芝法酱躺平攻略（10）——SpringBoot+mybatisplus的鉴权设计-2

一、鉴权注解的接口与测试

在上一章中，我们介绍了两个权限注解，一个是@RequireRole，还有一个是@DataPermission。下面，我们将构想一些场景去。

1.1 场景构想

1.1.1 @RequireRole测试

• 我们可以在原先的重置用户密码，需要账号管理员
• 只有公司账号才可以创建设备

1.1.2 @DataPermission的ID_EQ

EDataPermissionType.ID_EQ是自有权限，相当于在SQL中拼XX=#userId。
公司用户只能修改自己创建设备的设备信息，同公司的其他账户不可以修改。

1.1.3 @DataPermission的DEP_ID

EDataPermissionType.DEP_CASCADE是部门权限，相当于在SQL中拼authId = #userAuthId"
公司用户，只能查看自己公司的设备

1.1.4 @DataPermission的AUTH_CASCADE

EDataPermissionType.AUTH_CASCADE是级联权限，相当于在SQL中拼depCascade like #userAuthCascade%
设备管理员，可以添加移除本部门和其子孙部门的设备

1.1.4 @DataPermission的AUTH_CASCADE_CHILDREN

EDataPermissionType.AUTH_CASCADE_CHILDREN是级联子项，相当于在SQL中拼authCascade like #userAuthCascade-%
账号管理员，只能修改其子孙部门用户的信息，不能修改同部门用户的信息，也不能修改兄弟部门的。

1.2 测试接口

1.2.1 设备接口

package indi.zhifa.recipe.bailan.busy.auth.controller.api;@Api(tags = "DeviceApi-设备接口")
@RequestMapping("/api/device")
@Slf4j
@ZfRestController
@RequiredArgsConstructor
public class DeviceApi {private final IDeviceService mDeviceService;@Operation(summary = "查看设备信息")@GetMapping("/{id}}")DeviceEntity info(@Parameter(description = "id") @PathVariable(name = "id") Long pId){return mDeviceService.info(pId);}@RequireRole(roles = "company")@Operation(summary = "创建设备信息")@PostMappingDeviceEntity create(@Parameter(description = "设备配置") @RequestBody DeviceCreateDto pDeviceCreateDto){return mDeviceService.create(pDeviceCreateDto);}@RequireRole(roles = "company")@DataPermission(permissionType = EDataPermissionType.ID_EQ,domain = AppConst.DOMAIN_ZF_MERCHANT)@Operation(summary = "修改设备信息")@PutMapping("/{id}")DeviceEntity edit(@Parameter(description = "id") @PathVariable(name = "id") Long pId,@Parameter(description = "设备配置") @RequestBody DeviceEditDto pDeviceEditDto){return mDeviceService.edit(pId,pDeviceEditDto);}@RequireRole(roles = "staff")@DataPermission(domain = "zf-mgr",permissionType = EDataPermissionType.AUTH_CASCADE)@Operation(summary = "查看分页-管理部门")@GetMapping("/page/deviceGroup")Page<DeviceEntity> pageByDeviceGroup(@Parameter(description = "当前页",required = true) @RequestParam(name = "current") int pCurrent,@Parameter(description = "页大小",required = true) @RequestParam(name = "size") int pSize,@Parameter(description = "设备码") @RequestParam(name = "code",required = false) String pCode,@Parameter(description = "设备名字") @RequestParam(name = "name",required = false) String pName,@Parameter(description = "创建者Id") @RequestParam(name = "createUserId",required = false) Long pUserId,@Parameter(description = "公司Id") @RequestParam(name = "companyAuthId",required = false) Long pCompanyAuthId){return mDeviceService.page(pCurrent,pSize,pCode,pName,pUserId,pCompanyAuthId);}@RequireRole(roles = "company")@DataPermission(domain = "zf-merchant",permissionType = EDataPermissionType.AUTH_ID)@Operation(summary = "查看分页-公司")@GetMapping("/page/company")Page<DeviceEntity> pageByCompany(@Parameter(description = "当前页",required = true) @RequestParam(name = "current") int pCurrent,@Parameter(description = "页大小",required = true) @RequestParam(name = "size") int pSize,@Parameter(description = "设备码") @RequestParam(name = "code",required = false) String pCode,@Parameter(description = "设备名字") @RequestParam(name = "name",required = false) String pName,@Parameter(description = "创建者Id") @RequestParam(name = "createUserId",required = false) Long pUserId,@Parameter(description = "公司Id") @RequestParam(name = "companyAuthId",required = false) Long pCompanyAuthId){return mDeviceService.page(pCurrent,pSize,pCode,pName,pUserId,pCompanyAuthId);}}

