front-api interceptor opt;

12a4274d · wuwenlong · 932d41f0 · 12a4274d · 12a4274d · 12a4274d
Commit 12a4274d authored Nov 09, 2023 by wuwenlong
42 changed files
--- a/share-admin/src/main/resources/application-dev.yml
+++ b/share-admin/src/main/resources/application-dev.yml
@@ -21,7 +21,7 @@ server:
  port: 8882
  servlet:
    # 应用的访问路径
-    context-path: /
+    context-path: /prod-api
  tomcat:
    # tomcat的URI编码
    uri-encoding: UTF-8

--- a/share-admin/src/main/resources/application-prod.yml
+++ b/share-admin/src/main/resources/application-prod.yml
@@ -21,7 +21,7 @@ server:
  port: 8882
  servlet:
    # 应用的访问路径
-    context-path: /
+    context-path: /prod-api
  tomcat:
    # tomcat的URI编码
    uri-encoding: UTF-8

--- a/share-admin/src/main/resources/application-test.yml
+++ b/share-admin/src/main/resources/application-test.yml
@@ -21,7 +21,7 @@ server:
  port: 8882
  servlet:
    # 应用的访问路径
-    context-path: /
+    context-path: /prod-api
  tomcat:
    # tomcat的URI编码
    uri-encoding: UTF-8
@@ -130,6 +130,13 @@ spring:
        max-active: 8
        # #连接池最大阻塞等待时间（使用负值表示没有限制）
        max-wait: -1ms
+  mqtt:
+    url: "tcp://47.99.53.236:1883"
+    clientId: "coujiao_sub"
+    username: "coujiaomqtt"
+    password: "Mqtt@2023cj"
+    defaultTopic: "ydlink/#"
+    completion-timeout: 15000

 # token配置
 token:

--- a/share-admin/src/main/resources/logback.xml
+++ b/share-admin/src/main/resources/logback.xml
 <?xml version="1.0" encoding="UTF-8"?>
 <configuration>
    <!-- 日志存放路径 -->
-	<property name="log.path" value="/Users/liwenjun/logs/share" />
+    <property name="log.path" value="/home/gxpt/logs" />
    <!-- 日志输出格式 -->
 	<property name="log.pattern" value="%d{HH:mm:ss.SSS} [%thread] %-5level %logger{20} - [%method,%line] - %msg%n" />


--- a/share-framework/src/main/java/share/framework/config/SecurityConfig.java
+++ b/share-framework/src/main/java/share/framework/config/SecurityConfig.java
@@ -115,7 +115,6 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter
                // 静态资源，可匿名访问
                .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll()
                .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll()
-                .antMatchers("/front/**").permitAll()
                // 除上面外的所有请求全部需要鉴权认证
                .anyRequest().authenticated()
                .and()

--- a/share-front/src/main/java/share/FrontApplication.java
+++ b/share-front/src/main/java/share/FrontApplication.java
@@ -3,12 +3,19 @@ package share;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration;
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.FilterType;

 /**
 * 启动程序
 * 
 * @author ruoyi
 */
+@ComponentScan(excludeFilters = {
+        @ComponentScan.Filter(type = FilterType.ASSIGNABLE_TYPE,classes = {
+                share.framework.config.SecurityConfig.class,
+                })
+})
 @SpringBootApplication(exclude = { DataSourceAutoConfiguration.class })
 public class FrontApplication
 {

--- a/share-front/src/main/java/share/web/controller/monitor/CacheController.java
+++ b/share-front/src/main/java/share/web/controller/monitor/CacheController.java
@@ -44,7 +44,6 @@ public class CacheController
        caches.add(new SysCache(CacheConstants.PWD_ERR_CNT_KEY, "密码错误次数"));
    }

-    @PreAuthorize("@ss.hasPermi('monitor:cache:list')")
    @GetMapping()
    public AjaxResult getInfo() throws Exception
    {
@@ -68,14 +67,12 @@ public class CacheController
        return AjaxResult.success(result);
    }

-    @PreAuthorize("@ss.hasPermi('monitor:cache:list')")
    @GetMapping("/getNames")
    public AjaxResult cache()
    {
        return AjaxResult.success(caches);
    }

-    @PreAuthorize("@ss.hasPermi('monitor:cache:list')")
    @GetMapping("/getKeys/{cacheName}")
    public AjaxResult getCacheKeys(@PathVariable String cacheName)
    {
@@ -83,7 +80,6 @@ public class CacheController
        return AjaxResult.success(cacheKeys);
    }

-    @PreAuthorize("@ss.hasPermi('monitor:cache:list')")
    @GetMapping("/getValue/{cacheName}/{cacheKey}")
    public AjaxResult getCacheValue(@PathVariable String cacheName, @PathVariable String cacheKey)
    {
@@ -92,7 +88,6 @@ public class CacheController
        return AjaxResult.success(sysCache);
    }

-    @PreAuthorize("@ss.hasPermi('monitor:cache:list')")
    @DeleteMapping("/clearCacheName/{cacheName}")
    public AjaxResult clearCacheName(@PathVariable String cacheName)
    {
@@ -101,7 +96,6 @@ public class CacheController
        return AjaxResult.success();
    }

-    @PreAuthorize("@ss.hasPermi('monitor:cache:list')")
    @DeleteMapping("/clearCacheKey/{cacheKey}")
    public AjaxResult clearCacheKey(@PathVariable String cacheKey)
    {
@@ -109,7 +103,6 @@ public class CacheController
        return AjaxResult.success();
    }

-    @PreAuthorize("@ss.hasPermi('monitor:cache:list')")
    @DeleteMapping("/clearCacheAll")
    public AjaxResult clearCacheAll()
    {

--- a/share-front/src/main/java/share/web/controller/monitor/ServerController.java
+++ b/share-front/src/main/java/share/web/controller/monitor/ServerController.java
@@ -16,7 +16,6 @@ import share.framework.web.domain.Server;
 @RequestMapping("/monitor/server")
 public class ServerController
 {
-    @PreAuthorize("@ss.hasPermi('monitor:server:list')")
    @GetMapping()
    public AjaxResult getInfo() throws Exception
    {

--- a/share-front/src/main/java/share/web/controller/monitor/SysLogininforController.java
+++ b/share-front/src/main/java/share/web/controller/monitor/SysLogininforController.java
@@ -35,7 +35,6 @@ public class SysLogininforController extends BaseController
    @Autowired
    private SysPasswordService passwordService;

-    @PreAuthorize("@ss.hasPermi('monitor:logininfor:list')")
    @GetMapping("/list")
    public TableDataInfo list(SysLogininfor logininfor)
    {
@@ -44,8 +43,7 @@ public class SysLogininforController extends BaseController
        return getDataTable(list);
    }

-    @Log(title = "登录日志", businessType = BusinessType.EXPORT)
-    @PreAuthorize("@ss.hasPermi('monitor:logininfor:export')")
+    //@Log(title = "登录日志", businessType = BusinessType.EXPORT)
    @PostMapping("/export")
    public void export(HttpServletResponse response, SysLogininfor logininfor)
    {
@@ -54,16 +52,14 @@ public class SysLogininforController extends BaseController
        util.exportExcel(response, list, "登录日志");
    }

-    @PreAuthorize("@ss.hasPermi('monitor:logininfor:remove')")
-    @Log(title = "登录日志", businessType = BusinessType.DELETE)
+    //@Log(title = "登录日志", businessType = BusinessType.DELETE)
    @DeleteMapping("/{infoIds}")
    public AjaxResult remove(@PathVariable Long[] infoIds)
    {
        return toAjax(logininforService.deleteLogininforByIds(infoIds));
    }

-    @PreAuthorize("@ss.hasPermi('monitor:logininfor:remove')")
-    @Log(title = "登录日志", businessType = BusinessType.CLEAN)
+    //@Log(title = "登录日志", businessType = BusinessType.CLEAN)
    @DeleteMapping("/clean")
    public AjaxResult clean()
    {
@@ -71,8 +67,7 @@ public class SysLogininforController extends BaseController
        return success();
    }

-    @PreAuthorize("@ss.hasPermi('monitor:logininfor:unlock')")
-    @Log(title = "账户解锁", businessType = BusinessType.OTHER)
+    //@Log(title = "账户解锁", businessType = BusinessType.OTHER)
    @GetMapping("/unlock/{userName}")
    public AjaxResult unlock(@PathVariable("userName") String userName)
    {

--- a/share-front/src/main/java/share/web/controller/monitor/SysOperlogController.java
+++ b/share-front/src/main/java/share/web/controller/monitor/SysOperlogController.java
@@ -31,7 +31,6 @@ public class SysOperlogController extends BaseController
    @Autowired
    private ISysOperLogService operLogService;

-    @PreAuthorize("@ss.hasPermi('monitor:operlog:list')")
    @GetMapping("/list")
    public TableDataInfo list(SysOperLog operLog)
    {
@@ -40,8 +39,7 @@ public class SysOperlogController extends BaseController
        return getDataTable(list);
    }

-    @Log(title = "操作日志", businessType = BusinessType.EXPORT)
-    @PreAuthorize("@ss.hasPermi('monitor:operlog:export')")
+    //@Log(title = "操作日志", businessType = BusinessType.EXPORT)
    @PostMapping("/export")
    public void export(HttpServletResponse response, SysOperLog operLog)
    {
@@ -50,16 +48,14 @@ public class SysOperlogController extends BaseController
        util.exportExcel(response, list, "操作日志");
    }

-    @Log(title = "操作日志", businessType = BusinessType.DELETE)
-    @PreAuthorize("@ss.hasPermi('monitor:operlog:remove')")
+    //@Log(title = "操作日志", businessType = BusinessType.DELETE)
    @DeleteMapping("/{operIds}")
    public AjaxResult remove(@PathVariable Long[] operIds)
    {
        return toAjax(operLogService.deleteOperLogByIds(operIds));
    }

-    @Log(title = "操作日志", businessType = BusinessType.CLEAN)
-    @PreAuthorize("@ss.hasPermi('monitor:operlog:remove')")
+    //@Log(title = "操作日志", businessType = BusinessType.CLEAN)
    @DeleteMapping("/clean")
    public AjaxResult clean()
    {

--- a/share-front/src/main/java/share/web/controller/monitor/SysUserOnlineController.java
+++ b/share-front/src/main/java/share/web/controller/monitor/SysUserOnlineController.java
@@ -38,7 +38,6 @@ public class SysUserOnlineController extends BaseController
    @Autowired
    private RedisCache redisCache;

-    @PreAuthorize("@ss.hasPermi('monitor:online:list')")
    @GetMapping("/list")
    public TableDataInfo list(String ipaddr, String userName)
    {
@@ -72,8 +71,7 @@ public class SysUserOnlineController extends BaseController
    /**
     * 强退用户
     */
-    @PreAuthorize("@ss.hasPermi('monitor:online:forceLogout')")
-    @Log(title = "在线用户", businessType = BusinessType.FORCE)
+    //@Log(title = "在线用户", businessType = BusinessType.FORCE)
    @DeleteMapping("/{tokenId}")
    public AjaxResult forceLogout(@PathVariable String tokenId)
    {

