sa-token 权限校验

pom.xml

@@ -160,6 +160,11 @@
                 <version>1.42.0</version>
             </dependency>
             <dependency>
+                <groupId>cn.dev33</groupId>
+                <artifactId>sa-token-redis-template</artifactId>
+                <version>1.42.0</version>
+            </dependency>
+            <dependency>
                 <groupId>mysql</groupId>
                 <artifactId>mysql-connector-java</artifactId>
                 <version>8.0.31</version>

portal-service-application/src/main/java/com/hfln/portal/application/controller/wap/DeviceController.java

@@ -85,7 +85,7 @@ public class DeviceController {
     }
 
     @GetMapping("/getWcTimes")
-    @ApiOperation(value = "查询前一天上厕所次数")
+    @ApiOperation(value = "查询当天上厕所次数")
     public ApiResult<WcTimesQueryRes> getWcTimes(@RequestParam("devId") Long devId, @RequestParam("time") String time) {
 
         return ApiResult.success(deviceGateway.getWcTimes(devId, time));

portal-service-application/src/main/java/com/hfln/portal/application/controller/wap/UserController.java

@@ -1,5 +1,7 @@
 package com.hfln.portal.application.controller.wap;
 
+import cn.dev33.satoken.stp.SaTokenInfo;
+import cn.dev33.satoken.stp.StpUtil;
 import cn.hfln.framework.catchlog.CatchAndLog;
 import cn.hfln.framework.dto.ApiResult;
 import com.hfln.portal.common.dto.data.user.UserDto;
@@ -51,14 +53,37 @@ public class UserController {
         return ApiResult.failed("微信登录失败!");
     }
 
-    @PostMapping("/loginByPhone")
+
+    @GetMapping("/queryByOpenId")
+    @ApiOperation(value = "查询用户")
+    public ApiResult<UserDto> queryByOpenId(@RequestParam String openid) {
+        return ApiResult.success(userGateway.queryByOpenId(openid));
+    }
+
+    /**
+     * 微信小程序注册入口
+     * @param params
+     * @return
+     */
+    @PostMapping("/wx/loginByPhone")
     @ApiOperation(value = "用户手机号码一键登录注册")
-    public ApiResult<String> loginByPhone(@Valid @RequestBody PhoneLoginParams params) {
+    public ApiResult<SaTokenInfo> loginByPhone(@Valid @RequestBody PhoneLoginParams params) {
 
-        if (userGateway.loginByPhone(params)) {
-            return ApiResult.success("登录成功");
-        }
-        return ApiResult.failed("登录失败");
+        userGateway.loginByPhone(params);
+        return ApiResult.success(StpUtil.getTokenInfo());
+    }
+
+    /**
+     * 微信小程序获取新token
+     * @param params
+     * @return
+     */
+    @PostMapping("/wx/freshToken")
+    @ApiOperation(value = "微信小程序获取新token")
+    public ApiResult<SaTokenInfo> freshToken(@Valid @RequestBody WxFreshTokenParams params) {
+
+        userGateway.freshToken(params);
+        return ApiResult.success(StpUtil.getTokenInfo());
     }
 
 
@@ -92,13 +117,6 @@ public class UserController {
     }
 
 
-    @GetMapping("/checkOpenid")
-    @ApiOperation(value = "校验用户是不是存在")
-    public ApiResult<Boolean> checkOpenid(@RequestParam String openid) {
-        return ApiResult.success(userGateway.checkOpenId(openid));
-    }
-
-
     @PostMapping("/loginBySmsCode")
     @ApiOperation(value = "短信验证码登录")
     public ApiResult<UserDto> loginBySmsCode(@Valid @RequestBody LoginBySmsCodeParams request) {
@@ -128,7 +146,7 @@ public class UserController {
         return ApiResult.success();
     }
 
-    @PostMapping("/logout")
+    @PostMapping("/wx/logout")
     @ApiOperation(value = "用户注销")
     public ApiResult<?> logout(@RequestBody @Valid UserLogoutParams request){
         userGateway.logout(request);

portal-service-application/src/test/java/com/hfln/portal/application/controller/wap/UserControllerTest.java

@@ -1,5 +1,6 @@
 package com.hfln.portal.application.controller.wap;
 
+import cn.dev33.satoken.stp.SaTokenInfo;
 import cn.hfln.framework.dto.ApiResult;
 import cn.hfln.framework.extension.BizException;
 import com.hfln.portal.common.dto.data.user.UserDto;
@@ -18,8 +19,6 @@ import org.springframework.test.util.ReflectionTestUtils;
 import java.util.Map;
 
 import static org.junit.jupiter.api.Assertions.*;
-import static org.mockito.ArgumentMatchers.any;
-import static org.mockito.ArgumentMatchers.anyString;
 import static org.mockito.Mockito.*;
 
 @ExtendWith(MockitoExtension.class)
@@ -172,7 +171,7 @@ class UserControllerTest {
         when(userGateway.loginByPhone(params)).thenReturn(true);
         
         // 执行测试
-        ApiResult<String> result = userController.loginByPhone(params);
+        ApiResult<SaTokenInfo> result = userController.loginByPhone(params);
         
         // 验证交互
         verify(userGateway, times(1)).loginByPhone(params);
@@ -191,7 +190,7 @@ class UserControllerTest {
         when(userGateway.loginByPhone(params)).thenReturn(false);
         
         // 执行测试
-        ApiResult<String> result = userController.loginByPhone(params);
+        ApiResult<SaTokenInfo> result = userController.loginByPhone(params);
         
         // 验证交互
         verify(userGateway, times(1)).loginByPhone(params);
@@ -394,15 +393,15 @@ class UserControllerTest {
         // 模拟UserGateway的行为
         when(userGateway.checkOpenId(openid)).thenReturn(true);
         
-        // 执行测试
-        ApiResult<Boolean> result = userController.checkOpenid(openid);
-        
-        // 验证交互
-        verify(userGateway, times(1)).checkOpenId(openid);
-        
-        // 验证结果
-        assertEquals(SUCCESS_CODE, ReflectionTestUtils.getField(result, "code"));
-        assertEquals(true, ReflectionTestUtils.getField(result, "data"));
+//        // 执行测试
+//        ApiResult<Boolean> result = userController.queryByOpenId(openid);
+//
+//        // 验证交互
+//        verify(userGateway, times(1)).checkOpenId(openid);
+//
+//        // 验证结果
+//        assertEquals(SUCCESS_CODE, ReflectionTestUtils.getField(result, "code"));
+//        assertEquals(true, ReflectionTestUtils.getField(result, "data"));
     }
     