1.2.2 用户接口

@Api(tags = "UserApi-用户接口")
@RequestMapping("/api/user")
@Slf4j
@ZfRestController
@RequiredArgsConstructor
public class UserApi {private final IUserService mUserService;private final ITokenUtil mTokenUtil;@UnLogin@Operation(summary = "注册")@PostMapping(value = "/signin")public UserEntity signIn(@Parameter(description = "注册信息") @RequestBody SignInDto pSignInDto){UserEntity userEntity = mUserService.signIn(pSignInDto);return userEntity;}@RequireRole(roles = {"accountMgr","spAdm"})@DataPermission(domain = "zf-account", permissionType = EDataPermissionType.AUTH_CASCADE_CHILDREN)@Operation(summary = "修改信息-管理员")@PutMapping(value = "/{id}")public UserEntity edit(@Parameter(description = "用户Id") @PathVariable(name = "id") Long pId,@Parameter(description = "用户信息") @RequestBody EditUserDto pEditUserDto){UserEntity userEntity = mUserService.edit(pId,pEditUserDto);return userEntity;}@Operation(summary = "修改信息-自己")@PutMapping(value = "/self")public UserEntity editSelf(@Parameter(description = "用户信息") @RequestBody EditUserDto pEditUserDto){TokenObject tokenObject = mTokenUtil.getTokenObject();UserEntity userEntity = mUserService.edit(tokenObject.getId(),pEditUserDto);return userEntity;}@PasswordExpireAuth@Operation(summary = "修改密码")@PutMapping(value = "/passwd")public String changePasswdByUser(@Parameter(description = "密码信息") @RequestBody ChangePasswdDto pChangePasswdCfg){BaseUserEntity baseUserEntity = mUserService.changePasswdByUser(pChangePasswdCfg);return "密码修改成功";}@DataPermission(domain = "zf-account")@RequireRole(roles = {"accountMgr","spAdm"})@Operation(summary = "重置密码")@PutMapping(value = "/{id}/resetPasswd")public String changePasswdByUser(@Parameter(description = "用户Id") @PathVariable(name = "id") Long pId){BaseUserEntity baseUserEntity = mUserService.resetPasswd(pId);return "密码修改成功";}@Operation(summary = "查看信息")@GetMapping(value = "/{id}")public UserVo info(@Parameter(description = "用户Id") @PathVariable(name = "id") Long pId){UserVo userVo = mUserService.info(pId);return userVo;}@Operation(summary = "查看分页")@GetMapping(value = "/page")public Page<UserVo> page(@Parameter(description = "当前页",required = true) @RequestParam(name = "current") Integer pCurrent,@Parameter(description = "页大小",required = true) @RequestParam(name = "size") Integer pSize,@Parameter(description = "权限码") @RequestParam(name = "roleCode", required = false) String pRoleCode,@Parameter(description = "部门Id") @RequestParam(name = "depId", required = false) Long pDepId,@Parameter(description = "部门级联码") @RequestParam(name = "depCascade", required = false) String pDepCascade,@Parameter(description = "用户名") @RequestParam(name = "userName", required = false) String pUserName,@Parameter(description = "邮箱") @RequestParam(name = "email", required = false) String pEmail,@Parameter(description = "电话") @RequestParam(name = "phone", required = false) String pPhone,@Parameter(description = "昵称") @RequestParam(name = "nickName", required = false) String pNickName,@Parameter(description = "性别") @RequestParam(name = "gender", required = false) Gender pGender,@Parameter(description = "最小年龄") @RequestParam(name = "ageMin", required = false) Integer pAgeMin,@Parameter(description = "最大年龄") @RequestParam(name = "ageMax", required = false) Integer pAgeMax){Page<UserVo> pageInfo = mUserService.page(pCurrent,pSize,pRoleCode,pDepId,pDepCascade,pUserName,pEmail,pPhone,pNickName,pGender,pAgeMin,pAgeMax);return pageInfo;}@DataPermission(domain = "zf-account", permissionType = EDataPermissionType.AUTH_CASCADE_CHILDREN)@RequireRole(roles = {"accountMgr","spAdm"})@Operation(summary = "删除用户数据")@DeleteMapping(value = "/{id}")public String delete(@Parameter(description = "用户Id") @PathVariable(name = "id") Long pId){mUserService.removeUser(pId);return "删除成功";}}

1.2.3 用户权限接口

@Api(tags = "UserDepartmentApi-用户部门管理")
@RequestMapping("/api/userDep")
@Slf4j
@ZfRestController
@RequiredArgsConstructor
public class UserAuthApi {final IUserAuthService mUserAuthService;@RequireRole(roles = {"accountMgr"})@DataPermission(domain = "zf-account")@Operation(summary = "改变用户部门")@PutMapping(value = "/{userId}/domain/{domainId}")public String changeDepartment(@Parameter(description = "用户Id") @PathVariable(name = "userId") Long pUserId,@Parameter(description = "领域Id") @PathVariable(name = "domainId") Long pDomainId,@Parameter(description = "部门Id") @RequestParam(name = "depId") Long pDepartmentId){mUserAuthService.changeDepartment(pUserId,pDomainId,pDepartmentId);return "更改成功";}@RequireRole(roles = {"accountMgr"})@DataPermission(domain = "zf-account")@Operation(summary = "改变用户角色")@PutMapping(value = "/{userId}/roles/bycode")public List<RelUserRoleEntity> assignRolesWithCode(@Parameter(description = "用户Id") @PathVariable(name = "userId") Long pUserId,@Parameter(description = "角色codes") @RequestBody List<String> pRoleCodes){List<RelUserRoleEntity> relUserRoleEntityList =  mUserAuthService.assignRolesWithCode(pUserId,pRoleCodes);return relUserRoleEntityList;}@RequireRole(roles = {"accountMgr"})@DataPermission(domain = "zf-account")@Operation(summary = "改变用户角色")@PutMapping(value = "/{userId}/roles/byId")public List<RelUserRoleEntity> assignRolesWithId(@Parameter(description = "用户Id") @PathVariable(name = "userId") Long pUserId,@Parameter(description = "角色Ids") @RequestBody List<Long> pRoleIds){List<RelUserRoleEntity> relUserRoleEntityList =  mUserAuthService.assignRolesWithId(pUserId,pRoleIds);return relUserRoleEntityList;}}