--- a/share-front/src/main/java/share/web/controller/system/LoginController.java
+++ b/share-front/src/main/java/share/web/controller/system/LoginController.java
@@ -26,7 +26,7 @@ import javax.servlet.http.HttpServletRequest;
 */
 @Slf4j
 @RestController
-@RequestMapping("/front/login")
+@RequestMapping("/login")
 @Api(tags = "用户 -- 登录注册")
 public class LoginController {


--- a/share-front/src/main/java/share/web/controller/system/MTController.java
+++ b/share-front/src/main/java/share/web/controller/system/MTController.java
@@ -9,34 +9,34 @@ import share.common.annotation.Log;
 import share.system.service.MTService;

 @RestController
-@RequestMapping("/front/certificate")
+@RequestMapping("/certificate")
 @Api(tags = "首页-验券")
 public class MTController {
    @Autowired
    private MTService mtService;

    @GetMapping("/verificationVouchers")
-    @Log(title = "执行验券")
+    //@Log(title = "执行验券")
    public String verificationVouchers(String code, int num){
        return mtService.verificationVouchers(code, num).getMsg();
    }

    @GetMapping("/revoke")
-    @Log(title = "撤销验券")
+    //@Log(title = "撤销验券")
    public String revoke(String ERPId ,String ERPName ,String couponCode){
        return mtService.revoke(ERPId, ERPName, couponCode).getMsg();
    }


    @GetMapping("/preparation")
-    @Log(title = "验券准备")
+    //@Log(title = "验券准备")
    public String preparation(String code){
        return mtService.preparation(code).getMsg();
    }


    @GetMapping("/consume")
-    @Log(title = "已验券码查询")
+    //@Log(title = "已验券码查询")
    public String verified(String code){
       return mtService.verified(code).getMsg();
    }

--- a/share-front/src/main/java/share/web/controller/system/PackController.java
+++ b/share-front/src/main/java/share/web/controller/system/PackController.java
@@ -22,7 +22,7 @@ import java.util.List;
 * @date 2023-10-31
 */
 @RestController
-@RequestMapping("/front/pack")
+@RequestMapping("/pack")
 public class PackController extends BaseController {
    @Autowired
    private IPackService packService;

--- a/share-front/src/main/java/share/web/controller/system/QPController.java
+++ b/share-front/src/main/java/share/web/controller/system/QPController.java
@@ -13,7 +13,7 @@ import share.system.service.QPService;
 import java.util.List;

 @RestController
-@RequestMapping("/front/chessCards")
+@RequestMapping("/chessCards")
 @Api(tags = "首页-验券")
 public class QPController {
    @Autowired

--- a/share-front/src/main/java/share/web/controller/system/RoomPackController.java
+++ b/share-front/src/main/java/share/web/controller/system/RoomPackController.java
@@ -37,7 +37,6 @@ public class RoomPackController extends BaseController {
    /**
     * 查询包房套餐关系列表
     */
-    @PreAuthorize("@ss.hasPermi('system:pack:list')")
    @GetMapping("/list")
    public TableDataInfo list(SRoomPack SRoomPack) {
        startPage();
@@ -48,8 +47,7 @@ public class RoomPackController extends BaseController {
    /**
     * 导出包房套餐关系列表
     */
-    @PreAuthorize("@ss.hasPermi('system:pack:export')")
-    @Log(title = "包房套餐关系", businessType = BusinessType.EXPORT)
+    //@Log(title = "包房套餐关系", businessType = BusinessType.EXPORT)
    @PostMapping("/export")
    public void export(HttpServletResponse response, SRoomPack SRoomPack) {
        List<SRoomPack> list = roomPackService.selectRoomPackList(SRoomPack);
@@ -60,7 +58,6 @@ public class RoomPackController extends BaseController {
    /**
     * 获取包房套餐关系详细信息
     */
-    @PreAuthorize("@ss.hasPermi('system:pack:query')")
    @GetMapping(value = "/{id}")
    public AjaxResult getInfo(@PathVariable("id") Long id) {
        return success(roomPackService.selectRoomPackById(id));
@@ -69,8 +66,7 @@ public class RoomPackController extends BaseController {
    /**
     * 新增包房套餐关系
     */
-    @PreAuthorize("@ss.hasPermi('system:pack:add')")
-    @Log(title = "包房套餐关系", businessType = BusinessType.INSERT)
+    //@Log(title = "包房套餐关系", businessType = BusinessType.INSERT)
    @PostMapping
    public AjaxResult add(@RequestBody SRoomPack SRoomPack) {
        return toAjax(roomPackService.insertRoomPack(SRoomPack));
@@ -79,8 +75,7 @@ public class RoomPackController extends BaseController {
    /**
     * 修改包房套餐关系
     */
-    @PreAuthorize("@ss.hasPermi('system:pack:edit')")
-    @Log(title = "包房套餐关系", businessType = BusinessType.UPDATE)
+    //@Log(title = "包房套餐关系", businessType = BusinessType.UPDATE)
    @PutMapping
    public AjaxResult edit(@RequestBody SRoomPack SRoomPack) {
        return toAjax(roomPackService.updateRoomPack(SRoomPack));
@@ -89,8 +84,7 @@ public class RoomPackController extends BaseController {
    /**
     * 删除包房套餐关系
     */
-    @PreAuthorize("@ss.hasPermi('system:pack:remove')")
-    @Log(title = "包房套餐关系", businessType = BusinessType.DELETE)
+    //@Log(title = "包房套餐关系", businessType = BusinessType.DELETE)
    @DeleteMapping("/{ids}")
    public AjaxResult remove(@PathVariable Long[] ids) {
        return toAjax(roomPackService.deleteRoomPackByIds(ids));

--- a/share-front/src/main/java/share/web/controller/system/SCleanRecordsController.java
+++ b/share-front/src/main/java/share/web/controller/system/SCleanRecordsController.java
@@ -30,7 +30,7 @@ import share.common.core.page.TableDataInfo;
 * @date 2023-09-28
 */
 @RestController
-@RequestMapping("/front/cleanRecords")
+@RequestMapping("/cleanRecords")
 public class SCleanRecordsController extends BaseController
 {
    @Autowired
@@ -81,7 +81,7 @@ public class SCleanRecordsController extends BaseController
    /**
     * 开始保洁
     */
-    @Log(title = "开始保洁", businessType = BusinessType.UPDATE)
+    //@Log(title = "开始保洁", businessType = BusinessType.UPDATE)
    @PostMapping(value = "/startClean")
    public AjaxResult startClean(@RequestBody SCleanRecords sCleanRecords)
    {
@@ -93,7 +93,7 @@ public class SCleanRecordsController extends BaseController
    /**
     * 结束保洁
     */
-    @Log(title = "结束保洁", businessType = BusinessType.UPDATE)
+    //@Log(title = "结束保洁", businessType = BusinessType.UPDATE)
    @PostMapping(value = "/endClean")
    public AjaxResult endClean(@RequestBody SCleanRecords sCleanRecords)
    {

--- a/share-front/src/main/java/share/web/controller/system/SConsumerController.java
+++ b/share-front/src/main/java/share/web/controller/system/SConsumerController.java
@@ -26,7 +26,7 @@ import share.common.core.page.TableDataInfo;
 * @date 2023-09-27
 */
 @RestController
-@RequestMapping("/front/consumer")
+@RequestMapping("/consumer")
 @Api(tags = "微信 -- 用户信息")
 public class SConsumerController extends BaseController
 {

--- a/share-front/src/main/java/share/web/controller/system/SConsumerCouponController.java
+++ b/share-front/src/main/java/share/web/controller/system/SConsumerCouponController.java
@@ -25,7 +25,7 @@ import java.util.List;
 * @date 2023-10-12
 */
 @RestController
-@RequestMapping("/front/consumerCoupon")
+@RequestMapping("/consumerCoupon")
 @Api(tags = "优惠券")
 public class SConsumerCouponController extends BaseController {
    @Autowired

--- a/share-front/src/main/java/share/web/controller/system/SConsumptionRecordsController.java
+++ b/share-front/src/main/java/share/web/controller/system/SConsumptionRecordsController.java
@@ -28,7 +28,7 @@ import share.common.core.page.TableDataInfo;
 * @date 2023-09-27
 */
 @RestController
-@RequestMapping("/front/records")
+@RequestMapping("/records")
 public class SConsumptionRecordsController extends BaseController
 {
    @Autowired
@@ -49,8 +49,7 @@ public class SConsumptionRecordsController extends BaseController
    /**
     * 导出消费记录列表
     */
-    @PreAuthorize("@ss.hasPermi('system:records:export')")
-    @Log(title = "消费记录", businessType = BusinessType.EXPORT)
+    //@Log(title = "消费记录", businessType = BusinessType.EXPORT)
    @PostMapping("/export")
    public void export(HttpServletResponse response, SConsumptionRecords sConsumptionRecords)
    {
@@ -62,7 +61,6 @@ public class SConsumptionRecordsController extends BaseController
    /**
     * 获取消费记录详细信息
     */
-    @PreAuthorize("@ss.hasPermi('system:records:query')")
    @GetMapping(value = "/{id}")
    public AjaxResult getInfo(@PathVariable("id") Long id)
    {
@@ -72,8 +70,7 @@ public class SConsumptionRecordsController extends BaseController
    /**
     * 新增消费记录
     */
-    @PreAuthorize("@ss.hasPermi('system:records:add')")
-    @Log(title = "消费记录", businessType = BusinessType.INSERT)
+    //@Log(title = "消费记录", businessType = BusinessType.INSERT)
    @PostMapping
    public AjaxResult add(@RequestBody SConsumptionRecords sConsumptionRecords)
    {
@@ -83,8 +80,7 @@ public class SConsumptionRecordsController extends BaseController
    /**
     * 修改消费记录
     */
-    @PreAuthorize("@ss.hasPermi('system:records:edit')")
-    @Log(title = "消费记录", businessType = BusinessType.UPDATE)
+    //@Log(title = "消费记录", businessType = BusinessType.UPDATE)
    @PutMapping
    public AjaxResult edit(@RequestBody SConsumptionRecords sConsumptionRecords)
    {
@@ -94,8 +90,7 @@ public class SConsumptionRecordsController extends BaseController
    /**
     * 删除消费记录
     */
-    @PreAuthorize("@ss.hasPermi('system:records:remove')")
-    @Log(title = "消费记录", businessType = BusinessType.DELETE)
+    //@Log(title = "消费记录", businessType = BusinessType.DELETE)
 	@DeleteMapping("/{ids}")
    public AjaxResult remove(@PathVariable Long[] ids)
    {

