修改shiro权限相关

7c5894bd · giaogiao · b66930c6 · 7c5894bd · 7c5894bd · 7c5894bd
Commit 7c5894bd authored Sep 24, 2020 by giaogiao
18 changed files
--- a/README.md
+++ b/README.md
@@ -69,7 +69,10 @@ api-system    api-app   api-merchant
 注册业务逻辑要调用common模块中的service去操作
+## swagger文档
+http://127.0.0.1:8889/api/doc.html#/home
+左上角可以切换到不同的模块
 ## 权限验证

--- a/bootstrap/src/main/java/io/geekidea/springbootplus/config/ShiroConfig.java
+++ b/bootstrap/src/main/java/io/geekidea/springbootplus/config/ShiroConfig.java
@@ -123,8 +123,6 @@ public class ShiroConfig {
    /**
     * app的用户及权限数据
-     *
-     * @return
     */
    @Bean
    public JwtRealmAppUser jwtRealmAppUser(AppLoginRedisService appLoginRedisService) {
@@ -137,11 +135,9 @@ public class ShiroConfig {
    /**
     * 商家的用户及权限数据
-     *
-     * @return
     */
    @Bean
-    public JwtRealmMerchant jwtRealmSystem(MerchantLoginRedisService merchantLoginRedisService) {
+    public JwtRealmMerchant jwtRealmMerchant(MerchantLoginRedisService merchantLoginRedisService) {
        JwtRealmMerchant jwtRealm = new JwtRealmMerchant(merchantLoginRedisService);
        jwtRealm.setCachingEnabled(false);
        jwtRealm.setCredentialsMatcher(credentialsMatcher());
@@ -151,8 +147,6 @@ public class ShiroConfig {
    /**
     * subject不存储到Session中
-     *
-     * @return
     */
    @Bean
    public SessionStorageEvaluator sessionStorageEvaluator() {
@@ -175,14 +169,20 @@ public class ShiroConfig {
    /**
     * 安全管理器配置
-     *
-     * @return
     */
    @Bean
-    public SecurityManager securityManager(SysLoginRedisService loginRedisService) {
+    public SecurityManager securityManager(SysLoginRedisService sysLoginRedisService, AppLoginRedisService appLoginRedisService, MerchantLoginRedisService merchantLoginRedisService) {
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
+        // 设置多个realms
+        List<Realm> realms = new ArrayList<>();
+        realms.add(jwtRealmSystem(sysLoginRedisService));
+        realms.add(jwtRealmAppUser(appLoginRedisService));
+        realms.add(jwtRealmMerchant(merchantLoginRedisService));
        // 数据连接器
-        securityManager.setRealm(jwtRealmSystem(loginRedisService));
+        securityManager.setRealms(realms);
        // 设置session存储方式: 不使用sessionId保存
        securityManager.setSubjectDAO(subjectDAO());
        SecurityUtils.setSecurityManager(securityManager);
@@ -193,7 +193,7 @@ public class ShiroConfig {
     * ShiroFilterFactoryBean过滤器配置
     *
     * @param securityManager
-     * @param loginRedisService
+     * @param sysLoginRedisService
     * @param shiroProperties
     * @param jwtProperties
     * @return
@@ -201,7 +201,7 @@ public class ShiroConfig {
    @Bean(SHIRO_FILTER_NAME)
    public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager,
                                                         ShiroLoginService shiroLoginService,
-                                                         SysLoginRedisService loginRedisService,
+                                                         SysLoginRedisService sysLoginRedisService,
                                                         ShiroProperties shiroProperties,
                                                         JwtProperties jwtProperties) {
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
@@ -209,7 +209,7 @@ public class ShiroConfig {
        shiroFilterFactoryBean.setSecurityManager(securityManager);
        // 设置过滤器
-        Map<String, Filter> filterMap = getFilterMap(shiroLoginService, loginRedisService, jwtProperties);
+        Map<String, Filter> filterMap = getFilterMap(shiroLoginService, sysLoginRedisService, jwtProperties);
        shiroFilterFactoryBean.setFilters(filterMap);
        // 设置过滤器顺序
        Map<String, String> filterChainMap = getFilterChainDefinitionMap(shiroProperties);

--- a/bootstrap/src/main/java/io/geekidea/springbootplus/config/Swagger2Config.java
+++ b/bootstrap/src/main/java/io/geekidea/springbootplus/config/Swagger2Config.java
@@ -157,7 +157,7 @@ public class Swagger2Config {
        // 获取需要扫描的包
        String[] basePackages = {"com.jumeirah.api.app.controller"};
        ApiSelectorBuilder apiSelectorBuilder = new Docket(DocumentationType.SWAGGER_2)
-                .apiInfo(apiInfo("默认", "1.0"))
+                .apiInfo(apiInfo())
                .groupName("app")
                .select();
        // 如果扫描的包为空，则默认扫描类上有@Api注解的类
@@ -180,7 +180,7 @@ public class Swagger2Config {