1.2.4 用户部门，设备群组，公司相关

暂时没写，日后补

二、初始化数据

2.1 Excel配置

索引sheet：

设备

初始框架

初始框架-角色

初始框架-用户

初始框架-领域

初始框架-1级部门

初始框架-2级部门

初始框架-公司部门

2.2 导出json

auth_init.json

{"defaultRole" : [{"code" : "spAdm","name" : "超级管理员","description" : "超级管理员，啥都可以干"},{"code" : "guest","name" : "客人","description" : "客人可以浏览公开信息"},{"code" : "sysMgr","name" : "系统管理员","description" : "可以对系统进行设置"},{"code" : "company","name" : "公司用户","description" : "可以以公司为维度，统计管理设备，上架设备"},{"code" : "staff","name" : "部门员工","description" : "可以管理设备"},{"code" : "depMgr","name" : "部门管理员","description" : "可以修改管理部门"},{"code" : "accountMgr","name" : "账户管理员","description" : "账户管理员，可以修改删除账户"}],"defaultUser" : [{"name" : "root","password" : "root","email" : "root@163.com","phone" : "10086","nickName" : "终极管理员","description" : "终极管理员","birthday" : "1949-10-1","gender" : "MALE","roles" : ["guest","sysMgr","staff","accountMgr","spAdm"],"departments" : {"zf-mgr" : "rt","zf-account" : "rt","zf-merchant" : "rt"}},{"name" : "admin","password" : "admin","email" : "admin@163.com","phone" : "10087","nickName" : "超级管理员","description" : "超级管理员","birthday" : "1949-10-01","gender" : "MALE","roles" : ["guest","sysMgr","staff","accountMgr"],"departments" : {"zf-mgr" : "rt","zf-account" : "rt","zf-merchant" : "rt"}},{"name" : "dep_device:mgr","password" : "dep_device:mgr","email" : "dep_device:mgr@163.com","phone" : "10088","nickName" : "设备部门总管","description" : "设备部门总管","birthday" : "1949-10-01","gender" : "FEMALE","roles" : ["guest","sysMgr","staff","depMgr","accountMgr"],"departments" : {"zf-mgr" : "rt","zf-account" : "mgr"}},{"name" : "dep_A:mgr","password" : "dep_A:mgr","email" : "dep_a:mgr@163.com","phone" : "10089","nickName" : "A设备-账管","description" : "设备部门A管理员，并且是账号管理员","birthday" : "1949-10-01","gender" : "MALE","roles" : ["guest","staff","depMgr","accountMgr"],"departments" : {"zf-mgr" : "A","zf-account" : "mgr"}},{"name" : "dep_A:normal","password" : "dep_A:normal","email" : "dep_A:normal@163.com","phone" : "10090","nickName" : "A设备-部管","description" : "设备部门A管理员","birthday" : "1949-10-01","gender" : "MALE","roles" : ["guest","staff","depMgr"],"departments" : {"zf-mgr" : "A","zf-account" : "normal"}},{"name" : "dep_a1:normal","password" : "dep_a1:normal","email" : "dep_a1:normal@163.com","phone" : "10091","nickName" : "a1设备-部管","description" : "设备部门a1部门管理员","birthday" : "1949-10-01","gender" : "MALE","roles" : ["guest","staff","depMgr"],"departments" : {"zf-mgr" : "a1","zf-account" : "normal"}},{"name" : "dep_a1:staff","password" : "dep_a1:staff","email" : "dep_a1:staff@163.com","phone" : "10092","nickName" : "a1设备-员工","description" : "设备部门a1部门的员工","birthday" : "1949-10-01","gender" : "MALE","roles" : ["guest","staff"],"departments" : {"zf-mgr" : "a1","zf-account" : "normal"}},{"name" : "dep_a2:staff","password" : "dep_a2:staff","email" : "dep_a2:staff@163.com","phone" : "10093","nickName" : "a2设备-员工","description" : "设备部门a2部门的员工","birthday" : "1949-10-01","gender" : "FEMALE","roles" : ["guest","staff"],"departments" : {"zf-mgr" : "a2","zf-account" : "normal"}},{"name" : "dep_B:mgr","password" : "dep_B:mgr","email" : "dep_B:mgr@163.com","phone" : "10094","nickName" : "B设备-部管","description" : "设备部门B部门管理员","birthday" : "1949-10-01","gender" : "MALE","roles" : ["guest","staff","depMgr"],"departments" : {"zf-mgr" : "B","zf-account" : "normal"}},{"name" : "zhifajiang1","password" : "zhifajiang1","email" : "zhifajiang1@163.com","phone" : "10095","nickName" : "芝法酱1","description" : "芝法酱1","birthday" : "1949-10-01","gender" : "MALE","roles" : ["guest","company","depMgr","staff"],"departments" : {"zf-mgr" : "rt","zf-account" : "mgr","zf-merchant" : "zhifajiang"}},{"name" : "zhifajiang2","password" : "zhifajiang2","email" : "zhifajiang2@163.com","phone" : "10096","nickName" : "芝法酱2","description" : "芝法酱2","birthday" : "1949-10-01","gender" : "FEMALE","roles" : ["guest","company","depMgr"],"departments" : {"zf-account" : "mgr","zf-merchant" : "zhifajiang"}},{"name" : "xiaogong","password" : "xiaogong","email" : "xiaogong@163.com","phone" : "10097","nickName" : "霄宫","description" : "霄宫","birthday" : "1949-10-01","gender" : "FEMALE","roles" : ["guest","company"],"departments" : {"zf-account" : "mgr","zf-merchant" : "xiaogong"}},{"name" : "youla","password" : "youla","email" : "youla@163.com","phone" : "10098","nickName" : "尤菈","description" : "尤菈","birthday" : "1949-10-01","gender" : "FEMALE","roles" : ["guest","company"],"departments" : {"zf-account" : "mgr","zf-merchant" : "youla"}},{"name" : "xinhai","password" : "xinhai","email" : "xinhai@163.com","phone" : "10099","nickName" : "心海","description" : "心海","birthday" : "1949-10-01","gender" : "FEMALE","roles" : ["guest","company"],"departments" : {"zf-account" : "mgr","zf-merchant" : "xinhai"}},{"name" : "mihayou","password" : "mihayou","email" : "mihayou@163.com","phone" : "10100","nickName" : "米忽悠","description" : "米忽悠","birthday" : "1949-10-01","gender" : "FEMALE","roles" : ["guest","company"],"departments" : {"zf-account" : "mgr","zf-merchant" : "mihayou"}}],"defaultDomains" : [{"code" : "default","name" : "默认领域","description" : "默认领域"},{"code" : "zf-mgr","name" : "芝法酱设备管理组织","description" : "芝法酱设备管理组织，负责设备的管理运维","children" : [{"code" : "A","name" : "部门A","description" : "部门A","extInfo" : "设备群组A","children" : [{"code" : "a1","name" : "部门a1","description" : "部门a1","extInfo" : "设备群组a1"},{"code" : "a2","name" : "部门a2","description" : "部门a2","extInfo" : "设备群组a2"},{"code" : "a3","name" : "部门a3","description" : "部门a3","extInfo" : "设备群组a3"}]},{"code" : "B","name" : "部门B","description" : "部门B","extInfo" : "设备群组B","children" : [{"code" : "b1","name" : "部门b1","description" : "部门b1","extInfo" : "设备群组b1"}]},{"code" : "C","name" : "部门C","description" : "部门C","extInfo" : "设备群组C"}]},{"code" : "zf-account","name" : "芝法酱员工管理公司","description" : "芝法酱员工管理组织","children" : [{"code" : "mgr","name" : "普通管理员","description" : "普通管理员所在部门","children" : [{"code" : "normal","name" : "普通账户","description" : "普通账户所在部门"}]}]},{"code" : "zf-merchant","name" : "设备商所在部门","description" : "设备商所在部门跟节点","children" : [{"code" : "normal","name" : "公司部门","description" : "各公司所在部门","children" : [{"code" : "zhifajiang","name" : "芝法酱","nameWhole" : "芝法酱氪姬有爱公司","description" : "芝法酱氪姬有爱公司"},{"code" : "xiaogong","name" : "霄宫","nameWhole" : "霄宫长野原烟花分销社","description" : "霄宫长野原烟花分销社"},{"code" : "youla","name" : "尤拉","nameWhole" : "尤菈这愁我记住了雪糕集团","description" : "尤菈这愁我记住了雪糕集团"},{"code" : "xinhai","name" : "心海","nameWhole" : "心海观赏鱼精品市场","description" : "心海观赏鱼精品市场"},{"code" : "mihayou","name" : "米忽悠","nameWhole" : "米哈游天命科技有限公司","description" : "米哈游天命科技有限公司"}]}]}]
}

