登录和权限处理，页面优化

zyplayer-doc-data/src/main/java/com/zyplayer/doc/data/config/DocLoginOriginInterceptor.java

@@ -0,0 +1,91 @@
+package com.zyplayer.doc.data.config;
+
+import com.zyplayer.doc.core.json.HttpConst;
+import com.zyplayer.doc.data.config.security.DocUserUtil;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Component;
+import org.springframework.web.servlet.HandlerInterceptor;
+import org.springframework.web.servlet.ModelAndView;
+
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ * 登录和跨域拦截器
+ * @author 暮光：城中城
+ * @since 2019年05月25日
+ */
+@Component
+public class DocLoginOriginInterceptor implements HandlerInterceptor {
+	
+	@Value("${zyplayer.doc.manage.originDomainRegex:''}")
+	private String originDomainRegex;
+	
+	@Override
+	public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object arg2, Exception arg3) {
+		// 清理用户信息
+		DocUserUtil.clean();
+	}
+	
+	@Override
+	public void postHandle(HttpServletRequest request, HttpServletResponse response, Object haddler, ModelAndView modelAndView) {
+	}
+	
+	/**
+	 * 记录请求信息
+	 */
+	@Override
+	public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object obj) {
+		// 指定域名可跨域访问
+		if (StringUtils.isNotBlank(originDomainRegex)) {
+			String origin = request.getHeader("Origin");
+			if (StringUtils.isNotBlank(origin) && origin.toLowerCase().matches(originDomainRegex)) {
+				response.setHeader("Access-Control-Allow-Origin", origin); // 允许访问的域
+				response.setHeader("Access-Control-Allow-Methods", "HEAD,GET,POST,PUT,DELETE");// 允许GET、POST的外域请求
+				response.setHeader("Access-Control-Allow-Credentials", "true"); // 允许请求带cookie到服务器
+				response.setContentType("application/json; charset=utf-8"); // 设定JSON格式标准输出、及编码
+			}
+		}
+		// 清理用户信息
+		DocUserUtil.clean();
+		// 设置token
+		String accessToken = getCookieValueByRequest(request, HttpConst.ACCESS_TOKEN);
+		DocUserUtil.setAccessToken(accessToken);
+		return true;
+	}
+	
+	/**
+	 * 获取cookie
+	 *
+	 * @param request
+	 * @param name
+	 * @return
+	 */
+	public static Cookie getCookieByRequest(HttpServletRequest request, String name) {
+		if (StringUtils.isEmpty(name)) {
+			return null;
+		}
+		Cookie[] cookies = request.getCookies();
+		for (int i = 0; (cookies != null) && (i < cookies.length); i++) {
+			Cookie cookie = cookies[i];
+			if (name.equals(cookie.getName())) {
+				return cookie;
+			}
+		}
+		return null;
+	}
+	
+	/**
+	 * 获取cookie值
+	 *
+	 * @param request
+	 * @param name
+	 * @return
+	 */
+	public static String getCookieValueByRequest(HttpServletRequest request, String name) {
+		Cookie cookie = getCookieByRequest(request, name);
+		return cookie == null ? null : cookie.getValue();
+	}
+}

zyplayer-doc-data/src/main/java/com/zyplayer/doc/data/config/security/DocUserUtil.java

@@ -10,22 +10,6 @@ import com.zyplayer.doc.data.utils.CacheUtil;
 public class DocUserUtil {
 	private static ThreadLocal<DocUserDetails> DOC_USER_DETAILS = new ThreadLocal<>();
 	private static ThreadLocal<String> ACCESS_TOKEN = new ThreadLocal<>();
-
-//
-//	/**
-//	 * 获取当前用户
-//	 * @return 用户信息
-//	 */
-//	public static DocUserDetails getCurrentUser() {
-//		Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
-//		if (authentication != null) {
-//			Object principal = authentication.getPrincipal();
-//			if (principal instanceof DocUserDetails) {
-//				return (DocUserDetails) principal;
-//			}
-//		}
-//		return null;
-//	}
 	
 	public static void setAccessToken(String accessToken) {
 		DocUserUtil.ACCESS_TOKEN.set(accessToken);

zyplayer-doc-data/src/main/java/com/zyplayer/doc/data/utils/CacheUtil.java

@@ -1,5 +1,7 @@
 package com.zyplayer.doc.data.utils;
 
+import org.apache.commons.lang3.StringUtils;
+
 import java.util.Map;
 import java.util.Timer;
 import java.util.TimerTask;
@@ -7,6 +9,7 @@ import java.util.concurrent.ConcurrentHashMap;
 
 /**
  * 缓存工具类
+ *
  * @author 暮光：城中城
  * @since 2019年05月25日
  */
@@ -38,16 +41,25 @@ public class CacheUtil {
 	}
 	
 	public static void put(String key, Object value, Long second) {
+		if (StringUtils.isBlank(key) || value == null) {
+			return;
+		}
 		cacheMap.put(key, value);
 		cacheTimeMap.put(key, new CacheTime(second));
 	}
 	
 	public static void remove(String key) {
+		if (StringUtils.isBlank(key)) {
+			return;
+		}
 		cacheMap.remove(key);
 		cacheTimeMap.remove(key);
 	}
 	
 	public static <T> T get(String key) {
+		if (StringUtils.isBlank(key)) {
+			return null;
+		}
 		CacheTime cacheTime = cacheTimeMap.get(key);
 		if (cacheTime != null) {
 			cacheTime.setLastVisitTime(System.currentTimeMillis());

zyplayer-doc-manage/src/main/java/com/zyplayer/doc/manage/framework/config/WebMvcConfig.java

@@ -3,8 +3,8 @@ package com.zyplayer.doc.manage.framework.config;
 import com.alibaba.fastjson.serializer.SerializerFeature;
 import com.alibaba.fastjson.support.config.FastJsonConfig;
 import com.alibaba.fastjson.support.spring.FastJsonHttpMessageConverter;
+import com.zyplayer.doc.data.config.DocLoginOriginInterceptor;
 import com.zyplayer.doc.manage.framework.interceptor.RequestInfoInterceptor;
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.format.FormatterRegistry;
@@ -15,6 +15,7 @@ import org.springframework.stereotype.Component;
 import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 
+import javax.annotation.Resource;
 import java.nio.charset.Charset;
 import java.text.SimpleDateFormat;
 import java.util.ArrayList;
@@ -24,8 +25,10 @@ import java.util.List;
 @Configuration
 public class WebMvcConfig implements WebMvcConfigurer {
 
-	@Autowired
+	@Resource
 	RequestInfoInterceptor requestInfoInterceptor;
+	@Resource
+	DocLoginOriginInterceptor docLoginOriginInterceptor;
 
 	@Override
 	public void addFormatters(FormatterRegistry registry) {
@@ -56,6 +59,7 @@ public class WebMvcConfig implements WebMvcConfigurer {
 