--- a/share-front/src/main/java/share/web/controller/system/SCouponController.java
+++ b/share-front/src/main/java/share/web/controller/system/SCouponController.java
@@ -32,7 +32,7 @@ import share.common.core.page.TableDataInfo;
 * @date 2023-09-27
 */
 @RestController
-@RequestMapping("/front/coupon")
+@RequestMapping("/coupon")
 public class SCouponController extends BaseController
 {
    @Autowired
@@ -41,7 +41,6 @@ public class SCouponController extends BaseController
    /**
     * 查询优惠券列表
     */
-    @PreAuthorize("@ss.hasPermi('system:coupon:list')")
    @GetMapping("/list")
    public TableDataInfo list(SCoupon sCoupon)
    {
@@ -53,8 +52,7 @@ public class SCouponController extends BaseController
    /**
     * 导出优惠券列表
     */
-    @PreAuthorize("@ss.hasPermi('system:coupon:export')")
-    @Log(title = "优惠券", businessType = BusinessType.EXPORT)
+    //@Log(title = "优惠券", businessType = BusinessType.EXPORT)
    @PostMapping("/export")
    public void export(HttpServletResponse response, SCoupon sCoupon)
    {
@@ -66,7 +64,6 @@ public class SCouponController extends BaseController
    /**
     * 获取优惠券详细信息
     */
-    @PreAuthorize("@ss.hasPermi('system:coupon:query')")
    @GetMapping(value = "/{id}")
    public AjaxResult getInfo(@PathVariable("id") Long id)
    {
@@ -76,8 +73,7 @@ public class SCouponController extends BaseController
    /**
     * 新增优惠券
     */
-    @PreAuthorize("@ss.hasPermi('system:coupon:add')")
-    @Log(title = "优惠券", businessType = BusinessType.INSERT)
+    //@Log(title = "优惠券", businessType = BusinessType.INSERT)
    @PostMapping
    public AjaxResult add(@RequestBody SCoupon sCoupon)
    {
@@ -93,8 +89,7 @@ public class SCouponController extends BaseController
    /**
     * 修改优惠券
     */
-    @PreAuthorize("@ss.hasPermi('system:coupon:edit')")
-    @Log(title = "优惠券", businessType = BusinessType.UPDATE)
+    //@Log(title = "优惠券", businessType = BusinessType.UPDATE)
    @PutMapping
    public AjaxResult edit(@RequestBody SCoupon sCoupon)
    {
@@ -104,8 +99,7 @@ public class SCouponController extends BaseController
    /**
     * 删除优惠券
     */
-    @PreAuthorize("@ss.hasPermi('system:coupon:remove')")
-    @Log(title = "优惠券", businessType = BusinessType.DELETE)
+    //@Log(title = "优惠券", businessType = BusinessType.DELETE)
 	@DeleteMapping("/{ids}")
    public AjaxResult remove(@PathVariable Long[] ids)
    {

--- a/share-front/src/main/java/share/web/controller/system/SOrderController.java
+++ b/share-front/src/main/java/share/web/controller/system/SOrderController.java
@@ -31,7 +31,7 @@ import javax.validation.constraints.NotBlank;
 */
 @Slf4j
 @RestController
-@RequestMapping("/front/order")
+@RequestMapping("/order")
 @Api(tags = "订单")
 public class SOrderController extends BaseController
 {

--- a/share-front/src/main/java/share/web/controller/system/SRoomController.java
+++ b/share-front/src/main/java/share/web/controller/system/SRoomController.java
@@ -25,7 +25,7 @@ import share.system.service.RoomStatusService;
 * @date 2023-09-27
 */
 @RestController
-@RequestMapping("/front/room")
+@RequestMapping("/room")
 @Api(tags = "房间信息")
 public class SRoomController extends BaseController {
    @Autowired

--- a/share-front/src/main/java/share/web/controller/system/SStoreController.java
+++ b/share-front/src/main/java/share/web/controller/system/SStoreController.java
@@ -29,7 +29,7 @@ import share.system.domain.SStore;
 * @date 2023-09-27
 */
 @RestController
-@RequestMapping("/front/store")
+@RequestMapping("/store")
 @Api(tags = "门店信息")
 public class SStoreController extends BaseController
 {

--- a/share-front/src/main/java/share/web/controller/system/SysConfigController.java
+++ b/share-front/src/main/java/share/web/controller/system/SysConfigController.java
@@ -37,7 +37,6 @@ public class SysConfigController extends BaseController
    /**
     * 获取参数配置列表
     */
-    @PreAuthorize("@ss.hasPermi('system:config:list')")
    @GetMapping("/list")
    public TableDataInfo list(SysConfig config)
    {
@@ -46,8 +45,7 @@ public class SysConfigController extends BaseController
        return getDataTable(list);
    }

-    @Log(title = "参数管理", businessType = BusinessType.EXPORT)
-    @PreAuthorize("@ss.hasPermi('system:config:export')")
+    //@Log(title = "参数管理", businessType = BusinessType.EXPORT)
    @PostMapping("/export")
    public void export(HttpServletResponse response, SysConfig config)
    {
@@ -59,7 +57,6 @@ public class SysConfigController extends BaseController
    /**
     * 根据参数编号获取详细信息
     */
-    @PreAuthorize("@ss.hasPermi('system:config:query')")
    @GetMapping(value = "/{configId}")
    public AjaxResult getInfo(@PathVariable Long configId)
    {
@@ -78,8 +75,7 @@ public class SysConfigController extends BaseController
    /**
     * 新增参数配置
     */
-    @PreAuthorize("@ss.hasPermi('system:config:add')")
-    @Log(title = "参数管理", businessType = BusinessType.INSERT)
+    //@Log(title = "参数管理", businessType = BusinessType.INSERT)
    @PostMapping
    public AjaxResult add(@Validated @RequestBody SysConfig config)
    {
@@ -94,8 +90,7 @@ public class SysConfigController extends BaseController
    /**
     * 修改参数配置
     */
-    @PreAuthorize("@ss.hasPermi('system:config:edit')")
-    @Log(title = "参数管理", businessType = BusinessType.UPDATE)
+    //@Log(title = "参数管理", businessType = BusinessType.UPDATE)
    @PutMapping
    public AjaxResult edit(@Validated @RequestBody SysConfig config)
    {
@@ -110,8 +105,7 @@ public class SysConfigController extends BaseController
    /**
     * 删除参数配置
     */
-    @PreAuthorize("@ss.hasPermi('system:config:remove')")
-    @Log(title = "参数管理", businessType = BusinessType.DELETE)
+    //@Log(title = "参数管理", businessType = BusinessType.DELETE)
    @DeleteMapping("/{configIds}")
    public AjaxResult remove(@PathVariable Long[] configIds)
    {
@@ -122,8 +116,7 @@ public class SysConfigController extends BaseController
    /**
     * 刷新参数缓存
     */
-    @PreAuthorize("@ss.hasPermi('system:config:remove')")
-    @Log(title = "参数管理", businessType = BusinessType.CLEAN)
+    //@Log(title = "参数管理", businessType = BusinessType.CLEAN)
    @DeleteMapping("/refreshCache")
    public AjaxResult refreshCache()
    {

--- a/share-front/src/main/java/share/web/controller/system/SysDeptController.java
+++ b/share-front/src/main/java/share/web/controller/system/SysDeptController.java
-package share.web.controller.system;
-
-import java.util.List;
-import org.apache.commons.lang3.ArrayUtils;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
-import org.springframework.validation.annotation.Validated;
-import org.springframework.web.bind.annotation.DeleteMapping;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PathVariable;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.PutMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
-import share.common.annotation.Log;
-import share.common.constant.UserConstants;
-import share.common.core.controller.BaseController;
-import share.common.core.domain.AjaxResult;
-import share.common.core.domain.entity.SysDept;
-import share.common.enums.BusinessType;
-import share.common.utils.StringUtils;
-import share.system.service.ISysDeptService;
-
-/**
- * 部门信息
- * 
- * @author ruoyi
- */
-@RestController
-@RequestMapping("/system/dept")
-public class SysDeptController extends BaseController
-{
-    @Autowired
-    private ISysDeptService deptService;
-
-    /**
-     * 获取部门列表
-     */
-    @PreAuthorize("@ss.hasPermi('system:dept:list')")
-    @GetMapping("/list")
-    public AjaxResult list(SysDept dept)
-    {
-        List<SysDept> depts = deptService.selectDeptList(dept);
-        return success(depts);
-    }
-
-    /**
-     * 查询部门列表（排除节点）
-     */
-    @PreAuthorize("@ss.hasPermi('system:dept:list')")
-    @GetMapping("/list/exclude/{deptId}")
-    public AjaxResult excludeChild(@PathVariable(value = "deptId", required = false) Long deptId)
-    {
-        List<SysDept> depts = deptService.selectDeptList(new SysDept());
-        depts.removeIf(d -> d.getDeptId().intValue() == deptId || ArrayUtils.contains(StringUtils.split(d.getAncestors(), ","), deptId + ""));
-        return success(depts);
-    }
-
-    /**
-     * 根据部门编号获取详细信息
-     */
-    @PreAuthorize("@ss.hasPermi('system:dept:query')")
-    @GetMapping(value = "/{deptId}")
-    public AjaxResult getInfo(@PathVariable Long deptId)
-    {
-        deptService.checkDeptDataScope(deptId);
-        return success(deptService.selectDeptById(deptId));
-    }
-
-    /**
-     * 新增部门
-     */
-    @PreAuthorize("@ss.hasPermi('system:dept:add')")
-    @Log(title = "部门管理", businessType = BusinessType.INSERT)
-    @PostMapping
-    public AjaxResult add(@Validated @RequestBody SysDept dept)
-    {
-        if (!deptService.checkDeptNameUnique(dept))
-        {
-            return error("新增部门'" + dept.getDeptName() + "'失败，部门名称已存在");
-        }
-        dept.setCreateBy(getUsername());
-        return toAjax(deptService.insertDept(dept));
-    }
-
-    /**
-     * 修改部门
-     */
-    @PreAuthorize("@ss.hasPermi('system:dept:edit')")
-    @Log(title = "部门管理", businessType = BusinessType.UPDATE)
-    @PutMapping
-    public AjaxResult edit(@Validated @RequestBody SysDept dept)
-    {
-        Long deptId = dept.getDeptId();
-        deptService.checkDeptDataScope(deptId);
-        if (!deptService.checkDeptNameUnique(dept))
-        {
-            return error("修改部门'" + dept.getDeptName() + "'失败，部门名称已存在");
-        }
-        else if (dept.getParentId().equals(deptId))
-        {
-            return error("修改部门'" + dept.getDeptName() + "'失败，上级部门不能是自己");
-        }
-        else if (StringUtils.equals(UserConstants.DEPT_DISABLE, dept.getStatus()) && deptService.selectNormalChildrenDeptById(deptId) > 0)
-        {
-            return error("该部门包含未停用的子部门！");
-        }
-        dept.setUpdateBy(getUsername());
-        return toAjax(deptService.updateDept(dept));
-    }
-
-    /**
-     * 删除部门
-     */
-    @PreAuthorize("@ss.hasPermi('system:dept:remove')")
-    @Log(title = "部门管理", businessType = BusinessType.DELETE)
-    @DeleteMapping("/{deptId}")
-    public AjaxResult remove(@PathVariable Long deptId)
-    {
-        if (deptService.hasChildByDeptId(deptId))
-        {
-            return warn("存在下级部门,不允许删除");
-        }
-        if (deptService.checkDeptExistUser(deptId))
-        {
-            return warn("部门存在用户,不允许删除");
-        }
-        deptService.checkDeptDataScope(deptId);
-        return toAjax(deptService.deleteDeptById(deptId));
-    }
-}
--- a/share-front/src/main/java/share/web/controller/system/SysDictDataController.java
+++ b/share-front/src/main/java/share/web/controller/system/SysDictDataController.java
@@ -40,7 +40,6 @@ public class SysDictDataController extends BaseController
    @Autowired
    private ISysDictTypeService dictTypeService;

