权限验证

mainFactory/src/main/java/org/bfkj/api/SecurityApi.java

@@ -0,0 +1,198 @@
+package org.bfkj.api;
+
+
+import com.fasterxml.jackson.core.JsonProcessingException;
+import jakarta.servlet.http.HttpServletRequest;
+import org.bfkj.services.SecurityService;
+import org.bfkj.utils.HttpRequestUtil;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.*;
+
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Objects;
+
+@RestController
+@RequestMapping("user")
+public class SecurityApi {
+
+
+    private final SecurityService securityService;
+
+
+    public SecurityApi(SecurityService securityService) {
+        this.securityService = securityService;
+    }
+
+    private Map<String, Object> combineData(Map<String, Object> headers, Map<String, Object> body) {
+        Map<String, Object> requestData = new HashMap<>();
+        if (Objects.nonNull(headers)) {
+            requestData.putAll(headers);
+        }
+        if (Objects.nonNull(body)) {
+            requestData.putAll(body);
+        }
+        return requestData;
+    }
+
+    /**
+     * 获取appToken appToken
+     *
+     * @param headers
+     * @param body
+     * @return
+     */
+    @PostMapping("getToken")
+    public ResponseEntity getToken(@RequestHeader Map<String, Object> headers, @RequestBody Map<String, Object> body, HttpServletRequest httpRequest) throws JsonProcessingException {
+        Map<String, Object> requestData = combineData(headers, body);
+        requestData.put("requestIp", HttpRequestUtil.getRemoteAddr(httpRequest));
+        requestData.put("sessionId", HttpRequestUtil.getSessionId(httpRequest));
+        Map<String, Object> result = securityService.getToken(requestData);
+        return ResponseEntity.ok(result);
+    }
+
+    /**
+     * 刷新appToken
+     *
+     * @param headers
+     * @return
+     */
+    @PostMapping("refreshToken")
+    public ResponseEntity refreshToken(@RequestHeader Map<String, Object> headers, HttpServletRequest httpRequest) throws JsonProcessingException {
+        Map<String, Object> requestData = combineData(headers, null);
+        requestData.put("requestIp", HttpRequestUtil.getRemoteAddr(httpRequest));
+        requestData.put("sessionId", HttpRequestUtil.getSessionId(httpRequest));
+        Map<String, Object> result = securityService.refreshToken(requestData);
+        return ResponseEntity.ok(result);
+    }
+
+    /**
+     * 校验token 包含appToken 和用户token
+     *
+     * @param headers
+     * @param body
+     * @return
+     */
+    @PostMapping("testToken")
+    public ResponseEntity testToken(@RequestHeader Map<String, Object> headers, @RequestBody Map<String, Object> body, HttpServletRequest httpRequest) {
+        Map<String, Object> requestData = combineData(headers, body);
+        requestData.put("requestIp", HttpRequestUtil.getRemoteAddr(httpRequest));
+        requestData.put("sessionId", HttpRequestUtil.getSessionId(httpRequest));
+
+        Map<String, Object> result = securityService.verifyToken(requestData);
+        return ResponseEntity.ok(result);
+    }
+
+    /**
+     * 获取验证码
+     *
+     * @param headers
+     * @param body
+     * @return
+     */
+    @PostMapping("verifyCode")
+    public ResponseEntity getCode(@RequestHeader Map<String, Object> headers, @RequestBody Map<String, Object> body, HttpServletRequest httpRequest) {
+        Map<String, Object> requestData = combineData(headers, body);
+        requestData.put("requestip", HttpRequestUtil.getRemoteAddr(httpRequest));
+        requestData.put("sessionid", HttpRequestUtil.getSessionId(httpRequest));
+        Map<String, Object> result = securityService.verifyCode(requestData);
+        return ResponseEntity.ok(result);
+    }
+
+    /**
+     * 强制登录
+     *
+     * @param headers
+     * @param body
+     * @return
+     */
+    @PostMapping("forceLogin")
+    public ResponseEntity forceLogin(@RequestHeader Map<String, Object> headers, @RequestBody Map<String, Object> body, HttpServletRequest httpRequest) {
+        Map<String, Object> requestData = combineData(headers, body);
+        requestData.put("requestip", HttpRequestUtil.getRemoteAddr(httpRequest));
+        requestData.put("sessionid", HttpRequestUtil.getSessionId(httpRequest));
+        Map<String, Object> result = securityService.forceLogin(requestData);
+        return ResponseEntity.ok(result);
+    }
+
+    /**
+     * 登录
+     *
+     * @param headers
+     * @param body
+     * @return
+     */
+    @PostMapping("login")
+    public ResponseEntity login(@RequestHeader Map<String, Object> headers, @RequestBody Map<String, Object> body, HttpServletRequest httpRequest) {
+        Map<String, Object> requestData = combineData(headers, body);
+        requestData.put("requestip", HttpRequestUtil.getRemoteAddr(httpRequest));
+        requestData.put("sessionid", HttpRequestUtil.getSessionId(httpRequest));
+        Map<String, Object> result = securityService.login(requestData);
+        return ResponseEntity.ok(result);
+    }
+
+    /**
+     * 获取权限
+     *
+     * @param headers
+     * @param body
+     * @return
+     */
+    @PostMapping("permissions")
+    public ResponseEntity getPermissions(@RequestHeader Map<String, Object> headers, @RequestBody Map<String, Object> body, HttpServletRequest httpRequest) {
+        Map<String, Object> requestData = combineData(headers, body);
+        requestData.put("requestip", HttpRequestUtil.getRemoteAddr(httpRequest));
+        requestData.put("sessionid", HttpRequestUtil.getSessionId(httpRequest));
+        Map<String, Object> result = securityService.permission(requestData);
+        return ResponseEntity.ok(result);
+    }
+
+
+    /**
+     * 更改密码
+     *
+     * @param headers
+     * @param body
+     * @return
+     */
+    @PostMapping("changePassword")
+    public ResponseEntity changePwd(@RequestHeader Map<String, Object> headers, @RequestBody Map<String, Object> body, HttpServletRequest httpRequest) {
+        Map<String, Object> requestData = combineData(headers, body);
+        requestData.put("requestip", HttpRequestUtil.getRemoteAddr(httpRequest));
+        requestData.put("sessionid", HttpRequestUtil.getSessionId(httpRequest));
+        Map<String, Object> result = securityService.changePassword(requestData);
+        return ResponseEntity.ok(result);
+    }
+
+    /**
+     * 登出注销
+     *
+     * @param headers
+     * @param body
+     * @return
+     */
+    @PostMapping("logOut")
+    public ResponseEntity logOut(@RequestHeader Map<String, Object> headers, @RequestBody Map<String, Object> body, HttpServletRequest httpRequest) {
+        Map<String, Object> requestData = combineData(headers, body);
+        requestData.put("requestip", HttpRequestUtil.getRemoteAddr(httpRequest));
+        requestData.put("sessionid", HttpRequestUtil.getSessionId(httpRequest));
+        Map<String, Object> result = securityService.logOut(requestData);
+        return ResponseEntity.ok(result);
+    }
+
+    /**
+     * 用户心跳检查   判断用户是否在线
+     *
+     * @param headers
+     * @param body
+     * @return
+     */
+    @PostMapping("health")
+    public ResponseEntity health(@RequestHeader Map<String, Object> headers, @RequestBody Map<String, Object> body, HttpServletRequest httpRequest) {
+        Map<String, Object> requestData = combineData(headers, body);
+        requestData.put("requestip", HttpRequestUtil.getRemoteAddr(httpRequest));
+        requestData.put("sessionid", HttpRequestUtil.getSessionId(httpRequest));
+        Map<String, Object> result = securityService.userHeartbeat(requestData);
+        return ResponseEntity.ok(result);
+    }
+}

mainFactory/src/main/java/org/bfkj/config/DatabaseConfig.java

@@ -0,0 +1,50 @@
+package org.bfkj.config;
+
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.jdbc.DataSourceBuilder;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.jdbc.core.JdbcTemplate;
+
+import javax.sql.DataSource;
+
+@Configuration
+public class DatabaseConfig {
+
+    @Value("${db.security.url}")
+    private String securityUrl;
+
+    @Value("${db.security.title}")
+    private String securityUsername;
+
+    @Value("${db.security.cipher}")
+    private String securityPassword;
+
+    @Value("${db.security.type:com.mysql.cj.jdbc.Driver}")
+    private String securityDriverClassName;
+
+    @Value("${db.log.url}")
+    private String logUrl;
+
+    @Value("${db.log.title}")
+    private String logUsername;
+
+    @Value("${db.log.cipher}")
+    private String logPassword;
+
+    @Value("${db.log.type:com.mysql.cj.jdbc.Driver}")
+    private String logDriverClassName;
+
+
+    @Bean("securityJdbcTemplate")
+    public JdbcTemplate securityJdbcTemplate() {
+        DataSource dataSource = DataSourceBuilder.create().driverClassName(securityDriverClassName).password(securityPassword).username(securityUsername).url(securityUrl).build();
+        return new JdbcTemplate(dataSource);
+    }
+
+    @Bean("logJdbcTemplate")
+    public JdbcTemplate logJdbcTemplate() {
+        DataSource dataSource = DataSourceBuilder.create().driverClassName(logDriverClassName).password(logPassword).username(logUsername).url(logUrl).build();
+        return new JdbcTemplate(dataSource);
+    }
+}