 	@Override
 	public void addInterceptors(InterceptorRegistry registry) {
+		registry.addInterceptor(docLoginOriginInterceptor);
 		registry.addInterceptor(requestInfoInterceptor).excludePathPatterns("/**/*.js", "/**/*.css", "/**/*.png",
 				"/**/*.gif", "/**/*.jpg", "/**/*.jpeg", "/**/fonts/*");
 	}

zyplayer-doc-manage/src/main/java/com/zyplayer/doc/manage/framework/config/security/CustomizeAuthenticationSuccessHandler.java

@@ -1,57 +0,0 @@
-//package com.zyplayer.doc.manage.framework.config.security;
-//
-//import com.alibaba.fastjson.JSONObject;
-//import com.zyplayer.doc.core.json.DocResponseJson;
-//import org.slf4j.Logger;
-//import org.slf4j.LoggerFactory;
-//import org.springframework.security.core.Authentication;
-//import org.springframework.security.core.context.SecurityContext;
-//import org.springframework.security.core.context.SecurityContextHolder;
-//import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
-//import org.springframework.security.web.authentication.WebAuthenticationDetails;
-//import org.springframework.stereotype.Component;
-//
-//import javax.servlet.ServletException;
-//import javax.servlet.http.HttpServletRequest;
-//import javax.servlet.http.HttpServletResponse;
-//import java.io.IOException;
-//import java.io.PrintWriter;
-//import java.util.HashMap;
-//import java.util.Map;
-//
-//@Component
-//public class CustomizeAuthenticationSuccessHandler implements AuthenticationSuccessHandler {
-//	private static Logger logger = LoggerFactory.getLogger(CustomizeAuthenticationSuccessHandler.class);
-//
-//	@Override
-//	public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
-//
-//		logger.info("AT onAuthenticationSuccess(...) function!");
-//
-//		WebAuthenticationDetails details = (WebAuthenticationDetails) SecurityContextHolder.getContext().getAuthentication().getDetails();
-//		logger.info("login--IP:" + details.getRemoteAddress());
-//
-//		SecurityContext context = SecurityContextHolder.getContext();
-//		Authentication authentication1 = context.getAuthentication();
-//		Object principal = authentication1.getPrincipal();
-//		Object principal1 = authentication.getPrincipal();
-//
-//		String name = authentication.getName();
-//		logger.info("login--name:" + name + " principal:" + principal + " principal1:" + principal1);
-//
-//		PrintWriter out = null;
-//		try {
-//			out = response.getWriter();
-//			Map<String, Object> map = new HashMap<>();
-//			map.put("user", principal);
-//			map.put("name", name);
-//			out.append(JSONObject.toJSONString(DocResponseJson.ok(map)));
-//		} catch (IOException e) {
-//			e.printStackTrace();
-//		} finally {
-//			if (out != null) {
-//				out.close();
-//			}
-//		}
-//	}
-//}

zyplayer-doc-manage/src/main/java/com/zyplayer/doc/manage/framework/config/security/DocAuthenticationSuccessHandler.java

@@ -1,46 +0,0 @@
-//package com.zyplayer.doc.manage.framework.config.security;
-//
-//import java.io.IOException;
-//import java.util.HashMap;
-//import java.util.Map;
-//
-//import javax.servlet.ServletException;
-//import javax.servlet.http.HttpServletRequest;
-//import javax.servlet.http.HttpServletResponse;
-//
-//import org.slf4j.Logger;
-//import org.slf4j.LoggerFactory;
-//import org.springframework.security.core.Authentication;
-//import org.springframework.security.web.DefaultRedirectStrategy;
-//import org.springframework.security.web.RedirectStrategy;
-//import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
-//import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
-//import org.springframework.security.web.savedrequest.RequestCache;
-//import org.springframework.security.web.savedrequest.SavedRequest;
-//
-//import com.alibaba.fastjson.JSON;
-//
-//public class DocAuthenticationSuccessHandler implements AuthenticationSuccessHandler {
-//
-//	private static Logger logger = LoggerFactory.getLogger(DocAuthenticationSuccessHandler.class);
-//
-//	private RequestCache requestCache = new HttpSessionRequestCache();
-//	private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();
-//
-//	@Override
-//	public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
-//		SavedRequest savedRequest = requestCache.getRequest(request, response);
-//		String targetUrl = savedRequest.getRedirectUrl();
-//		boolean isAjax = "XMLHttpRequest".equals(request.getHeader("X-Requested-With"));
-//		if (isAjax) {
-//			Map<String, Object> result = new HashMap<String, Object>();
-//			result.put("url", targetUrl);
-//			response.getWriter().print(JSON.toJSONString(result));
-//			response.getWriter().flush();
-//		} else {
-//			redirectStrategy.sendRedirect(request, response, targetUrl);
-//		}
-//		logger.info("Redirecting to DefaultSavedRequest Url: " + targetUrl);
-//	}
-//
-//}

zyplayer-doc-manage/src/main/java/com/zyplayer/doc/manage/framework/config/security/DocDetailsServiceImpl.java

@@ -1,58 +0,0 @@
-//package com.zyplayer.doc.manage.framework.config.security;
-//
-//import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
-//import com.zyplayer.doc.data.config.security.DocUserDetails;
-//import com.zyplayer.doc.data.repository.manage.entity.AuthInfo;
-//import com.zyplayer.doc.data.repository.manage.entity.UserAuth;
-//import com.zyplayer.doc.data.repository.manage.entity.UserInfo;
-//import com.zyplayer.doc.data.service.manage.AuthInfoService;
-//import com.zyplayer.doc.data.service.manage.UserAuthService;
-//import com.zyplayer.doc.data.service.manage.UserInfoService;
-//import org.springframework.beans.factory.annotation.Autowired;
-//import org.springframework.security.core.GrantedAuthority;
-//import org.springframework.security.core.authority.SimpleGrantedAuthority;
-//import org.springframework.security.core.userdetails.UserDetails;
-//import org.springframework.security.core.userdetails.UserDetailsService;
-//import org.springframework.security.core.userdetails.UsernameNotFoundException;
-//import org.springframework.stereotype.Service;
-//
-//import java.util.ArrayList;
-//import java.util.Collection;
-//import java.util.List;
-//import java.util.stream.Collectors;
-//
-//@Service
-//public class DocDetailsServiceImpl implements UserDetailsService {
-//
-//	@Autowired
-//	private UserInfoService userInfoService;
-//	@Autowired
-//	private UserAuthService userAuthService;
-//	@Autowired
-//	private AuthInfoService authInfoService;
-//
-//	@Override
-//	public UserDetails loadUserByUsername(String userNo) throws UsernameNotFoundException {
-//		QueryWrapper<UserInfo> queryWrapper = new QueryWrapper<>();
-//		queryWrapper.eq("user_no", userNo);
-//		UserInfo userInfo = userInfoService.getOne(queryWrapper);
-//		if (userInfo == null) {
-//			throw new UsernameNotFoundException("用户名'" + userNo + "'没有找到！");
-//		}
-//		QueryWrapper<UserAuth> authWrapper = new QueryWrapper<>();
-//		authWrapper.eq("user_id", userInfo.getId()).eq("del_flag", "0");
-//		List<UserAuth> userAuthList = userAuthService.list(authWrapper);
-//		List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
-//		if (userAuthList != null && userAuthList.size() > 0) {
-//			List<Long> authIdList = userAuthList.stream().map(UserAuth::getAuthId).collect(Collectors.toList());
-//			Collection<AuthInfo> authInfoList = authInfoService.listByIds(authIdList);
-//			authInfoList.forEach(val -> {
-//				authorities.add(new SimpleGrantedAuthority(val.getAuthName()));
-//			});
-//		}
-//		//String pwdMd5 = DigestUtils.md5DigestAsHex(userInfo.getPassword().getBytes());
-//		DocUserDetails userDetails = new DocUserDetails(userInfo.getId(), userInfo.getUserName(), userInfo.getPassword(), true, authorities);
-//		return userDetails;
-//	}
-//
-//}