     @Test
@@ -413,15 +412,15 @@ class UserControllerTest {
         // 模拟UserGateway的行为
         when(userGateway.checkOpenId(openid)).thenReturn(false);
         
-        // 执行测试
-        ApiResult<Boolean> result = userController.checkOpenid(openid);
-        
-        // 验证交互
-        verify(userGateway, times(1)).checkOpenId(openid);
-        
-        // 验证结果
-        assertEquals(SUCCESS_CODE, ReflectionTestUtils.getField(result, "code"));
-        assertEquals(false, ReflectionTestUtils.getField(result, "data"));
+//        // 执行测试
+//        ApiResult<Boolean> result = userController.checkOpenid(openid);
+//
+//        // 验证交互
+//        verify(userGateway, times(1)).checkOpenId(openid);
+//
+//        // 验证结果
+//        assertEquals(SUCCESS_CODE, ReflectionTestUtils.getField(result, "code"));
+//        assertEquals(false, ReflectionTestUtils.getField(result, "data"));
     }
 
     @Test

portal-service-common/src/main/java/com/hfln/portal/common/constant/UserConstants.java

@@ -0,0 +1,13 @@
+package com.hfln.portal.common.constant;
+
+public interface UserConstants {
+
+
+
+    // session 共享信息 key
+    String SA_USER_PHONE = "USER_PHONE";
+    String SA_USER_ID = "USER_ID";
+    String SA_USER_OPEN_ID = "USER_OPEN_ID";
+    String SA_USER_UNION_ID = "USER_UNION_ID";
+
+}

portal-service-common/src/main/java/com/hfln/portal/common/request/user/WxFreshTokenParams.java

@@ -0,0 +1,23 @@
+package com.hfln.portal.common.request.user;
+
+
+import com.hfln.portal.common.vo.BaseVO;
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+
+@EqualsAndHashCode(callSuper = true)
+@Data
+@ApiModel(description = "fresh token入参")
+public class WxFreshTokenParams extends BaseVO {
+
+    @ApiModelProperty("手机号")
+    private String phone;
+
+    @ApiModelProperty("小程序openId")
+    private String openId;
+
+    @ApiModelProperty("userId")
+    private Long userId;
+}

portal-service-domain/src/main/java/com/hfln/portal/domain/customer/DeviceType.java

@@ -0,0 +1,38 @@
+package com.hfln.portal.domain.customer;
+
+/**
+ * 登录设备类型
+ *
+ * @author Frank Zhang
+ * @date 2018-01-08 11:09 AM
+ */
+public enum DeviceType {
+    WX("WX", "微信"),
+    WEB("WEB", "网页"),
+    APP("APP", "应用"),
+    ;
+
+    String code;
+    String desc;
+
+    DeviceType(String code, String desc) {
+        this.code = code;
+        this.desc = desc;
+    }
+
+    public String getCode() {
+        return code;
+    }
+
+    public void setCode(String code) {
+        this.code = code;
+    }
+
+    public String getDesc() {
+        return desc;
+    }
+
+    public void setDesc(String desc) {
+        this.desc = desc;
+    }
+}

portal-service-domain/src/main/java/com/hfln/portal/domain/gateway/UserGateway.java

@@ -3,7 +3,6 @@ package com.hfln.portal.domain.gateway;
 import com.hfln.portal.common.dto.data.oss.OssFileDTO;
 import com.hfln.portal.common.dto.data.user.UserDto;
 import com.hfln.portal.common.request.user.*;
-import com.hfln.portal.common.request.user.*;
 import com.hfln.portal.common.response.user.UserInfoWxRes;
 import org.springframework.web.multipart.MultipartFile;
 
@@ -26,6 +25,7 @@ public interface UserGateway {
 
 
     Boolean checkOpenId(String openId);
+    UserDto queryByOpenId(String openId);
 
 
     UserDto loginBySmsCode(LoginBySmsCodeParams request);
@@ -62,4 +62,6 @@ public interface UserGateway {
      * @return 轮播图文件信息列表
      */
     List<OssFileDTO> getCarouselList();
+
+    void freshToken(WxFreshTokenParams params);
 }

portal-service-infrastructure/pom.xml

@@ -52,6 +52,11 @@
             <artifactId>sa-token-spring-boot-starter</artifactId>
         </dependency>
 
+        <dependency>
+            <groupId>cn.dev33</groupId>
+            <artifactId>sa-token-redis-template</artifactId>
+        </dependency>
+
         <!-- websocket -->
         <dependency>
             <groupId>org.springframework.boot</groupId>

portal-service-infrastructure/src/main/java/com/hfln/portal/infrastructure/config/GlobalExceptionHandler.java

@@ -1,5 +1,7 @@
 package com.hfln.portal.infrastructure.config;
 
+import cn.dev33.satoken.error.SaErrorCode;
+import cn.dev33.satoken.exception.SaTokenException;
 import cn.hfln.framework.dto.ApiResult;
 import cn.hfln.framework.extension.BizException;
 import com.alibaba.csp.sentinel.Tracer;
@@ -73,6 +75,30 @@ public class GlobalExceptionHandler {
         return ApiResult.failed(e.getErrCode(), e.getMessage());
     }
 
+    /**
+     * sa-token 校验异常
+     */
+    @ExceptionHandler(SaTokenException.class)
+    @ResponseStatus(HttpStatus.BAD_REQUEST)
+    public ApiResult<?> handleSaTokenException(SaTokenException e, HttpServletRequest request) {
+
+        String requestURI = request.getRequestURI();
+        log.error("请求地址'{}',发生sa-token校验异常.", requestURI, e);
+        Tracer.trace(e);
+
+        int code = e.getCode();
+        String errMsg = e.getMessage();
+        if (SaErrorCode.CODE_11041 == code) {
+            errMsg = "当前账户无此权限";
+        } else if (SaErrorCode.CODE_11011 == code) {
+            errMsg = "当前账户未登录";
+        } else if (SaErrorCode.CODE_11014 == code) {
+            errMsg = "当前账户已被顶下线，请重新登录";
+        }
+
+        return ApiResult.failed(String.valueOf(code), errMsg);
+    }
+
 
 
     /**

portal-service-infrastructure/src/main/java/com/hfln/portal/infrastructure/config/MybatisPlusMetaObjectHandler.java

@@ -80,10 +80,10 @@ public class MybatisPlusMetaObjectHandler implements MetaObjectHandler {
 					}
 				}
 			}
-			return null;
+			return 0L;
 		} catch (Exception e) {
-			log.warn("获取当前用户ID失败", e);
-			return null;
+			log.warn("获取当前用户ID失败");
+			return 0L;
 		}
 	}
 

portal-service-infrastructure/src/main/java/com/hfln/portal/infrastructure/config/SaTokenConfigProperties.java