mainFactory/src/main/java/org/bfkj/domain/Appconnectlog.java

@@ -0,0 +1,154 @@
+package org.bfkj.domain;
+
+import java.io.Serializable;
+import java.time.LocalDateTime;
+
+/**
+* 
+* 
+*/
+public class Appconnectlog implements Serializable {
+
+    /**
+    * 自增主键
+    */
+    
+    
+    private Integer connid;
+    /**
+    * 应用编码
+    */
+    
+    
+    
+    private String appid;
+    /**
+    * 连接时间
+    */
+    
+    private LocalDateTime requesttime;
+    /**
+    * 请求IP
+    */
+    
+    
+    
+    private String requestip;
+    /**
+    * APP连接token
+    */
+    
+    
+    
+    private String apptoken;
+    /**
+    * token过期时间
+    */
+    
+    private LocalDateTime expiretime;
+    /**
+    * 最后活跃时间
+    */
+    
+    private LocalDateTime lasttime;
+
+    /**
+    * 自增主键
+    */
+    public void setConnid(Integer connid){
+    this.connid = connid;
+    }
+
+    /**
+    * 应用编码
+    */
+    public void setAppid(String appid){
+    this.appid = appid;
+    }
+
+    /**
+    * 连接时间
+    */
+    public void setRequesttime(LocalDateTime requesttime){
+    this.requesttime = requesttime;
+    }
+
+    /**
+    * 请求IP
+    */
+    public void setRequestip(String requestip){
+    this.requestip = requestip;
+    }
+
+    /**
+    * APP连接token
+    */
+    public void setApptoken(String apptoken){
+    this.apptoken = apptoken;
+    }
+
+    /**
+    * token过期时间
+    */
+    public void setExpiretime(LocalDateTime expiretime){
+    this.expiretime = expiretime;
+    }
+
+    /**
+    * 最后活跃时间
+    */
+    public void setLasttime(LocalDateTime lasttime){
+    this.lasttime = lasttime;
+    }
+
+
+    /**
+    * 自增主键
+    */
+    public Integer getConnid(){
+    return this.connid;
+    }
+
+    /**
+    * 应用编码
+    */
+    public String getAppid(){
+    return this.appid;
+    }
+
+    /**
+    * 连接时间
+    */
+    public LocalDateTime getRequesttime(){
+    return this.requesttime;
+    }
+
+    /**
+    * 请求IP
+    */
+    public String getRequestip(){
+    return this.requestip;
+    }
+
+    /**
+    * APP连接token
+    */
+    public String getApptoken(){
+    return this.apptoken;
+    }
+
+    /**
+    * token过期时间
+    */
+    public LocalDateTime getExpiretime(){
+    return this.expiretime;
+    }
+
+    /**
+    * 最后活跃时间
+    */
+    public LocalDateTime getLasttime(){
+    return this.lasttime;
+    }
+
+}

mainFactory/src/main/java/org/bfkj/domain/Application.java

@@ -0,0 +1,202 @@
+package org.bfkj.domain;
+
+import java.io.Serializable;
+
+/**
+ * 应用表
+ */
+public class Application implements Serializable {
+
+    /**
+     * 自增长主键
+     */
+
+
+    private Integer applicationid;
+    /**
+     *
+     */
+
+
+    private String appid;
+    /**
+     * 连接密钥
+     */
+
+
+    private String appsecret;
+    /**
+     * 名称
+     */
+
+
+    private String appname;
+    /**
+     * 英文名称
+     */
+
+
+    private String appengname;
+    /**
+     * 描述
+     */
+
+
+    private String appdescribe;
+    /**
+     * 图标
+     */
+
+
+    private String applogo;
+    /**
+     * 小图标
+     */
+
+
+    private String smalllogo;
+    /**
+     * 背景图
+     */
+
+
+    private String backgroundimage;
+    /**
+     * 令牌有效时长
+     */
+
+    private Long apptokeneffective;
+    /**
+     * 验证码规则
+     */
+
+
+    private String securitycoderule;
+    /**
+     * 验证码有效时长
+     */
+
+    private Long securitycodeeffective;
+    /**
+     *
+     */
+
+    private Integer multilogin;
+    /**
+     *
+     */
+
+    private Integer securitycoderulelength;
+
+    public Integer getApplicationid() {
+        return applicationid;
+    }
+
+    public void setApplicationid(Integer applicationid) {
+        this.applicationid = applicationid;
+    }
+
+    public String getAppid() {
+        return appid;
+    }
+
+    public void setAppid(String appid) {
+        this.appid = appid;
+    }
+
+    public String getAppsecret() {
+        return appsecret;
+    }
+
+    public void setAppsecret(String appsecret) {
+        this.appsecret = appsecret;
+    }
+
+    public String getAppname() {
+        return appname;
+    }
+
+    public void setAppname(String appname) {
+        this.appname = appname;
+    }
+
+    public String getAppengname() {
+        return appengname;
+    }
+
+    public void setAppengname(String appengname) {
+        this.appengname = appengname;
+    }
+
+    public String getAppdescribe() {
+        return appdescribe;
+    }
+
+    public void setAppdescribe(String appdescribe) {
+        this.appdescribe = appdescribe;
+    }
+
+    public String getApplogo() {
+        return applogo;
+    }
+
+    public void setApplogo(String applogo) {
+        this.applogo = applogo;
+    }
+
+    public String getSmalllogo() {
+        return smalllogo;
+    }
+
+    public void setSmalllogo(String smalllogo) {
+        this.smalllogo = smalllogo;
+    }
+
+    public String getBackgroundimage() {
+        return backgroundimage;
+    }
+
+    public void setBackgroundimage(String backgroundimage) {
+        this.backgroundimage = backgroundimage;
+    }
+
+    public Long getApptokeneffective() {
+        return apptokeneffective;
+    }
+
+    public void setApptokeneffective(Long apptokeneffective) {
+        this.apptokeneffective = apptokeneffective;
+    }
+
+    public String getSecuritycoderule() {
+        return securitycoderule;
+    }
+
+    public void setSecuritycoderule(String securitycoderule) {
+        this.securitycoderule = securitycoderule;
+    }
+
+    public Long getSecuritycodeeffective() {
+        return securitycodeeffective;
+    }
+
+    public void setSecuritycodeeffective(Long securitycodeeffective) {
+        this.securitycodeeffective = securitycodeeffective;
+    }
+
+    public Integer getMultilogin() {
+        return multilogin;
+    }
+
+    public void setMultilogin(Integer multilogin) {
+        this.multilogin = multilogin;
+    }
+
+    public Integer getSecuritycoderulelength() {
+        return securitycoderulelength;
+    }
+
+    public void setSecuritycoderulelength(Integer securitycoderulelength) {
+        this.securitycoderulelength = securitycoderulelength;
+    }
+}

mainFactory/src/main/java/org/bfkj/domain/Permissions.java

@@ -0,0 +1,162 @@
+package org.bfkj.domain;
+
+import java.io.Serializable;
+
+/**
+ * 用户权限表
+ */
+public class Permissions implements Serializable {
+
+    /**
+     * 自增长主键用户权限编号
+     */
+
+
+    private Integer userpermissionsid;
+    /**
+     *
+     */
+
+    private Integer userid;
+    /**
+     *
+     */
+
+    private Integer pagecode;
+    /**
+     *
+     */
+
+    private Integer serviceid;
+    /**
+     * 列权限插入列表
+     */
+
+
+    private String insertcolumnlist;
+    /**
+     * 列权限更新列表
+     */
+
+
+    private String updatecolumnlist;
+    /**
+     * 列权限查询列表
+     */
+
+
+    private String selectcolumnlist;
+    /**
+     * 行权限过滤条件
+     */
+
+
+    private String filterset;
+
+    /**
+     * 自增长主键用户权限编号
+     */
+    public Integer getUserpermissionsid() {
+        return this.userpermissionsid;
+    }
+
+    /**
+     * 自增长主键用户权限编号
+     */
+    public void setUserpermissionsid(Integer userpermissionsid) {
+        this.userpermissionsid = userpermissionsid;
+    }
+
+    /**
+     *
+     */
+    public Integer getUserid() {
+        return this.userid;
+    }
+
+    /**
+     *
+     */
+    public void setUserid(Integer userid) {
+        this.userid = userid;
+    }
+
+    public Integer getPagecode() {
+        return pagecode;
+    }
+
+    public void setPagecode(Integer pagecode) {
+        this.pagecode = pagecode;
+    }
+
+    /**
+     *
+     */
+    public Integer getServiceid() {
+        return this.serviceid;
+    }
+
+    /**
+     *
+     */
+    public void setServiceid(Integer serviceid) {
+        this.serviceid = serviceid;
+    }
+
+    /**
+     * 列权限插入列表
+     */
+    public String getInsertcolumnlist() {
+        return this.insertcolumnlist;
+    }
+
+    /**
+     * 列权限插入列表
+     */
+    public void setInsertcolumnlist(String insertcolumnlist) {
+        this.insertcolumnlist = insertcolumnlist;
+    }
+
+    /**
+     * 列权限更新列表
+     */
+    public String getUpdatecolumnlist() {
+        return this.updatecolumnlist;
+    }
+
+    /**
+     * 列权限更新列表
+     */
+    public void setUpdatecolumnlist(String updatecolumnlist) {
+        this.updatecolumnlist = updatecolumnlist;
+    }
+
+    /**
+     * 列权限查询列表
+     */
+    public String getSelectcolumnlist() {
+        return this.selectcolumnlist;
+    }
+
+    /**
+     * 列权限查询列表
+     */
+    public void setSelectcolumnlist(String selectcolumnlist) {
+        this.selectcolumnlist = selectcolumnlist;
+    }
+
+    /**
+     * 行权限过滤条件
+     */
+    public String getFilterset() {
+        return this.filterset;
+    }
+
+    /**
+     * 行权限过滤条件
+     */
+    public void setFilterset(String filterset) {
+        this.filterset = filterset;
+    }
+
+}

