登录免密

pine-admin/src/main/java/com/pine/admin/modules/base/controller/WxPayController.java

@@ -1,154 +0,0 @@
-package com.pine.admin.modules.base.controller;
-
-import com.pine.admin.config.WeChatConfig;
-import com.pine.admin.modules.base.service.WeiXinService;
-import com.pine.admin.shiro.ShiroUtils;
-import com.pine.common.dto.Result;
-import com.pine.common.utils.HttpRequest;
-import com.pine.common.wxpay.WXPayUtil;
-import io.swagger.annotations.Api;
-import io.swagger.annotations.ApiOperation;
-import lombok.extern.slf4j.Slf4j;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.BufferedReader;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.InputStreamReader;
-import java.math.BigDecimal;
-import java.util.HashMap;
-import java.util.Map;
-
-/**
- * @Author: Pine
- * @Date: 2019/4/2
- * @Email:771190883@qq.com
- */
-@RestController
-@RequestMapping("/wxPay")
-@Slf4j
-@Api(value = "微信支付接口", tags = {"微信支付接口" })
-
-public class WxPayController {
-    @Autowired
-    private WeiXinService weiXinService;
-    /**
-     * @param request
-     * @return Map
-     * @Description 微信浏览器内微信支付/公众号支付(JSAPI)
-     */
-    @ApiOperation(value = "微信浏览器内微信支付/公众号支付", notes = "微信浏览器内微信支付/公众号支付")
-    @PostMapping(value = "/orders")
-    public Result orders(HttpServletRequest request, String orderNumber) throws Exception {
-
-        //TODO 查询订单 添加支付金额
-
-        String openId = ShiroUtils.getWeiXinOpenId();
-        //拼接统一下单地址参数
-        Map<String, String> paraMap = new HashMap<String, String>();
-        //获取请求ip地址
-        String ip = request.getHeader("x-forwarded-for");
-        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
-            ip = request.getHeader("Proxy-Client-IP");
-        }
-        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
-            ip = request.getHeader("WL-Proxy-Client-IP");
-        }
-        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
-            ip = request.getRemoteAddr();
-        }
-        if (ip.indexOf(",") != -1) {
-            String[] ips = ip.split(",");
-            ip = ips[0].trim();
-        }
-
-        paraMap.put("appid", WeChatConfig.APP_ID);
-        paraMap.put("body", "锦鲤商城-订单结算");
-        paraMap.put("mch_id", WeChatConfig.PAY_MCHID);
-        paraMap.put("nonce_str", WXPayUtil.generateNonceStr());
-        paraMap.put("openid", openId);
-        paraMap.put("out_trade_no", WXPayUtil.generateNonceStr());//订单号
-        paraMap.put("spbill_create_ip", ip);
-        paraMap.put("total_fee", "100000");
-        paraMap.put("trade_type", WeChatConfig.TRADE_TYPE);
-        paraMap.put("notify_url", "");// 此路径是微信服务器调用支付结果通知路径随意写
-        String sign = WXPayUtil.generateSignature(paraMap, WeChatConfig.PAY_KEY);
-        paraMap.put("sign", sign);
-        String xml = WXPayUtil.mapToXml(paraMap);//将所有参数(map)转xml格式
-
-        String unifiedorder_url = "https://api.mch.weixin.qq.com/pay/unifiedorder";
-
-        String xmlStr = HttpRequest.sendPost(unifiedorder_url, xml);//发送post请求"统一下单接口"返回预支付id:prepay_id
-
-        //以下内容是返回前端页面的json数据
-        String prepay_id = "";//预支付id
-        if (xmlStr.indexOf("SUCCESS") != -1) {
-            Map<String, String> map = WXPayUtil.xmlToMap(xmlStr);
-            prepay_id = (String) map.get("prepay_id");
-        }
-        Map<String, String> payMap = new HashMap<String, String>();
-        payMap.put("appId", WeChatConfig.APP_ID);
-        payMap.put("timeStamp", WXPayUtil.getCurrentTimestamp() + "");
-        payMap.put("nonceStr", WXPayUtil.generateNonceStr());
-        //签名方式
-        payMap.put("signType", "MD5");
-        //订单详情扩展字符串
-        payMap.put("package", "prepay_id=" + prepay_id);
-        //签名
-        String paySign = WXPayUtil.generateSignature(payMap, WeChatConfig.PAY_KEY);
-        payMap.put("paySign", paySign);
-        return Result.success(true, payMap);
-
-    }
-
-    @ApiOperation(value = "微信回调接口", notes = "微信回调接口")
-
-    @PostMapping(value = "/callback")
-    public String callBack(HttpServletRequest request, HttpServletResponse response) {
-        log.info("进入微信支付异步通知");
-        String resXml = "";
-        try {
-            //
-            InputStream is = request.getInputStream();
-            //将InputStream转换成String
-            BufferedReader reader = new BufferedReader(new InputStreamReader(is));
-            StringBuilder sb = new StringBuilder();
-            String line = null;
-            try {
-                while ((line = reader.readLine()) != null) {
-                    sb.append(line + "\n");
-                }
-            } catch (IOException e) {
-                e.printStackTrace();
-            } finally {
-                try {
-                    is.close();
-                } catch (IOException e) {
-                    e.printStackTrace();
-                }
-            }
-            resXml = sb.toString();
-            log.info("微信支付异步通知请求包: {}", resXml);
-            return weiXinService.payBack(resXml);
-        } catch (Exception e) {
-            log.error("微信支付回调通知失败", e);
-            String result = "&lt;xml&gt;" + "&lt;return_code&gt;&lt;![CDATA[FAIL]]&gt;&lt;/return_code&gt;" + "&lt;return_msg&gt;&lt;![CDATA[报文为空]]&gt;&lt;/return_msg&gt;" + "&lt;/xml&gt; ";
-            return result;
-        }
-
-    }
-
-    public static void main(String[] args) {
-        //实际抚的金额
-        BigDecimal a = new BigDecimal(100);
-        //百分之1
-        BigDecimal b = new BigDecimal(1);
-        System.out.println(String.valueOf(a.multiply(b).divide(new BigDecimal(100)).setScale(2, BigDecimal.ROUND_HALF_UP).doubleValue()));
-    }
-}
-