        // 获取需要扫描的包
        String[] basePackages = {"com.jumeirah.api.system.controlle"};
        ApiSelectorBuilder apiSelectorBuilder = new Docket(DocumentationType.SWAGGER_2)
-                .apiInfo(apiInfo("默认", "1.0"))
+                .apiInfo(apiInfo())
                .groupName("system")
                .select();
@@ -204,7 +204,7 @@ public class Swagger2Config {
        // 获取需要扫描的包
        String[] basePackages = {"com.jumeirah.api.merchant.controller"};
        ApiSelectorBuilder apiSelectorBuilder = new Docket(DocumentationType.SWAGGER_2)
-                .apiInfo(apiInfo("默认", "1.0"))
+                .apiInfo(apiInfo())
                .groupName("merchant")
                .select();
        // 如果扫描的包为空，则默认扫描类上有@Api注解的类
@@ -228,7 +228,7 @@ public class Swagger2Config {
     *
     * @return
     */
-    private ApiInfo apiInfo(String title, String version) {
+    private ApiInfo apiInfo() {
        return new ApiInfoBuilder()
                .title(swaggerProperties.getTitle())
                .description(swaggerProperties.getDescription())

--- a/config/src/main/java/io/geekidea/springbootplus/config/constant/AppLoginRedisKey.java
+++ b/config/src/main/java/io/geekidea/springbootplus/config/constant/AppLoginRedisKey.java
+/*
+ * Copyright 2019-2029 geekidea(https://github.com/geekidea)
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package io.geekidea.springbootplus.config.constant;
+/**
+ * <p>
+ * redis key 常量
+ * </p>
+ *
+ * @author geekidea
+ * @date 2019-05-23
+ **/
+public interface AppLoginRedisKey {
+    /**
+     * 登录用户token信息key
+     * login:token:tokenMd5
+     */
+    String LOGIN_TOKEN = "app:login:token:%s";
+    /**
+     * 登录用户信息key
+     * login:user:username
+     */
+    String LOGIN_USER = "app:login:user:%s";
+    /**
+     * 登录用户盐值信息key
+     * login:salt:username
+     */
+    String LOGIN_SALT = "app:login:salt:%s";
+    /**
+     * 登录用户username token
+     * login:user:token:username:token
+     */
+    String LOGIN_USER_TOKEN = "app:login:user:token:%s:%s";
+    /**
+     * 登录用户下的所有token
+     * login:user:token:username:*
+     */
+    String LOGIN_USER_ALL_TOKEN = "app:login:user:token:%s:*";
+}
--- a/config/src/main/java/io/geekidea/springbootplus/config/constant/CommonConstant.java
+++ b/config/src/main/java/io/geekidea/springbootplus/config/constant/CommonConstant.java
@@ -92,9 +92,9 @@ public interface CommonConstant {
    String JWT_DEFAULT_SECRET = "666666";
    /**
-     * JWT 默认过期时间，3600L，单位秒
+     * JWT 默认过期时间，5184000L = 60天，单位秒
     */
-    Long JWT_DEFAULT_EXPIRE_SECOND = 3600L;
+    Long JWT_DEFAULT_EXPIRE_SECOND = 5184000L;
    /**
     * 默认头像

--- a/config/src/main/java/io/geekidea/springbootplus/config/constant/CommonRedisKey.java
+++ b/config/src/main/java/io/geekidea/springbootplus/config/constant/CommonRedisKey.java
@@ -27,38 +27,8 @@ package io.geekidea.springbootplus.config.constant;
 public interface CommonRedisKey {
    /**
-     * 登录用户token信息key
-     * login:token:tokenMd5
-     */
-    String LOGIN_TOKEN = "login:token:%s";
-    /**
-     * 登录用户信息key
-     * login:user:username
-     */
-    String LOGIN_USER = "login:user:%s";
-    /**
-     * 登录用户盐值信息key
-     * login:salt:username
-     */
-    String LOGIN_SALT = "login:salt:%s";
-    /**
-     * 登录用户username token
-     * login:user:token:username:token
-     */
-    String LOGIN_USER_TOKEN = "login:user:token:%s:%s";
-    /**
-     * 登录用户下的所有token
-     * login:user:token:username:*
-     */
-    String LOGIN_USER_ALL_TOKEN = "login:user:token:%s:*";
-    /**
     * 验证码
     * verify.code:666666
     */
-    String VERIFY_CODE = "verify.code:%s";
+    String VERIFY_CODE = "verify.smscode:%s";
 }
--- a/config/src/main/java/io/geekidea/springbootplus/config/constant/MerchantLoginRedisKey.java
+++ b/config/src/main/java/io/geekidea/springbootplus/config/constant/MerchantLoginRedisKey.java
+/*
+ * Copyright 2019-2029 geekidea(https://github.com/geekidea)
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package io.geekidea.springbootplus.config.constant;
+/**
+ * <p>
+ * redis key 常量
+ * </p>
+ *
+ * @author geekidea
+ * @date 2019-05-23
+ **/
+public interface MerchantLoginRedisKey {
+    /**
+     * 登录用户token信息key
+     * login:token:tokenMd5
+     */
+    String LOGIN_TOKEN = "mer:login:token:%s";
+    /**
+     * 登录用户信息key
+     * login:user:username
+     */
+    String LOGIN_USER = "mer:login:user:%s";
+    /**
+     * 登录用户盐值信息key