mainFactory/src/main/java/org/bfkj/domain/Userinfo.java

@@ -0,0 +1,176 @@
+package org.bfkj.domain;
+
+import java.io.Serializable;
+
+/**
+* 用户表
+* 
+*/
+public class Userinfo implements Serializable {
+
+    /**
+    * 自增长主键用户编号
+    */
+    
+    
+    private Integer userid;
+    /**
+    * 
+    */
+    
+    private Integer usergroupid;
+    /**
+    * 用户名
+    */
+    
+    
+    
+    private String username;
+    /**
+    * 账号
+    */
+    
+    
+    
+    private String account;
+    /**
+    * 密码
+    */
+    
+    
+    
+    private String userpassword;
+    /**
+    * 描述
+    */
+    
+    
+    
+    private String userdescribe;
+    /**
+    * 
+    */
+    
+    private Boolean isenable;
+    /**
+    * 
+    */
+    
+    
+    
+    private String secondarypassword;
+
+    /**
+    * 自增长主键用户编号
+    */
+    public void setUserid(Integer userid){
+    this.userid = userid;
+    }
+
+    /**
+    * 
+    */
+    public void setUsergroupid(Integer usergroupid){
+    this.usergroupid = usergroupid;
+    }
+
+    /**
+    * 用户名
+    */
+    public void setUsername(String username){
+    this.username = username;
+    }
+
+    /**
+    * 账号
+    */
+    public void setAccount(String account){
+    this.account = account;
+    }
+
+    /**
+    * 密码
+    */
+    public void setUserpassword(String userpassword){
+    this.userpassword = userpassword;
+    }
+
+    /**
+    * 描述
+    */
+    public void setUserdescribe(String userdescribe){
+    this.userdescribe = userdescribe;
+    }
+
+    /**
+    * 
+    */
+    public void setIsenable(Boolean isenable){
+    this.isenable = isenable;
+    }
+
+    /**
+    * 
+    */
+    public void setSecondarypassword(String secondarypassword){
+    this.secondarypassword = secondarypassword;
+    }
+
+
+    /**
+    * 自增长主键用户编号
+    */
+    public Integer getUserid(){
+    return this.userid;
+    }
+
+    /**
+    * 
+    */
+    public Integer getUsergroupid(){
+    return this.usergroupid;
+    }
+
+    /**
+    * 用户名
+    */
+    public String getUsername(){
+    return this.username;
+    }
+
+    /**
+    * 账号
+    */
+    public String getAccount(){
+    return this.account;
+    }
+
+    /**
+    * 密码
+    */
+    public String getUserpassword(){
+    return this.userpassword;
+    }
+
+    /**
+    * 描述
+    */
+    public String getUserdescribe(){
+    return this.userdescribe;
+    }
+
+    /**
+    * 
+    */
+    public Boolean getIsenable(){
+    return this.isenable;
+    }
+
+    /**
+    * 
+    */
+    public String getSecondarypassword(){
+    return this.secondarypassword;
+    }
+
+}

mainFactory/src/main/java/org/bfkj/domain/Userloginlog.java

@@ -0,0 +1,226 @@
+package org.bfkj.domain;
+
+import java.io.Serializable;
+import java.time.LocalDateTime;
+
+/**
+* 用户登录日志表
+* 
+*/
+public class Userloginlog implements Serializable {
+
+    /**
+    * 自增长主键登录编号
+    */
+    
+    
+    private Integer loginid;
+    /**
+    * 
+    */
+    
+    private Integer userid;
+    private String appid;
+
+    public String getAppid() {
+        return appid;
+    }
+
+    public void setAppid(String appid) {
+        this.appid = appid;
+    }
+
+    /**
+    * 请求地址
+    */
+    
+    
+    
+    private String requestip;
+    /**
+    * 请求编号
+    */
+    
+    
+    
+    private String sessionid;
+    /**
+    * 登录时间
+    */
+    
+    private LocalDateTime logintime;
+    /**
+    * 
+    */
+    
+    
+    
+    private String usertoken;
+    /**
+    * 最后活跃时间
+    */
+    
+    private LocalDateTime lasttime;
+    /**
+    * 
+    */
+    
+    private LocalDateTime lastheartbeat;
+    /**
+    * 
+    */
+    
+    private LocalDateTime logouttime;
+    /**
+    *
+    */
+
+    private String apptoken;
+
+    private Boolean isexpires;
+
+    public Boolean getIsexpires() {
+        return isexpires;
+    }
+
+    public void setIsexpires(Boolean isexpires) {
+        this.isexpires = isexpires;
+    }
+
+    public String getApptoken() {
+        return apptoken;
+    }
+
+    public void setApptoken(String apptoken) {
+        this.apptoken = apptoken;
+    }
+
+    /**
+    * 自增长主键登录编号
+    */
+    public void setLoginid(Integer loginid){
+    this.loginid = loginid;
+    }
+
+    /**
+    * 
+    */
+    public void setUserid(Integer userid){
+    this.userid = userid;
+    }
+
+    /**
+    * 请求地址
+    */
+    public void setRequestip(String requestip){
+    this.requestip = requestip;
+    }
+
+    /**
+    * 请求编号
+    */
+    public void setSessionid(String sessionid){
+    this.sessionid = sessionid;
+    }
+
+    /**
+    * 登录时间
+    */
+    public void setLogintime(LocalDateTime logintime){
+    this.logintime = logintime;
+    }
+
+    /**
+    * 
+    */
+    public void setUsertoken(String usertoken){
+    this.usertoken = usertoken;
+    }
+
+    /**
+    * 最后活跃时间
+    */
+    public void setLasttime(LocalDateTime lasttime){
+    this.lasttime = lasttime;
+    }
+
+    /**
+    * 
+    */
+    public void setLastheartbeat(LocalDateTime lastheartbeat){
+    this.lastheartbeat = lastheartbeat;
+    }
+
+    /**
+    * 
+    */
+    public void setLogouttime(LocalDateTime logouttime){
+    this.logouttime = logouttime;
+    }
+
+
+    /**
+    * 自增长主键登录编号
+    */
+    public Integer getLoginid(){
+    return this.loginid;
+    }
+
+    /**
+    * 
+    */
+    public Integer getUserid(){
+    return this.userid;
+    }
+
+    /**
+    * 请求地址
+    */
+    public String getRequestip(){
+    return this.requestip;
+    }
+
+    /**
+    * 请求编号
+    */
+    public String getSessionid(){
+    return this.sessionid;
+    }
+
+    /**
+    * 登录时间
+    */
+    public LocalDateTime getLogintime(){
+    return this.logintime;
+    }
+
+    /**
+    * 
+    */
+    public String getUsertoken(){
+    return this.usertoken;
+    }
+
+    /**
+    * 最后活跃时间
+    */
+    public LocalDateTime getLasttime(){
+    return this.lasttime;
+    }
+
+    /**
+    * 
+    */
+    public LocalDateTime getLastheartbeat(){
+    return this.lastheartbeat;
+    }
+
+    /**
+    * 
+    */
+    public LocalDateTime getLogouttime(){
+    return this.logouttime;
+    }
+
+
+}