pine-admin/src/main/java/com/pine/admin/modules/business/entity/Order.java

@@ -1,13 +1,15 @@
 package com.pine.admin.modules.business.entity;
 
-        import java.math.BigDecimal;
-    import com.fasterxml.jackson.databind.annotation.JsonSerialize;
+import java.math.BigDecimal;
+
+import com.fasterxml.jackson.databind.annotation.JsonSerialize;
 import io.swagger.annotations.ApiModel;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.Getter;
 import lombok.Setter;
 import lombok.ToString;
 import lombok.Data;
+
 import java.io.Serializable;
 import java.util.Date;
 
@@ -91,21 +93,20 @@ public class Order implements Serializable {
     private BigDecimal concessionalRate;
     /**
      * 1:待付款  （用户刚下单）
-2:代发货  （用户付完款 等待商城发货）
-3:代收货  （商城已经发货 等待用户确认收货）
-4:已完成  （用户已经确认收货 订单结束）
-5:取消订单 （用户未付款前取消订单）
-6:退款通过  （用户已经付款但是商城还未发货，用户发出退款申请，商城同意退款）
-7:退货通过   （用户已经确认收货后用户发出退货申请，商城同意所有退货申请 ，一个订单可能有多个单品）
-
+     * 2:代发货  （用户付完款 等待商城发货）
+     * 3:代收货  （商城已经发货 等待用户确认收货）
+     * 4:已完成  （用户已经确认收货 订单结束）
+     * 5:取消订单 （用户未付款前取消订单）
+     * 6:退款通过  （用户已经付款但是商城还未发货，用户发出退款申请，商城同意退款）
+     * 7:退货通过   （用户已经确认收货后用户发出退货申请，商城同意所有退货申请 ，一个订单可能有多个单品）
      */
     @ApiModelProperty(value = "", name = "status")
     private String status;
     /**
      * 预售订单状态   普通订单 该状态没作用
-0 第一阶段未支付
-1 第一阶段已支付第二阶段未支付
-2 第二阶段已支付   默认0
+     * 0 第一阶段未支付
+     * 1 第一阶段已支付第二阶段未支付
+     * 2 第二阶段已支付   默认0
      */
     @ApiModelProperty(value = "预售订单状态", name = "presaleStatus")
     private String presaleStatus;
@@ -141,16 +142,16 @@ public class Order implements Serializable {
     private Long storeId;
     /**
      * 订单取消原因
-1:现在不想买
-2:商品价格较贵
-3:价格波动
-4:商品缺货
-5:重复下单
-6:收货人信息有误
-7:发票信息有误/发票未开
-8:送货时间过长
-9:其他原因
-0:系统取消
+     * 1:现在不想买
+     * 2:商品价格较贵
+     * 3:价格波动
+     * 4:商品缺货
+     * 5:重复下单
+     * 6:收货人信息有误
+     * 7:发票信息有误/发票未开
+     * 8:送货时间过长
+     * 9:其他原因
+     * 0:系统取消
      */
     @ApiModelProperty(value = "订单取消原因", name = "cancelReson")
     private String cancelReson;
@@ -216,7 +217,7 @@ public class Order implements Serializable {
     private Date evaluationTime;
     /**
      * 预售订单的时间
-对于定金预售 则是第二阶段付款时间 和发货时间 对于全款预售 则是发货时间
+     * 对于定金预售 则是第二阶段付款时间 和发货时间 对于全款预售 则是发货时间
      */
     @ApiModelProperty(value = "预售订单的时间", name = "presaleTime")
     private Date presaleTime;

pine-admin/src/main/java/com/pine/admin/modules/business/service/impl/CarOrderServiceImpl.java