-    @PreAuthorize("@ss.hasPermi('system:dict:list')")
    @GetMapping("/list")
    public TableDataInfo list(SysDictData dictData)
    {
@@ -49,8 +48,7 @@ public class SysDictDataController extends BaseController
        return getDataTable(list);
    }

-    @Log(title = "字典数据", businessType = BusinessType.EXPORT)
-    @PreAuthorize("@ss.hasPermi('system:dict:export')")
+    //@Log(title = "字典数据", businessType = BusinessType.EXPORT)
    @PostMapping("/export")
    public void export(HttpServletResponse response, SysDictData dictData)
    {
@@ -62,7 +60,6 @@ public class SysDictDataController extends BaseController
    /**
     * 查询字典数据详细
     */
-    @PreAuthorize("@ss.hasPermi('system:dict:query')")
    @GetMapping(value = "/{dictCode}")
    public AjaxResult getInfo(@PathVariable Long dictCode)
    {
@@ -86,8 +83,7 @@ public class SysDictDataController extends BaseController
    /**
     * 新增字典类型
     */
-    @PreAuthorize("@ss.hasPermi('system:dict:add')")
-    @Log(title = "字典数据", businessType = BusinessType.INSERT)
+    //@Log(title = "字典数据", businessType = BusinessType.INSERT)
    @PostMapping
    public AjaxResult add(@Validated @RequestBody SysDictData dict)
    {
@@ -98,8 +94,7 @@ public class SysDictDataController extends BaseController
    /**
     * 修改保存字典类型
     */
-    @PreAuthorize("@ss.hasPermi('system:dict:edit')")
-    @Log(title = "字典数据", businessType = BusinessType.UPDATE)
+    //@Log(title = "字典数据", businessType = BusinessType.UPDATE)
    @PutMapping
    public AjaxResult edit(@Validated @RequestBody SysDictData dict)
    {
@@ -110,8 +105,7 @@ public class SysDictDataController extends BaseController
    /**
     * 删除字典类型
     */
-    @PreAuthorize("@ss.hasPermi('system:dict:remove')")
-    @Log(title = "字典类型", businessType = BusinessType.DELETE)
+    //@Log(title = "字典类型", businessType = BusinessType.DELETE)
    @DeleteMapping("/{dictCodes}")
    public AjaxResult remove(@PathVariable Long[] dictCodes)
    {

--- a/share-front/src/main/java/share/web/controller/system/SysDictTypeController.java
+++ b/share-front/src/main/java/share/web/controller/system/SysDictTypeController.java
@@ -28,13 +28,12 @@ import share.system.service.ISysDictTypeService;
 * @author ruoyi
 */
 @RestController
-@RequestMapping("/front/dict/type")
+@RequestMapping("/dict/type")
 public class SysDictTypeController extends BaseController
 {
    @Autowired
    private ISysDictTypeService dictTypeService;

-    @PreAuthorize("@ss.hasPermi('system:dict:list')")
    @GetMapping("/list")
    public TableDataInfo list(SysDictType dictType)
    {
@@ -43,8 +42,7 @@ public class SysDictTypeController extends BaseController
        return getDataTable(list);
    }

-    @Log(title = "字典类型", businessType = BusinessType.EXPORT)
-    @PreAuthorize("@ss.hasPermi('system:dict:export')")
+    //@Log(title = "字典类型", businessType = BusinessType.EXPORT)
    @PostMapping("/export")
    public void export(HttpServletResponse response, SysDictType dictType)
    {
@@ -56,7 +54,6 @@ public class SysDictTypeController extends BaseController
    /**
     * 查询字典类型详细
     */
-    @PreAuthorize("@ss.hasPermi('system:dict:query')")
    @GetMapping(value = "/{dictId}")
    public AjaxResult getInfo(@PathVariable Long dictId)
    {
@@ -66,8 +63,7 @@ public class SysDictTypeController extends BaseController
    /**
     * 新增字典类型
     */
-    @PreAuthorize("@ss.hasPermi('system:dict:add')")
-    @Log(title = "字典类型", businessType = BusinessType.INSERT)
+    //@Log(title = "字典类型", businessType = BusinessType.INSERT)
    @PostMapping
    public AjaxResult add(@Validated @RequestBody SysDictType dict)
    {
@@ -82,8 +78,7 @@ public class SysDictTypeController extends BaseController
    /**
     * 修改字典类型
     */
-    @PreAuthorize("@ss.hasPermi('system:dict:edit')")
-    @Log(title = "字典类型", businessType = BusinessType.UPDATE)
+    //@Log(title = "字典类型", businessType = BusinessType.UPDATE)
    @PutMapping
    public AjaxResult edit(@Validated @RequestBody SysDictType dict)
    {
@@ -98,8 +93,7 @@ public class SysDictTypeController extends BaseController
    /**
     * 删除字典类型
     */
-    @PreAuthorize("@ss.hasPermi('system:dict:remove')")
-    @Log(title = "字典类型", businessType = BusinessType.DELETE)
+    //@Log(title = "字典类型", businessType = BusinessType.DELETE)
    @DeleteMapping("/{dictIds}")
    public AjaxResult remove(@PathVariable Long[] dictIds)
    {
@@ -110,8 +104,7 @@ public class SysDictTypeController extends BaseController
    /**
     * 刷新字典缓存
     */
-    @PreAuthorize("@ss.hasPermi('system:dict:remove')")
-    @Log(title = "字典类型", businessType = BusinessType.CLEAN)
+    //@Log(title = "字典类型", businessType = BusinessType.CLEAN)
    @DeleteMapping("/refreshCache")
    public AjaxResult refreshCache()
    {

--- a/share-front/src/main/java/share/web/controller/system/SysMenuController.java
+++ b/share-front/src/main/java/share/web/controller/system/SysMenuController.java
-package share.web.controller.system;
-
-import java.util.List;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
-import org.springframework.validation.annotation.Validated;
-import org.springframework.web.bind.annotation.DeleteMapping;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PathVariable;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.PutMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
-import share.common.annotation.Log;
-import share.common.constant.UserConstants;
-import share.common.core.controller.BaseController;
-import share.common.core.domain.AjaxResult;
-import share.common.core.domain.entity.SysMenu;
-import share.common.enums.BusinessType;
-import share.common.utils.StringUtils;
-import share.system.service.ISysMenuService;
-
-/**
- * 菜单信息
- * 
- * @author ruoyi
- */
-@RestController
-@RequestMapping("/system/menu")
-public class SysMenuController extends BaseController
-{
-    @Autowired
-    private ISysMenuService menuService;
-
-    /**
-     * 获取菜单列表
-     */
-    @PreAuthorize("@ss.hasPermi('system:menu:list')")
-    @GetMapping("/list")
-    public AjaxResult list(SysMenu menu)
-    {
-        List<SysMenu> menus = menuService.selectMenuList(menu, getUserId());
-        return success(menus);
-    }
-
-    /**
-     * 根据菜单编号获取详细信息
-     */
-    @PreAuthorize("@ss.hasPermi('system:menu:query')")
-    @GetMapping(value = "/{menuId}")
-    public AjaxResult getInfo(@PathVariable Long menuId)
-    {
-        return success(menuService.selectMenuById(menuId));
-    }
-
-    /**
-     * 获取菜单下拉树列表
-     */
-    @GetMapping("/treeselect")
-    public AjaxResult treeselect(SysMenu menu)
-    {
-        List<SysMenu> menus = menuService.selectMenuList(menu, getUserId());
-        return success(menuService.buildMenuTreeSelect(menus));
-    }
-
-    /**
-     * 加载对应角色菜单列表树
-     */
-    @GetMapping(value = "/roleMenuTreeselect/{roleId}")
-    public AjaxResult roleMenuTreeselect(@PathVariable("roleId") Long roleId)
-    {
-        List<SysMenu> menus = menuService.selectMenuList(getUserId());
-        AjaxResult ajax = AjaxResult.success();
-        ajax.put("checkedKeys", menuService.selectMenuListByRoleId(roleId));
-        ajax.put("menus", menuService.buildMenuTreeSelect(menus));
-        return ajax;
-    }
-
-    /**
-     * 新增菜单
-     */
-    @PreAuthorize("@ss.hasPermi('system:menu:add')")
-    @Log(title = "菜单管理", businessType = BusinessType.INSERT)
-    @PostMapping
-    public AjaxResult add(@Validated @RequestBody SysMenu menu)
-    {
-        if (!menuService.checkMenuNameUnique(menu))
-        {
-            return error("新增菜单'" + menu.getMenuName() + "'失败，菜单名称已存在");
-        }
-        else if (UserConstants.YES_FRAME.equals(menu.getIsFrame()) && !StringUtils.ishttp(menu.getPath()))
-        {
-            return error("新增菜单'" + menu.getMenuName() + "'失败，地址必须以http(s)://开头");
-        }
-        menu.setCreateBy(getUsername());
-        return toAjax(menuService.insertMenu(menu));
-    }
-
-    /**
-     * 修改菜单
-     */
-    @PreAuthorize("@ss.hasPermi('system:menu:edit')")
-    @Log(title = "菜单管理", businessType = BusinessType.UPDATE)
-    @PutMapping
-    public AjaxResult edit(@Validated @RequestBody SysMenu menu)
-    {
-        if (!menuService.checkMenuNameUnique(menu))
-        {
-            return error("修改菜单'" + menu.getMenuName() + "'失败，菜单名称已存在");
-        }
-        else if (UserConstants.YES_FRAME.equals(menu.getIsFrame()) && !StringUtils.ishttp(menu.getPath()))
-        {
-            return error("修改菜单'" + menu.getMenuName() + "'失败，地址必须以http(s)://开头");
-        }
-        else if (menu.getMenuId().equals(menu.getParentId()))
-        {
-            return error("修改菜单'" + menu.getMenuName() + "'失败，上级菜单不能选择自己");
-        }
-        menu.setUpdateBy(getUsername());
-        return toAjax(menuService.updateMenu(menu));
-    }
-
-    /**
-     * 删除菜单
-     */
-    @PreAuthorize("@ss.hasPermi('system:menu:remove')")
-    @Log(title = "菜单管理", businessType = BusinessType.DELETE)
-    @DeleteMapping("/{menuId}")
-    public AjaxResult remove(@PathVariable("menuId") Long menuId)
-    {
-        if (menuService.hasChildByMenuId(menuId))
-        {
-            return warn("存在子菜单,不允许删除");
-        }
-        if (menuService.checkMenuExistRole(menuId))
-        {
-            return warn("菜单已分配,不允许删除");
-        }
-        return toAjax(menuService.deleteMenuById(menuId));
-    }
-}
\ No newline at end of file
--- a/share-front/src/main/java/share/web/controller/system/SysNoticeController.java
+++ b/share-front/src/main/java/share/web/controller/system/SysNoticeController.java
@@ -35,7 +35,6 @@ public class SysNoticeController extends BaseController
    /**
     * 获取通知公告列表
     */
-    @PreAuthorize("@ss.hasPermi('system:notice:list')")
    @GetMapping("/list")
    public TableDataInfo list(SysNotice notice)
    {
@@ -47,7 +46,6 @@ public class SysNoticeController extends BaseController
    /**
     * 根据通知公告编号获取详细信息
     */
-    @PreAuthorize("@ss.hasPermi('system:notice:query')")
    @GetMapping(value = "/{noticeId}")
    public AjaxResult getInfo(@PathVariable Long noticeId)
    {
@@ -57,8 +55,7 @@ public class SysNoticeController extends BaseController
    /**
     * 新增通知公告
     */
-    @PreAuthorize("@ss.hasPermi('system:notice:add')")
-    @Log(title = "通知公告", businessType = BusinessType.INSERT)
+    //@Log(title = "通知公告", businessType = BusinessType.INSERT)
    @PostMapping
    public AjaxResult add(@Validated @RequestBody SysNotice notice)
    {
@@ -69,8 +66,7 @@ public class SysNoticeController extends BaseController
    /**
     * 修改通知公告
     */
-    @PreAuthorize("@ss.hasPermi('system:notice:edit')")
-    @Log(title = "通知公告", businessType = BusinessType.UPDATE)
+    //@Log(title = "通知公告", businessType = BusinessType.UPDATE)
    @PutMapping
    public AjaxResult edit(@Validated @RequestBody SysNotice notice)
    {
@@ -81,8 +77,7 @@ public class SysNoticeController extends BaseController
    /**
     * 删除通知公告
     */
-    @PreAuthorize("@ss.hasPermi('system:notice:remove')")
-    @Log(title = "通知公告", businessType = BusinessType.DELETE)
+    //@Log(title = "通知公告", businessType = BusinessType.DELETE)
    @DeleteMapping("/{noticeIds}")
    public AjaxResult remove(@PathVariable Long[] noticeIds)
    {