+     * login:salt:username
+     */
+    String LOGIN_SALT = "mer:login:salt:%s";
+    /**
+     * 登录用户username token
+     * login:user:token:username:token
+     */
+    String LOGIN_USER_TOKEN = "mer:login:user:token:%s:%s";
+    /**
+     * 登录用户下的所有token
+     * login:user:token:username:*
+     */
+    String LOGIN_USER_ALL_TOKEN = "mer:login:user:token:%s:*";
+}
--- a/config/src/main/java/io/geekidea/springbootplus/config/constant/SysLoginRedisKey.java
+++ b/config/src/main/java/io/geekidea/springbootplus/config/constant/SysLoginRedisKey.java
+/*
+ * Copyright 2019-2029 geekidea(https://github.com/geekidea)
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package io.geekidea.springbootplus.config.constant;
+/**
+ * <p>
+ * redis key 常量
+ * </p>
+ *
+ * @author geekidea
+ * @date 2019-05-23
+ **/
+public interface SysLoginRedisKey {
+    /**
+     * 登录用户token信息key
+     * login:token:tokenMd5
+     */
+    String LOGIN_TOKEN = "sys:login:token:%s";
+    /**
+     * 登录用户信息key
+     * login:user:username
+     */
+    String LOGIN_USER = "sys:login:user:%s";
+    /**
+     * 登录用户盐值信息key
+     * login:salt:username
+     */
+    String LOGIN_SALT = "sys:login:salt:%s";
+    /**
+     * 登录用户username token
+     * login:user:token:username:token
+     */
+    String LOGIN_USER_TOKEN = "sys:login:user:token:%s:%s";
+    /**
+     * 登录用户下的所有token
+     * login:user:token:username:*
+     */
+    String LOGIN_USER_ALL_TOKEN = "sys:login:user:token:%s:*";
+}
--- a/framework/src/main/java/io/geekidea/springbootplus/framework/log/aop/BaseLogAop.java
+++ b/framework/src/main/java/io/geekidea/springbootplus/framework/log/aop/BaseLogAop.java
@@ -45,7 +45,6 @@ import io.geekidea.springbootplus.framework.util.ClientInfoUtil;
 import io.geekidea.springbootplus.framework.util.DateUtil;
 import io.geekidea.springbootplus.framework.util.IpUtil;
 import io.geekidea.springbootplus.framework.util.Jackson;
-import io.geekidea.springbootplus.framework.util.LoginUtil;
 import io.geekidea.springbootplus.framework.util.UUIDUtil;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.codec.digest.DigestUtils;
@@ -824,7 +823,7 @@ public abstract class BaseLogAop {
            }
            // 设置当前登录信息
-            sysOperationLog.setUserId(LoginUtil.getUserId()).setUserName(LoginUtil.getUsername());
+//            sysOperationLog.setUserId(LoginUtil.getUserId()).setUserName(LoginUtil.getUsername());
            // 设置异常信息
            if (exception != null) {

--- a/framework/src/main/java/io/geekidea/springbootplus/framework/shiro/cache/impl/AppLoginRedisServiceImpl.java
+++ b/framework/src/main/java/io/geekidea/springbootplus/framework/shiro/cache/impl/AppLoginRedisServiceImpl.java
 package io.geekidea.springbootplus.framework.shiro.cache.impl;
-import io.geekidea.springbootplus.config.constant.CommonRedisKey;
+import io.geekidea.springbootplus.config.constant.AppLoginRedisKey;
 import io.geekidea.springbootplus.config.properties.JwtProperties;
 import io.geekidea.springbootplus.framework.common.bean.ClientInfo;
 import io.geekidea.springbootplus.framework.shiro.cache.AppLoginRedisService;
@@ -78,14 +78,14 @@ public class AppLoginRedisServiceImpl implements AppLoginRedisService {
        }
        // 1. tokenMd5:jwtTokenRedisVo
-        String loginTokenRedisKey = String.format(CommonRedisKey.LOGIN_TOKEN, tokenMd5);
+        String loginTokenRedisKey = String.format(AppLoginRedisKey.LOGIN_TOKEN, tokenMd5);
        redisTemplate.opsForValue().set(loginTokenRedisKey, jwtTokenRedisVo, expireDuration);
        // 2. username:loginSysUserRedisVo
-        redisTemplate.opsForValue().set(String.format(CommonRedisKey.LOGIN_USER, username), loginSysUserRedisVo, expireDuration);
+        redisTemplate.opsForValue().set(String.format(AppLoginRedisKey.LOGIN_USER, username), loginSysUserRedisVo, expireDuration);
        // 3. salt hash,方便获取盐值鉴权
-        redisTemplate.opsForValue().set(String.format(CommonRedisKey.LOGIN_SALT, username), salt, expireDuration);
+        redisTemplate.opsForValue().set(String.format(AppLoginRedisKey.LOGIN_SALT, username), salt, expireDuration);
        // 4. login user token
-        redisTemplate.opsForValue().set(String.format(CommonRedisKey.LOGIN_USER_TOKEN, username, tokenMd5), loginTokenRedisKey, expireDuration);
+        redisTemplate.opsForValue().set(String.format(AppLoginRedisKey.LOGIN_USER_TOKEN, username, tokenMd5), loginTokenRedisKey, expireDuration);
    }
    @Override