device.json

{"data" : [{"rowId" : 1,"code" : "A-a-d1","name" : "部门A-rt-设备1","password" : "123456","description" : "部门A-rt-设备1","depCode" : "A","companyName" : "芝法酱","createUser" : "zhifajiang1"},{"rowId" : 2,"code" : "A-a-d2","name" : "部门A-rt-设备2","password" : "123456","description" : "部门A-rt-设备2","depCode" : "A","companyName" : "霄宫","createUser" : "xiaogong"},{"rowId" : 3,"code" : "A-a-d3","name" : "部门A-rt-设备3","password" : "123456","description" : "部门A-rt-设备3","depCode" : "A","companyName" : "尤拉","createUser" : "youla"},{"rowId" : 4,"code" : "A-a1-d1","name" : "部门A-a1-设备1","password" : "123456","description" : "部门A-a1-设备1","depCode" : "a1","companyName" : "心海","createUser" : "xinhai"},{"rowId" : 5,"code" : "A-a1-d2","name" : "部门A-a1-设备2","password" : "123456","description" : "部门A-a1-设备2","depCode" : "a1","companyName" : "米忽悠","createUser" : "mihayou"},{"rowId" : 6,"code" : "A-a1-d3","name" : "部门A-a1-设备3","password" : "123456","description" : "部门A-a1-设备3","depCode" : "a1","companyName" : "芝法酱","createUser" : "zhifajiang2"},{"rowId" : 7,"code" : "A-a2-d1","name" : "部门A-a2-设备1","password" : "123456","description" : "部门A-a2-设备1","depCode" : "a2","companyName" : "霄宫","createUser" : "xiaogong"},{"rowId" : 8,"code" : "A-a2-d2","name" : "部门A-a2-设备2","password" : "123456","description" : "部门A-a2-设备2","depCode" : "a2","companyName" : "尤拉","createUser" : "youla"},{"rowId" : 9,"code" : "A-a2-d3","name" : "部门A-a2-设备3","password" : "123456","description" : "部门A-a2-设备3","depCode" : "a2","companyName" : "心海","createUser" : "xinhai"},{"rowId" : 10,"code" : "A-a3-d1","name" : "部门A-a3-设备1","password" : "123456","description" : "部门A-a3-设备1","depCode" : "a3","companyName" : "米忽悠","createUser" : "mihayou"},{"rowId" : 11,"code" : "A-a3-d2","name" : "部门A-a3-设备2","password" : "123456","description" : "部门A-a3-设备2","depCode" : "a3","companyName" : "芝法酱","createUser" : "zhifajiang1"},{"rowId" : 12,"code" : "A-a3-d3","name" : "部门A-a3-设备3","password" : "123456","description" : "部门A-a3-设备3","depCode" : "a3","companyName" : "霄宫","createUser" : "xiaogong"},{"rowId" : 13,"code" : "B-b-d1","name" : "部门B-rt-设备1","password" : "123456","description" : "部门B-rt-设备1","depCode" : "B","companyName" : "尤拉","createUser" : "youla"},{"rowId" : 14,"code" : "B-b-d2","name" : "部门B-rt-设备2","password" : "123456","description" : "部门B-rt-设备2","depCode" : "B","companyName" : "心海","createUser" : "xinhai"},{"rowId" : 15,"code" : "B-b-d3","name" : "部门B-rt-设备3","password" : "123456","description" : "部门B-rt-设备3","depCode" : "B","companyName" : "米忽悠","createUser" : "mihayou"},{"rowId" : 16,"code" : "B-b1-d1","name" : "部门B-b1-设备1","password" : "123456","description" : "部门B-b1-设备1","depCode" : "b1","companyName" : "芝法酱","createUser" : "zhifajiang2"},{"rowId" : 17,"code" : "B-b1-d2","name" : "部门B-b1-设备2","password" : "123456","description" : "部门B-b1-设备2","depCode" : "b1","companyName" : "霄宫","createUser" : "xiaogong"},{"rowId" : 18,"code" : "B-b1-d3","name" : "部门B-b1-设备3","password" : "123456","description" : "部门B-b1-设备3","depCode" : "b1","companyName" : "尤拉","createUser" : "youla"},{"rowId" : 19,"code" : "A-c-d1","name" : "部门C-rt-设备1","password" : "123456","description" : "部门C-rt-设备1","depCode" : "C","companyName" : "心海","createUser" : "xinhai"},{"rowId" : 20,"code" : "A-c-d2","name" : "部门C-rt-设备2","password" : "123456","description" : "部门C-rt-设备2","depCode" : "C","companyName" : "米忽悠","createUser" : "mihayou"},{"rowId" : 21,"code" : "A-c-d3","name" : "部门C-rt-设备3","password" : "123456","description" : "部门C-rt-设备3","depCode" : "C","companyName" : "芝法酱","createUser" : "zhifajiang1"}],"excelName" : "device.xlsx"
}

三、一些服务的实现

3.1 鉴权节点服务

3.1.1 IBaseAuthNodeService

public interface IBaseAuthNodeService {/*** 初始化部门** @param pDomainConfigs* @return*/Map<String, BaseDomainVo> init(JSONArray pDomainConfigs);/*** 领域信息** @param pId* @return*/BaseDomainEntity domainInfo(Long pId);/*** 部门信息** @param pId* @return*/BaseAuthNodeEntity info(Long pId);/*** 根据部门Id获取部门树** @param pId  部门Id* @return*/BaseDepartmentNodeVo infoTree(Long pId);/*** 根据部门Id获取信息并包含子部门信息** @param pId   部门Id* @return*/BaseDepartmentWithChildrenVo infoWithChildren(Long pId);/*** 获取所有领域** @return*/List<BaseDomainWithRootVo> listBaseDomains();/*** 创建部门** @param pParentId     父级部门Id* @param pSavingBaseAuthNodeEntity   部门实体* @return*/BaseAuthNodeEntity create(Long pParentId, BaseAuthNodeEntity pSavingBaseAuthNodeEntity);/*** 部门换根** @param pParentId     父级部门Id* @param pId           部门Id* @return*/BaseDepartmentNodeVo reRoot(Long pParentId, Long pId);/*** 删除部门** @param pId       部门Id* @return*/boolean delete(Long pId);}