zyplayer-doc-manage/src/main/java/com/zyplayer/doc/manage/framework/config/security/DocUserFilter.java

@@ -1,53 +0,0 @@
-//package com.zyplayer.doc.manage.framework.config.security;
-//
-//import java.io.IOException;
-//
-//import javax.servlet.Filter;
-//import javax.servlet.FilterChain;
-//import javax.servlet.FilterConfig;
-//import javax.servlet.ServletException;
-//import javax.servlet.ServletRequest;
-//import javax.servlet.ServletResponse;
-//import javax.servlet.http.Cookie;
-//import javax.servlet.http.HttpServletRequest;
-//import javax.servlet.http.HttpServletResponse;
-//
-//import org.springframework.context.annotation.Configuration;
-//
-//@Configuration
-//public class DocUserFilter implements Filter{
-//
-//	@Override
-//	public void init(FilterConfig filterConfig) throws ServletException {
-//	}
-//
-//	@Override
-//	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
-//		HttpServletRequest httpRequest = (HttpServletRequest) request;
-//		Cookie[] cookies = httpRequest.getCookies();
-//		boolean haveCtx = false;
-//		Object ctxObj = httpRequest.getServletContext().getAttribute("ctx");
-//		String ctxStr = String.valueOf(ctxObj);
-//		if (cookies != null && cookies.length > 0) {
-//			for (Cookie cookie : cookies) {
-//				if ("ctx".equals(cookie.getName()) && ctxStr.equals(cookie.getValue())) {
-//					haveCtx = true;
-//					break;
-//				}
-//			}
-//		}
-//		if (!haveCtx) {
-//			// 前后端分离的，前段拿不到项目名，直接写/是不对的，只有后端放到cookie里给前端
-//			HttpServletResponse httpResponse = (HttpServletResponse) response;
-//			Cookie cookieAdd = new Cookie("ctx", ctxStr);
-//			cookieAdd.setPath("/");
-//			httpResponse.addCookie(cookieAdd);
-//		}
-//		chain.doFilter(httpRequest, response);
-//	}
-//
-//	@Override
-//	public void destroy() {
-//	}
-//
-//}

zyplayer-doc-manage/src/main/java/com/zyplayer/doc/manage/framework/config/security/DocUsernamePasswordAuthenticationFilter.java

@@ -1,47 +0,0 @@
-//package com.zyplayer.doc.manage.framework.config.security;
-//
-//import javax.servlet.http.HttpServletRequest;
-//import javax.servlet.http.HttpServletResponse;
-//import javax.servlet.http.HttpSession;
-//
-//import org.apache.commons.lang.StringUtils;
-//import org.springframework.security.authentication.AuthenticationServiceException;
-//import org.springframework.security.core.Authentication;
-//import org.springframework.security.core.AuthenticationException;
-//import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
-//
-//public class DocUsernamePasswordAuthenticationFilter extends UsernamePasswordAuthenticationFilter {
-//	// 是否开启验证码功能
-//	private boolean isOpenValidateCode = false;
-//
-//	public static final String VALIDATE_CODE = "validateCode";
-//
-//	public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException {
-//		if (isOpenValidateCode) {
-//			checkValidateCode(request);
-//		}
-//		return super.attemptAuthentication(request, response);
-//	}
-//
-//	protected void checkValidateCode(HttpServletRequest request) {
-//		HttpSession session = request.getSession();
-//		String sessionCode = this.obtainSessionValidateCode(session);
-//		// 让上一次的验证码失效
-//		session.setAttribute(VALIDATE_CODE, null);
-//		String parameterCode = this.obtainValidateCodeParameter(request);
-//		if (StringUtils.isEmpty(sessionCode) || !sessionCode.equalsIgnoreCase(parameterCode)) {
-//			throw new AuthenticationServiceException("验证码错误！");
-//		}
-//	}
-//
-//	private String obtainValidateCodeParameter(HttpServletRequest request) {
-//		Object obj = request.getParameter(VALIDATE_CODE);
-//		return null == obj ? "" : obj.toString();
-//	}
-//
-//	protected String obtainSessionValidateCode(HttpSession session) {
-//		Object obj = session.getAttribute(VALIDATE_CODE);
-//		return null == obj ? "" : obj.toString();
-//	}
-//
-//}

zyplayer-doc-manage/src/main/java/com/zyplayer/doc/manage/framework/config/security/WebSecurityConfig.java