@@ -103,7 +103,7 @@ public class AppLoginRedisServiceImpl implements AppLoginRedisService {
        if (StringUtils.isBlank(username)) {
            throw new IllegalArgumentException("username不能为空");
        }
-        return (LoginSysUserRedisVo) redisTemplate.opsForValue().get(String.format(CommonRedisKey.LOGIN_USER, username));
+        return (LoginSysUserRedisVo) redisTemplate.opsForValue().get(String.format(AppLoginRedisKey.LOGIN_USER, username));
    }
    @Override
@@ -120,7 +120,7 @@ public class AppLoginRedisServiceImpl implements AppLoginRedisService {
        if (StringUtils.isBlank(username)) {
            throw new IllegalArgumentException("username不能为空");
        }
-        String salt = (String) redisTemplate.opsForValue().get(String.format(CommonRedisKey.LOGIN_SALT, username));
+        String salt = (String) redisTemplate.opsForValue().get(String.format(AppLoginRedisKey.LOGIN_SALT, username));
        return salt;
    }
@@ -134,13 +134,13 @@ public class AppLoginRedisServiceImpl implements AppLoginRedisService {
        }
        String tokenMd5 = DigestUtils.md5Hex(token);
        // 1. delete tokenMd5
-        redisTemplate.delete(String.format(CommonRedisKey.LOGIN_TOKEN, tokenMd5));
+        redisTemplate.delete(String.format(AppLoginRedisKey.LOGIN_TOKEN, tokenMd5));
        // 2. delete username
-        redisTemplate.delete(String.format(CommonRedisKey.LOGIN_USER, username));
+        redisTemplate.delete(String.format(AppLoginRedisKey.LOGIN_USER, username));
        // 3. delete salt
-        redisTemplate.delete(String.format(CommonRedisKey.LOGIN_SALT, username));
+        redisTemplate.delete(String.format(AppLoginRedisKey.LOGIN_SALT, username));
        // 4. delete user token
-        redisTemplate.delete(String.format(CommonRedisKey.LOGIN_USER_TOKEN, username, tokenMd5));
+        redisTemplate.delete(String.format(AppLoginRedisKey.LOGIN_USER_TOKEN, username, tokenMd5));
    }
    @Override
@@ -149,13 +149,13 @@ public class AppLoginRedisServiceImpl implements AppLoginRedisService {
            throw new IllegalArgumentException("token不能为空");
        }
        String tokenMd5 = DigestUtils.md5Hex(token);
-        Object object = redisTemplate.opsForValue().get(String.format(CommonRedisKey.LOGIN_TOKEN, tokenMd5));
+        Object object = redisTemplate.opsForValue().get(String.format(AppLoginRedisKey.LOGIN_TOKEN, tokenMd5));
        return object != null;
    }
    @Override
    public void deleteUserAllCache(String username) {
-        Set<String> userTokenMd5Set = redisTemplate.keys(String.format(CommonRedisKey.LOGIN_USER_ALL_TOKEN, username));
+        Set<String> userTokenMd5Set = redisTemplate.keys(String.format(AppLoginRedisKey.LOGIN_USER_ALL_TOKEN, username));
        if (CollectionUtils.isEmpty(userTokenMd5Set)) {
            return;
        }
@@ -166,9 +166,9 @@ public class AppLoginRedisServiceImpl implements AppLoginRedisService {
        // 2. 删除登录用户的所有user:token信息
        redisTemplate.delete(userTokenMd5Set);
        // 3. 删除登录用户信息
-        redisTemplate.delete(String.format(CommonRedisKey.LOGIN_USER, username));
+        redisTemplate.delete(String.format(AppLoginRedisKey.LOGIN_USER, username));
        // 4. 删除登录用户盐值信息
-        redisTemplate.delete(String.format(CommonRedisKey.LOGIN_SALT, username));
+        redisTemplate.delete(String.format(AppLoginRedisKey.LOGIN_SALT, username));
    }

--- a/framework/src/main/java/io/geekidea/springbootplus/framework/shiro/cache/impl/MerchantLoginRedisServiceImpl.java
+++ b/framework/src/main/java/io/geekidea/springbootplus/framework/shiro/cache/impl/MerchantLoginRedisServiceImpl.java
 package io.geekidea.springbootplus.framework.shiro.cache.impl;
-import io.geekidea.springbootplus.config.constant.CommonRedisKey;
+import io.geekidea.springbootplus.config.constant.MerchantLoginRedisKey;
 import io.geekidea.springbootplus.config.properties.JwtProperties;
 import io.geekidea.springbootplus.framework.common.bean.ClientInfo;
 import io.geekidea.springbootplus.framework.shiro.cache.MerchantLoginRedisService;
@@ -78,14 +78,14 @@ public class MerchantLoginRedisServiceImpl implements MerchantLoginRedisService 
        }
        // 1. tokenMd5:jwtTokenRedisVo
-        String loginTokenRedisKey = String.format(CommonRedisKey.LOGIN_TOKEN, tokenMd5);
+        String loginTokenRedisKey = String.format(MerchantLoginRedisKey.LOGIN_TOKEN, tokenMd5);
        redisTemplate.opsForValue().set(loginTokenRedisKey, jwtTokenRedisVo, expireDuration);