@@ -59,8 +59,8 @@ public class CarOrderServiceImpl implements CarOrderService {
     public List<CarOrder> getBackByPage(Page page, CarOrder record) {
         log.info("getBackByPage");
         try {
-            if (!ShiroUtils.getShiroUserInfo().getUserName().contains("超级管理员")) {
-                record.setCarSupplier(ShiroUtils.getShiroUserInfo().getUserName());
+            if (!ShiroUtils.getShiroUserInfo().getName().contains("超级管理员")) {
+                record.setCarSupplier(ShiroUtils.getShiroUserInfo().getName());
             }
             Map<String, Object> parameter = new HashMap<String, Object>();
             parameter.put("record", record);
@@ -85,8 +85,8 @@ public class CarOrderServiceImpl implements CarOrderService {
 
             // 首付/尾款支付状态查询
 
-            if (!ShiroUtils.getShiroUserInfo().getUserName().contains("超级管理员")) {
-                record.setCarSupplier(ShiroUtils.getShiroUserInfo().getUserName());
+            if (!ShiroUtils.getShiroUserInfo().getName().contains("超级管理员")) {
+                record.setCarSupplier(ShiroUtils.getShiroUserInfo().getName());
             }
             Map<String, Object> parameter = new HashMap<String, Object>();
             parameter.put("record", record);

pine-admin/src/main/java/com/pine/admin/modules/business/service/impl/OrderServiceImpl.java

@@ -46,13 +46,12 @@ public class OrderServiceImpl implements OrderService {
 
         log.info("getOrderByPage");
         try {
-            if (!ShiroUtils.getShiroUserInfo().getUserName().contains("超级管理员")) {
-                record.setDealerInfo(ShiroUtils.getShiroUserInfo().getUserName());
+            if (!ShiroUtils.getShiroUserInfo().getName().contains("超级管理员")) {
+                record.setDealerId(Long.valueOf(ShiroUtils.getShiroUserInfo().getDealerID()));
             }
             Map<String, Object> parameter = new HashMap<String, Object>();
             parameter.put("record", record);
             parameter.put("page", page);
-
             return orderDao.queryByPage(parameter);
         } catch (Exception e) {
             log.error("getOrderByPage", e);

pine-admin/src/main/java/com/pine/admin/modules/system/controller/SysUserLoginController.java

@@ -2,10 +2,13 @@ package com.pine.admin.modules.system.controller;
 
 
 import com.alibaba.fastjson.JSON;
+import com.alibaba.fastjson.JSONObject;
 import com.google.code.kaptcha.Constants;
 import com.google.code.kaptcha.Producer;
+import com.pine.admin.modules.system.service.SysService;
 import com.pine.admin.modules.system.service.SysUserRoleService;
 import com.pine.admin.shiro.DealerOpenIdToken;
+import com.pine.admin.shiro.ShiroUserInfo;
 import com.pine.admin.shiro.ShiroUtils;
 import com.pine.common.dto.Result;
 import com.pine.common.exception.ApiException;
@@ -18,6 +21,7 @@ import org.apache.shiro.SecurityUtils;
 import org.apache.shiro.authc.*;
 import org.apache.shiro.subject.Subject;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.util.StringUtils;
 import org.springframework.web.bind.annotation.*;
 
 import javax.imageio.ImageIO;
@@ -25,6 +29,9 @@ import javax.servlet.ServletOutputStream;
 import javax.servlet.http.HttpServletResponse;
 import java.awt.image.BufferedImage;
 import java.io.IOException;
+import java.text.ParseException;
+import java.text.SimpleDateFormat;
+import java.util.Date;
 import java.util.HashMap;
 import java.util.Map;
 
@@ -33,51 +40,42 @@ import java.util.Map;
 @Slf4j
 public class SysUserLoginController {
 
+
+
     @Autowired
-    private Producer producer;
-    @Autowired
-    private SysUserRoleService sysUserRoleService;
-
-    @GetMapping("captcha.jpg")
-    public void captcha(HttpServletResponse response) throws IOException {
-        response.setHeader("Cache-Control", "no-store, no-cache");
-        response.setContentType("image/jpeg");
-        //生成文字验证码
-        String text = producer.createText();
-        //生成图片验证码
-        BufferedImage image = producer.createImage(text);
-        //保存到shiro session
-        ShiroUtils.setSessionAttribute(Constants.KAPTCHA_SESSION_KEY, text);
-
-        ServletOutputStream out = response.getOutputStream();
-        ImageIO.write(image, "jpg", out);
+    private SysService sysService;
+
+    public static void main(String[] args) throws ParseException {
+        SimpleDateFormat ft = new SimpleDateFormat ("yyyy-MM-dd hh:mm:ss");
+
+        String formdata = "2019-10-12 13:00:01";
+        System.out.println(ft.parse(formdata).getTime());
+        String data = "{\"erp\":\"12818\",\"dealerId\":6906,\"name\":\"芜湖福瑞汽车销售有限公司\",\"roleType\":\"商城经销商\",\"createTime\":\"1570856401000\"}";
+        String encrypt = RSAUtils.encrypt(RSAUtils.publicKey, data);
+        //        //防止URL 传参 + 号丢失
+        System.out.println(encrypt.replace("+", "%2B"));
+        String responseString = RSAUtils.decrypt(RSAUtils.privateKey, encrypt);
+        System.out.println(responseString);
+        ShiroUserInfo parse = JSONObject.parseObject(responseString, ShiroUserInfo.class);
+
     }
 
