钥即可
-        String origin = lowerCaseCaptcha+checkKey+jeecgBaseConfig.getSignatureSecret();
-        String realKey = Md5Util.md5Encode(origin, "utf-8");
-        Object checkCode = redisUtil.get(realKey);
-        //当进入登录页时，有一定几率出现验证码错误 #1714
-        if(checkCode==null || !checkCode.toString().equals(lowerCaseCaptcha)) {
-            Map<String, Object> map = new HashMap<>();
-            map.put("message", "验证码错误");
-            return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map);
-        }
-
-        if (!registeredClient.getAuthorizationGrantTypes().contains(authorizationGrantType)) {
-            Map<String, Object> map = new HashMap<>();
-            map.put("message", "非法登录");
-            return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map);
-        }
-
-        // 通过用户名获取用户信息
-        LoginUser loginUser = commonAPI.getUserByName(username);
-        //update-begin---author:eightmonth ---date:2024-04-30  for：【6168】master分支切sas分支登录发生错误-----------
-        if (Objects.isNull(loginUser) || !StringUtils.hasText(loginUser.getSalt())) {
-            redisUtil.del(CacheConstant.SYS_USERS_CACHE+"::"+username);
-            loginUser = commonAPI.getUserByName(username);
-        }
-        //update-end---author:eightmonth ---date::2024-04-30  for：【6168】master分支切sas分支登录发生错误--------------
-        // 检查用户可行性
-        checkUserIsEffective(loginUser);
-
-        // 不使用spring security passwordEncoder针对密码进行匹配，使用自有加密匹配，针对 spring security使用noop传输
-        password = PasswordUtil.encrypt(username, password, loginUser.getSalt());
-        if (!password.equals(loginUser.getPassword())) {
-            addLoginFailOvertimes(username);
-
-            Map<String, Object> map = new HashMap<>();
-            map.put("message", "用户名或密码不正确");
-            return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map);
-        }
-
-        //由于在上面已验证过用户名、密码，现在构建一个已认证的对象UsernamePasswordAuthenticationToken
-        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = UsernamePasswordAuthenticationToken.authenticated(loginUser,clientPrincipal,new ArrayList<>());
-
-        DefaultOAuth2TokenContext.Builder tokenContextBuilder = DefaultOAuth2TokenContext.builder()
-                .registeredClient(registeredClient)
-                .principal(usernamePasswordAuthenticationToken)
-                .authorizationServerContext(AuthorizationServerContextHolder.getContext())
-                .authorizationGrantType(authorizationGrantType)
-                .authorizedScopes(requestScopeSet)
-                .authorizationGrant(passwordGrantAuthenticationToken);
-
-        OAuth2Authorization.Builder authorizationBuilder = OAuth2Authorization.withRegisteredClient(registeredClient)
-                .principalName(clientPrincipal.getName())
-                .authorizedScopes(requestScopeSet)
-                .attribute(Principal.class.getName(), username)
-                .authorizationGrantType(authorizationGrantType);
-
-
-        // ----- Access token -----
-        OAuth2TokenContext tokenContext = tokenContextBuilder.tokenType(OAuth2TokenType.ACCESS_TOKEN).build();
-        OAuth2Token generatedAccessToken = this.tokenGenerator.generate(tokenContext);
-        if (generatedAccessToken == null) {
-            Map<String, Object> map = new HashMap<>();
-            map.put("message", "无法生成访问token，请联系管理系。");
-            return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map);
-        }
-        OAuth2AccessToken accessToken = new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,
-                generatedAccessToken.getTokenValue(), generatedAccessToken.getIssuedAt(),
-                generatedAccessToken.getExpiresAt(), tokenContext.getAuthorizedScopes());
-        if (generatedAccessToken instanceof ClaimAccessor) {
-            authorizationBuilder.token(accessToken, (metadata) -> {
-                    metadata.put(OAuth2Authorization.Token.CLAIMS_METADATA_NAME, ((ClaimAccessor) generatedAccessToken).getClaims());
-            });
-        } else {
-            authorizationBuilder.accessToken(accessToken);
-        }
-
-        // ----- Refresh token -----
-        OAuth2RefreshToken refreshToken = null;
-        if (registeredClient.getAuthorizationGrantTypes().contains(AuthorizationGrantType.REFRESH_TOKEN) &&
-                // 不向公共客户端颁发刷新令牌
-                !clientPrincipal.getClientAuthenticationMethod().equals(ClientAuthenticationMethod.NONE)) {
-
-            tokenContext = tokenContextBuilder.tokenType(OAuth2TokenType.REFRESH_TOKEN).build();
-            OAuth2Token generatedRefreshToken = this.tokenGenerator.generate(tokenContext);
-            if (!(generatedRefreshToken instanceof OAuth2RefreshToken)) {
-                Map<String, Object> map = new HashMap<>();
-                map.put("message", "无法生成访问token，请联系管理系。");
-                return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map);
-            }
-
-            refreshToken = (OAuth2RefreshToken) generatedRefreshToken;
-            authorizationBuilder.refreshToken(refreshToken);
-        }
-
-        OAuth2Authorization authorization = authorizationBuilder.build();
-
-        // 保存认证信息至redis
-        authorizationService.save(authorization);
-
-        // 登录成功，删除redis中的验证码
-        redisUtil.del(realKey);
-        redisUtil.del(CommonConstant.LOGIN_FAIL + username);
-        baseCommonService.addLog("用户名: " + username + ",登录成功！", CommonConstant.LOG_TYPE_1, null,loginUser);
-
-        JSONObject addition = new JSONObject(new LinkedHashMap<>());
-        addition.put("token", accessToken.getTokenValue());
-
-        // 设置租户
-        JSONObject jsonObject = commonAPI.setLoginTenant(username);
-        addition.putAll(jsonObject.getInnerMap());
-
-        // 设置登录用户信息
-        addition.put("userInfo", loginUser);
-        addition.put("sysAllDictItems", commonAPI.queryAllDictItems());
-
-        List<SysDepartModel> departs = commonAPI.queryUserDeparts(loginUser.getId());
-        addition.put("departs", departs);
-        if (departs == null || departs.size() == 0) {
-            addition.put("multi_depart", 0);
-        } else if (departs.size() == 1) {
-            commonAPI.updateUserDepart(username, departs.get(0).getOrgCode(),null);
-            addition.put("multi_depart", 1);
-        } else {
-            //查询当前是否有登录部门
-            if(oConvertUtils.isEmpty(loginUser.getOrgCode())){
-                commonAPI.updateUserDepart(username, departs.get(0).getOrgCode(),null);
-            }
-            addition.put("multi_depart", 2);
-        }
-
-        // 兼容原有shiro登录结果处理
-        Map<String, Object> map = new HashMap<>();
-        map.put("result", addition);
-        map.put("code", 200);
-        map.put("success", true);
-        map.put("timestamp", System.currentTimeMillis());
-
-        // 返回access_token、refresh_token以及其它信息给到前端
-        return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, accessToken, refreshToken, map);
-    }
-
-    @Override
-    public boolean supports(Class<?> authentication) {
-        return PasswordGrantAuthenticationToken.class.isAssignableFrom(authentication);
-    }
-
-    private static OAuth2ClientAuthenticationToken getAuthenticatedClientElseThrowInvalidClient(Authentication authentication) {
-        OAuth2ClientAuthenticationToken clientPrincipal = null;
-        if (OAuth2ClientAuthenticationToken.class.isAssignableFrom(authentication.getPrincipal().getClass())) {
-            clientPrincipal = (OAuth2ClientAuthenticationToken) authentication.getPrincipal();
-        }
-        if (clientPrincipal != null && clientPrincipal.isAuthenticated()) {
-            return clientPrincipal;
-        }
-        throw new OAuth2AuthenticationException(OAuth2ErrorCodes.INVALID_CLIENT);
-    }
-
-    /**
-     * 登录失败超出次数5 返回true
-     * @param username
-     * @return
-     */
-    private boolean isLoginFailOvertimes(String username){
-        String key = CommonConstant.LOGIN_FAIL + username;
-        Object failTime = redisUtil.get(key);
-        if(failTime!=null){
-            Integer val = Integer.parseInt(failTime.toString());
-            if(val>5){
-                return true;
-            }
-        }
-        return false;
-    }
-
-    /**
-     * 记录登录失败次数
-     * @param username
-     */
-    private void addLoginFailOvertimes(String username){
-        String key = CommonConstant.LOGIN_FAIL + username;
-        Object failTime = redisUtil.get(key);
-        Integer val = 0;
-        if(failTime!=null){
-            val = Integer.parseInt(failTime.toString());
-        }
-        // 10分钟
-        redisUtil.set(key, ++val, 10);
-    }
-
-    /**
-     * 校验用户是否有效
-     */
-    private void checkUserIsEffective(LoginUser loginUser) {
-        //情况1：根据用户信息查询，该用户不存在
-        if (Objects.isNull(loginUser)) {
-            baseCommonService.addLog("用户登录失败，用户不存在！", CommonConstant.LOG_TYPE_1, null);
-            throw new JeecgBootException("该用户不存在，请注册");
-        }
-        //情况2：根据用户信息查询，该用户已注销
-        //update-begin---author:王帅   Date:20200601  for：if条件永远为falsebug------------
-        if (CommonConstant.DEL_FLAG_1.equals(loginUser.getDelFlag())) {
-            //update-end---author:王帅   Date:20200601  for：if条件永远为falsebug------------
-            baseCommonService.addLog("用户登录失败，用户名:" + loginUser.getUsername() + "已注销！", CommonConstant.LOG_TYPE_1, null);
-            throw new JeecgBootException("该用户已注销");
-        }
-        //情况3：根据用户信息查询，该用户已冻结
-        if (CommonConstant.USER_FREEZE.equals(loginUser.getStatus())) {
-            baseCommonService.addLog("用户登录失败，用户名:" + loginUser.getUsername() + "已冻结！", CommonConstant.LOG_TYPE_1, null);
-            throw new JeecgBootException("该用户已冻结");
-        }
-    }
-
-}
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/password/PasswordGrantAuthenticationToken.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/password/PasswordGrantAuthenticationToken.java
@ -1,21 +0,0 @@
-package org.jeecg.config.security.password;
-
-import org.jeecg.config.security.LoginType;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.oauth2.core.AuthorizationGrantType;
-import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationGrantAuthenticationToken;
-
-import java.util.Map;
-
-/**
- * 密码模式认证专用token类型，方法spring authorization server进行认证流转，配合convert使用
- * @author EightMonth
- * @date 2024/1/1
- */
-public class PasswordGrantAuthenticationToken extends OAuth2AuthorizationGrantAuthenticationToken {
-
-    public PasswordGrantAuthenticationToken(Authentication clientPrincipal, Map<String, Object> additionalParameters) {
-        super(new AuthorizationGrantType(LoginType.PASSWORD), clientPrincipal, additionalParameters);
-    }
-
-}
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/phone/PhoneGrantAuthenticationConvert.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/phone/PhoneGrantAuthenticationConvert.java
@ -1,77 +0,0 @@
-package org.jeecg.config.security.phone;
-
-import jakarta.servlet.http.HttpServletRequest;
-import lombok.AllArgsConstructor;
-import org.jeecg.config.security.LoginType;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
-import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
-import org.springframework.security.web.authentication.AuthenticationConverter;
-import org.springframework.util.LinkedMultiValueMap;
-import org.springframework.util.MultiValueMap;
-import org.springframework.util.StringUtils;
-
-import java.util.HashMap;
-import java.util.Map;
-
-/**
- * 手机号模式认证转换器
- * @author EightMonth
- * @date 2024/1/1
- */
-@AllArgsConstructor
-public class PhoneGrantAuthenticationConvert implements AuthenticationConverter {
-    @Override
-    public Authentication convert(HttpServletRequest request) {
-
-        String grantType = request.getParameter(OAuth2ParameterNames.GRANT_TYPE);
-        if (!LoginType.PHONE.equals(grantType)) {
-            return null;
-        }
-
-        Authentication clientPrincipal = SecurityContextHolder.getContext().getAuthentication();
-
-        //从request中提取请求参数，然后存入MultiValueMap<String, String>
-        MultiValueMap<String, String> parameters = getParameters(request);
-
-        // 验证码
-        String captcha = parameters.getFirst("captcha");
-        if (!StringUtils.hasText(captcha)) {
-            throw new OAuth2AuthenticationException("无效请求，验证码不能为空！");
-        }
-
-        //收集要传入PhoneGrantAuthenticationToken构造方法的参数，
-        //该参数接下来在PhoneGrantAuthenticationProvider中使用
-        Map<String, Object> additionalParameters = new HashMap<>();
-        //遍历从request中提取的参数，排除掉grant_type、client_id、code等字段参数，其他参数收集到additionalParameters中
-        parameters.forEach((key, value) -> {
-            if (!key.equals(OAuth2ParameterNames.GRANT_TYPE) &&
-                    !key.equals(OAuth2ParameterNames.CLIENT_ID) &&
-                    !key.equals(OAuth2ParameterNames.CODE)) {
-                additionalParameters.put(key, value.get(0));
-            }
-        });
-
-        //返回自定义的PhoneGrantAuthenticationToken对象
-        return new PhoneGrantAuthenticationToken(clientPrincipal, additionalParameters);
-
-    }
-
-    /**
-     *从request中提取请求参数，然后存入MultiValueMap<String, String>
-     */
-    private static MultiValueMap<String, String> getParameters(HttpServletRequest request) {
-        Map<String, String[]> parameterMap = request.getParameterMap();
-        MultiValueMap<String, String> parameters = new LinkedMultiValueMap<>(parameterMap.size());
-        parameterMap.forEach((key, values) -> {
-            if (values.length > 0) {
-                for (String value : values) {
-                    parameters.add(key, value);
-                }
-            }
-        });
-        return parameters;
-    }
-
-}
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/phone/PhoneGrantAuthenticationProvider.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/phone/PhoneGrantAuthenticationProvider.java
@ -1,290 +0,0 @@
-package org.jeecg.config.security.phone;
-
-import com.alibaba.fastjson.JSONObject;
-import lombok.extern.slf4j.Slf4j;
-import org.jeecg.common.api.CommonAPI;
-import org.jeecg.common.constant.CommonConstant;
-import org.jeecg.common.exception.JeecgBootException;
-import org.jeecg.common.exception.JeecgCaptchaException;
-import org.jeecg.common.system.vo.LoginUser;
-import org.jeecg.common.system.vo.SysDepartModel;
-import org.jeecg.common.util.Md5Util;
-import org.jeecg.common.util.PasswordUtil;
-import org.jeecg.common.util.RedisUtil;
-import org.jeecg.common.util.oConvertUtils;
-import org.jeecg.config.JeecgBaseConfig;
-import org.jeecg.config.security.password.PasswordGrantAuthenticationToken;
-import org.jeecg.modules.base.service.BaseCommonService;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.http.HttpStatus;
-import org.springframework.security.authentication.AuthenticationProvider;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.oauth2.core.*;
-import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
-import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
-import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
-import org.springframework.security.oauth2.server.authorization.OAuth2TokenType;
-import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AccessTokenAuthenticationToken;
-import org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationToken;
-import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
-import org.springframework.security.oauth2.server.authorization.context.AuthorizationServerContextHolder;
-import org.springframework.security.oauth2.server.authorization.token.DefaultOAuth2TokenContext;
-import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenContext;
-import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenGenerator;
-import org.springframework.util.Assert;
-
-import java.security.Principal;
-import java.time.Instant;
-import java.util.*;
-import java.util.stream.Collectors;
-import java.util.stream.Stream;
-
-/**
- * 手机号模式认证处理器，负责处理该认证模式下的核心逻辑
- * @author EightMonth
- * @date 2024/1/1
- */
-@Slf4j
-public class PhoneGrantAuthenticationProvider implements AuthenticationProvider {
-
-    private static final String ERROR_URI = "https://datatracker.ietf.org/doc/html/rfc6749#section-5.2";
-
-    private final OAuth2AuthorizationService authorizationService;
-    private final OAuth2TokenGenerator<? extends OAuth2Token> tokenGenerator;
-    @Autowired
-    private CommonAPI commonAPI;
-    @Autowired
-    private RedisUtil redisUtil;
-    @Autowired
-    private JeecgBaseConfig jeecgBaseConfig;
-    @Autowired
-    private BaseCommonService baseCommonService;
-
-    public PhoneGrantAuthenticationProvider(OAuth2AuthorizationService authorizationService, OAuth2TokenGenerator<? extends OAuth2Token> tokenGenerator) {
-        Assert.notNull(authorizationService, "authorizationService cannot be null");
-        Assert.notNull(tokenGenerator, "tokenGenerator cannot be null");
-        this.authorizationService = authorizationService;
-        this.tokenGenerator = tokenGenerator;
-    }
-
-    @Override
-    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
-        PhoneGrantAuthenticationToken phoneGrantAuthenticationToken =  (PhoneGrantAuthenticationToken) authentication;
-        Map<String, Object> additionalParameter = phoneGrantAuthenticationToken.getAdditionalParameters();
-
-        // 授权类型
-        AuthorizationGrantType authorizationGrantType = phoneGrantAuthenticationToken.getGrantType();
-        // 手机号
-        String phone = (String) additionalParameter.get("mobile");
-
-        if(isLoginFailOvertimes(phone)){
-            throw new JeecgBootException("该用户登录失败次数过多，请于10分钟后再次登录！");
-        }
-
-        //请求参数权限范围
-        String requestScopesStr = (String)additionalParameter.getOrDefault(OAuth2ParameterNames.SCOPE, "*");
-        //请求参数权限范围专场集合
-        Set<String> requestScopeSet = Stream.of(requestScopesStr.split(" ")).collect(Collectors.toSet());
-        // 验证码
-        String captcha = (String) additionalParameter.get("captcha");
-
-        OAuth2ClientAuthenticationToken clientPrincipal = getAuthenticatedClientElseThrowInvalidClient(phoneGrantAuthenticationToken);
-        RegisteredClient registeredClient = clientPrincipal.getRegisteredClient();
-
-        // 通过手机号获取用户信息
-        LoginUser loginUser = commonAPI.getUserByPhone(phone);
-        // 检查用户可行性
-        checkUserIsEffective(loginUser);
-
-
-        String redisKey = CommonConstant.PHONE_REDIS_KEY_PRE+phone;
-        Object code = redisUtil.get(redisKey);
-
-        if (!captcha.equals(code)) {
-            //update-begin-author:taoyan date:2022-11-7 for: issues/4109 平台用户登录失败锁定用户
-            addLoginFailOvertimes(phone);
-
-            Map<String, Object> map = new HashMap<>();
-            map.put("message", "手机验证码错误");
-            return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map);
-
-        }
-
-        if (!registeredClient.getAuthorizationGrantTypes().contains(authorizationGrantType)) {
-            Map<String, Object> map = new HashMap<>();
-            map.put("message", "非法登录");
-            return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map);
-        }
-
-        //由于在上面已验证过用户名、密码，现在构建一个已认证的对象UsernamePasswordAuthenticationToken
-        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = UsernamePasswordAuthenticationToken.authenticated(loginUser,clientPrincipal,new ArrayList<>());
-
-        DefaultOAuth2TokenContext.Builder tokenContextBuilder = DefaultOAuth2TokenContext.builder()
-                .registeredClient(registeredClient)
-                .principal(usernamePasswordAuthenticationToken)
-                .authorizationServerContext(AuthorizationServerContextHolder.getContext())
-                .authorizationGrantType(authorizationGrantType)
-                .authorizedScopes(requestScopeSet)
-                .authorizationGrant(phoneGrantAuthenticationToken);
-
-        OAuth2Authorization.Builder authorizationBuilder = OAuth2Authorization.withRegisteredClient(registeredClient)
-                .principalName(clientPrincipal.getName())
-                .authorizedScopes(requestScopeSet)
-                .attribute(Principal.class.getName(), loginUser.getUsername())
-                .authorizationGrantType(authorizationGrantType);
-
-
-        // ----- Access token -----
-        OAuth2TokenContext tokenContext = tokenContextBuilder.tokenType(OAuth2TokenType.ACCESS_TOKEN).build();
-        OAuth2Token generatedAccessToken = this.tokenGenerator.generate(tokenContext);
-        if (generatedAccessToken == null) {
-            Map<String, Object> map = new HashMap<>();
-            map.put("message", "无法生成刷新token，请联系管理员。");
-            return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map);
-        }
-        OAuth2AccessToken accessToken = new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,
-                generatedAccessToken.getTokenValue(), generatedAccessToken.getIssuedAt(),
-                generatedAccessToken.getExpiresAt(), tokenContext.getAuthorizedScopes());
-        if (generatedAccessToken instanceof ClaimAccessor) {
-            authorizationBuilder.token(accessToken, (metadata) -> {
-                    metadata.put(OAuth2Authorization.Token.CLAIMS_METADATA_NAME, ((ClaimAccessor) generatedAccessToken).getClaims());
-            });
-        } else {
-            authorizationBuilder.accessToken(accessToken);
-        }
-
-        // ----- Refresh token -----
-        OAuth2RefreshToken refreshToken = null;
-        if (registeredClient.getAuthorizationGrantTypes().contains(AuthorizationGrantType.REFRESH_TOKEN) &&
-                // 不向公共客户端颁发刷新令牌
-                !clientPrincipal.getClientAuthenticationMethod().equals(ClientAuthenticationMethod.NONE)) {
-
-            tokenContext = tokenContextBuilder.tokenType(OAuth2TokenType.REFRESH_TOKEN).build();
-            OAuth2Token generatedRefreshToken = this.tokenGenerator.generate(tokenContext);
-            if (!(generatedRefreshToken instanceof OAuth2RefreshToken)) {
-                Map<String, Object> map = new HashMap<>();
-                map.put("message", "无法生成刷新token，请联系管理员。");
-                return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map);
-            }
-
-            refreshToken = (OAuth2RefreshToken) generatedRefreshToken;
-            authorizationBuilder.refreshToken(refreshToken);
-        }
-
-        OAuth2Authorization authorization = authorizationBuilder.build();
-
-        // 保存认证信息至redis
-        authorizationService.save(authorization);
-
-        baseCommonService.addLog("用户名: " + loginUser.getUsername() + ",登录成功！", CommonConstant.LOG_TYPE_1, null,loginUser);
-
-        JSONObject addition = new JSONObject(new LinkedHashMap<>());
-        addition.put("token", accessToken.getTokenValue());
-        // 设置租户
-        JSONObject jsonObject = commonAPI.setLoginTenant(loginUser.getUsername());
-        addition.putAll(jsonObject.getInnerMap());
-
-        // 设置登录用户信息
-        addition.put("userInfo", loginUser);
-        addition.put("sysAllDictItems", commonAPI.queryAllDictItems());
-
-        List<SysDepartModel> departs = commonAPI.queryUserDeparts(loginUser.getId());
-        addition.put("departs", departs);
-        if (departs == null || departs.size() == 0) {
-            addition.put("multi_depart", 0);
-        } else if (departs.size() == 1) {
-            commonAPI.updateUserDepart(loginUser.getUsername(), departs.get(0).getOrgCode(),null);
-            addition.put("multi_depart", 1);
-        } else {
-            //查询当前是否有登录部门
-            if(oConvertUtils.isEmpty(loginUser.getOrgCode())){
-                commonAPI.updateUserDepart(loginUser.getUsername(), departs.get(0).getOrgCode(),null);
-            }
-            addition.put("multi_depart", 2);
-        }
-
-        // 兼容原有shiro登录结果处理
-        Map<String, Object> map = new HashMap<>();
-        map.put("result", addition);
-        map.put("code", 200);
-        map.put("success", true);
-        map.put("timestamp", System.currentTimeMillis());
-
-        // 返回access_token、refresh_token以及其它信息给到前端
-        return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, accessToken, refreshToken, map);
-    }
-
-    @Override
-    public boolean supports(Class<?> authentication) {
-        return PhoneGrantAuthenticationToken.class.isAssignableFrom(authentication);
-    }
-
-    private static OAuth2ClientAuthenticationToken getAuthenticatedClientElseThrowInvalidClient(Authentication authentication) {
-        OAuth2ClientAuthenticationToken clientPrincipal = null;
-        if (OAuth2ClientAuthenticationToken.class.isAssignableFrom(authentication.getPrincipal().getClass())) {
-            clientPrincipal = (OAuth2ClientAuthenticationToken) authentication.getPrincipal();
-        }
-        if (clientPrincipal != null && clientPrincipal.isAuthenticated()) {
-            return clientPrincipal;
-        }
-        throw new OAuth2AuthenticationException(OAuth2ErrorCodes.INVALID_CLIENT);
-    }
-
-    /**
-     * 登录失败超出次数5 返回true
-     * @param username
-     * @return
-     */
-    private boolean isLoginFailOvertimes(String username){
-        String key = CommonConstant.LOGIN_FAIL + username;
-        Object failTime = redisUtil.get(key);
-        if(failTime!=null){
-            Integer val = Integer.parseInt(failTime.toString());
-            if(val>5){
-                return true;
-            }
-        }
-        return false;
-    }
-
-    /**
-     * 记录登录失败次数
-     * @param username
-     */
-    private void addLoginFailOvertimes(String username){
-        String key = CommonConstant.LOGIN_FAIL + username;
-        Object failTime = redisUtil.get(key);
-        Integer val = 0;
-        if(failTime!=null){
-            val = Integer.parseInt(failTime.toString());
-        }
-        // 10分钟
-        redisUtil.set(key, ++val, 10);
-    }
-
-    /**
-     * 校验用户是否有效
-     */
-    private void checkUserIsEffective(LoginUser loginUser) {
-        //情况1：根据用户信息查询，该用户不存在
-        if (Objects.isNull(loginUser)) {
-            baseCommonService.addLog("用户登录失败，用户不存在！", CommonConstant.LOG_TYPE_1, null);
-            throw new JeecgBootException("该用户不存在，请注册");
-        }
-        //情况2：根据用户信息查询，该用户已注销
-        //update-begin---author:王帅   Date:20200601  for：if条件永远为falsebug------------
-        if (CommonConstant.DEL_FLAG_1.equals(loginUser.getDelFlag())) {
-            //update-end---author:王帅   Date:20200601  for：if条件永远为falsebug------------
-            baseCommonService.addLog("用户登录失败，用户名:" + loginUser.getUsername() + "已注销！", CommonConstant.LOG_TYPE_1, null);
-            throw new JeecgBootException("该用户已注销");
-        }
-        //情况3：根据用户信息查询，该用户已冻结
-        if (CommonConstant.USER_FREEZE.equals(loginUser.getStatus())) {
-            baseCommonService.addLog("用户登录失败，用户名:" + loginUser.getUsername() + "已冻结！", CommonConstant.LOG_TYPE_1, null);
-            throw new JeecgBootException("该用户已冻结");
-        }
-    }
-
-}
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/phone/PhoneGrantAuthenticationToken.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/phone/PhoneGrantAuthenticationToken.java
@ -1,21 +0,0 @@
-package org.jeecg.config.security.phone;
-
-import org.jeecg.config.security.LoginType;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.oauth2.core.AuthorizationGrantType;
-import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationGrantAuthenticationToken;
-
-import java.util.Map;
-
-/**
- * 手机号模式认证专用token类型，方法spring authorization server进行认证流转，配合convert使用
- * @author EightMonth
- * @date 2024/1/1
- */
-public class PhoneGrantAuthenticationToken extends OAuth2AuthorizationGrantAuthenticationToken {
-
-    public PhoneGrantAuthenticationToken(Authentication clientPrincipal, Map<String, Object> additionalParameters) {
-        super(new AuthorizationGrantType(LoginType.PHONE), clientPrincipal, additionalParameters);
-    }
-
-}
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/self/SelfAuthenticationProvider.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/self/SelfAuthenticationProvider.java
@ -1,228 +0,0 @@
-package org.jeecg.config.security.self;
-
-import com.alibaba.fastjson.JSONObject;
-import org.jeecg.common.api.CommonAPI;
-import org.jeecg.common.constant.CommonConstant;
-import org.jeecg.common.exception.JeecgBootException;
-import org.jeecg.common.system.vo.LoginUser;
-import org.jeecg.common.system.vo.SysDepartModel;
-import org.jeecg.common.util.RedisUtil;
-import org.jeecg.common.util.oConvertUtils;
-import org.jeecg.config.JeecgBaseConfig;
-import org.jeecg.modules.base.service.BaseCommonService;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.authentication.AuthenticationProvider;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.oauth2.core.*;
-import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
-import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
-import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
-import org.springframework.security.oauth2.server.authorization.OAuth2TokenType;
-import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AccessTokenAuthenticationToken;
-import org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationToken;
-import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
-import org.springframework.security.oauth2.server.authorization.token.DefaultOAuth2TokenContext;
-import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenContext;
-import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenGenerator;
-import org.springframework.stereotype.Component;
-import org.springframework.util.Assert;
-
-import java.security.Principal;
-import java.time.Instant;
-import java.util.*;
-import java.util.stream.Collectors;
-import java.util.stream.Stream;
-
-/**
- * 自用生成token处理器，不对外开放，外部请求无法通过该方式生成token
- * @author eightmonth@qq.com
- * @date 2024/3/19 11:40
- */
-@Component
-public class SelfAuthenticationProvider implements AuthenticationProvider {
-
-    private static final String ERROR_URI = "https://datatracker.ietf.org/doc/html/rfc6749#section-5.2";
-
-    private final OAuth2AuthorizationService authorizationService;
-    private final OAuth2TokenGenerator<? extends OAuth2Token> tokenGenerator;
-    @Autowired
-    private CommonAPI commonAPI;
-    @Autowired
-    private RedisUtil redisUtil;
-    @Autowired
-    private JeecgBaseConfig jeecgBaseConfig;
-    @Autowired
-    private BaseCommonService baseCommonService;
-
-    public SelfAuthenticationProvider(OAuth2AuthorizationService authorizationService, OAuth2TokenGenerator<? extends OAuth2Token> tokenGenerator) {
-        Assert.notNull(authorizationService, "authorizationService cannot be null");
-        Assert.notNull(tokenGenerator, "tokenGenerator cannot be null");
-        this.authorizationService = authorizationService;
-        this.tokenGenerator = tokenGenerator;
-    }
-
-    @Override
-    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
-        SelfAuthenticationToken passwordGrantAuthenticationToken =  (SelfAuthenticationToken) authentication;
-        Map<String, Object> additionalParameter = passwordGrantAuthenticationToken.getAdditionalParameters();
-
-        // 授权类型