        // 2. username:loginSysUserRedisVo
-        redisTemplate.opsForValue().set(String.format(CommonRedisKey.LOGIN_USER, username), loginSysUserRedisVo, expireDuration);
+        redisTemplate.opsForValue().set(String.format(MerchantLoginRedisKey.LOGIN_USER, username), loginSysUserRedisVo, expireDuration);
        // 3. salt hash,方便获取盐值鉴权
-        redisTemplate.opsForValue().set(String.format(CommonRedisKey.LOGIN_SALT, username), salt, expireDuration);
+        redisTemplate.opsForValue().set(String.format(MerchantLoginRedisKey.LOGIN_SALT, username), salt, expireDuration);
        // 4. login user token
-        redisTemplate.opsForValue().set(String.format(CommonRedisKey.LOGIN_USER_TOKEN, username, tokenMd5), loginTokenRedisKey, expireDuration);
+        redisTemplate.opsForValue().set(String.format(MerchantLoginRedisKey.LOGIN_USER_TOKEN, username, tokenMd5), loginTokenRedisKey, expireDuration);
    }
    @Override
@@ -103,7 +103,7 @@ public class MerchantLoginRedisServiceImpl implements MerchantLoginRedisService 
        if (StringUtils.isBlank(username)) {
            throw new IllegalArgumentException("username不能为空");
        }
-        return (LoginSysUserRedisVo) redisTemplate.opsForValue().get(String.format(CommonRedisKey.LOGIN_USER, username));
+        return (LoginSysUserRedisVo) redisTemplate.opsForValue().get(String.format(MerchantLoginRedisKey.LOGIN_USER, username));
    }
    @Override
@@ -120,7 +120,7 @@ public class MerchantLoginRedisServiceImpl implements MerchantLoginRedisService 
        if (StringUtils.isBlank(username)) {
            throw new IllegalArgumentException("username不能为空");
        }
-        String salt = (String) redisTemplate.opsForValue().get(String.format(CommonRedisKey.LOGIN_SALT, username));
+        String salt = (String) redisTemplate.opsForValue().get(String.format(MerchantLoginRedisKey.LOGIN_SALT, username));
        return salt;
    }
@@ -134,13 +134,13 @@ public class MerchantLoginRedisServiceImpl implements MerchantLoginRedisService 
        }
        String tokenMd5 = DigestUtils.md5Hex(token);
        // 1. delete tokenMd5
-        redisTemplate.delete(String.format(CommonRedisKey.LOGIN_TOKEN, tokenMd5));
+        redisTemplate.delete(String.format(MerchantLoginRedisKey.LOGIN_TOKEN, tokenMd5));
        // 2. delete username
-        redisTemplate.delete(String.format(CommonRedisKey.LOGIN_USER, username));
+        redisTemplate.delete(String.format(MerchantLoginRedisKey.LOGIN_USER, username));
        // 3. delete salt
-        redisTemplate.delete(String.format(CommonRedisKey.LOGIN_SALT, username));
+        redisTemplate.delete(String.format(MerchantLoginRedisKey.LOGIN_SALT, username));
        // 4. delete user token
-        redisTemplate.delete(String.format(CommonRedisKey.LOGIN_USER_TOKEN, username, tokenMd5));
+        redisTemplate.delete(String.format(MerchantLoginRedisKey.LOGIN_USER_TOKEN, username, tokenMd5));
    }
    @Override
@@ -149,13 +149,13 @@ public class MerchantLoginRedisServiceImpl implements MerchantLoginRedisService 
            throw new IllegalArgumentException("token不能为空");
        }
        String tokenMd5 = DigestUtils.md5Hex(token);
-        Object object = redisTemplate.opsForValue().get(String.format(CommonRedisKey.LOGIN_TOKEN, tokenMd5));
+        Object object = redisTemplate.opsForValue().get(String.format(MerchantLoginRedisKey.LOGIN_TOKEN, tokenMd5));
        return object != null;
    }
    @Override
    public void deleteUserAllCache(String username) {
-        Set<String> userTokenMd5Set = redisTemplate.keys(String.format(CommonRedisKey.LOGIN_USER_ALL_TOKEN, username));
+        Set<String> userTokenMd5Set = redisTemplate.keys(String.format(MerchantLoginRedisKey.LOGIN_USER_ALL_TOKEN, username));
        if (CollectionUtils.isEmpty(userTokenMd5Set)) {
            return;
        }
@@ -166,9 +166,9 @@ public class MerchantLoginRedisServiceImpl implements MerchantLoginRedisService 
        // 2. 删除登录用户的所有user:token信息
        redisTemplate.delete(userTokenMd5Set);
        // 3. 删除登录用户信息
-        redisTemplate.delete(String.format(CommonRedisKey.LOGIN_USER, username));
+        redisTemplate.delete(String.format(MerchantLoginRedisKey.LOGIN_USER, username));
        // 4. 删除登录用户盐值信息
-        redisTemplate.delete(String.format(CommonRedisKey.LOGIN_SALT, username));
+        redisTemplate.delete(String.format(MerchantLoginRedisKey.LOGIN_SALT, username));