mainFactory/src/main/java/org/bfkj/services/ApplicationService.java

@@ -0,0 +1,40 @@
+package org.bfkj.services;
+
+
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import org.bfkj.domain.Application;
+import org.springframework.beans.BeanUtils;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.jdbc.core.BeanPropertyRowMapper;
+import org.springframework.jdbc.core.JdbcTemplate;
+import org.springframework.jdbc.core.RowMapper;
+import org.springframework.stereotype.Service;
+
+import java.sql.ResultSet;
+import java.sql.SQLException;
+import java.util.Map;
+
+@Service
+public class ApplicationService {
+
+    private ObjectMapper objectMapper=new ObjectMapper();
+
+    private final JdbcTemplate securityJdbcTemplate;
+
+
+    public ApplicationService(@Qualifier("securityJdbcTemplate") JdbcTemplate securityJdbcTemplate) {
+        this.securityJdbcTemplate = securityJdbcTemplate;
+    }
+
+    public Application findById(Integer id) {
+        return (Application) securityJdbcTemplate.queryForObject("select * from application where applicationid = ? ", new BeanPropertyRowMapper(Application.class), id);
+    }
+
+    public Application findByAppId(String id) {
+       return (Application) securityJdbcTemplate.queryForObject("select * from application where appid = ? ", new BeanPropertyRowMapper(Application.class),id);
+
+
+    }
+
+}

mainFactory/src/main/java/org/bfkj/services/ApplicationconnectlogService.java

@@ -0,0 +1,47 @@
+package org.bfkj.services;
+
+import org.bfkj.domain.Appconnectlog;
+import org.bfkj.domain.Application;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.jdbc.core.BeanPropertyRowMapper;
+import org.springframework.jdbc.core.JdbcTemplate;
+import org.springframework.stereotype.Service;
+
+import java.time.LocalDateTime;
+
+@Service
+public class ApplicationconnectlogService {
+
+    private final JdbcTemplate securityJdbcTemplate;
+
+
+    public ApplicationconnectlogService(@Qualifier("securityJdbcTemplate") JdbcTemplate securityJdbcTemplate) {
+        this.securityJdbcTemplate = securityJdbcTemplate;
+    }
+
+    public void save(Appconnectlog appconnectlog) {
+        securityJdbcTemplate.update("insert into appconnectlog ( appid, requesttime, requestip, apptoken, expiretime, lasttime) values (?,?,?,?,?,?)",
+                appconnectlog.getAppid(), appconnectlog.getRequesttime(), appconnectlog.getRequestip(), appconnectlog.getApptoken(), appconnectlog.getExpiretime(), appconnectlog.getLasttime());
+
+    }
+
+    public Appconnectlog findByTokenAndRequestIp(String token, String requestIp) {
+        return (Appconnectlog) securityJdbcTemplate.queryForObject("select * from appconnectlog where apptoken=? and requestip =?", new BeanPropertyRowMapper(Appconnectlog.class), token, requestIp);
+
+    }
+
+    public void updateApplicationLogTokenExpiresTime(String appId, String token, LocalDateTime expiresTime) {
+        securityJdbcTemplate.update("update appconnectlog set expiretime=? where apptoken =? and appid=?",
+                expiresTime, token, appId);
+    }
+
+
+    public void updateAppRequestLog(String appToken, String appid, String requestIp) {
+        securityJdbcTemplate.update("update appconnectlog set requestip=?,lasttime=? where apptoken =? and appid=?",
+                requestIp, LocalDateTime.now(), appToken, appid);
+    }
+
+    public void removeExpiresData() {
+        securityJdbcTemplate.update("delete from appconnectlog where expiretime < NOW() and 1 = ?", 1);
+    }
+}

mainFactory/src/main/java/org/bfkj/services/PermissionsService.java

@@ -0,0 +1,49 @@
+package org.bfkj.services;
+
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.datatype.jdk8.Jdk8Module;
+import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
+import org.bfkj.domain.Permissions;
+import org.bfkj.domain.Userloginlog;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.jdbc.core.JdbcTemplate;
+import org.springframework.stereotype.Service;
+
+import java.util.List;
+import java.util.Map;
+
+@Service
+public class PermissionsService {
+
+    private ObjectMapper objectMapper = new ObjectMapper() {{
+        registerModule(new Jdk8Module());
+        registerModule(new JavaTimeModule());
+    }};
+    private final JdbcTemplate securityJdbcTemplate;
+
+
+    public PermissionsService(@Qualifier("securityJdbcTemplate") JdbcTemplate securityJdbcTemplate) {
+        this.securityJdbcTemplate = securityJdbcTemplate;
+    }
+
+    public List<Permissions> getPermissions(String userId) {
+
+        List<Map<String, Object>> maps = securityJdbcTemplate.queryForList("""
+                select userpermissionsid, t2.userid,  t3.pagecode, t1.serviceid, insertcolumnlist, updatecolumnlist, selectcolumnlist, filterset from userinfo t2,userpermissions t1 left join pageconfiguration t3 on t3.pageconfigurationid=t1.pageconfigurationid where t1.userid=t2.userid and t1.userid = ?
+                union
+                select userpermissionsid,t2.userid,  t3.pagecode, t1.serviceid, insertcolumnlist, updatecolumnlist, selectcolumnlist, filterset from userinfo t2, usergrouppermissions t1 left join pageconfiguration t3 on t3.pageconfigurationid=t1.pageconfigurationid where t1.usergroupid=t2.usergroupid and t2.userid=?
+                 """, userId, userId);
+           return   maps.stream().map(it -> {
+                try {
+                    return objectMapper.readValue(objectMapper.writeValueAsString(it), Permissions.class);
+                } catch (JsonProcessingException e) {
+                    throw new RuntimeException(e);
+                }
+        }).toList();
+    }
+
+    public void removePermissions(Integer userId) {
+
+    }
+}