     @PostMapping("/secretLogin")
     public Result secretLogin(@RequestParam(value = "casualBacking") String casualBacking) {
         try {
 
-            String responseString = RSAUtils.decrypt(RSAUtils.privateKey, casualBacking);
-
-            Map maps = (Map) JSON.parse(responseString);
+            String responseString = sysService.decryptUser(casualBacking);
 
             DealerOpenIdToken dealerOpenIdToken;
 
-            if (maps.get("data").equals("对应的经销商为空")) {
-                String dd = "{\"erp\":\"8888\",\"dealerId\":8888,\"name\":\"超级管理员\",\"roleType\":\"超级管理员\"}";
-                dealerOpenIdToken = new DealerOpenIdToken(dd);
-            } else {
-                dealerOpenIdToken = new DealerOpenIdToken(maps.get("data").toString());
-            }
+            dealerOpenIdToken = new DealerOpenIdToken(responseString);
+
             Subject subject = SecurityUtils.getSubject();
+
             subject.login(dealerOpenIdToken);
+
             SecurityUtils.getSubject().getSession().setTimeout(-1000L);
             return Result.success(true, ShiroUtils.getShiroUserInfo());
-            //            Subject subject = ShiroUtils.getSubject();
-//            UsernamePasswordToken token = new UsernamePasswordToken(userCode, password);
-//            subject.login(token);
-
-
         } catch (UnknownAccountException e) {
             return Result.error(e.getMessage());
         } catch (IncorrectCredentialsException e) {
@@ -106,7 +104,7 @@ public class SysUserLoginController {
             map.put("password", PasswordEncryptorUtils.md5AndBase64Encryptor(password));
 
             String s2 = PostUtil.formUpload(Constant.LOGIN_URL, map, null, "");
-            log.info("经销商登录："+s2);
+            log.info("经销商登录：" + s2);
             Map maps = (Map) JSON.parse(s2);
 
             if (maps.get("code").equals(-1)) {
@@ -147,7 +145,7 @@ public class SysUserLoginController {
      */
     @PostMapping(value = "logout")
     public Result logout() {
-        String username = ShiroUtils.getShiroUserInfo().getUserName();
+        String username = ShiroUtils.getShiroUserInfo().getName();
         ShiroUtils.logout();
         return Result.success(true, "用户:" + username + "退出登录成功");
     }
@@ -160,11 +158,4 @@ public class SysUserLoginController {
         return Result.error("系统出错");
     }
 
-    public static void main(String[] args) {
-        byte[] bytes = MD5Util.md5("123456");
-        bytes.toString();
-        System.out.println("123456");
-        System.out.println(MD5Util.md5Hex("123456")
-        );
-    }
 }

pine-admin/src/main/java/com/pine/admin/modules/system/service/SysService.java

@@ -23,4 +23,7 @@ public interface SysService {
 
     //根据用户id查询权限范围内的url
     List<SysPermission> findPermissionListByUserId(Integer userId);
+
+    //RAS解析用户信息
+    String decryptUser(String casualBacking);
 }

pine-admin/src/main/java/com/pine/admin/modules/system/service/impl/SysPermissionServiceImpl.java

@@ -152,8 +152,8 @@ public class SysPermissionServiceImpl implements SysPermissionService {
         try {
             ShiroUserInfo shiroUserInfo = ShiroUtils.getShiroUserInfo();
             //从Session中取出菜单范围的URL
-            List<SysPermission> menus = shiroUserInfo.getMenus();
-            return menus;
+//            List<SysPermission> menus = shiroUserInfo.getMenus();
+            return null;
         } catch (Exception e) {
             log.info("getSysMenu");
         }

pine-admin/src/main/java/com/pine/admin/modules/system/service/impl/SysServiceImpl.java

@@ -1,15 +1,24 @@
 package com.pine.admin.modules.system.service.impl;
 