3.1.2 BaseAuthNodeServiceImpl

@RequiredArgsConstructor
public abstract class BaseAuthNodeServiceImpl implements IBaseAuthNodeService {private final IBaseAuthNodeRelevantDao mDepartmentRelevantDao;@Transactional(rollbackFor = Exception.class)@Overridepublic Map<String, BaseDomainVo> init(JSONArray pDomainConfigs){//见芝法酱躺平攻略（9）}protected abstract void onInit(String pDomainCode, List<AuthNodeCfg> pAuthNodeCfgList,List<BaseAuthNodeEntity> pSavingBaseAuthNodeEntityList);@Overridepublic BaseDomainEntity domainInfo(Long pId) {return mDepartmentRelevantDao.domain_check(pId);}@Overridepublic BaseAuthNodeEntity info(Long pId) {return mDepartmentRelevantDao.authNode_check(pId);}@Overridepublic BaseDepartmentNodeVo infoTree(Long pId) {BaseAuthNodeEntity rootEntity = mDepartmentRelevantDao.authNode_check(pId);BaseDepartmentNodeVo rtn = new BaseDepartmentNodeVo(rootEntity);BaseDepartmentNodeVo curNode = rtn;Queue<BaseDepartmentNodeVo> que = new ArrayDeque<>();que.offer(curNode);while (!que.isEmpty()){curNode = que.poll();BaseAuthNodeEntity curBaseAuthNodeEntity = curNode.getDepartment();List<BaseAuthNodeEntity> children = mDepartmentRelevantDao.authNode_listByParentId(curBaseAuthNodeEntity.getId());if(!CollectionUtils.isEmpty(children)){List<BaseDepartmentNodeVo> childrenVos = curNode.getChildren();for(BaseAuthNodeEntity child : children){BaseDepartmentNodeVo baseDepartmentNodeVo = new BaseDepartmentNodeVo(child);childrenVos.add(baseDepartmentNodeVo);}for(BaseDepartmentNodeVo childVo : childrenVos){que.offer(childVo);}}}return rtn;}@Overridepublic BaseDepartmentWithChildrenVo infoWithChildren(Long pId){BaseAuthNodeEntity rootEntity = mDepartmentRelevantDao.authNode_check(pId);BaseDepartmentWithChildrenVo baseDepartmentWithChildrenVo = new BaseDepartmentWithChildrenVo(rootEntity);List<BaseAuthNodeEntity> children = mDepartmentRelevantDao.authNode_listByParentId(pId);baseDepartmentWithChildrenVo.setChildren(children);return baseDepartmentWithChildrenVo;}@Overridepublic List<BaseDomainWithRootVo> listBaseDomains(){List<BaseDomainEntity> domainEntityList = mDepartmentRelevantDao.domain_list();List<BaseDomainWithRootVo> baseDomainWithRootVoList = new ArrayList<>();for(BaseDomainEntity baseDomainEntity : domainEntityList){BaseDomainWithRootVo baseDomainWithRootVo = new BaseDomainWithRootVo();baseDomainWithRootVoList.add(baseDomainWithRootVo);Long depId = mDepartmentRelevantDao.authNode_findByDomainAndCode(baseDomainEntity.getId(),"rt");BaseAuthNodeEntity baseAuthNodeEntity = mDepartmentRelevantDao.authNode_check(depId);baseDomainWithRootVo.setDomainEntity(baseDomainEntity);baseDomainWithRootVo.setRoot(baseAuthNodeEntity);}return baseDomainWithRootVoList;}@Transactional(rollbackFor = Exception.class)@Overridepublic BaseAuthNodeEntity create(Long pParentId, BaseAuthNodeEntity pSavingBaseAuthNodeEntity) {BaseAuthNodeEntity parent = mDepartmentRelevantDao.authNode_check(pParentId);if(mDepartmentRelevantDao.authNode_exist(parent.getDomainId(), pSavingBaseAuthNodeEntity.getCode())){throw new ServiceException("领域"+ pSavingBaseAuthNodeEntity.getDomainCode()+"以存在code为"+ pSavingBaseAuthNodeEntity.getCode()+"的部门");}pSavingBaseAuthNodeEntity.setParentId(pParentId);pSavingBaseAuthNodeEntity.setParentCode(parent.getCode());pSavingBaseAuthNodeEntity.setCascade(parent.getCascade()+"-"+ pSavingBaseAuthNodeEntity.getCode());pSavingBaseAuthNodeEntity.setDomainId(parent.getDomainId());pSavingBaseAuthNodeEntity.setDomainCode(parent.getCode());mDepartmentRelevantDao.authNode_save(pSavingBaseAuthNodeEntity);return pSavingBaseAuthNodeEntity;}@Transactional(rollbackFor = Exception.class)@Overridepublic BaseDepartmentNodeVo reRoot(Long pParentId, Long pId) {BaseAuthNodeEntity editingDepartmentEntity = mDepartmentRelevantDao.authNode_check(pId);// 可行性测试List<BaseAuthNodeEntity> descendants = mDepartmentRelevantDao.authNode_listDescendants(editingDepartmentEntity.getCascade());Set<Long> descendantIdSet = descendants.stream().map(BaseAuthNodeEntity::getId).collect(Collectors.toSet());if(descendantIdSet.contains(pParentId)){throw new ServiceException("不能接到子孙节点");}BaseAuthNodeEntity parent = mDepartmentRelevantDao.authNode_check(pParentId);List<BaseAuthNodeEntity> editingDepartmentEntityList = new ArrayList<>();editingDepartmentEntity.setParentId(parent.getId());editingDepartmentEntity.setParentCode(parent.getCode());editingDepartmentEntity.setCascade(parent.getCascade()+"-"+editingDepartmentEntity.getCode());editingDepartmentEntityList.add(editingDepartmentEntity);Queue<BaseDepartmentNodeVo> queue = new ArrayDeque<>();BaseDepartmentNodeVo rtn = new BaseDepartmentNodeVo(editingDepartmentEntity);queue.offer(rtn);BaseDepartmentNodeVo current = null;while(!queue.isEmpty()){current = queue.poll();BaseAuthNodeEntity baseAuthNodeEntity = current.getDepartment();List<BaseAuthNodeEntity> children = mDepartmentRelevantDao.authNode_listByParentId(baseAuthNodeEntity.getId());List<BaseDepartmentNodeVo> childrenVo = current.getChildren();for(BaseAuthNodeEntity child : children){child.setCascade(baseAuthNodeEntity.getCascade()+"-"+child.getCode());editingDepartmentEntityList.add(child);BaseDepartmentNodeVo childVo = new BaseDepartmentNodeVo(child);childrenVo.add(childVo);queue.offer(childVo);}}for(BaseAuthNodeEntity departmentEntity : editingDepartmentEntityList){mDepartmentRelevantDao.authNode_update(departmentEntity.getId(),departmentEntity);onDepCodeChange(departmentEntity);}return rtn;}@Transactional(rollbackFor = Exception.class)@Overridepublic boolean delete(Long pId) {BaseAuthNodeEntity root = mDepartmentRelevantDao.authNode_check(pId);List<BaseAuthNodeEntity> descendants = mDepartmentRelevantDao.authNode_listDescendants(root.getCascade());for(BaseAuthNodeEntity baseAuthNodeEntity : descendants){BaseAuthNodeEntity deletedDepartmentEntity = mDepartmentRelevantDao.authNode_delete(baseAuthNodeEntity.getId());onDepDelete(deletedDepartmentEntity);}return true;}abstract protected void onDepCodeChange(BaseAuthNodeEntity pBaseAuthNodeEntity);abstract protected void onDepDelete(BaseAuthNodeEntity pBaseAuthNodeEntity);}