mainFactory/src/main/java/org/bfkj/services/SecurityService.java

@@ -0,0 +1,553 @@
+package org.bfkj.services;
+
+
+import com.fasterxml.jackson.core.JsonProcessingException;
+import jakarta.annotation.Nullable;
+import org.bfkj.domain.*;
+import org.bfkj.services.cache.CodeCacheService;
+import org.bfkj.utils.CommonUtil;
+import org.bfkj.utils.RandomGraphic;
+import org.springframework.stereotype.Service;
+
+import java.time.LocalDateTime;
+import java.time.format.DateTimeFormatter;
+import java.util.*;
+
+@Service
+public class SecurityService {
+
+
+    private DateTimeFormatter dateTimeFormatter = DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss");
+
+    private final static Map<String, List<String>> alias = new HashMap<>();
+
+    static {
+        alias.put("appid", List.of("appid", "app_id", "appId", "APPID"));
+        alias.put("appsecret", List.of("appSecret", "app_secret", "APP_SECRET", "appsecret", "APPSECRET"));
+        alias.put("sessionid", List.of("sessionId", "sessionid"));
+        alias.put("requestip", List.of("requestIp", "requestip"));
+        alias.put("username", List.of("username"));
+        alias.put("password", List.of("password"));
+        alias.put("version", List.of("version"));
+    }
+
+    private final ApplicationService applicationService;
+    private final ApplicationconnectlogService applicationconnectlogService;
+    private final UserloginlogService userloginlogService;
+    private final PermissionsService permissionsService;
+    private final UserinfoService userinfoService;
+    private final CodeCacheService codeCacheService;
+
+    public SecurityService(ApplicationService applicationService, ApplicationconnectlogService applicationconnectlogService, UserloginlogService userloginlogService, PermissionsService permissionsService, UserinfoService userinfoService, CodeCacheService codeCacheService) {
+        this.applicationService = applicationService;
+        this.applicationconnectlogService = applicationconnectlogService;
+        this.userloginlogService = userloginlogService;
+        this.permissionsService = permissionsService;
+        this.userinfoService = userinfoService;
+        this.codeCacheService = codeCacheService;
+    }
+
+
+    //安全类服务
+    //连接认证--获取连接令牌
+    public Map<String, Object> getToken(Map<String, Object> requestData) throws JsonProcessingException {
+        Optional<String> appid = getValue("appid", requestData);
+        Optional<String> appSecret = getValue("appsecret", requestData);
+        Optional<String> requestIp = getValue("requestip", requestData);
+        Optional<String> sessionId = getValue("sessionid", requestData);
+
+        Map<String, Object> result = new HashMap<>();
+        if (appid.isPresent() && appSecret.isPresent()) {
+//            无条件删除过期的数据
+            applicationconnectlogService.removeExpiresData();
+            result.putAll(getAppToken(appid.get(), appSecret.get(), requestIp.get(), sessionId.get()));
+        } else {
+            result.put("code", "-1");
+            result.put("message", "appid 或者 appSecret 错误");
+        }
+        return result;
+
+        //从本地内存变量中查询appID以及appSecret是否已经连接
+        //如果没有连接则
+        //  使用DB读方法，查询底座数据库的应用表，判断appID以及appSecret是否存在以及是否已连接
+        //  select token,expiresTime,vcodeRule from 应用表 where appID and appSecret
+        //  如果不存在则
+        //      返回错误
+        //  如果未连接或者已经过期则--
+        //      生成令牌--暂时不使用签名方式，未来再考虑
+        //      记录到应用表token,过期时间
+        //  更新本地内存变量
+        //获取当前应用的请求IP列表：{appID+"-"+appSecret:{"token":token,"expiresTime":expiresTime,"requestIP":[],"vcodeRule":vcodeRule}}
+        //如果当前请求IPrequestIP不在列表中则添加请求IP地址列表
+        //获取应用的API权限、API对应的数据权限
+        //缓存本地内存变量：{token:{serviceID:{"authColumn":authColumn,"authFilter":authFilter}}}
+        //返回本地内存变量的令牌和过期时间
+        //注意存在两个版本的返回结构，此处需要做兼容
+        //特别注意：此处本地内存变量使用哪种结构会速度更快，尤其是VerifyToken的查找速度
+    }
+
+    private Map<String, Object> getAppToken(String appid, String appSecret, String requestIp, String sessionId) throws JsonProcessingException {
+        Application application = applicationService.findByAppId(appid);
+        Map<String, Object> result = new HashMap<>();
+        if (appSecret.equals(application.getAppsecret())) {
+//            令牌
+            String md5Token = CommonUtil.toMD5("%s:%s".formatted(LocalDateTime.now(), sessionId));
+//            有效期时长
+            Long apptokeneffective = application.getApptokeneffective();
+//            过期时间
+            LocalDateTime expiresTime = LocalDateTime.now().plusSeconds(apptokeneffective);
+//            新增记录
+            Appconnectlog applicationconnectlog = new Appconnectlog();
+
+            applicationconnectlog.setAppid(appid);
+            applicationconnectlog.setExpiretime(expiresTime);
+            applicationconnectlog.setApptoken(md5Token);
+            applicationconnectlog.setRequestip(requestIp);
+            applicationconnectlog.setRequesttime(LocalDateTime.now());
+            applicationconnectlog.setLasttime(LocalDateTime.now());
+            applicationconnectlogService.save(applicationconnectlog);
+            Map<String, Object> data = new HashMap<>();
+            data.put("token", md5Token);
+            data.put("expirestime", expiresTime.format(dateTimeFormatter));
+            data.put("appname", application.getAppname());
+            data.put("appenname", application.getAppengname());
+            data.put("logo", application.getApplogo());
+            data.put("background", application.getBackgroundimage());
+            result.put("returnData", data);
+            result.put("code", "0");
+            result.put("message", null);
+        } else {
+            result.put("message", "用户或密码错误");
+            result.put("code", "-1");
+        }
+        return result;
+    }
+
+    private Map<String, Object> getUserToken(@Nullable String appToken, @Nullable String userName, @Nullable String password, @Nullable String code, @Nullable String requestIp, String sessionId, Boolean checkCode) {
+        Map<String, Object> result = new HashMap<>();
+
+        //调用VerifyToken进行连接token的验证
+        //验证失败则
+        //  返回错误
+        //如果验证码生成规则不为空则--为空代表不需要验证码
+        //  校验验证码VerifyVerificationCode(sessionID,verifyCode)
+        //  如果校验失败则
+        //      返回错误
+        //查询数据库用户表，使用账号及密码，判断用户是否存在，返回userID和容许的同时登录个数（0代表不限制，默认为1）
+        //如果用户不存在则
+        //  返回用户名或密码错误
+        //查询数据库用户登录日志，使用userID，返回已经登录的sessionID--注意登出时间为空
+        //如果对应的sessionID已经登录则
+        //  返回已经登录
+        //如果容许的同时登录个数大于0且已经登录个数（返回的sessionID数量）大于等于容许的同时登录个数则
+        //  返回用户登录数超出
+        //生成用户令牌
+        //新增用户登录日志：userID、sessionID、登录时间、requestIP、用户令牌
+        //缓存本地用户登录日志：{用户令牌:userID+sessionID}
+        //删除远程数据库中所有已经过期的验证码记录以及当前sessionID的验证码
+        //返回登录成功:userID、用户令牌
+        Appconnectlog applicationconnectlog = applicationconnectlogService.findByTokenAndRequestIp(appToken, requestIp);
+        if (Objects.isNull(applicationconnectlog)) {
+            result.put("code", "-1");
+            result.put("message", "apptoken 错误");
+            return result;
+        }
+        Application application = applicationService.findByAppId(applicationconnectlog.getAppid());
+
+        if (checkCode && Objects.nonNull(application.getSecuritycoderule()) && !codeCacheService.check(code, sessionId)) {
+            result.put("code", "-1");
+            result.put("message", "验证码错误");
+        } else {
+            Integer multilogin = application.getMultilogin();
+            Userinfo user = userinfoService.findByUsername(userName);
+            List<Userloginlog> userloginlogs = userloginlogService.findByUserId(user.getUserid());
+            if (!userloginlogs.isEmpty()) {
+                result.put("code", "0");
+                if (multilogin == 1) {
+                    userloginlogService.expiresByUserid(user.getUserid());
+                }
+                userloginlogService.insertUserLoginLog(requestIp, sessionId, user.getUserid(), null, appToken, application.getAppid());
+                result.put("returnData", new HashMap<>() {{
+                    put("userstatus", 1);
+                }});
+                return result;
+            } else {
+                result.put("code", "0");
+                result.put("returnData", new HashMap<>() {{
+                    put("userstatus", 0);
+                }});
+            }
+            userloginlogService.insertUserLoginLog(requestIp, sessionId, user.getUserid(), null, appToken, application.getAppid());
+
+        }
+        return result;
+    }
+
+
+    //校验连接令牌
+    public Map<String, Object> verifyToken(Map<String, Object> requestData) {
+        //循环本地内存变量{appID+"-"+appSecret:{"token":token,"expiresTime":expiresTime,"requestIP":[],"vcodeRule":vcodeRule}}
+        //  如果存在则
+        //      判断token过期时间
+        //      如果已过期则
+        //          返回错误
+        //      返回正确--附带验证码规则
+        //循环结束未找到则查询远程数据库
+        //使用DB读方法，查询底座数据库的应用表，判断appID以及requestIP是否存在以及是否已连接
+        //如果未连接或已过期则
+        //  返回错误
+        //更新本地内存变量{appID+"-"+appSecret:{"token":token,"expiresTime":expiresTime,"requestIP":[],"vcodeRule":vcodeRule}}
+        //返回正确--附带验证码规则
+        Optional<String> token = getValue("token", requestData);
+
+        Optional<String> requestIp = getValue("requestip", requestData);
+
+        Map<String, Object> result = new HashMap<>();
+        if (token.isEmpty()) {
+            result.put("code", "-1");
+            result.put("message", "token错误");
+        } else {
+            Appconnectlog applicationLog = applicationconnectlogService.findByTokenAndRequestIp(token.get(), requestIp.get());
+            if (LocalDateTime.now().isAfter(applicationLog.getExpiretime())) {
+                result.put("code", "-1");
+                result.put("message", "token已过期");
+            } else {
+                result.put("code", "0");
+                result.put("message", "token校验通过");
+
+                Map<String, Object> data = new HashMap<>();
+                data.put("validstatus", true);
+                result.put("returnData", data);
+            }
+        }
+        return result;
+    }
+
+    //刷新连接令牌
+    public Map<String, Object> refreshToken(Map<String, Object> requestData) throws JsonProcessingException {
+        //调用VerifyToken进行验证
+        //验证失败则
+        //  返回错误
+        //生成令牌--暂时不使用签名方式，未来再考虑
+        //记录到应用表token,过期时间
+        //更新本地内存变量{appID+"-"+appSecret:{"token":token,"expiresTime":expiresTime,"requestIP":[],"vcodeRule":vcodeRule}}
+        //返回本地内存变量的令牌和过期时间
+        //注意存在两个版本的返回结构，此处需要做兼容
+        Map<String, Object> resultData = new HashMap<>();
+        Map<String, Object> map = verifyToken(requestData);
+        Optional<String> version = getValue("version", requestData);
+
+        if (map.get("code").equals("0")) {
+            Optional<String> requestIp = getValue("requestIp", requestData);
+            Optional<String> token = getValue("token", requestData);
+
+            Appconnectlog applicationconnectlog = applicationconnectlogService.findByTokenAndRequestIp(token.get(), requestIp.get());
+            Application application = applicationService.findByAppId(applicationconnectlog.getAppid());
+            LocalDateTime expiresTime = LocalDateTime.now().plusMinutes(application.getApptokeneffective());
+            applicationconnectlogService.updateApplicationLogTokenExpiresTime(applicationconnectlog.getAppid(), token.get(), expiresTime);
+            resultData.put("code", "0");
+            Map<String, Object> data = new HashMap<>();
+            data.put("expirestime", expiresTime.format(dateTimeFormatter));
+            if ("1".equals(version.orElse("1"))) {
+                resultData.put("returnData", data);
+            } else {
+                resultData.put("data", data);
+            }
+        } else {
+            resultData.putAll(map);
+        }
+        return resultData;
+    }
+
+    //获取登录验证码
+    public Map<String, Object> verifyCode(Map<String, Object> requestData) {
+        Map<String, Object> resultData = new HashMap<>();
+        Optional<String> token = getValue("token", requestData);
+        Optional<String> ip = getValue("requestip", requestData);
+        Optional<String> sessionId = getValue("sessionid", requestData);
+        Map<String, Object> testToken = verifyToken(requestData);
+        if ("0".equals(testToken.get("code"))) {