+import com.alibaba.fastjson.JSONObject;
 import com.pine.admin.modules.system.dao.SysPermissionDao;
 import com.pine.admin.modules.system.dao.SysUserDao;
 import com.pine.admin.modules.system.entity.ActiveUser;
 import com.pine.admin.modules.system.entity.SysPermission;
 import com.pine.admin.modules.system.entity.SysUser;
 import com.pine.admin.modules.system.service.SysService;
+import com.pine.admin.shiro.ShiroUserInfo;
+import com.pine.common.dto.Result;
+import com.pine.common.exception.ApiException;
+import com.pine.common.utils.DateTimeTool;
 import com.pine.common.utils.MD5Util;
+import com.pine.common.utils.RSAUtils;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
+import org.springframework.util.StringUtils;
 
+import java.util.Date;
 import java.util.List;
 
 /**
@@ -18,6 +27,7 @@ import java.util.List;
  * @date 2018/3/27 10:44
  */
 @Service
+@Slf4j
 public class SysServiceImpl implements SysService {
     @Autowired
     private SysUserDao sysUserMapper;
@@ -77,4 +87,33 @@ public class SysServiceImpl implements SysService {
         return sysPermissionMapper.findPermissionListByUserId(userId);
     }
 
+    @Override
+    public String decryptUser(String casualBacking) {
+
+        String responseString = RSAUtils.decrypt(RSAUtils.privateKey, casualBacking);
+
+        if (StringUtils.isEmpty(responseString)) {
+            log.error("offlineAudit fail due to rsa decrypt fail");
+            throw new ApiException("秘钥解析失败");
+        }
+
+        ShiroUserInfo userInfo = JSONObject.parseObject(responseString, ShiroUserInfo.class);
+        if (StringUtils.isEmpty(userInfo.getDealerID())) {
+            throw new ApiException("用户信息丢失");
+        }
+        if (StringUtils.isEmpty(userInfo.getName())) {
+            throw new ApiException("用户信息丢失");
+        }
+        userInfo.getCreateTime();
+        Date nowDate = new Date();
+        Date effectiveTime = DateTimeTool.dateTimeSubtractMinutes(nowDate, 30);
+        boolean effectiveDate = DateTimeTool.isEffectiveDate(userInfo.getCreateTime(), effectiveTime, nowDate);
+        if (effectiveDate == false) {
+            throw new ApiException("秘钥已失效");
+        }
+
+        return responseString;
+    }
+
+
 }

pine-admin/src/main/java/com/pine/admin/shiro/KickoutSessionControlFilter.java

@@ -84,12 +84,8 @@ public class KickoutSessionControlFilter extends AccessControlFilter {
 
         Session session = subject.getSession();
         ShiroUserInfo shiroUserInfo = ShiroUtils.getShiroUserInfo();
-        //如果是微信用户不踢
-        if (shiroUserInfo.getUserType().equals(Constant.USER_WEIXIN)) {
-            return true;
-        }
 
-        String username = shiroUserInfo.getUserName();
+        String username = shiroUserInfo.getName();
         Serializable sessionId = session.getId();
 
         // 同步控制

pine-admin/src/main/java/com/pine/admin/shiro/ShiroUserInfo.java

@@ -5,6 +5,7 @@ import com.pine.admin.modules.system.entity.SysPermission;
 import lombok.*;
 
 import java.io.Serializable;
+import java.util.Date;
 import java.util.List;
 
 /**
@@ -14,19 +15,18 @@ import java.util.List;
  */
 @Data
 @JsonSerialize(include = JsonSerialize.Inclusion.NON_NULL)
+@AllArgsConstructor
+@NoArgsConstructor
 public class ShiroUserInfo implements Serializable {
-    /**
-     * 用户ID
-     */
-    private Integer userId;
+
     /**
      * 用户姓名
      */
-    private String userName;
+    private String name;
     /**
      * 用户类型
      */
-    private Integer userType;
+    private String roleType;
     /**
      * 头像
      */
@@ -35,49 +35,10 @@ public class ShiroUserInfo implements Serializable {
      * openid
      */
     private String openid;
+    //经销商ERP号
+    private Long erp;
 
-    private String erp;
-
-    private String dealerID;
-
-    /**
-     * 用户菜单
-     */
-    List<SysPermission> Menus;
-    /**
-     * 用户权限
-     */
-    List<SysPermission> permission;
-
-    public ShiroUserInfo() {
-    }
-
-    public ShiroUserInfo(String userName, String erp, String dealerID, List<SysPermission> menus) {
-        this.userName = userName;
-        this.erp = erp;
-        this.dealerID = dealerID;
-        Menus = menus;
-    }
-
-    public ShiroUserInfo(Integer userId, String userName, Integer userType, String userIcon, String openid, List<SysPermission> menus, List<SysPermission> permission) {
-        this.userId = userId;
-        this.userName = userName;
-        this.userType = userType;
-        this.userIcon = userIcon;
-        this.openid = openid;
-        Menus = menus;
-        this.permission = permission;
-    }
+    private Long dealerID;
 