    }

--- a/framework/src/main/java/io/geekidea/springbootplus/framework/shiro/cache/impl/SysLoginRedisServiceImpl.java
+++ b/framework/src/main/java/io/geekidea/springbootplus/framework/shiro/cache/impl/SysLoginRedisServiceImpl.java
@@ -16,7 +16,7 @@
 package io.geekidea.springbootplus.framework.shiro.cache.impl;
-import io.geekidea.springbootplus.config.constant.CommonRedisKey;
+import io.geekidea.springbootplus.config.constant.SysLoginRedisKey;
 import io.geekidea.springbootplus.config.properties.JwtProperties;
 import io.geekidea.springbootplus.framework.common.bean.ClientInfo;
 import io.geekidea.springbootplus.framework.shiro.cache.SysLoginRedisService;
@@ -102,14 +102,14 @@ public class SysLoginRedisServiceImpl implements SysLoginRedisService {
        }
        // 1. tokenMd5:jwtTokenRedisVo
-        String loginTokenRedisKey = String.format(CommonRedisKey.LOGIN_TOKEN, tokenMd5);
+        String loginTokenRedisKey = String.format(SysLoginRedisKey.LOGIN_TOKEN, tokenMd5);
        redisTemplate.opsForValue().set(loginTokenRedisKey, jwtTokenRedisVo, expireDuration);
        // 2. username:loginSysUserRedisVo
-        redisTemplate.opsForValue().set(String.format(CommonRedisKey.LOGIN_USER, username), loginSysUserRedisVo, expireDuration);
+        redisTemplate.opsForValue().set(String.format(SysLoginRedisKey.LOGIN_USER, username), loginSysUserRedisVo, expireDuration);
        // 3. salt hash,方便获取盐值鉴权
-        redisTemplate.opsForValue().set(String.format(CommonRedisKey.LOGIN_SALT, username), salt, expireDuration);
+        redisTemplate.opsForValue().set(String.format(SysLoginRedisKey.LOGIN_SALT, username), salt, expireDuration);
        // 4. login user token
-        redisTemplate.opsForValue().set(String.format(CommonRedisKey.LOGIN_USER_TOKEN, username, tokenMd5), loginTokenRedisKey, expireDuration);
+        redisTemplate.opsForValue().set(String.format(SysLoginRedisKey.LOGIN_USER_TOKEN, username, tokenMd5), loginTokenRedisKey, expireDuration);
    }
    @Override
@@ -127,7 +127,7 @@ public class SysLoginRedisServiceImpl implements SysLoginRedisService {
        if (StringUtils.isBlank(username)) {
            throw new IllegalArgumentException("username不能为空");
        }
-        return (LoginSysUserRedisVo) redisTemplate.opsForValue().get(String.format(CommonRedisKey.LOGIN_USER, username));
+        return (LoginSysUserRedisVo) redisTemplate.opsForValue().get(String.format(SysLoginRedisKey.LOGIN_USER, username));
    }
    @Override
@@ -144,7 +144,7 @@ public class SysLoginRedisServiceImpl implements SysLoginRedisService {
        if (StringUtils.isBlank(username)) {
            throw new IllegalArgumentException("username不能为空");
        }
-        String salt = (String) redisTemplate.opsForValue().get(String.format(CommonRedisKey.LOGIN_SALT, username));
+        String salt = (String) redisTemplate.opsForValue().get(String.format(SysLoginRedisKey.LOGIN_SALT, username));
        return salt;
    }
@@ -158,13 +158,13 @@ public class SysLoginRedisServiceImpl implements SysLoginRedisService {
        }
        String tokenMd5 = DigestUtils.md5Hex(token);
        // 1. delete tokenMd5
-        redisTemplate.delete(String.format(CommonRedisKey.LOGIN_TOKEN, tokenMd5));
+        redisTemplate.delete(String.format(SysLoginRedisKey.LOGIN_TOKEN, tokenMd5));
        // 2. delete username
-        redisTemplate.delete(String.format(CommonRedisKey.LOGIN_USER, username));
+        redisTemplate.delete(String.format(SysLoginRedisKey.LOGIN_USER, username));
        // 3. delete salt
-        redisTemplate.delete(String.format(CommonRedisKey.LOGIN_SALT, username));
+        redisTemplate.delete(String.format(SysLoginRedisKey.LOGIN_SALT, username));
        // 4. delete user token
-        redisTemplate.delete(String.format(CommonRedisKey.LOGIN_USER_TOKEN, username, tokenMd5));
+        redisTemplate.delete(String.format(SysLoginRedisKey.LOGIN_USER_TOKEN, username, tokenMd5));
    }
    @Override
@@ -173,13 +173,13 @@ public class SysLoginRedisServiceImpl implements SysLoginRedisService {
            throw new IllegalArgumentException("token不能为空");
        }
        String tokenMd5 = DigestUtils.md5Hex(token);
-        Object object = redisTemplate.opsForValue().get(String.format(CommonRedisKey.LOGIN_TOKEN, tokenMd5));
+        Object object = redisTemplate.opsForValue().get(String.format(SysLoginRedisKey.LOGIN_TOKEN, tokenMd5));
        return object != null;
    }
    @Override