3.1.3 IAuthNodeService

public interface IAuthNodeService extends IBaseAuthNodeService {AuthNodeEntity create(Long pParentId, DepartmentCreateDto pDepartmentCreateDto);AuthNodeEntity edit(Long pId, DepartmentEditDto pDepartmentEditDto);}

3.1.4 AuthNodeServiceImpl

@Slf4j
@Component
public class AuthNodeServiceImpl extends BaseAuthNodeServiceImpl implements IAuthNodeService {private final IAuthNodeDbService mDepartmentDbService;private final ICompanyDbService mCompanyDbService;private final IDeviceGroupDbService mDeviceGroupDbService;private final IDeptDbService mDeptDbService;public AuthNodeServiceImpl(IBaseAuthNodeRelevantDao pDepartmentRelevantDao,IAuthNodeDbService mDepartmentDbService,ICompanyDbService pCompanyDbService,IDeviceGroupDbService pDeviceGroupDbService,IDeptDbService pDeptDbService){super(pDepartmentRelevantDao);this.mDepartmentDbService = mDepartmentDbService;mCompanyDbService = pCompanyDbService;mDeviceGroupDbService = pDeviceGroupDbService;mDeptDbService = pDeptDbService;}@Overrideprotected void onInit(String pDomain, List<AuthNodeCfg> pAuthNodeCfgList, List<BaseAuthNodeEntity> pSavingBaseAuthNodeEntityList) {assert(pAuthNodeCfgList.size() == pSavingBaseAuthNodeEntityList.size());List<DeviceGroupEntity> deviceGroupEntityList = new ArrayList<>();List<CompanyEntity> companyEntityList = new ArrayList<>();List<DeptEntity> deptEntityList = new ArrayList<>();for(int i=0;i<pAuthNodeCfgList.size();i++){AuthNodeCfg authNodeCfg = pAuthNodeCfgList.get(i);if("rt".equals(authNodeCfg.getCode())){continue;}BaseAuthNodeEntity baseAuthNodeEntity = pSavingBaseAuthNodeEntityList.get(i);JSONObject jsonObject = authNodeCfg.getCfg();switch (pDomain){case "zf-mgr":DeviceGroupEntity deviceGroupEntity = DbDtoEntityUtil.createFromDto(jsonObject,DeviceGroupEntity.class);deviceGroupEntity.setAuthId(baseAuthNodeEntity.getId());deviceGroupEntityList.add(deviceGroupEntity);break;case "zf-merchant":CompanyEntity companyEntity = DbDtoEntityUtil.createFromDto(jsonObject,CompanyEntity.class);companyEntity.setAuthId(baseAuthNodeEntity.getId());companyEntityList.add(companyEntity);break;case "zf-account":DeptEntity deptEntity = DbDtoEntityUtil.createFromDto(jsonObject,DeptEntity.class);deptEntity.setAuthId(baseAuthNodeEntity.getId());deptEntityList.add(deptEntity);break;}}mDeviceGroupDbService.saveBatch(deviceGroupEntityList);mCompanyDbService.saveBatch(companyEntityList);mDeptDbService.saveBatch(deptEntityList);}@Overrideprotected void onDepCodeChange(BaseAuthNodeEntity pBaseAuthNodeEntity) {}@Overrideprotected void onDepDelete(BaseAuthNodeEntity pBaseAuthNodeEntity) {mDeviceGroupDbService.deleteByAuthId(pBaseAuthNodeEntity.getId());mCompanyDbService.deleteById(pBaseAuthNodeEntity.getId());mDeptDbService.deleteByAuthId(pBaseAuthNodeEntity.getId());}@Overridepublic AuthNodeEntity create(Long pParentId, DepartmentCreateDto pDepartmentCreateDto) {AuthNodeEntity authNodeEntity = DbDtoEntityUtil.createFromDto(pDepartmentCreateDto, AuthNodeEntity.class);return (AuthNodeEntity)super.create(pParentId, authNodeEntity);}@Overridepublic AuthNodeEntity edit(Long pId, DepartmentEditDto pDepartmentEditDto) {AuthNodeEntity orgAuthNodeEntity = mDepartmentDbService.check(pId);AuthNodeEntity newAuthNodeEntity = DbDtoEntityUtil.editByDto(orgAuthNodeEntity,pDepartmentEditDto, AuthNodeEntity.class);newAuthNodeEntity = mDepartmentDbService.updatePull(newAuthNodeEntity.getId(), newAuthNodeEntity);return newAuthNodeEntity;}}

3.2 设备服务

3.2.1 IDeviceService

public interface IDeviceService {void init();List<DeviceEntity> list();DeviceEntity info(Long pId);DeviceEntity create(DeviceCreateDto pDeviceCreateDto);DeviceEntity edit(Long pId, DeviceEditDto pDeviceEditDto);Page<DeviceEntity> page(int pCurrent,int pSize,String pCode,String pName,Long pCreateUserId, Long pCompanyAuthId);
}