-    public ShiroUserInfo(Integer userId, String userName, Integer userType, String userIcon, String openid, String erp, String dealerID, List<SysPermission> menus, List<SysPermission> permission) {
-        this.userId = userId;
-        this.userName = userName;
-        this.userType = userType;
-        this.userIcon = userIcon;
-        this.openid = openid;
-        this.erp = erp;
-        this.dealerID = dealerID;
-        Menus = menus;
-        this.permission = permission;
-    }
+    private Date createTime;
 }

pine-admin/src/main/java/com/pine/admin/shiro/ShiroUtils.java

@@ -53,24 +53,8 @@ public class ShiroUtils {
         return (ShiroUserInfo) SecurityUtils.getSubject().getPrincipal();
     }
 
-    public static Integer getUserId() {
-        return getShiroUserInfo().getUserId();
-    }
-
-    public static Integer getWeiXinUserId() {
-        ShiroUserInfo shiroUserInfo = getShiroUserInfo();
-        if (shiroUserInfo.getUserType().equals(Constant.USER_WEIXIN)) {
-            return shiroUserInfo.getUserId();
-        }
-        throw new ApiException("非微信用户登录");
-    }
-
-    public static String getWeiXinOpenId() {
-        ShiroUserInfo shiroUserInfo = getShiroUserInfo();
-        if (shiroUserInfo.getUserType().equals(Constant.USER_WEIXIN)) {
-            return shiroUserInfo.getOpenid();
-        }
-        throw new ApiException("非微信用户登录");
+    public static Long getUserId() {
+        return getShiroUserInfo().getDealerID();
     }
 
     public static void setSessionAttribute(Object key, Object value) {

pine-admin/src/main/java/com/pine/admin/shiro/UserRealm.java

@@ -1,6 +1,7 @@
 package com.pine.admin.shiro;
 
 import com.alibaba.fastjson.JSON;
+import com.alibaba.fastjson.JSONObject;
 import com.pine.admin.modules.business.entity.UserInfo;
 import com.pine.admin.modules.business.service.UserInfoService;
 import com.pine.admin.modules.system.entity.SysPermission;
@@ -10,6 +11,7 @@ import com.pine.admin.modules.system.service.SysService;
 import com.pine.admin.modules.system.service.SysUserService;
 import com.pine.common.dto.Result;
 import com.pine.common.utils.Constant;
+import com.pine.common.utils.RSAUtils;
 import org.apache.commons.lang.RandomStringUtils;
 import org.apache.commons.lang.StringUtils;
 import org.apache.shiro.SecurityUtils;
@@ -47,23 +49,7 @@ public class UserRealm extends AuthorizingRealm {
      */
     @Override
     protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
-
-        Integer userId = ShiroUtils.getUserId();
-        //系统管理员，拥有最高权限
-        List<SysPermission> permissions = sysService.findPermissionListByUserId(userId);
-        List<String> permsList = permissions.stream().map(SysPermission::getPercode).collect(Collectors.toList());
-        //用户权限列表
-        Set<String> permsSet = new HashSet<>();
-        for (String perms : permsList) {
-            if (StringUtils.isBlank(perms)) {
-                continue;
-            }
-            permsSet.addAll(Arrays.asList(perms.trim().split(",")));
-        }
-        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
-        info.setStringPermissions(permsSet);
-
-        return info;
+        return null;
     }
 
     /**
@@ -77,13 +63,7 @@ public class UserRealm extends AuthorizingRealm {
         //若为经销商
         String dealerInfo = (String) token.getPrincipal();
 
-        Map dealerMap = (Map) JSON.parse(dealerInfo);
-        if (StringUtils.isEmpty(dealerInfo)){
-            throw new AuthenticationException();
-        }
-        ShiroUserInfo shiroUserInfo = new ShiroUserInfo(
-                dealerMap.get("name").toString()
-                , dealerMap.get("erp").toString(), dealerMap.get("dealerId").toString(), null);
+        ShiroUserInfo shiroUserInfo = JSONObject.parseObject(dealerInfo, ShiroUserInfo.class);
 