@@ -0,0 +1,15 @@
+package com.hfln.portal.infrastructure.config;
+
+import lombok.Data;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.stereotype.Component;
+
+import java.util.List;
+
+@Data
+@Component
+@ConfigurationProperties(prefix = "sa-token.config")
+public class SaTokenConfigProperties {
+
+    private List<String> ignoreUrls;
+}

portal-service-infrastructure/src/main/java/com/hfln/portal/infrastructure/config/SaTokenConfigure.java

@@ -0,0 +1,172 @@
+package com.hfln.portal.infrastructure.config;
+
+import cn.dev33.satoken.filter.SaServletFilter;
+import cn.dev33.satoken.interceptor.SaInterceptor;
+import cn.dev33.satoken.router.SaRouter;
+import cn.dev33.satoken.stp.StpUtil;
+import cn.dev33.satoken.util.SaResult;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+
+/**
+ * [Sa-Token 权限认证] 配置类 
+ * @author click33
+ *
+ */
+@Slf4j
+@Configuration
+public class SaTokenConfigure implements WebMvcConfigurer {
+
+	@Autowired
+	private SaTokenConfigProperties saTokenConfigProperties;
+	
+	/**
+	 * 注册 Sa-Token 拦截器打开注解鉴权功能  
+	 */
+	@Override
+	public void addInterceptors(InterceptorRegistry registry) {
+		// 注册 Sa-Token 拦截器打开注解鉴权功能 
+		registry.addInterceptor(new SaInterceptor(handle -> {
+			// SaManager.getLog().debug("----- 请求path={}  提交token={}", SaHolder.getRequest().getRequestPath(), StpUtil.getTokenValue());
+
+			// 指定一条 match 规则
+//            SaRouter
+//                .match("/user/**")    // 拦截的 path 列表，可以写多个
+//                .notMatch("/user/doLogin", "/user/doLogin2")     // 排除掉的 path 列表，可以写多个
+//                .check(r -> StpUtil.checkLogin());        // 要执行的校验动作，可以写完整的 lambda 表达式
+//
+//            // 权限校验 -- 不同模块认证不同权限
+//            SaRouter.match("/admin/**", r -> StpUtil.checkPermission("admin"));
+//            SaRouter.match("/goods/**", r -> StpUtil.checkPermission("goods"));
+//            SaRouter.match("/orders/**", r -> StpUtil.checkPermission("orders"));
+//            SaRouter.match("/notice/**", r -> StpUtil.checkPermission("notice"));
+//            SaRouter.match("/comment/**", r -> StpUtil.checkPermission("comment"));
+//
+//			// 甚至你可以随意的写一个打印语句
+//			SaRouter.match("/router/print", r -> System.out.println("----啦啦啦----"));
+//
+//			// 写一个完整的 lambda
+//			SaRouter.match("/router/print2", r -> {
+//				System.out.println("----啦啦啦2----");
+//				// ... 其它代码
+//			});
+
+			SaRouter
+					.match("/**")
+					.notMatch(saTokenConfigProperties.getIgnoreUrls())
+					.check(r -> StpUtil.checkLogin());
+
+			SaRouter.match("/admin/**", r -> StpUtil.checkRole("admin"));
+
+
+			/*
+			 * 相关路由都定义在 com.pj.cases.use.RouterCheckController 中
+			 */
+
+		}))
+				.addPathPatterns("/**")
+				.excludePathPatterns("/error");
+		
+	}
+	
+	/**
+     * 注册 [Sa-Token 全局过滤器] 
+     */
+    @Bean
+    public SaServletFilter getSaServletFilter() {
+        return new SaServletFilter()
+        		
+        		// 指定 [拦截路由] 与 [放行路由]
+        		.addInclude("/**")//
+				.setExcludeList(saTokenConfigProperties.getIgnoreUrls())
+//				.addExclude("/favicon.ico")
+
+        		
+        		// 认证函数: 每次请求执行 
+//        		.setAuth(obj -> {
+//        			// System.out.println("---------- sa全局认证 " + SaHolder.getRequest().getRequestPath());
+//        			// SaManager.getLog().debug("----- 请求path={}  提交token={}", SaHolder.getRequest().getRequestPath(), StpUtil.getTokenValue());
+//
+//                    // 权限校验 -- 不同模块认证不同权限
+//        			//		这里你可以写和拦截器鉴权同样的代码，不同点在于：
+//        			// 		校验失败后不会进入全局异常组件，而是进入下面的 .setError 函数
+//                    SaRouter.match("/admin/**", r -> StpUtil.checkPermission("admin"));
+//                    SaRouter.match("/goods/**", r -> StpUtil.checkPermission("goods"));
+//                    SaRouter.match("/orders/**", r -> StpUtil.checkPermission("orders"));
+//                    SaRouter.match("/notice/**", r -> StpUtil.checkPermission("notice"));
+//                    SaRouter.match("/comment/**", r -> StpUtil.checkPermission("comment"));
+//        		})
+        		
+        		// 异常处理函数：每次认证函数发生异常时执行此函数 
+        		.setError(e -> {
+//        			System.out.println("---------- sa全局异常 ");
+					log.error("saServletFilter认证异常：", e);
+        			return SaResult.error(e.getMessage());
+        		})
+        		
+        		// 前置函数：在每次认证函数之前执行（BeforeAuth 不受 includeList 与 excludeList 的限制，所有请求都会进入）
+//        		.setBeforeAuth(r -> {
+//        			// ---------- 设置一些安全响应头 ----------
+//        			SaHolder.getResponse()
+//        			// 服务器名称
+//        			.setServer("sa-server")
+//        			// 是否可以在iframe显示视图： DENY=不可以 | SAMEORIGIN=同域下可以 | ALLOW-FROM uri=指定域名下可以
+//        			.setHeader("X-Frame-Options", "SAMEORIGIN")
+//        			// 是否启用浏览器默认XSS防护： 0=禁用 | 1=启用 | 1; mode=block 启用, 并在检查到XSS攻击时，停止渲染页面
+//        			.setHeader("X-XSS-Protection", "1; mode=block")
+//        			// 禁用浏览器内容嗅探
+//        			.setHeader("X-Content-Type-Options", "nosniff")
+//        			;
+//        		})
+        		;
+    }
+
+//	/**
+//	 * CORS 跨域处理
+//	 */
+//	@Bean
+//	public SaCorsHandleFunction corsHandle() {
+//		return (req, res, sto) -> {
+//			res.
+//					// 允许指定域访问跨域资源
+//							setHeader("Access-Control-Allow-Origin", "*")
+//					// 允许所有请求方式
+//					.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE")
+//					// 有效时间
+//					.setHeader("Access-Control-Max-Age", "3600")
+//					// 允许的header参数
+//					.setHeader("Access-Control-Allow-Headers", "*");
+//
+//			// 如果是预检请求，则立即返回到前端
+//			SaRouter.match(SaHttpMethod.OPTIONS)
+//					.free(r -> System.out.println("--------OPTIONS预检请求，不做处理"))
+//					.back();
+//		};
+//	}
+
+//	/**
+//     * 重写 Sa-Token 框架内部算法策略
+//     */
+//    @PostConstruct
+//    public void rewriteSaStrategy() {
+//    	// 重写Sa-Token的注解处理器，增加注解合并功能
+//    	SaAnnotationStrategy.instance.getAnnotation = (element, annotationClass) -> {
+//    		return AnnotatedElementUtils.getMergedAnnotation(element, annotationClass);
+//    	};
+//
+//		// 重写 SaCheckELRootMap 扩展函数，增加注解鉴权 EL 表达式可使用的根对象
+//		SaAnnotationStrategy.instance.checkELRootMapExtendFunction = rootMap -> {
+//			System.out.println("--------- 执行 SaCheckELRootMap 增强，目前已包含的的跟对象包括：" + rootMap.keySet());
+//			// 新增 stpUser 根对象，使之可以在表达式中通过 stpUser.checkLogin() 方式进行多账号体系鉴权
+//			rootMap.put("stpUser", StpUserUtil.getStpLogic());
+//		};
+//    }
+
+
+
+}