-        AuthorizationGrantType authorizationGrantType = passwordGrantAuthenticationToken.getGrantType();
-        // 用户名
-        String username = (String) additionalParameter.get(OAuth2ParameterNames.USERNAME);
-        //请求参数权限范围
-        String requestScopesStr = "*";
-        //请求参数权限范围专场集合
-        Set<String> requestScopeSet = Stream.of(requestScopesStr.split(" ")).collect(Collectors.toSet());
-
-        OAuth2ClientAuthenticationToken clientPrincipal = getAuthenticatedClientElseThrowInvalidClient(passwordGrantAuthenticationToken);
-        RegisteredClient registeredClient = clientPrincipal.getRegisteredClient();
-
-        if (!registeredClient.getAuthorizationGrantTypes().contains(authorizationGrantType)) {
-            Map<String, Object> map = new HashMap<>();
-            map.put("message", "非法登录");
-            return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map);
-        }
-
-        // 通过用户名获取用户信息
-        LoginUser loginUser = commonAPI.getUserByName(username);
-        // 检查用户可行性
-        checkUserIsEffective(loginUser);
-
-        //由于在上面已验证过用户名、密码，现在构建一个已认证的对象UsernamePasswordAuthenticationToken
-        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = UsernamePasswordAuthenticationToken.authenticated(loginUser,clientPrincipal,new ArrayList<>());
-
-        DefaultOAuth2TokenContext.Builder tokenContextBuilder = DefaultOAuth2TokenContext.builder()
-                .registeredClient(registeredClient)
-                .principal(usernamePasswordAuthenticationToken)
-                .authorizationGrantType(authorizationGrantType)
-                .authorizedScopes(requestScopeSet)
-                .authorizationGrant(passwordGrantAuthenticationToken);
-
-        OAuth2Authorization.Builder authorizationBuilder = OAuth2Authorization.withRegisteredClient(registeredClient)
-                .principalName(clientPrincipal.getName())
-                .authorizedScopes(requestScopeSet)
-                .attribute(Principal.class.getName(), username)
-                .authorizationGrantType(authorizationGrantType);
-
-
-        // ----- Access token -----
-        OAuth2TokenContext tokenContext = tokenContextBuilder.tokenType(OAuth2TokenType.ACCESS_TOKEN).build();
-        OAuth2Token generatedAccessToken = this.tokenGenerator.generate(tokenContext);
-        if (generatedAccessToken == null) {
-            Map<String, Object> map = new HashMap<>();
-            map.put("message", "无法生成刷新token，请联系管理员。");
-            return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map);
-
-        }
-        OAuth2AccessToken accessToken = new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,
-                generatedAccessToken.getTokenValue(), generatedAccessToken.getIssuedAt(),
-                generatedAccessToken.getExpiresAt(), tokenContext.getAuthorizedScopes());
-        if (generatedAccessToken instanceof ClaimAccessor) {
-            authorizationBuilder.token(accessToken, (metadata) -> {
-                metadata.put(OAuth2Authorization.Token.CLAIMS_METADATA_NAME, ((ClaimAccessor) generatedAccessToken).getClaims());
-            });
-        } else {
-            authorizationBuilder.accessToken(accessToken);
-        }
-
-        // ----- Refresh token -----
-        OAuth2RefreshToken refreshToken = null;
-        if (registeredClient.getAuthorizationGrantTypes().contains(AuthorizationGrantType.REFRESH_TOKEN) &&
-                // 不向公共客户端颁发刷新令牌
-                !clientPrincipal.getClientAuthenticationMethod().equals(ClientAuthenticationMethod.NONE)) {
-
-            tokenContext = tokenContextBuilder.tokenType(OAuth2TokenType.REFRESH_TOKEN).build();
-            OAuth2Token generatedRefreshToken = this.tokenGenerator.generate(tokenContext);
-            if (!(generatedRefreshToken instanceof OAuth2RefreshToken)) {
-                Map<String, Object> map = new HashMap<>();
-                map.put("message", "无法生成刷新token，请联系管理员。");
-                return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map);
-            }
-
-            refreshToken = (OAuth2RefreshToken) generatedRefreshToken;
-            authorizationBuilder.refreshToken(refreshToken);
-        }
-
-        OAuth2Authorization authorization = authorizationBuilder.build();
-
-        // 保存认证信息至redis
-        authorizationService.save(authorization);
-
-        JSONObject addition = new JSONObject(new LinkedHashMap<>());
-        addition.put("token", accessToken.getTokenValue());
-        // 设置租户
-        JSONObject jsonObject = commonAPI.setLoginTenant(username);
-        addition.putAll(jsonObject.getInnerMap());
-
-        // 设置登录用户信息
-        addition.put("userInfo", loginUser);
-        addition.put("sysAllDictItems", commonAPI.queryAllDictItems());
-
-        List<SysDepartModel> departs = commonAPI.queryUserDeparts(loginUser.getId());
-        addition.put("departs", departs);
-        if (departs == null || departs.size() == 0) {
-            addition.put("multi_depart", 0);
-        } else if (departs.size() == 1) {
-            commonAPI.updateUserDepart(username, departs.get(0).getOrgCode(),null);
-            addition.put("multi_depart", 1);
-        } else {
-            //查询当前是否有登录部门
-            if(oConvertUtils.isEmpty(loginUser.getOrgCode())){
-                commonAPI.updateUserDepart(username, departs.get(0).getOrgCode(),null);
-            }
-            addition.put("multi_depart", 2);
-        }
-
-        // 兼容原有shiro登录结果处理
-        Map<String, Object> map = new HashMap<>();
-        map.put("result", addition);
-        map.put("code", 200);
-        map.put("success", true);
-        map.put("timestamp", System.currentTimeMillis());
-
-        // 返回access_token、refresh_token以及其它信息给到前端
-        return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, accessToken, refreshToken, map);
-    }
-
-    @Override
-    public boolean supports(Class<?> authentication) {
-        return SelfAuthenticationToken.class.isAssignableFrom(authentication);
-    }
-
-    private static OAuth2ClientAuthenticationToken getAuthenticatedClientElseThrowInvalidClient(Authentication authentication) {
-        OAuth2ClientAuthenticationToken clientPrincipal = null;
-        if (OAuth2ClientAuthenticationToken.class.isAssignableFrom(authentication.getPrincipal().getClass())) {
-            clientPrincipal = (OAuth2ClientAuthenticationToken) authentication.getPrincipal();
-        }
-        if (clientPrincipal != null && clientPrincipal.isAuthenticated()) {
-            return clientPrincipal;
-        }
-        throw new OAuth2AuthenticationException(OAuth2ErrorCodes.INVALID_CLIENT);
-    }
-
-    /**
-     * 校验用户是否有效
-     */
-    private void checkUserIsEffective(LoginUser loginUser) {
-        //情况1：根据用户信息查询，该用户不存在
-        if (Objects.isNull(loginUser)) {
-            baseCommonService.addLog("用户登录失败，用户不存在！", CommonConstant.LOG_TYPE_1, null);
-            throw new JeecgBootException("该用户不存在，请注册");
-        }
-        //情况2：根据用户信息查询，该用户已注销
-        //update-begin---author:王帅   Date:20200601  for：if条件永远为falsebug------------
-        if (CommonConstant.DEL_FLAG_1.equals(loginUser.getDelFlag())) {
-            //update-end---author:王帅   Date:20200601  for：if条件永远为falsebug------------
-            baseCommonService.addLog("用户登录失败，用户名:" + loginUser.getUsername() + "已注销！", CommonConstant.LOG_TYPE_1, null);
-            throw new JeecgBootException("该用户已注销");
-        }
-        //情况3：根据用户信息查询，该用户已冻结
-        if (CommonConstant.USER_FREEZE.equals(loginUser.getStatus())) {
-            baseCommonService.addLog("用户登录失败，用户名:" + loginUser.getUsername() + "已冻结！", CommonConstant.LOG_TYPE_1, null);
-            throw new JeecgBootException("该用户已冻结");
-        }
-    }
-}
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/self/SelfAuthenticationToken.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/self/SelfAuthenticationToken.java
@ -1,19 +0,0 @@
-package org.jeecg.config.security.self;
-
-import org.jeecg.config.security.LoginType;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.oauth2.core.AuthorizationGrantType;
-import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationGrantAuthenticationToken;
-
-import java.util.Map;
-
-/**
- * 自用生成token，不支持对外请求，仅为程序内部生成token
- * @author eightmonth
- * @date 2024/3/19 11:37
- */
-public class SelfAuthenticationToken extends OAuth2AuthorizationGrantAuthenticationToken {
-    public SelfAuthenticationToken(Authentication clientPrincipal, Map<String, Object> additionalParameters) {
-        super(new AuthorizationGrantType(LoginType.SELF), clientPrincipal, additionalParameters);
-    }
-}
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/social/SocialGrantAuthenticationConvert.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/social/SocialGrantAuthenticationConvert.java
@ -1,81 +0,0 @@
-package org.jeecg.config.security.social;
-
-import jakarta.servlet.http.HttpServletRequest;
-import lombok.AllArgsConstructor;
-import org.jeecg.config.security.LoginType;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
-import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
-import org.springframework.security.web.authentication.AuthenticationConverter;
-import org.springframework.util.LinkedMultiValueMap;
-import org.springframework.util.MultiValueMap;
-import org.springframework.util.StringUtils;
-
-import java.util.HashMap;
-import java.util.Map;
-
-/**
- * 社交模式认证转换器，配合github、企业微信、钉钉、微信登录使用
- * @author EightMonth
- * @date 2024/1/1
- */
-@AllArgsConstructor
-public class SocialGrantAuthenticationConvert implements AuthenticationConverter {
-    @Override
-    public Authentication convert(HttpServletRequest request) {
-
-        String grantType = request.getParameter(OAuth2ParameterNames.GRANT_TYPE);
-        if (!LoginType.SOCIAL.equals(grantType)) {
-            return null;
-        }
-
-        Authentication clientPrincipal = SecurityContextHolder.getContext().getAuthentication();
-
-        //从request中提取请求参数，然后存入MultiValueMap<String, String>
-        MultiValueMap<String, String> parameters = getParameters(request);
-
-        String token = parameters.getFirst("token");
-        if (!StringUtils.hasText(token)) {
-            throw new OAuth2AuthenticationException("无效请求，三方token不能为空！");
-        }
-
-        String source = parameters.getFirst("thirdType");
-        if (!StringUtils.hasText(source)) {
-            throw new OAuth2AuthenticationException("无效请求，三方来源不能为空！");
-        }
-
-        //收集要传入PhoneGrantAuthenticationToken构造方法的参数，
-        //该参数接下来在PhoneGrantAuthenticationProvider中使用
-        Map<String, Object> additionalParameters = new HashMap<>();
-        //遍历从request中提取的参数，排除掉grant_type、client_id、code等字段参数，其他参数收集到additionalParameters中
-        parameters.forEach((key, value) -> {
-            if (!key.equals(OAuth2ParameterNames.GRANT_TYPE) &&
-                    !key.equals(OAuth2ParameterNames.CLIENT_ID) &&
-                    !key.equals(OAuth2ParameterNames.CODE)) {
-                additionalParameters.put(key, value.get(0));
-            }
-        });
-
-        //返回自定义的PhoneGrantAuthenticationToken对象
-        return new SocialGrantAuthenticationToken(clientPrincipal, additionalParameters);
-
-    }
-
-    /**
-     *从request中提取请求参数，然后存入MultiValueMap<String, String>
-     */
-    private static MultiValueMap<String, String> getParameters(HttpServletRequest request) {
-        Map<String, String[]> parameterMap = request.getParameterMap();
-        MultiValueMap<String, String> parameters = new LinkedMultiValueMap<>(parameterMap.size());
-        parameterMap.forEach((key, values) -> {
-            if (values.length > 0) {
-                for (String value : values) {
-                    parameters.add(key, value);
-                }
-            }
-        });
-        return parameters;
-    }
-
-}
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/social/SocialGrantAuthenticationProvider.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/social/SocialGrantAuthenticationProvider.java
@ -1,276 +0,0 @@
-package org.jeecg.config.security.social;
-
-import com.alibaba.fastjson.JSONObject;
-import com.auth0.jwt.JWT;
-import com.auth0.jwt.interfaces.DecodedJWT;
-import lombok.extern.slf4j.Slf4j;
-import org.jeecg.common.api.CommonAPI;
-import org.jeecg.common.constant.CommonConstant;
-import org.jeecg.common.exception.JeecgBootException;
-import org.jeecg.common.system.vo.LoginUser;
-import org.jeecg.common.system.vo.SysDepartModel;
-import org.jeecg.common.util.RedisUtil;
-import org.jeecg.common.util.oConvertUtils;
-import org.jeecg.config.JeecgBaseConfig;
-import org.jeecg.config.security.password.PasswordGrantAuthenticationToken;
-import org.jeecg.modules.base.service.BaseCommonService;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.authentication.AuthenticationProvider;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.oauth2.core.*;
-import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
-import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
-import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
-import org.springframework.security.oauth2.server.authorization.OAuth2TokenType;
-import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AccessTokenAuthenticationToken;
-import org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationToken;
-import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
-import org.springframework.security.oauth2.server.authorization.context.AuthorizationServerContextHolder;
-import org.springframework.security.oauth2.server.authorization.token.DefaultOAuth2TokenContext;
-import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenContext;
-import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenGenerator;
-import org.springframework.util.Assert;
-
-import java.security.Principal;
-import java.time.Instant;
-import java.util.*;
-import java.util.stream.Collectors;
-import java.util.stream.Stream;
-
-/**
- * 社交模式认证处理器，负责处理该认证模式下的核心逻辑，配合github、企业微信、钉钉、微信登录使用
- * @author EightMonth
- * @date 2024/1/1
- */
-@Slf4j
-public class SocialGrantAuthenticationProvider implements AuthenticationProvider {
-
-    private static final String ERROR_URI = "https://datatracker.ietf.org/doc/html/rfc6749#section-5.2";
-
-    private final OAuth2AuthorizationService authorizationService;
-    private final OAuth2TokenGenerator<? extends OAuth2Token> tokenGenerator;
-    @Autowired
-    private CommonAPI commonAPI;
-    @Autowired
-    private RedisUtil redisUtil;
-    @Autowired
-    private JeecgBaseConfig jeecgBaseConfig;
-    @Autowired
-    private BaseCommonService baseCommonService;
-
-    public SocialGrantAuthenticationProvider(OAuth2AuthorizationService authorizationService, OAuth2TokenGenerator<? extends OAuth2Token> tokenGenerator) {
-        Assert.notNull(authorizationService, "authorizationService cannot be null");
-        Assert.notNull(tokenGenerator, "tokenGenerator cannot be null");
-        this.authorizationService = authorizationService;
-        this.tokenGenerator = tokenGenerator;
-    }
-
-    @Override
-    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
-        SocialGrantAuthenticationToken socialGrantAuthenticationToken =  (SocialGrantAuthenticationToken) authentication;
-        Map<String, Object> additionalParameter = socialGrantAuthenticationToken.getAdditionalParameters();
-
-        // 授权类型
-        AuthorizationGrantType authorizationGrantType = socialGrantAuthenticationToken.getGrantType();
-        // 三方token
-        String token = (String) additionalParameter.get("token");
-        // 三方来源
-        String source = (String) additionalParameter.get("thirdType");
-
-        //请求参数权限范围
-        String requestScopesStr = (String)additionalParameter.getOrDefault(OAuth2ParameterNames.SCOPE, "*");
-        //请求参数权限范围专场集合
-        Set<String> requestScopeSet = Stream.of(requestScopesStr.split(" ")).collect(Collectors.toSet());
-
-        DecodedJWT jwt = JWT.decode(token);
-        String username = jwt.getClaim("username").asString();
-
-        // 通过手机号获取用户信息
-        LoginUser loginUser = commonAPI.getUserByName(username);
-        // 检查用户可行性
-        checkUserIsEffective(loginUser);
-
-        OAuth2ClientAuthenticationToken clientPrincipal = getAuthenticatedClientElseThrowInvalidClient(socialGrantAuthenticationToken);
-        RegisteredClient registeredClient = clientPrincipal.getRegisteredClient();
-
-        if (!registeredClient.getAuthorizationGrantTypes().contains(authorizationGrantType)) {
-            Map<String, Object> map = new HashMap<>();
-            map.put("message", "非法登录");
-            return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map);
-
-        }
-
-        //由于在上面已验证过用户名、密码，现在构建一个已认证的对象UsernamePasswordAuthenticationToken
-        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = UsernamePasswordAuthenticationToken.authenticated(loginUser,clientPrincipal,new ArrayList<>());
-
-        DefaultOAuth2TokenContext.Builder tokenContextBuilder = DefaultOAuth2TokenContext.builder()
-                .registeredClient(registeredClient)
-                .principal(usernamePasswordAuthenticationToken)
-                .authorizationServerContext(AuthorizationServerContextHolder.getContext())
-                .authorizationGrantType(authorizationGrantType)
-                .authorizedScopes(requestScopeSet)
-                .authorizationGrant(socialGrantAuthenticationToken);
-
-        OAuth2Authorization.Builder authorizationBuilder = OAuth2Authorization.withRegisteredClient(registeredClient)
-                .principalName(clientPrincipal.getName())
-                .authorizedScopes(requestScopeSet)
-                .attribute(Principal.class.getName(), loginUser.getUsername())
-                .authorizationGrantType(authorizationGrantType);
-
-
-        // ----- Access token -----
-        OAuth2TokenContext tokenContext = tokenContextBuilder.tokenType(OAuth2TokenType.ACCESS_TOKEN).build();
-        OAuth2Token generatedAccessToken = this.tokenGenerator.generate(tokenContext);
-        if (generatedAccessToken == null) {
-            Map<String, Object> map = new HashMap<>();
-            map.put("message", "无法生成访问token，请联系管理系。");
-            return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map);
-
-        }
-        OAuth2AccessToken accessToken = new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,
-                generatedAccessToken.getTokenValue(), generatedAccessToken.getIssuedAt(),
-                generatedAccessToken.getExpiresAt(), tokenContext.getAuthorizedScopes());
-        if (generatedAccessToken instanceof ClaimAccessor) {
-            authorizationBuilder.token(accessToken, (metadata) -> {
-                    metadata.put(OAuth2Authorization.Token.CLAIMS_METADATA_NAME, ((ClaimAccessor) generatedAccessToken).getClaims());
-            });
-        } else {
-            authorizationBuilder.accessToken(accessToken);
-        }
-
-        // ----- Refresh token -----
-        OAuth2RefreshToken refreshToken = null;
-        if (registeredClient.getAuthorizationGrantTypes().contains(AuthorizationGrantType.REFRESH_TOKEN) &&
-                // 不向公共客户端颁发刷新令牌
-                !clientPrincipal.getClientAuthenticationMethod().equals(ClientAuthenticationMethod.NONE)) {
-
-            tokenContext = tokenContextBuilder.tokenType(OAuth2TokenType.REFRESH_TOKEN).build();
-            OAuth2Token generatedRefreshToken = this.tokenGenerator.generate(tokenContext);
-            if (!(generatedRefreshToken instanceof OAuth2RefreshToken)) {
-                Map<String, Object> map = new HashMap<>();
-                map.put("message", "无法生成刷新token，请联系管理员。");
-                return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,"fdsafas", Instant.now(), Instant.now().plusNanos(1)), null, map);
-            }
-
-            refreshToken = (OAuth2RefreshToken) generatedRefreshToken;
-            authorizationBuilder.refreshToken(refreshToken);
-        }
-
-        OAuth2Authorization authorization = authorizationBuilder.build();
-
-        // 保存认证信息至redis
-        authorizationService.save(authorization);
-
-        baseCommonService.addLog("用户名: " + loginUser.getUsername() + ",登录成功！", CommonConstant.LOG_TYPE_1, null,loginUser);
-
-        JSONObject addition = new JSONObject(new LinkedHashMap<>());
-        addition.put("token", accessToken.getTokenValue());
-        // 设置租户
-        JSONObject jsonObject = commonAPI.setLoginTenant(loginUser.getUsername());
-        addition.putAll(jsonObject.getInnerMap());
-
-        // 设置登录用户信息
-        addition.put("userInfo", loginUser);
-        addition.put("sysAllDictItems", commonAPI.queryAllDictItems());
-
-        List<SysDepartModel> departs = commonAPI.queryUserDeparts(loginUser.getId());
-        addition.put("departs", departs);
-        if (departs == null || departs.size() == 0) {
-            addition.put("multi_depart", 0);
-        } else if (departs.size() == 1) {
-            commonAPI.updateUserDepart(loginUser.getUsername(), departs.get(0).getOrgCode(),null);
-            addition.put("multi_depart", 1);
-        } else {
-            //查询当前是否有登录部门
-            if(oConvertUtils.isEmpty(loginUser.getOrgCode())){
-                commonAPI.updateUserDepart(loginUser.getUsername(), departs.get(0).getOrgCode(),null);
-            }
-            addition.put("multi_depart", 2);
-        }
-
-        // 兼容原有shiro登录结果处理
-        Map<String, Object> map = new HashMap<>();
-        map.put("result", addition);
-        map.put("code", 200);
-        map.put("success", true);
-        map.put("timestamp", System.currentTimeMillis());
-
-
-        // 返回access_token、refresh_token以及其它信息给到前端
-        return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, accessToken, refreshToken, map);
-    }
-
-    @Override
-    public boolean supports(Class<?> authentication) {
-        return SocialGrantAuthenticationToken.class.isAssignableFrom(authentication);
-    }
-
-    private static OAuth2ClientAuthenticationToken getAuthenticatedClientElseThrowInvalidClient(Authentication authentication) {
-        OAuth2ClientAuthenticationToken clientPrincipal = null;
-        if (OAuth2ClientAuthenticationToken.class.isAssignableFrom(authentication.getPrincipal().getClass())) {
-            clientPrincipal = (OAuth2ClientAuthenticationToken) authentication.getPrincipal();
-        }
-        if (clientPrincipal != null && clientPrincipal.isAuthenticated()) {
-            return clientPrincipal;
-        }
-        throw new OAuth2AuthenticationException(OAuth2ErrorCodes.INVALID_CLIENT);
-    }
-
-    /**
-     * 登录失败超出次数5 返回true
-     * @param username
-     * @return
-     */
-    private boolean isLoginFailOvertimes(String username){
-        String key = CommonConstant.LOGIN_FAIL + username;
-        Object failTime = redisUtil.get(key);
-        if(failTime!=null){
-            Integer val = Integer.parseInt(failTime.toString());
-            if(val>5){
-                return true;
-            }
-        }
-        return false;
-    }
-
-    /**
-     * 记录登录失败次数
-     * @param username
-     */
-    private void addLoginFailOvertimes(String username){
-        String key = CommonConstant.LOGIN_FAIL + username;
-        Object failTime = redisUtil.get(key);
-        Integer val = 0;
-        if(failTime!=null){
-            val = Integer.parseInt(failTime.toString());
-        }
-        // 10分钟
-        redisUtil.set(key, ++val, 10);
-    }
-
-    /**
-     * 校验用户是否有效
-     */
-    private void checkUserIsEffective(LoginUser loginUser) {
-        //情况1：根据用户信息查询，该用户不存在
-        if (Objects.isNull(loginUser)) {
-            baseCommonService.addLog("用户登录失败，用户不存在！", CommonConstant.LOG_TYPE_1, null);
-            throw new JeecgBootException("该用户不存在，请注册");
-        }
-        //情况2：根据用户信息查询，该用户已注销
-        //update-begin---author:王帅   Date:20200601  for：if条件永远为falsebug------------
-        if (CommonConstant.DEL_FLAG_1.equals(loginUser.getDelFlag())) {
-            //update-end---author:王帅   Date:20200601  for：if条件永远为falsebug------------
-            baseCommonService.addLog("用户登录失败，用户名:" + loginUser.getUsername() + "已注销！", CommonConstant.LOG_TYPE_1, null);
-            throw new JeecgBootException("该用户已注销");
-        }
-        //情况3：根据用户信息查询，该用户已冻结
-        if (CommonConstant.USER_FREEZE.equals(loginUser.getStatus())) {
-            baseCommonService.addLog("用户登录失败，用户名:" + loginUser.getUsername() + "已冻结！", CommonConstant.LOG_TYPE_1, null);
-            throw new JeecgBootException("该用户已冻结");
-        }
-    }
-
-}
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/social/SocialGrantAuthenticationToken.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/social/SocialGrantAuthenticationToken.java
@ -1,21 +0,0 @@
-package org.jeecg.config.security.social;
-
-import org.jeecg.config.security.LoginType;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.oauth2.core.AuthorizationGrantType;
-import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationGrantAuthenticationToken;
-
-import java.util.Map;
-
-/**
- * 社交模式认证专用token类型，方法spring authorization server进行认证流转，配合convert使用，配合github、企业微信、钉钉、微信登录使用
- * @author EightMonth
- * @date 2024/1/1
- */
-public class SocialGrantAuthenticationToken extends OAuth2AuthorizationGrantAuthenticationToken {
-
-    public SocialGrantAuthenticationToken(Authentication clientPrincipal, Map<String, Object> additionalParameters) {
-        super(new AuthorizationGrantType(LoginType.SOCIAL), clientPrincipal, additionalParameters);
-    }
-
-}
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/utils/SecureUtil.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/utils/SecureUtil.java
@ -1,23 +0,0 @@
-package org.jeecg.config.security.utils;
-
-import com.alibaba.fastjson2.JSONObject;
-import org.jeecg.common.system.vo.LoginUser;
-import org.jeecg.common.util.SpringContextUtils;
-import org.springframework.security.core.context.SecurityContextHolder;
-
-/**
- * 认证信息工具类
- * @author EightMonth
- * @date 2024/1/10 17:03
- */
-public class SecureUtil {
-
-    /**
-     * 通过当前认证信息获取用户信息
-     * @return
-     */
-    public static LoginUser currentUser() {
-        String name = SecurityContextHolder.getContext().getAuthentication().getName();
-        return JSONObject.parseObject(name, LoginUser.class);
-    }
-}
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/JwtToken.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/JwtToken.java
@ -0,0 +1,28 @@
+package org.jeecg.config.shiro;
+ 
+import org.apache.shiro.authc.AuthenticationToken;
+
+/**
+ * @Author Scott
+ * @create 2018-07-12 15:19
+ * @desc
+ **/
+public class JwtToken implements AuthenticationToken {
+	
+	private static final long serialVersionUID = 1L;
+	private String token;
+ 
+    public JwtToken(String token) {
+        this.token = token;
+    }
+ 
+    @Override
+    public Object getPrincipal() {
+        return token;
+    }
+ 
+    @Override
+    public Object getCredentials() {
+        return token;
+    }
+}
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/ShiroConfig.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/ShiroConfig.java
@ -0,0 +1,306 @@
+package org.jeecg.config.shiro;
+
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.pool2.impl.GenericObjectPoolConfig;
+import org.apache.shiro.mgt.DefaultSessionStorageEvaluator;
+import org.apache.shiro.mgt.DefaultSubjectDAO;
+import org.apache.shiro.mgt.SecurityManager;
+import org.apache.shiro.spring.LifecycleBeanPostProcessor;
+import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
+import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
+import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
+import org.crazycake.shiro.*;
+import org.jeecg.common.constant.CommonConstant;
+import org.jeecg.common.util.oConvertUtils;
+import org.jeecg.config.JeecgBaseConfig;
+import org.jeecg.config.shiro.filters.CustomShiroFilterFactoryBean;
+import org.jeecg.config.shiro.filters.JwtFilter;
+import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.DependsOn;
+import org.springframework.core.env.Environment;
+import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
+import org.springframework.boot.autoconfigure.data.redis.RedisProperties;
+import org.springframework.util.CollectionUtils;
+import org.springframework.util.StringUtils;
+import redis.clients.jedis.HostAndPort;
+import redis.clients.jedis.JedisCluster;
+
+import jakarta.annotation.Resource;
+import jakarta.servlet.Filter;
+import java.util.*;
+
+/**
+ * @author: Scott
+ * @date: 2018/2/7
+ * @description: shiro 配置类
+ */
+
+@Slf4j
+@Configuration
+public class ShiroConfig {
+
+    @Resource
+    private LettuceConnectionFactory lettuceConnectionFactory;
+    @Autowired
+    private Environment env;
+    @Resource
+    private JeecgBaseConfig jeecgBaseConfig;
+    @Autowired(required = false)
+    private RedisProperties redisProperties;
+
+    /**
+     * Filter Chain定义说明
+     *
+     * 1、一个URL可以配置多个Filter，使用逗号分隔
+     * 2、当设置多个过滤器时，全部验证通过，才视为通过
+     * 3、部分过滤器可指定参数，如perms，roles
+     */
+    @Bean("shiroFilterFactoryBean")
+    public ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager) {
+        CustomShiroFilterFactoryBean shiroFilterFactoryBean = new CustomShiroFilterFactoryBean();
+        shiroFilterFactoryBean.setSecurityManager(securityManager);
+        // 拦截器
+        Map<String, String> filterChainDefinitionMap = new LinkedHashMap<String, String>();
+
+        //支持yml方式，配置拦截排除
+        if(jeecgBaseConfig!=null && jeecgBaseConfig.getShiro()!=null){
+            String shiroExcludeUrls = jeecgBaseConfig.getShiro().getExcludeUrls();
+            if(oConvertUtils.isNotEmpty(shiroExcludeUrls)){
+                String[] permissionUrl = shiroExcludeUrls.split(",");
+                for(String url : permissionUrl){
+                    filterChainDefinitionMap.put(url,"anon");
+                }
+            }
+        }
+
+        // 配置不会被拦截的链接 顺序判断
+        filterChainDefinitionMap.put("/sys/cas/client/validateLogin", "anon"); //cas验证登录
+        filterChainDefinitionMap.put("/sys/randomImage/**", "anon"); //登录验证码接口排除
+        filterChainDefinitionMap.put("/sys/checkCaptcha", "anon"); //登录验证码接口排除
+        filterChainDefinitionMap.put("/sys/login", "anon"); //登录接口排除
+        filterChainDefinitionMap.put("/sys/mLogin", "anon"); //登录接口排除
+        filterChainDefinitionMap.put("/sys/logout", "anon"); //登出接口排除
+        filterChainDefinitionMap.put("/sys/thirdLogin/**", "anon"); //第三方登录
+        filterChainDefinitionMap.put("/sys/getEncryptedString", "anon"); //获取加密串
+        filterChainDefinitionMap.put("/sys/sms", "anon");//短信验证码
+        filterChainDefinitionMap.put("/sys/phoneLogin", "anon");//手机登录
+        filterChainDefinitionMap.put("/sys/user/checkOnlyUser", "anon");//校验用户是否存在
+        filterChainDefinitionMap.put("/sys/user/register", "anon");//用户注册
+        filterChainDefinitionMap.put("/sys/user/phoneVerification", "anon");//用户忘记密码验证手机号
+        filterChainDefinitionMap.put("/sys/user/passwordChange", "anon");//用户更改密码
+        filterChainDefinitionMap.put("/auth/2step-code", "anon");//登录验证码
+        filterChainDefinitionMap.put("/sys/common/static/**", "anon");//图片预览 &下载文件不限制token