    public void deleteUserAllCache(String username) {
-        Set<String> userTokenMd5Set = redisTemplate.keys(String.format(CommonRedisKey.LOGIN_USER_ALL_TOKEN, username));
+        Set<String> userTokenMd5Set = redisTemplate.keys(String.format(SysLoginRedisKey.LOGIN_USER_ALL_TOKEN, username));
        if (CollectionUtils.isEmpty(userTokenMd5Set)) {
            return;
        }
@@ -190,9 +190,9 @@ public class SysLoginRedisServiceImpl implements SysLoginRedisService {
        // 2. 删除登录用户的所有user:token信息
        redisTemplate.delete(userTokenMd5Set);
        // 3. 删除登录用户信息
-        redisTemplate.delete(String.format(CommonRedisKey.LOGIN_USER, username));
+        redisTemplate.delete(String.format(SysLoginRedisKey.LOGIN_USER, username));
        // 4. 删除登录用户盐值信息
-        redisTemplate.delete(String.format(CommonRedisKey.LOGIN_SALT, username));
+        redisTemplate.delete(String.format(SysLoginRedisKey.LOGIN_SALT, username));
    }

--- a/framework/src/main/java/io/geekidea/springbootplus/framework/shiro/jwt/realm/JwtRealmAppUser.java
+++ b/framework/src/main/java/io/geekidea/springbootplus/framework/shiro/jwt/realm/JwtRealmAppUser.java
@@ -18,7 +18,6 @@ package io.geekidea.springbootplus.framework.shiro.jwt.realm;
 import io.geekidea.springbootplus.framework.shiro.cache.AppLoginRedisService;
 import io.geekidea.springbootplus.framework.shiro.jwt.JwtToken;
-import io.geekidea.springbootplus.framework.shiro.vo.LoginSysUserRedisVo;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.collections4.SetUtils;
 import org.apache.commons.lang3.StringUtils;
@@ -41,10 +40,10 @@ import org.apache.shiro.subject.PrincipalCollection;
 @Slf4j
 public class JwtRealmAppUser extends AuthorizingRealm {
-    private AppLoginRedisService loginRedisService;
+    private AppLoginRedisService appLoginRedisService;
-    public JwtRealmAppUser(AppLoginRedisService loginRedisService) {
+    public JwtRealmAppUser(AppLoginRedisService appLoginRedisService) {
-        this.loginRedisService = loginRedisService;
+        this.appLoginRedisService = appLoginRedisService;
    }
    @Override
@@ -61,17 +60,21 @@ public class JwtRealmAppUser extends AuthorizingRealm {
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        log.debug("doGetAuthorizationInfo principalCollection...");
-        // 设置角色/权限信息
+/*        // 设置角色/权限信息
        JwtToken jwtToken = (JwtToken) principalCollection.getPrimaryPrincipal();
        // 获取username
        String username = jwtToken.getUsername();
        // 获取登录用户角色权限信息
-        LoginSysUserRedisVo loginSysUserRedisVo = loginRedisService.getLoginSysUserRedisVo(username);
+        LoginSysUserRedisVo loginSysUserRedisVo = appLoginRedisService.getLoginSysUserRedisVo(username);
        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
        // 设置角色
        authorizationInfo.setRoles(SetUtils.hashSet(loginSysUserRedisVo.getRoleCode()));
        // 设置权限
-        authorizationInfo.setStringPermissions(loginSysUserRedisVo.getPermissionCodes());
+        authorizationInfo.setStringPermissions(loginSysUserRedisVo.getPermissionCodes());*/
+        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
+        // 设置角色
+        authorizationInfo.setRoles(SetUtils.hashSet("app:all"));
        return authorizationInfo;
    }

--- a/framework/src/main/java/io/geekidea/springbootplus/framework/shiro/jwt/realm/JwtRealmMerchant.java
+++ b/framework/src/main/java/io/geekidea/springbootplus/framework/shiro/jwt/realm/JwtRealmMerchant.java
@@ -41,10 +41,10 @@ import org.apache.shiro.subject.PrincipalCollection;
 @Slf4j
 public class JwtRealmMerchant extends AuthorizingRealm {
-    private MerchantLoginRedisService loginRedisService;
+    private MerchantLoginRedisService merchantLoginRedisService;
-    public JwtRealmMerchant(MerchantLoginRedisService loginRedisService) {
+    public JwtRealmMerchant(MerchantLoginRedisService merchantLoginRedisService) {
-        this.loginRedisService = loginRedisService;
+        this.merchantLoginRedisService = merchantLoginRedisService;
    }
    @Override
@@ -66,7 +66,7 @@ public class JwtRealmMerchant extends AuthorizingRealm {
        // 获取username
        String username = jwtToken.getUsername();
        // 获取登录用户角色权限信息
-        LoginSysUserRedisVo loginSysUserRedisVo = loginRedisService.getLoginSysUserRedisVo(username);
+        LoginSysUserRedisVo loginSysUserRedisVo = merchantLoginRedisService.getLoginSysUserRedisVo(username);