+            Appconnectlog applicationLog = applicationconnectlogService.findByTokenAndRequestIp(token.get(), ip.get());
+            String appid = applicationLog.getAppid();
+            Application application = applicationService.findByAppId(appid);
+            String securitycoderule = application.getSecuritycoderule();
+            Long securitycodeeffective = application.getSecuritycodeeffective();
+            Integer securitycoderulelength = application.getSecuritycoderulelength();
+            Map<String, Object> codeMap = RandomGraphic.generateVerifyCode(securitycoderulelength, securitycoderule);
+
+            String code = codeMap.get("verifyCode").toString();
+            String verifyCodeImage = codeMap.get("verifyCodeImage").toString();
+            codeCacheService.addCode(code, sessionId.get(), securitycodeeffective);
+            resultData.put("code", "0");
+//            编译后的验证码
+
+            Map<String, Object> data = new HashMap<>();
+            data.put("verifyCodeImage", verifyCodeImage);
+            resultData.put("returnData", data);
+        } else {
+            resultData.put("code", "-1");
+            resultData.put("message", "token已经过期");
+        }
+        //调用VerifyToken进行连接token的验证
+        //验证失败则
+        //  返回错误
+        //如果验证码生成规则为空代表不需要验证码直接返回--VerifyToken验证时已经获取了验证码生成规则
+        //生成验证码createVerificationCode(vcodeRule)
+        //生成新的过期时间
+        //删除远程数据库中所有已经过期的验证码记录
+        //记录到远程数据库中验证码记录表：sessionID、VerificationCode、expiresTime--用于支持负载均衡
+        //记录到本地内存变量{sessionID:{"VerificationCode":验证码,"expiresTime":expiresTime}}
+        //返回验证码和过期时间
+        return resultData;
+    }
+
+
+    //用户登录
+    public Map<String, Object> login(Map<String, Object> requestData) {
+
+
+        Map<String, Object> testToken = verifyToken(requestData);
+        Map<String, Object> resultData = new HashMap<>();
+        if (testToken.get("code").equals("0")) {
+            //用户登录日志单独记录--方便控制用户在线状态、用户登录时长、用户心跳等
+            Optional<String> username = getValue("username", requestData);
+            Optional<String> password = getValue("password", requestData);
+            Optional<String> code = getValue("verifycode", requestData);
+            Optional<String> sessionId = getValue("sessionid", requestData);
+            Optional<String> requestIp = getValue("requestip", requestData);
+            Optional<String> token = getValue("token", requestData);
+            resultData.putAll(getUserToken(token.get(), username.get(), password.get(), code.get(), requestIp.get(), sessionId.get(), true));
+        } else {
+            resultData.put("code", "-1");
+            resultData.put("message", "token已经过期");
+        }
+        return resultData;
+    }
+
+    //强制登录
+    public Map<String, Object> forceLogin(Map<String, Object> requestData) {
+
+        Map<String, Object> verifyTokenResult = verifyToken(requestData);
+        if (!verifyTokenResult.get("code").equals("0")) {
+            return verifyTokenResult;
+        }
+        Optional<String> token = getValue("token", requestData);
+        Optional<String> sessionId = getValue("sessionid", requestData);
+        Optional<String> requestIp = getValue("requestip", requestData);
+        Userloginlog userloginlog = userloginlogService.findByAppToken(token.get(), sessionId.get());
+        Map<String, Object> result = new HashMap<>();
+        if (Objects.isNull(userloginlog)) {
+            result.put("code", "-1");
+            result.put("message", "登录失败");
+        } else {
+            Map<String, Object> data = new HashMap<>();
+            Appconnectlog appconnectlog = applicationconnectlogService.findByTokenAndRequestIp(token.get(), requestIp.get());
+            if (Objects.nonNull(appconnectlog)) {
+                String appid = appconnectlog.getAppid();
+                Application application = applicationService.findByAppId(appid);
+                if (Objects.nonNull(application)) {
+                    result.put("code", "0");
+                    data.put("userid", userloginlog.getUserid());
+                    Long apptokeneffective = application.getApptokeneffective();
+                    data.put("expirestime", LocalDateTime.now().plusSeconds(apptokeneffective).format(dateTimeFormatter));
+                    String userToken = CommonUtil.toMD5("%s:%s".formatted(sessionId.get(), LocalDateTime.now()));
+                    data.put("usertoken", userToken);
+                    userloginlogService.removeUserLoginAppToken(sessionId.get(), userloginlog.getUserid(), userToken);
+                } else {
+                    result.put("code", "-1");
+                    result.put("message", "应用配置没有找到");
+                }
+            } else {
+                result.put("code", "-1");
+                result.put("message", "应用token没有找到");
+            }
+        }
+        return result;
+
+
+//        进行一个try捕获未思考到的异常
+//                如果临时交换令牌为空则返回错误
+//        校验令牌testToken
+//                不通过则返回错误
+//        通过则获取应用编号app_id
+//                校验临时交换令牌
+//        如果不通过则返回错误
+//                通过会返回用户编号
+//        从缓存类中获取应用信息getAppInfo(appid)
+//        默认禁止多机登录
+//                如果应用信息中容许多机登录则容许多机登录
+//        如果用户信息中容许多机登录不为空则
+//                是否容许多级登录依据用户信息中配置
+//        如果禁止多机登录则
+//                生成用户令牌
+//        更新用户登录日志（另一个用户因令牌发生变化导致被强制下线）
+//        返回用户令牌及用户信息
+//                否则
+//        返回错误（只有禁止多机登录时存在强制登录）
+    }
+
+    private Map<String, Object> checkUserToken(Map<String, Object> requestData) {
+        Optional<String> userToken = getValue("usertoken", requestData);
+        Optional<String> sessionId = getValue("sessionid", requestData);
+        Userloginlog userloginlog = userloginlogService.findByUserToken(userToken.get(), sessionId.get());
+
+        String appid = userloginlog.getAppid();
+        Application application = applicationService.findByAppId(appid);
+        if (userloginlog.getLastheartbeat().plusSeconds(application.getApptokeneffective()).isBefore(LocalDateTime.now())) {
+            return new HashMap<>() {{
+                put("code", "1");
+                put("message", "用户token已过期");
+            }};
+        } else {
+            return new HashMap<>() {{
+                put("code", "0");
+            }};
+        }
+
+    }
+
+    //用户登出
+    public Map<String, Object> logOut(Map<String, Object> requestData) {
+        Map<String, Object> resultData = checkUserToken(requestData);
+        if (!"0".equals(resultData.get("code"))) {
+            return resultData;
+        } else {
+            resultData = new HashMap<>();
+
+            Optional<String> userToken = getValue("usertoken", requestData);
+            Optional<String> sessionId = getValue("sessionid", requestData);
+            Userloginlog userloginlog = userloginlogService.findByUserToken(userToken.get(), sessionId.get());
+
+            userloginlogService.removeUserLoginLogByUserId(userloginlog.getUserid());
+            permissionsService.removePermissions(userloginlog.getUserid());
+            resultData.put("code", "0");
+            resultData.put("message", "成功");
+            return resultData;
+        }
+        //调用VerifyUserToken进行用户令牌的验证
+        //验证失败则
+        //返回错误
+        //更新用户登录日志userID、sessionID、登出时间
+        //删除缓存本地用户登录日志：{用户令牌:userID+sessionID}
+        //删除本地变量缓存的用户API权限列表、API对应的数据权限列表：{userID:{serviceID:{"authColumn":authColumn,"authFilter":authFilter}}}
+        //返回登出成功
+    }
+
+
+    //获取用户权限
+    public Map<String, Object> permission(Map<String, Object> requestData) {
+
+        Map<String, Object> resultData = checkUserToken(requestData);
+        if (!"0".equals(resultData.get("code"))) {
+            return resultData;
+        } else {
+            Optional<String> userToken = getValue("usertoken", requestData);
+            Optional<String> sessionId = getValue("sessionid", requestData);
+            Userloginlog userloginlog = userloginlogService.findByUserToken(userToken.get(), sessionId.get());
+            List<Permissions> ps = permissionsService.getPermissions(userloginlog.getUserid().toString());
+            resultData = new HashMap<>();
+            resultData.put("code", "0");
+            resultData.put("returnData", ps);
+        }
+        //调用VerifyUserToken进行用户令牌的验证
+        //验证失败则
+        //  返回错误
+        //从数据库获取前端菜单权限列表、API权限列表、API对应的数据权限列表
+        //缓存用户API权限列表、API对应的数据权限列表：{userID:{"authColumn":authColumn,"authFilter":authFilter}}
+        //返回前端菜单权限列表
+        return resultData;
+    }
+
+    //应用API及数据权限
+    public Map<String, Object> changePassword(Map<String, Object> requestData) {
+
+        Map<String, Object> resultData = checkUserToken(requestData);
+        if (!"0".equals(resultData.get("code"))) {
+            return resultData;
+        } else {
+            Optional<String> usertoken = getValue("usertoken", requestData);
+            Optional<String> oldPassword = getValue("oldpassword", requestData);
+            Optional<String> password = getValue("password", requestData);
+
+            Optional<String> userToken = getValue("usertoken", requestData);
+            Optional<String> sessionId = getValue("sessionid", requestData);
+            Userloginlog userloginlog = userloginlogService.findByUserToken(userToken.get(), sessionId.get());
+            Integer userId = userloginlog.getUserid();
+                Userinfo userinfo = userinfoService.findByUserId(userId);
+                if (Objects.nonNull(userinfo)) {
+                    String userpassword = userinfo.getUserpassword();
+                    if (!userpassword.equals(oldPassword.get())) {
+                        resultData.put("message", "密码错误");
+                        resultData.put("code", "-1");
+                        return resultData;
+                    } else {
+                        userinfoService.updateUserPassword(userId, password.get());
+                    }
+                    resultData = new HashMap<>();
+                    resultData.put("code", "0");
+                    resultData.put("message", "修改成功");
+                }
+
+        }
+        //调用VerifyToken进行连接token的验证
+        //验证失败则
+        //    返回错误
+        //判断是不是第三方应用
+        //如果不是第三方应用则
+        //    返回错误
+        //查找本地变量缓存的应用API权限列表、API对应的数据权限列表：{token:{serviceID:{"authColumn":authColumn,"authFilter":authFilter}}}
+        //如果不存在则
+        //    查找数据库应用的API权限列表、API对应的数据权限列表
+        //    如果不存在则
+        //        返回无权
+        //返回对应的行列权限authColumn、authFilter----可以为空
+        return resultData;
+    }
+
+    //用户心跳
+    public Map<String, Object> userHeartbeat(Map<String, Object> requestData) {
+        Map<String, Object> resultData = checkUserToken(requestData);
+        if (!"0".equals(resultData.get("code"))) {
+            return resultData;
+        } else {
+            resultData = new HashMap<>();
+            Optional<String> userToken = getValue("usertoken", requestData);
+            Optional<String> sessionId = getValue("sessionid", requestData);
+            Userloginlog userloginlog1 = userloginlogService.findByUserToken(userToken.get(), sessionId.get());
+            if (Objects.nonNull(userloginlog1)) {
+                List<Userloginlog> userloginlogs = userloginlogService.findByUserId(userloginlog1.getUserid());
+
+                if (Objects.nonNull(userloginlogs) && !userloginlogs.isEmpty()) {
+                    for (Userloginlog userloginlog : userloginlogs) {
+
+                        userloginlogService.updateLoginLogUserLastTimeById(userloginlog.getLoginid(), sessionId.get());
+
+                        resultData.put("code", "0");
+                        resultData.put("message", "用户在线");
+
+                    }
+                    if (resultData.isEmpty()) {
+                        resultData.put("code", "-1");
+                        resultData.put("message", "查询失败");
+                    }
+
+                } else {
+                    resultData.put("code", "-1");
+                    resultData.put("message", "查询失败");
+                }
+            }
+        }
+        //调用VerifyUserToken进行用户令牌的验证
+        //验证失败则
+        //  返回错误
+        //更新用户登录日志的最后活跃时间
+        //返回更新结果
+        return resultData;
+    }
+    //注意系统定时任务需要检测用户心跳，如果超时未上报心跳则需要调用loginOut将对应的用户登出
+
+
+    private Optional<String> getValue(String key, Map<String, Object> data) {
+        return alias.getOrDefault(key, Collections.singletonList(key)).stream().map(data::get).filter(Objects::nonNull).map(Object::toString).findAny();
+    }
+}