+        filterChainDefinitionMap.put("/sys/common/pdf/**", "anon");//pdf预览
+
+        //filterChainDefinitionMap.put("/sys/common/view/**", "anon");//图片预览不限制token
+        //filterChainDefinitionMap.put("/sys/common/download/**", "anon");//文件下载不限制token
+        filterChainDefinitionMap.put("/generic/**", "anon");//pdf预览需要文件
+
+        filterChainDefinitionMap.put("/sys/getLoginQrcode/**", "anon"); //登录二维码
+        filterChainDefinitionMap.put("/sys/getQrcodeToken/**", "anon"); //监听扫码
+        filterChainDefinitionMap.put("/sys/checkAuth", "anon"); //授权接口排除
+
+
+        //update-begin--Author:scott Date:20221116 for：排除静态资源后缀
+        filterChainDefinitionMap.put("/", "anon");
+        filterChainDefinitionMap.put("/doc.html", "anon");
+        filterChainDefinitionMap.put("/**/*.js", "anon");
+        filterChainDefinitionMap.put("/**/*.css", "anon");
+        filterChainDefinitionMap.put("/**/*.html", "anon");
+        filterChainDefinitionMap.put("/**/*.svg", "anon");
+        filterChainDefinitionMap.put("/**/*.pdf", "anon");
+        filterChainDefinitionMap.put("/**/*.jpg", "anon");
+        filterChainDefinitionMap.put("/**/*.png", "anon");
+        filterChainDefinitionMap.put("/**/*.gif", "anon");
+        filterChainDefinitionMap.put("/**/*.ico", "anon");
+        filterChainDefinitionMap.put("/**/*.ttf", "anon");
+        filterChainDefinitionMap.put("/**/*.woff", "anon");
+        filterChainDefinitionMap.put("/**/*.woff2", "anon");
+        //update-end--Author:scott Date:20221116 for：排除静态资源后缀
+
+        filterChainDefinitionMap.put("/druid/**", "anon");
+        filterChainDefinitionMap.put("/swagger-ui.html", "anon");
+        filterChainDefinitionMap.put("/swagger**/**", "anon");
+        filterChainDefinitionMap.put("/webjars/**", "anon");
+        filterChainDefinitionMap.put("/v3/**", "anon");
+
+        // update-begin--Author:sunjianlei Date:20210510 for：排除消息通告查看详情页面（用于第三方APP）
+        filterChainDefinitionMap.put("/sys/annountCement/show/**", "anon");
+        // update-end--Author:sunjianlei Date:20210510 for：排除消息通告查看详情页面（用于第三方APP）
+
+        //积木报表排除
+        filterChainDefinitionMap.put("/jmreport/**", "anon");
+        filterChainDefinitionMap.put("/**/*.js.map", "anon");
+        filterChainDefinitionMap.put("/**/*.css.map", "anon");
+        
+        //拖拽仪表盘设计器排除
+        filterChainDefinitionMap.put("/drag/view", "anon");
+        filterChainDefinitionMap.put("/drag/page/queryById", "anon");
+        filterChainDefinitionMap.put("/drag/onlDragDatasetHead/getAllChartData", "anon");
+        filterChainDefinitionMap.put("/drag/onlDragDatasetHead/getTotalData", "anon");
+        filterChainDefinitionMap.put("/drag/mock/json/**", "anon");
+        //大屏模板例子
+        filterChainDefinitionMap.put("/test/bigScreen/**", "anon");
+        filterChainDefinitionMap.put("/bigscreen/template1/**", "anon");
+        filterChainDefinitionMap.put("/bigscreen/template1/**", "anon");
+        //filterChainDefinitionMap.put("/test/jeecgDemo/rabbitMqClientTest/**", "anon"); //MQ测试
+        //filterChainDefinitionMap.put("/test/jeecgDemo/html", "anon"); //模板页面
+        //filterChainDefinitionMap.put("/test/jeecgDemo/redis/**", "anon"); //redis测试
+
+        //websocket排除
+        filterChainDefinitionMap.put("/websocket/**", "anon");//系统通知和公告
+        filterChainDefinitionMap.put("/newsWebsocket/**", "anon");//CMS模块
+        filterChainDefinitionMap.put("/vxeSocket/**", "anon");//JVxeTable无痕刷新示例
+
+        //性能监控——安全隐患泄露TOEKN（durid连接池也有）
+        //filterChainDefinitionMap.put("/actuator/**", "anon");
+        //测试模块排除
+        filterChainDefinitionMap.put("/test/seata/**", "anon");
+
+        //错误路径排除
+        filterChainDefinitionMap.put("/error", "anon");
+        // 企业微信证书排除
+        filterChainDefinitionMap.put("/WW_verify*", "anon");
+
+        // 添加自己的过滤器并且取名为jwt
+        Map<String, Filter> filterMap = new HashMap<String, Filter>(1);
+        //如果cloudServer为空 则说明是单体 需要加载跨域配置【微服务跨域切换】
+        Object cloudServer = env.getProperty(CommonConstant.CLOUD_SERVER_KEY);
+        filterMap.put("jwt", new JwtFilter(cloudServer==null));
+        shiroFilterFactoryBean.setFilters(filterMap);
+        // <!-- 过滤链定义，从上向下顺序执行，一般将/**放在最为下边
+        filterChainDefinitionMap.put("/**", "jwt");
+
+        // 未授权界面返回JSON
+        shiroFilterFactoryBean.setUnauthorizedUrl("/sys/common/403");
+        shiroFilterFactoryBean.setLoginUrl("/sys/common/403");
+        shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
+        return shiroFilterFactoryBean;
+    }
+
+    @Bean("securityManager")
+    public DefaultWebSecurityManager securityManager(ShiroRealm myRealm) {
+        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
+        securityManager.setRealm(myRealm);
+
+        /*
+         * 关闭shiro自带的session，详情见文档
+         * http://shiro.apache.org/session-management.html#SessionManagement-
+         * StatelessApplications%28Sessionless%29
+         */
+        DefaultSubjectDAO subjectDAO = new DefaultSubjectDAO();
+        DefaultSessionStorageEvaluator defaultSessionStorageEvaluator = new DefaultSessionStorageEvaluator();
+        defaultSessionStorageEvaluator.setSessionStorageEnabled(false);
+        subjectDAO.setSessionStorageEvaluator(defaultSessionStorageEvaluator);
+        securityManager.setSubjectDAO(subjectDAO);
+        //自定义缓存实现,使用redis
+        securityManager.setCacheManager(redisCacheManager());
+        return securityManager;
+    }
+
+    /**
+     * 下面的代码是添加注解支持
+     * @return
+     */
+    @Bean
+    @DependsOn("lifecycleBeanPostProcessor")
+    public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
+        DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();
+        defaultAdvisorAutoProxyCreator.setProxyTargetClass(true);
+        /**
+         * 解决重复代理问题 github#994
+         * 添加前缀判断 不匹配 任何Advisor
+         */
+        defaultAdvisorAutoProxyCreator.setUsePrefix(true);
+        defaultAdvisorAutoProxyCreator.setAdvisorBeanNamePrefix("_no_advisor");
+        return defaultAdvisorAutoProxyCreator;
+    }
+
+    @Bean
+    public static LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
+        return new LifecycleBeanPostProcessor();
+    }
+
+    @Bean
+    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(DefaultWebSecurityManager securityManager) {
+        AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor();
+        advisor.setSecurityManager(securityManager);
+        return advisor;
+    }
+
+    /**
+     * cacheManager 缓存 redis实现
+     * 使用的是shiro-redis开源插件
+     *
+     * @return
+     */
+    public RedisCacheManager redisCacheManager() {
+        log.info("===============(1)创建缓存管理器RedisCacheManager");
+        RedisCacheManager redisCacheManager = new RedisCacheManager();
+        redisCacheManager.setRedisManager(redisManager());
+        //redis中针对不同用户缓存(此处的id需要对应user实体中的id字段,用于唯一标识)
+        redisCacheManager.setPrincipalIdFieldName("id");
+        //用户权限信息缓存时间
+        redisCacheManager.setExpire(200000);
+        return redisCacheManager;
+    }
+
+    /**
+     * 配置shiro redisManager
+     * 使用的是shiro-redis开源插件
+     *
+     * @return
+     */
+    @Bean
+    public IRedisManager redisManager() {
+        log.info("===============(2)创建RedisManager,连接Redis..");
+        IRedisManager manager;
+        // sentinel cluster redis（【issues/5569】shiro集成 redis 不支持 sentinel 方式部署的redis集群 #5569）
+        if (Objects.nonNull(redisProperties)
+                && Objects.nonNull(redisProperties.getSentinel())
+                && !CollectionUtils.isEmpty(redisProperties.getSentinel().getNodes())) {
+            RedisSentinelManager sentinelManager = new RedisSentinelManager();
+            sentinelManager.setMasterName(redisProperties.getSentinel().getMaster());
+            sentinelManager.setHost(String.join(",", redisProperties.getSentinel().getNodes()));
+            sentinelManager.setPassword(redisProperties.getSentinel().getPassword());
+            sentinelManager.setDatabase(redisProperties.getDatabase());
+
+            return sentinelManager;
+        }
+
+        // redis 单机支持，在集群为空，或者集群无机器时候使用 add by jzyadmin@163.com
+        if (lettuceConnectionFactory.getClusterConfiguration() == null || lettuceConnectionFactory.getClusterConfiguration().getClusterNodes().isEmpty()) {
+            RedisManager redisManager = new RedisManager();
+            redisManager.setHost(lettuceConnectionFactory.getHostName() + ":" + lettuceConnectionFactory.getPort());
+            //(lettuceConnectionFactory.getPort());
+            redisManager.setDatabase(lettuceConnectionFactory.getDatabase());
+            redisManager.setTimeout(0);
+            if (!StringUtils.isEmpty(lettuceConnectionFactory.getPassword())) {
+                redisManager.setPassword(lettuceConnectionFactory.getPassword());
+            }
+            manager = redisManager;
+        }else{
+            // redis集群支持，优先使用集群配置
+            RedisClusterManager redisManager = new RedisClusterManager();
+            Set<HostAndPort> portSet = new HashSet<>();
+            lettuceConnectionFactory.getClusterConfiguration().getClusterNodes().forEach(node -> portSet.add(new HostAndPort(node.getHost() , node.getPort())));
+            //update-begin--Author:scott Date:20210531 for：修改集群模式下未设置redis密码的bug issues/I3QNIC
+            if (oConvertUtils.isNotEmpty(lettuceConnectionFactory.getPassword())) {
+                JedisCluster jedisCluster = new JedisCluster(portSet, 2000, 2000, 5,
+                    lettuceConnectionFactory.getPassword(), new GenericObjectPoolConfig());
+                redisManager.setPassword(lettuceConnectionFactory.getPassword());
+                redisManager.setJedisCluster(jedisCluster);
+            } else {
+                JedisCluster jedisCluster = new JedisCluster(portSet);
+                redisManager.setJedisCluster(jedisCluster);
+            }
+            //update-end--Author:scott Date:20210531 for：修改集群模式下未设置redis密码的bug issues/I3QNIC
+            manager = redisManager;
+        }
+        return manager;
+    }
+
+}
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/ShiroRealm.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/ShiroRealm.java
@ -0,0 +1,229 @@
+package org.jeecg.config.shiro;
+
+import lombok.extern.slf4j.Slf4j;
+import org.apache.shiro.authc.AuthenticationException;
+import org.apache.shiro.authc.AuthenticationInfo;
+import org.apache.shiro.authc.AuthenticationToken;
+import org.apache.shiro.authc.SimpleAuthenticationInfo;
+import org.apache.shiro.authz.AuthorizationInfo;
+import org.apache.shiro.authz.SimpleAuthorizationInfo;
+import org.apache.shiro.realm.AuthorizingRealm;
+import org.apache.shiro.subject.PrincipalCollection;
+import org.jeecg.common.api.CommonAPI;
+import org.jeecg.common.config.TenantContext;
+import org.jeecg.common.constant.CacheConstant;
+import org.jeecg.common.constant.CommonConstant;
+import org.jeecg.common.system.util.JwtUtil;
+import org.jeecg.common.system.vo.LoginUser;
+import org.jeecg.common.util.RedisUtil;
+import org.jeecg.common.util.SpringContextUtils;
+import org.jeecg.common.util.TokenUtils;
+import org.jeecg.common.util.oConvertUtils;
+import org.springframework.context.annotation.Lazy;
+import org.springframework.stereotype.Component;
+
+import jakarta.annotation.Resource;
+import jakarta.servlet.http.HttpServletRequest;
+import java.util.Set;
+
+/**
+ * @Description: 用户登录鉴权和获取用户授权
+ * @Author: Scott
+ * @Date: 2019-4-23 8:13
+ * @Version: 1.1
+ */
+@Component
+@Slf4j
+public class ShiroRealm extends AuthorizingRealm {
+	@Lazy
+    @Resource
+    private CommonAPI commonApi;
+
+    @Lazy
+    @Resource
+    private RedisUtil redisUtil;
+
+    /**
+     * 必须重写此方法，不然Shiro会报错
+     */
+    @Override
+    public boolean supports(AuthenticationToken token) {
+        return token instanceof JwtToken;
+    }
+
+    /**
+     * 权限信息认证(包括角色以及权限)是用户访问controller的时候才进行验证(redis存储的此处权限信息)
+     * 触发检测用户权限时才会调用此方法，例如checkRole,checkPermission
+     *
+     * @param principals 身份信息
+     * @return AuthorizationInfo 权限信息
+     */
+    @Override
+    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
+        log.debug("===============Shiro权限认证开始============ [ roles、permissions]==========");
+        String username = null;
+        if (principals != null) {
+            LoginUser sysUser = (LoginUser) principals.getPrimaryPrincipal();
+            username = sysUser.getUsername();
+        }
+        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
+
+        // 设置用户拥有的角色集合，比如“admin,test”
+        Set<String> roleSet = commonApi.queryUserRoles(username);
+        //System.out.println(roleSet.toString());
+        info.setRoles(roleSet);
+
+        // 设置用户拥有的权限集合，比如“sys:role:add,sys:user:add”
+        Set<String> permissionSet = commonApi.queryUserAuths(username);
+        info.addStringPermissions(permissionSet);
+        //System.out.println(permissionSet);
+        log.info("===============Shiro权限认证成功==============");
+        return info;
+    }
+
+    /**
+     * 用户信息认证是在用户进行登录的时候进行验证(不存redis)
+     * 也就是说验证用户输入的账号和密码是否正确，错误抛出异常
+     *
+     * @param auth 用户登录的账号密码信息
+     * @return 返回封装了用户信息的 AuthenticationInfo 实例
+     * @throws AuthenticationException
+     */
+    @Override
+    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken auth) throws AuthenticationException {
+        log.debug("===============Shiro身份认证开始============doGetAuthenticationInfo==========");
+        String token = (String) auth.getCredentials();
+        if (token == null) {
+            HttpServletRequest req = SpringContextUtils.getHttpServletRequest();
+            log.info("————————身份认证失败——————————IP地址:  "+ oConvertUtils.getIpAddrByRequest(req) +"，URL:"+req.getRequestURI());
+            throw new AuthenticationException("token为空!");
+        }
+        // 校验token有效性
+        LoginUser loginUser = null;
+        try {
+            loginUser = this.checkUserTokenIsEffect(token);
+        } catch (AuthenticationException e) {
+            JwtUtil.responseError(SpringContextUtils.getHttpServletResponse(),401,e.getMessage());
+            e.printStackTrace();
+            return null;
+        }
+        return new SimpleAuthenticationInfo(loginUser, token, getName());
+    }
+
+    /**
+     * 校验token的有效性
+     *
+     * @param token
+     */
+    public LoginUser checkUserTokenIsEffect(String token) throws AuthenticationException {
+        // 解密获得username，用于和数据库进行对比
+        String username = JwtUtil.getUsername(token);
+        if (username == null) {
+            throw new AuthenticationException("token非法无效!");
+        }
+
+        // 查询用户信息
+        log.debug("———校验token是否有效————checkUserTokenIsEffect——————— "+ token);
+        LoginUser loginUser = TokenUtils.getLoginUser(username, commonApi, redisUtil);
+        //LoginUser loginUser = commonApi.getUserByName(username);
+        if (loginUser == null) {
+            throw new AuthenticationException("用户不存在!");
+        }
+        // 判断用户状态
+        if (loginUser.getStatus() != 1) {
+            throw new AuthenticationException("账号已被锁定,请联系管理员!");
+        }
+        // 校验token是否超时失效 & 或者账号密码是否错误
+        if (!jwtTokenRefresh(token, username, loginUser.getPassword())) {
+            throw new AuthenticationException(CommonConstant.TOKEN_IS_INVALID_MSG);
+        }
+        //update-begin-author:taoyan date:20210609 for:校验用户的tenant_id和前端传过来的是否一致
+        String userTenantIds = loginUser.getRelTenantIds();
+        if(oConvertUtils.isNotEmpty(userTenantIds)){
+            String contextTenantId = TenantContext.getTenant();
+            log.debug("登录租户：" + contextTenantId);
+            log.debug("用户拥有那些租户：" + userTenantIds);
+             //登录用户无租户，前端header中租户ID值为 0
+            String str ="0";
+            if(oConvertUtils.isNotEmpty(contextTenantId) && !str.equals(contextTenantId)){
+                //update-begin-author:taoyan date:20211227 for: /issues/I4O14W 用户租户信息变更判断漏洞
+                String[] arr = userTenantIds.split(",");
+                if(!oConvertUtils.isIn(contextTenantId, arr)){
+                    boolean isAuthorization = false;
+                    //========================================================================
+                    // 查询用户信息（如果租户不匹配从数据库中重新查询一次用户信息）
+                    String loginUserKey = CacheConstant.SYS_USERS_CACHE + "::" + username;
+                    redisUtil.del(loginUserKey);
+                    LoginUser loginUserFromDb = commonApi.getUserByName(username);
+                    if (oConvertUtils.isNotEmpty(loginUserFromDb.getRelTenantIds())) {
+                        String[] newArray = loginUserFromDb.getRelTenantIds().split(",");
+                        if (oConvertUtils.isIn(contextTenantId, newArray)) { 
+                            isAuthorization = true;
+                        }
+                    }
+                    //========================================================================
+
+                    //*********************************************
+                    if(!isAuthorization){
+                        log.info("租户异常——登录租户：" + contextTenantId);
+                        log.info("租户异常——用户拥有租户组：" + userTenantIds);
+                        throw new AuthenticationException("登录租户授权变更，请重新登陆!");
+                    }
+                    //*********************************************
+                }
+                //update-end-author:taoyan date:20211227 for: /issues/I4O14W 用户租户信息变更判断漏洞
+            }
+        }
+        //update-end-author:taoyan date:20210609 for:校验用户的tenant_id和前端传过来的是否一致
+        return loginUser;
+    }
+
+    /**
+     * JWTToken刷新生命周期 （实现： 用户在线操作不掉线功能）
+     * 1、登录成功后将用户的JWT生成的Token作为k、v存储到cache缓存里面(这时候k、v值一样)，缓存有效期设置为Jwt有效时间的2倍
+     * 2、当该用户再次请求时，通过JWTFilter层层校验之后会进入到doGetAuthenticationInfo进行身份验证
+     * 3、当该用户这次请求jwt生成的token值已经超时，但该token对应cache中的k还是存在，则表示该用户一直在操作只是JWT的token失效了，程序会给token对应的k映射的v值重新生成JWTToken并覆盖v值，该缓存生命周期重新计算
+     * 4、当该用户这次请求jwt在生成的token值已经超时，并在cache中不存在对应的k，则表示该用户账户空闲超时，返回用户信息已失效，请重新登录。
+     * 注意： 前端请求Header中设置Authorization保持不变，校验有效性以缓存中的token为准。
+     *       用户过期时间 = Jwt有效时间 * 2。
+     *
+     * @param userName
+     * @param passWord
+     * @return
+     */
+    public boolean jwtTokenRefresh(String token, String userName, String passWord) {
+        String cacheToken = String.valueOf(redisUtil.get(CommonConstant.PREFIX_USER_TOKEN + token));
+        if (oConvertUtils.isNotEmpty(cacheToken)) {
+            // 校验token有效性
+            if (!JwtUtil.verify(cacheToken, userName, passWord)) {
+                String newAuthorization = JwtUtil.sign(userName, passWord);
+                // 设置超时时间
+                redisUtil.set(CommonConstant.PREFIX_USER_TOKEN + token, newAuthorization);
+                redisUtil.expire(CommonConstant.PREFIX_USER_TOKEN + token, JwtUtil.EXPIRE_TIME *2 / 1000);
+                log.debug("——————————用户在线操作，更新token保证不掉线—————————jwtTokenRefresh——————— "+ token);
+            }
+            //update-begin--Author:scott  Date:20191005  for：解决每次请求，都重写redis中 token缓存问题
+//			else {
+//				// 设置超时时间
+//				redisUtil.set(CommonConstant.PREFIX_USER_TOKEN + token, cacheToken);
+//				redisUtil.expire(CommonConstant.PREFIX_USER_TOKEN + token, JwtUtil.EXPIRE_TIME / 1000);
+//			}
+            //update-end--Author:scott  Date:20191005   for：解决每次请求，都重写redis中 token缓存问题
+            return true;
+        }
+
+        //redis中不存在此TOEKN，说明token非法返回false
+        return false;
+    }
+
+    /**
+     * 清除当前用户的权限认证缓存
+     *
+     * @param principals 权限信息
+     */
+    @Override
+    public void clearCache(PrincipalCollection principals) {
+        super.clearCache(principals);
+    }
+
+}
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/filters/CustomShiroFilterFactoryBean.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/filters/CustomShiroFilterFactoryBean.java
@ -0,0 +1,77 @@
+package org.jeecg.config.shiro.filters;
+
+import lombok.extern.slf4j.Slf4j;
+import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
+import org.apache.shiro.web.filter.InvalidRequestFilter;
+import org.apache.shiro.web.filter.mgt.DefaultFilter;
+import org.apache.shiro.web.filter.mgt.FilterChainManager;
+import org.apache.shiro.web.filter.mgt.FilterChainResolver;
+import org.apache.shiro.web.filter.mgt.PathMatchingFilterChainResolver;
+import org.apache.shiro.web.mgt.WebSecurityManager;
+import org.apache.shiro.web.servlet.AbstractShiroFilter;
+import org.apache.shiro.mgt.SecurityManager;
+import org.springframework.beans.factory.BeanInitializationException;
+
+import jakarta.servlet.Filter;
+import java.util.Map;
+
+/**
+ * 自定义ShiroFilterFactoryBean解决资源中文路径问题
+ * @author: jeecg-boot
+ */
+@Slf4j
+public class CustomShiroFilterFactoryBean extends ShiroFilterFactoryBean {
+    @Override
+    public Class getObjectType() {
+        return MySpringShiroFilter.class;
+    }
+
+    @Override
+    protected AbstractShiroFilter createInstance() throws Exception {
+
+        SecurityManager securityManager = getSecurityManager();
+        if (securityManager == null) {
+            String msg = "SecurityManager property must be set.";
+            throw new BeanInitializationException(msg);
+        }
+
+        if (!(securityManager instanceof WebSecurityManager)) {
+            String msg = "The security manager does not implement the WebSecurityManager interface.";
+            throw new BeanInitializationException(msg);
+        }
+
+        FilterChainManager manager = createFilterChainManager();
+        //Expose the constructed FilterChainManager by first wrapping it in a
+        // FilterChainResolver implementation. The AbstractShiroFilter implementations
+        // do not know about FilterChainManagers - only resolvers:
+        PathMatchingFilterChainResolver chainResolver = new PathMatchingFilterChainResolver();
+        chainResolver.setFilterChainManager(manager);
+
+        Map<String, Filter> filterMap = manager.getFilters();
+        Filter invalidRequestFilter = filterMap.get(DefaultFilter.invalidRequest.name());
+        if (invalidRequestFilter instanceof InvalidRequestFilter) {
+            //此处是关键,设置false跳过URL携带中文400，servletPath中文校验bug
+            ((InvalidRequestFilter) invalidRequestFilter).setBlockNonAscii(false);
+        }
+        //Now create a concrete ShiroFilter instance and apply the acquired SecurityManager and built
+        //FilterChainResolver.  It doesn't matter that the instance is an anonymous inner class
+        //here - we're just using it because it is a concrete AbstractShiroFilter instance that accepts
+        //injection of the SecurityManager and FilterChainResolver:
+        return new MySpringShiroFilter((WebSecurityManager) securityManager, chainResolver);
+    }
+
+    private static final class MySpringShiroFilter extends AbstractShiroFilter {
+        protected MySpringShiroFilter(WebSecurityManager webSecurityManager, FilterChainResolver resolver) {
+            if (webSecurityManager == null) {
+                throw new IllegalArgumentException("WebSecurityManager property cannot be null.");
+            } else {
+                this.setSecurityManager(webSecurityManager);
+                if (resolver != null) {
+                    this.setFilterChainResolver(resolver);
+                }
+
+            }
+        }
+    }
+
+}
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/filters/JwtFilter.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/filters/JwtFilter.java
@ -0,0 +1,124 @@
+package org.jeecg.config.shiro.filters;
+
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang.StringUtils;
+import org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter;
+import org.jeecg.common.config.TenantContext;
+import org.jeecg.common.constant.CommonConstant;
+import org.jeecg.common.system.util.JwtUtil;
+import org.jeecg.common.util.oConvertUtils;
+import org.jeecg.config.shiro.JwtToken;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpStatus;
+import org.springframework.web.bind.annotation.RequestMethod;
+
+import jakarta.servlet.ServletRequest;
+import jakarta.servlet.ServletResponse;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+
+/**
+ * @Description: 鉴权登录拦截器
+ * @Author: Scott
+ * @Date: 2018/10/7
+ **/
+@Slf4j
+public class JwtFilter extends BasicHttpAuthenticationFilter {
+
+    /**
+     * 默认开启跨域设置（使用单体）
+     * 微服务情况下，此属性设置为false
+     */
+    private boolean allowOrigin = true;
+
+    public JwtFilter(){}
+    public JwtFilter(boolean allowOrigin){
+        this.allowOrigin = allowOrigin;
+    }
+
+    /**
+     * 执行登录认证
+     *
+     * @param request
+     * @param response
+     * @param mappedValue
+     * @return
+     */
+    @Override
+    protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {
+        try {
+            executeLogin(request, response);
+            return true;
+        } catch (Exception e) {
+            JwtUtil.responseError(response,401,CommonConstant.TOKEN_IS_INVALID_MSG);
+            return false;
+            //throw new AuthenticationException("Token失效，请重新登录", e);
+        }
+    }
+
+    /**
+     *
+     */
+    @Override
+    protected boolean executeLogin(ServletRequest request, ServletResponse response) throws Exception {
+        HttpServletRequest httpServletRequest = (HttpServletRequest) request;
+        String token = httpServletRequest.getHeader(CommonConstant.X_ACCESS_TOKEN);
+        // update-begin--Author:lvdandan Date:20210105 for：JT-355 OA聊天添加token验证，获取token参数
+        if (oConvertUtils.isEmpty(token)) {
+            token = httpServletRequest.getParameter("token");
+        }
+        // update-end--Author:lvdandan Date:20210105 for：JT-355 OA聊天添加token验证，获取token参数
+
+        JwtToken jwtToken = new JwtToken(token);
+        // 提交给realm进行登入，如果错误他会抛出异常并被捕获
+        getSubject(request, response).login(jwtToken);
+        // 如果没有抛出异常则代表登入成功，返回true
+        return true;
+    }
+
+    /**
+     * 对跨域提供支持
+     */
+    @Override
+    protected boolean preHandle(ServletRequest request, ServletResponse response) throws Exception {
+        HttpServletRequest httpServletRequest = (HttpServletRequest) request;
+        HttpServletResponse httpServletResponse = (HttpServletResponse) response;
+        if(allowOrigin){
+            httpServletResponse.setHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, httpServletRequest.getHeader(HttpHeaders.ORIGIN));
+            // 允许客户端请求方法
+            httpServletResponse.setHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, "GET,POST,OPTIONS,PUT,DELETE");
+            // 允许客户端提交的Header
+            String requestHeaders = httpServletRequest.getHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_HEADERS);
+            if (StringUtils.isNotEmpty(requestHeaders)) {
+                httpServletResponse.setHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, requestHeaders);
+            }
+            // 允许客户端携带凭证信息(是否允许发送Cookie)
+            httpServletResponse.setHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
+        }
+        // 跨域时会首先发送一个option请求，这里我们给option请求直接返回正常状态
+        if (RequestMethod.OPTIONS.name().equalsIgnoreCase(httpServletRequest.getMethod())) {
+            httpServletResponse.setStatus(HttpStatus.OK.value());
+            return false;
+        }
+        //update-begin-author:taoyan date:20200708 for:多租户用到
+        String tenantId = httpServletRequest.getHeader(CommonConstant.TENANT_ID);
+        TenantContext.setTenant(tenantId);
+        //update-end-author:taoyan date:20200708 for:多租户用到
+
+        return super.preHandle(request, response);
+    }
+
+    /**
+     * JwtFilter中ThreadLocal需要及时清除 #3634
+     *
+     * @param request
+     * @param response
+     * @param exception
+     * @throws Exception
+     */
+    @Override
+    public void afterCompletion(ServletRequest request, ServletResponse response, Exception exception) throws Exception {
+        //log.info("------清空线程中多租户的ID={}------",TenantContext.getTenant());
+        TenantContext.clear();
+    }
+}
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/filters/ResourceCheckFilter.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/filters/ResourceCheckFilter.java
@ -0,0 +1,67 @@
+package org.jeecg.config.shiro.filters;
+
+import jakarta.servlet.ServletRequest;
+import jakarta.servlet.ServletResponse;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import org.apache.shiro.subject.Subject;
+import org.apache.shiro.web.filter.AccessControlFilter;
+import lombok.extern.slf4j.Slf4j;
+
+/**
+ * @Author Scott
+ * @create 2019-02-01 15:56
+ * @desc 鉴权请求URL访问权限拦截器
+ */
+@Slf4j
+public class ResourceCheckFilter extends AccessControlFilter {
+
+    private String errorUrl;
+
+    public String getErrorUrl() {
+        return errorUrl;
+    }
+
+    public void setErrorUrl(String errorUrl) {
+        this.errorUrl = errorUrl;
+    }
+
+    /**
+     * 表示是否允许访问 ，如果允许访问返回true，否则false；
+     *
+     * @param servletRequest
+     * @param servletResponse
+     * @param o               表示写在拦截器中括号里面的字符串 mappedValue 就是 [urls] 配置中拦截器参数部分
+     * @return
+     * @throws Exception
+     */
+    @Override
+    protected boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse, Object o) throws Exception {
+        Subject subject = getSubject(servletRequest, servletResponse);
+        String url = getPathWithinApplication(servletRequest);
+        log.info("当前用户正在访问的 url => " + url);
+        return subject.isPermitted(url);
+    }
+
+    /**
+     * onAccessDenied：表示当访问拒绝时是否已经处理了； 如果返回 true 表示需要继续处理； 如果返回 false
+     * 表示该拦截器实例已经处理了，将直接返回即可。
+     *
+     * @param servletRequest
+     * @param servletResponse
+     * @return
+     * @throws Exception
+     */
+    @Override
+    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
+        log.info("当 isAccessAllowed 返回 false 的时候，才会执行 method onAccessDenied ");
+
+        HttpServletRequest request = (HttpServletRequest) servletRequest;
+        HttpServletResponse response = (HttpServletResponse) servletResponse;
+        response.sendRedirect(request.getContextPath() + this.errorUrl);
+
+        // 返回 false 表示已经处理，例如页面跳转啥的，表示不在走以下的拦截器了（如果还有配置的话）
+        return false;
+    }
+
+}
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/vo/Firewall.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/vo/Firewall.java
@ -35,4 +35,5 @@ public class Firewall {
    public void setLowCodeMode(String lowCodeMode) {
        this.lowCodeMode = lowCodeMode;
    }
+
 }
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/vo/Shiro.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/vo/Shiro.java
@ -0,0 +1,18 @@
+package org.jeecg.config.vo;
+
+/**
+ * @Description: TODO
+ * @author: scott
+ * @date: 2022年01月21日 14:23
+ */
+public class Shiro {
+    private String excludeUrls = "";
+
+    public String getExcludeUrls() {
+        return excludeUrls;
+    }
+
+    public void setExcludeUrls(String excludeUrls) {
+        this.excludeUrls = excludeUrls;
+    }
+}
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/modules/base/service/impl/BaseCommonServiceImpl.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/modules/base/service/impl/BaseCommonServiceImpl.java
@ -2,8 +2,8 @@ package org.jeecg.modules.base.service.impl;