portal-service-infrastructure/src/main/java/com/hfln/portal/infrastructure/config/StpInterfaceImpl.java

@@ -0,0 +1,108 @@
+package com.hfln.portal.infrastructure.config;
+
+import cn.dev33.satoken.stp.StpInterface;
+import com.hfln.portal.infrastructure.po.TblPermission;
+import com.hfln.portal.infrastructure.po.TblRole;
+import com.hfln.portal.infrastructure.po.TblRolePermission;
+import com.hfln.portal.infrastructure.po.TblUserRole;
+import com.hfln.portal.infrastructure.service.PermissionService;
+import com.hfln.portal.infrastructure.service.RolePermissionService;
+import com.hfln.portal.infrastructure.service.RoleService;
+import com.hfln.portal.infrastructure.service.UserRoleService;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+import org.springframework.util.CollectionUtils;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.stream.Collectors;
+
+/**
+ * 自定义权限认证接口扩展，Sa-Token 将从此实现类获取每个账号拥有的权限码 
+ * 
+ * @author click33
+ * @since 2022-10-13
+ */
+@Slf4j
+@Component    // 打开此注解，保证此类被springboot扫描，即可完成sa-token的自定义权限验证扩展
+public class StpInterfaceImpl implements StpInterface {
+
+
+	@Autowired
+	private RoleService roleService;
+
+	@Autowired
+	private RolePermissionService rolePermissionService;
+
+	@Autowired
+	private PermissionService permissionService;
+
+	@Autowired
+	private UserRoleService userRoleService;
+
+	/**
+	 * 返回一个账号所拥有的权限码集合 
+	 */
+	@Override
+	public List<String> getPermissionList(Object loginIdObj, String loginType) {
+
+		List<String> list = new ArrayList<String>();
+		// todo 后期接口调用次数大的话，可以放redis ，再加更新操作
+		long loginId = Long.parseLong(String.valueOf(loginIdObj));
+
+		List<TblUserRole> userRoles = userRoleService.findByUserId((long)loginId);
+		if (CollectionUtils.isEmpty(userRoles)) {
+			log.info("当前用户没有配置角色，userId:{}", loginId);
+			return list;
+		}
+
+		List<Long> userIds = userRoles.stream().map(TblUserRole::getRoleId).collect(Collectors.toList());
+		List<TblRole> roles = roleService.findAvailableByIds(userIds);
+		if (CollectionUtils.isEmpty(roles)) {
+			log.info("角色配置异常, userIds :{}", roles);
+			return list;
+		}
+
+		List<Long> roleIds = roles.stream().map(TblRole::getRoleId).collect(Collectors.toList());
+		List<TblRolePermission> rolePermissions = rolePermissionService.findByRoleIds(roleIds);
+		if (CollectionUtils.isEmpty(rolePermissions)) {
+			log.info("当前角色没有配置权限，roleIds:{}", roleIds);
+			return list;
+		}
+
+		List<Long> permIds = rolePermissions.stream().map(TblRolePermission::getPermId).collect(Collectors.toList());
+		List<TblPermission> permissionList = permissionService.findAvailableByIds(permIds);
+		if (CollectionUtils.isEmpty(permissionList)) {
+			log.info("权限配置异常, permIds :{}", permIds);
+			return list;
+		}
+
+		list.addAll(permissionList.stream().map(TblPermission::getPermCode).collect(Collectors.toList()));
+		return list;
+	}
+
+	/**
+	 * 返回一个账号所拥有的角色标识集合 
+	 */
+	@Override
+	public List<String> getRoleList(Object loginIdObj, String loginType) {
+
+		List<String> list = new ArrayList<String>();
+		long loginId = Long.parseLong(String.valueOf(loginIdObj));
+		List<TblUserRole> userRoles = userRoleService.findByUserId(loginId);
+		if (CollectionUtils.isEmpty(userRoles)) {
+			log.info("当前用户没有配置角色，userId:{}", loginId);
+			return list;
+		}
+
+		List<Long> userIds = userRoles.stream().map(TblUserRole::getRoleId).collect(Collectors.toList());
+		List<TblRole> roles = roleService.findAvailableByIds(userIds);
+		if (CollectionUtils.isEmpty(roles)) {
+			log.info("角色配置异常, userIds :{}", roles);
+			return list;
+		}
+		list.addAll(roles.stream().map(TblRole::getRoleCode).collect(Collectors.toList()));
+		return list;
+	}
+}

portal-service-infrastructure/src/main/java/com/hfln/portal/infrastructure/gateway/impl/DeviceGatewayImpl.java

@@ -412,15 +412,15 @@ public class DeviceGatewayImpl implements DeviceGateway {
     public Boolean devShare(ShareParam shareParam) {
 
 
-        List<UserInfo> userInfos = userService.queryByPhone(shareParam.getSharedPhone());
-        if (userInfos == null || userInfos.size() < 1) {
+        UserInfo userInfo = userService.queryByPhone(shareParam.getSharedPhone());
+        if (userInfo == null) {
             throw new BizException(ErrorEnum.MOBILE_NOT_SIGN.getErrorCode(), ErrorEnum.MOBILE_NOT_SIGN.getErrorMessage());
         }
 