3.2.2 DeviceServiceImpl

@RequiredArgsConstructor
@Slf4j
@ZfFacade(name = "设备")
public class DeviceServiceImpl implements IDeviceService {private final IDeviceDbService mDeviceDbService;private final IAuthNodeRelevantDao mDepartmentRelevantDao;private final ICompanyDbService mCompanyDbService;private final IUserDbService mUserDbService;private final ITokenUtil mTokenUtil;@Transactional(rollbackFor = Exception.class)@Overridepublic void init() {// 见芝法酱躺平攻略（9）}@Overridepublic List<DeviceEntity> list() {return mDeviceDbService.list();}@Overridepublic DeviceEntity info(Long pId) {return mDeviceDbService.check(pId);}@Overridepublic DeviceEntity create(DeviceCreateDto pDeviceCreateDto) {DeviceEntity deviceEntity = DbDtoEntityUtil.createFromDto(pDeviceCreateDto,DeviceEntity.class);TokenObject tokenObject = mTokenUtil.getTokenObject();Map<String, TokenAuthNodeDto> authNodeDtoMap = tokenObject.getAuthNodeInfo();TokenAuthNodeDto tokenAuthNodeDto = authNodeDtoMap.get(AppConst.DOMAIN_ZF_MERCHANT);Long authId = tokenAuthNodeDto.getAuthId();deviceEntity.setCompanyAuthId(authId);CompanyEntity companyEntity = mCompanyDbService.findByAuthId(authId);if(null == companyEntity){throw new ServiceException("用户鉴权数据错误，没有找到authId为"+authId+"的公司");}deviceEntity.setCompanyName(companyEntity.getName());deviceEntity.setGroupAuthId(-1L);deviceEntity.setGroupAuthCascade("null");mDeviceDbService.save(deviceEntity);return deviceEntity;}@Overridepublic DeviceEntity edit(Long pId, DeviceEditDto pDeviceEditDto) {DeviceEntity orgEntity = mDeviceDbService.check(pId);DeviceEntity newEntity = DbDtoEntityUtil.editByDto(orgEntity,pDeviceEditDto,DeviceEntity.class);mDeviceDbService.updatePull(pId,newEntity);return newEntity;}@Overridepublic Page<DeviceEntity> page(int pCurrent, int pSize, String pCode, String pName,Long pCreateUserId, Long pCompanyAuthId) {Page<DeviceEntity> pageCfg = new Page<DeviceEntity>(pCurrent,pSize);LambdaQueryWrapper<DeviceEntity> queryWrapper = Wrappers.<DeviceEntity>lambdaQuery().eq(StringUtils.hasText(pCode),DeviceEntity::getCode,pCode).eq(null!=pCreateUserId,DeviceEntity::getCreateBy,pCreateUserId).eq(null!=pCompanyAuthId,DeviceEntity::getCompanyName,pCompanyAuthId).like(StringUtils.hasText(pName),DeviceEntity::getName,pName);return mDeviceDbService.page(pageCfg,queryWrapper);}DeviceEntity findByCode(String pCode){Long id = mDeviceDbService.findByCode(pCode);if(null != id){return mDeviceDbService.check(id);}return null;}}

3.3 用户权限服务

3.3.1 IBaseUserAuthService

public interface IBaseUserAuthService {/***  更改用户部门** @param pUserId           用户Id* @param pDomainId         领域Id* @param pDepartmentId     部门Id*/void changeDepartment(Long pUserId, Long pDomainId, Long pDepartmentId);/*** 分配用户角色-使用角色码** @param pUserId       用户Id* @param pRoleCodes    角色码数组* @return*/List<BaseRelUserRoleEntity> baseAssignRolesWithCode(Long pUserId, List<String> pRoleCodes);/*** 分配用户角色-使用角色Id** @param pUserId       用户Id* @param pRoleIds      角色Id* @return*/List<BaseRelUserRoleEntity> baseAssignRolesWithId(Long pUserId, List<Long> pRoleIds);
}

3.3.2 BaseUserAuthServiceImpl

@RequiredArgsConstructor
public abstract class BaseUserAuthServiceImpl implements IBaseUserAuthService {private final IBaseAuthNodeRelevantDao mDepartmentRelevantDao;private final IBaseUserRelevantDao mUserRelevantDao;@Transactional(rollbackFor = Exception.class)@Overridepublic void changeDepartment(Long pUserId, Long pDomainId, Long pDepartmentId) {List<BaseRelUserAuthEntity> baseRelUserAuthEntityList = mDepartmentRelevantDao.relUserAuth_listByUserId(pUserId);BaseAuthNodeEntity baseAuthNodeEntity = null;if(null != pDepartmentId){baseAuthNodeEntity = mDepartmentRelevantDao.authNode_check(pDepartmentId);}Map<Long, BaseRelUserAuthEntity> baseRelUserDepEntityMapByDomain = baseRelUserAuthEntityList.stream().collect(Collectors.toMap(BaseRelUserAuthEntity::getDomainId, baseRelUserDepEntity -> baseRelUserDepEntity));if(baseRelUserDepEntityMapByDomain.containsKey(pDomainId)){BaseRelUserAuthEntity curRelUserDep = baseRelUserDepEntityMapByDomain.get(pDomainId);if(null == pDepartmentId){baseRelUserDepEntityMapByDomain.remove(pDomainId);}else{curRelUserDep.setAuthId(baseAuthNodeEntity.getId());curRelUserDep.setAuthCode(baseAuthNodeEntity.getCode());curRelUserDep.setAuthCascade(baseAuthNodeEntity.getCascade());}}mDepartmentRelevantDao.relUserAuth_deleteByUserId(pUserId);List<BaseRelUserAuthEntity> savingRelUserDepEntityList = new ArrayList<>(baseRelUserDepEntityMapByDomain.values());mDepartmentRelevantDao.relUserAuth_saveBatch(pUserId,savingRelUserDepEntityList);}@Overridepublic List<BaseRelUserRoleEntity> baseAssignRolesWithCode(Long pUserId, List<String> pRoleCodes) {BaseUserEntity userEntity = mUserRelevantDao.user_check(pUserId);List<BaseRelUserRoleEntity> baseRelUserRoleEntityList = mUserRelevantDao.relUserRole_listByUserId(pUserId);Map<String,BaseRelUserRoleEntity> baseRelUserRoleEntityMap = baseRelUserRoleEntityList.stream().collect(Collectors.toMap(BaseRelUserRoleEntity::getRoleCode,baseRelUserRoleEntity -> baseRelUserRoleEntity));List<BaseRelUserRoleEntity> editingRelUserRoleEntityList = new ArrayList<>();for(String roleCode : pRoleCodes){BaseRoleEntity roleEntity = mUserRelevantDao.role_check(roleCode);if(baseRelUserRoleEntityMap.containsKey(roleCode)){editingRelUserRoleEntityList.add(baseRelUserRoleEntityMap.get(roleCode));}else{BaseRelUserRoleEntity newRole = mUserRelevantDao.relUserRole_generate();newRole.createInit();newRole.setUserId(pUserId);newRole.setUserName(userEntity.getName());newRole.setRoleId(roleEntity.getId());newRole.setRoleCode(roleEntity.getCode());editingRelUserRoleEntityList.add(newRole);}}mUserRelevantDao.relUserRole_updateRoles(pUserId,editingRelUserRoleEntityList);return editingRelUserRoleEntityList;}@Overridepublic List<BaseRelUserRoleEntity> baseAssignRolesWithId(Long pUserId, List<Long> pRoleIds) {BaseUserEntity userEntity = mUserRelevantDao.user_check(pUserId);List<BaseRelUserRoleEntity> baseRelUserRoleEntityList = mUserRelevantDao.relUserRole_listByUserId(pUserId);Map<Long,BaseRelUserRoleEntity> baseRelUserRoleEntityMap = baseRelUserRoleEntityList.stream().collect(Collectors.toMap(BaseRelUserRoleEntity::getRoleId,baseRelUserRoleEntity -> baseRelUserRoleEntity));List<BaseRelUserRoleEntity> editingRelUserRoleEntityList = new ArrayList<>();for(Long roleId : pRoleIds){BaseRoleEntity roleEntity = mUserRelevantDao.role_check(roleId);if(baseRelUserRoleEntityMap.containsKey(roleId)){editingRelUserRoleEntityList.add(baseRelUserRoleEntityMap.get(roleId));}else{BaseRelUserRoleEntity newRole = mUserRelevantDao.relUserRole_generate();newRole.createInit();newRole.setUserId(pUserId);newRole.setUserName(userEntity.getName());newRole.setRoleId(roleEntity.getId());newRole.setRoleCode(roleEntity.getCode());editingRelUserRoleEntityList.add(newRole);}}mUserRelevantDao.relUserRole_updateRoles(pUserId,editingRelUserRoleEntityList);return editingRelUserRoleEntityList;}}