         /**
          * 设置权限

pine-admin/src/main/resources/mapper/business/OrderDao.xml

@@ -118,7 +118,6 @@
                      profit,
                      community_name,
                      community_buy_name,
-                     bill_no,
                      dealer_id,
                      dealer_info,
                      pay_channel,
@@ -196,7 +195,6 @@
             <if test="profit != null">profit,</if>
             <if test="communityName != null">community_name,</if>
             <if test="communityBuyName != null">community_buy_name,</if>
-            <if test="billNo != null">bill_no,</if>
             <if test="dealerId != null">dealer_id,</if>
             <if test="dealerInfo != null">dealer_info,</if>
             <if test="payChannel != null">pay_channel,</if>
@@ -257,7 +255,6 @@
             <if test="profit != null">#{profit},</if>
             <if test="communityName != null">#{communityName},</if>
             <if test="communityBuyName != null">#{communityBuyName},</if>
-            <if test="billNo != null">#{billNo},</if>
             <if test="dealerId != null">#{dealerId},</if>
             <if test="dealerInfo != null">#{dealerInfo},</if>
             <if test="payChannel != null">#{payChannel},</if>
@@ -322,7 +319,6 @@
             <if test="profit != null">profit = #{profit},</if>
             <if test="communityName != null">community_name = #{communityName},</if>
             <if test="communityBuyName != null">community_buy_name = #{communityBuyName},</if>
-            <if test="billNo != null">bill_no = #{billNo},</if>
             <if test="dealerId != null">dealer_id = #{dealerId},</if>
             <if test="dealerInfo != null">dealer_info = #{dealerInfo},</if>
             <if test="payChannel != null">pay_channel = #{payChannel},</if>
@@ -496,9 +492,6 @@
             <if test="record.communityBuyName != null and !&quot;&quot;.equals(record.communityBuyName)">
                 and community_buy_name = #{record.communityBuyName}
             </if>
-            <if test="record.billNo != null and !&quot;&quot;.equals(record.billNo)">
-                and bill_no = #{record.billNo}
-            </if>
             <if test="record.dealerId != null and !&quot;&quot;.equals(record.dealerId)">
                 and dealer_id = #{record.dealerId}
             </if>
@@ -684,9 +677,6 @@
             <if test="communityBuyName != null and !&quot;&quot;.equals(communityBuyName)">
                 and community_buy_name = #{communityBuyName}
             </if>
-            <if test="billNo != null and !&quot;&quot;.equals(billNo)">
-                and bill_no = #{billNo}
-            </if>
             <if test="dealerId != null and !&quot;&quot;.equals(dealerId)">
                 and dealer_id = #{dealerId}
             </if>
@@ -872,9 +862,6 @@
             <if test="communityBuyName != null and !&quot;&quot;.equals(communityBuyName)">
                 and community_buy_name = #{communityBuyName}
             </if>
-            <if test="billNo != null and !&quot;&quot;.equals(billNo)">
-                and bill_no = #{billNo}
-            </if>
             <if test="dealerId != null and !&quot;&quot;.equals(dealerId)">
                 and dealer_id = #{dealerId}
             </if>

pine-common/src/main/java/com/pine/common/utils/DateTimeTool.java

@@ -18,6 +18,37 @@ import java.util.GregorianCalendar;
  */
 public class DateTimeTool {
 
+    /**
+     * 判断当前时间是否在[startTime, endTime]区间，注意时间格式要一致
+     *
+     * @param nowTime 当前时间
+     * @param startTime 开始时间
+     * @param endTime 结束时间
+     * @return
+     * @author jqlin
+     */
+    public static boolean isEffectiveDate(Date nowTime, Date startTime, Date endTime) {
+        if (nowTime.getTime() == startTime.getTime()
+                || nowTime.getTime() == endTime.getTime()) {
+            return true;
+        }
+
+        Calendar date = Calendar.getInstance();
+        date.setTime(nowTime);
+
+        Calendar begin = Calendar.getInstance();
+        begin.setTime(startTime);
+
+        Calendar end = Calendar.getInstance();
+        end.setTime(endTime);
+
+        if (date.after(begin) && date.before(end)) {
+            return true;
+        } else {
+            return false;
+        }
+    }
+
     /**
      * <p>时间间隔转换。</p>
      *
@@ -33,30 +64,30 @@ public class DateTimeTool {
         }
         Date d1 = createtime;
 
-        //用现在距离1970年的时间间隔new Date().getTime()减去以前的时间距离1970年的时间间隔d1.getTime()得出的就是以前的时间与现在时间的时间间隔  
+        //用现在距离1970年的时间间隔new Date().getTime()减去以前的时间距离1970年的时间间隔d1.getTime()得出的就是以前的时间与现在时间的时间间隔
         long time = System.currentTimeMillis() - d1.getTime();// 得出的时间间隔是毫秒
 
         if (time / 1000 < 10 && time / 1000 >= 0) {
-            //如果时间间隔小于10秒则显示“刚刚”time/10得出的时间间隔的单位是秒  
+            //如果时间间隔小于10秒则显示“刚刚”time/10得出的时间间隔的单位是秒
             interval = "刚刚";
 
         } else if (time / 1000 < 60 && time / 1000 > 0) {
-            //如果时间间隔小于60秒则显示多少秒前  
+            //如果时间间隔小于60秒则显示多少秒前
             int se = (int) ((time % 60000) / 1000);
             interval = se + "秒前";
 
         } else if (time / 60000 < 60 && time / 60000 > 0) {
-            //如果时间间隔小于60分钟则显示多少分钟前  
-            int m = (int) ((time % 3600000) / 60000);//得出的时间间隔的单位是分钟  
+            //如果时间间隔小于60分钟则显示多少分钟前
+            int m = (int) ((time % 3600000) / 60000);//得出的时间间隔的单位是分钟
             interval = m + "分钟前";
 