         LambdaQueryWrapper<DevShare> queryWrapper = new LambdaQueryWrapper<>();
         queryWrapper.eq(DevShare::getDevId, shareParam.getDevId());
         queryWrapper.eq(DevShare::getSharerUserId, shareParam.getSharerUserId());
-        queryWrapper.eq(DevShare::getSharedUserId, userInfos.get(0).getUserId());
+        queryWrapper.eq(DevShare::getSharedUserId, userInfo.getUserId());
         queryWrapper.in(DevShare::getState, Arrays.asList(0, 1));
         List<DevShare> list = devShareService.list(queryWrapper);
 
@@ -434,7 +434,7 @@ public class DeviceGatewayImpl implements DeviceGateway {
         devShare.setSharerUserId(shareParam.getSharerUserId());
         devShare.setSharerPhone(shareParam.getSharerPhone());
         devShare.setSharedPhone(shareParam.getSharedPhone());
-        devShare.setSharedUserId(userInfos.get(0).getUserId());
+        devShare.setSharedUserId(userInfo.getUserId());
         devShare.setState(0);
         devShareService.save(devShare);
         return null;
@@ -680,8 +680,8 @@ public class DeviceGatewayImpl implements DeviceGateway {
     public WcTimesQueryRes getWcTimes(Long devId, String time) {
 
         LocalDate inputDate = LocalDate.parse(time);
-        LocalDate previousDate = inputDate.minusDays(1);
-        List<AlarmEvent> list = alarmEventService.list(new LambdaQueryWrapper<AlarmEvent>().eq(AlarmEvent::getDevId, devId).ge(AlarmEvent::getCreateTime, previousDate).lt(AlarmEvent::getCreateTime, inputDate));
+        LocalDate tomorrow = inputDate.plusDays(1);
+        List<AlarmEvent> list = alarmEventService.list(new LambdaQueryWrapper<AlarmEvent>().eq(AlarmEvent::getDevId, devId).ge(AlarmEvent::getCreateTime, inputDate).lt(AlarmEvent::getCreateTime, tomorrow));
         WcTimesQueryRes res = new WcTimesQueryRes();
         if (CollectionUtils.isEmpty(list)) {
 

portal-service-infrastructure/src/main/java/com/hfln/portal/infrastructure/gateway/impl/UserGatewayImpl.java

@@ -1,6 +1,7 @@
 package com.hfln.portal.infrastructure.gateway.impl;
 
 
+import cn.dev33.satoken.session.SaSession;
 import cn.dev33.satoken.stp.SaTokenInfo;
 import cn.dev33.satoken.stp.StpUtil;
 import cn.hfln.framework.common.redis.service.RedisService;
@@ -8,11 +9,13 @@ import cn.hfln.framework.extension.BizException;
 import com.alibaba.fastjson2.JSON;
 import com.alibaba.fastjson2.JSONObject;
 import com.baomidou.mybatisplus.core.toolkit.Wrappers;
+import com.hfln.portal.common.constant.UserConstants;
 import com.hfln.portal.common.constant.redis.RedisCacheConstant;
 import com.hfln.portal.common.dto.data.oss.OssFileDTO;
 import com.hfln.portal.common.dto.data.user.UserDto;
 import com.hfln.portal.common.request.user.*;
 import com.hfln.portal.common.response.user.UserInfoWxRes;
+import com.hfln.portal.domain.customer.DeviceType;
 import com.hfln.portal.domain.customer.OssBusiType;
 import com.hfln.portal.domain.customer.util.PasswordUtil;
 import com.hfln.portal.domain.exception.ErrorEnum;
@@ -147,18 +150,41 @@ public class UserGatewayImpl implements UserGateway {
     @Override
     public Boolean loginByPhone(PhoneLoginParams params) {
 
+        // todo 这里的电话号码，不能由前端 传过来，根据下面的获取电话号码 方法来获取 参照老代码 loginByPhone 方法
+
+        // 1 校验当前用户是否已注册
+        UserInfo userInfo = userService.queryByPhone(params.getPhone());
+        if (userInfo == null) {
+            // 未注册的手机号直接注册用户
+            userInfo = new UserInfo();
+            userInfo.setOpenid(params.getOpenId());
+            userInfo.setPhone(params.getPhone());
+            userInfo.setUnionId(params.getUnionId());
+            userInfo.setAvatarUrl(params.getAvatarUrl());
+            userService.save(userInfo);
+        } else {
+            log.info("当前用户已注册：{}", params.getPhone());
+        }
 
-        if (userService.checkAvailableOpenId(params.getOpenId())) {
-            log.info("当前用户已登录：{}", params.getOpenId());
-            return true;
+        // 2 校验当前用户是否已登录
+        boolean isLogin = StpUtil.isLogin();
+        if (!isLogin) {
+            StpUtil.login(userInfo.getUserId(), DeviceType.WX.getCode());
+
+            // 这里可以考虑 在session 中插入信息
+            // 同账户多设备 登录共享信息
+            SaSession session = StpUtil.getSession();
+            session.set(UserConstants.SA_USER_PHONE, userInfo.getPhone());
+            session.set(UserConstants.SA_USER_ID, userInfo.getUserId());
+
+            // 当前设备session 独享信息
+            SaSession wxSession = StpUtil.getTokenSession();
+            wxSession.set(UserConstants.SA_USER_OPEN_ID, userInfo.getOpenid());
+            wxSession.set(UserConstants.SA_USER_UNION_ID, userInfo.getUnionId());
+        } else {
+            log.info("当前用户已登录：{}", params.getPhone());
         }
 
-        UserInfo userInfo = new UserInfo();
-        userInfo.setOpenid(params.getOpenId());
-        userInfo.setPhone(params.getPhone());
-        userInfo.setUnionId(params.getUnionId());
-        userInfo.setAvatarUrl(params.getAvatarUrl());
-        userService.save(userInfo);
         return true;
     }
 
@@ -205,6 +231,18 @@ public class UserGatewayImpl implements UserGateway {
     }
 
     @Override
+    public UserDto queryByOpenId(String openId) {
+
+        UserInfo userInfo = userService.queryByOpenId(openId);
+        if (userInfo == null) {
+            return null;
+        }
+        UserDto userDto = new UserDto();
+        BeanUtils.copyProperties(userInfo, userDto);
+        return userDto;
+    }
+
+    @Override
     public UserDto loginBySmsCode(LoginBySmsCodeParams request) {
         UserDto userDto = new UserDto();
         String phone = request.getUserName();
@@ -368,7 +406,7 @@ public class UserGatewayImpl implements UserGateway {
         }
 