@@ -1,156 +0,0 @@
-//package com.zyplayer.doc.manage.framework.config.security;
-//
-//import org.springframework.beans.factory.annotation.Value;
-//import org.springframework.context.annotation.Bean;
-//import org.springframework.context.annotation.Configuration;
-//import org.springframework.security.authentication.AuthenticationManager;
-//import org.springframework.security.authentication.RememberMeAuthenticationProvider;
-//import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
-//import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
-//import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-//import org.springframework.security.config.annotation.web.builders.WebSecurity;
-//import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-//import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-//import org.springframework.security.crypto.password.PasswordEncoder;
-//import org.springframework.security.web.authentication.*;
-//import org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter;
-//import org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices;
-//import org.springframework.util.DigestUtils;
-//
-//import java.util.Objects;
-//
-//@Configuration
-//@EnableWebSecurity
-//@EnableGlobalMethodSecurity(prePostEnabled = true)
-//public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
-//
-//	@Value("${zyplayer.doc.manage.login-page}")
-//	private String loginPage;
-//
-//	@Bean
-//	@Override
-//	public AuthenticationManager authenticationManagerBean() throws Exception {
-//		return super.authenticationManagerBean();
-//	}
-//
-//	/**
-//	 * 忽略静态文件
-//	 */
-//	@Override
-//	public void configure(WebSecurity web) throws Exception {
-//		web.ignoring().antMatchers();
-//	}
-//
-//	@Override
-//	protected void configure(HttpSecurity http) throws Exception {
-//		// 无需登录即可访问的接口
-//		String[] permitAllAntPatterns = {
-//			// 登录接口
-//			"/login/**", "/static/manage/login.html",
-//			// 开放接口的静态文件和接口
-//			"/open-doc.html", "/webjars/open-doc/**", "/swagger-mg-ui/open-doc/**",
-//			"/open-wiki.html", "/webjars/doc-wiki/**", "/zyplayer-doc-wiki/open-api/**",
-//			// 文件访问接口，开放文档需要能使用，在接口里面做权限判断
-//			"/zyplayer-doc-wiki/common/file",
-//			// http代理请求接口，有白名单限制，也不怕随便请求到内网资源了
-//			"/swagger-mg-ui/http/**",
-//			// 静态资源
-//			"/webjars/zui/**", "/webjars/vue/**", "/static/lib/**"
-//		};
-//		// 文档页面需要具有文档权限
-//		String[] docAntPatterns = {
-//			"/document.html", "/doc-db.html", "/doc.html", "/swagger-ui.html", "/doc-dubbo.html",
-//			"/doc-wiki.html",
-//			"/swagger-mg-ui/document/**", "/swagger-mg-ui/storage/**", "/swagger-resources/**"
-//		};
-//		http.authorizeRequests()
-//			.antMatchers(permitAllAntPatterns).permitAll()
-//			.antMatchers(docAntPatterns).hasAuthority("DOC_ALL")
-//			// 其他地址的访问均需登录
-//			.anyRequest().authenticated().and()
-//			// 添加验证码验证
-//			.addFilterAt(myUsernamePasswordAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class)
-//			.exceptionHandling()
-//			.authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint(loginPage))
-//			.and().addFilterAt(rememberMeAuthenticationFilter(), RememberMeAuthenticationFilter.class)
-//			// 指定登录页面的请求路径
-//			.formLogin().loginPage(loginPage)
-//			// 登陆处理路径
-//			.loginProcessingUrl("/login").permitAll()
-//			// 退出请求的默认路径为logout
-//			.and().logout().deleteCookies("remember-me")
-//			.logoutUrl("/logout").logoutSuccessUrl(loginPage)
-//			.permitAll()
-//			// 开启rememberMe，设置一个私钥专供testall项目使用，注意与下面TokenBasedRememberMeServices的key保持一致
-//			// .rememberMe().key("testallKey").and()
-//			// 关闭csrf
-//			.and().cors().and().csrf().disable()
-//			// X-Frame-Options: SAMEORIGIN 表示该页面可以在相同域名页面的 frame 中展示
-//			.headers().frameOptions().sameOrigin();
-//	}
-//
-//	@Override
-//	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-//		auth.userDetailsService(userDetailsServiceImpl())
-//		.passwordEncoder(new PasswordEncoder() {
-//			@Override
-//			public String encode(CharSequence charSequence) {
-//				return DigestUtils.md5DigestAsHex(charSequence.toString().getBytes());
-//			}
-//			@Override
-//			public boolean matches(CharSequence charSequence, String s) {
-//				String digestAsHex = DigestUtils.md5DigestAsHex(charSequence.toString().getBytes());
-//				return Objects.equals(s, digestAsHex);
-//			}
-//		}).and().authenticationProvider(rememberMeAuthenticationProvider());
-//	}
-//
-//	@Bean
-//	public DocDetailsServiceImpl userDetailsServiceImpl() {
-//		return new DocDetailsServiceImpl();
-//	}
-//
-//	@Bean
-//	public DocUsernamePasswordAuthenticationFilter myUsernamePasswordAuthenticationFilter() throws Exception {
-//		DocUsernamePasswordAuthenticationFilter myFilter = new DocUsernamePasswordAuthenticationFilter();
-//		myFilter.setAuthenticationManager(authenticationManagerBean());
-//		myFilter.setAuthenticationSuccessHandler(authenticationSuccessHandler());
-//		myFilter.setAuthenticationFailureHandler(authenticationFailureHandler());
-//		myFilter.setRememberMeServices(tokenBasedRememberMeServices());
-//		return myFilter;
-//	}
-//
-//	@Bean
-//	public AuthenticationSuccessHandler authenticationSuccessHandler() {
-//		return new SimpleUrlAuthenticationSuccessHandler("/login/success");
-//	}
-//
-//	@Bean
-//	public AuthenticationFailureHandler authenticationFailureHandler() {
-//		return new SimpleUrlAuthenticationFailureHandler("/login/failure");
-//	}
-//
-//	@Bean
-//	public TokenBasedRememberMeServices tokenBasedRememberMeServices() {
-//		TokenBasedRememberMeServices tbrms = new TokenBasedRememberMeServices("testallKey", userDetailsServiceImpl());
-//		// 设置cookie过期时间为2天
-//		tbrms.setTokenValiditySeconds(60 * 60 * 24 * 2);
-//		// 设置checkbox的参数名为rememberMe（默认为remember-me），注意如果是ajax请求，参数名不是checkbox的name而是在ajax的data里
-//		tbrms.setParameter("rememberMe");
-//		tbrms.setAlwaysRemember(false);
-//		return tbrms;
-//	}
-//
-//	@Bean
-//	public RememberMeAuthenticationProvider rememberMeAuthenticationProvider() {
-//		RememberMeAuthenticationProvider rmap = new RememberMeAuthenticationProvider("testallKey");
-//		return rmap;
-//	}
-//
-//	@Bean
-//	public RememberMeAuthenticationFilter rememberMeAuthenticationFilter() throws Exception {
-//		RememberMeAuthenticationFilter myFilter = new RememberMeAuthenticationFilter(authenticationManagerBean(), tokenBasedRememberMeServices());
-//		return myFilter;
-//	}
-//
-//}

zyplayer-doc-manage/src/main/java/com/zyplayer/doc/manage/framework/filter/DocUserFilter.java

@@ -0,0 +1,47 @@
+package com.zyplayer.doc.manage.framework.filter;
+
+import org.springframework.context.annotation.Configuration;
+
+import javax.servlet.*;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+@Configuration
+public class DocUserFilter implements Filter{
+
+	@Override
+	public void init(FilterConfig filterConfig) throws ServletException {
+	}
+
+	@Override
+	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
+		HttpServletRequest httpRequest = (HttpServletRequest) request;
+		Cookie[] cookies = httpRequest.getCookies();
+		boolean haveCtx = false;
+		Object ctxObj = httpRequest.getServletContext().getAttribute("ctx");
+		String ctxStr = String.valueOf(ctxObj);
+		if (cookies != null && cookies.length > 0) {
+			for (Cookie cookie : cookies) {
+				if ("ctx".equals(cookie.getName()) && ctxStr.equals(cookie.getValue())) {
+					haveCtx = true;
+					break;
+				}
+			}
+		}
+		if (!haveCtx) {
+			// 前后端分离的，前段拿不到项目名，直接写/是不对的，只有后端放到cookie里给前端
+			HttpServletResponse httpResponse = (HttpServletResponse) response;
+			Cookie cookieAdd = new Cookie("ctx", ctxStr);
+			cookieAdd.setPath("/");
+			httpResponse.addCookie(cookieAdd);
+		}
+		chain.doFilter(httpRequest, response);
+	}
+
+	@Override
+	public void destroy() {
+	}
+
+}

zyplayer-doc-manage/src/main/java/com/zyplayer/doc/manage/framework/interceptor/RequestInfoInterceptor.java