 import com.baomidou.mybatisplus.core.toolkit.IdWorker;
 import lombok.extern.slf4j.Slf4j;
+import org.apache.shiro.SecurityUtils;
 import org.jeecg.common.api.dto.LogDTO;
-import org.jeecg.config.security.utils.SecureUtil;
 import org.jeecg.modules.base.mapper.BaseCommonMapper;
 import org.jeecg.modules.base.service.BaseCommonService;
 import org.jeecg.common.system.vo.LoginUser;
@ -61,7 +61,7 @@ public class BaseCommonServiceImpl implements BaseCommonService {
        //获取登录用户信息
        if(user==null){
            try {
-                user = SecureUtil.currentUser();
+                user = (LoginUser) SecurityUtils.getSubject().getPrincipal();
            } catch (Exception e) {
                //e.printStackTrace();
            }
--- a/jeecg-boot-base-core/src/main/resources/META-INF/spring.factories
+++ b/jeecg-boot-base-core/src/main/resources/META-INF/spring.factories
@ -1,2 +0,0 @@
-org.springframework.boot.SpringApplicationRunListener=\
-org.jeecg.config.DruidWallConfigRegister
--- a/jeecg-boot-base-core/src/main/resources/templates/email/bpm_new_task_email.ftl
+++ b/jeecg-boot-base-core/src/main/resources/templates/email/bpm_new_task_email.ftl
@ -56,7 +56,7 @@
    </div>
    <div style="width: 600px; margin: 0 auto;  margin-top: 50px; font-size: 12px; -webkit-font-smoothing: subpixel-antialiased; text-size-adjust: 100%;">
        <p style="text-align: center; line-height: 20.4px; text-size-adjust: 100%; font-family: 'Microsoft YaHei'!important; padding: 0px !important; margin: 0px !important; color: #7e8890 !important;">
-            <span class="appleLinks">Copyright © 2023-2024 北京国炬科技股份有限公司. 保留所有权利。</span>
+            <span class="appleLinks">Copyright © 2023-2024 北京国炬信息技术有限公司. 保留所有权利。</span>
        </p>
        <p style="text-align: center;line-height: 20.4px; text-size-adjust: 100%; font-family: 'Microsoft YaHei'!important; padding: 0px !important; margin: 0px; color: #7e8890 !important; margin-top: 10px;">
            <span class="appleLinks">邮件由系统自动发送，请勿直接回复本邮件！</span>
--- a/jeecg-boot-base-core/src/main/resources/templates/email/desform_new_data_email.ftl
+++ b/jeecg-boot-base-core/src/main/resources/templates/email/desform_new_data_email.ftl
@ -6,7 +6,10 @@
 <body>
 <div  class="box-content">
    <div  class="info-top">
-        <img src="https://jeecgdev.oss-cn-beijing.aliyuncs.com/temp/logo(1)_1697180761742.png" style="float: left; margin: 0 10px 0 0; width: 32px;height:32px" /><div style="color:#fff"><strong>【重要】新数据提醒</strong></div>
+        <img src="https://qiaoqiaoyun.oss-cn-beijing.aliyuncs.com/site/qqyunemaillogo.png" style="width: 35px;height:35px; background: #5e8ee5; border-radius: 5px;" />
+        <div style="color:#fff;">
+            <strong>【重要】新数据提醒</strong>
+        </div>
    </div>
    <div class="info-wrap">
        <div class="tips" style="padding:15px;">
@ -23,12 +26,12 @@
                <a style="color: #006eff;" href="${moreLink}" target="_blank" rel="noopener">[查看所有数据]</a>
            </p>
        </div>
-        <div class="footer">北京国炬平台</div>
+        <div class="footer">敲敲云平台</div>
        <div class="footer" id="currentTime"></div>
    </div>
    <div style="width: 600px; margin: 0 auto;  margin-top: 50px; font-size: 12px; -webkit-font-smoothing: subpixel-antialiased; text-size-adjust: 100%;">
        <p style="text-align: center; line-height: 20.4px; text-size-adjust: 100%; font-family: 'Microsoft YaHei'!important; padding: 0px !important; margin: 0px !important; color: #7e8890 !important;">
-            <span class="appleLinks">Copyright © 2023-2024 北京国炬科技股份有限公司. 保留所有权利。</span>
+            <span class="appleLinks">Copyright © 2023-2024 北京敲敲云科技有限公司. 保留所有权利。</span>
        </p>
        <p style="text-align: center;line-height: 20.4px; text-size-adjust: 100%; font-family: 'Microsoft YaHei'!important; padding: 0px !important; margin: 0px; color: #7e8890 !important; margin-top: 10px;">
            <span class="appleLinks">邮件由系统自动发送，请勿直接回复本邮件！</span>
@ -46,6 +49,8 @@
    }