        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
        // 设置角色
        authorizationInfo.setRoles(SetUtils.hashSet(loginSysUserRedisVo.getRoleCode()));

--- a/framework/src/main/java/io/geekidea/springbootplus/framework/shiro/jwt/realm/JwtRealmSystem.java
+++ b/framework/src/main/java/io/geekidea/springbootplus/framework/shiro/jwt/realm/JwtRealmSystem.java
@@ -41,10 +41,10 @@ import org.apache.shiro.subject.PrincipalCollection;
 @Slf4j
 public class JwtRealmSystem extends AuthorizingRealm {
-    private SysLoginRedisService loginRedisService;
+    private SysLoginRedisService sysLoginRedisService;
-    public JwtRealmSystem(SysLoginRedisService loginRedisService) {
+    public JwtRealmSystem(SysLoginRedisService sysLoginRedisService) {
-        this.loginRedisService = loginRedisService;
+        this.sysLoginRedisService = sysLoginRedisService;
    }
    @Override
@@ -66,8 +66,9 @@ public class JwtRealmSystem extends AuthorizingRealm {
        // 获取username
        String username = jwtToken.getUsername();
        // 获取登录用户角色权限信息
-        LoginSysUserRedisVo loginSysUserRedisVo = loginRedisService.getLoginSysUserRedisVo(username);
+        LoginSysUserRedisVo loginSysUserRedisVo = sysLoginRedisService.getLoginSysUserRedisVo(username);
        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
        // 设置角色
        authorizationInfo.setRoles(SetUtils.hashSet(loginSysUserRedisVo.getRoleCode()));
        // 设置权限

--- a/framework/src/main/java/io/geekidea/springbootplus/framework/shiro/service/impl/ShiroLoginServiceImpl.java
+++ b/framework/src/main/java/io/geekidea/springbootplus/framework/shiro/service/impl/ShiroLoginServiceImpl.java
@@ -50,7 +50,7 @@ public class ShiroLoginServiceImpl implements ShiroLoginService {
    @Lazy
    @Autowired
-    private SysLoginRedisService loginRedisService;
+    private SysLoginRedisService sysLoginRedisService;
    @Lazy
    @Autowired
@@ -92,7 +92,7 @@ public class ShiroLoginServiceImpl implements ShiroLoginService {
        // 如果token继续发往后台，则提示，此token已失效，请使用新token，不在返回新token，返回状态码：461
        // 如果Redis缓存中没有，JwtToken没有过期，则说明，已经刷新token
-        boolean exists = loginRedisService.exists(token);
+        boolean exists = sysLoginRedisService.exists(token);
        if (!exists) {
            httpServletResponse.setStatus(CommonConstant.JWT_INVALID_TOKEN_CODE);
            throw new AuthenticationException("token已无效，请使用已刷新的token");
@@ -105,7 +105,7 @@ public class ShiroLoginServiceImpl implements ShiroLoginService {
        // 生成新JwtToken对象
        JwtToken newJwtToken = JwtToken.build(newToken, username, salt, expireSecond);
        // 更新redis缓存
-        loginRedisService.refreshLoginInfo(token, username, newJwtToken);
+        sysLoginRedisService.refreshLoginInfo(token, username, newJwtToken);
        log.debug("刷新token成功，原token:{}，新token:{}", token, newToken);
        // 设置响应头
        // 刷新token

--- a/framework/src/main/java/io/geekidea/springbootplus/framework/shiro/util/JwtUtil.java
+++ b/framework/src/main/java/io/geekidea/springbootplus/framework/shiro/util/JwtUtil.java
@@ -110,6 +110,13 @@ public class JwtUtil {
        return null;
    }
+    /**
+     * 验证token
+     *
+     * @param token
+     * @param salt
+     * @return
+     */
    public static boolean verifyToken(String token, String salt) {
        try {
            Algorithm algorithm = Algorithm.HMAC256(salt);

--- a/framework/src/main/java/io/geekidea/springbootplus/framework/util/LoginUtil.java
+++ b/framework/src/main/java/io/geekidea/springbootplus/framework/util/LoginUtil.java
@@ -16,7 +16,6 @@
 package io.geekidea.springbootplus.framework.util;
-import io.geekidea.springbootplus.config.constant.CommonRedisKey;
 import io.geekidea.springbootplus.framework.shiro.util.JwtTokenUtil;
 import io.geekidea.springbootplus.framework.shiro.util.JwtUtil;
 import io.geekidea.springbootplus.framework.shiro.vo.LoginSysUserRedisVo;
@@ -55,7 +54,11 @@ public class LoginUtil {
        if (StringUtils.isBlank(username)) {
            return null;
        }
-        return (LoginSysUserRedisVo) redisTemplate.opsForValue().get(String.format(CommonRedisKey.LOGIN_USER, username));
+//        return (LoginSysUserRedisVo) redisTemplate.opsForValue().get(String.format(CommonRedisKey.LOGIN_USER, username));
+        LoginSysUserRedisVo loginSysUserRedisVo =new LoginSysUserRedisVo();
+        loginSysUserRedisVo.setUsername(username);
+        return loginSysUserRedisVo;
    }
    /**