@@ -1,15 +1,11 @@
 package com.zyplayer.doc.manage.framework.interceptor;
 
-import com.zyplayer.doc.core.json.HttpConst;
-import com.zyplayer.doc.data.config.security.DocUserUtil;
-import org.apache.commons.lang.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.stereotype.Component;
 import org.springframework.web.servlet.HandlerInterceptor;
 import org.springframework.web.servlet.ModelAndView;
 
-import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
@@ -27,7 +23,6 @@ public class RequestInfoInterceptor implements HandlerInterceptor {
 	 */
 	@Override
 	public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object arg2, Exception arg3) {
-		DocUserUtil.clean();
 		long startTime = startTimeThreadLocal.get();
 		long totalTime = System.currentTimeMillis() - startTime;// 结束时间
 		logger.info("总耗时：{}ms，URI：{}", totalTime, request.getRequestURI());
@@ -43,51 +38,7 @@ public class RequestInfoInterceptor implements HandlerInterceptor {
 	@Override
 	public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object obj) {
 		startTimeThreadLocal.set(System.currentTimeMillis());
-		// 指定域名可跨域访问
-		String originRegex = ".*\\.zyplayer\\.com(:\\d+|)$";
-		String origin = request.getHeader("Origin");
-		if (StringUtils.isNotBlank(origin) && origin.toLowerCase().matches(originRegex)) {
-			response.setHeader("Access-Control-Allow-Origin", "*");
-			response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
-			response.setHeader("Access-Control-Allow-Methods", "HEAD,GET,POST,PUT,DELETE");
-			response.setHeader("Access-Control-Allow-Credentials", "true");
-			response.setContentType("application/json; charset=utf-8");
-		}
-		String accessToken = getCookieValueByRequest(request, HttpConst.ACCESS_TOKEN);
-		DocUserUtil.setAccessToken(accessToken);
 		return true;
 	}
 	
-	/**
-	 * 获取cookie
-	 *
-	 * @param request
-	 * @param name
-	 * @return
-	 */
-	public static Cookie getCookieByRequest(HttpServletRequest request, String name) {
-		if (StringUtils.isEmpty(name)) {
-			return null;
-		}
-		Cookie[] cookies = request.getCookies();
-		for (int i = 0; (cookies != null) && (i < cookies.length); i++) {
-			Cookie cookie = cookies[i];
-			if (name.equals(cookie.getName())) {
-				return cookie;
-			}
-		}
-		return null;
-	}
-	
-	/**
-	 * 获取cookie值
-	 *
-	 * @param request
-	 * @param name
-	 * @return
-	 */
-	public static String getCookieValueByRequest(HttpServletRequest request, String name) {
-		Cookie cookie = getCookieByRequest(request, name);
-		return cookie == null ? null : cookie.getValue();
-	}
 }

zyplayer-doc-manage/src/main/java/com/zyplayer/doc/manage/web/manage/LoginController.java

@@ -12,6 +12,7 @@ import com.zyplayer.doc.data.service.manage.AuthInfoService;
 import com.zyplayer.doc.data.service.manage.UserAuthService;
 import com.zyplayer.doc.data.service.manage.UserInfoService;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.util.DigestUtils;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RestController;
@@ -19,10 +20,7 @@ import org.springframework.web.servlet.ModelAndView;
 
 import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletResponse;
-import java.util.Collection;
+import java.util.*;
-import java.util.Collections;
-import java.util.List;
-import java.util.Set;
 import java.util.stream.Collectors;
 
 @RestController
@@ -41,12 +39,16 @@ public class LoginController {
 	}
 	
 	@PostMapping(value = "/login")
-	public DocResponseJson<Object> login(String userNo, HttpServletResponse response) {
+	public DocResponseJson<Object> login(String username, String password, HttpServletResponse response) {
 		QueryWrapper<UserInfo> queryWrapper = new QueryWrapper<>();
-		queryWrapper.eq("user_no", userNo);
+		queryWrapper.eq("user_no", username);
 		UserInfo userInfo = userInfoService.getOne(queryWrapper);
 		if (userInfo == null) {
-			return DocResponseJson.warn("用户名'" + userNo + "'没有找到！");
+			return DocResponseJson.warn("用户名'" + username + "'没有找到！");
+		}
+		String pwdMd5 = DigestUtils.md5DigestAsHex(password.getBytes());
+		if (!Objects.equals(userInfo.getPassword(), pwdMd5)) {
+			return DocResponseJson.warn("密码错误");
 		}
 		QueryWrapper<UserAuth> authWrapper = new QueryWrapper<>();
 		authWrapper.eq("user_id", userInfo.getId()).eq("del_flag", "0");

zyplayer-doc-manage/src/main/resources/application.yml

@@ -8,14 +8,41 @@ spring:
       max-file-size: 100MB
       max-request-size: 100MB
 
+# 端口和根路劲，main方法启动时需要，放tomcat后以tomcat的配置为准
 server:
-  port: 8082
+  port: 8083
   servlet:
     context-path: /zyplayer-doc-manage
 