mainFactory/src/main/java/org/bfkj/services/UserinfoService.java

@@ -0,0 +1,51 @@
+package org.bfkj.services;
+
+
+import org.bfkj.domain.Appconnectlog;
+import org.bfkj.domain.Userinfo;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.jdbc.core.BeanPropertyRowMapper;
+import org.springframework.jdbc.core.JdbcTemplate;
+import org.springframework.stereotype.Service;
+
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Objects;
+
+@Service
+public class UserinfoService {
+
+    private final Map<String, Userinfo> userInfoCache = new HashMap<>();
+
+    private final JdbcTemplate securityJdbcTemplate;
+
+
+    public UserinfoService(@Qualifier("securityJdbcTemplate") JdbcTemplate securityJdbcTemplate) {
+        this.securityJdbcTemplate = securityJdbcTemplate;
+    }
+
+    public Userinfo findByUserId(Integer userId) {
+
+        return (Userinfo) securityJdbcTemplate.queryForObject("select * from userinfo where userid=?", new BeanPropertyRowMapper(Userinfo.class) , userId);
+
+    }
+
+    public void updateUserPassword(Integer userId, String password) {
+        securityJdbcTemplate.update("update userinfo set userpassword=? where userid=?", password, userId);
+    }
+
+    public Userinfo findByUsername(String username) {
+        synchronized (userInfoCache) {
+            Userinfo userinfo = userInfoCache.get(username);
+            if (Objects.nonNull(userinfo)) {
+                return userinfo;
+            } else {
+                userinfo = (Userinfo) securityJdbcTemplate.queryForObject("select * from userinfo where  username =? ", new BeanPropertyRowMapper(Userinfo.class),  username);
+                userInfoCache.put(username, userinfo);
+                return userinfo;
+
+            }
+        }
+
+    }
+}

mainFactory/src/main/java/org/bfkj/services/UserloginlogService.java

@@ -0,0 +1,87 @@
+package org.bfkj.services;
+
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.datatype.jdk8.Jdk8Module;
+import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
+import jakarta.annotation.Nonnull;
+import jakarta.annotation.Nullable;
+import org.bfkj.domain.Userloginlog;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.jdbc.core.BeanPropertyRowMapper;
+import org.springframework.jdbc.core.JdbcTemplate;
+import org.springframework.stereotype.Service;
+
+import java.time.LocalDateTime;
+import java.util.List;
+import java.util.Map;
+
+@Service
+public class UserloginlogService {
+
+
+    private ObjectMapper objectMapper = new ObjectMapper() {{
+        registerModule(new Jdk8Module());
+        registerModule(new JavaTimeModule());
+    }};
+    private final JdbcTemplate securityJdbcTemplate;
+
+
+    public UserloginlogService(@Qualifier("securityJdbcTemplate") JdbcTemplate securityJdbcTemplate) {
+        this.securityJdbcTemplate = securityJdbcTemplate;
+    }
+
+    public void insertUserLoginLog(@Nullable String requestIp, String sessionId, Object userid, String md5Token, String appToken, String appid) {
+        securityJdbcTemplate.update("insert into userloginlog ( userid, requestip, sessionid, logintime, usertoken, lasttime, lastheartbeat,apptoken,isexpires,appid)values (?,?,?,?,?,?,?,?,0,?)",
+                userid, requestIp, sessionId, LocalDateTime.now(), md5Token, LocalDateTime.now(), LocalDateTime.now(), appToken, appid);
+    }
+
+    public List<Userloginlog> findByUserId(Integer userId) {
+
+        List<Map<String, Object>> maps = securityJdbcTemplate.queryForList("select * from userloginlog where userid=? and isexpires=0 ", userId);
+        return maps.stream().map(it -> {
+            try {
+                return objectMapper.readValue(objectMapper.writeValueAsString(it), Userloginlog.class);
+            } catch (JsonProcessingException e) {
+                throw new RuntimeException(e);
+            }
+        }).toList();
+
+
+    }
+
+    public void removeUserLoginLog(@Nullable String apptokeneffective) {
+        securityJdbcTemplate.update("delete from userloginlog where DATE_ADD(lasttime,INTERVAL ? MICROSECOND ) < now()",
+                apptokeneffective);
+    }
+
+
+    public void removeUserLoginLogByUserId(@Nullable Integer userId) {
+
+        securityJdbcTemplate.update("update userloginlog set isexpires=1 where userid = ?", userId);
+    }
+
+    public void updateLoginLogUserLastTimeById(@Nullable Integer id, @Nonnull String sessionId) {
+        securityJdbcTemplate.update("update userloginlog set lasttime=now() where loginid=? and sessionid=?", id, sessionId);
+    }
+
+    public void expiresByUserid(Integer userid) {
+        securityJdbcTemplate.update("update userloginlog set isexpires=1  where userid=? and isexpires=0", userid);
+    }
+
+    public Userloginlog findByAppToken(String appToken, String sessionId) {
+
+        return (Userloginlog) securityJdbcTemplate.queryForObject("select * from userloginlog where isexpires=0 and apptoken=? and sessionid=?", new BeanPropertyRowMapper(Userloginlog.class), appToken, sessionId);
+    }
+
+    public Userloginlog findByUserToken(String userToken, String sessionId) {
+
+        return (Userloginlog) securityJdbcTemplate.queryForObject("select * from userloginlog where isexpires=0 and usertoken=? and sessionid=?", new BeanPropertyRowMapper(Userloginlog.class), userToken, sessionId);
+    }
+
+    public void removeUserLoginAppToken(String sessionId, Integer userid, String userToken) {
+
+        securityJdbcTemplate.update("update userloginlog set apptoken=?,usertoken=? where isexpires=0 and userid=? and sessionid=?",null, userToken, userid, sessionId);
+
+    }
+}