         //2.消除登录凭证
-        StpUtil.logout(request.getUserId());
+        StpUtil.logout(request.getUserId(), DeviceType.WX.getCode());
 
         //3.修改用户信息表中的is_delete字段为1
         // 使用 MyBatis Plus 的逻辑删除功能
@@ -492,6 +530,27 @@ public class UserGatewayImpl implements UserGateway {
                 .collect(Collectors.toList());
     }
 
+    @Override
+    public void freshToken(WxFreshTokenParams params) {
+
+        UserInfo userInfo = null;
+        if (StringUtils.isNotBlank(params.getOpenId())) {
+
+        } else if (StringUtils.isNotBlank(params.getPhone())) {
+            userInfo = userService.queryByPhone(params.getPhone());
+        } else if (params.getUserId() == null) {
+            userInfo = userService.queryById(params.getUserId());
+        }
+
+        if (userInfo == null) {
+            throw new BizException(ErrorEnum.USER_NOT_FOUND.getErrorCode(), ErrorEnum.USER_NOT_FOUND.getErrorMessage());
+        }
+
+        if (!StpUtil.isLogin()) {
+            StpUtil.login(userInfo.getUserId(), DeviceType.WX.getCode());
+        }
+    }
+
     private boolean checkPngMagicNumber(byte[] fileHeader) {
         byte[] pngMagicNumber = {(byte) 0x89, 0x50, 0x4E, 0x47, 0x0D, 0x0A, 0x1A, 0x0A};
         return Arrays.equals(Arrays.copyOfRange(fileHeader, 0, 8), pngMagicNumber);

portal-service-infrastructure/src/main/java/com/hfln/portal/infrastructure/mapper/TblPermissionMapper.java

@@ -0,0 +1,12 @@
+package com.hfln.portal.infrastructure.mapper;
+
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import com.hfln.portal.infrastructure.po.TblPermission;
+import org.apache.ibatis.annotations.Mapper;
+
+/**
+ * 角色表 Mapper 接口
+ */
+@Mapper
+public interface TblPermissionMapper extends BaseMapper<TblPermission> {
+} 

portal-service-infrastructure/src/main/java/com/hfln/portal/infrastructure/mapper/TblRoleMenuMapper.java

@@ -0,0 +1,12 @@
+package com.hfln.portal.infrastructure.mapper;
+
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import com.hfln.portal.infrastructure.po.TblRoleMenu;
+import org.apache.ibatis.annotations.Mapper;
+
+/**
+ * 角色表 Mapper 接口
+ */
+@Mapper
+public interface TblRoleMenuMapper extends BaseMapper<TblRoleMenu> {
+} 

portal-service-infrastructure/src/main/java/com/hfln/portal/infrastructure/mapper/TblRolePermissionMapper.java

@@ -0,0 +1,12 @@
+package com.hfln.portal.infrastructure.mapper;
+
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import com.hfln.portal.infrastructure.po.TblRolePermission;
+import org.apache.ibatis.annotations.Mapper;
+
+/**
+ * 角色表 Mapper 接口
+ */
+@Mapper
+public interface TblRolePermissionMapper extends BaseMapper<TblRolePermission> {
+} 

portal-service-infrastructure/src/main/java/com/hfln/portal/infrastructure/po/TblPermission.java

@@ -0,0 +1,37 @@
+package com.hfln.portal.infrastructure.po;
+
+import com.baomidou.mybatisplus.annotation.IdType;
+import com.baomidou.mybatisplus.annotation.TableId;
+import com.baomidou.mybatisplus.annotation.TableName;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+
+/**
+ * 权限表
+ */
+@Data
+@EqualsAndHashCode(callSuper = true)
+@TableName("tbl_permission")
+public class TblPermission extends BasePO {
+
+    /**
+     * 主键 ID
+     */
+    @TableId(type = IdType.ASSIGN_ID)
+    private Long permId;
+
+    /**
+     * 权限编码
+     */
+    private String permCode;
+
+    /**
+     * 权限名称
+     */
+    private String permName;
+
+    /**
+     * 权限描述
+     */
+    private String permDesc;
+} 

portal-service-infrastructure/src/main/java/com/hfln/portal/infrastructure/po/TblRoleMenu.java

@@ -0,0 +1,33 @@
+package com.hfln.portal.infrastructure.po;
+
+import com.baomidou.mybatisplus.annotation.IdType;
+import com.baomidou.mybatisplus.annotation.TableId;
+import com.baomidou.mybatisplus.annotation.TableName;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+
+/**
+ * 角色表
+ */
+@Data
+@EqualsAndHashCode(callSuper = true)
+@TableName("tbl_role_menu")
+public class TblRoleMenu extends BasePO {
+
+    /**
+     * 主键 ID
+     */
+    @TableId(type = IdType.ASSIGN_ID)
+    private Long roleMenuId;
+
+    /**
+     * 角色编码
+     */
+    private Long roleId;
+
+    /**
+     * 角色名称
+     */
+    private Long menuId;
+
+} 

portal-service-infrastructure/src/main/java/com/hfln/portal/infrastructure/po/TblRolePermission.java

@@ -0,0 +1,33 @@
+package com.hfln.portal.infrastructure.po;
+
+import com.baomidou.mybatisplus.annotation.IdType;
+import com.baomidou.mybatisplus.annotation.TableId;
+import com.baomidou.mybatisplus.annotation.TableName;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+
+/**
+ * 角色表
+ */
+@Data
+@EqualsAndHashCode(callSuper = true)
+@TableName("tbl_role_permission")
+public class TblRolePermission extends BasePO {
+
+    /**
+     * 主键 ID
+     */
+    @TableId(type = IdType.ASSIGN_ID)
+    private Long rolePermId;
+
+    /**
+     * 角色id
+     */
+    private Long roleId;
+
+    /**
+     * 权限id
+     */
+    private Long permId;
+
+} 

portal-service-infrastructure/src/main/java/com/hfln/portal/infrastructure/po/TblUserRole.java

@@ -20,10 +20,10 @@ public class TblUserRole extends BasePO {
     /**
      * 用户ID
      */
-    private String userId;
+    private Long userId;
 
     /**
      * 角色ID
      */
-    private String roleId;
+    private Long roleId;
 } 

portal-service-infrastructure/src/main/java/com/hfln/portal/infrastructure/service/PermissionService.java