+# 整个文档项目的配置
 zyplayer:
   doc:
-    # dubbo相关配置
+    # ------zyplayer_doc_manage相关配置------
+    manage:
+      # 版本和升级信息获取地址
+      version: 1.0.1
+      upgradePropertiesUrl: https://gitee.com/zyplayer/zyplayer-doc/raw/master/upgrade.properties
+      # 系统根域名，调试UI时需要使用，同时需要在host文件里配置：127.0.0.1 local.zyplayer.com
+      originDomainRegex: .*\.zyplayer\.com(:\d+|)$
+      # 管理端的数据库配置
+      datasource:
+        driverClassName: com.mysql.jdbc.Driver
+        url: jdbc:mysql://127.0.0.1:3306/zyplayer_doc_manage?useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&autoReconnect=true&useSSL=false
+        username: root
+        password: root
+      # 通过nginx代理之后没端口，但tomcat容器有端口，spring security会判断如果是http开头的则直接跳
+      # 如果你也遇到了这个问题，可以把登陆地址写成http://开头的一个地址
+      login-page: /static/manage/login.html
+    # ------wiki文档相关------
+    wiki:
+      # wiki文档的文件上传后的存储目录
+      upload-path: e:/tmp/wikiFiles
+    # ------swagger相关配置------
+    swagger:
+      proxy-request:
+        # 允许代理请求的域名，正则表达式，多个使用 ; 分割，必须设置，防止通过代理接口访问到内部资源，实在觉得没必要可设置为：.+
+        white-domain: \S+\.zyplayer\.com;127.0.1:8080;\S+\.xiaominfo\.com;
+    # ------dubbo相关配置------
     dubbo:
       # 优先使用zookeeper，未配置时找nacos的配置
       zookeeper:
@@ -27,26 +54,7 @@ zyplayer:
         # 服务名称，多个使用 ; 分割，nacos没办法获取所有的服务列表，所以需要指定
         service: "com.zyplayer.dubbo.service.UserService;\
                   com.zyplayer.dubbo.service.AnnotateService;"
-    # swagger相关配置
+    # ------数据库文档相关------
-    swagger:
-      proxy-request:
-        # 允许代理请求的域名，正则表达式，多个使用 ; 分割，必须设置，防止通过代理接口访问到内部资源，实在觉得没必要可设置为：.+
-        white-domain: \S+\.zyplayer\.com;127.0.1:8080;\S+\.xiaominfo\.com;
-    # zyplayer_doc_manage相关配置
-    manage:
-      # 版本和升级信息获取地址
-      version: 1.0.1
-      upgradePropertiesUrl: https://gitee.com/zyplayer/zyplayer-doc/raw/master/upgrade.properties
-      # 管理端的数据库配置
-      datasource:
-        driverClassName: com.mysql.jdbc.Driver
-        url: jdbc:mysql://127.0.0.1:3306/zyplayer_doc_manage?useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&autoReconnect=true&useSSL=false
-        username: root
-        password: root
-      # 通过nginx代理之后没端口，但tomcat容器有端口，spring security会判断如果是http开头的则直接跳
-      # 如果你也遇到了这个问题，可以把登陆地址写成http://开头的一个地址
-      login-page: /static/manage/login.html
-    # 数据库文档相关
     # 打开/zyplayer_doc_manage/doc-db.html即可看到这里配置的数据库的文档
     db:
       dbConfigList:
@@ -59,9 +67,8 @@ zyplayer:
 #          url: jdbc:mysql://127.0.0.1:3306/zyplayer_doc_manage?useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&autoReconnect=true&useSSL=false
 #          username: root
 #          password: root
-    wiki:
-      upload-path: e:/tmp/wikiFiles
 
+# 下面的配置可以不用管了
 mybatis-plus:
   mapper-locations: classpath:/mapper/**/*Mapper.xml
   #实体扫描，多个package用逗号或者分号分隔
@@ -89,7 +96,3 @@ mybatis-plus:
     map-underscore-to-camel-case: true
     cache-enabled: false
 
-
-#一些测试地址
-#https://gitee.com/GeekPerson/central-platform 项目的文档
-#http://47.99.88.28:9200/swagger-resources

zyplayer-doc-manage/src/main/webapp/static/manage/login.html

@@ -77,7 +77,7 @@
 				post(ctx + "login", param, function (result) {
 					console.log(result);
 					if (result.errCode == 200) {
-						location.href = result.data;
+						location.href = ctx + "static/manage/home.html";
 					} else {
 						app.passwordError = "登录失败，" + result.errMsg;
 					}

zyplayer-doc-ui/wiki-ui/src/App.vue

@@ -51,6 +51,89 @@
                 </el-main>
             </el-container>
         </el-container>
+
+        <!--新建空间弹窗-->
+        <el-dialog title="创建空间" :visible.sync="newSpaceDialogVisible" width="600px" :close-on-click-modal="false">
+            <el-form label-width="100px" :model="newSpaceForm" :rules="newSpaceFormRules" ref="newSpaceForm">
+                <el-form-item label="空间名：" prop="name">
+                    <el-input v-model="newSpaceForm.name"></el-input>
+                </el-form-item>
+                <el-form-item label="空间描述：" prop="spaceExplain">
+                    <el-input v-model="newSpaceForm.spaceExplain"></el-input>
+                </el-form-item>
+                <el-form-item label="空间开放：">
+                    <el-switch v-model="newSpaceForm.openDoc" inactive-text="需要登录" :inactive-value="0" active-text="开放访问" :active-value="1"></el-switch>
+                </el-form-item>
+                <el-form-item label="目录加载：">
+                    <el-switch v-model="newSpaceForm.treeLazyLoad" inactive-text="预先加载" :inactive-value="0" active-text="延迟加载" :active-value="1"></el-switch>
+                </el-form-item>
+                <el-form-item label="空间类型：">
+                    <el-select v-model="newSpaceForm.type" filterable placeholder="选择类型" style="width: 100%;">
+                        <el-option :key="1" label="公共空间" :value="1">
+                            <span style="float: left">公共空间</span>
+                            <span style="float: right; color: #8492a6; font-size: 13px;">属于公共，登录用户可访问</span>
+                        </el-option>
+                        <el-option :key="2" label="个人空间" :value="2">
+                            <span style="float: left">个人空间</span>
+                            <span style="float: right; color: #8492a6; font-size: 13px;">属于个人，所有登录用户可访问</span>
+                        </el-option>
+                        <el-option :key="3" label="隐私空间" :value="3">
+                            <span style="float: left">隐私空间</span>
+                            <span style="float: right; color: #8492a6; font-size: 13px;">属于个人，仅创建者可访问</span>
+                        </el-option>
+                    </el-select>
+                </el-form-item>
+                <el-form-item>
+                    <el-button type="primary" v-if="newSpaceForm.id > 0" @click="onNewSpaceSubmit('newSpaceForm')">保存修改</el-button>
+                    <el-button type="primary" v-else @click="onNewSpaceSubmit('newSpaceForm')">立即创建</el-button>
+                    <el-button @click="onNewSpaceCancel">取消</el-button>
+                </el-form-item>
+            </el-form>
+        </el-dialog>
+        <!--管理空间弹窗-->
+        <el-dialog title="管理空间" :visible.sync="manageSpaceDialogVisible" :close-on-click-modal="false" width="80%">
+            <el-table :data="spaceList" border style="width: 100%; margin-bottom: 5px;" max-height="500">
+                <el-table-column prop="id" label="ID" width="60"></el-table-column>
+                <el-table-column prop="name" label="名字"></el-table-column>
+                <el-table-column prop="spaceExplain" label="说明"></el-table-column>
+                <el-table-column label="开放地址">
+                    <template slot-scope="scope">
+                        <a target="_blank" :href="'open-wiki.html?space='+scope.row.uuid" v-if="scope.row.openDoc == 1">{{scope.row.name}}</a>
+                        <span v-else>暂未开放</span>
+                    </template>
+                </el-table-column>
+                <el-table-column prop="createUserName" label="创建人"></el-table-column>
+                <el-table-column prop="createTime" label="创建时间"></el-table-column>
+                <el-table-column label="操作">
+                    <template slot-scope="scope">
+                        <el-button size="small" type="primary" v-on:click="editSpaceInfo(scope.row)">编辑</el-button>
+                        <el-button size="small" type="danger" v-on:click="deleteSpaceInfo(scope.row)">删除</el-button>
+                    </template>
+                </el-table-column>
+            </el-table>
+        </el-dialog>
+        <!--关于弹窗-->
+        <el-dialog title="关于zyplayer-doc-wiki" :visible.sync="aboutDialogVisible" width="600px">
+            <el-form>
+                <el-form-item label="项目地址：">
+                    <a target="_blank" href="https://gitee.com/zyplayer/zyplayer-doc">zyplayer-doc</a>
+                </el-form-item>
+                <el-form-item label="开发人员：">
+                    <a target="_blank" href="http://zyplayer.com">暮光：城中城</a>
+                </el-form-item>
+                <template v-if="upgradeInfo.lastVersion">
+                    <el-form-item label="当前版本：">{{upgradeInfo.nowVersion}}</el-form-item>
+                    <el-form-item label="最新版本：">{{upgradeInfo.lastVersion}}</el-form-item>
+                    <el-form-item label="升级地址：">
+                        <a target="_blank" :href="upgradeInfo.upgradeUrl">{{upgradeInfo.upgradeUrl}}</a>
+                    </el-form-item>
+                    <el-form-item label="升级内容：">{{upgradeInfo.upgradeContent}}</el-form-item>
+                </template>
+                <el-form-item label="">
+                    欢迎加群讨论，QQ群号：466363173，欢迎提交需求，欢迎使用和加入开发！
+                </el-form-item>
+            </el-form>
+        </el-dialog>
     </div>
 </template>
 