3.3.3 IUserAuthService

public interface IUserAuthService extends IBaseUserAuthService {List<RelUserRoleEntity> assignRolesWithCode(Long pUserId, List<String> pRoleCodes);List<RelUserRoleEntity> assignRolesWithId(Long pUserId, List<Long> pRoleIds);
}

3.3.4 UserAuthServiceImpl

@Service
public class UserAuthServiceImpl extends BaseUserAuthServiceImpl implements IUserAuthService {public UserAuthServiceImpl(IAuthNodeRelevantDao pDepartmentRelevantDao,IUserRelevantDao pUserRelevantDao){super(pDepartmentRelevantDao,pUserRelevantDao);}@Overridepublic List<RelUserRoleEntity> assignRolesWithCode(Long pUserId, List<String> pRoleCodes) {List<BaseRelUserRoleEntity> baseRelUserRoleEntityList = super.baseAssignRolesWithCode(pUserId,pRoleCodes);List<RelUserRoleEntity> rtn = baseRelUserRoleEntityList.stream().map(baseRelUserRoleEntity -> (RelUserRoleEntity)baseRelUserRoleEntity).collect(Collectors.toList());return rtn;}@Overridepublic List<RelUserRoleEntity> assignRolesWithId(Long pUserId, List<Long> pRoleIds) {List<BaseRelUserRoleEntity> baseRelUserRoleEntityList = super.baseAssignRolesWithId(pUserId,pRoleIds);List<RelUserRoleEntity> rtn = baseRelUserRoleEntityList.stream().map(baseRelUserRoleEntity -> (RelUserRoleEntity)baseRelUserRoleEntity).collect(Collectors.toList());return rtn;}}

四、程序配置

spring:application:name: bailan4-device-mgrdatasource:#数据库配置driver-class-name: com.p6spy.engine.spy.P6SpyDriverurl: jdbc:p6spy:mysql://localhost:3306/auth-test?useUnicode=true&characterEncoding=utf-8username: apppassword: ILv0404@1314hikari:# 连接池最大连接数，默认是10maximum-pool-size: 100# 最小空闲链接minimum-idle: 5# 空闲连接存活最大时间，默认 600000（10分钟）idle-timeout: 600000# 数据库连接超时时间,默认30秒，即30000connection-timeout: 30000# 此属性控制池中连接的最长生命周期，值0表示无限生命周期，默认1800000即30分钟;正在使用的连接永远不会退休，只有在关闭后才会被删除。max-lifetime: 1800000# 此属性控制从池返回的连接的默认自动提交行为,默认值：trueauto-commit: truepool-name: Hikariredis:host: localhostport: 6379password: ilv0404@1314# 连接超时时间（记得添加单位，Duration）timeout: 10000mslettuce:shutdown-timeout: 100 # 关闭超时时间pool:max-active: 8 # 连接池最大连接数（使用负值表示没有限制）max-idle: 8 # 连接池中的最大空闲连接max-wait: -1 # 连接池最大阻塞等待时间（使用负值表示没有限制）min-idle: 0 # 连接池中的最小空闲连接
swagger:enable: truegroup-name: "鉴权+设备管理"api-package: indi.zhifa.recipe.bailan.framework.enums.controller.api;indi.zhifa.recipe.bailan.busy.auth.controller.api;indi.zhifa.recipe.bailan.framework.controller.apiapi-regex: "/api/**"title: "鉴权+设备管理"description: "鉴权+设备管理"version: "1.0.0"name: "芝法酱"email: "hataksumo@163.com"url: "https://github.com/hataksumo"enum-memo:enum-packages:- indi.zhifa.recipe.bailan.busy.auth.entity.enumsmybatis-plus:type-enums-package: indi.zhifa.recipe.bailan.busy.auth.entity.enumssecurity:token:request-key: "token"jwt-config:secret: "guess@0404"duration: 120prefix: "bearer:"client-token-key: "auth"passwd:strength: 4default-passwd: jihaChyann@kawaiiexpire-day: 365encrypt: falseuser-config:default-departments:- domain: "zf-mgr"dep-code: "a1"- domain: "zf-account"dep-code: "normal"default-role:- guest
redis:cache-expire: 120

五、后记

由于本章内容篇幅较大，小编时间有限，很多东西尚未细致总结讲解。
在日后本章（躺平攻略9、10）内容会不断扩充.
后面会填一下使用注解校验参数和登陆注册加密解密的坑。

六、重构

之前把所有代码放到了一个包里，使用起来很不方便。故做如下重构

6.1 模块划分

把原先的framework-auth划分成4个子模块，分别是framework-auth-client、framework-auth-client-default、framework-auth-user、framework-auth-user-default。
framework-auth-client是基础需要接入鉴权的服务的依赖，只包含IBaseTokenUtil和IZfEncryptUtil相关功能。
framework-auth-client-default是framework-auth-client的一个默认实现，业务服务可以直接接入这个模块，但却定死了TokenObject，无法自己拓展。
framework-auth-user是用户服务的依赖，包括用户、角色等的实现，但都是抽象的基类，如果想使用，需要写很多实现代码，但比较灵活，可以添加特色的字段和实现逻辑。
framework-auth-user-default，是framework-auth-user的实现，用户服务器简单开发的话可以直接引入这个模块。

6.2 framework-auth-client

6.3 framework-auth-client-default

6.4 framework-auth-user

6.6 framework-auth-user-default