    .info-top{
+        display: flex;
+        align-items: center;
        padding: 15px 25px;
        border-top-left-radius: 10px;
        border-top-right-radius: 10px;
--- a/jeecg-module-demo/pom.xml
+++ b/jeecg-module-demo/pom.xml
@ -5,7 +5,7 @@
    <parent>
        <artifactId>jeecg-boot-parent</artifactId>
        <groupId>org.jeecgframework.boot</groupId>
-        <version>3.6.1</version>
+        <version>3.6.2</version>
    </parent>
    <modelVersion>4.0.0</modelVersion>

--- a/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/cloud/controller/JcloudDemoProviderController.java
+++ b/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/cloud/controller/JcloudDemoProviderController.java
@ -24,7 +24,7 @@ public class JcloudDemoProviderController {
    private JcloudDemoService jcloudDemoService;

    @GetMapping("/getMessage")
-    public String getMessage(@RequestParam String name) {
+    public String getMessage(@RequestParam(name = "name") String name) {
        String msg = jcloudDemoService.getMessage(name);
        log.info(" 微服务被调用：{} ",msg);
        return msg;
--- a/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/controller/JeecgDemoController.java
+++ b/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/controller/JeecgDemoController.java
@ -11,6 +11,8 @@ import io.swagger.v3.oas.annotations.tags.Tag;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
+import org.apache.shiro.SecurityUtils;
+import org.apache.shiro.mgt.DefaultSecurityManager;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.aspect.annotation.AutoLog;
 import org.jeecg.common.aspect.annotation.PermissionData;
@ -475,8 +477,8 @@ public class JeecgDemoController extends JeecgController<JeecgDemo, IJeecgDemoSe
    public Mono<String> test() {
        //解决shiro报错No SecurityManager accessible to the calling code, either bound to the org.apache.shiro
        // https://blog.csdn.net/Japhet_jiu/article/details/131177210
-//        DefaultSecurityManager securityManager = new DefaultSecurityManager();
-//        SecurityUtils.setSecurityManager(securityManager);
+        DefaultSecurityManager securityManager = new DefaultSecurityManager();
+        SecurityUtils.setSecurityManager(securityManager);
        
        return Mono.just("测试");
    }
--- a/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/controller/JeecgOrderMainController.java
+++ b/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/controller/JeecgOrderMainController.java
@ -5,16 +5,15 @@ import java.util.Arrays;
 import java.util.List;
 import java.util.Map;

-import com.alibaba.fastjson.JSON;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;

+import org.apache.shiro.SecurityUtils;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.system.base.controller.JeecgController;
 import org.jeecg.common.system.query.QueryGenerator;
 import org.jeecg.common.system.vo.LoginUser;
 import org.jeecg.common.util.oConvertUtils;
-import org.jeecg.config.security.utils.SecureUtil;
 import org.jeecg.modules.demo.test.entity.JeecgDemo;
 import org.jeecg.modules.demo.test.entity.JeecgOrderCustomer;
 import org.jeecg.modules.demo.test.entity.JeecgOrderMain;
@ -31,7 +30,6 @@ import org.jeecgframework.poi.excel.entity.ImportParams;
 import org.jeecgframework.poi.excel.view.JeecgEntityExcelView;
 import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.web.bind.annotation.DeleteMapping;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
@ -186,7 +184,7 @@ public class JeecgOrderMainController extends JeecgController<JeecgOrderMain, IJ
        //Step.2 AutoPoi 导出Excel
        ModelAndView mv = new ModelAndView(new JeecgEntityExcelView());
        //获取当前用户
-        LoginUser sysUser = SecureUtil.currentUser();
+        LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();

        List<JeecgOrderMainPage> pageList = new ArrayList<JeecgOrderMainPage>();

--- a/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/entity/JeecgDemo.java
+++ b/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/entity/JeecgDemo.java
@ -44,11 +44,11 @@ public class JeecgDemo extends JeecgEntity implements Serializable {
 	private java.util.Date punchTime;
 	/** 工资 */
 	@Schema(description = "工资",example = "0")
-	@Excel(name="工资",width=15)
+	@Excel(name="工资",type = 4,width=15)
 	private java.math.BigDecimal salaryMoney;
 	/** 奖金 */
 	@Schema(description = "奖金",example = "0")
-	@Excel(name="奖金",width=15)
+	@Excel(name="奖金",type = 4,width=15)
 	private java.lang.Double bonusMoney;
 	/** 性别 {男:1,女:2} */
 	@Schema(description = "性别")
@ -56,7 +56,7 @@ public class JeecgDemo extends JeecgEntity implements Serializable {
 	private java.lang.String sex;
 	/** 年龄 */
 	@Schema(description = "年龄",example = "0")
-	@Excel(name="年龄",width=15)
+	@Excel(name="年龄",type = 4,width=15)
 	private java.lang.Integer age;
 	/** 生日 */
 	@Schema(description = "生日")
--- a/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/service/impl/JeecgDemoServiceImpl.java
+++ b/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/service/impl/JeecgDemoServiceImpl.java
@ -1,19 +1,17 @@
 package org.jeecg.modules.demo.test.service.impl;

-import com.alibaba.fastjson.JSON;
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
+import org.apache.shiro.SecurityUtils;
 import org.jeecg.common.constant.CacheConstant;
 import org.jeecg.common.system.query.QueryGenerator;
 import org.jeecg.common.system.vo.LoginUser;
-import org.jeecg.config.security.utils.SecureUtil;
 import org.jeecg.modules.demo.test.entity.JeecgDemo;
 import org.jeecg.modules.demo.test.mapper.JeecgDemoMapper;
 import org.jeecg.modules.demo.test.service.IJeecgDemoService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.cache.annotation.Cacheable;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;

@ -83,7 +81,7 @@ public class JeecgDemoServiceImpl extends ServiceImpl<JeecgDemoMapper, JeecgDemo

 	@Override
 	public String getExportFields() {
-		LoginUser sysUser = SecureUtil.currentUser();
+		LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
 		//权限配置列导出示例
 		//1.配置前缀与菜单中配置的列前缀一致
 		List<String> noAuthList = new ArrayList<>();
--- a/jeecg-module-system/jeecg-system-api/jeecg-system-cloud-api/pom.xml
+++ b/jeecg-module-system/jeecg-system-api/jeecg-system-cloud-api/pom.xml
@ -5,7 +5,7 @@
    <parent>
        <artifactId>jeecg-system-api</artifactId>
        <groupId>org.jeecgframework.boot</groupId>
-        <version>3.6.1</version>
+        <version>3.6.2</version>
    </parent>
    <modelVersion>4.0.0</modelVersion>

--- a/jeecg-module-system/jeecg-system-api/jeecg-system-cloud-api/src/main/java/org/jeecg/common/system/api/ISysBaseAPI.java
+++ b/jeecg-module-system/jeecg-system-api/jeecg-system-cloud-api/src/main/java/org/jeecg/common/system/api/ISysBaseAPI.java
@ -94,6 +94,22 @@ public interface ISysBaseAPI extends CommonAPI {
    @GetMapping("/sys/api/getDepartIdsByUsername")
    List<String> getDepartIdsByUsername(@RequestParam("username") String username);

+    /**
+     * 8.2 通过用户账号查询部门父ID集合
+     * @param username
+     * @return 部门 parentIds
+     */
+    @GetMapping("/sys/api/getDepartParentIdsByUsername")
+    Set<String> getDepartParentIdsByUsername(@RequestParam("username")String username);
+
+    /**
+     * 8.3 查询部门父ID集合
+     * @param depIds
+     * @return 部门 parentIds
+     */
+    @GetMapping("/sys/api/getDepartParentIdsByDepIds")
+    Set<String> getDepartParentIdsByDepIds(@RequestParam("depIds") Set depIds);
+    
    /**
     * 9通过用户账号查询部门 name
     * @param username
@ -481,6 +497,14 @@ public interface ISysBaseAPI extends CommonAPI {
    @GetMapping("/sys/api/loadCategoryDictItem")
    List<String> loadCategoryDictItem(@RequestParam("ids") String ids);

+    /**
+     * 44 反向翻译分类字典，用于导入
+     *
+     * @param names 名称，逗号分割
+     */
+    @GetMapping("/sys/api/loadCategoryDictItemByNames")
+    List<String> loadCategoryDictItemByNames(@RequestParam("names") String names, @RequestParam("delNotExist") boolean delNotExist);
+
    /**
     * 43 根据字典code加载字典text
     *
@ -551,17 +575,20 @@ public interface ISysBaseAPI extends CommonAPI {
    @GetMapping("/sys/api/translateManyDict")
    Map<String, List<DictModel>> translateManyDict(@RequestParam("dictCodes") String dictCodes, @RequestParam("keys") String keys);

+    //update-begin---author:chenrui ---date:20231221  for：[issues/#5643]解决分布式下表字典跨库无法查询问题------------
    /**
     * 49 字典表的 翻译，可批量
     * @param table
     * @param text
     * @param code
     * @param keys 多个用逗号分割
+     * @param ds
     * @return
     */
    @Override
    @GetMapping("/sys/api/translateDictFromTableByKeys")
-    List<DictModel> translateDictFromTableByKeys(@RequestParam("table") String table, @RequestParam("text") String text, @RequestParam("code") String code, @RequestParam("keys") String keys);
+    List<DictModel> translateDictFromTableByKeys(@RequestParam("table") String table, @RequestParam("text") String text, @RequestParam("code") String code, @RequestParam("keys") String keys, @RequestParam("ds") String ds);
+    //update-end---author:chenrui ---date:20231221  for：[issues/#5643]解决分布式下表字典跨库无法查询问题------------

    /**
     * 发送模板消息
@ -737,18 +764,4 @@ public interface ISysBaseAPI extends CommonAPI {
            @RequestParam(value = "fields", required = false) String[] fields
    );

-    @GetMapping("/sys/api/getUserByPhone")
-    public LoginUser getUserByPhone(@RequestParam("phone") String phone);
-
-    @GetMapping("/sys/api/queryAllDictItems")
-    Map<String,List<DictModel>> queryAllDictItems();
-
-    @GetMapping("/sys/api/queryUserDeparts")
-    List<SysDepartModel> queryUserDeparts(@RequestParam("userId") String userId);
-
-    @PostMapping("/sys/api/updateUserDepart")
-    void updateUserDepart(@RequestParam("username") String username,@RequestParam("orgCode") String orgCode,@RequestParam("loginTenantId") Integer loginTenantId);
-
-    @GetMapping("/sys/api/setLoginTenant")
-    JSONObject setLoginTenant(@RequestParam("username") String username);
 }
--- a/jeecg-module-system/jeecg-system-api/jeecg-system-cloud-api/src/main/java/org/jeecg/common/system/api/fallback/SysBaseAPIFallback.java
+++ b/jeecg-module-system/jeecg-system-api/jeecg-system-cloud-api/src/main/java/org/jeecg/common/system/api/fallback/SysBaseAPIFallback.java
@ -65,6 +65,16 @@ public class SysBaseAPIFallback implements ISysBaseAPI {
        return null;
    }

+    @Override
+    public Set<String> getDepartParentIdsByUsername(String username) {
+        return null;
+    }
+
+    @Override
+    public Set<String> getDepartParentIdsByDepIds(Set depIds) {
+        return null;
+    }
+
    @Override
    public List<String> getDepartNamesByUsername(String username) {
        return null;
@ -275,10 +285,12 @@ public class SysBaseAPIFallback implements ISysBaseAPI {
        return null;
    }

+    //update-begin---author:chenrui ---date:20231221  for：[issues/#5643]解决分布式下表字典跨库无法查询问题------------
    @Override
-    public List<DictModel> translateDictFromTableByKeys(String table, String text, String code, String keys) {
+    public List<DictModel> translateDictFromTableByKeys(String table, String text, String code, String keys, String dataSource) {
        return null;
    }
+    //update-end---author:chenrui ---date:20231221  for：[issues/#5643]解决分布式下表字典跨库无法查询问题------------

    @Override
    public void sendTemplateMessage(MessageDTO message) {
@ -319,6 +331,11 @@ public class SysBaseAPIFallback implements ISysBaseAPI {
        return null;
    }

+    @Override
+    public List<String> loadCategoryDictItemByNames(String names, boolean delNotExist) {
+        return null;
+    }
+
    @Override
    public List<String> loadDictItem(String dictCode, String keys) {
        return null;
@ -433,28 +450,4 @@ public class SysBaseAPIFallback implements ISysBaseAPI {
        return false;
    }

-    @Override
-    public Map<String, List<DictModel>> queryAllDictItems() {
-        return null;
-    }
-
-    @Override
-    public List<SysDepartModel> queryUserDeparts(String userId) {
-        return null;
-    }
-
-    @Override
-    public void updateUserDepart(String username, String orgCode, Integer loginTenantId) {
-
-    }
-
-    @Override
-    public LoginUser getUserByPhone(String phone) {
-        return null;
-    }
-
-    @Override
-    public JSONObject setLoginTenant(String username) {
-        return null;
-    }
 }
--- a/jeecg-module-system/jeecg-system-api/jeecg-system-local-api/pom.xml
+++ b/jeecg-module-system/jeecg-system-api/jeecg-system-local-api/pom.xml
@ -5,7 +5,7 @@
    <parent>
        <artifactId>jeecg-system-api</artifactId>
        <groupId>org.jeecgframework.boot</groupId>
-        <version>3.6.1</version>
+        <version>3.6.2</version>
    </parent>
    <modelVersion>4.0.0</modelVersion>

--- a/jeecg-module-system/jeecg-system-api/jeecg-system-local-api/src/main/java/org/jeecg/common/system/api/ISysBaseAPI.java
+++ b/jeecg-module-system/jeecg-system-api/jeecg-system-local-api/src/main/java/org/jeecg/common/system/api/ISysBaseAPI.java
@ -89,6 +89,20 @@ public interface ISysBaseAPI extends CommonAPI {
     */
    List<String> getDepartIdsByUsername(String username);

+    /**
+     * 8.2 通过用户账号查询部门父ID集合
+     * @param username
+     * @return 部门 parentIds
+     */
+    Set<String> getDepartParentIdsByUsername(String username);
+
+    /**
+     * 8.2 查询部门父ID集合
+     * @param depIds
+     * @return 部门 parentIds
+     */
+    Set<String> getDepartParentIdsByDepIds(Set depIds);
+
    /**
     * 9通过用户账号查询部门 name
     * @param username
@ -373,6 +387,13 @@ public interface ISysBaseAPI extends CommonAPI {
     */
    List<String> loadCategoryDictItem(String ids);

+    /**
+     * 反向翻译分类字典，用于导入
+     *
+     * @param names 名称，逗号分割
+     */
+    List<String> loadCategoryDictItemByNames(String names, boolean delNotExist);
+
    /**
     * 根据字典code加载字典text
     *
--- a/jeecg-module-system/jeecg-system-api/pom.xml
+++ b/jeecg-module-system/jeecg-system-api/pom.xml
@ -5,7 +5,7 @@
    <parent>
        <artifactId>jeecg-module-system</artifactId>
        <groupId>org.jeecgframework.boot</groupId>
-        <version>3.6.1</version>
+        <version>3.6.2</version>
    </parent>
    <modelVersion>4.0.0</modelVersion>

--- a/jeecg-module-system/jeecg-system-biz/pom.xml
+++ b/jeecg-module-system/jeecg-system-biz/pom.xml
@ -4,7 +4,7 @@
 	<parent>
 		<groupId>org.jeecgframework.boot</groupId>
 		<artifactId>jeecg-module-system</artifactId>
-		<version>3.6.1</version>
+		<version>3.6.2</version>
 	</parent>
 	<modelVersion>4.0.0</modelVersion>

@ -36,14 +36,14 @@
 		</dependency>
 		<dependency>
 			<groupId>org.jeecgframework.boot3</groupId>
-			<artifactId>drag-free</artifactId>
-			<version>1.0.2</version>
+			<artifactId>jimureport-drag</artifactId>
+			<version>2.0.2</version>
 		</dependency>
-		<!-- 积木报表 mongo redis 支持包
+		<!-- 积木报表 mongo redis 支持包 
 		<dependency>
 			<groupId>org.jeecgframework.jimureport</groupId>
 			<artifactId>jimureport-nosql-starter</artifactId>
-		</dependency> -->
+		</dependency>-->
 	</dependencies>
 	
 </project>
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/aop/TenantPackUserLogAspect.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/aop/TenantPackUserLogAspect.java
@ -1,6 +1,6 @@
 package org.jeecg.modules.aop;

-import com.alibaba.fastjson.JSON;
+import org.apache.shiro.SecurityUtils;
 import org.aspectj.lang.ProceedingJoinPoint;
 import org.aspectj.lang.annotation.AfterThrowing;
 import org.aspectj.lang.annotation.Around;
@ -9,11 +9,9 @@ import org.aspectj.lang.annotation.Pointcut;
 import org.aspectj.lang.reflect.MethodSignature;
 import org.jeecg.common.api.dto.LogDTO;
 import org.jeecg.common.system.vo.LoginUser;
-import org.jeecg.config.security.utils.SecureUtil;
 import org.jeecg.modules.base.service.BaseCommonService;
 import org.jeecg.modules.system.entity.SysTenantPack;
 import org.jeecg.modules.system.entity.SysTenantPackUser;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Component;

 import jakarta.annotation.Resource;
@ -80,7 +78,7 @@ public class TenantPackUserLogAspect {
                dto.setOperateType(opType);
                dto.setTenantId(tenantId);
                //获取登录用户信息
-                LoginUser sysUser = SecureUtil.currentUser();
+                LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
                if(sysUser!=null){
                    dto.setUserid(sysUser.getUsername());
                    dto.setUsername(sysUser.getRealname());
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/api/controller/SystemApiController.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/api/controller/SystemApiController.java
@ -140,6 +140,26 @@ public class SystemApiController {
        return sysBaseApi.getDepartIdsByUsername(username);
    }