@@ -161,6 +244,25 @@
                 if (!value) return true;
                 return data.name.indexOf(value) !== -1;
             },
+            editSpaceInfo(row) {
+                app.newSpaceForm = {
+                    id: row.id, name: row.name, spaceExplain: row.spaceExplain,
+                    treeLazyLoad: row.treeLazyLoad, openDoc: row.openDoc, type: row.type
+                };
+                app.newSpaceDialogVisible = true;
+            },
+            deleteSpaceInfo(row) {
+                this.$confirm('确定要删除此空间及下面的所有文档吗？', '提示', {
+                    confirmButtonText: '确定',
+                    cancelButtonText: '取消',
+                    type: 'warning'
+                }).then(() => {
+                    var param = {id: row.id, delFlag: 1};
+                    this.common.post(this.apilist1.updateSpace, param, function (json) {
+                        app.loadSpaceList();
+                    });
+                });
+            },
             spaceChangeEvents(data) {
                 if (data == 0) {
                     app.newSpaceForm = {id: '', name: '', spaceExplain: '', treeLazyLoad: 0, openDoc: 0, uuid: '', type: 1};
@@ -257,6 +359,45 @@
                     // Toast.notOpen();
                 }
             },
+            userSignOut() {
+                this.common.post(this.apilist1.userLogout, {}, function (json) {
+                    location.reload();
+                });
+            },
+            onNewSpaceSubmit(formName) {
+                this.$refs[formName].validate((valid) => {
+                    if (valid) {
+                        var param = {
+                            id: app.newSpaceForm.id,
+                            name: app.newSpaceForm.name,
+                            type: app.newSpaceForm.type,
+                            openDoc: app.newSpaceForm.openDoc,
+                            spaceExplain: app.newSpaceForm.spaceExplain,
+                            treeLazyLoad: app.newSpaceForm.treeLazyLoad,
+                        };
+                        this.common.post(this.apilist1.updateSpace, param, function (json) {
+                            if (param.id > 0) {
+                                app.loadSpaceList();
+                            } else {
+                                app.spaceList.push(json.data);
+                                app.spaceOptions.push({
+                                    label: json.data.name, value: json.data.id
+                                });
+                                app.nowSpaceId = json.data.id;
+                                app.nowSpaceShow = json.data;
+                                app.choiceSpace = app.nowSpaceId;
+                                app.rightContentType = 0;
+                                app.doGetPageList(null);
+                            }
+                            app.newSpaceForm = {id: '', name: '', spaceExplain: '', treeLazyLoad: 0, openDoc: 0, uuid: '', type: 1};
+                            app.newSpaceDialogVisible = false;
+                        });
+                    }
+                });
+            },
+            onNewSpaceCancel() {
+                this.newSpaceDialogVisible = false;
+            },
         }
     }
 </script>

zyplayer-doc-ui/wiki-ui/src/common/config/apilist.js

@@ -1,9 +1,11 @@
 var URL = {
     userLogin: '/user/login',
+    userLogout: '/user/logout',
     getUserInfo: '/user/getUserInfo',
     pageUpdate: '/zyplayer-doc-wiki/page/update',
     pageList: '/zyplayer-doc-wiki/page/list',
     spaceList: '/zyplayer-doc-wiki/space/list',
+    updateSpace: '/zyplayer-doc-wiki/space/update',
 };
 
 var URL1 = {};

zyplayer-doc-ui/wiki-ui/src/common/config/apimix.js

@@ -1,46 +1,25 @@
 import apilist from './apilist'
 
 var href = window.location.href;
-var EVT = '';
-var _evt = function () {
-    if (href.indexOf('https://') > -1) {
-        // 测试环境
-        if (href.indexOf('https://test') > -1 && href.indexOf('https://test.') == -1) {
-            EVT = 'https://test';
-            // dev环境
-        } else if (href.indexOf('https://dev') > -1 && href.indexOf('https://dev.') == -1) {
-            EVT = 'https://dev';
-        } else {
-            EVT = 'https://'
-        }
-        return EVT;
-    } else {
-        // 测试环境
-        if (href.indexOf('http://test') > -1 && href.indexOf('http://test.') == -1) {
-            EVT = 'http://test';
-            // dev环境
-        } else if (href.indexOf('http://dev') > -1 && href.indexOf('http://dev.') == -1) {
-            EVT = 'http://dev';
-        } else {
-            EVT = 'http://'
-        }
-        return EVT;
-    }
-};
 
 var _fn = {
     href: href,
-    HOST: EVT + 'local.zyplayer.com:8084', //这里设置接口域名
+    // 这里设置接口域名
-    HOST1: EVT + 'local.zyplayer.com:8084', //设置多个接口域名
+    HOST: 'http://local.zyplayer.com:8083/zyplayer-doc-manage',
+    HOST1: 'http://local.zyplayer.com:8083/zyplayer-doc-manage',
+    // 打包时使用下面这两行，就是上两级的意思
+    // HOST: '../..',
+    // HOST1: '../..',
+
     mixUrl: function (host, url) {
         var p;
         if (!host || !url || _fn.isEmptyObject(url)) {
             return;
         }
-        url.EVT = _evt();
+        url.HOST = host;
         for (p in url) {
             if (url[p].indexOf('http') == -1) {
-                url[p] = url.EVT + host + url[p];
+                url[p] = host + url[p];
             }
         }
         return url;

zyplayer-doc-ui/wiki-ui/src/common/lib/common/common.js

@@ -1,5 +1,6 @@
 import Qs from 'qs'
 import global from '../../config/global'
+import apimix from '../../config/apimix'
 
 export default {
     data: {
@@ -20,7 +21,7 @@ export default {
     validateResult: function (res, callback) {
         if (res.data.errCode == 400) {
             global.vue.$message('请先登录');
-            global.vue.$router.push("/user/login");
+            window.location = apimix.apilist1.HOST + "/static/manage/login.html";
         } else if (res.data.errCode == 402) {
             global.vue.$router.push("/common/noAuth");
         } else if (res.data.errCode !== 200) {
@@ -39,6 +40,7 @@ export default {
             url: url,
             headers: {'Content-type': 'application/x-www-form-urlencoded'},
             data: Qs.stringify(param),
+            withCredentials: true,
         }).then((res) => {
             console.log("ok", res);
             this.validateResult(res, callback);

zyplayer-doc-wiki/src/main/java/com/zyplayer/doc/wiki/controller/WikiCommonController.java