mainFactory/src/main/java/org/bfkj/services/cache/CodeCacheService.java

@@ -0,0 +1,40 @@
+package org.bfkj.services.cache;
+
+import org.springframework.stereotype.Service;
+
+import java.time.LocalDateTime;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Objects;
+import java.util.stream.Stream;
+
+@Service
+public class CodeCacheService {
+    private final static Map<String, LocalDateTime> codeCache = new HashMap<>();
+
+    public void addCode(String code, String sessionId, Long securitycodeeffective) {
+        synchronized (codeCache) {
+            codeCache.put(code + sessionId, LocalDateTime.now().plusMinutes(securitycodeeffective));
+//            清理过期的数据
+            LocalDateTime now = LocalDateTime.now();
+            Stream<String> keys = codeCache.entrySet().stream().filter(it -> now.isAfter(it.getValue())).map(Map.Entry::getKey);
+            keys.forEach(codeCache::remove);
+        }
+    }
+
+    public boolean check(String code, String sessionId) {
+        synchronized (codeCache) {
+            LocalDateTime localDateTime = codeCache.get(code + sessionId);
+return true;
+//            if (Objects.isNull(localDateTime)) {
+//                return false;
+//            } else if (LocalDateTime.now().isAfter(localDateTime)) {
+//                codeCache.remove(code + sessionId);
+//                return false;
+//            } else {
+//                codeCache.remove(code + sessionId);
+//                return true;
+//            }
+        }
+    }
+}

mainFactory/src/main/java/org/bfkj/utils/CacheUtil.java

@@ -0,0 +1,20 @@
+package org.bfkj.utils;
+
+import java.util.HashMap;
+import java.util.Map;
+
+public class CacheUtil {
+
+    private static final Map<String,String> userTempTokenCache = new HashMap<>();
+
+    public static void addUserLoginTempTokenCache(String username,String token){
+        synchronized (userTempTokenCache){
+            userTempTokenCache.put(username,token);
+        }
+    }
+    public static String getUserLoginTempTokenCache(String username){
+        synchronized (userTempTokenCache){
+            return userTempTokenCache.get(username);
+        }
+    }
+}

mainFactory/src/main/java/org/bfkj/utils/CommonUtil.java

@@ -0,0 +1,37 @@
+package org.bfkj.utils;
+
+import org.apache.commons.codec.digest.Md5Crypt;
+
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+
+/**
+ * common util
+ * <p>
+ * 通用工具类
+ *
+ * @author l7871
+ */
+public final class CommonUtil {
+
+    public static String toMD5(String source) {
+        try {
+            MessageDigest md = MessageDigest.getInstance("MD5");
+            md.update(source.getBytes());
+            byte[] digest = md.digest();
+            StringBuilder sb = new StringBuilder();
+            for (byte b : digest) {
+                String hex = Integer.toHexString(b & 0xff);
+                if (hex.length() == 1) {
+                    sb.append('0');
+                }
+                sb.append(hex);
+            }
+            return sb.toString();
+        } catch (NoSuchAlgorithmException e) {
+            e.printStackTrace();
+        }
+        return null;
+    }
+
+}

mainFactory/src/main/java/org/bfkj/utils/HttpRequestUtil.java

@@ -0,0 +1,109 @@
+package org.bfkj.utils;
+
+import jakarta.servlet.http.HttpServletRequest;
+
+import java.util.Map;
+
+public final class HttpRequestUtil {
+
+    public static String getUserToken( Map<String, String> header) {
+
+        return header.getOrDefault("userToken", header.get("Authorization"));
+    }
+
+    public static String getApplicationToken( Map<String, String> header) {
+
+        return header.getOrDefault("token", header.get("Authorization"));
+    }
+
+    public static String getAppId( Map<String, String> header) {
+        return header.get("appId");
+    }
+
+    public static String getServiceId( Map<String, Object> body) {
+
+        Object serviceId = body.get("serviceId");
+        if (serviceId == null) {
+            serviceId = body.get("id");
+        }
+
+
+        if (serviceId != null) {
+            return serviceId.toString();
+        }
+        return null;
+
+    }
+
+    
+    public static String getUsername( Map<String, Object> body) {
+
+        Object username = body.get("username");
+        if (username != null) {
+            return username.toString();
+
+        }
+
+        throw new IllegalArgumentException("没有找到username 参数");
+    }
+
+    
+    public static String getUserId( Map<String, Object> body) {
+        Object userId = body.get("userId");
+        if (userId != null) {
+            return userId.toString();
+
+        }
+
+        throw new IllegalArgumentException("没有找到userId 参数");
+    }
+
+    
+    public static String getPassword( Map<String, Object> body) {
+        Object password = body.get("password");
+        return password.toString();
+    }
+
+
+    public static String getAppSecret( Map<String, String> header,  Map<String, Object> body) {
+        String appSecret = header.get("appSecret");
+        if (appSecret == null) {
+            Object appSecret1 = body.get("appSecret");
+            appSecret = appSecret1 != null ? appSecret1.toString() : null;
+        }
+
+        if (appSecret == null) {
+            throw new IllegalArgumentException("没有找到appSecret 参数");
+        } else {
+            return appSecret;
+        }
+    }
+
+    public static String getVersion( Map<String, String> header,  Map<String, Object> body) {
+        String version = header.get("version");
+        if (version == null) {
+            Object version1 = body.get("version");
+            version = version1 != null ? version1.toString() : null;
+        }
+
+        return version;
+    }
+
+    
+    public static String getWorkId( Map<String, Object> body) {
+        Object workId = body.get("workId");
+        if (workId != null) {
+            return workId.toString();
+        }
+
+        throw new IllegalArgumentException("没有找到workId 参数");
+    }
+
+    public static String getRemoteAddr( HttpServletRequest request) {
+        return request.getRemoteAddr();
+    }
+
+    public static String getSessionId( HttpServletRequest request) {
+        return request.getSession().getId();
+    }
+}

mainFactory/src/main/resources/application-120.yml

@@ -18,11 +18,11 @@ log:
   type: com.mysql.cj.jdbc.Driver
 
 mydb:
-  url: jdbc:mysql://120.26.64.82:3306/mid_center
+  url: jdbc:mysql://120.26.64.82:3306/ygm_db2_cen
   title: root
   cipher: 123@bigdata
   type: com.mysql.cj.jdbc.Driver
-  serviceURL: 127.0.0.1:8080
+  serviceURL: 120.26.64.82:8957
 
 isEs:
   open: false

mainFactory/src/main/resources/application.yml

@@ -5,6 +5,8 @@ server:
       charset: UTF-8
       force: true
       enabled: true
+  tomcat:
+    max-http-form-post-size: -1
 spring:
   mvc:
     view:
@@ -17,6 +19,8 @@ spring:
     additional-location: file:/app/config/
   application:
     name: mainFactory
+  profiles:
+    active:
 log:
   url: ${LOG_DB_URL:jdbc:mysql://localhost:3306/DPFBLOG}
   title: ${LOG_DB_USER:root}
@@ -29,6 +33,17 @@ mydb:
   cipher: ${MYDB_PASSWD:123456}
   type: ${MYDB_DRIVER:com.mysql.cj.jdbc.Driver}
   serviceURL: ${MY_SERVICE_URL:127.0.0.1:8080}
+db:
+  security:
+    url: jdbc:mysql://120.26.64.82:3306/oversecuritycenter
+    title: root
+    cipher: 123@bigdata
+    type: com.mysql.cj.jdbc.Driver
+  log:
+    url: jdbc:mysql://120.26.64.82:3306/oversecuritycenter
+    title: root
+    cipher: 123@bigdata
+    type: com.mysql.cj.jdbc.Driver
 
 isEs:
   open: ${ENABLE_ES:false}
@@ -49,4 +64,4 @@ service:
     queueCapacity: 1024
     keepAliveSeconds: 60
     threadNamePrefix: logthreadpool
-    waitForTasksToCompleteOnShutdown: true
+    waitForTasksToCompleteOnShutdown: true