+    /**
+     * 通过用户账号查询部门父ID集合
+     * @param username
+     * @return 部门 id
+     */
+    @GetMapping("/getDepartParentIdsByUsername")
+    Set<String>  getDepartParentIdsByUsername(@RequestParam("username") String username){
+        return sysBaseApi.getDepartParentIdsByUsername(username);
+    }
+
+    /**
+     * 查询部门父ID集合
+     * @param depIds
+     * @return 部门 id
+     */
+    @GetMapping("/getDepartParentIdsByDepIds")
+    Set<String> getDepartParentIdsByDepIds(@RequestParam("depIds") Set depIds){
+        return sysBaseApi.getDepartParentIdsByDepIds(depIds);
+    }
+
    /**
     * 通过用户账号查询部门 name
     * @param username
@ -527,6 +547,17 @@ public class SystemApiController {
        return sysBaseApi.loadCategoryDictItem(ids);
    }

+    /**
+     * 反向翻译分类字典，用于导入
+     *
+     * @param names 名称，逗号分割
+     * @return
+     */
+    @GetMapping("/loadCategoryDictItemByNames")
+    List<String> loadCategoryDictItemByNames(@RequestParam("names") String names, @RequestParam("delNotExist") boolean delNotExist) {
+        return sysBaseApi.loadCategoryDictItemByNames(names, delNotExist);
+    }
+
    /**
     * 根据字典code加载字典text
     *
@ -655,6 +686,7 @@ public class SystemApiController {
    }


+    //update-begin---author:chenrui ---date:20231221  for：[issues/#5643]解决分布式下表字典跨库无法查询问题------------
    /**
     * 【接口签名验证】
     * 49 字典表的 翻译，可批量
@ -663,12 +695,14 @@ public class SystemApiController {
     * @param text
     * @param code
     * @param keys  多个用逗号分割
+     * @param ds 数据源
     * @return
     */
    @GetMapping("/translateDictFromTableByKeys")
-    public List<DictModel> translateDictFromTableByKeys(@RequestParam("table") String table, @RequestParam("text") String text, @RequestParam("code") String code, @RequestParam("keys") String keys) {
-        return this.sysBaseApi.translateDictFromTableByKeys(table, text, code, keys);
+    public List<DictModel> translateDictFromTableByKeys(@RequestParam("table") String table, @RequestParam("text") String text, @RequestParam("code") String code, @RequestParam("keys") String keys, @RequestParam("ds")  String ds) {
+        return this.sysBaseApi.translateDictFromTableByKeys(table, text, code, keys, ds);
    }
+    //update-end---author:chenrui ---date:20231221  for：[issues/#5643]解决分布式下表字典跨库无法查询问题------------

    /**
     * 发送模板信息
@ -897,29 +931,4 @@ public class SystemApiController {
        return sysBaseApi.dictTableWhiteListCheckByDict(tableOrDictCode, fields);
    }

-    @GetMapping("/sys/api/getUserByPhone")
-    public LoginUser getUserByPhone(String phone) {
-        return sysBaseApi.getUserByPhone(phone);
-    }
-
-    @GetMapping("/sys/api/queryAllDictItems")
-    public Map<String,List<DictModel>> queryAllDictItems() {
-        return sysBaseApi.queryAllDictItems();
-    }
-
-    @GetMapping("/sys/api/queryUserDeparts")
-    public List<SysDepartModel> queryUserDeparts(@RequestParam("userId") String userId) {
-        return sysBaseApi.queryUserDeparts(userId);
-    }
-
-    @PostMapping("/sys/api/updateUserDepart")
-    public void updateUserDepart(@RequestParam("username") String username,@RequestParam("orgCode") String orgCode,@RequestParam("loginTenantId") Integer loginTenantId) {
-        sysBaseApi.updateUserDepart(username, orgCode, loginTenantId);
-    }
-
-    @GetMapping("/sys/api/setLoginTenant")
-    public JSONObject setLoginTenant(@RequestParam("username") String username) {
-        return sysBaseApi.setLoginTenant(username);
-    }
-
 }
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/oss/controller/OssFileController.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/oss/controller/OssFileController.java
@ -2,12 +2,13 @@ package org.jeecg.modules.oss.controller;

 import jakarta.servlet.http.HttpServletRequest;

+import org.apache.shiro.authz.annotation.RequiresPermissions;
+import org.apache.shiro.authz.annotation.RequiresRoles;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.system.query.QueryGenerator;
 import org.jeecg.modules.oss.entity.OssFile;
 import org.jeecg.modules.oss.service.IOssFileService;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.multipart.MultipartFile;
@ -47,7 +48,7 @@ public class OssFileController {
 	@ResponseBody
 	@PostMapping("/upload")
 	//@RequiresRoles("admin")
-	@PreAuthorize("@jps.requiresPermissions('system:ossFile:upload')")
+    @RequiresPermissions("system:ossFile:upload")
 	public Result upload(@RequestParam("file") MultipartFile multipartFile) {
 		Result result = new Result();
 		try {
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/quartz/controller/QuartzJobController.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/quartz/controller/QuartzJobController.java
@ -1,19 +1,20 @@
 package org.jeecg.modules.quartz.controller;

-import com.alibaba.fastjson.JSON;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.extern.slf4j.Slf4j;
+import org.apache.shiro.SecurityUtils;
+import org.apache.shiro.authz.annotation.RequiresPermissions;
+import org.apache.shiro.authz.annotation.RequiresRoles;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.constant.CommonConstant;
 import org.jeecg.common.constant.SymbolConstant;
 import org.jeecg.common.system.query.QueryGenerator;
 import org.jeecg.common.system.vo.LoginUser;
 import org.jeecg.common.util.ImportExcelUtil;
-import org.jeecg.config.security.utils.SecureUtil;
 import org.jeecg.modules.quartz.entity.QuartzJob;
 import org.jeecg.modules.quartz.service.IQuartzJobService;
 import org.jeecgframework.poi.excel.ExcelImportUtil;
@ -24,8 +25,6 @@ import org.jeecgframework.poi.excel.view.JeecgEntityExcelView;
 import org.quartz.Scheduler;
 import org.quartz.SchedulerException;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.multipart.MultipartFile;
 import org.springframework.web.multipart.MultipartHttpServletRequest;
@ -80,8 +79,8 @@ public class QuartzJobController {
 	 * @param quartzJob
 	 * @return
 	 */
-	//@RequiresRoles("admin")
-	@PreAuthorize("@jps.requiresPermissions('system:quartzJob:add')")
+	@RequiresRoles("admin")
+    @RequiresPermissions("system:quartzJob:add")
 	@RequestMapping(value = "/add", method = RequestMethod.POST)
 	public Result<?> add(@RequestBody QuartzJob quartzJob) {
 		quartzJobService.saveAndScheduleJob(quartzJob);
@ -94,8 +93,8 @@ public class QuartzJobController {
 	 * @param quartzJob
 	 * @return
 	 */
-	//@RequiresRoles("admin")
-	@PreAuthorize("@jps.requiresPermissions('system:quartzJob:edit')")
+	@RequiresRoles("admin")
+    @RequiresPermissions("system:quartzJob:edit")
 	@RequestMapping(value = "/edit", method ={RequestMethod.PUT, RequestMethod.POST})
 	public Result<?> eidt(@RequestBody QuartzJob quartzJob) {
 		try {
@ -113,8 +112,8 @@ public class QuartzJobController {
 	 * @param id
 	 * @return
 	 */
-	//@RequiresRoles("admin")
-	@PreAuthorize("@jps.requiresPermissions('system:quartzJob:delete')")
+	@RequiresRoles("admin")
+    @RequiresPermissions("system:quartzJob:delete")
 	@RequestMapping(value = "/delete", method = RequestMethod.DELETE)
 	public Result<?> delete(@RequestParam(name = "id", required = true) String id) {
 		QuartzJob quartzJob = quartzJobService.getById(id);
@ -132,8 +131,8 @@ public class QuartzJobController {
 	 * @param ids
 	 * @return
 	 */
-	//@RequiresRoles("admin")
-	@PreAuthorize("@jps.requiresPermissions('system:quartzJob:deleteBatch')")
+	@RequiresRoles("admin")
+    @RequiresPermissions("system:quartzJob:deleteBatch")
 	@RequestMapping(value = "/deleteBatch", method = RequestMethod.DELETE)
 	public Result<?> deleteBatch(@RequestParam(name = "ids", required = true) String ids) {
 		if (ids == null || "".equals(ids.trim())) {
@ -152,8 +151,8 @@ public class QuartzJobController {
 	 * @param id
 	 * @return
 	 */
-	//@RequiresRoles("admin")
-	@PreAuthorize("@jps.requiresPermissions('system:quartzJob:pause')")
+	@RequiresRoles("admin")
+    @RequiresPermissions("system:quartzJob:pause")
 	@GetMapping(value = "/pause")
 	@Operation(summary = "停止定时任务")
 	public Result<Object> pauseJob(@RequestParam(name = "id") String id) {
@ -171,8 +170,8 @@ public class QuartzJobController {
 	 * @param id
 	 * @return
 	 */
-	//@RequiresRoles("admin")
-	@PreAuthorize("@jps.requiresPermissions('system:quartzJob:resume')")
+	@RequiresRoles("admin")
+    @RequiresPermissions("system:quartzJob:resume")
 	@GetMapping(value = "/resume")
 	@Operation(summary = "启动定时任务")
 	public Result<Object> resumeJob(@RequestParam(name = "id") String id) {
@ -215,7 +214,7 @@ public class QuartzJobController {
 		mv.addObject(NormalExcelConstants.CLASS, QuartzJob.class);
        //获取当前登录用户
        //update-begin---author:wangshuai ---date:20211227  for：[JTC-116]导出人写死了------------
-        LoginUser user = SecureUtil.currentUser();
+        LoginUser user = (LoginUser) SecurityUtils.getSubject().getPrincipal();
 		mv.addObject(NormalExcelConstants.PARAMS, new ExportParams("定时任务列表数据", "导出人:"+user.getRealname(), "导出信息"));
        //update-end---author:wangshuai ---date:20211227  for：[JTC-116]导出人写死了------------
        mv.addObject(NormalExcelConstants.DATA_LIST, pageList);
@ -272,8 +271,8 @@ public class QuartzJobController {
 	 * @param id
 	 * @return
 	 */
-	//@RequiresRoles("admin")
-	@PreAuthorize("@jps.requiresPermissions('system:quartzJob:execute')")
+	@RequiresRoles("admin")
+    @RequiresPermissions("system:quartzJob:execute")
 	@GetMapping("/execute")
 	public Result<?> execute(@RequestParam(name = "id", required = true) String id) {
 		QuartzJob quartzJob = quartzJobService.getById(id);
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/LoginController.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/LoginController.java
@ -1,8 +1,6 @@
 package org.jeecg.modules.system.controller;

 import cn.hutool.core.util.RandomUtil;
-import cn.hutool.core.util.StrUtil;
-import com.alibaba.fastjson.JSON;
 import com.alibaba.fastjson.JSONObject;
 import com.aliyuncs.exceptions.ClientException;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
@ -10,6 +8,8 @@ import com.baomidou.mybatisplus.core.toolkit.IdWorker;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.extern.slf4j.Slf4j;
+import org.apache.shiro.SecurityUtils;
+import org.apache.shiro.authz.annotation.RequiresRoles;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.constant.CacheConstant;
 import org.jeecg.common.constant.CommonConstant;
@ -20,10 +20,10 @@ import org.jeecg.common.system.vo.LoginUser;
 import org.jeecg.common.util.*;
 import org.jeecg.common.util.encryption.EncryptedString;
 import org.jeecg.config.JeecgBaseConfig;
-import org.jeecg.config.security.utils.SecureUtil;
 import org.jeecg.modules.base.service.BaseCommonService;
 import org.jeecg.modules.system.entity.SysDepart;
 import org.jeecg.modules.system.entity.SysRoleIndex;
+import org.jeecg.modules.system.entity.SysTenant;
 import org.jeecg.modules.system.entity.SysUser;
 import org.jeecg.modules.system.model.SysLoginModel;
 import org.jeecg.modules.system.service.*;
@ -31,23 +31,14 @@ import org.jeecg.modules.system.service.impl.SysBaseApiImpl;
 import org.jeecg.modules.system.util.RandImageUtil;
 import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.cache.CacheManager;
-import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpStatus;
-import org.springframework.security.access.prepost.PreAuthorize;
-import org.springframework.security.authentication.event.LogoutSuccessEvent;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.security.oauth2.core.OAuth2AccessToken;
-import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
-import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
-import org.springframework.security.oauth2.server.authorization.OAuth2TokenType;
-import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;
 import org.springframework.web.bind.annotation.*;

 import jakarta.annotation.Resource;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import java.util.*;
+import java.util.stream.Collectors;

 /**
 * @Author scott
@ -76,21 +67,11 @@ public class LoginController {
 	private BaseCommonService baseCommonService;
 	@Autowired
 	private JeecgBaseConfig jeecgBaseConfig;
-	@Autowired
-	private OAuth2AuthorizationService authorizationService;
-	@Autowired
-	private CacheManager cacheManager;

 	private final String BASE_CHECK_CODES = "qwertyuiplkjhgfdsazxcvbnmQWERTYUPLKJHGFDSAZXCVBNM1234567890";

-	/**
-	 * 使用spring authorization server提供的各类登录接口
-	 * @param sysLoginModel
-	 * @return
-	 */
-	@Deprecated
-//	@Operation(summary = "登录接口")
-//	@RequestMapping(value = "/login", method = RequestMethod.POST)
+	@Operation(summary = "登录接口")
+	@RequestMapping(value = "/login", method = RequestMethod.POST)
 	public Result<JSONObject> login(@RequestBody SysLoginModel sysLoginModel){
 		Result<JSONObject> result = new Result<JSONObject>();
 		String username = sysLoginModel.getUsername();
@ -226,15 +207,7 @@ public class LoginController {
 			//清空用户的缓存信息（包括部门信息），例如sys:cache:user::<username>
 			redisUtil.del(String.format("%s::%s", CacheConstant.SYS_USERS_CACHE, sysUser.getUsername()));
 			//调用shiro的logout
-//			SecurityUtils.getSubject().logout();
-
-			OAuth2Authorization authorization = authorizationService.findByToken(token, OAuth2TokenType.ACCESS_TOKEN);
-
-			// 清空用户信息
-			cacheManager.getCache("user_details").evict(authorization.getPrincipalName());
-			// 清空access token
-			authorizationService.remove(authorization);
-
+			SecurityUtils.getSubject().logout();
 	    	return Result.ok("退出登录成功！");
 	    }else {
 	    	return Result.error("Token无效!");
@ -304,7 +277,7 @@ public class LoginController {
 		Result<JSONObject> result = new Result<JSONObject>();
 		String username = user.getUsername();
 		if(oConvertUtils.isEmpty(username)) {
-			LoginUser sysUser = SecureUtil.currentUser();
+			LoginUser sysUser = (LoginUser)SecurityUtils.getSubject().getPrincipal();
 			username = sysUser.getUsername();
 		}
 		
@ -567,7 +540,7 @@ public class LoginController {
 	/**
 	 * 切换菜单表为vue3的表
 	 */
-	@PreAuthorize("@jps.requiresRoles('admin')")
+	@RequiresRoles({"admin"})
 	@GetMapping(value = "/switchVue3Menu")
 	public Result<String> switchVue3Menu(HttpServletResponse response) {
 		Result<String> res = new Result<String>();
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysAnnouncementController.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysAnnouncementController.java
@ -1,6 +1,5 @@
 package org.jeecg.modules.system.controller;

-import com.alibaba.fastjson.JSON;
 import com.alibaba.fastjson.JSONArray;
 import com.alibaba.fastjson.JSONObject;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
@ -10,6 +9,7 @@ import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import com.jeecg.dingtalk.api.core.response.Response;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang.StringUtils;
+import org.apache.shiro.SecurityUtils;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.config.TenantContext;
 import org.jeecg.common.constant.CommonConstant;
@ -23,7 +23,6 @@ import org.jeecg.common.util.RedisUtil;
 import org.jeecg.common.util.TokenUtils;
 import org.jeecg.common.util.oConvertUtils;
 import org.jeecg.config.mybatis.MybatisPlusSaasConfig;
-import org.jeecg.config.security.utils.SecureUtil;
 import org.jeecg.modules.message.enums.RangeDateEnum;
 import org.jeecg.modules.message.websocket.WebSocket;
 import org.jeecg.modules.system.entity.SysAnnouncement;
@ -42,7 +41,6 @@ import org.jeecgframework.poi.excel.view.JeecgEntityExcelView;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Lazy;
 import org.springframework.http.HttpStatus;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.util.CollectionUtils;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.multipart.MultipartFile;
@ -337,7 +335,7 @@ public class SysAnnouncementController {
 	public Result<Map<String, Object>> listByUser(@RequestParam(required = false, defaultValue = "5") Integer pageSize) {
 		Result<Map<String,Object>> result = new Result<Map<String,Object>>();
 		Map<String,Object> sysMsgMap = new HashMap(5);
-		LoginUser sysUser = SecureUtil.currentUser();
+		LoginUser sysUser = (LoginUser)SecurityUtils.getSubject().getPrincipal();
 		String userId = sysUser.getId();
 		
 //		//补推送数据（用户和通知的关系表）
@ -380,7 +378,7 @@ public class SysAnnouncementController {
        //导出文件名称
        mv.addObject(NormalExcelConstants.FILE_NAME, "系统通告列表");
        mv.addObject(NormalExcelConstants.CLASS, SysAnnouncement.class);
-        LoginUser user = SecureUtil.currentUser();
+        LoginUser user = (LoginUser) SecurityUtils.getSubject().getPrincipal();
        mv.addObject(NormalExcelConstants.PARAMS, new ExportParams("系统通告列表数据", "导出人:"+user.getRealname(), "导出信息"));
        mv.addObject(NormalExcelConstants.DATA_LIST, pageList);
        return mv;
@ -548,7 +546,7 @@ public class SysAnnouncementController {
 		
 		JSONObject obj = new JSONObject();
 		obj.put(WebsocketConst.MSG_CMD, WebsocketConst.CMD_USER);
-		LoginUser sysUser = SecureUtil.currentUser();
+		LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
 		webSocket.sendMessage(sysUser.getId(), obj.toJSONString());

 		// 4、性能统计耗时
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysAnnouncementSendController.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysAnnouncementSendController.java
@ -3,9 +3,9 @@ package org.jeecg.modules.system.controller;
 import java.util.Arrays;
 import java.util.Date;

-import com.alibaba.fastjson.JSON;
 import jakarta.servlet.http.HttpServletRequest;

+import org.apache.shiro.SecurityUtils;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.constant.CommonConstant;
 import org.jeecg.common.constant.DataBaseConstant;
@ -13,13 +13,11 @@ import org.jeecg.common.constant.WebsocketConst;
 import org.jeecg.common.system.vo.LoginUser;
 import org.jeecg.common.util.SqlInjectionUtil;
 import org.jeecg.common.util.oConvertUtils;
-import org.jeecg.config.security.utils.SecureUtil;
 import org.jeecg.modules.message.websocket.WebSocket;
 import org.jeecg.modules.system.entity.SysAnnouncementSend;
 import org.jeecg.modules.system.model.AnnouncementSendModel;
 import org.jeecg.modules.system.service.ISysAnnouncementSendService;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.web.bind.annotation.DeleteMapping;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
@ -196,7 +194,7 @@ public class SysAnnouncementSendController {
 	public Result<SysAnnouncementSend> editById(@RequestBody JSONObject json) {
 		Result<SysAnnouncementSend> result = new Result<SysAnnouncementSend>();
 		String anntId = json.getString("anntId");
-		LoginUser sysUser = SecureUtil.currentUser();
+		LoginUser sysUser = (LoginUser)SecurityUtils.getSubject().getPrincipal();
 		String userId = sysUser.getId();
 		LambdaUpdateWrapper<SysAnnouncementSend> updateWrapper = new UpdateWrapper().lambda();
 		updateWrapper.set(SysAnnouncementSend::getReadFlag, CommonConstant.HAS_READ_FLAG);
@ -221,7 +219,7 @@ public class SysAnnouncementSendController {
 			@RequestParam(name="pageNo", defaultValue="1") Integer pageNo,
 			  @RequestParam(name="pageSize", defaultValue="10") Integer pageSize) {
 		Result<IPage<AnnouncementSendModel>> result = new Result<IPage<AnnouncementSendModel>>();
-		LoginUser sysUser = SecureUtil.currentUser();
+		LoginUser sysUser = (LoginUser)SecurityUtils.getSubject().getPrincipal();
 		String userId = sysUser.getId();
 		announcementSendModel.setUserId(userId);
 		announcementSendModel.setPageNo((pageNo-1)*pageSize);
@ -240,7 +238,7 @@ public class SysAnnouncementSendController {
 	@PutMapping(value = "/readAll")
 	public Result<SysAnnouncementSend> readAll() {
 		Result<SysAnnouncementSend> result = new Result<SysAnnouncementSend>();
-		LoginUser sysUser = SecureUtil.currentUser();
+		LoginUser sysUser = (LoginUser)SecurityUtils.getSubject().getPrincipal();
 		String userId = sysUser.getId();
 		LambdaUpdateWrapper<SysAnnouncementSend> updateWrapper = new UpdateWrapper().lambda();
 		updateWrapper.set(SysAnnouncementSend::getReadFlag, CommonConstant.HAS_READ_FLAG);
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysCategoryController.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysCategoryController.java
@ -7,6 +7,7 @@ import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang.StringUtils;
+import org.apache.shiro.SecurityUtils;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.config.TenantContext;
 import org.jeecg.common.constant.CommonConstant;
@ -17,7 +18,6 @@ import org.jeecg.common.util.ImportExcelUtil;
 import org.jeecg.common.util.ReflectHelper;
 import org.jeecg.common.util.oConvertUtils;
 import org.jeecg.config.mybatis.MybatisPlusSaasConfig;
-import org.jeecg.config.security.utils.SecureUtil;
 import org.jeecg.modules.system.entity.SysCategory;
 import org.jeecg.modules.system.model.TreeSelectModel;
 import org.jeecg.modules.system.service.ISysCategoryService;
@ -27,7 +27,6 @@ import org.jeecgframework.poi.excel.entity.ExportParams;
 import org.jeecgframework.poi.excel.entity.ImportParams;
 import org.jeecgframework.poi.excel.view.JeecgEntityExcelView;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.multipart.MultipartFile;
 import org.springframework.web.multipart.MultipartHttpServletRequest;
@ -238,7 +237,7 @@ public class SysCategoryController {
      //导出文件名称
      mv.addObject(NormalExcelConstants.FILE_NAME, "分类字典列表");
      mv.addObject(NormalExcelConstants.CLASS, SysCategory.class);
-      LoginUser user = SecureUtil.currentUser();
+      LoginUser user = (LoginUser) SecurityUtils.getSubject().getPrincipal();
      mv.addObject(NormalExcelConstants.PARAMS, new ExportParams("分类字典列表数据", "导出人:"+user.getRealname(), "导出信息"));
      return mv;
  }
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysCommentController.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysCommentController.java
@ -1,12 +1,12 @@
 package org.jeecg.modules.system.controller;