--- a/share-front/src/main/java/share/web/controller/system/SysPostController.java
+++ b/share-front/src/main/java/share/web/controller/system/SysPostController.java
-package share.web.controller.system;
-
-import java.util.List;
-import javax.servlet.http.HttpServletResponse;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
-import org.springframework.validation.annotation.Validated;
-import org.springframework.web.bind.annotation.DeleteMapping;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PathVariable;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.PutMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
-import share.common.annotation.Log;
-import share.common.core.controller.BaseController;
-import share.common.core.domain.AjaxResult;
-import share.common.core.page.TableDataInfo;
-import share.common.enums.BusinessType;
-import share.common.utils.poi.ExcelUtil;
-import share.system.domain.SysPost;
-import share.system.service.ISysPostService;
-
-/**
- * 岗位信息操作处理
- * 
- * @author ruoyi
- */
-@RestController
-@RequestMapping("/system/post")
-public class SysPostController extends BaseController
-{
-    @Autowired
-    private ISysPostService postService;
-
-    /**
-     * 获取岗位列表
-     */
-    @PreAuthorize("@ss.hasPermi('system:post:list')")
-    @GetMapping("/list")
-    public TableDataInfo list(SysPost post)
-    {
-        startPage();
-        List<SysPost> list = postService.selectPostList(post);
-        return getDataTable(list);
-    }
-    
-    @Log(title = "岗位管理", businessType = BusinessType.EXPORT)
-    @PreAuthorize("@ss.hasPermi('system:post:export')")
-    @PostMapping("/export")
-    public void export(HttpServletResponse response, SysPost post)
-    {
-        List<SysPost> list = postService.selectPostList(post);
-        ExcelUtil<SysPost> util = new ExcelUtil<SysPost>(SysPost.class);
-        util.exportExcel(response, list, "岗位数据");
-    }
-
-    /**
-     * 根据岗位编号获取详细信息
-     */
-    @PreAuthorize("@ss.hasPermi('system:post:query')")
-    @GetMapping(value = "/{postId}")
-    public AjaxResult getInfo(@PathVariable Long postId)
-    {
-        return success(postService.selectPostById(postId));
-    }
-
-    /**
-     * 新增岗位
-     */
-    @PreAuthorize("@ss.hasPermi('system:post:add')")
-    @Log(title = "岗位管理", businessType = BusinessType.INSERT)
-    @PostMapping
-    public AjaxResult add(@Validated @RequestBody SysPost post)
-    {
-        if (!postService.checkPostNameUnique(post))
-        {
-            return error("新增岗位'" + post.getPostName() + "'失败，岗位名称已存在");
-        }
-        else if (!postService.checkPostCodeUnique(post))
-        {
-            return error("新增岗位'" + post.getPostName() + "'失败，岗位编码已存在");
-        }
-        post.setCreateBy(getUsername());
-        return toAjax(postService.insertPost(post));
-    }
-
-    /**
-     * 修改岗位
-     */
-    @PreAuthorize("@ss.hasPermi('system:post:edit')")
-    @Log(title = "岗位管理", businessType = BusinessType.UPDATE)
-    @PutMapping
-    public AjaxResult edit(@Validated @RequestBody SysPost post)
-    {
-        if (!postService.checkPostNameUnique(post))
-        {
-            return error("修改岗位'" + post.getPostName() + "'失败，岗位名称已存在");
-        }
-        else if (!postService.checkPostCodeUnique(post))
-        {
-            return error("修改岗位'" + post.getPostName() + "'失败，岗位编码已存在");
-        }
-        post.setUpdateBy(getUsername());
-        return toAjax(postService.updatePost(post));
-    }
-
-    /**
-     * 删除岗位
-     */
-    @PreAuthorize("@ss.hasPermi('system:post:remove')")
-    @Log(title = "岗位管理", businessType = BusinessType.DELETE)
-    @DeleteMapping("/{postIds}")
-    public AjaxResult remove(@PathVariable Long[] postIds)
-    {
-        return toAjax(postService.deletePostByIds(postIds));
-    }
-
-    /**
-     * 获取岗位选择框列表
-     */
-    @GetMapping("/optionselect")
-    public AjaxResult optionselect()
-    {
-        List<SysPost> posts = postService.selectPostAll();
-        return success(posts);
-    }
-}
--- a/share-front/src/main/java/share/web/controller/system/SysProfileController.java
+++ b/share-front/src/main/java/share/web/controller/system/SysProfileController.java
@@ -55,7 +55,7 @@ public class SysProfileController extends BaseController
    /**
     * 修改用户
     */
-    @Log(title = "个人信息", businessType = BusinessType.UPDATE)
+    //@Log(title = "个人信息", businessType = BusinessType.UPDATE)
    @PutMapping
    public AjaxResult updateProfile(@RequestBody SysUser user)
    {
@@ -85,7 +85,7 @@ public class SysProfileController extends BaseController
    /**
     * 重置密码
     */
-    @Log(title = "个人信息", businessType = BusinessType.UPDATE)
+    //@Log(title = "个人信息", businessType = BusinessType.UPDATE)
    @PutMapping("/updatePwd")
    public AjaxResult updatePwd(String oldPassword, String newPassword)
    {
@@ -113,7 +113,7 @@ public class SysProfileController extends BaseController
    /**
     * 头像上传
     */
-    @Log(title = "用户头像", businessType = BusinessType.UPDATE)
+    //@Log(title = "用户头像", businessType = BusinessType.UPDATE)
    @PostMapping("/avatar")
    public AjaxResult avatar(@RequestParam("avatarfile") MultipartFile file) throws Exception
    {