         } else if (time / 3600000 < 24 && time / 3600000 >= 0) {
-            //如果时间间隔小于24小时则显示多少小时前  
-            int h = (int) (time / 3600000);//得出的时间间隔的单位是小时  
+            //如果时间间隔小于24小时则显示多少小时前
+            int h = (int) (time / 3600000);//得出的时间间隔的单位是小时
             interval = h + "小时前";
 
         } else {
-            //大于24小时，则显示正常的时间，但是不显示秒  
+            //大于24小时，则显示正常的时间，但是不显示秒
             SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd HH:mm");
 
             ParsePosition pos2 = new ParsePosition(0);
@@ -713,12 +744,12 @@ public class DateTimeTool {
 
         if (monthNow <= monthBirth) {
             if (monthNow == monthBirth) {
-                // monthNow==monthBirth 
+                // monthNow==monthBirth
                 if (dayOfMonthNow < dayOfMonthBirth) {
                     age--;
                 }
             } else {
-                // monthNow>monthBirth 
+                // monthNow>monthBirth
                 age--;
             }
         }

pine-common/src/main/java/com/pine/common/utils/RSAUtils.java

@@ -3,6 +3,7 @@ package com.pine.common.utils;
 import com.alibaba.fastjson.JSONObject;
 import org.apache.commons.codec.binary.Base64;
 import org.springframework.util.Base64Utils;
+import springfox.documentation.spring.web.json.Json;
 
 import java.io.ByteArrayOutputStream;
 import java.security.*;
@@ -26,21 +27,9 @@ public class RSAUtils {
     public final static String publicKey = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCHhQ6Px0l+cMR1tRsky0HDlvJD94AbE9Z0UhIZFgtdJ20GRQoV2DO3jQbGMBrM6giEcUCbYcDsnTVUovBrDQit1QtZZ3eKtoqrW7bMT2eX5qQOrZtO2kRkrnWwsxkKHKhn41atEMvSqrVqLgOUDgBhmxREWN93KUYE2adAg62/jQIDAQAB";
     public final static String privateKey = "MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBAIeFDo/HSX5wxHW1GyTLQcOW8kP3gBsT1nRSEhkWC10nbQZFChXYM7eNBsYwGszqCIRxQJthwOydNVSi8GsNCK3VC1lnd4q2iqtbtsxPZ5fmpA6tm07aRGSudbCzGQocqGfjVq0Qy9KqtWouA5QOAGGbFERY33cpRgTZp0CDrb+NAgMBAAECgYBJtT/nSZAamkDweHFsALUjKW1ZNDtT/uUsXRsE0+2YXAI7X7+NhAsU8TpW/wEEpOG/D04BdRiWWScRgpHa17r47joc3U+d40PRsqa34E0uJzqXJTzKZxTakDmI+KReIj+vMbvFo3cV3G5XNHElJEtWNNh4E/O99efd6scReQRKzQJBAMRh5UVwYrRh1FkvZIb+MtRW3ofMexfK/8LWF8xhPfi79NNl64O3HC+x4WPRGQnmdqx/iZFGf87iMvQlRtrQWYcCQQCwqSTn7gollTrZiA4fm22WGVigVQgH22TtUVHp6y23gah6feoONPUU69J8NpdyNhE5htrLMJWqvhzI+y7TrZNLAkAlZX8DeiNRtk95rEy4aC/Fv8Uglw/ZuA58S8i8YsgqVaCJoR74NiZn7re9ClR6TijLMH5B6+rquqh5VZ/oi0SBAkAGSp/T2rhlykDESoImQgTPGav8WcrlbLzVbtX5/LQuGuIDKsTRKLWpvxRJ9C/Ek4Rdhh34qoxJ/mdMCRYL19ytAkA6nDuDvgokt9nx8ldh+mqUCfS0Mn89aTC/C0vzUYUSq/RcAL2EOu1UBMxD6Pzmz6y+HJXEN4AayOgFXyLZw6Rb";
 
-    public static void main(String[] args) {
 
-
-        String data ="{\"code\":200,\"msg\":\"登录成功\",\"data\":{\"erp\":\"12818\",\"dealerId\":6906,\"name\":\"芜湖福瑞汽车销售有限公司\",\"roleType\":\"商城经销商\"}}";
-        String encrypt = RSAUtils.encrypt(RSAUtils.publicKey, data);
-        //防止URL 传参 + 号丢失
-        System.out.println(encrypt.replace("+","%2B"));
-        String responseString = RSAUtils.decrypt(privateKey, encrypt);
-
-        System.out.println(responseString);
-
-    }
     /**
      * 加密
-     *
      * @param publicKey 公钥
      * @param plainText 加密的内容
      * @return 返回加密后的内容