-import com.alibaba.fastjson.JSON;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.extern.slf4j.Slf4j;
+import org.apache.shiro.SecurityUtils;
 import org.jeecg.common.api.dto.DataLogDTO;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.constant.CommonConstant;
@ -14,14 +14,12 @@ import org.jeecg.common.system.api.ISysBaseAPI;
 import org.jeecg.common.system.base.controller.JeecgController;
 import org.jeecg.common.system.query.QueryGenerator;
 import org.jeecg.common.system.vo.LoginUser;
-import org.jeecg.config.security.utils.SecureUtil;
 import org.jeecg.modules.system.entity.SysComment;
 import org.jeecg.modules.system.service.ISysCommentService;
 import org.jeecg.modules.system.vo.SysCommentFileVo;
 import org.jeecg.modules.system.vo.SysCommentVO;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.servlet.ModelAndView;

@ -128,7 +126,7 @@ public class SysCommentController extends JeecgController<SysComment, ISysCommen
        if(comment==null){
            return Result.error("该评论已被删除！");
        }
-        LoginUser sysUser = SecureUtil.currentUser();
+        LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
        String username = sysUser.getUsername();
        String admin = "admin";
        //除了admin外 其他人只能删除自己的评论
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDataSourceController.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDataSourceController.java
@ -12,6 +12,7 @@ import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang.StringUtils;
+import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.aspect.annotation.AutoLog;
 import org.jeecg.common.config.TenantContext;
@ -26,7 +27,6 @@ import org.jeecg.modules.system.entity.SysDataSource;
 import org.jeecg.modules.system.service.ISysDataSourceService;
 import org.jeecg.modules.system.util.SecurityUtil;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.servlet.ModelAndView;

@ -60,7 +60,7 @@ public class SysDataSourceController extends JeecgController<SysDataSource, ISys
     */
    @AutoLog(value = "多数据源管理-分页列表查询")
    @Operation(summary = "多数据源管理-分页列表查询")
-    @PreAuthorize("@jps.requiresPermissions('system:datasource:list')")
+    @RequiresPermissions("system:datasource:list")
    @GetMapping(value = "/list")
    public Result<?> queryPageList(
            SysDataSource sysDataSource,
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDepartController.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDepartController.java
@ -1,11 +1,12 @@
 package org.jeecg.modules.system.controller;

-import com.alibaba.fastjson.JSON;
 import com.alibaba.fastjson.JSONObject;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.SecurityUtils;
+import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.config.TenantContext;
 import org.jeecg.common.constant.CacheConstant;
@ -17,7 +18,6 @@ import org.jeecg.common.util.ImportExcelUtil;
 import org.jeecg.common.util.YouBianCodeUtil;
 import org.jeecg.common.util.oConvertUtils;
 import org.jeecg.config.mybatis.MybatisPlusSaasConfig;
-import org.jeecg.config.security.utils.SecureUtil;
 import org.jeecg.modules.system.entity.SysDepart;
 import org.jeecg.modules.system.entity.SysUser;
 import org.jeecg.modules.system.model.DepartIdModel;
@ -25,6 +25,7 @@ import org.jeecg.modules.system.model.SysDepartTreeModel;
 import org.jeecg.modules.system.service.ISysDepartService;
 import org.jeecg.modules.system.service.ISysUserDepartService;
 import org.jeecg.modules.system.service.ISysUserService;
+import org.jeecg.modules.system.vo.SysDepartExportVo;
 import org.jeecg.modules.system.vo.lowapp.ExportDepartVo;
 import org.jeecgframework.poi.excel.ExcelImportUtil;
 import org.jeecgframework.poi.excel.def.NormalExcelConstants;
@ -34,8 +35,6 @@ import org.jeecgframework.poi.excel.view.JeecgEntityExcelView;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.cache.annotation.CacheEvict;
 import org.springframework.data.redis.core.RedisTemplate;
-import org.springframework.security.access.prepost.PreAuthorize;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.multipart.MultipartFile;
 import org.springframework.web.multipart.MultipartHttpServletRequest;
@ -74,7 +73,7 @@ public class SysDepartController {
 	@RequestMapping(value = "/queryMyDeptTreeList", method = RequestMethod.GET)
 	public Result<List<SysDepartTreeModel>> queryMyDeptTreeList() {
 		Result<List<SysDepartTreeModel>> result = new Result<>();
-		LoginUser user = SecureUtil.currentUser();
+		LoginUser user = (LoginUser) SecurityUtils.getSubject().getPrincipal();
 		try {
 			if(oConvertUtils.isNotEmpty(user.getUserIdentity()) && user.getUserIdentity().equals( CommonConstant.USER_IDENTITY_2 )){
 				//update-begin--Author:liusq  Date:20210624  for:部门查询ids为空后的前端显示问题 issues/I3UD06
@ -178,7 +177,7 @@ public class SysDepartController {
 	 * @param sysDepart
 	 * @return
 	 */
-	@PreAuthorize("@jps.requiresPermissions('system:depart:add')")
+    @RequiresPermissions("system:depart:add")
 	@RequestMapping(value = "/add", method = RequestMethod.POST)
 	@CacheEvict(value= {CacheConstant.SYS_DEPARTS_CACHE,CacheConstant.SYS_DEPART_IDS_CACHE}, allEntries=true)
 	public Result<SysDepart> add(@RequestBody SysDepart sysDepart, HttpServletRequest request) {
@ -204,7 +203,7 @@ public class SysDepartController {
 	 * @param sysDepart
 	 * @return
 	 */
-	@PreAuthorize("@jps.requiresPermissions('system:depart:edit')")
+    @RequiresPermissions("system:depart:edit")
 	@RequestMapping(value = "/edit", method = {RequestMethod.PUT,RequestMethod.POST})
 	@CacheEvict(value= {CacheConstant.SYS_DEPARTS_CACHE,CacheConstant.SYS_DEPART_IDS_CACHE}, allEntries=true)
 	public Result<SysDepart> edit(@RequestBody SysDepart sysDepart, HttpServletRequest request) {
@ -232,7 +231,7 @@ public class SysDepartController {
    * @param id
    * @return
    */
-	@PreAuthorize("@jps.requiresPermissions('system:depart:delete')")
+    @RequiresPermissions("system:depart:delete")
    @RequestMapping(value = "/delete", method = RequestMethod.DELETE)
 	@CacheEvict(value= {CacheConstant.SYS_DEPARTS_CACHE,CacheConstant.SYS_DEPART_IDS_CACHE}, allEntries=true)
   public Result<SysDepart> delete(@RequestParam(name="id",required=true) String id) {
@ -258,7 +257,7 @@ public class SysDepartController {
 	 * @param ids
 	 * @return
 	 */
-	@PreAuthorize("@jps.requiresPermissions('system:depart:deleteBatch')")
+    @RequiresPermissions("system:depart:deleteBatch")
 	@RequestMapping(value = "/deleteBatch", method = RequestMethod.DELETE)
 	@CacheEvict(value= {CacheConstant.SYS_DEPARTS_CACHE,CacheConstant.SYS_DEPART_IDS_CACHE}, allEntries=true)
 	public Result<SysDepart> deleteBatch(@RequestParam(name = "ids", required = true) String ids) {
@ -322,7 +321,7 @@ public class SysDepartController {
 	public Result<List<SysDepartTreeModel>> searchBy(@RequestParam(name = "keyWord", required = true) String keyWord,@RequestParam(name = "myDeptSearch", required = false) String myDeptSearch) {
 		Result<List<SysDepartTreeModel>> result = new Result<List<SysDepartTreeModel>>();
 		//部门查询，myDeptSearch为1时为我的部门查询，登录用户为上级时查只查负责部门下数据
-		LoginUser user = SecureUtil.currentUser();
+		LoginUser user = (LoginUser) SecurityUtils.getSubject().getPrincipal();
 		String departIds = null;
 		if(oConvertUtils.isNotEmpty(user.getUserIdentity()) && user.getUserIdentity().equals( CommonConstant.USER_IDENTITY_2 )){
 			departIds = user.getDepartIds();
@ -352,25 +351,34 @@ public class SysDepartController {
 		}
 		//------------------------------------------------------------------------------------------------
 		
-        // Step.1 组装查询条件
-        QueryWrapper<SysDepart> queryWrapper = QueryGenerator.initQueryWrapper(sysDepart, request.getParameterMap());
-        //Step.2 AutoPoi 导出Excel
-        ModelAndView mv = new ModelAndView(new JeecgEntityExcelView());
-        List<SysDepart> pageList = sysDepartService.list(queryWrapper);
+		//update-begin---author:wangshuai---date:2023-10-19---for:【QQYUN-5482】系统的部门导入导出也可以改成敲敲云模式的部门路径---
+		//// Step.1 组装查询条件
+		//QueryWrapper<SysDepart> queryWrapper = QueryGenerator.initQueryWrapper(sysDepart, request.getParameterMap());
+		//Step.1 AutoPoi 导出Excel
+		ModelAndView mv = new ModelAndView(new JeecgEntityExcelView());
+        //List<SysDepart> pageList = sysDepartService.list(queryWrapper);
        //按字典排序
-        Collections.sort(pageList, new Comparator<SysDepart>() {
-            @Override
-			public int compare(SysDepart arg0, SysDepart arg1) {
-            	return arg0.getOrgCode().compareTo(arg1.getOrgCode());
-            }
-        });
+        //Collections.sort(pageList, new Comparator<SysDepart>() {
+            //@Override
+			//public int compare(SysDepart arg0, SysDepart arg1) {
+				//return arg0.getOrgCode().compareTo(arg1.getOrgCode());
+			//}
+		//});
+		//step.2 组装导出数据
+		List<SysDepartExportVo> sysDepartExportVos = sysDepartService.getExportDepart(sysDepart.getTenantId());
        //导出文件名称
        mv.addObject(NormalExcelConstants.FILE_NAME, "部门列表");
-        mv.addObject(NormalExcelConstants.CLASS, SysDepart.class);
-        LoginUser user = SecureUtil.currentUser();
-        mv.addObject(NormalExcelConstants.PARAMS, new ExportParams("部门列表数据", "导出人:"+user.getRealname(), "导出信息"));
-        mv.addObject(NormalExcelConstants.DATA_LIST, pageList);
-        return mv;
+        mv.addObject(NormalExcelConstants.CLASS, SysDepartExportVo.class);
+        LoginUser user = (LoginUser) SecurityUtils.getSubject().getPrincipal();
+        mv.addObject(NormalExcelConstants.PARAMS, new ExportParams("导入规则：\n" +
+				"1、标题为第三行，部门路径和部门名称的标题不允许修改，否则会匹配失败；第四行为数据填写范围;\n" +
+				"2、部门路径用英文字符/分割，部门名称为部门路径的最后一位;\n" +
+				"3、部门从一级名称开始创建，如果有同级就需要多添加一行，如研发部/研发一部;研发部/研发二部;\n" +
+				"4、自定义的部门编码需要满足规则才能导入。如一级部门编码为A01,那么子部门为A01A01,同级子部门为A01A02,编码固定为三位，首字母为A-Z,后两位为数字0-99，依次递增;", "导出人:"+user.getRealname(), "导出信息"));
+        mv.addObject(NormalExcelConstants.DATA_LIST, sysDepartExportVos);
+		//update-end---author:wangshuai---date:2023-10-19---for:【QQYUN-5482】系统的部门导入导出也可以改成敲敲云模式的部门路径---
+        
+		return mv;
    }

    /**
@ -382,13 +390,14 @@ public class SysDepartController {
     * @param response
     * @return
     */
-	@PreAuthorize("@jps.requiresPermissions('system:depart:importExcel')")
+    @RequiresPermissions("system:depart:importExcel")
    @RequestMapping(value = "/importExcel", method = RequestMethod.POST)
 	@CacheEvict(value= {CacheConstant.SYS_DEPARTS_CACHE,CacheConstant.SYS_DEPART_IDS_CACHE}, allEntries=true)
    public Result<?> importExcel(HttpServletRequest request, HttpServletResponse response) {
        MultipartHttpServletRequest multipartRequest = (MultipartHttpServletRequest) request;
 		List<String> errorMessageList = new ArrayList<>();
-		List<SysDepart> listSysDeparts = null;
+		//List<SysDepart> listSysDeparts = null;
+		List<SysDepartExportVo> listSysDeparts = null;
        Map<String, MultipartFile> fileMap = multipartRequest.getFileMap();
        for (Map.Entry<String, MultipartFile> entity : fileMap.entrySet()) {
            // 获取上传文件对象
@ -398,51 +407,59 @@ public class SysDepartController {
            params.setHeadRows(1);
            params.setNeedSave(true);
            try {
-            	// orgCode编码长度
-            	int codeLength = YouBianCodeUtil.ZHANWEI_LENGTH;
-                listSysDeparts = ExcelImportUtil.importExcel(file.getInputStream(), SysDepart.class, params);
-                //按长度排序
-                Collections.sort(listSysDeparts, new Comparator<SysDepart>() {
-                    @Override
-					public int compare(SysDepart arg0, SysDepart arg1) {
-                    	return arg0.getOrgCode().length() - arg1.getOrgCode().length();
-                    }
-                });
-
-                int num = 0;
-                for (SysDepart sysDepart : listSysDeparts) {
-                	String orgCode = sysDepart.getOrgCode();
-                	if(orgCode.length() > codeLength) {
-                		String parentCode = orgCode.substring(0, orgCode.length()-codeLength);
-                		QueryWrapper<SysDepart> queryWrapper = new QueryWrapper<SysDepart>();
-                		queryWrapper.eq("org_code", parentCode);
-                		try {
-                		SysDepart parentDept = sysDepartService.getOne(queryWrapper);
-                		if(!parentDept.equals(null)) {
-							sysDepart.setParentId(parentDept.getId());
-							//更新父级部门不是叶子结点
-							sysDepartService.updateIzLeaf(parentDept.getId(),CommonConstant.NOT_LEAF);
-						} else {
-							sysDepart.setParentId("");
-						}
-                		}catch (Exception e) {
-                			//没有查找到parentDept
-                		}
-                	}else{
-                		sysDepart.setParentId("");
-					}
-                    //update-begin---author:liusq   Date:20210223  for：批量导入部门以后，不能追加下一级部门 #2245------------
-					sysDepart.setOrgType(sysDepart.getOrgCode().length()/codeLength+"");
-                    //update-end---author:liusq   Date:20210223  for：批量导入部门以后，不能追加下一级部门 #2245------------
-					sysDepart.setDelFlag(CommonConstant.DEL_FLAG_0.toString());
-                    //update-begin---author:wangshuai ---date:20220105  for：[JTC-363]部门导入 机构类别没有时导入失败，赋默认值------------
-					if(oConvertUtils.isEmpty(sysDepart.getOrgCategory())){
-					    sysDepart.setOrgCategory("1");
-                    }
-                    //update-end---author:wangshuai ---date:20220105  for：[JTC-363]部门导入 机构类别没有时导入失败，赋默认值------------
-					ImportExcelUtil.importDateSaveOne(sysDepart, ISysDepartService.class, errorMessageList, num, CommonConstant.SQL_INDEX_UNIQ_DEPART_ORG_CODE);
-					num++;
-                }
+				//update-begin---author:wangshuai---date:2023-10-20---for: 注释掉原来的导入部门的逻辑---
+//            	// orgCode编码长度
+//            	int codeLength = YouBianCodeUtil.ZHANWEI_LENGTH;
+//                listSysDeparts = ExcelImportUtil.importExcel(file.getInputStream(), SysDepart.class, params);
+//                //按长度排序
+//                Collections.sort(listSysDeparts, new Comparator<SysDepart>() {
+//                    @Override
+//					public int compare(SysDepart arg0, SysDepart arg1) {
+//                    	return arg0.getOrgCode().length() - arg1.getOrgCode().length();
+//                    }
+//                });
+//
+//                int num = 0;
+//                for (SysDepart sysDepart : listSysDeparts) {
+//                	String orgCode = sysDepart.getOrgCode();
+//                	if(orgCode.length() > codeLength) {
+//                		String parentCode = orgCode.substring(0, orgCode.length()-codeLength);
+//                		QueryWrapper<SysDepart> queryWrapper = new QueryWrapper<SysDepart>();
+//                		queryWrapper.eq("org_code", parentCode);
+//                		try {
+//                		SysDepart parentDept = sysDepartService.getOne(queryWrapper);
+//                		if(!parentDept.equals(null)) {
+//							sysDepart.setParentId(parentDept.getId());
+//							//更新父级部门不是叶子结点
+//							sysDepartService.updateIzLeaf(parentDept.getId(),CommonConstant.NOT_LEAF);
+//						} else {
+//							sysDepart.setParentId("");
+//						}
+//                		}catch (Exception e) {
+//                			//没有查找到parentDept
+//                		}
+//                	}else{
+//                		sysDepart.setParentId("");
+//					}
+//                    //update-begin---author:liusq   Date:20210223  for：批量导入部门以后，不能追加下一级部门 #2245------------
+//					sysDepart.setOrgType(sysDepart.getOrgCode().length()/codeLength+"");
+//                    //update-end---author:liusq   Date:20210223  for：批量导入部门以后，不能追加下一级部门 #2245------------
+//					sysDepart.setDelFlag(CommonConstant.DEL_FLAG_0.toString());
+//                    //update-begin---author:wangshuai ---date:20220105  for：[JTC-363]部门导入 机构类别没有时导入失败，赋默认值------------
+//					if(oConvertUtils.isEmpty(sysDepart.getOrgCategory())){
+//					    sysDepart.setOrgCategory("1");
+//                    }
+//                    //update-end---author:wangshuai ---date:20220105  for：[JTC-363]部门导入 机构类别没有时导入失败，赋默认值------------
+//					ImportExcelUtil.importDateSaveOne(sysDepart, ISysDepartService.class, errorMessageList, num, CommonConstant.SQL_INDEX_UNIQ_DEPART_ORG_CODE);
+//					num++;
+//                }
+				//update-end---author:wangshuai---date:2023-10-20---for: 注释掉原来的导入部门的逻辑---
+				
+				//update-begin---author:wangshuai---date:2023-10-19---for:【QQYUN-5482】系统的部门导入导出也可以改成敲敲云模式的部门路径---
+				listSysDeparts = ExcelImportUtil.importExcel(file.getInputStream(), SysDepartExportVo.class, params);
+				sysDepartService.importSysDepart(listSysDeparts,errorMessageList);
+				//update-end---author:wangshuai---date:2023-10-19---for:【QQYUN-5482】系统的部门导入导出也可以改成敲敲云模式的部门路径---
+				
 				//清空部门缓存
 				Set keys3 = redisTemplate.keys(CacheConstant.SYS_DEPARTS_CACHE + "*");
 				Set keys4 = redisTemplate.keys(CacheConstant.SYS_DEPART_IDS_CACHE + "*");
@ -546,7 +563,7 @@ public class SysDepartController {
 	 * @return
 	 */
 	@RequestMapping(value = "/queryByIds", method = RequestMethod.GET)
-	public Result<Collection<SysDepart>> queryByIds(@RequestParam String deptIds) {
+	public Result<Collection<SysDepart>> queryByIds(@RequestParam(name = "deptIds") String deptIds) {
 		Result<Collection<SysDepart>> result = new Result<>();
 		String[] ids = deptIds.split(",");
 		Collection<String> idList = Arrays.asList(ids);
@ -609,7 +626,7 @@ public class SysDepartController {
 		//导出文件名称
 		mv.addObject(NormalExcelConstants.FILE_NAME, "部门列表");
 		mv.addObject(NormalExcelConstants.CLASS, ExportDepartVo.class);
-		LoginUser user = SecureUtil.currentUser();
+		LoginUser user = (LoginUser) SecurityUtils.getSubject().getPrincipal();
 		mv.addObject(NormalExcelConstants.PARAMS, new ExportParams("部门列表数据", "导出人:"+user.getRealname(), "导出信息"));
 		mv.addObject(NormalExcelConstants.DATA_LIST, pageList);
 		return mv;
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDepartPermissionController.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDepartPermissionController.java
@ -1,6 +1,5 @@
 package org.jeecg.modules.system.controller;

-import com.alibaba.fastjson.JSON;
 import com.alibaba.fastjson.JSONObject;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
@ -11,13 +10,13 @@ import io.swagger.v3.oas.annotations.tags.Tag;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
+import org.apache.shiro.SecurityUtils;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.constant.CommonConstant;
 import org.jeecg.common.system.base.controller.JeecgController;
 import org.jeecg.common.system.query.QueryGenerator;
 import org.jeecg.common.system.vo.LoginUser;
 import org.jeecg.common.util.oConvertUtils;
-import org.jeecg.config.security.utils.SecureUtil;
 import org.jeecg.modules.base.service.BaseCommonService;
 import org.jeecg.modules.system.entity.SysDepartPermission;
 import org.jeecg.modules.system.entity.SysDepartRolePermission;
@ -29,7 +28,6 @@ import org.jeecg.modules.system.service.ISysDepartRolePermissionService;
 import org.jeecg.modules.system.service.ISysPermissionDataRuleService;
 import org.jeecg.modules.system.service.ISysPermissionService;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.servlet.ModelAndView;

@ -260,7 +258,7 @@ public class SysDepartPermissionController extends JeecgController<SysDepartPerm
 			 this.sysDepartRolePermissionService.saveDeptRolePermission(roleId, permissionIds, lastPermissionIds);
 			 result.success("保存成功！");
             //update-begin---author:wangshuai ---date:20220316  for：[VUEN-234]部门角色授权添加敏感日志------------
-             LoginUser loginUser = SecureUtil.currentUser();
+             LoginUser loginUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
             baseCommonService.addLog("修改部门角色ID:"+roleId+"的权限配置，操作人： " +loginUser.getUsername() ,CommonConstant.LOG_TYPE_2, 2);
             //update-end---author:wangshuai ---date:20220316  for：[VUEN-234]部门角色授权添加敏感日志------------
             log.info("======部门角色授权成功=====耗时:" + (System.currentTimeMillis() - start) + "毫秒");
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDepartRoleController.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDepartRoleController.java
@ -3,21 +3,23 @@ package org.jeecg.modules.system.controller;
 import java.util.*;
 import java.util.stream.Collectors;

-import com.alibaba.fastjson.JSON;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
+import jakarta.annotation.Resource;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;

 import com.alibaba.fastjson.JSONObject;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
+import org.apache.shiro.SecurityUtils;
+import org.apache.shiro.authz.annotation.RequiresPermissions;
+import org.apache.shiro.authz.annotation.RequiresRoles;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.constant.CommonConstant;
 import org.jeecg.common.system.query.QueryGenerator;
 import org.jeecg.common.aspect.annotation.AutoLog;
 import org.jeecg.common.system.vo.LoginUser;
 import org.jeecg.common.util.oConvertUtils;
-import org.jeecg.config.security.utils.SecureUtil;
 import org.jeecg.modules.base.service.BaseCommonService;
 import org.jeecg.modules.system.entity.*;
 import org.jeecg.modules.system.service.*;
@ -28,8 +30,6 @@ import lombok.extern.slf4j.Slf4j;
 import org.jeecg.common.system.base.controller.JeecgController;