--- a/share-front/src/main/java/share/web/controller/system/SysRoleController.java
+++ b/share-front/src/main/java/share/web/controller/system/SysRoleController.java
-package share.web.controller.system;
-
-import java.util.List;
-import javax.servlet.http.HttpServletResponse;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
-import org.springframework.validation.annotation.Validated;
-import org.springframework.web.bind.annotation.DeleteMapping;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PathVariable;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.PutMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
-import share.common.annotation.Log;
-import share.common.core.controller.BaseController;
-import share.common.core.domain.AjaxResult;
-import share.common.core.domain.entity.SysDept;
-import share.common.core.domain.entity.SysRole;
-import share.common.core.domain.entity.SysUser;
-import share.common.core.domain.model.LoginUser;
-import share.common.core.page.TableDataInfo;
-import share.common.enums.BusinessType;
-import share.common.utils.StringUtils;
-import share.common.utils.poi.ExcelUtil;
-import share.framework.web.service.SysPermissionService;
-import share.framework.web.service.TokenService;
-import share.system.domain.SysUserRole;
-import share.system.service.ISysDeptService;
-import share.system.service.ISysRoleService;
-import share.system.service.ISysUserService;
-
-/**
- * 角色信息
- * 
- * @author ruoyi
- */
-@RestController
-@RequestMapping("/system/role")
-public class SysRoleController extends BaseController
-{
-    @Autowired
-    private ISysRoleService roleService;
-
-    @Autowired
-    private TokenService tokenService;
-
-    @Autowired
-    private SysPermissionService permissionService;
-
-    @Autowired
-    private ISysUserService userService;
-
-    @Autowired
-    private ISysDeptService deptService;
-
-    @PreAuthorize("@ss.hasPermi('system:role:list')")
-    @GetMapping("/list")
-    public TableDataInfo list(SysRole role)
-    {
-        startPage();
-        List<SysRole> list = roleService.selectRoleList(role);
-        return getDataTable(list);
-    }
-
-    @Log(title = "角色管理", businessType = BusinessType.EXPORT)
-    @PreAuthorize("@ss.hasPermi('system:role:export')")
-    @PostMapping("/export")
-    public void export(HttpServletResponse response, SysRole role)
-    {
-        List<SysRole> list = roleService.selectRoleList(role);
-        ExcelUtil<SysRole> util = new ExcelUtil<SysRole>(SysRole.class);
-        util.exportExcel(response, list, "角色数据");
-    }
-
-    /**
-     * 根据角色编号获取详细信息
-     */
-    @PreAuthorize("@ss.hasPermi('system:role:query')")
-    @GetMapping(value = "/{roleId}")
-    public AjaxResult getInfo(@PathVariable Long roleId)
-    {
-        roleService.checkRoleDataScope(roleId);
-        return success(roleService.selectRoleById(roleId));
-    }
-
-    /**
-     * 新增角色
-     */
-    @PreAuthorize("@ss.hasPermi('system:role:add')")
-    @Log(title = "角色管理", businessType = BusinessType.INSERT)
-    @PostMapping
-    public AjaxResult add(@Validated @RequestBody SysRole role)
-    {
-        if (!roleService.checkRoleNameUnique(role))
-        {
-            return error("新增角色'" + role.getRoleName() + "'失败，角色名称已存在");
-        }
-        else if (!roleService.checkRoleKeyUnique(role))
-        {
-            return error("新增角色'" + role.getRoleName() + "'失败，角色权限已存在");
-        }
-        role.setCreateBy(getUsername());
-        return toAjax(roleService.insertRole(role));
-
-    }
-
-    /**
-     * 修改保存角色
-     */
-    @PreAuthorize("@ss.hasPermi('system:role:edit')")
-    @Log(title = "角色管理", businessType = BusinessType.UPDATE)
-    @PutMapping
-    public AjaxResult edit(@Validated @RequestBody SysRole role)
-    {
-        roleService.checkRoleAllowed(role);
-        roleService.checkRoleDataScope(role.getRoleId());
-        if (!roleService.checkRoleNameUnique(role))
-        {
-            return error("修改角色'" + role.getRoleName() + "'失败，角色名称已存在");
-        }
-        else if (!roleService.checkRoleKeyUnique(role))
-        {
-            return error("修改角色'" + role.getRoleName() + "'失败，角色权限已存在");
-        }
-        role.setUpdateBy(getUsername());
-        
-        if (roleService.updateRole(role) > 0)
-        {
-            // 更新缓存用户权限
-            LoginUser loginUser = getLoginUser();
-            if (StringUtils.isNotNull(loginUser.getUser()) && !loginUser.getUser().isAdmin())
-            {
-                loginUser.setPermissions(permissionService.getMenuPermission(loginUser.getUser()));
-                loginUser.setUser(userService.selectUserByUserName(loginUser.getUser().getUserName()));
-                tokenService.setLoginUser(loginUser);
-            }
-            return success();
-        }
-        return error("修改角色'" + role.getRoleName() + "'失败，请联系管理员");
-    }
-
-    /**
-     * 修改保存数据权限
-     */
-    @PreAuthorize("@ss.hasPermi('system:role:edit')")
-    @Log(title = "角色管理", businessType = BusinessType.UPDATE)
-    @PutMapping("/dataScope")
-    public AjaxResult dataScope(@RequestBody SysRole role)
-    {
-        roleService.checkRoleAllowed(role);
-        roleService.checkRoleDataScope(role.getRoleId());
-        return toAjax(roleService.authDataScope(role));
-    }
-
-    /**
-     * 状态修改
-     */
-    @PreAuthorize("@ss.hasPermi('system:role:edit')")
-    @Log(title = "角色管理", businessType = BusinessType.UPDATE)
-    @PutMapping("/changeStatus")
-    public AjaxResult changeStatus(@RequestBody SysRole role)
-    {
-        roleService.checkRoleAllowed(role);
-        roleService.checkRoleDataScope(role.getRoleId());
-        role.setUpdateBy(getUsername());
-        return toAjax(roleService.updateRoleStatus(role));
-    }
-
-    /**
-     * 删除角色
-     */
-    @PreAuthorize("@ss.hasPermi('system:role:remove')")
-    @Log(title = "角色管理", businessType = BusinessType.DELETE)
-    @DeleteMapping("/{roleIds}")
-    public AjaxResult remove(@PathVariable Long[] roleIds)
-    {
-        return toAjax(roleService.deleteRoleByIds(roleIds));
-    }
-
-    /**
-     * 获取角色选择框列表
-     */
-    @PreAuthorize("@ss.hasPermi('system:role:query')")
-    @GetMapping("/optionselect")
-    public AjaxResult optionselect()
-    {
-        return success(roleService.selectRoleAll());
-    }
-
-    /**
-     * 查询已分配用户角色列表
-     */
-    @PreAuthorize("@ss.hasPermi('system:role:list')")
-    @GetMapping("/authUser/allocatedList")
-    public TableDataInfo allocatedList(SysUser user)
-    {
-        startPage();
-        List<SysUser> list = userService.selectAllocatedList(user);
-        return getDataTable(list);
-    }
-
-    /**
-     * 查询未分配用户角色列表
-     */
-    @PreAuthorize("@ss.hasPermi('system:role:list')")
-    @GetMapping("/authUser/unallocatedList")
-    public TableDataInfo unallocatedList(SysUser user)
-    {
-        startPage();
-        List<SysUser> list = userService.selectUnallocatedList(user);
-        return getDataTable(list);
-    }
-
-    /**
-     * 取消授权用户
-     */
-    @PreAuthorize("@ss.hasPermi('system:role:edit')")
-    @Log(title = "角色管理", businessType = BusinessType.GRANT)
-    @PutMapping("/authUser/cancel")
-    public AjaxResult cancelAuthUser(@RequestBody SysUserRole userRole)
-    {
-        return toAjax(roleService.deleteAuthUser(userRole));
-    }
-
-    /**
-     * 批量取消授权用户
-     */
-    @PreAuthorize("@ss.hasPermi('system:role:edit')")
-    @Log(title = "角色管理", businessType = BusinessType.GRANT)
-    @PutMapping("/authUser/cancelAll")
-    public AjaxResult cancelAuthUserAll(Long roleId, Long[] userIds)
-    {
-        return toAjax(roleService.deleteAuthUsers(roleId, userIds));
-    }
-
-    /**
-     * 批量选择用户授权
-     */
-    @PreAuthorize("@ss.hasPermi('system:role:edit')")
-    @Log(title = "角色管理", businessType = BusinessType.GRANT)
-    @PutMapping("/authUser/selectAll")
-    public AjaxResult selectAuthUserAll(Long roleId, Long[] userIds)
-    {
-        roleService.checkRoleDataScope(roleId);
-        return toAjax(roleService.insertAuthUsers(roleId, userIds));
-    }
-
-    /**
-     * 获取对应角色部门树列表
-     */
-    @PreAuthorize("@ss.hasPermi('system:role:query')")
-    @GetMapping(value = "/deptTree/{roleId}")
-    public AjaxResult deptTree(@PathVariable("roleId") Long roleId)
-    {
-        AjaxResult ajax = AjaxResult.success();
-        ajax.put("checkedKeys", deptService.selectDeptListByRoleId(roleId));
-        ajax.put("depts", deptService.selectDeptTreeList(new SysDept()));
-        return ajax;
-    }
-}
--- a/share-front/src/main/java/share/web/controller/system/SysUserController.java
+++ b/share-front/src/main/java/share/web/controller/system/SysUserController.java
-package share.web.controller.system;
-
-import java.util.List;
-import java.util.stream.Collectors;
-import javax.servlet.http.HttpServletResponse;
-import org.apache.commons.lang3.ArrayUtils;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
-import org.springframework.validation.annotation.Validated;
-import org.springframework.web.bind.annotation.DeleteMapping;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PathVariable;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.PutMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
-import org.springframework.web.multipart.MultipartFile;
-import share.common.annotation.Log;
-import share.common.core.controller.BaseController;
-import share.common.core.domain.AjaxResult;
-import share.common.core.domain.entity.SysDept;
-import share.common.core.domain.entity.SysRole;
-import share.common.core.domain.entity.SysUser;
-import share.common.core.page.TableDataInfo;
-import share.common.enums.BusinessType;
-import share.common.utils.SecurityUtils;
-import share.common.utils.StringUtils;
-import share.common.utils.poi.ExcelUtil;
-import share.system.service.ISysDeptService;
-import share.system.service.ISysPostService;
-import share.system.service.ISysRoleService;
-import share.system.service.ISysUserService;
-
-/**
- * 用户信息
- * 
- * @author ruoyi
- */
-@RestController
-@RequestMapping("/system/user")
-public class SysUserController extends BaseController
-{
-    @Autowired
-    private ISysUserService userService;
-
-    @Autowired
-    private ISysRoleService roleService;
-
-    @Autowired
-    private ISysDeptService deptService;
-
-    @Autowired
-    private ISysPostService postService;
-
-    /**
-     * 获取用户列表
-     */
-    @PreAuthorize("@ss.hasPermi('system:user:list')")
-    @GetMapping("/list")
-    public TableDataInfo list(SysUser user)
-    {
-        startPage();
-        List<SysUser> list = userService.selectUserList(user);
-        return getDataTable(list);
-    }
-
-    @Log(title = "用户管理", businessType = BusinessType.EXPORT)
-    @PreAuthorize("@ss.hasPermi('system:user:export')")
-    @PostMapping("/export")
-    public void export(HttpServletResponse response, SysUser user)
-    {
-        List<SysUser> list = userService.selectUserList(user);
-        ExcelUtil<SysUser> util = new ExcelUtil<SysUser>(SysUser.class);
-        util.exportExcel(response, list, "用户数据");
-    }
-
-    @Log(title = "用户管理", businessType = BusinessType.IMPORT)
-    @PreAuthorize("@ss.hasPermi('system:user:import')")
-    @PostMapping("/importData")
-    public AjaxResult importData(MultipartFile file, boolean updateSupport) throws Exception
-    {
-        ExcelUtil<SysUser> util = new ExcelUtil<SysUser>(SysUser.class);
-        List<SysUser> userList = util.importExcel(file.getInputStream());
-        String operName = getUsername();
-        String message = userService.importUser(userList, updateSupport, operName);
-        return success(message);
-    }
-
-    @PostMapping("/importTemplate")
-    public void importTemplate(HttpServletResponse response)
-    {
-        ExcelUtil<SysUser> util = new ExcelUtil<SysUser>(SysUser.class);
-        util.importTemplateExcel(response, "用户数据");
-    }
-
-    /**
-     * 根据用户编号获取详细信息
-     */
-    @PreAuthorize("@ss.hasPermi('system:user:query')")
-    @GetMapping(value = { "/", "/{userId}" })
-    public AjaxResult getInfo(@PathVariable(value = "userId", required = false) Long userId)
-    {
-        userService.checkUserDataScope(userId);
-        AjaxResult ajax = AjaxResult.success();
-        List<SysRole> roles = roleService.selectRoleAll();
-        ajax.put("roles", SysUser.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList()));
-        ajax.put("posts", postService.selectPostAll());
-        if (StringUtils.isNotNull(userId))
-        {
-            SysUser sysUser = userService.selectUserById(userId);
-            ajax.put(AjaxResult.DATA_TAG, sysUser);
-            ajax.put("postIds", postService.selectPostListByUserId(userId));
-            ajax.put("roleIds", sysUser.getRoles().stream().map(SysRole::getRoleId).collect(Collectors.toList()));
-        }
-        return ajax;
-    }
-
-    /**
-     * 新增用户
-     */
-    @PreAuthorize("@ss.hasPermi('system:user:add')")
-    @Log(title = "用户管理", businessType = BusinessType.INSERT)
-    @PostMapping
-    public AjaxResult add(@Validated @RequestBody SysUser user)
-    {
-        if (!userService.checkUserNameUnique(user))
-        {
-            return error("新增用户'" + user.getUserName() + "'失败，登录账号已存在");
-        }
-        else if (StringUtils.isNotEmpty(user.getPhonenumber()) && !userService.checkPhoneUnique(user))
-        {
-            return error("新增用户'" + user.getUserName() + "'失败，手机号码已存在");
-        }
-        else if (StringUtils.isNotEmpty(user.getEmail()) && !userService.checkEmailUnique(user))
-        {
-            return error("新增用户'" + user.getUserName() + "'失败，邮箱账号已存在");
-        }
-        user.setCreateBy(getUsername());
-        user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
-        return toAjax(userService.insertUser(user));
-    }
-
-    /**
-     * 修改用户
-     */
-    @PreAuthorize("@ss.hasPermi('system:user:edit')")
-    @Log(title = "用户管理", businessType = BusinessType.UPDATE)
-    @PutMapping
-    public AjaxResult edit(@Validated @RequestBody SysUser user)
-    {
-        userService.checkUserAllowed(user);
-        userService.checkUserDataScope(user.getUserId());
-        if (!userService.checkUserNameUnique(user))
-        {
-            return error("修改用户'" + user.getUserName() + "'失败，登录账号已存在");
-        }
-        else if (StringUtils.isNotEmpty(user.getPhonenumber()) && !userService.checkPhoneUnique(user))
-        {
-            return error("修改用户'" + user.getUserName() + "'失败，手机号码已存在");
-        }
-        else if (StringUtils.isNotEmpty(user.getEmail()) && !userService.checkEmailUnique(user))
-        {
-            return error("修改用户'" + user.getUserName() + "'失败，邮箱账号已存在");
-        }
-        user.setUpdateBy(getUsername());
-        return toAjax(userService.updateUser(user));
-    }
-
-    /**
-     * 删除用户
-     */
-    @PreAuthorize("@ss.hasPermi('system:user:remove')")
-    @Log(title = "用户管理", businessType = BusinessType.DELETE)
-    @DeleteMapping("/{userIds}")
-    public AjaxResult remove(@PathVariable Long[] userIds)
-    {
-        if (ArrayUtils.contains(userIds, getUserId()))
-        {
-            return error("当前用户不能删除");
-        }
-        return toAjax(userService.deleteUserByIds(userIds));
-    }
-
-    /**
-     * 重置密码
-     */
-    @PreAuthorize("@ss.hasPermi('system:user:resetPwd')")
-    @Log(title = "用户管理", businessType = BusinessType.UPDATE)
-    @PutMapping("/resetPwd")
-    public AjaxResult resetPwd(@RequestBody SysUser user)
-    {
-        userService.checkUserAllowed(user);
-        userService.checkUserDataScope(user.getUserId());
-        user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
-        user.setUpdateBy(getUsername());
-        return toAjax(userService.resetPwd(user));
-    }
-
-    /**
-     * 状态修改
-     */
-    @PreAuthorize("@ss.hasPermi('system:user:edit')")
-    @Log(title = "用户管理", businessType = BusinessType.UPDATE)
-    @PutMapping("/changeStatus")
-    public AjaxResult changeStatus(@RequestBody SysUser user)
-    {
-        userService.checkUserAllowed(user);
-        userService.checkUserDataScope(user.getUserId());
-        user.setUpdateBy(getUsername());
-        return toAjax(userService.updateUserStatus(user));
-    }
-
-    /**
-     * 根据用户编号获取授权角色
-     */
-    @PreAuthorize("@ss.hasPermi('system:user:query')")
-    @GetMapping("/authRole/{userId}")
-    public AjaxResult authRole(@PathVariable("userId") Long userId)
-    {
-        AjaxResult ajax = AjaxResult.success();
-        SysUser user = userService.selectUserById(userId);
-        List<SysRole> roles = roleService.selectRolesByUserId(userId);
-        ajax.put("user", user);
-        ajax.put("roles", SysUser.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList()));
-        return ajax;
-    }
-
-    /**
-     * 用户授权角色
-     */
-    @PreAuthorize("@ss.hasPermi('system:user:edit')")
-    @Log(title = "用户管理", businessType = BusinessType.GRANT)
-    @PutMapping("/authRole")
-    public AjaxResult insertAuthRole(Long userId, Long[] roleIds)
-    {
-        userService.checkUserDataScope(userId);
-        userService.insertUserAuth(userId, roleIds);
-        return success();
-    }
-
-    /**
-     * 获取部门树列表
-     */
-    @PreAuthorize("@ss.hasPermi('system:user:list')")
-    @GetMapping("/deptTree")
-    public AjaxResult deptTree(SysDept dept)
-    {
-        return success(deptService.selectDeptTreeList(dept));
-    }
-}
--- a/share-front/src/main/java/share/web/controller/system/WeChatController.java
+++ b/share-front/src/main/java/share/web/controller/system/WeChatController.java
@@ -26,7 +26,7 @@ import java.util.List;
 */
 @Slf4j
 @RestController("WeChatFrontController")
-@RequestMapping("/front/wechat")
+@RequestMapping("/wechat")
 @Api(tags = "微信 -- 开放平台")
 public class WeChatController {