@@ -0,0 +1,12 @@
+package com.hfln.portal.infrastructure.service;
+
+import com.baomidou.mybatisplus.extension.service.IService;
+import com.hfln.portal.infrastructure.po.TblPermission;
+
+import java.util.List;
+
+public interface PermissionService extends IService<TblPermission> {
+
+
+    List<TblPermission> findAvailableByIds(List<Long> permIds);
+}

portal-service-infrastructure/src/main/java/com/hfln/portal/infrastructure/service/RoleMenuService.java

@@ -0,0 +1,9 @@
+package com.hfln.portal.infrastructure.service;
+
+import com.baomidou.mybatisplus.extension.service.IService;
+import com.hfln.portal.infrastructure.po.TblRoleMenu;
+
+public interface RoleMenuService extends IService<TblRoleMenu> {
+
+
+}

portal-service-infrastructure/src/main/java/com/hfln/portal/infrastructure/service/RolePermissionService.java

@@ -0,0 +1,12 @@
+package com.hfln.portal.infrastructure.service;
+
+import com.baomidou.mybatisplus.extension.service.IService;
+import com.hfln.portal.infrastructure.po.TblRolePermission;
+
+import java.util.List;
+
+public interface RolePermissionService extends IService<TblRolePermission> {
+
+
+    List<TblRolePermission> findByRoleIds(List<Long> roleIds);
+}

portal-service-infrastructure/src/main/java/com/hfln/portal/infrastructure/service/RoleService.java

@@ -0,0 +1,12 @@
+package com.hfln.portal.infrastructure.service;
+
+import com.baomidou.mybatisplus.extension.service.IService;
+import com.hfln.portal.infrastructure.po.TblRole;
+
+import java.util.List;
+
+public interface RoleService extends IService<TblRole> {
+
+
+    List<TblRole> findAvailableByIds(List<Long> roleIds);
+}

portal-service-infrastructure/src/main/java/com/hfln/portal/infrastructure/service/UserRoleService.java

@@ -0,0 +1,12 @@
+package com.hfln.portal.infrastructure.service;
+
+import com.baomidou.mybatisplus.extension.service.IService;
+import com.hfln.portal.infrastructure.po.TblUserRole;
+
+import java.util.List;
+
+public interface UserRoleService extends IService<TblUserRole> {
+
+
+    List<TblUserRole> findByUserId(long loginId);
+}

portal-service-infrastructure/src/main/java/com/hfln/portal/infrastructure/service/UserService.java

@@ -3,8 +3,6 @@ package com.hfln.portal.infrastructure.service;
 import com.baomidou.mybatisplus.extension.service.IService;
 import com.hfln.portal.infrastructure.po.UserInfo;
 
-import java.util.List;
-
 public interface UserService extends IService<UserInfo> {
 
     /**
@@ -22,7 +20,13 @@ public interface UserService extends IService<UserInfo> {
      */
     UserInfo checkUserByPassword(String phone, String password);
 
-    List<UserInfo> queryByPhone(String sharedPhone);
+    /**
+     * 这里需要数据库保证 同一个可用电话号码的唯一性
+     * @param phone
+     * @return
+     */
+    UserInfo queryByPhone(String phone);
+    UserInfo queryByOpenId(String openId);
 
     UserInfo queryById(Long userId);
 }

portal-service-infrastructure/src/main/java/com/hfln/portal/infrastructure/service/impl/PermissionServiceImpl.java

@@ -0,0 +1,26 @@
+package com.hfln.portal.infrastructure.service.impl;
+
+import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
+import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
+import com.hfln.portal.infrastructure.mapper.TblPermissionMapper;
+import com.hfln.portal.infrastructure.po.BasePO;
+import com.hfln.portal.infrastructure.po.TblPermission;
+import com.hfln.portal.infrastructure.service.PermissionService;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.stereotype.Service;
+
+import java.util.List;
+
+@Service
+@Slf4j
+public class PermissionServiceImpl extends ServiceImpl<TblPermissionMapper, TblPermission> implements PermissionService {
+
+
+    @Override
+    public List<TblPermission> findAvailableByIds(List<Long> permIds) {
+        LambdaQueryWrapper<TblPermission> queryWrapper = new LambdaQueryWrapper<>();
+        queryWrapper.in(TblPermission::getPermId, permIds);
+        queryWrapper.eq(TblPermission::getIsDeleted, BasePO.DeleteFlag.NOT_DELETED);
+        return this.baseMapper.selectList(queryWrapper);
+    }
+}

portal-service-infrastructure/src/main/java/com/hfln/portal/infrastructure/service/impl/RoleMenuServiceImpl.java

@@ -0,0 +1,15 @@
+package com.hfln.portal.infrastructure.service.impl;
+
+import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
+import com.hfln.portal.infrastructure.mapper.TblRoleMenuMapper;
+import com.hfln.portal.infrastructure.po.TblRoleMenu;
+import com.hfln.portal.infrastructure.service.RoleMenuService;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.stereotype.Service;
+
+@Service
+@Slf4j
+public class RoleMenuServiceImpl extends ServiceImpl<TblRoleMenuMapper, TblRoleMenu> implements RoleMenuService {
+
+
+}

portal-service-infrastructure/src/main/java/com/hfln/portal/infrastructure/service/impl/RolePermissionServiceImpl.java

@@ -0,0 +1,26 @@
+package com.hfln.portal.infrastructure.service.impl;
+
+import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
+import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
+import com.hfln.portal.infrastructure.mapper.TblRolePermissionMapper;
+import com.hfln.portal.infrastructure.po.BasePO;
+import com.hfln.portal.infrastructure.po.TblRolePermission;
+import com.hfln.portal.infrastructure.service.RolePermissionService;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.stereotype.Service;
+
+import java.util.List;
+
+@Service
+@Slf4j
+public class RolePermissionServiceImpl extends ServiceImpl<TblRolePermissionMapper, TblRolePermission> implements RolePermissionService {
+
+
+    @Override
+    public List<TblRolePermission> findByRoleIds(List<Long> roleIds) {
+        LambdaQueryWrapper<TblRolePermission> queryWrapper = new LambdaQueryWrapper<>();
+        queryWrapper.in(TblRolePermission::getRoleId, roleIds);
+        queryWrapper.eq(TblRolePermission::getIsDeleted, BasePO.DeleteFlag.NOT_DELETED);
+        return this.baseMapper.selectList(queryWrapper);
+    }
+}

portal-service-infrastructure/src/main/java/com/hfln/portal/infrastructure/service/impl/RoleServiceImpl.java