 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.servlet.ModelAndView;

@ -80,8 +80,8 @@ public class SysDepartRoleController extends JeecgController<SysDepartRole, ISys
 								   HttpServletRequest req) {
 		QueryWrapper<SysDepartRole> queryWrapper = QueryGenerator.initQueryWrapper(sysDepartRole, req.getParameterMap());
 		Page<SysDepartRole> page = new Page<SysDepartRole>(pageNo, pageSize);
-		LoginUser user = SecureUtil.currentUser();
-		List<String> deptIds = null;
+//		LoginUser user = (LoginUser) SecurityUtils.getSubject().getPrincipal();
+//		List<String> deptIds = null;
 //		if(oConvertUtils.isEmpty(deptId)){
 //			if(oConvertUtils.isNotEmpty(user.getUserIdentity()) && user.getUserIdentity().equals(CommonConstant.USER_IDENTITY_2) ){
 //				deptIds = sysDepartService.getMySubDepIdsByDepId(user.getDepartIds());
@ -94,7 +94,10 @@ public class SysDepartRoleController extends JeecgController<SysDepartRole, ISys
 //		queryWrapper.in("depart_id",deptIds);

 		//我的部门，选中部门只能看当前部门下的角色
-		queryWrapper.eq("depart_id",deptId);
+		if(oConvertUtils.isNotEmpty(deptId)){
+			queryWrapper.eq("depart_id",deptId);
+		}
+		
 		IPage<SysDepartRole> pageList = sysDepartRoleService.page(page, queryWrapper);
 		return Result.ok(pageList);
 	}
@ -105,7 +108,7 @@ public class SysDepartRoleController extends JeecgController<SysDepartRole, ISys
 	 * @param sysDepartRole
 	 * @return
 	 */
-	@PreAuthorize("@jps.requiresPermissions('system:depart:role:add')")
+    @RequiresPermissions("system:depart:role:add")
 	@Operation(summary="部门角色-添加")
 	@PostMapping(value = "/add")
 	public Result<?> add(@RequestBody SysDepartRole sysDepartRole) {
@ -120,7 +123,7 @@ public class SysDepartRoleController extends JeecgController<SysDepartRole, ISys
 	 * @return
 	 */
 	@Operation(summary="部门角色-编辑")
-	@PreAuthorize("@jps.requiresPermissions('system:depart:role:edit')")
+    @RequiresPermissions("system:depart:role:edit")
 	@RequestMapping(value = "/edit", method = {RequestMethod.PUT,RequestMethod.POST})
 	public Result<?> edit(@RequestBody SysDepartRole sysDepartRole) {
 		sysDepartRoleService.updateById(sysDepartRole);
@ -135,7 +138,7 @@ public class SysDepartRoleController extends JeecgController<SysDepartRole, ISys
 	 */
 	@AutoLog(value = "部门角色-通过id删除")
 	@Operation(summary="部门角色-通过id删除")
-	@PreAuthorize("@jps.requiresPermissions('system:depart:role:delete')")
+    @RequiresPermissions("system:depart:role:delete")
 	@DeleteMapping(value = "/delete")
 	public Result<?> delete(@RequestParam(name="id",required=true) String id) {
 		sysDepartRoleService.removeById(id);
@ -150,7 +153,7 @@ public class SysDepartRoleController extends JeecgController<SysDepartRole, ISys
 	 */
 	@AutoLog(value = "部门角色-批量删除")
 	@Operation(summary="部门角色-批量删除")
-	@PreAuthorize("@jps.requiresPermissions('system:depart:role:deleteBatch')")
+    @RequiresPermissions("system:depart:role:deleteBatch")
 	@DeleteMapping(value = "/deleteBatch")
 	public Result<?> deleteBatch(@RequestParam(name="ids",required=true) String ids) {
 		this.sysDepartRoleService.removeByIds(Arrays.asList(ids.split(",")));
@ -190,7 +193,7 @@ public class SysDepartRoleController extends JeecgController<SysDepartRole, ISys
 	  * @param json
 	  * @return
 	  */
-	 @PreAuthorize("@jps.requiresPermissions('system:depart:role:userAdd')")
+     @RequiresPermissions("system:depart:role:userAdd")
 	 @RequestMapping(value = "/deptRoleUserAdd", method = RequestMethod.POST)
 	 public Result<?> deptRoleAdd(@RequestBody JSONObject json) {
 		 String newRoleId = json.getString("newRoleId");
@ -198,7 +201,7 @@ public class SysDepartRoleController extends JeecgController<SysDepartRole, ISys
 		 String userId = json.getString("userId");
 		 departRoleUserService.deptRoleUserAdd(userId,newRoleId,oldRoleId);
         //update-begin---author:wangshuai ---date:20220316  for：[VUEN-234]部门角色分配添加敏感日志------------
-         LoginUser loginUser = SecureUtil.currentUser();
+         LoginUser loginUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
         baseCommonService.addLog("给部门用户ID："+userId+"分配角色，操作人： " +loginUser.getUsername() ,CommonConstant.LOG_TYPE_2, 2);
         //update-end---author:wangshuai ---date:20220316  for：[VUEN-234]部门角色分配添加敏感日志------------
         return Result.ok("添加成功！");
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDictController.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDictController.java
@ -7,6 +7,8 @@ import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import lombok.extern.slf4j.Slf4j;
+import org.apache.shiro.SecurityUtils;
+import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.config.TenantContext;
 import org.jeecg.common.constant.CacheConstant;
@ -18,7 +20,6 @@ import org.jeecg.common.system.vo.DictQuery;
 import org.jeecg.common.system.vo.LoginUser;
 import org.jeecg.common.util.*;
 import org.jeecg.config.mybatis.MybatisPlusSaasConfig;
-import org.jeecg.config.security.utils.SecureUtil;
 import org.jeecg.modules.system.entity.SysDict;
 import org.jeecg.modules.system.entity.SysDictItem;
 import org.jeecg.modules.system.model.SysDictTree;
@ -37,8 +38,6 @@ import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.cache.annotation.CacheEvict;
 import org.springframework.data.redis.core.RedisTemplate;
-import org.springframework.security.access.prepost.PreAuthorize;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.multipart.MultipartFile;
 import org.springframework.web.multipart.MultipartHttpServletRequest;
@ -365,7 +364,7 @@ public class SysDictController {
 	 * @param sysDict
 	 * @return
 	 */
-	@PreAuthorize("@jps.requiresPermissions('system:dict:add')")
+    @RequiresPermissions("system:dict:add")
 	@RequestMapping(value = "/add", method = RequestMethod.POST)
 	public Result<SysDict> add(@RequestBody SysDict sysDict) {
 		Result<SysDict> result = new Result<SysDict>();
@ -386,7 +385,7 @@ public class SysDictController {
 	 * @param sysDict
 	 * @return
 	 */
-	@PreAuthorize("@jps.requiresPermissions('system:dict:edit')")
+    @RequiresPermissions("system:dict:edit")
 	@RequestMapping(value = "/edit", method = { RequestMethod.PUT,RequestMethod.POST })
 	public Result<SysDict> edit(@RequestBody SysDict sysDict) {
 		Result<SysDict> result = new Result<SysDict>();
@ -408,7 +407,7 @@ public class SysDictController {
 	 * @param id
 	 * @return
 	 */
-	@PreAuthorize("@jps.requiresPermissions('system:dict:delete')")
+    @RequiresPermissions("system:dict:delete")
 	@RequestMapping(value = "/delete", method = RequestMethod.DELETE)
 	@CacheEvict(value={CacheConstant.SYS_DICT_CACHE, CacheConstant.SYS_ENABLE_DICT_CACHE}, allEntries=true)
 	public Result<SysDict> delete(@RequestParam(name="id",required=true) String id) {
@ -427,7 +426,7 @@ public class SysDictController {
 	 * @param ids
 	 * @return
 	 */
-	@PreAuthorize("@jps.requiresPermissions('system:dict:deleteBatch')")
+    @RequiresPermissions("system:dict:deleteBatch")
 	@RequestMapping(value = "/deleteBatch", method = RequestMethod.DELETE)
 	@CacheEvict(value= {CacheConstant.SYS_DICT_CACHE, CacheConstant.SYS_ENABLE_DICT_CACHE}, allEntries=true)
 	public Result<SysDict> deleteBatch(@RequestParam(name="ids",required=true) String ids) {
@ -514,7 +513,7 @@ public class SysDictController {
 		// 注解对象Class
 		mv.addObject(NormalExcelConstants.CLASS, SysDictPage.class);
 		// 自定义表格参数
-		LoginUser user = SecureUtil.currentUser();
+		LoginUser user = (LoginUser) SecurityUtils.getSubject().getPrincipal();
 		mv.addObject(NormalExcelConstants.PARAMS, new ExportParams("数据字典列表", "导出人:"+user.getRealname(), "数据字典"));
 		// 导出数据列表
 		mv.addObject(NormalExcelConstants.DATA_LIST, pageList);
@ -528,7 +527,7 @@ public class SysDictController {
 	 * @param
 	 * @return
 	 */
-	@PreAuthorize("@jps.requiresPermissions('system:dict:importExcel')")
+    @RequiresPermissions("system:dict:importExcel")
 	@RequestMapping(value = "/importExcel", method = RequestMethod.POST)
 	public Result<?> importExcel(HttpServletRequest request, HttpServletResponse response) {
 		MultipartHttpServletRequest multipartRequest = (MultipartHttpServletRequest) request;
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDictItemController.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDictItemController.java
@ -10,6 +10,8 @@ import jakarta.servlet.http.HttpServletRequest;

 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import org.apache.commons.lang.StringUtils;
+import org.apache.shiro.authz.annotation.RequiresPermissions;
+import org.apache.shiro.authz.annotation.RequiresRoles;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.constant.CacheConstant;
 import org.jeecg.common.system.query.QueryGenerator;
@ -18,7 +20,6 @@ import org.jeecg.modules.system.entity.SysDictItem;
 import org.jeecg.modules.system.service.ISysDictItemService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.cache.annotation.CacheEvict;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
@ -73,7 +74,7 @@ public class SysDictItemController {
 	 * @功能：新增
 	 * @return
 	 */
-	@PreAuthorize("@jps.requiresPermissions('system:dict:item:add')")
+    @RequiresPermissions("system:dict:item:add")
 	@RequestMapping(value = "/add", method = RequestMethod.POST)
 	@CacheEvict(value= {CacheConstant.SYS_DICT_CACHE, CacheConstant.SYS_ENABLE_DICT_CACHE}, allEntries=true)
 	public Result<SysDictItem> add(@RequestBody SysDictItem sysDictItem) {
@ -94,7 +95,7 @@ public class SysDictItemController {
 	 * @param sysDictItem
 	 * @return
 	 */
-	@PreAuthorize("@jps.requiresPermissions('system:dict:item:edit')")
+    @RequiresPermissions("system:dict:item:edit")
 	@RequestMapping(value = "/edit",  method = { RequestMethod.PUT,RequestMethod.POST })
 	@CacheEvict(value={CacheConstant.SYS_DICT_CACHE, CacheConstant.SYS_ENABLE_DICT_CACHE}, allEntries=true)
 	public Result<SysDictItem> edit(@RequestBody SysDictItem sysDictItem) {
@ -118,7 +119,7 @@ public class SysDictItemController {
 	 * @param id
 	 * @return
 	 */
-	@PreAuthorize("@jps.requiresPermissions('system:dict:item:delete')")
+    @RequiresPermissions("system:dict:item:delete")
 	@RequestMapping(value = "/delete", method = RequestMethod.DELETE)
 	@CacheEvict(value={CacheConstant.SYS_DICT_CACHE, CacheConstant.SYS_ENABLE_DICT_CACHE}, allEntries=true)
 	public Result<SysDictItem> delete(@RequestParam(name="id",required=true) String id) {
@ -140,7 +141,7 @@ public class SysDictItemController {
 	 * @param ids
 	 * @return
 	 */
-	@PreAuthorize("@jps.requiresPermissions('system:dict:item:deleteBatch')")
+    @RequiresPermissions("system:dict:item:deleteBatch")
 	@RequestMapping(value = "/deleteBatch", method = RequestMethod.DELETE)
 	@CacheEvict(value={CacheConstant.SYS_DICT_CACHE, CacheConstant.SYS_ENABLE_DICT_CACHE}, allEntries=true)
 	public Result<SysDictItem> deleteBatch(@RequestParam(name="ids",required=true) String ids) {
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysGatewayRouteController.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysGatewayRouteController.java
@ -5,13 +5,13 @@ import com.alibaba.fastjson.JSONObject;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.extern.slf4j.Slf4j;
+import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.system.base.controller.JeecgController;
 import org.jeecg.common.util.oConvertUtils;
 import org.jeecg.modules.system.entity.SysGatewayRoute;
 import org.jeecg.modules.system.service.ISysGatewayRouteService;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.*;

 import java.util.List;
@ -67,7 +67,7 @@ public class SysGatewayRouteController extends JeecgController<SysGatewayRoute,
     * @param id
     * @return
     */
-	@PreAuthorize("@jps.requiresPermissions('system:getway:delete')")
+    @RequiresPermissions("system:getway:delete")
    @RequestMapping(value = "/delete", method = RequestMethod.DELETE)
    public Result<?> delete(@RequestParam(name = "id", required = true) String id) {
        sysGatewayRouteService.deleteById(id);
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysLogController.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysLogController.java
@ -5,6 +5,7 @@ import java.util.Arrays;

 import jakarta.servlet.http.HttpServletRequest;

+import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.constant.CommonConstant;
 import org.jeecg.common.system.query.QueryGenerator;
@ -54,6 +55,7 @@ public class SysLogController {
 	 * @return
 	 */
 	@RequestMapping(value = "/list", method = RequestMethod.GET)
+	//@RequiresPermissions("system:log:list")
 	public Result<IPage<SysLog>> queryPageList(SysLog syslog,@RequestParam(name="pageNo", defaultValue="1") Integer pageNo,
 									  @RequestParam(name="pageSize", defaultValue="10") Integer pageSize,HttpServletRequest req) {
 		Result<IPage<SysLog>> result = new Result<IPage<SysLog>>();
@ -84,6 +86,7 @@ public class SysLogController {
 	 * @return
 	 */
 	@RequestMapping(value = "/delete", method = RequestMethod.DELETE)
+	//@RequiresPermissions("system:log:delete")
 	public Result<SysLog> delete(@RequestParam(name="id",required=true) String id) {
 		Result<SysLog> result = new Result<SysLog>();
 		SysLog sysLog = sysLogService.getById(id);
@ -104,6 +107,7 @@ public class SysLogController {
 	 * @return
 	 */
 	@RequestMapping(value = "/deleteBatch", method = RequestMethod.DELETE)
+	//@RequiresPermissions("system:log:deleteBatch")
 	public Result<SysRole> deleteBatch(@RequestParam(name="ids",required=true) String ids) {
 		Result<SysRole> result = new Result<SysRole>();
 		if(ids==null || "".equals(ids.trim())) {
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
JEECG	4caff75cce	Merge pull request #5935 from EightMonth/springboot3_config 修正spring boot3默认配置	2024-03-01 16:24:33 +08:00
EightMonth	811861a957	添加nacos sql自动创建nacos库	2024-03-01 16:15:06 +08:00
EightMonth	24623ba4b0	梳理服务配置信息	2024-03-01 16:06:12 +08:00
EightMonth	7c68b46943	添加springboot3的配置变更	2024-03-01 16:04:57 +08:00
zhangdaiscott	7c34161369	删除无用文件	2024-02-29 17:41:13 +08:00
zhangdaiscott	bc52aa918d	gateway的配置改坏了，导致命名空间等不好使	2024-02-29 17:30:04 +08:00
zhangdaiscott	9dfdd47b36	springboot3版本的仪表盘依赖有问题，升级一个版本	2024-01-12 11:32:26 +08:00
zhangdaiscott	272a7540eb	仪表盘升级为springboot3版本	2024-01-12 11:00:51 +08:00
EightMonth	ad796f079f	flywaydb兼容springboot3报错，先注释掉	2024-01-12 11:00:37 +08:00
JEECG	e7e7716d05	Merge pull request #5782 from EightMonth/springboot3 同步主干分支版本代码，并升级jedis至3.8.0	2024-01-12 10:39:24 +08:00
EightMonth	c5d620d2b2	升级jedis版本至3.8.0	2024-01-08 13:54:04 +08:00
EightMonth	cdea05ebb0	Merge branch 'master' into springboot3 # Conflicts: # jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/ShiroConfig.java # jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/entity/JeecgDemo.java # jeecg-module-system/jeecg-system-biz/pom.xml # jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysTableWhiteListController.java # jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/WechatVerifyController.java # jeecg-module-system/jeecg-system-start/pom.xml # jeecg-server-cloud/jeecg-visual/jeecg-cloud-sentinel/pom.xml # pom.xml	2024-01-08 13:52:33 +08:00
JEECG	ca9a433f3c	Merge pull request #5765 from hoperunChen/springboot3-fix-#5723 fix issue for springboot3 #5723: 指定jaxb-runtime版本,添加修改记录	2024-01-04 21:41:11 +08:00
JEECG	2be6052cd4	Merge pull request #5766 from hoperunChen/springboot3-fix-#5742 fix issue for springboot3 #5742: 修改代码生成时的schema注解参数	2024-01-04 21:40:53 +08:00
JEECG	68ed67ee49	shiro 无法使用 spring boot 3.X 自带的jedis，降版本处理 Merge pull request #5767 from hoperunChen/springboot3-fix-#5741 fix issue for springboot3 #5741: shiro 无法使用 spring boot 3.X 自带的jedis，降版本处理	2024-01-04 21:40:31 +08:00
chenrui	d5903ba52a	Merge remote-tracking branch 'upstream/springboot3' into springboot3-fix-#5741	2024-01-04 20:37:37 +08:00
chenrui	3ee635eddf	fix issue for springboot3 #5723 : 指定jaxb-runtime版本,添加修改记录	2024-01-04 20:32:26 +08:00
chenrui	21bc68fb53	fix issue for springboot3 #5741 : shiro 无法使用 spring boot 3.X 自带的jedis，降版本处理	2024-01-04 20:19:46 +08:00
zhangdaiscott	6fe8f1d81a	从3.6.2+版本增加flyway自动升级数据库机制	2024-01-04 14:56:06 +08:00
zhangdaiscott	0bd7f715c4	默认删除人大金仓依赖，需要请自己放开	2024-01-04 13:57:23 +08:00
zhangdaiscott	041d88161e	2024年首版本发布（antd4和仪表盘大升级）	2024-01-03 22:12:07 +08:00
zhangdaiscott	79a62aa056	从3.6.2+版本增加flyway自动升级数据库机制	2024-01-03 22:07:27 +08:00
zhangdaiscott	b86b4d9676	从3.6.2+版本增加flyway自动升级数据库机制	2024-01-03 22:01:07 +08:00
zhangdaiscott	aeaac80012	2024年首版本发布（antd4和仪表盘大升级）	2024-01-03 19:46:35 +08:00
zhangdaiscott	e0ef20cf08	3.6.2版本对应的数据库脚本	2024-01-03 18:58:30 +08:00
zhangdaiscott	169a66f5dd	升级新版本号3.6.2	2024-01-03 13:47:33 +08:00
zhangdaiscott	7e39b31123	日志暂时不做权限控制	2024-01-03 13:44:36 +08:00
zhangdaiscott	18765450a6	2024年首版本发布（仪表盘大升级）	2024-01-03 13:40:44 +08:00
zhangdaiscott	dff8c84d9c	2024年首版本发布（仪表盘大升级）	2024-01-03 13:37:06 +08:00
zhangdaiscott	d962c34846	新版数据库，有新升级sql和权限授权配置	2024-01-03 13:36:01 +08:00
chenrui	da08adbea1	fix issue for springboot3 #5742 : 修改代码生成时的schema注解参数	2024-01-02 13:41:54 +08:00
chenrui	46e3e62b59	fix issue for springboot3 #5741 : shiro 无法使用 spring boot 3.X 自带的jedis，降版本处理	2024-01-02 13:31:57 +08:00
zhangdaiscott	cd9794d818	删除无用代码	2023-12-31 17:11:18 +08:00
zhangdaiscott	5034b7cf18	提供新版仪表盘	2023-12-31 15:14:04 +08:00
zhangdaiscott	fdde84c68a	代码生成器更新	2023-12-29 21:14:49 +08:00
zhangdaiscott	4c54ff6f52	Merge branch 'master' of https://github.com/zhangdaiscott/jeecg-boot	2023-12-29 19:44:16 +08:00
zhangdaiscott	de3285dc1b	通知公告	2023-12-29 19:43:12 +08:00
zhangdaiscott	7f0c035c4c	企业微信集成改造	2023-12-29 19:42:36 +08:00
zhangdaiscott	43593e8def	加权限注解	2023-12-29 19:42:24 +08:00
zhangdaiscott	48b0b608d8	租户改造	2023-12-29 19:42:13 +08:00
zhangdaiscott	69287a772b	小功能修改	2023-12-29 19:41:44 +08:00
JEECG	337d5a9489	Merge pull request #5692 from hoperunChen/fix-QQYUN-7527 fix QQYUN-7527 vue3代码生成默认带上高级查询	2023-12-26 14:35:56 +08:00
zhangdaiscott	cfeb81ee1e	Merge branch 'master' of https://github.com/zhangdaiscott/jeecg-boot.git	2023-12-26 14:08:37 +08:00
zhangdaiscott	09f92f01aa	提交online新依赖（解决online接口安全漏洞问题）	2023-12-26 14:08:20 +08:00
JEECG	6d1094936b	Merge pull request #5691 from hoperunChen/Fix-QQYUN-7583 fix QQYUN-7583 Vue3风格表单页面多选控件渲染成了下拉多选	2023-12-26 14:00:59 +08:00
JEECG	8836a2793a	Merge pull request #5690 from hoperunChen/fix-issues-#5658 fix issues #5658 树表复选框与展开按钮重叠问题	2023-12-26 13:59:52 +08:00
zhangdaiscott	c36ece8923	补充信息	2023-12-23 19:24:15 +08:00
zhangdaiscott	a82213b90c	还原错误提交	2023-12-21 15:47:28 +08:00
zhangdaiscott	98facdd2ee	Merge branch 'master' of https://github.com/zhangdaiscott/jeecg-boot.git	2023-12-21 15:45:21 +08:00
zhangdaiscott	d080b0b5ea	SpringBoot3+JDK17版本可以下载了	2023-12-21 15:36:09 +08:00
JEECG	338902ca0c	Merge pull request #5706 from hoperunChen/fix-issue-vue3-#939 fix issue vue3 #939 npm run build 失败	2023-12-21 14:59:56 +08:00
chenrui	7ae6a11cf0	fix issue vue3 #939 : modify file suffix	2023-12-21 14:31:51 +08:00
chenrui	cdbe1cb1a9	fix issue vue3 #939	2023-12-21 13:31:04 +08:00
chenrui	090f790df4	fix QQYUN-7527 vue3代码生成,默认带上高级查询	2023-12-19 11:06:05 +08:00
chenrui	82d051f388	fix QQYUN-7583 Vue3风格表单页面多选控件渲染成了下拉多选	2023-12-19 11:05:16 +08:00
chenrui	5a3631c332	fix issues #5658 树表复选框与展开按钮重叠问题	2023-12-19 11:03:18 +08:00