@@ -5,6 +5,7 @@ import cn.hutool.core.util.RandomUtil;
 import com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper;
 import com.zyplayer.doc.core.json.DocResponseJson;
 import com.zyplayer.doc.core.json.ResponseJson;
+import com.zyplayer.doc.data.aspect.AuthMan;
 import com.zyplayer.doc.data.config.security.DocUserDetails;
 import com.zyplayer.doc.data.config.security.DocUserUtil;
 import com.zyplayer.doc.data.repository.manage.entity.WikiPage;
@@ -39,6 +40,7 @@ import java.util.Optional;
  * @author 暮光：城中城
  * @since 2019年2月17日
  */
+@AuthMan
 @RestController
 @RequestMapping("/zyplayer-doc-wiki/common")
 public class WikiCommonController {

zyplayer-doc-wiki/src/main/java/com/zyplayer/doc/wiki/controller/WikiOpenApiController.java

@@ -3,8 +3,6 @@ package com.zyplayer.doc.wiki.controller;
 import com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper;
 import com.zyplayer.doc.core.json.DocResponseJson;
 import com.zyplayer.doc.core.json.ResponseJson;
-import com.zyplayer.doc.data.config.security.DocUserDetails;
-import com.zyplayer.doc.data.config.security.DocUserUtil;
 import com.zyplayer.doc.data.repository.manage.entity.WikiPage;
 import com.zyplayer.doc.data.repository.manage.entity.WikiPageContent;
 import com.zyplayer.doc.data.repository.manage.entity.WikiPageFile;

zyplayer-doc-wiki/src/main/java/com/zyplayer/doc/wiki/controller/WikiPageCommentController.java

@@ -3,6 +3,7 @@ package com.zyplayer.doc.wiki.controller;
 import com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper;
 import com.zyplayer.doc.core.json.DocResponseJson;
 import com.zyplayer.doc.core.json.ResponseJson;
+import com.zyplayer.doc.data.aspect.AuthMan;
 import com.zyplayer.doc.data.config.security.DocUserDetails;
 import com.zyplayer.doc.data.config.security.DocUserUtil;
 import com.zyplayer.doc.data.repository.manage.entity.WikiPage;
@@ -32,6 +33,7 @@ import java.util.stream.Collectors;
  * @author 暮光：城中城
  * @since 2019年2月17日
  */
+@AuthMan
 @RestController
 @RequestMapping("/zyplayer-doc-wiki/page/comment")
 public class WikiPageCommentController {

zyplayer-doc-wiki/src/main/java/com/zyplayer/doc/wiki/controller/WikiPageController.java

@@ -3,6 +3,7 @@ package com.zyplayer.doc.wiki.controller;
 import com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper;
 import com.zyplayer.doc.core.json.DocResponseJson;
 import com.zyplayer.doc.core.json.ResponseJson;
+import com.zyplayer.doc.data.aspect.AuthMan;
 import com.zyplayer.doc.data.config.security.DocUserDetails;
 import com.zyplayer.doc.data.config.security.DocUserUtil;
 import com.zyplayer.doc.data.repository.manage.entity.*;
@@ -27,6 +28,7 @@ import java.util.stream.Collectors;
  * @author 暮光：城中城
  * @since 2019年2月17日
  */
+@AuthMan
 @RestController
 @RequestMapping("/zyplayer-doc-wiki/page")
 public class WikiPageController {

zyplayer-doc-wiki/src/main/java/com/zyplayer/doc/wiki/controller/WikiPageFileController.java

@@ -2,6 +2,7 @@ package com.zyplayer.doc.wiki.controller;
 
 import com.zyplayer.doc.core.json.DocResponseJson;
 import com.zyplayer.doc.core.json.ResponseJson;
+import com.zyplayer.doc.data.aspect.AuthMan;
 import com.zyplayer.doc.data.config.security.DocUserDetails;
 import com.zyplayer.doc.data.config.security.DocUserUtil;
 import com.zyplayer.doc.data.repository.manage.entity.WikiPage;
@@ -26,6 +27,7 @@ import java.util.Objects;
  * @author 暮光：城中城
  * @since 2019年2月17日
  */
+@AuthMan
 @RestController
 @RequestMapping("/zyplayer-doc-wiki/page/file")
 public class WikiPageFileController {

zyplayer-doc-wiki/src/main/java/com/zyplayer/doc/wiki/controller/WikiPageZanController.java

@@ -3,6 +3,7 @@ package com.zyplayer.doc.wiki.controller;
 import com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper;
 import com.zyplayer.doc.core.json.DocResponseJson;
 import com.zyplayer.doc.core.json.ResponseJson;
+import com.zyplayer.doc.data.aspect.AuthMan;
 import com.zyplayer.doc.data.config.security.DocUserDetails;
 import com.zyplayer.doc.data.config.security.DocUserUtil;
 import com.zyplayer.doc.data.repository.manage.entity.WikiPage;
@@ -27,6 +28,7 @@ import java.util.Objects;
  * @author 暮光：城中城
  * @since 2019年2月17日
  */
+@AuthMan
 @RestController
 @RequestMapping("/zyplayer-doc-wiki/page/zan")
 public class WikiPageZanController {

zyplayer-doc-wiki/src/main/java/com/zyplayer/doc/wiki/controller/WikiSpaceController.java

@@ -4,6 +4,7 @@ import cn.hutool.core.util.RandomUtil;
 import com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper;
 import com.zyplayer.doc.core.json.DocResponseJson;
 import com.zyplayer.doc.core.json.ResponseJson;
+import com.zyplayer.doc.data.aspect.AuthMan;
 import com.zyplayer.doc.data.config.security.DocUserDetails;
 import com.zyplayer.doc.data.config.security.DocUserUtil;
 import com.zyplayer.doc.data.repository.manage.entity.WikiSpace;
@@ -25,6 +26,7 @@ import java.util.Objects;
  * @author 暮光：城中城
  * @since 2019年2月17日
  */
+@AuthMan
 @RestController
 @RequestMapping("/zyplayer-doc-wiki/space")
 public class WikiSpaceController {