@@ -0,0 +1,26 @@
+package com.hfln.portal.infrastructure.service.impl;
+
+import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
+import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
+import com.hfln.portal.infrastructure.mapper.TblRoleMapper;
+import com.hfln.portal.infrastructure.po.BasePO;
+import com.hfln.portal.infrastructure.po.TblRole;
+import com.hfln.portal.infrastructure.service.RoleService;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.stereotype.Service;
+
+import java.util.List;
+
+@Service
+@Slf4j
+public class RoleServiceImpl extends ServiceImpl<TblRoleMapper, TblRole> implements RoleService {
+
+
+    @Override
+    public List<TblRole> findAvailableByIds(List<Long> roleIds) {
+        LambdaQueryWrapper<TblRole> queryWrapper = new LambdaQueryWrapper<>();
+        queryWrapper.in(TblRole::getRoleId, roleIds);
+        queryWrapper.eq(TblRole::getIsDeleted, BasePO.DeleteFlag.NOT_DELETED);
+        return this.baseMapper.selectList(queryWrapper);
+    }
+}

portal-service-infrastructure/src/main/java/com/hfln/portal/infrastructure/service/impl/UserRoleServiceImpl.java

@@ -0,0 +1,27 @@
+package com.hfln.portal.infrastructure.service.impl;
+
+import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
+import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
+import com.hfln.portal.infrastructure.mapper.TblUserRoleMapper;
+import com.hfln.portal.infrastructure.po.BasePO;
+import com.hfln.portal.infrastructure.po.TblUserRole;
+import com.hfln.portal.infrastructure.service.UserRoleService;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.stereotype.Service;
+
+import java.util.List;
+
+@Service
+@Slf4j
+public class UserRoleServiceImpl extends ServiceImpl<TblUserRoleMapper, TblUserRole> implements UserRoleService {
+
+
+    @Override
+    public List<TblUserRole> findByUserId(long loginId) {
+
+        LambdaQueryWrapper<TblUserRole> queryWrapper = new LambdaQueryWrapper<>();
+        queryWrapper.eq(TblUserRole::getUserId, loginId);
+        queryWrapper.eq(TblUserRole::getIsDeleted, BasePO.DeleteFlag.NOT_DELETED);
+        return this.baseMapper.selectList(queryWrapper);
+    }
+}

portal-service-infrastructure/src/main/java/com/hfln/portal/infrastructure/service/impl/UserServiceImpl.java

@@ -10,7 +10,6 @@ import com.hfln.portal.infrastructure.service.UserService;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.stereotype.Service;
 
-import java.util.List;
 import java.util.Objects;
 
 @Service
@@ -26,7 +25,7 @@ public class UserServiceImpl extends ServiceImpl<UserInfoMapper, UserInfo> imple
     public Boolean checkAvailableOpenId(String openId) {
         LambdaQueryWrapper<UserInfo> queryWrapper = new LambdaQueryWrapper<>();
         queryWrapper.eq(UserInfo::getOpenid, openId);
-        queryWrapper.eq(UserInfo::getIsDeleted, 0);
+        queryWrapper.eq(UserInfo::getIsDeleted, BasePO.DeleteFlag.NOT_DELETED);
         return this.count(queryWrapper) > 0;
     }
 
@@ -34,7 +33,7 @@ public class UserServiceImpl extends ServiceImpl<UserInfoMapper, UserInfo> imple
     public UserInfo checkUserByPassword(String phone, String password) {
         LambdaQueryWrapper<UserInfo> queryWrapper = new LambdaQueryWrapper<>();
         queryWrapper.eq(UserInfo::getPhone, phone);
-        queryWrapper.eq(UserInfo::getIsDeleted, 0);
+        queryWrapper.eq(UserInfo::getIsDeleted, BasePO.DeleteFlag.NOT_DELETED);
         UserInfo userInfo = this.baseMapper.selectOne(queryWrapper);
         if (Objects.nonNull(password)) {
             if (PasswordUtil.matches(password, userInfo.getPassword())){
@@ -45,17 +44,28 @@ public class UserServiceImpl extends ServiceImpl<UserInfoMapper, UserInfo> imple
     }
 
     @Override
-    public List<UserInfo> queryByPhone(String sharedPhone) {
+    public UserInfo queryByPhone(String phone) {
         LambdaQueryWrapper<UserInfo> queryWrapper = new LambdaQueryWrapper<>();
-        queryWrapper.eq(UserInfo::getPhone, sharedPhone);
+        queryWrapper.eq(UserInfo::getPhone, phone);
         queryWrapper.eq(UserInfo::getIsDeleted, BasePO.DeleteFlag.NOT_DELETED);
-        return this.baseMapper.selectList(queryWrapper);
+        return this.baseMapper.selectOne(queryWrapper);
+    }
+
+    @Override
+    public UserInfo queryByOpenId(String openId) {
+        LambdaQueryWrapper<UserInfo> queryWrapper = new LambdaQueryWrapper<>();
+        queryWrapper.eq(UserInfo::getOpenid, openId);
+        queryWrapper.eq(UserInfo::getIsDeleted, BasePO.DeleteFlag.NOT_DELETED);
+        return this.baseMapper.selectOne(queryWrapper);
     }
 
     @Override
     public UserInfo queryById(Long userId) {
 
-        return this.baseMapper.selectById(userId);
+        LambdaQueryWrapper<UserInfo> queryWrapper = new LambdaQueryWrapper<>();
+        queryWrapper.eq(UserInfo::getUserId, userId);
+        queryWrapper.eq(UserInfo::getIsDeleted, BasePO.DeleteFlag.NOT_DELETED);
+        return this.baseMapper.selectById(queryWrapper);
     }
 
 

portal-service-server/src/main/resources/bootstrap-local.yml

@@ -80,7 +80,7 @@ sa-token:
   # token 最低活跃频率（单位：秒），如果 token 超过此时间没有访问系统就会被冻结，默认-1 代表不限制，永不冻结
   active-timeout: -1
   # 是否允许同一账号多地同时登录 （为 true 时允许一起登录, 为 false 时新登录挤掉旧登录）
-  is-concurrent: true
+  is-concurrent: false
   # 在多人登录同一账号时，是否共用一个 token （为 true 时所有登录共用一个 token, 为 false 时每次登录新建一个 token）
   is-share: false
   # token 风格（默认可取值：uuid、simple-uuid、random-32、random-64、random-128、tik）

portal-service-server/src/main/resources/bootstrap.yml

@@ -29,4 +29,9 @@ mybatis-plus:
     db-config:
       logic-delete-field: del_flag
       logic-delete-value: 1
-      logic-not-delete-value: 0
+      logic-not-delete-value: 0
+
+sa-token:
+  config:
+    ignoreUrls:
+      - /wap/user/**