--- a/share-front/src/main/java/share/web/core/config/SecurityConfig.java
+++ b/share-front/src/main/java/share/web/core/config/SecurityConfig.java
+package share.web.core.config;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.http.HttpMethod;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+import org.springframework.security.web.authentication.logout.LogoutFilter;
+import org.springframework.web.filter.CorsFilter;
+import share.framework.config.properties.PermitAllUrlProperties;
+import share.framework.security.filter.JwtAuthenticationTokenFilter;
+import share.framework.security.handle.AuthenticationEntryPointImpl;
+import share.framework.security.handle.LogoutSuccessHandlerImpl;
+
+/**
+ * spring security配置
+ * 
+ * @author ruoyi
+ */
+@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
+public class SecurityConfig extends WebSecurityConfigurerAdapter
+{
+    /**
+     * 自定义用户认证逻辑
+     */
+    @Autowired
+    private UserDetailsService userDetailsService;
+    
+    /**
+     * 认证失败处理类
+     */
+    @Autowired
+    private AuthenticationEntryPointImpl unauthorizedHandler;
+
+    /**
+     * 退出处理类
+     */
+    @Autowired
+    private LogoutSuccessHandlerImpl logoutSuccessHandler;
+
+    /**
+     * token认证过滤器
+     */
+    @Autowired
+    private JwtAuthenticationTokenFilter authenticationTokenFilter;
+    
+    /**
+     * 跨域过滤器
+     */
+    @Autowired
+    private CorsFilter corsFilter;
+
+    /**
+     * 允许匿名访问的地址
+     */
+    @Autowired
+    private PermitAllUrlProperties permitAllUrl;
+
+    /**
+     * 解决 无法直接注入 AuthenticationManager
+     *
+     * @return
+     * @throws Exception
+     */
+    @Bean
+    @Override
+    public AuthenticationManager authenticationManagerBean() throws Exception
+    {
+        return super.authenticationManagerBean();
+    }
+
+    /**
+     * anyRequest          |   匹配所有请求路径
+     * access              |   SpringEl表达式结果为true时可以访问
+     * anonymous           |   匿名可以访问
+     * denyAll             |   用户不能访问
+     * fullyAuthenticated  |   用户完全认证可以访问（非remember-me下自动登录）
+     * hasAnyAuthority     |   如果有参数，参数表示权限，则其中任何一个权限可以访问
+     * hasAnyRole          |   如果有参数，参数表示角色，则其中任何一个角色可以访问
+     * hasAuthority        |   如果有参数，参数表示权限，则其权限可以访问
+     * hasIpAddress        |   如果有参数，参数表示IP地址，如果用户IP和参数匹配，则可以访问
+     * hasRole             |   如果有参数，参数表示角色，则其角色可以访问
+     * permitAll           |   用户可以任意访问
+     * rememberMe          |   允许通过remember-me登录的用户访问
+     * authenticated       |   用户登录后可访问
+     */
+    @Override
+    protected void configure(HttpSecurity httpSecurity) throws Exception
+    {
+        // 注解标记允许匿名访问的url
+        ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry = httpSecurity.authorizeRequests();
+        permitAllUrl.getUrls().forEach(url -> registry.antMatchers(url).permitAll());
+
+        httpSecurity
+                // CSRF禁用，因为不使用session
+                .csrf().disable()
+                // 禁用HTTP响应标头
+                .headers().cacheControl().disable().and()
+                // 认证失败处理类
+                .exceptionHandling().authenticationEntryPoint(unauthorizedHandler).and()
+                // 基于token，所以不需要session
+                .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
+                // 过滤请求
+                .authorizeRequests()
+                .antMatchers("**").permitAll()
+                // 除上面外的所有请求全部需要鉴权认证
+                .anyRequest().authenticated()
+                .and()
+                .headers().frameOptions().disable();
+        // 添加Logout filter
+        httpSecurity.logout().logoutUrl("/logout").logoutSuccessHandler(logoutSuccessHandler);
+        // 添加JWT filter
+        httpSecurity.addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);
+        // 添加CORS filter
+        httpSecurity.addFilterBefore(corsFilter, JwtAuthenticationTokenFilter.class);
+        httpSecurity.addFilterBefore(corsFilter, LogoutFilter.class);
+    }
+
+    /**
+     * 强散列哈希加密实现
+     */
+    @Bean
+    public BCryptPasswordEncoder bCryptPasswordEncoder()
+    {
+        return new BCryptPasswordEncoder();
+    }
+
+    /**
+     * 身份认证接口
+     */
+    @Override
+    protected void configure(AuthenticationManagerBuilder auth) throws Exception
+    {
+        auth.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder());
+    }
+}
--- a/share-front/src/main/java/share/web/core/config/WebConfig.java
+++ b/share-front/src/main/java/share/web/core/config/WebConfig.java
@@ -4,6 +4,7 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpMethod;
 import org.springframework.web.servlet.HandlerInterceptor;
 import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@@ -23,8 +24,6 @@ public class WebConfig implements WebMvcConfigurer {
    @Autowired
    private FrontTokenComponent frontTokenComponent;

-    @Autowired
-    private AccessInterceptor accessInterceptor;

    @Bean
    public HandlerInterceptor frontTokenInterceptor(){
@@ -36,21 +35,12 @@ public class WebConfig implements WebMvcConfigurer {
        return new AccessInterceptor(frontTokenComponent);
    }

-//    @Bean
-//    public ResponseFilter responseFilter(){ return new ResponseFilter(); }
-
-//    @Value("${swagger.basic.username}")
-//    private String username;
-//    @Value("${swagger.basic.password}")
-//    private String password;
-//    @Value("${swagger.basic.check}")
-//    private Boolean check;
-
-
    @Override
    public void addInterceptors(InterceptorRegistry registry) {
        System.out.println("=====> FrontTokenComponent addInterceptors ");
        registry.addInterceptor(frontTokenInterceptor())
+                .excludePathPatterns( "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**")
+                .excludePathPatterns("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**")
                .excludePathPatterns(
                        "/doc.html",
                        "/swagger-ui/**",
@@ -61,88 +51,19 @@ public class WebConfig implements WebMvcConfigurer {
                        "/v2/api-docs",
                        "/webjars/**",
                        "/favicon.ico",
-                        "/front/wechat/**",
-                        "/front/login/sendCode",
-                        "/front/login/login/mobile",
-                        "/front/login/login",
-                        "/front/store/list",
-                        "/front/store/listVo",
-                        "/front/store//\\d+/",
-                        "/front/room/list",
-                        "/front/room/info",
-                        "/front/room/roomStatus",
-                        "/front/room/roomId",
+                        "/wechat/**",
+                        "/login/sendCode",
+                        "/login/login/mobile",
+                        "/login/login",
+                        "/store/list",
+                        "/store/listVo",
+                        "/store//\\d+/",
+                        "/room/list",
+                        "/room/info",
+                        "/room/roomStatus",
+                        "/room/roomId",
                        "**"
                ).addPathPatterns("/**");
    }

-
-//    @Override
-//    public void addInterceptors(InterceptorRegistry registry) {
-//        //添加token拦截器
-//        //addPathPatterns添加需要拦截的命名空间；
-//        //excludePathPatterns添加排除拦截命名空间
-//
-//        //前端用户登录token
-//        registry.addInterceptor(frontTokenInterceptor()).
-//                addPathPatterns("/api/front/**").
-//                excludePathPatterns("/api/front/index").
-//                excludePathPatterns("/api/front/qrcode/**").
-//                excludePathPatterns("/api/front/login/mobile").
-//                excludePathPatterns("/api/front/login").
-//                excludePathPatterns("/api/front/sendCode").
-//                excludePathPatterns("/api/front/wechat/**").
-//                excludePathPatterns("/api/front/search/keyword").
-//                excludePathPatterns("/api/front/share").
-//                excludePathPatterns("/api/front/article/**").
-//                excludePathPatterns("/api/front/city/**").
-//                excludePathPatterns("/api/front/product/hot").
-//                excludePathPatterns("/api/front/product/good").
-//                excludePathPatterns("/api/front/products/**").
-//                excludePathPatterns("/api/front/reply/**").
-//                excludePathPatterns("/api/front/user/service/**").
-//                excludePathPatterns("/api/front/logistics").
-//                excludePathPatterns("/api/front/groom/list/**").
-//                excludePathPatterns("/api/front/config").
-//                excludePathPatterns("/api/front/category").
-//                excludePathPatterns("/api/front/seckill/*").
-//                excludePathPatterns("/api/front/seckill/list/*").
-//                excludePathPatterns("/api/front/seckill/detail/*").
-//                excludePathPatterns("/api/front/ios/*").
-//                excludePathPatterns("/api/front/ios/register/binding/phone").
-//                excludePathPatterns("api/front/combination/index").
-//                excludePathPatterns("api/front/seckill/index").
-//                excludePathPatterns("api/front/bargain/index").
-//                excludePathPatterns("api/front/combination/index").
-//                excludePathPatterns("api/front/index/product/*").
-//                excludePathPatterns("api/front/index/color/config").
-//                excludePathPatterns("api/front/image/domain").
-//                excludePathPatterns("api/front/product/leaderboard").
-//                excludePathPatterns("/swagger-resources/**", "/webjars/**", "/v2/**", "/swagger-ui.html/**");
-//    }
-
-//    public void addResourceHandlers(ResourceHandlerRegistry registry) {
-//        registry.addResourceHandler("/**")
-//                .addResourceLocations("classpath:/static/");
-//        registry.addResourceHandler("doc.html")
-//                .addResourceLocations("classpath:/META-INF/resources/");
-//        registry.addResourceHandler("/webjars/**")
-//                .addResourceLocations("classpath:/META-INF/resources/webjars/");
-//    }
-
-//    @Bean
-//    public FilterRegistrationBean filterRegister()
-//    {
-//        //注册过滤器
-//        FilterRegistrationBean registration = new FilterRegistrationBean(responseFilter());
-//        registration.addUrlPatterns("/*");
-//        return registration;
-//    }
-
-    /* 必须在此处配置拦截器,要不然拦不到swagger的静态资源 */
-//    @Bean
-//    @ConditionalOnProperty(name = "swagger.basic.enable", havingValue = "true")
-//    public MappedInterceptor getMappedInterceptor() {
-//        return new MappedInterceptor(new String[]{"/doc.html", "/webjars/**"}, new SwaggerInterceptor(username, password, check));
-//    }
 }
--- a/share-front/src/main/resources/application-dev.yml
+++ b/share-front/src/main/resources/application-dev.yml
@@ -26,7 +26,7 @@ server:
  port: 8883
  servlet:
    # 应用的访问路径
-    context-path: /
+    context-path: /front-api
  tomcat:
    # tomcat的URI编码
    uri-encoding: UTF-8
@@ -135,6 +135,13 @@ spring:
        max-active: 8
        # #连接池最大阻塞等待时间（使用负值表示没有限制）
        max-wait: -1ms
+  mqtt:
+    url: "tcp://47.99.53.236:1883"
+    clientId: "coujiao_sub"
+    username: "coujiaomqtt"
+    password: "Mqtt@2023cj"
+    defaultTopic: "ydlink/#"
+    completion-timeout: 15000

 # token配置
 token:

--- a/share-front/src/main/resources/application-prod.yml
+++ b/share-front/src/main/resources/application-prod.yml
@@ -26,7 +26,7 @@ server:
  port: 8883
  servlet:
    # 应用的访问路径
-    context-path: /
+    context-path: /front-api
  tomcat:
    # tomcat的URI编码
    uri-encoding: UTF-8
@@ -135,6 +135,13 @@ spring:
        max-active: 8
        # #连接池最大阻塞等待时间（使用负值表示没有限制）
        max-wait: -1ms
+  mqtt:
+    url: "tcp://47.99.53.236:1883"
+    clientId: "coujiao_sub"
+    username: "coujiaomqtt"
+    password: "Mqtt@2023cj"
+    defaultTopic: "ydlink/#"
+    completion-timeout: 15000

 # token配置
 token:
@@ -175,3 +182,13 @@ xss:
  excludes: /system/notice
  # 匹配链接
  urlPatterns: /system/*,/monitor/*,/tool/*
+
+meituan:
+  developerId: 123456
+  signKey: abcdefghijklmnopqrstuvwxyz
+  appAuthToken: abcdefghijklmnopqrstuvwxyz
+dianping:
+  appKey: a59ea57cd1eb4737
+  appSecret: 0caaabb7fda1c1be46636171548dcf510d1fb706
+  authCode: abcdefghijklmnopqrstuvwxyz
+  openShoopUuid: 5067d2db1311d32a0ff366c79a73df51
\ No newline at end of file
--- a/share-front/src/main/resources/application-test.yml
+++ b/share-front/src/main/resources/application-test.yml
@@ -26,7 +26,7 @@ server:
  port: 8883
  servlet:
    # 应用的访问路径
-    context-path: /
+    context-path: /front-api
  tomcat:
    # tomcat的URI编码
    uri-encoding: UTF-8
@@ -135,6 +135,13 @@ spring:
        max-active: 8
        # #连接池最大阻塞等待时间（使用负值表示没有限制）
        max-wait: -1ms
+  mqtt:
+    url: "tcp://47.99.53.236:1883"
+    clientId: "coujiao_sub"
+    username: "coujiaomqtt"
+    password: "Mqtt@2023cj"
+    defaultTopic: "ydlink/#"
+    completion-timeout: 15000

 # token配置
 token:
@@ -175,3 +182,13 @@ xss:
  excludes: /system/notice
  # 匹配链接
  urlPatterns: /system/*,/monitor/*,/tool/*
+
+meituan:
+  developerId: 123456
+  signKey: abcdefghijklmnopqrstuvwxyz
+  appAuthToken: abcdefghijklmnopqrstuvwxyz
+dianping:
+  appKey: a59ea57cd1eb4737
+  appSecret: 0caaabb7fda1c1be46636171548dcf510d1fb706
+  authCode: abcdefghijklmnopqrstuvwxyz
+  openShoopUuid: 5067d2db1311d32a0ff366c79a73df51
\ No newline at end of file
--- a/share-front/src/main/resources/application.yml
+++ b/share-front/src/main/resources/application.yml
@@ -4,7 +4,7 @@ spring:
    # 国际化资源文件路径
    basename: i18n/messages
  profiles:
-    active: dev
+    active: test
  # 文件上传
  servlet:
    multipart:

--- a/share-system/src/main/java/share/system/domain/vo/FrontTokenComponent.java
+++ b/share-system/src/main/java/share/system/domain/vo/FrontTokenComponent.java
@@ -214,36 +214,8 @@ public class FrontTokenComponent {
    public boolean checkRouter(String uri) {
        logger.info("=====>url : "+uri);
        String[] routerList = {
-                "/front/product/detail",
                "/front/coupons",
-                "/front/index",
-                "/front/bargain/list",
-                "/front/combination/list",
-                "/front/index/product",
-                "/front/combination/index",
-                "/front/bargain/index",
-                "/front/index/color/config",
-                "/front/product/list",
-                "/front/product/sku/detail",
-                "/front/index/get/version",
-                "/front/image/domain",
-                "/front/product/leaderboard",
-                "/front/category",
-                "/front/vip/config/list",
-                "/front/vip/config/info",
-                "/front/vip/config/infoByIosId",
-                "/front/store/equity/list",
-                "/front/store/equity/detail",
-
-                "/front/seckill/appoint/success",
-                "/front/preference/list",
-                "/front/invite/vipList",
-                "/front/seckill/list",
-                "/front/seckill/cur/time",
-
-                "/front/get/common/code",
-                "/front/get/seckill/code",
-                "/front/xfbVisitInfo/save"
+                "/front/index"
        };

        return ArrayUtils.contains(routerList, uri);